last executing test programs: 1.656654464s ago: executing program 2 (id=3630): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000200)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f00000001c0)={0x2, &(0x7f0000000000)=[{0x9c}, {0x6}]}, 0x8) 1.547740041s ago: executing program 2 (id=3633): socket(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x12}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0x6}, 0x48) bpf$BPF_GET_MAP_INFO(0x4, &(0x7f0000000100)={r1, 0xfffffffffffffea3, &(0x7f0000000080)}, 0x10) 1.507894951s ago: executing program 2 (id=3635): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000940)=ANY=[@ANYBLOB="340000003b0007010000000000000000037c00000c00e10008000b00040000001400018006000600880a0000080011"], 0x34}}, 0x0) 1.452558856s ago: executing program 2 (id=3637): futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x8, 0x0, 0x0, 0x0, 0x0) 669.31243ms ago: executing program 3 (id=3649): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'lo\x00'}) r1 = socket$packet(0x11, 0x2, 0x300) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) bind$packet(r1, &(0x7f00000000c0)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local}, 0x14) r4 = socket$netlink(0x10, 0x3, 0x0) writev(r4, &(0x7f0000000100)=[{&(0x7f00000000c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1) 579.962631ms ago: executing program 0 (id=3652): r0 = socket$inet(0x2, 0x3, 0x7b) connect$inet(r0, &(0x7f0000000940)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x30}}, 0x10) write(r0, 0x0, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x4040, 0x4) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/222, 0xde}], 0x1) 578.748595ms ago: executing program 3 (id=3653): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r0, 0xffffffffffffffff, 0x0) socket$inet(0x2, 0x3, 0x8) socket$inet6_mptcp(0xa, 0x1, 0x106) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') r2 = memfd_create(&(0x7f0000000680)='v\xa6\xf5lj6,r\xaf\xe8\x10/\xecg\xed\xe3h\x80\xb8!y6w\xda\xdd\xb9\nR\xe8@\x99\xb9\x8a\x0fZ\t\x90\x8bp\x10\x84\x86t\x8a\xba\xc6\xfb\xd2\f\xef&\xad\xa8M\xe8\b\xb0#\xac)\x81\x1e\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc\\\x11\x95\xf8\xe6\xa7\xc3\xbc\x18+\x92\x92N\a\xa7\x7fN\x9bL\xf8\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9d\x85\xea\x1a*\x1bC\xd8\x1c\xe8\x9bYSp\xa5\xfd\ny\xdfS\xdbU\xf8l\xb5b\x83\x00\x00\x00\x00\xfc\x83\x18\xe46\x8a\x029\x19\x8fjC\xce\xa7S\x81\xd5\xda\x84\xdf\xe3A_\x05XCk\x1d\x1cC\x97r\x93\xd6t\x81b\xc7x\xab\xa2\xf0\av\x88\x01\x92\xeaF\xa9!\xfc\x1c\xbf7q\xcf\xed&\x96\xa6\x1c_\xff\xb4\x00X\x1b\xedw\xc1\x00\x00\x00\x00\xe0T\x1f\xbc\x85\xd1Z\xa9\x01Z\xc2\xb0\f\x9a\x16\xa5?\xf74\x88\xeez@)&\xb5\a\xc1\v\xe7\xdf\x80\xe4\x9c\xf5f\x94jC\xb1\xcfh\xc5g\x02\xc6 U\xe5\xcea\x88\xee\x0f\xf57*\xb3\xe8iWTav\xff\xd9\xb0C\x1e\xbe\x97\xc8$-\x8d)\xe8\\\x8e;I\xde\x8a\x8e\x0fq\x06\xee\xb9\xc1\xf1)\xa0\xd9T\xec\x8b\x85I\x87OZ\xd8\"4\x87\xb1\xed?:\x84S\xb9\xbf\xab#\xd0N\x8f\x1ey7\x9286p\x10uZ\xf0', 0x0) write(r2, &(0x7f0000002140)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0) readlinkat(r1, &(0x7f0000000040)='./file0\x00', &(0x7f0000019240)=""/102393, 0x18ff9) 578.554681ms ago: executing program 2 (id=3654): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000fcffffef00000000000000008500000041000000850000007d00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpuset.effective_mems\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000880)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r1, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 541.347749ms ago: executing program 0 (id=3655): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)={0x3c, r1, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @local={0xac, 0x44}}]}, 0x3c}}, 0x0) 533.544467ms ago: executing program 2 (id=3656): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000500)='freezer.self_freezing\x00', 0x275a, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00'}, 0x10) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = socket$inet(0x2, 0x6, 0x0) shutdown(r2, 0x0) recvmmsg(r2, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) 508.858282ms ago: executing program 3 (id=3657): mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') unlink(&(0x7f0000000180)='./file1\x00') lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r1, 0x0, 0x0) creat(&(0x7f0000000140)='./file1\x00', 0x0) 505.249371ms ago: executing program 1 (id=3658): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes=6']) chdir(&(0x7f0000000140)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_sys\x00', 0x26e1, 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.freeze\x00', 0x275a, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 431.485452ms ago: executing program 0 (id=3659): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4104aec6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil}) 430.474295ms ago: executing program 1 (id=3660): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='ramfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x100000, 0x0) mount(&(0x7f0000000240)=@filename='./file0\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x101000, 0x0) umount2(0x0, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000008080)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x160) 332.750159ms ago: executing program 3 (id=3661): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000040)={0xb, {'syz1\x00', 'syz0\x00', 'syz1\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "8a"}}, 0x119) write$UHID_INPUT(r0, &(0x7f0000000800)={0x8, {"3efc0a71f24f13888071379bc3b5495da8d7cfedddc98bc9d1acf731119ecfd4903fd2c3c49407d581f68ff8bd8c6eb85b60af00bc86a40a73fdd0b9c47b7d246b335cc192913efdbe0a51538c460513b3e18d7786c5a924b99c523bb784363ff4d6537143ae9641dfa3062c91ec52ae07a8be2e56ce8218615a974d224876cd19d92e20c9ee1fa4a883bbb71e2b091b3a0ec5e501e55a7ee0387da2417ffae7217a30150ff91c82a1f9c7c6e6f3e7db49a80612c777f613d41196ac4e04cdd27e9cdf905dc256508b23887a7ccb6d2a2861fa4c50d9e82665c53ce6418399ae34e8276378af3724f6ee2324590d953c0f61aa13fd524b1ed193e929e1a6adac3a8bf236bd1ce77cf249c995725ba517f401086a03a4b837f91e30658172b06f458dc7dbfc404aa5e0e329ae10f76598026e40237000e4ab8b49c3bd5deb68164bbd493e17ffbbc1f266573ad30e7674f1c3782b1ec20bc1457996ba1b806e004e5ad024f85415e6b3cddfa9bf9af3b716b009a0ac1e07c56f0c0421ded46492b50550dcb7a5bc2568bae987b46bd6dfbcd98f6a590e03d9bdd636a46c8d4253b7e0ea76c13c67f8fb7a6aadc3c1cce84fba61cd55e10778bbc58886c41b6f6520fba09b50eea8b94c4665805d66785677d2552faaa2008d4ef31bcc5b1835a64d003bd3c7abad6051f048a47708136aea2fcae018cd9ad8618cb08239d14f09e83a73e952e2123b8e1c489ab905653f14c45a1dd60f640e495bab88f3b63c3936be1fff2fb2fd9b0b6b0f4265b06f46e3ea8be1bf500b97dd6c298a556fe8474ce636b44eba30a287de614670eb121af5d8f5644ffe30f98b01190877cf3db570fb346b7a314a8c327d145a6f65dd17d81d47adee841de792abfff1478e6f83f7e873cd34b3f488bbff05c2ad4d8cc0f364050c625caf30233973ae0331904113189b22fc970cc2e40e29c2eb71a1f5344458713c6b6120944eb62132fa01c1bfa22ba57bec22e71cc2f2197217c9770ddf29f769d3070a14e39388c8d433912fa5f21f1eca46a8110aaa39f765336fb413e63cb921298e99cf92892371f034e51a45d9da354f3bd12953967521ac99b1ee4c3a6048f6e64c25c8969e87d8e3dbf454b8df2d60ef31d2d5275360e1649b310a70d817d96361485250c5ff5ea32e0b4e0391f774028500918297ebacf7a8f6fa340699d80135700843ed1e974da5e80eb280367b224355968b641de731b778653810326944aa63e296cc20d423a49ff943ee392afdcbbc590fe8ac2672f2380ce3ce195f7fd27fbc62ae1563d87e3da21d0c1d1da2977a7347bd79a581058c43bae40758523b7ac845435972f050046950c5525215ed74f775bc25b21771c842d7c483b292f421e3d1edd7aa7f7c5dbbe19c26f96fc4fe6b48f49eb4ef6bbf104c2e22a3047f47ae17c73ab8eb509f8aa87920192509037d554af05a3fee47e79bbbe1ae0b0159af18b2e586cd94528a9c280902432db2a525fc16dd4fb53124ff5adfbbafe24c9e313f89072f65d705d21b86772a53aaecc959d86a49d3f9eb67d02bcfd68f3683ca54e7f495311ce04c1718d5671d7e0bc248525dac110005e5c2e445c57eeedd8a42a0571eefd67794eb0dce74afbaa547463c66b80e2f80b894f9d1076af447af7fd1f4725829ec5a9efebbe65e33c52d4ec03059b073a1f11c3d17a9a3b083eb17fa2e167c3af7bdec2f938bcf4fd438aa21704a0d98b258d4e339e4c0ed653f032ba9a900e595778ab80c6e92f9e4911e7a979de3826a1d3d4c571ca838ac6e7984e0c70707e10ce33ae48712a80a99886930ec30a810c613da40ae73bf24af504cb119e219ed6388dec9cbcef37321307c5d93acbe4af3702f131626c13a6dfa30a80cf5a85042c9a188ccb98d86969673f8bc424b13bef3441411fae5330f3b490d4f6318d3c59d2066a0ffe2cdf8eb0181a6837e5741950dff218de614aa49213539a066b9e51223d47697531631eb2305f250fa4650acc47030bc020b6b47a5df95c35d3211af09fc5608fb77df9a2cc99d69535ef3f47700f1576677b24be50dd541bf252128985f5bfe3a3be808ff2be58fe27207f055733eeeb1e6a1587f4415e906dba092fee104a119fc4eec2a9e9be10dc96490ea38deed4f5b92a6825215da85a0763b5beeee971c8069e71f05e5534bc1c6133c8c2002dbed4ef3fa5980f199f8d61966ef2d226b34e1d4026423e124f1b1e63a71bdecb2c460f8dafbd9f1679fe71a699fd81491092e0cae2014cb06f47e646da5071468a44ed14f5e485bcdf38cde0d691d14773b7e009588fb974bb48ea74b2c68faaefb7fde71ce15f90d1b7f4b98502dd3320b11c12771eb6ac56613c4ced2b6c3368455baf2526aca55cc61d724efc3daa8cc6544b1eeb38eaec4033d7edf8b8c8bc6ccc78fc1fbb94a9f750cc9df1d6f6229c005a8921fd647a4e7066d5dde4adcc47d885f1e1bbb06775e14bfc923f994f92cddbf3753456abf709a63064cf9e8c97c1fe09df6c5ce6767624cd09611b37ca952d6db03887b77bcb35304929e1a0798641636821f4b09adf6a7c75c70d713986f64446718a3f2cdba524aaf1b87ab380c7dab6508779c7c6af2a803b6d043e3db8f78de5c5c85dc3371864711c10083b2ec75281bad12d8b949f5b8af1f022cb7013b8ef16c9407671ebcdddd39268bcab2ae6a1584af3c6c7016fa5b6dcf2bfb3b057bd344018baf5eaf77ee0e9f064169346693bb0730b44d9b8c4349cd1bc8b3af95b5dd13c0a6eb35e9a80eb807af510052cc61736224a31fdf6d5983b1cd48354579108c35820cea6c03840c72e13ae133868f2cb70adae4f431600eb0a18d526f150257242285f0852604ff40d1bd54fbb0787c6e7a96ba0e4770c763a8e97d074a23c15bde623d27fc8966c88f60ac1dc2ae9d9f5413ae03ccda02109890fbc5659252f9026ae5b50d56796c17b4792e6ef44484cc9b57ebc917d69762aa198d72d1db2d66a2d195521263ea652ea55264fcd2c03722601d64922be7a3b8d2c873dc742614466af8939d6ef52610812d28e942ad6d564cde49121afb8d2fd5908f06369676dd2d03ac20cec805f715f7e3732b1cf44e37c409f83cacb4627eff6c88396c9e5a55b0f4e7979e6a27fc0a62a96af2ce10094a61e48cb89c384d989d80ef1bad500b198d69d962239c5e2f539490d8ced339be9e0f95cd9a52264cf8eca3f185dd90a72bb6b6c8a3f4f81cc4e2642e481248cb2ef26a44f2bf71e2a9757bb9ed5a2146990d3c8ef26ae43751ea99ce25bd80ad8a25496b71228083646696a30db2f1f8e091588b70b7abb7ccdcf067b9cb8dde490782572b4f07bf982d64dee7d2e850d49294f67700a1df5bd9393e7a3638e249cfbbb6c041312ecedbb986133cb4fe386b2b8ffdda3af2137c8a6acddba2dacfa735dd5a6b7799d01ab6fc00b8066766f44a27783994de082c82a0881ee1e3d4f003aa587dd57253684f5e8e7a964886097cef992a8a99ad7f60f3b5941205d0f7134f9fa6b5ed77f7b0d1108aede684886f576b4ba3621c4dbc5c8bc44b67875d94d59d2817327354203f367d4a28cc3e16d737ceb9ba07001d583e2069d4f1f8d27f7c5289adfad8a30a1a7efcf1d9e6f91996f3113d441dd79f5d0c398fa01dbf0ad628af5d48de1f1cda0f29843196982aa653560612901da07ef1a72359ee42f919c326c1ba240113eca951b4e3494854147f4ab737149cdf75a1e030c19bf63ddff507eb021d3518a0b75e356caf974b166d5ff3dc6c7b0e9ac23f81d93a7cc31ff99f9f8466768cd4b391b03148134c91d499e58e159f829857a4d07f3c8badd292c606b0e45ae84259b433f537da69d8fdd03a6e26288781ee98fadbb1f020a86bf3fd7621a6743a208ca6a23eed3a5f20d3ddd7b9a41e275d6937f89f83fc8740db336952e3333ab9c8f787552599ccb31ffaa59f71148e6e42532109eaca39b5ce2542416cbbb294d05ebb89963ca6785deb5764ca711a24c85dd5669f9651e38bafbe343985ef6826c7f87a7fe2a6355802f2d8b6eeef14cec894c764327ccc9f4ef3b682a27e0f99d2da0fb7e5ed11e0eba41e524926357580a64d8e3a138662f42db2ce893997e87a3dfe29e9a7c32c59d59ceb5ad62165e85bb51b086d97f0c35a721088c08cbb201231c6ec7bcbb16c7c75ce30586292dab7b39f3f9c99933213f2f3865580a77862143303ad747121dfea22d41f7b3cfe03b1ee9baa0a2b9f1627ad3cc435edd0660641eefae25d077a018c7450dcfa5c4ed71b47a6d7baa4f88db6a4d62ec5cf2b43c6fc361b1fe35fecf36b521b9c9ce88bff7e17a2257362f5feff8f24b6c85c9df983f4c44f7ba5a335224fc499a056cfd835e35c65d5e20735dbfc080a4ce644be0ae1f546a8fc7b90c44a3ad0ae248d4f1d0bbd67cc571218ed6b393c9b06aa9e9c013686a74e100ec1c3e8e38acaac8f333877bfdac347286dc722264e66a067242d25c3a61205522b9672268997fd08001157217437f5b8c66a00a5967ff3dfc15bc49d035477138e7a67b0140e552be0afa18c6b907d89bbdaaa1675240007b4bee751ca47afd1682835b06913595112f8b55f743f1402c38c7eb0a9ae9afd050809fe070b913647ff04b7c60be2c960e79a82e26df08d6027e18c2ba46124ad1b40bd48b997104efb7bfe450cb7f0998efc21cfc8bad435c5074e92d4c2f4d87be8dc94998b7d7fed281f91794dbda1efe8c1c69d4b186f42dc6b3bdf430a3856b63a3d8e87265d38653f03ec6a41454bbc28affbdfaeca7d123257034a261cd12bb80c6bc827a65cad8d5da4f174d852cf5bc9e8bbcbc05594479e1361e935ab9663163f8db842919080fcb50636b908b8d582da4b8a4293bd391f0417e0ae356a5a134ceee3a8db38c8395ee4265c8efb1290bad61a919d133a8a24c53a18f2908d3189e3c7aff04f2abcc3b33a1b3b21db7e7d15390bff11afee673d42f9d5240e35102b6fd8e4f1670b5ec9a36b9cf9cd587a1c1af6d4ba24caf7d2cf442c9906fe583c21e6c2b9bc44df44a1c046ae72d03bad1e66cfa3f361593fba9e0d001e01baea8ef4b002055244c25d9fe2a788f2bc46c841b5daf88598ba3cb8844cef3cc729c0684b3d38b913fa8ab00f115b32ca452bfc8bfd356a46b26677606ba0889bee4b01e51aaf1ae303c83ebef69e1b0269c8b7cb1375eafb9e74699ca24a016c1dde1b85ee359d6deb97cc92116b461e7468b44a9cdd6640731117ae4f61d1fd6a10d57d646b5eac5334eb6c9c36b12565dc4fe118d3cee3fd80289214a261a1c898de79809d0536b3f97390b16a5078b1508ed2179e915d2bd86841ffc7ee83d040d07d269b47ec703e5450f699462bc9f1d9d88a88e6ff3e8bff2f39fd22d08daa945e85cf331f22b27fe6b904967ce2f7fb90d92fe145e7f960a79879b97f0d15479c800c07baaa52b2536d745d16bcae1a7361abb4ec42c766a9e1af9484f28ec7456ca00468611b2452062f5d2c5589e84ad868dd1b37a8a5f1cc5a15cadb9427778a424121374bf574813b68427024110834ad84ddd7dc44279a8b37a77fe8b5dfeba4ef38b94064525e68e84d858d20f7f12a14e07824ed82cc4efacd44d2a11a8a9fc9d082b85dd4d7ff5cb1ac358de7b0bc6fa9d36f051725a9a17a4d0c38fd6f7678c058d5d3f7eede8b1d6d89ed73c01fb1661fe9a40af3c8a9de31f4e21e5213539893e4e0211681a1390e12d48db7469f5ecc1f73beaa0ae5", 0x1000}}, 0x1006) 307.05989ms ago: executing program 1 (id=3662): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10) write$binfmt_misc(r0, &(0x7f0000000280)=ANY=[], 0xbf) shutdown(r0, 0x1) recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000019c0)=""/4104, 0x1008}], 0x1}, 0x40000100) 293.727213ms ago: executing program 0 (id=3663): r0 = socket$inet(0x2, 0x3, 0x7b) connect$inet(r0, &(0x7f0000000940)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x30}}, 0x10) write(r0, 0x0, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x4040, 0x4) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/222, 0xde}], 0x1) 188.794234ms ago: executing program 0 (id=3664): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = memfd_create(&(0x7f0000000100)='+\x88\xc7s\x00\x00\x942nodev\x00\x00\x8cZ_Pv\x03\xa7\xc1\b\xec\x90Q\x85\x83\xcd\x16\xdcw\'\x8a\xe5N\x8c\x17\xfd\xc5\xad\xd5y\x15\x1fx\x17\f\xbc\xd1.\x8cA\x17\x86\xb7-j!Y\x92\xd9\xc4\r8\xd0\xc9X\xa7\x11\xa3\xf0\x8a*\xbc\x87\xcd\x1fl\xfc\xf3]\xb8\xbd\x02\v<\fl\xa6]\xa5\xfb\x05\xcb\x9c\xe2\xc8\x05\xa5\xa5\xeb\xa9\xef\xe3\xf1b\x81\xec\xac\xb6\x80\xd5\xf5S\x85\x06O\x05\xb8\xa1\x15\xcc\x17\xe8s\x95\x95B\xee_\x98\x91)\xe7\xa8+\x8c\xee\x83@q\x16\xcf3\x0f\x81\xa8\xa9`i\x01m:\xcc\x1c\xed<\xcfA3n\xfd\n>\x03\xae\f \xdbH\'\x05\x82\xdbLE\x14\xcdq\x1abcf\xdb8\xe9a\xa8\x00'/201, 0x2) bpf$ENABLE_STATS(0x20, 0x0, 0x0) fcntl$addseals(r0, 0x409, 0x12) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1008, 0x0, 0x13, r0, 0x0) 179.76143ms ago: executing program 1 (id=3665): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000fcffffef00000000000000008500000041000000850000007d00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpuset.effective_mems\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000880)={'#! ', './file0'}, 0xb) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r1, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) 104.006331ms ago: executing program 1 (id=3666): r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0cc5605, &(0x7f0000000180)={0x1, @vbi={0x0, 0x0, 0x35314142}}) 48.81061ms ago: executing program 3 (id=3667): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000000c0)='percpu_free_percpu\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000113c0)={0x0, 0x0, &(0x7f0000011380)={&(0x7f0000000080)=@newtaction={0x5c, 0x30, 0x497e3237ccede7b, 0x0, 0x0, {}, [{0x48, 0x1, [@m_bpf={0x44, 0x1, 0x0, 0x0, {{0x8}, {0x1c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x5c}}, 0x0) 47.165512ms ago: executing program 0 (id=3668): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='projid_map\x00') pread64(r0, &(0x7f0000002240)=""/163, 0xa3, 0x0) 2.197886ms ago: executing program 3 (id=3669): syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, &(0x7f00000006c0)={0x0, 0x0, 0xc1, &(0x7f0000000180)={0x5, 0xf, 0xc1, 0x4, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "b712d041d36c2d8515ec26ba5affb8d6"}, @generic={0x9d, 0x10, 0x0, "6a66a17ba6f3dfb30a417a26ff2e4c76046cf4fcbdcab3217b7d513caa2a7bdf813a16cbaeb21d16be222d8b2fc82fdd7c7306e1750ed16af6db7ad5a82e61874f93f90908472dc3a55f7839b7a8a792ca8ad7288d07c59222e0f1084128bc0f7e461141d0cff03ceee9a0a78c6b75375f665646b6539fea8b40743ace635189d1c8892209e0d07db2a52a192efa5fe8187c75382f9a9fd57dfd"}, @generic={0x8, 0x10, 0x0, "668a8cc7c3"}]}}) r0 = syz_open_dev$evdev(&(0x7f0000001540), 0x0, 0x0) ioctl$EVIOCGLED(r0, 0x5452, &(0x7f0000000240)=""/77) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000001080)={0x0, 0x0, 0x0, {0x0, 0x1}, {0x74, 0x2}}) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01) write$char_usb(r1, &(0x7f0000000040)="e2", 0x1068) 0s ago: executing program 1 (id=3670): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000080)=@v1={0x0, @aes256, 0x0, @desc1}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000140)=@file={0x1, './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e, 0x0}}], 0x2, 0x0) kernel console output (not intermixed with test programs): 3.1517" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748c579 code=0x0 [ 135.562759][ T8954] netlink: 'syz.0.1526': attribute type 3 has an invalid length. [ 135.567147][ T8954] netlink: 666 bytes leftover after parsing attributes in process `syz.0.1526'. [ 135.705866][ T30] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 135.888076][ T8972] ntfs3: nullb0: Primary boot signature is not NTFS. [ 135.891228][ T8972] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 135.920743][ T30] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 135.925297][ T30] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.929946][ T30] usb 6-1: Product: syz [ 135.931785][ T30] usb 6-1: Manufacturer: syz [ 135.933801][ T30] usb 6-1: SerialNumber: syz [ 135.941975][ T30] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 135.960427][ T55] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 136.146349][ T9] kernel read not supported for file inotify (pid: 9 comm: kworker/0:1) [ 136.273871][ T9] usb 6-1: USB disconnect, device number 6 [ 136.729147][ T9000] IPVS: set_ctl: invalid protocol: 58 255.255.255.255:0 [ 136.957028][ T9024] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1557'. [ 136.958615][ T9023] IPVS: set_ctl: invalid protocol: 58 255.255.255.255:0 [ 137.035545][ T55] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 137.039191][ T55] ath9k_htc: Failed to initialize the device [ 137.042805][ T9] usb 6-1: ath9k_htc: USB layer deinitialized [ 137.536191][ T9072] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING [ 137.547008][ T9059] infiniband syz0: set active [ 137.550827][ T9059] infiniband syz0: added bond0 [ 137.595980][ T9059] RDS/IB: syz0: added [ 137.599103][ T9059] smc: adding ib device syz0 with port count 1 [ 137.601418][ T9059] smc: ib device syz0 port 1 has pnetid [ 137.828067][ T9096] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING [ 138.081048][ T1354] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.828787][ T9163] rdma_rxe: rxe_newlink: failed to add bond0 [ 139.100640][ T5267] kernel read not supported for file inotify (pid: 5267 comm: kworker/2:5) [ 139.903507][ T9219] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1645'. [ 139.925242][ T5248] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 140.117134][ T5248] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 140.140071][ T5248] usb 5-1: New USB device found, idVendor=046d, idProduct=1017, bcdDevice= 0.00 [ 140.149349][ T5248] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.156770][ T5248] usb 5-1: config 0 descriptor?? [ 140.167323][ T5248] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 140.252179][ T9231] syzkaller1: entered promiscuous mode [ 140.254830][ T9231] syzkaller1: entered allmulticast mode [ 140.287774][ T9235] netlink: 188 bytes leftover after parsing attributes in process `syz.3.1654'. [ 140.291462][ T9235] netlink: 'syz.3.1654': attribute type 1 has an invalid length. [ 140.444220][ T9243] netlink: 'syz.2.1658': attribute type 10 has an invalid length. [ 140.449876][ T39] audit: type=1326 audit(1719514959.775:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9240 comm="syz.3.1657" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748c579 code=0x0 [ 140.481605][ T9243] team0: left promiscuous mode [ 140.493045][ T9243] team_slave_0: left promiscuous mode [ 140.496067][ T9243] team_slave_1: left promiscuous mode [ 140.527231][ T9243] batman_adv: batadv0: Adding interface: team0 [ 140.530210][ T9243] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.535887][ T9250] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1659'. [ 140.546863][ T9243] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 140.553583][ T9248] netlink: 'syz.2.1658': attribute type 10 has an invalid length. [ 140.557000][ T9248] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1658'. [ 140.561284][ T9248] team0: entered promiscuous mode [ 140.568087][ T9248] team_slave_0: entered promiscuous mode [ 140.570895][ T9248] team_slave_1: entered promiscuous mode [ 140.575736][ T9248] 8021q: adding VLAN 0 to HW filter on device team0 [ 140.589117][ T9248] batman_adv: batadv0: Interface activated: team0 [ 140.592071][ T9248] batman_adv: batadv0: Interface deactivated: team0 [ 140.595169][ T9248] batman_adv: batadv0: Removing interface: team0 [ 140.770708][ T9262] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1663'. [ 140.937459][ T9269] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1666'. [ 140.954994][ T9269] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1666'. [ 141.308989][ T9279] netlink: 'syz.2.1670': attribute type 10 has an invalid length. [ 141.322130][ T9279] team0: left promiscuous mode [ 141.324930][ T9279] team_slave_0: left promiscuous mode [ 141.328539][ T9279] team_slave_1: left promiscuous mode [ 141.351877][ T9279] batman_adv: batadv0: Adding interface: team0 [ 141.358093][ T9279] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 141.378737][ T9279] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 141.386290][ T9284] netlink: 'syz.2.1670': attribute type 10 has an invalid length. [ 141.391149][ T9284] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1670'. [ 141.397954][ T9284] team0: entered promiscuous mode [ 141.400905][ T9284] team_slave_0: entered promiscuous mode [ 141.408182][ T9284] team_slave_1: entered promiscuous mode [ 141.413782][ T9284] 8021q: adding VLAN 0 to HW filter on device team0 [ 141.418145][ T9284] batman_adv: batadv0: Interface activated: team0 [ 141.421701][ T9284] batman_adv: batadv0: Interface deactivated: team0 [ 141.433375][ T9284] batman_adv: batadv0: Removing interface: team0 [ 141.460032][ T9288] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1674'. [ 141.505773][ T9290] netlink: 203452 bytes leftover after parsing attributes in process `syz.3.1675'. [ 141.513566][ T9290] netlink: 'syz.3.1675': attribute type 2 has an invalid length. [ 142.170352][ T5243] kernel read not supported for file inotify (pid: 5243 comm: kworker/0:3) [ 142.247356][ T9322] netlink: 'syz.1.1688': attribute type 10 has an invalid length. [ 142.310390][ T9322] batman_adv: batadv0: Adding interface: team0 [ 142.323702][ T9322] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 142.355395][ T9322] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 142.372240][ T9323] netlink: 'syz.1.1688': attribute type 10 has an invalid length. [ 142.376815][ T9323] team0: entered promiscuous mode [ 142.378799][ T9323] team_slave_0: entered promiscuous mode [ 142.381394][ T9323] team_slave_1: entered promiscuous mode [ 142.387181][ T9323] 8021q: adding VLAN 0 to HW filter on device team0 [ 142.390684][ T9323] batman_adv: batadv0: Interface activated: team0 [ 142.393518][ T9323] batman_adv: batadv0: Interface deactivated: team0 [ 142.396747][ T9323] batman_adv: batadv0: Removing interface: team0 [ 142.400816][ T9323] bridge0: port 3(team0) entered blocking state [ 142.406066][ T9323] bridge0: port 3(team0) entered disabled state [ 142.411384][ T9323] team0: entered allmulticast mode [ 142.418502][ T9323] team_slave_0: entered allmulticast mode [ 142.421373][ T9323] team_slave_1: entered allmulticast mode [ 142.438303][ T9323] bridge0: port 3(team0) entered blocking state [ 142.441576][ T9323] bridge0: port 3(team0) entered forwarding state [ 142.478005][ T825] usb 5-1: USB disconnect, device number 8 [ 143.423220][ T9385] €Â: renamed from pim6reg1 [ 144.054422][ T9443] syzkaller1: entered promiscuous mode [ 144.059605][ T9443] syzkaller1: entered allmulticast mode [ 144.383009][ T9472] €Â: renamed from pim6reg1 [ 144.829591][ T9502] €Â: renamed from pim6reg1 [ 145.301860][ T9539] __nla_validate_parse: 1 callbacks suppressed [ 145.301877][ T9539] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1787'. [ 145.315613][ T9539] bridge_slave_1: left allmulticast mode [ 145.318237][ T9539] bridge_slave_1: left promiscuous mode [ 145.321118][ T9539] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.334512][ T9539] bridge_slave_0: left allmulticast mode [ 145.337650][ T9539] bridge_slave_0: left promiscuous mode [ 145.340256][ T9539] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.918760][ T9581] syz.0.1807(9581): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 146.519046][ T39] audit: type=1804 audit(1719514965.835:46): pid=9620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1819" name="/syzkaller.OjN69i/95/bus" dev="sda1" ino=1951 res=1 errno=0 [ 146.732717][ T9629] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 146.950456][ T39] audit: type=1804 audit(1719514966.265:47): pid=9641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1829" name="/syzkaller.BGAP8d/500/bus" dev="sda1" ino=1963 res=1 errno=0 [ 147.082012][ T9648] netlink: 203452 bytes leftover after parsing attributes in process `syz.1.1832'. [ 147.089314][ T9648] netlink: 'syz.1.1832': attribute type 2 has an invalid length. [ 147.094924][ T55] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 147.105867][ T5248] kernel read not supported for file inotify (pid: 5248 comm: kworker/1:3) [ 147.203545][ T9653] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1833'. [ 147.207973][ T9653] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1833'. [ 147.281900][ T55] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 147.291179][ T55] usb 8-1: New USB device found, idVendor=046d, idProduct=1017, bcdDevice= 0.00 [ 147.295580][ T55] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.308141][ T55] usb 8-1: config 0 descriptor?? [ 147.315544][ T55] usbhid 8-1:0.0: couldn't find an input interrupt endpoint [ 147.773562][ T39] audit: type=1800 audit(1719514967.085:48): pid=9689 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1848" name="bus" dev="sda1" ino=1967 res=0 errno=0 [ 147.788617][ T9689] syz.0.1848: attempt to access beyond end of device [ 147.788617][ T9689] nbd0: rw=0, sector=16, nr_sectors = 8 limit=0 [ 147.795548][ T9689] REISERFS warning (device nbd0): sh-2006 read_super_block: bread failed (dev nbd0, block 2, size 4096) [ 147.799628][ T9689] syz.0.1848: attempt to access beyond end of device [ 147.799628][ T9689] nbd0: rw=0, sector=128, nr_sectors = 8 limit=0 [ 147.804070][ T9689] REISERFS warning (device nbd0): sh-2006 read_super_block: bread failed (dev nbd0, block 16, size 4096) [ 147.809614][ T9689] REISERFS warning (device nbd0): sh-2021 reiserfs_fill_super: can not find reiserfs on nbd0 [ 147.890471][ T9692] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1850'. [ 147.960302][ T9692] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1850'. [ 148.203173][ T39] audit: type=1800 audit(1719514967.515:49): pid=9718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1860" name="bus" dev="sda1" ino=1969 res=0 errno=0 [ 148.224382][ T9718] syz.2.1860: attempt to access beyond end of device [ 148.224382][ T9718] nbd2: rw=0, sector=16, nr_sectors = 8 limit=0 [ 148.230196][ T39] audit: type=1800 audit(1719514967.545:50): pid=9720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1854" name="/" dev="fuse" ino=1 res=0 errno=0 [ 148.231048][ T9718] REISERFS warning (device nbd2): sh-2006 read_super_block: bread failed (dev nbd2, block 2, size 4096) [ 148.243989][ T9718] syz.2.1860: attempt to access beyond end of device [ 148.243989][ T9718] nbd2: rw=0, sector=128, nr_sectors = 8 limit=0 [ 148.254285][ T9718] REISERFS warning (device nbd2): sh-2006 read_super_block: bread failed (dev nbd2, block 16, size 4096) [ 148.259722][ T9718] REISERFS warning (device nbd2): sh-2021 reiserfs_fill_super: can not find reiserfs on nbd2 [ 148.344089][ T39] audit: type=1800 audit(1719514967.655:51): pid=9723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1861" name="bus" dev="sda1" ino=1969 res=0 errno=0 [ 148.675188][ T9738] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1868'. [ 148.779611][ T9742] fuse: Bad value for 'group_id' [ 149.716248][ T5237] usb 8-1: USB disconnect, device number 6 [ 150.718414][ T9791] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.1891'. [ 150.722246][ T9791] netlink: del zone limit has 8 unknown bytes [ 150.871656][ T4646] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 150.876767][ T4646] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 150.887690][ T4646] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 150.892890][ T4646] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 150.900489][ T4646] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 150.904012][ T4646] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 151.152503][ T45] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.269822][ T45] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.347122][ T9802] chnl_net:caif_netlink_parms(): no params data found [ 151.436071][ T45] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.659898][ T45] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.678538][ T9802] bridge0: port 1(bridge_slave_0) entered blocking state [ 151.681077][ T9802] bridge0: port 1(bridge_slave_0) entered disabled state [ 151.683530][ T9802] bridge_slave_0: entered allmulticast mode [ 151.694106][ T9802] bridge_slave_0: entered promiscuous mode [ 151.742473][ T5206] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 151.749008][ T5206] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 151.753450][ T5206] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 151.766658][ T9802] bridge0: port 2(bridge_slave_1) entered blocking state [ 151.769764][ T9802] bridge0: port 2(bridge_slave_1) entered disabled state [ 151.772610][ T9802] bridge_slave_1: entered allmulticast mode [ 151.780054][ T9841] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1908'. [ 151.780074][ T5206] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 151.786059][ T9802] bridge_slave_1: entered promiscuous mode [ 151.789665][ T5206] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 151.792658][ T5206] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 151.838911][ T9851] hugetlbfs: syz.1.1913 (9851): Using mlock ulimits for SHM_HUGETLB is obsolete [ 151.901011][ T9802] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 151.970006][ T9802] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 152.111917][ T9802] team0: Port device team_slave_0 added [ 152.627744][ T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 152.637802][ T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 152.643286][ T45] bond0 (unregistering): Released all slaves [ 152.664262][ T9802] team0: Port device team_slave_1 added [ 152.793859][ T9879] bridge0: entered promiscuous mode [ 152.796713][ T9879] bridge0: entered allmulticast mode [ 152.801467][ T45] tipc: Disabling bearer [ 152.813655][ T45] tipc: Left network mode [ 152.817107][ T9802] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 152.819733][ T9802] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 152.829733][ T9802] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 152.836309][ T9802] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 152.846558][ T9802] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 152.855897][ T9802] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 152.955175][ T4646] Bluetooth: hci1: command tx timeout [ 153.021064][ T9802] hsr_slave_0: entered promiscuous mode [ 153.029415][ T9802] hsr_slave_1: entered promiscuous mode [ 153.032834][ T9802] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 153.036513][ T9802] Cannot create hsr debugfs directory [ 153.558479][ T9897] fscrypt: AES-128-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 153.677644][ T45] hsr_slave_0: left promiscuous mode [ 153.738968][ T45] hsr_slave_1: left promiscuous mode [ 153.743805][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 153.747563][ T45] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 153.752011][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 153.756037][ T45] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 153.807073][ T45] veth1_macvtap: left promiscuous mode [ 153.809624][ T45] veth0_macvtap: left promiscuous mode [ 153.812233][ T45] veth1_vlan: left promiscuous mode [ 153.814966][ T45] veth0_vlan: left promiscuous mode [ 153.844701][ T4646] Bluetooth: hci0: command tx timeout [ 153.905152][ T9920] binder: 9919:9920 ioctl c0306201 20000080 returned -14 [ 153.958710][ T9922] trusted_key: syz.1.1938 sent an empty control message without MSG_MORE. [ 154.761784][ T45] team0 (unregistering): Port device team_slave_1 removed [ 154.857373][ T45] team0 (unregistering): Port device team_slave_0 removed [ 155.034977][ T4646] Bluetooth: hci1: command tx timeout [ 155.610596][ T9935] infiniband syz0: set active [ 155.614322][ T9845] chnl_net:caif_netlink_parms(): no params data found [ 155.852828][ T9845] bridge0: port 1(bridge_slave_0) entered blocking state [ 155.856350][ T9845] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.856447][ T9845] bridge_slave_0: entered allmulticast mode [ 155.857948][ T9845] bridge_slave_0: entered promiscuous mode [ 155.859455][ T9845] bridge0: port 2(bridge_slave_1) entered blocking state [ 155.859529][ T9845] bridge0: port 2(bridge_slave_1) entered disabled state [ 155.859598][ T9845] bridge_slave_1: entered allmulticast mode [ 155.860541][ T9845] bridge_slave_1: entered promiscuous mode [ 155.904297][ T9952] netlink: 'syz.3.1950': attribute type 10 has an invalid length. [ 155.914844][ T4646] Bluetooth: hci0: command tx timeout [ 155.923252][ T9952] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 155.971994][ T9845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 155.987667][ T9845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 156.088058][ T9967] xt_CT: You must specify a L4 protocol and not use inversions on it [ 156.106942][ T9845] team0: Port device team_slave_0 added [ 156.112791][ T9845] team0: Port device team_slave_1 added [ 156.225220][ T9845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 156.233155][ T9845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.243395][ T9845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 156.253825][ T9845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 156.256808][ T9845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.268170][ T9845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 156.377809][ T9845] hsr_slave_0: entered promiscuous mode [ 156.382187][ T9845] hsr_slave_1: entered promiscuous mode [ 156.454915][ T9981] xt_CT: You must specify a L4 protocol and not use inversions on it [ 156.550149][ T45] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.597629][ T9802] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 156.606059][ T9802] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 156.627783][ T9802] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 156.636333][ T9802] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 156.783678][ T45] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.874032][ T45] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.918384][ T9802] 8021q: adding VLAN 0 to HW filter on device bond0 [ 156.935102][ T9802] 8021q: adding VLAN 0 to HW filter on device team0 [ 156.941572][ T5243] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.944295][ T5243] bridge0: port 1(bridge_slave_0) entered forwarding state [ 157.013038][ T45] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.048670][ T5243] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.051165][ T5243] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.114729][ T4646] Bluetooth: hci1: command tx timeout [ 157.623366][ T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 157.631769][ T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 157.639269][ T45] bond0 (unregistering): Released all slaves [ 157.652612][ T45] bond1 (unregistering): Released all slaves [ 157.679357][T10011] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1974'. [ 157.714882][ T9802] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 157.781063][ T9802] veth0_vlan: entered promiscuous mode [ 157.797203][ T9802] veth1_vlan: entered promiscuous mode [ 157.886410][ T9802] veth0_macvtap: entered promiscuous mode [ 157.909551][ T9802] veth1_macvtap: entered promiscuous mode [ 157.924222][ T9802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.928804][ T9802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.933499][ T9802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.939257][ T9802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.943501][ T9802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 157.949775][ T9802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 157.957622][ T9802] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 157.985280][ T4646] Bluetooth: hci0: command tx timeout [ 157.993903][T10015] infiniband syz0: set active [ 158.062774][ T9802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 158.083224][ T9802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.088728][ T9802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 158.092765][ T9802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.096376][ T9802] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 158.100075][ T9802] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 158.110781][ T9802] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 158.129090][ T9802] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.133065][ T9802] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.138511][ T9802] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.142592][ T9802] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.321176][ T45] hsr_slave_0: left promiscuous mode [ 158.335302][ T45] hsr_slave_1: left promiscuous mode [ 158.338736][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 158.342178][ T45] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 158.350945][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 158.354330][ T45] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 158.411149][ T45] veth1_macvtap: left promiscuous mode [ 158.413904][ T45] veth0_macvtap: left promiscuous mode [ 158.419454][ T45] veth1_vlan: left promiscuous mode [ 158.424441][ T45] veth0_vlan: left promiscuous mode [ 158.952594][T10023] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1977'. [ 159.185304][ T4646] Bluetooth: hci1: command tx timeout [ 159.518632][ T45] team_slave_1 (unregistering): left promiscuous mode [ 159.524285][ T45] team0 (unregistering): Port device team_slave_1 removed [ 159.610101][ T45] team_slave_0 (unregistering): left promiscuous mode [ 159.616310][ T45] team0 (unregistering): Port device team_slave_0 removed [ 160.064907][ T4646] Bluetooth: hci0: command tx timeout [ 160.348074][T10032] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1981'. [ 160.352945][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 160.360166][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 160.407290][ T9845] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 160.411067][ T825] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 160.412358][T10034] UHID_CREATE from different security context by process 319 (syz.3.1982), this is not allowed. [ 160.420927][ T825] hid-generic 0000:0000:0000.0009: hidraw1: HID v0.00 Device [syz1] on syz0 [ 160.431926][ T9845] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 160.441598][ T82] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 160.454816][ T82] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 160.466302][ T9845] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 160.472264][ T9845] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 160.550470][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.553722][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.559918][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.563592][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.572563][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.578277][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.581232][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.584235][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.588191][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.591344][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.592792][ T9845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 160.595096][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.600599][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.603257][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.610716][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.613723][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.617013][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.620231][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.623584][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.630195][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.633891][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.637561][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.640336][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.642939][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.646170][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.647624][ T9845] 8021q: adding VLAN 0 to HW filter on device team0 [ 160.648905][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.654388][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.657091][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.657802][ T55] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.659695][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.659712][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.663011][ T55] bridge0: port 1(bridge_slave_0) entered forwarding state [ 160.666756][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.676059][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.679177][ T55] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.679465][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.682898][ T55] bridge0: port 2(bridge_slave_1) entered forwarding state [ 160.686206][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.691776][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.695130][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.697818][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.700546][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.703702][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.706569][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.709138][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.711783][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.716200][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.719006][ T9] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 160.724453][ T9] hid-generic 0000:0000:0000.000A: hidraw1: HID v0.00 Device [syz0] on syz0 [ 160.901432][ T45] IPVS: stop unused estimator thread 0... [ 160.937817][ T9845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 160.982567][ T9845] veth0_vlan: entered promiscuous mode [ 160.989658][ T9845] veth1_vlan: entered promiscuous mode [ 161.022738][ T9845] veth0_macvtap: entered promiscuous mode [ 161.032021][ T9845] veth1_macvtap: entered promiscuous mode [ 161.045882][ T9845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.050677][ T9845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.055697][ T9845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.060776][ T9845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.066615][ T9845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.070955][ T9845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.078156][ T9845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 161.085878][ T9845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.090073][ T9845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.095117][ T9845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.099375][ T9845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.103757][ T9845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.108808][ T9845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.114287][ T9845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 161.123506][ T9845] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.127466][T10080] binder_alloc: 10079: binder_install_single_page failed to insert page at offset 1000 with -14 [ 161.132708][ T9845] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.136628][ T9845] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.140917][ T9845] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.212527][T10083] netlink: 136 bytes leftover after parsing attributes in process `syz.3.2001'. [ 161.227720][ T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.231490][ T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.272318][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.278891][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.560294][ T4646] Bluetooth: hci0: Malformed Event: 0x02 [ 162.109325][T10130] binder_alloc: 10129: binder_install_single_page failed to insert page at offset 1000 with -14 [ 162.239988][T10138] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 162.243186][T10138] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 162.252446][T10138] vhci_hcd vhci_hcd.0: Device attached [ 162.284692][T10139] vhci_hcd: connection closed [ 162.294708][ T45] vhci_hcd: stop threads [ 162.318830][ T45] vhci_hcd: release socket [ 162.320948][ T45] vhci_hcd: disconnect device [ 162.435612][T10154] binder_alloc: 10153: binder_install_single_page failed to insert page at offset 1000 with -14 [ 162.624386][T10163] fuse: Bad value for 'group_id' [ 163.317760][T10171] netlink: 136 bytes leftover after parsing attributes in process `syz.2.2039'. [ 164.496660][T10203] program syz.2.2053 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 164.600053][T10207] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2056'. [ 164.603516][T10207] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 165.405550][T10241] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2070'. [ 165.443120][T10243] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2071'. [ 165.453373][T10243] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2071'. [ 165.454149][T10239] fuse: Bad value for 'group_id' [ 165.502493][T10245] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 165.505193][T10245] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 165.510021][T10245] vhci_hcd vhci_hcd.0: Device attached [ 165.542137][T10246] vhci_hcd: connection closed [ 165.543787][ T11] vhci_hcd: stop threads [ 165.550659][ T11] vhci_hcd: release socket [ 165.553131][ T11] vhci_hcd: disconnect device [ 165.709797][T10251] program syz.2.2074 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 166.018974][ T39] audit: type=1326 audit(1719514985.335:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10255 comm="syz.2.2076" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7495579 code=0x0 [ 166.544946][T10267] serio: Serial port pts0 [ 167.298072][T10289] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2086'. [ 167.438460][ T39] audit: type=1326 audit(1719514986.755:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10298 comm="syz.1.2094" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7494579 code=0x0 [ 167.921123][T10317] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 170.232952][T10345] usb usb9: usbfs: process 10345 (syz.1.2111) did not claim interface 0 before use [ 170.245783][T10345] usb usb9: selecting invalid altsetting 21783 [ 170.784557][T10359] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2117'. [ 170.930890][T10365] Bluetooth: MGMT ver 1.22 [ 171.059556][T10369] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 171.218347][T10377] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.222582][T10377] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.264506][T10377] bridge_slave_1: left allmulticast mode [ 171.268667][T10377] bridge_slave_1: left promiscuous mode [ 171.279549][T10377] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.292730][T10377] bridge_slave_0: left allmulticast mode [ 171.297804][T10377] bridge_slave_0: left promiscuous mode [ 171.304070][T10377] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.586479][T10385] binder: 10384:10385 ioctl c0306201 20000340 returned -14 [ 171.717915][T10395] netlink: 'syz.0.2133': attribute type 4 has an invalid length. [ 171.721359][T10395] netlink: 128124 bytes leftover after parsing attributes in process `syz.0.2133'. [ 171.753448][T10396] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 172.300053][ T5237] psmouse serio3: Failed to reset mouse on : -5 [ 172.859820][T10436] raw_sendmsg: syz.1.2151 forgot to set AF_INET. Fix it! [ 173.314571][T10446] infiniband syz0: set down [ 173.621492][T10453] syzkaller0: entered promiscuous mode [ 173.623831][T10453] syzkaller0: entered allmulticast mode [ 173.675867][T10453] syzkaller0: tun_net_xmit 1280 [ 173.684535][T10453] syzkaller0: create flow: hash 728815661 index 1 [ 173.786028][T10452] syzkaller0: delete flow: hash 728815661 index 1 [ 175.097821][T10461] binder: 10460:10461 ioctl c0306201 20000340 returned -14 [ 175.884782][ T5237] misc userio: Buffer overflowed, userio client isn't keeping up [ 176.263918][ T39] audit: type=1326 audit(1719514995.575:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10478 comm="syz.1.2171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7494579 code=0x7ffc0000 [ 176.281801][ T39] audit: type=1326 audit(1719514995.575:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10478 comm="syz.1.2171" exe="/syz-executor" sig=0 arch=40000003 syscall=338 compat=1 ip=0xf7494579 code=0x7ffc0000 [ 176.293987][ T39] audit: type=1326 audit(1719514995.575:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10478 comm="syz.1.2171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7494579 code=0x7ffc0000 [ 176.309067][ T39] audit: type=1326 audit(1719514995.575:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10478 comm="syz.1.2171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7494579 code=0x7ffc0000 [ 176.319415][ T39] audit: type=1326 audit(1719514995.575:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10478 comm="syz.1.2171" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7494579 code=0x7ffc0000 [ 176.330330][ T39] audit: type=1326 audit(1719514995.575:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10478 comm="syz.1.2171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7494579 code=0x7ffc0000 [ 176.339801][ T39] audit: type=1326 audit(1719514995.575:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10478 comm="syz.1.2171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7494579 code=0x7ffc0000 [ 176.350031][ T39] audit: type=1326 audit(1719514995.575:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10478 comm="syz.1.2171" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf7494579 code=0x7ffc0000 [ 176.358454][ T39] audit: type=1326 audit(1719514995.575:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10478 comm="syz.1.2171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7494579 code=0x7ffc0000 [ 176.368626][ T39] audit: type=1326 audit(1719514995.575:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10478 comm="syz.1.2171" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7494579 code=0x7ffc0000 [ 176.605695][T10488] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 177.167329][ T5237] input: PS/2 Generic Mouse as /devices/serio3/input/input20 [ 177.343079][T10510] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2183'. [ 177.404809][ T5237] psmouse serio3: Failed to enable mouse on [ 178.379707][ T5248] psmouse serio4: Failed to reset mouse on : -5 [ 178.384758][ T5249] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 178.584771][ T5249] usb 8-1: Using ep0 maxpacket: 16 [ 178.589122][ T5249] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 38, changing to 9 [ 178.594554][ T5249] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 178.601319][ T5249] usb 8-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 178.607240][ T5249] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.616947][ T5249] usb 8-1: config 0 descriptor?? [ 178.943826][ T55] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 178.954736][ C1] hrtimer: interrupt took 177287 ns [ 178.996125][T10553] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 179.009293][ T5249] usb 8-1: string descriptor 0 read error: -71 [ 179.038824][ T5249] usbhid 8-1:0.0: can't add hid device: -71 [ 179.041502][ T5249] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 179.047354][ T5249] usb 8-1: USB disconnect, device number 7 [ 179.168128][ T55] usb 6-1: Using ep0 maxpacket: 8 [ 179.173174][ T55] usb 6-1: config index 0 descriptor too short (expected 5924, got 36) [ 179.177471][ T55] usb 6-1: config 250 has an invalid interface number: 228 but max is -1 [ 179.183103][ T55] usb 6-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 179.190998][ T55] usb 6-1: config 250 has no interface number 0 [ 179.195890][ T55] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 179.200815][ T55] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 179.215024][ T55] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 179.219374][ T55] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 179.224393][ T55] usb 6-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 179.240500][ T55] usb 6-1: config 250 interface 228 has no altsetting 0 [ 179.251702][ T55] usb 6-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 179.256606][ T55] usb 6-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 179.259944][ T55] usb 6-1: Product: syz [ 179.261717][ T55] usb 6-1: SerialNumber: syz [ 179.275932][ T55] hub 6-1:250.228: bad descriptor, ignoring hub [ 179.278706][ T55] hub 6-1:250.228: probe with driver hub failed with error -5 [ 179.435355][ T4646] Bluetooth: hci0: command tx timeout [ 179.486403][ T55] usblp 6-1:250.228: usblp0: USB Bidirectional printer dev 7 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 179.702996][T10562] ecryptfs_parse_options: eCryptfs: unrecognized option [&@] [ 179.706198][T10562] ecryptfs_parse_options: eCryptfs: unrecognized option [¬ª] [ 179.709623][T10562] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 179.715491][T10562] Error parsing options; rc = [-22] [ 180.024749][ T35] usb 6-1: USB disconnect, device number 7 [ 180.039251][ T35] usblp0: removed [ 180.689687][T10597] netlink: 'syz.1.2221': attribute type 1 has an invalid length. [ 180.693640][T10597] netlink: 112860 bytes leftover after parsing attributes in process `syz.1.2221'. [ 181.720060][T10626] nbd: must specify an index to disconnect [ 181.976159][T10632] ecryptfs_parse_options: eCryptfs: unrecognized option [&@] [ 181.981938][T10632] ecryptfs_parse_options: eCryptfs: unrecognized option [¬ª] [ 181.990896][T10632] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 181.995098][ T5248] misc userio: Buffer overflowed, userio client isn't keeping up [ 181.997644][T10632] Error parsing options; rc = [-22] [ 182.134240][T10649] nbd: must specify an index to disconnect [ 182.517682][ T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 182.529656][T10663] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2247'. [ 182.724736][ T9] usb 6-1: Using ep0 maxpacket: 16 [ 182.732996][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 38, changing to 9 [ 182.744839][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 182.750425][ T9] usb 6-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 182.768253][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 182.789793][ T9] usb 6-1: config 0 descriptor?? [ 183.027585][T10682] program syz.0.2253 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 183.112504][ T9] usb 6-1: string descriptor 0 read error: -71 [ 183.117919][ T9] usbhid 6-1:0.0: can't add hid device: -71 [ 183.121387][ T9] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 183.127199][ T9] usb 6-1: USB disconnect, device number 8 [ 183.256228][ T5248] input: PS/2 Generic Mouse as /devices/serio4/input/input22 [ 183.474692][ T5248] psmouse serio4: Failed to enable mouse on [ 183.534726][ T35] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 183.714788][ T35] usb 5-1: Using ep0 maxpacket: 8 [ 183.719986][ T35] usb 5-1: config index 0 descriptor too short (expected 5924, got 36) [ 183.725356][T10709] 9pnet_fd: Insufficient options for proto=fd [ 183.728353][ T35] usb 5-1: config 250 has an invalid interface number: 228 but max is -1 [ 183.733441][ T35] usb 5-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 183.739379][ T35] usb 5-1: config 250 has no interface number 0 [ 183.745044][ T35] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 183.750611][ T35] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 183.755443][ T35] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 183.760282][ T35] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 183.766060][ T35] usb 5-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 183.772255][ T35] usb 5-1: config 250 interface 228 has no altsetting 0 [ 183.779967][ T35] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 183.784240][ T35] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 183.788168][ T35] usb 5-1: Product: syz [ 183.792301][ T35] usb 5-1: SerialNumber: syz [ 183.798392][ T35] hub 5-1:250.228: bad descriptor, ignoring hub [ 183.801161][ T35] hub 5-1:250.228: probe with driver hub failed with error -5 [ 183.855172][T10714] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2268'. [ 183.928740][ T39] kauditd_printk_skb: 8 callbacks suppressed [ 183.928757][ T39] audit: type=1800 audit(1719515003.245:72): pid=10719 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2270" name="bus" dev="sda1" ino=1947 res=0 errno=0 [ 184.069437][ T35] usblp 5-1:250.228: usblp0: USB Bidirectional printer dev 9 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 184.470513][T10733] bond0: Error: Cannot enslave bond to itself. [ 184.555659][ T35] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 184.604973][ T1400] usb 5-1: USB disconnect, device number 9 [ 184.610073][ T1400] usblp0: removed [ 184.738304][T10744] program syz.1.2280 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 184.744770][ T35] usb 7-1: Using ep0 maxpacket: 16 [ 184.749506][ T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 38, changing to 9 [ 184.754279][ T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 184.764186][ T35] usb 7-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 184.772230][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.779211][ T35] usb 7-1: config 0 descriptor?? [ 184.809784][T10746] 9pnet_fd: Insufficient options for proto=fd [ 185.157163][ T35] usb 7-1: string descriptor 0 read error: -71 [ 185.164411][ T35] usbhid 7-1:0.0: can't add hid device: -71 [ 185.167889][ T35] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 185.173857][ T35] usb 7-1: USB disconnect, device number 5 [ 185.241320][T10766] program syz.3.2289 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 185.368067][T10773] 9pnet_fd: Insufficient options for proto=fd [ 185.836714][T10801] xt_CT: You must specify a L4 protocol and not use inversions on it [ 186.238415][T10824] netlink: 'syz.0.2310': attribute type 11 has an invalid length. [ 186.272689][T10831] fscrypt (sda1, inode 1969): Can't use IV_INO_LBLK_64 policy with contents mode other than AES-256-XTS [ 186.444882][ T1400] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 186.602277][ C1] vcan0: j1939_tp_rxtimer: 0xffff888027a4ec00: rx timeout, send abort [ 186.624898][ T1400] usb 8-1: Using ep0 maxpacket: 16 [ 186.629421][ T1400] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 38, changing to 9 [ 186.634358][ T1400] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 186.638562][ T1400] usb 8-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00 [ 186.643159][ T1400] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 186.650763][ T1400] usb 8-1: config 0 descriptor?? [ 186.811221][T10864] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 186.870009][T10864] evm: overlay not supported [ 187.005096][ T1400] usb 8-1: string descriptor 0 read error: -71 [ 187.012427][ T1400] usbhid 8-1:0.0: can't add hid device: -71 [ 187.017740][ T1400] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 187.025275][ T1400] usb 8-1: USB disconnect, device number 8 [ 187.108626][ C1] vcan0: j1939_tp_rxtimer: 0xffff888027a4ec00: abort rx timeout. Force session deactivation [ 187.288069][T10889] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 187.293560][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802ba84c00: rx timeout, send abort [ 187.345343][ T5237] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 187.547760][ T5237] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 187.553050][ T5237] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 187.564921][ T5237] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 187.569283][ T5237] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 187.589559][ T5237] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 187.593263][ T5237] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 187.598165][ T5237] usb 6-1: Manufacturer: syz [ 187.615347][ T5237] usb 6-1: config 0 descriptor?? [ 187.796566][ C0] vcan0: j1939_tp_rxtimer: 0xffff88802ba84c00: abort rx timeout. Force session deactivation [ 188.070832][ T5237] appleir 0003:05AC:8243.000B: unknown main item tag 0x0 [ 188.074539][ T5237] appleir 0003:05AC:8243.000B: No inputs registered, leaving [ 188.092018][ T5237] appleir 0003:05AC:8243.000B: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 188.346355][T10909] netlink: 'syz.2.2346': attribute type 11 has an invalid length. [ 188.725427][T10924] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2360'. [ 188.729471][T10924] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2360'. [ 188.730417][T10912] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2338'. [ 188.861860][ T55] usb 6-1: USB disconnect, device number 9 [ 189.168150][ T39] audit: type=1800 audit(1719515008.485:73): pid=10945 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2370" name="file0" dev="sda1" ino=1957 res=0 errno=0 [ 189.185073][ T39] audit: type=1804 audit(1719515008.485:74): pid=10945 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2370" name="/syzkaller.OjN69i/247/file0" dev="sda1" ino=1957 res=1 errno=0 [ 189.266843][T10952] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2373'. [ 189.340827][T10952] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2373'. [ 189.632077][T10961] netlink: 'syz.2.2374': attribute type 11 has an invalid length. [ 189.685666][ T39] audit: type=1800 audit(1719515009.005:75): pid=10973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2382" name="file0" dev="sda1" ino=1970 res=0 errno=0 [ 189.702271][ T39] audit: type=1804 audit(1719515009.015:76): pid=10973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2382" name="/syzkaller.yaTRjy/100/file0" dev="sda1" ino=1970 res=1 errno=0 [ 190.134700][ T5244] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 190.171686][ T5206] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 190.177128][ T5206] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 190.182147][ T5206] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 190.196979][ T5206] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 190.204981][ T5206] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 190.215043][ T5206] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 190.337302][ T5244] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 190.342697][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 190.348190][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 190.352549][ T5244] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 190.361247][ T5244] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 190.365607][ T5244] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 190.369122][ T5244] usb 5-1: Manufacturer: syz [ 190.373424][ T5244] usb 5-1: config 0 descriptor?? [ 190.481394][ T82] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.535484][ T39] audit: type=1800 audit(1719515009.855:77): pid=10995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2392" name="file0" dev="sda1" ino=1960 res=0 errno=0 [ 190.549696][ T39] audit: type=1804 audit(1719515009.865:78): pid=10995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2392" name="/syzkaller.PwHire/100/file0" dev="sda1" ino=1960 res=1 errno=0 [ 190.602677][ T82] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.629387][T10981] chnl_net:caif_netlink_parms(): no params data found [ 190.698612][T11001] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2394'. [ 190.799330][ T82] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.828351][ T5244] appleir 0003:05AC:8243.000C: unknown main item tag 0x0 [ 190.832142][ T5244] appleir 0003:05AC:8243.000C: No inputs registered, leaving [ 190.839063][ T5244] appleir 0003:05AC:8243.000C: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 190.863242][T11009] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2394'. [ 190.877298][T10981] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.880552][T10981] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.883809][T10981] bridge_slave_0: entered allmulticast mode [ 190.896034][T10981] bridge_slave_0: entered promiscuous mode [ 190.957875][ T82] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.983515][T10981] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.988030][T10981] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.991325][T10981] bridge_slave_1: entered allmulticast mode [ 190.995452][T10981] bridge_slave_1: entered promiscuous mode [ 191.035967][ T39] audit: type=1800 audit(1719515010.355:79): pid=11021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2403" name="file0" dev="sda1" ino=1960 res=0 errno=0 [ 191.050342][ T39] audit: type=1804 audit(1719515010.355:80): pid=11021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2403" name="/syzkaller.OjN69i/258/file0" dev="sda1" ino=1960 res=1 errno=0 [ 191.083717][T10981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 191.098153][T10981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.122398][T11023] kvm: kvm [11022]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x40000007) = 0x0 [ 191.213692][T10981] team0: Port device team_slave_0 added [ 191.236972][T10981] team0: Port device team_slave_1 added [ 191.240146][ T82] team0: left allmulticast mode [ 191.242394][ T82] team_slave_0: left allmulticast mode [ 191.245476][ T82] team_slave_1: left allmulticast mode [ 191.248122][ T82] bridge0: port 3(team0) entered disabled state [ 191.252530][ T82] bridge_slave_1: left allmulticast mode [ 191.254506][ T82] bridge_slave_1: left promiscuous mode [ 191.257013][ T82] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.268614][ T82] bridge_slave_0: left allmulticast mode [ 191.271149][ T82] bridge_slave_0: left promiscuous mode [ 191.273862][ T82] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.040379][ T1089] smc: removing ib device syz0 [ 192.053265][ T82] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 192.063154][ T82] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 192.071234][ T82] bond0 (unregistering): Released all slaves [ 192.095174][ T82] bond1 (unregistering): Released all slaves [ 192.103991][ T82] bond2 (unregistering): Released all slaves [ 192.204986][ T5249] usb 5-1: reset high-speed USB device number 10 using dummy_hcd [ 192.305254][ T4646] Bluetooth: hci2: command tx timeout [ 192.452705][T11034] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2385'. [ 192.457873][T11039] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2406'. [ 192.572576][T11045] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2407'. [ 192.609221][T10981] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 192.611865][T10981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.623641][T10981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 192.644762][T10981] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 192.647949][T10981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.665437][T10981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 192.845433][ T82] tipc: Disabling bearer [ 192.851346][ T82] tipc: Left network mode [ 192.907050][T10981] hsr_slave_0: entered promiscuous mode [ 192.914035][T10981] hsr_slave_1: entered promiscuous mode [ 192.918414][T10981] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 192.921646][T10981] Cannot create hsr debugfs directory [ 192.933469][T11057] fscrypt: key with description 'fscrypt:0000111122223333' has invalid payload [ 193.018281][T11059] kvm: kvm [11058]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x40000007) = 0x0 [ 193.208533][ T82] hsr_slave_0: left promiscuous mode [ 193.212074][ T82] hsr_slave_1: left promiscuous mode [ 193.215604][ T82] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 193.218945][ T82] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 193.223792][ T82] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 193.228756][ T82] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 193.281191][ T82] veth1_macvtap: left promiscuous mode [ 193.283913][ T82] veth0_macvtap: left promiscuous mode [ 193.286665][ T82] veth1_vlan: left promiscuous mode [ 193.289276][ T82] veth0_vlan: left promiscuous mode [ 193.471240][ T5248] usb 5-1: USB disconnect, device number 10 [ 194.384799][ T4646] Bluetooth: hci2: command tx timeout [ 194.489719][ T82] team_slave_1 (unregistering): left promiscuous mode [ 194.497748][ T82] team0 (unregistering): Port device team_slave_1 removed [ 194.591864][ T82] team_slave_0 (unregistering): left promiscuous mode [ 194.597219][ T82] team0 (unregistering): Port device team_slave_0 removed [ 195.886133][T10981] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 195.906806][T10981] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 195.919893][T10981] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 195.926712][T10981] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 196.038750][T10981] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.060826][T10981] 8021q: adding VLAN 0 to HW filter on device team0 [ 196.071725][ T5248] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.075143][ T5248] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.089816][ T5248] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.093439][ T5248] bridge0: port 2(bridge_slave_1) entered forwarding state [ 196.355309][T10981] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 196.406557][T10981] veth0_vlan: entered promiscuous mode [ 196.420342][T10981] veth1_vlan: entered promiscuous mode [ 196.451957][T10981] veth0_macvtap: entered promiscuous mode [ 196.464077][T10981] veth1_macvtap: entered promiscuous mode [ 196.467524][ T5206] Bluetooth: hci2: command tx timeout [ 196.487338][T10981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 196.492242][T10981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.498064][T10981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 196.503500][T10981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.507816][T10981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 196.512163][T10981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.520300][T10981] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 196.532339][T10981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.538038][T10981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.558186][T10981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.562084][T10981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.566902][T10981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 196.571110][T10981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 196.578916][T10981] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 196.587557][T10981] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.590675][T10981] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.597721][T10981] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.602283][T10981] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 196.673745][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 196.680618][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 196.734089][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 196.739936][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 197.210842][T11180] __nla_validate_parse: 2 callbacks suppressed [ 197.210857][T11180] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2460'. [ 197.226579][T11180] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2460'. [ 197.232850][T11180] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2460'. [ 197.238426][T11180] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2460'. [ 197.254113][T11180] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 197.513674][T11204] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2471'. [ 197.545874][ T39] audit: type=1804 audit(1719515016.855:81): pid=11202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2470" name="/syzkaller.yaTRjy/123/file0" dev="sda1" ino=1970 res=1 errno=0 [ 197.658444][T11206] netlink: 212404 bytes leftover after parsing attributes in process `syz.1.2473'. [ 198.257435][T11243] netlink: 212404 bytes leftover after parsing attributes in process `syz.1.2490'. [ 198.482998][T11264] netlink: 212404 bytes leftover after parsing attributes in process `syz.0.2499'. [ 198.544901][ T5206] Bluetooth: hci2: command tx timeout [ 199.047119][T11321] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2522'. [ 199.050962][T11321] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2522'. [ 199.055382][T11321] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 199.282355][T11346] netlink: 'syz.3.2535': attribute type 1 has an invalid length. [ 200.913591][T11398] netlink: 'syz.3.2556': attribute type 9 has an invalid length. [ 200.971466][T11398] netlink: 'syz.3.2556': attribute type 9 has an invalid length. [ 201.417278][T11425] netlink: 'syz.3.2567': attribute type 1 has an invalid length. [ 202.035555][T11448] mmap: syz.1.2577 (11448) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 202.181887][T11450] netlink: 'syz.1.2578': attribute type 1 has an invalid length. [ 202.502770][T11460] openvswitch: netlink: Flow actions attr not present in new flow. [ 202.729387][T11474] Device name cannot be null; rc = [-22] [ 202.969912][ T39] audit: type=1800 audit(1719515022.285:82): pid=11487 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2594" name="bus" dev="sda1" ino=1957 res=0 errno=0 [ 203.047082][T11493] __nla_validate_parse: 13 callbacks suppressed [ 203.047098][T11493] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2596'. [ 203.964862][T11522] openvswitch: netlink: Flow actions attr not present in new flow. [ 204.349169][T11550] openvswitch: netlink: Flow actions attr not present in new flow. [ 204.437231][T11554] Device name cannot be null; rc = [-22] [ 204.454812][T11556] netlink: 'syz.3.2627': attribute type 9 has an invalid length. [ 204.458608][T11556] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2627'. [ 204.501686][T11556] netlink: 'syz.3.2627': attribute type 9 has an invalid length. [ 204.504908][T11556] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2627'. [ 204.747508][ T8] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 204.850231][ T39] audit: type=1800 audit(1719515024.165:83): pid=11583 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2638" name="bus" dev="sda1" ino=1971 res=0 errno=0 [ 204.964771][ T8] usb 5-1: Using ep0 maxpacket: 32 [ 204.977073][ T8] usb 5-1: config 0 has no interfaces? [ 204.981673][ T8] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 204.986968][ T8] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 204.990930][ T8] usb 5-1: Product: syz [ 204.992844][ T8] usb 5-1: Manufacturer: syz [ 205.006862][ T8] usb 5-1: config 0 descriptor?? [ 205.011100][T11591] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 205.288727][ T8] usb 5-1: USB disconnect, device number 11 [ 205.292827][T11610] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 205.355426][T11614] kAFS: unable to lookup cell '.,' [ 205.680262][T11636] netlink: 'syz.1.2663': attribute type 10 has an invalid length. [ 205.686763][T11636] hsr0: entered promiscuous mode [ 205.701541][T11636] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 205.710329][T11636] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 205.716011][T11636] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 205.722312][T11636] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 205.748174][T11640] kAFS: unable to lookup cell '.,' [ 205.895896][T11649] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2663'. [ 206.577443][T11701] kAFS: unable to lookup cell '.,' [ 206.642314][T11707] ERROR: device name not specified. [ 206.773954][ T39] audit: type=1326 audit(1719515026.085:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11718 comm="syz.0.2700" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749a579 code=0x0 [ 207.065801][T11750] openvswitch: netlink: Key 0 has unexpected len 4 expected 0 [ 207.161129][T11758] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 207.284858][ T8] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 207.332593][T11770] Process accounting resumed [ 207.420949][T11781] ERROR: device name not specified. [ 207.497611][ T8] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 207.503646][ T8] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 207.504555][T11789] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 207.508698][ T8] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.526967][ T8] usb 8-1: config 0 descriptor?? [ 207.655634][T11800] netlink: 'syz.0.2740': attribute type 24 has an invalid length. [ 207.713851][T11806] ERROR: device name not specified. [ 207.858741][ T39] audit: type=1326 audit(1719515027.175:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11817 comm="syz.1.2749" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7489579 code=0x0 [ 207.955882][ T8] keytouch 0003:0926:3333.000D: fixing up Keytouch IEC report descriptor [ 207.972563][ T8] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:0926:3333.000D/input/input23 [ 208.076503][ T8] keytouch 0003:0926:3333.000D: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0 [ 208.366499][ T5244] usb 8-1: USB disconnect, device number 9 [ 208.729715][T11853] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 208.915868][T11874] netlink: 'syz.2.2770': attribute type 10 has an invalid length. [ 208.961741][T11877] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 209.205631][T11874] hsr0: entered promiscuous mode [ 209.233011][T11874] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 209.242218][T11874] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 209.247881][T11874] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 209.254379][T11874] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 209.258202][T11881] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2770'. [ 209.334504][T11887] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 209.343933][ T45] Bluetooth: hci3: Frame reassembly failed (-84) [ 209.750376][T11901] openvswitch: netlink: Key 0 has unexpected len 4 expected 0 [ 210.884900][T11923] openvswitch: netlink: Key 0 has unexpected len 4 expected 0 [ 211.289407][T11939] netlink: 'syz.1.2799': attribute type 24 has an invalid length. [ 211.344975][ T4646] Bluetooth: hci3: command 0x1003 tx timeout [ 211.346088][ T5206] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 211.598275][T11955] loop0: detected capacity change from 0 to 16384 [ 211.666244][T11955] loop0: detected capacity change from 16384 to 16320 [ 211.884812][ T39] audit: type=1326 audit(1719515031.195:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11976 comm="syz.2.2812" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7495579 code=0x0 [ 212.575567][ T5248] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 213.070313][T12044] Bluetooth: MGMT ver 1.22 [ 213.085540][ T5248] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 213.554269][T12083] IPVS: sync thread started: state = BACKUP, mcast_ifn = wg2, syncid = 2, id = 0 [ 213.591239][T12082] input: syz0 as /devices/virtual/input/input24 [ 214.293442][T12143] IPVS: sync thread started: state = BACKUP, mcast_ifn = wg2, syncid = 2, id = 0 [ 214.879701][T12177] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2899'. [ 215.058509][T12189] netlink: 'syz.0.2904': attribute type 1 has an invalid length. [ 215.062772][T12189] netlink: 'syz.0.2904': attribute type 2 has an invalid length. [ 215.296966][T12197] No such timeout policy "syz0" [ 216.136351][T12249] netlink: 'syz.2.2933': attribute type 58 has an invalid length. [ 216.143063][T12249] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2933'. [ 216.664564][T12283] No such timeout policy "syz0" [ 216.876517][T12295] batadv_slave_1: entered promiscuous mode [ 216.886140][T12294] batadv_slave_1: left promiscuous mode [ 216.958702][ T39] audit: type=1800 audit(1719515036.275:87): pid=12307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2960" name="bus" dev="sda1" ino=1965 res=0 errno=0 [ 217.187016][T12329] batadv_slave_1: entered promiscuous mode [ 217.191606][T12328] batadv_slave_1: left promiscuous mode [ 217.304665][ T39] audit: type=1800 audit(1719515036.615:88): pid=12336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2971" name="bus" dev="sda1" ino=1971 res=0 errno=0 [ 217.450810][T12349] Scaler: ================= START STATUS ================= [ 217.453948][T12349] Scaler: ================== END STATUS ================== [ 217.540877][T12354] netlink: 'syz.1.2979': attribute type 58 has an invalid length. [ 217.544525][T12354] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2979'. [ 217.612686][T12362] xt_TCPMSS: Only works on TCP SYN packets [ 217.780289][T12375] batadv_slave_1: entered promiscuous mode [ 217.784787][T12374] batadv_slave_1: left promiscuous mode [ 217.804557][T12383] netlink: 'syz.2.2992': attribute type 58 has an invalid length. [ 217.809075][T12383] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2992'. [ 217.917544][ T39] audit: type=1800 audit(1719515037.235:89): pid=12394 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2998" name="bus" dev="sda1" ino=1949 res=0 errno=0 [ 218.018267][T12405] batadv_slave_1: entered promiscuous mode [ 218.022885][T12403] batadv_slave_1: left promiscuous mode [ 218.219569][ T39] audit: type=1800 audit(1719515037.535:90): pid=12423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3010" name="bus" dev="sda1" ino=1970 res=0 errno=0 [ 218.979517][T12473] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3033'. [ 220.128874][T12512] delete_channel: no stack [ 220.149989][ T39] audit: type=1804 audit(1719515039.465:91): pid=12513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.3047" name="/syzkaller.iP3OrI/165/bus" dev="sda1" ino=1972 res=1 errno=0 [ 220.521212][T12525] fuse: Bad value for 'fd' [ 220.922829][ T39] audit: type=1800 audit(1719515040.235:92): pid=12542 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3059" name="file1" dev="sda1" ino=1972 res=0 errno=0 [ 220.936616][T12541] delete_channel: no stack [ 220.939367][ T39] audit: type=1804 audit(1719515040.245:93): pid=12538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3060" name="/syzkaller.yaTRjy/240/bus" dev="sda1" ino=1963 res=1 errno=0 [ 221.183457][ T39] audit: type=1800 audit(1719515040.495:94): pid=12563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3069" name="file1" dev="sda1" ino=1963 res=0 errno=0 [ 221.536866][T12589] program syz.0.3079 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 222.318911][T12649] program syz.0.3105 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 222.677941][ T39] audit: type=1326 audit(1719515041.995:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12673 comm="syz.3.3114" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748c579 code=0x0 [ 222.714388][T12678] netlink: 'syz.2.3116': attribute type 21 has an invalid length. [ 222.720284][T12678] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3116'. [ 222.723854][T12678] netlink: 'syz.2.3116': attribute type 1 has an invalid length. [ 222.727662][T12678] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3116'. [ 223.080522][T12703] xt_policy: too many policy elements [ 223.304877][T12725] xt_policy: too many policy elements [ 223.562264][T12753] xt_policy: too many policy elements [ 224.095919][T12810] xt_policy: too many policy elements [ 224.522508][T12852] netlink: 'syz.2.3197': attribute type 21 has an invalid length. [ 224.526388][T12852] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3197'. [ 224.530416][T12852] netlink: 'syz.2.3197': attribute type 1 has an invalid length. [ 224.533912][T12852] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3197'. [ 224.740327][ T39] audit: type=1326 audit(1719515044.045:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12858 comm="syz.2.3199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7495579 code=0x7fc00000 [ 224.805196][ T39] audit: type=1326 audit(1719515044.125:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12858 comm="syz.2.3199" exe="/syz-executor" sig=0 arch=40000003 syscall=329 compat=1 ip=0xf7495579 code=0x7fc00000 [ 224.819243][ T39] audit: type=1326 audit(1719515044.135:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12858 comm="syz.2.3199" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7495579 code=0x7fc00000 [ 224.857314][T12868] xt_TCPMSS: Only works on TCP SYN packets [ 225.806727][T12900] netlink: 'syz.2.3217': attribute type 21 has an invalid length. [ 225.810369][T12900] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3217'. [ 225.814813][T12900] netlink: 'syz.2.3217': attribute type 1 has an invalid length. [ 225.818841][T12900] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3217'. [ 225.974336][ T39] audit: type=1326 audit(1719515045.285:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12904 comm="syz.1.3220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7489579 code=0x7fc00000 [ 226.033661][ T39] audit: type=1326 audit(1719515045.345:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12904 comm="syz.1.3220" exe="/syz-executor" sig=0 arch=40000003 syscall=329 compat=1 ip=0xf7489579 code=0x7fc00000 [ 226.035338][ T5206] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 226.043976][ T39] audit: type=1326 audit(1719515045.345:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12904 comm="syz.1.3220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7489579 code=0x7fc00000 [ 226.049808][ T5206] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 226.065634][ T5206] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 226.082529][ T5206] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 226.087463][ T5206] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 226.091796][ T5206] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 226.281058][ T1136] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 226.327144][T12907] chnl_net:caif_netlink_parms(): no params data found [ 226.341007][T12923] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3226'. [ 226.413996][ T1136] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 226.585452][ T1136] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 226.630281][T12928] sp0: Synchronizing with TNC [ 226.677290][T12907] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.680902][T12907] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.684404][T12907] bridge_slave_0: entered allmulticast mode [ 226.689414][T12907] bridge_slave_0: entered promiscuous mode [ 226.768940][ T1136] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 226.782375][T12907] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.786092][T12907] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.789960][T12907] bridge_slave_1: entered allmulticast mode [ 226.794203][T12907] bridge_slave_1: entered promiscuous mode [ 226.886842][T12907] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 226.911136][T12907] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 227.029579][T12907] team0: Port device team_slave_0 added [ 227.057402][T12907] team0: Port device team_slave_1 added [ 227.069095][ T4646] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 227.079433][ T4646] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 227.086855][ T4646] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 227.093541][ T4646] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 227.098680][ T4646] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 227.103321][ T4646] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 227.173536][T12907] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 227.179082][T12907] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 227.191719][T12907] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 227.198942][T12907] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 227.202100][T12907] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 227.228032][T12907] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 227.326776][T12907] hsr_slave_0: entered promiscuous mode [ 227.330486][T12907] hsr_slave_1: entered promiscuous mode [ 227.334067][T12907] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 227.339479][T12907] Cannot create hsr debugfs directory [ 227.386913][ T1136] bridge_slave_1: left allmulticast mode [ 227.389261][ T1136] bridge_slave_1: left promiscuous mode [ 227.392939][ T1136] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.400504][ T1136] bridge_slave_0: left promiscuous mode [ 227.402878][ T1136] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.920115][ T1136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 227.932690][ T1136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 227.939242][ T1136] bond0 (unregistering): Released all slaves [ 228.149192][ T1136] IPVS: stopping backup sync thread 12083 ... [ 228.155110][ T4646] Bluetooth: hci0: command tx timeout [ 228.291806][T12943] chnl_net:caif_netlink_parms(): no params data found [ 228.436216][T12943] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.439556][T12943] bridge0: port 1(bridge_slave_0) entered disabled state [ 228.442878][T12943] bridge_slave_0: entered allmulticast mode [ 228.448251][T12943] bridge_slave_0: entered promiscuous mode [ 228.457242][ T1136] hsr_slave_0: left promiscuous mode [ 228.461210][ T1136] hsr_slave_1: left promiscuous mode [ 228.465675][ T1136] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 228.469849][ T1136] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 228.473410][ T1136] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 228.476925][ T1136] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 228.523978][ T1136] veth1_macvtap: left promiscuous mode [ 228.526808][ T1136] veth0_macvtap: left promiscuous mode [ 228.529564][ T1136] veth1_vlan: left promiscuous mode [ 228.532096][ T1136] veth0_vlan: left promiscuous mode [ 229.186002][ T4646] Bluetooth: hci3: command tx timeout [ 229.659955][ T1136] team0 (unregistering): Port device team_slave_1 removed [ 229.793129][ T1136] team0 (unregistering): Port device team_slave_0 removed [ 230.255813][ T4646] Bluetooth: hci0: command tx timeout [ 230.989509][T12943] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.992256][T12943] bridge0: port 2(bridge_slave_1) entered disabled state [ 230.995697][T12943] bridge_slave_1: entered allmulticast mode [ 230.999891][T12943] bridge_slave_1: entered promiscuous mode [ 231.062949][T12943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 231.070841][T12943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 231.155772][T12943] team0: Port device team_slave_0 added [ 231.163678][T12943] team0: Port device team_slave_1 added [ 231.265014][ T4646] Bluetooth: hci3: command tx timeout [ 231.276916][T12943] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 231.279586][T12943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 231.291846][T12943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 231.316540][T12943] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 231.319696][T12943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 231.329531][T12943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 231.359985][T12907] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 231.368995][T12907] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 231.402888][T12907] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 231.429441][T12907] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 231.448194][T12943] hsr_slave_0: entered promiscuous mode [ 231.451855][T12943] hsr_slave_1: entered promiscuous mode [ 231.670346][T12943] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.727705][T12907] 8021q: adding VLAN 0 to HW filter on device bond0 [ 231.771810][T12907] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.801673][T12943] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.813365][ T5249] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.817465][ T5249] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.838550][ T1400] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.842149][ T1400] bridge0: port 2(bridge_slave_1) entered forwarding state [ 231.901029][T12943] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 231.999007][T12943] bond0: (slave netdevsim0): Releasing backup interface [ 232.003375][T12943] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.082562][T12907] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.094891][ T1136] team0: left allmulticast mode [ 232.097139][ T1136] team_slave_0: left allmulticast mode [ 232.099560][ T1136] team_slave_1: left allmulticast mode [ 232.102265][ T1136] bridge0: port 3(team0) entered disabled state [ 232.108968][ T1136] bridge_slave_1: left allmulticast mode [ 232.111492][ T1136] bridge_slave_1: left promiscuous mode [ 232.114107][ T1136] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.121104][ T1136] bridge_slave_0: left allmulticast mode [ 232.123592][ T1136] bridge_slave_0: left promiscuous mode [ 232.128383][ T1136] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.311309][ T4646] Bluetooth: hci0: command tx timeout [ 232.780862][ T1136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 232.788566][ T1136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 232.795436][ T1136] bond0 (unregistering): Released all slaves [ 232.812893][T12984] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3246'. [ 232.911160][T12943] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 232.928422][T12943] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 232.936060][T12943] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 232.942954][T12943] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 232.964818][T12994] can: request_module (can-proto-0) failed. [ 232.991132][T12907] veth0_vlan: entered promiscuous mode [ 233.085372][T12907] veth1_vlan: entered promiscuous mode [ 233.212372][T12907] veth0_macvtap: entered promiscuous mode [ 233.224023][ T1136] hsr_slave_0: left promiscuous mode [ 233.227725][ T1136] hsr_slave_1: left promiscuous mode [ 233.230195][ T1136] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 233.233178][ T1136] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 233.243822][ T1136] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 233.248340][ T1136] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 233.288829][ T1136] veth1_macvtap: left promiscuous mode [ 233.291657][ T1136] veth0_macvtap: left promiscuous mode [ 233.294336][ T1136] veth1_vlan: left promiscuous mode [ 233.296944][ T1136] veth0_vlan: left promiscuous mode [ 233.344910][ T4646] Bluetooth: hci3: command tx timeout [ 234.046993][T13019] fuse: Bad value for 'fd' [ 234.384742][ T4646] Bluetooth: hci0: command tx timeout [ 234.463665][ T1136] team_slave_1 (unregistering): left promiscuous mode [ 234.467068][T13034] fuse: Bad value for 'fd' [ 234.470701][ T1136] team0 (unregistering): Port device team_slave_1 removed [ 234.617582][ T1136] team_slave_0 (unregistering): left promiscuous mode [ 234.622144][ T1136] team0 (unregistering): Port device team_slave_0 removed [ 235.428680][ T4646] Bluetooth: hci3: command tx timeout [ 235.510772][T12907] veth1_macvtap: entered promiscuous mode [ 235.521211][T12943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 235.563129][T12907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.567395][T12907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.571276][T12907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 235.576436][T12907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.581302][T12907] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 235.593219][T12943] 8021q: adding VLAN 0 to HW filter on device team0 [ 235.616657][T13047] bridge0: port 1(bridge_slave_0) entered blocking state [ 235.619625][T13047] bridge0: port 1(bridge_slave_0) entered forwarding state [ 235.626149][T12907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.630503][T12907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.634365][T12907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 235.638442][T12907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 235.643289][T12907] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 235.659498][T13047] bridge0: port 2(bridge_slave_1) entered blocking state [ 235.662689][T13047] bridge0: port 2(bridge_slave_1) entered forwarding state [ 235.674663][T12907] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.678254][T12907] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.681849][T12907] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.687716][T12907] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 235.803539][ T1089] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.807372][ T1089] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.828200][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.831757][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.936366][T12943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 235.951704][ T1089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.955075][ T1089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.979802][T12943] veth0_vlan: entered promiscuous mode [ 235.990758][T12943] veth1_vlan: entered promiscuous mode [ 236.027980][T12943] veth0_macvtap: entered promiscuous mode [ 236.039064][T13062] bridge0: port 2(bridge_slave_1) entered disabled state [ 236.051994][T12943] veth1_macvtap: entered promiscuous mode [ 236.081667][T12943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.087267][T12943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.091405][T12943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.095700][T12943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.099528][T12943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 236.103290][T12943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.110797][T12943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 236.117541][T12943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.122148][T12943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.126982][T12943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.131018][T12943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.135298][T12943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 236.135310][T12943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 236.136903][T12943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 236.156394][T12943] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.160691][T12943] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.164943][T12943] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.168750][T12943] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 236.218838][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.223257][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.246586][ T1089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.249983][ T1089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.588961][T13084] VFS: could not find a valid V7 on nullb0. [ 236.750070][T13098] bridge0: port 2(bridge_slave_1) entered disabled state [ 236.805486][T13100] netlink: 'syz.1.3291': attribute type 1 has an invalid length. [ 237.399598][T13106] batadv0: entered promiscuous mode [ 237.411092][T13106] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 237.646529][T13125] tc_dump_action: action bad kind [ 237.715984][ T39] audit: type=1326 audit(1719515057.035:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13124 comm="syz.3.3303" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7418579 code=0x0 [ 237.904880][T13047] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 238.081982][ T39] audit: type=1326 audit(1719515057.395:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13147 comm="syz.1.3313" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7489579 code=0x0 [ 238.094730][T13047] usb 7-1: Using ep0 maxpacket: 16 [ 238.099657][T13047] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA5 has invalid maxpacket 104 [ 238.107676][T13047] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 238.112211][T13047] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 238.116113][T13047] usb 7-1: Product: syz [ 238.118027][T13047] usb 7-1: Manufacturer: syz [ 238.120185][T13047] usb 7-1: SerialNumber: syz [ 238.124561][T13047] usb 7-1: config 0 descriptor?? [ 238.127869][T13121] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 238.138909][T13047] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input25 [ 238.157324][ C1] usbtouchscreen 7-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -1 [ 238.358256][ T5243] usb 7-1: USB disconnect, device number 6 [ 239.064853][T13170] IPv4: Oversized IP packet from 136.202.26.0 [ 239.084860][T13172] fuse: Bad value for 'fd' [ 240.564286][T13218] fuse: blksize only supported for fuseblk [ 240.753647][T13239] fuse: Bad value for 'fd' [ 240.949713][T13251] fuse: Bad value for 'fd' [ 240.958194][ T39] audit: type=1326 audit(1719515060.275:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13254 comm="syz.2.3361" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73e4579 code=0x7ffc0000 [ 240.968520][ T39] audit: type=1326 audit(1719515060.275:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13254 comm="syz.2.3361" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73e4579 code=0x7ffc0000 [ 240.982655][ T39] audit: type=1326 audit(1719515060.285:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13254 comm="syz.2.3361" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf73e4579 code=0x7ffc0000 [ 240.996547][ T39] audit: type=1326 audit(1719515060.285:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13254 comm="syz.2.3361" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73e4579 code=0x7ffc0000 [ 241.008919][ T39] audit: type=1326 audit(1719515060.285:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13254 comm="syz.2.3361" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73e4579 code=0x7ffc0000 [ 241.019855][ T39] audit: type=1326 audit(1719515060.285:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13254 comm="syz.2.3361" exe="/syz-executor" sig=0 arch=40000003 syscall=85 compat=1 ip=0xf73e4579 code=0x7ffc0000 [ 241.031065][ T39] audit: type=1326 audit(1719515060.295:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13254 comm="syz.2.3361" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73e4579 code=0x7ffc0000 [ 241.044045][ T39] audit: type=1326 audit(1719515060.295:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13254 comm="syz.2.3361" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73e4579 code=0x7ffc0000 [ 241.262755][T13275] pim6reg: entered allmulticast mode [ 241.292861][T13275] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3371'. [ 241.505928][T13300] xt_CT: You must specify a L4 protocol and not use inversions on it [ 241.590481][T13311] tc_dump_action: action bad kind [ 242.046147][T13330] xt_CT: You must specify a L4 protocol and not use inversions on it [ 242.335148][T13350] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 242.455137][T13047] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 242.637850][T13047] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 242.642092][T13047] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 242.647779][T13047] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 242.651680][T13047] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 242.658107][T13047] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 242.664492][T13047] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 242.670995][T13047] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 242.674440][T13047] usb 5-1: Product: syz [ 242.677973][T13047] usb 5-1: Manufacturer: syz [ 242.684429][T13047] cdc_wdm 5-1:1.0: skipping garbage [ 242.687884][T13047] cdc_wdm 5-1:1.0: skipping garbage [ 242.691404][T13047] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 242.694042][T13047] cdc_wdm 5-1:1.0: Unknown control protocol [ 242.890303][T13047] usb 5-1: USB disconnect, device number 12 [ 243.181053][T13390] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 243.984940][ T4646] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 243.988809][ T4646] Bluetooth: hci2: Injecting HCI hardware error event [ 243.994308][ T4646] Bluetooth: hci2: hardware error 0x00 [ 244.097868][T13438] overlayfs: statfs failed on './file0' [ 245.123942][T13517] syzkaller0: entered promiscuous mode [ 245.126874][T13517] syzkaller0: entered allmulticast mode [ 245.152856][T13517] syzkaller0: create flow: hash 2700174410 index 1 [ 245.183552][T13521] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3482'. [ 245.210351][T13516] syzkaller0: delete flow: hash 2700174410 index 1 [ 246.065039][ T4646] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 247.184988][ T4646] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 247.190303][ T4646] Bluetooth: hci0: Injecting HCI hardware error event [ 247.195814][ T5206] Bluetooth: hci0: hardware error 0x00 [ 247.641628][T13586] Invalid ELF header magic: != ELF [ 247.713348][ T39] kauditd_printk_skb: 17 callbacks suppressed [ 247.713364][ T39] audit: type=1326 audit(1719515067.025:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13547 comm="syz.1.3493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7489579 code=0x7fc00000 [ 247.728481][ T39] audit: type=1326 audit(1719515067.045:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13547 comm="syz.1.3493" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7489579 code=0x7fc00000 [ 247.739437][ T39] audit: type=1326 audit(1719515067.045:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13547 comm="syz.1.3493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7489579 code=0x7fc00000 [ 247.757136][ T39] audit: type=1326 audit(1719515067.045:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13547 comm="syz.1.3493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7489579 code=0x7fc00000 [ 247.774694][ T39] audit: type=1326 audit(1719515067.045:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13547 comm="syz.1.3493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7489579 code=0x7fc00000 [ 247.783119][ T39] audit: type=1326 audit(1719515067.045:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13547 comm="syz.1.3493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7489579 code=0x7fc00000 [ 247.793521][ T39] audit: type=1326 audit(1719515067.045:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13547 comm="syz.1.3493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7489579 code=0x7fc00000 [ 247.803566][ T39] audit: type=1326 audit(1719515067.045:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13547 comm="syz.1.3493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7489579 code=0x7fc00000 [ 247.891154][T13602] netlink: 'syz.0.3516': attribute type 62 has an invalid length. [ 248.052537][T13619] __vm_enough_memory: pid: 13619, comm: syz.1.3525, bytes: 4294963200 not enough memory for the allocation [ 248.130607][T13623] netlink: 'syz.1.3527': attribute type 62 has an invalid length. [ 248.151354][ T4646] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 248.157529][ T4646] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 248.161942][ T4646] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 248.171889][ T4646] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 248.178542][ T4646] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 248.182914][ T4646] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 248.295188][ T5267] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 248.344704][T13639] __vm_enough_memory: pid: 13639, comm: syz.1.3533, bytes: 4294963200 not enough memory for the allocation [ 248.383907][T13624] chnl_net:caif_netlink_parms(): no params data found [ 248.471738][T13649] netlink: 'syz.1.3536': attribute type 62 has an invalid length. [ 248.475826][ T5267] usb 5-1: Using ep0 maxpacket: 32 [ 248.477146][ T5267] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 248.481915][ T5267] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 248.485787][ T5267] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 248.495986][ T5267] usb 5-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 248.499328][ T5267] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 248.502376][ T5267] usb 5-1: Product: syz [ 248.503847][ T5267] usb 5-1: Manufacturer: syz [ 248.508854][ T5267] usb 5-1: SerialNumber: syz [ 248.512403][T13617] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 248.512412][T13624] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.513459][T13651] Invalid ELF header magic: != ELF [ 248.517399][ T5267] input: appletouch as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/input/input26 [ 248.519460][T13624] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.534974][T13624] bridge_slave_0: entered allmulticast mode [ 248.537888][ C3] appletouch 5-1:1.0: atp_complete: usb_submit_urb failed with result -1 [ 248.540605][T13624] bridge_slave_0: entered promiscuous mode [ 248.549315][T13624] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.553463][T13624] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.558462][T13624] bridge_slave_1: entered allmulticast mode [ 248.562139][T13624] bridge_slave_1: entered promiscuous mode [ 248.637845][T13624] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 248.643067][T13624] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 248.710518][T13624] team0: Port device team_slave_0 added [ 248.716455][T13624] team0: Port device team_slave_1 added [ 248.755504][ T5248] usb 5-1: USB disconnect, device number 13 [ 248.766475][ T5248] appletouch 5-1:1.0: input: appletouch disconnected [ 248.782384][T13624] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 248.788784][T13624] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 248.801256][T13624] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 248.812016][T13624] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 248.815027][T13624] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 248.826110][T13624] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 248.902461][T13624] hsr_slave_0: entered promiscuous mode [ 248.908467][T13624] hsr_slave_1: entered promiscuous mode [ 248.919094][T13624] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 248.922470][T13624] Cannot create hsr debugfs directory [ 249.132243][T13624] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.158787][T13667] tipc: Started in network mode [ 249.160988][T13667] tipc: Node identity f0, cluster identity 4711 [ 249.163664][T13667] tipc: Node number set to 240 [ 249.250824][T13624] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.264787][ T5206] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 249.367792][T13624] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.478404][T13683] Invalid ELF header magic: != ELF [ 249.523318][T13624] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.634814][ T45] bridge_slave_1: left allmulticast mode [ 249.637150][ T45] bridge_slave_1: left promiscuous mode [ 249.640273][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.650904][ T45] bridge_slave_0: left allmulticast mode [ 249.653146][ T45] bridge_slave_0: left promiscuous mode [ 249.656161][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.171417][ T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 250.177990][ T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 250.184291][ T45] bond0 (unregistering): Released all slaves [ 250.228064][ T5206] Bluetooth: hci4: command tx timeout [ 250.255100][T13624] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 250.263812][T13624] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 250.280149][T13624] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 250.286530][T13624] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 250.397588][T13709] pimreg: entered allmulticast mode [ 250.439386][T13624] 8021q: adding VLAN 0 to HW filter on device bond0 [ 250.470793][T13624] 8021q: adding VLAN 0 to HW filter on device team0 [ 250.514502][ T1400] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.517670][ T1400] bridge0: port 1(bridge_slave_0) entered forwarding state [ 250.539385][ T1400] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.542411][ T1400] bridge0: port 2(bridge_slave_1) entered forwarding state [ 250.567150][ T45] hsr_slave_0: left promiscuous mode [ 250.570222][ T45] hsr_slave_1: left promiscuous mode [ 250.573815][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 250.578032][ T45] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 250.582412][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 250.586368][ T45] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 250.632083][ T45] veth1_macvtap: left promiscuous mode [ 250.634229][ T45] veth0_macvtap: left promiscuous mode [ 250.636498][ T45] veth1_vlan: left promiscuous mode [ 250.638381][ T45] veth0_vlan: left promiscuous mode [ 251.955695][ T45] team0 (unregistering): Port device team_slave_1 removed [ 252.163487][ T5207] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 252.179756][ T5207] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 252.180364][ T45] team0 (unregistering): Port device team_slave_0 removed [ 252.186190][ T5207] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 252.190602][ T5207] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 252.195720][ T5207] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 252.199339][ T5207] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 252.304863][ T5207] Bluetooth: hci4: command tx timeout [ 253.477222][T13624] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 253.515747][T13723] chnl_net:caif_netlink_parms(): no params data found [ 253.636616][T13624] veth0_vlan: entered promiscuous mode [ 253.686275][T13723] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.689092][T13723] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.694447][T13723] bridge_slave_0: entered allmulticast mode [ 253.698416][T13723] bridge_slave_0: entered promiscuous mode [ 253.707907][T13624] veth1_vlan: entered promiscuous mode [ 253.714244][T13723] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.718132][T13723] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.721668][T13723] bridge_slave_1: entered allmulticast mode [ 253.726377][T13723] bridge_slave_1: entered promiscuous mode [ 253.805566][T13723] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 253.811739][T13723] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 253.858993][ T45] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 253.950162][T13723] team0: Port device team_slave_0 added [ 253.959902][T13723] team0: Port device team_slave_1 added [ 253.976588][ T45] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.041660][T13723] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 254.044348][T13723] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 254.058196][T13723] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 254.086383][ T45] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.097853][T13723] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 254.100948][T13723] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 254.110038][T13723] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 254.260931][ T45] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.270610][T13624] veth0_macvtap: entered promiscuous mode [ 254.296013][T13723] hsr_slave_0: entered promiscuous mode [ 254.304890][ T5207] Bluetooth: hci0: command tx timeout [ 254.304898][T13723] hsr_slave_1: entered promiscuous mode [ 254.310420][T13723] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 254.313767][T13723] Cannot create hsr debugfs directory [ 254.346802][T13624] veth1_macvtap: entered promiscuous mode [ 254.384739][ T5207] Bluetooth: hci4: command tx timeout [ 254.449424][T13624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 254.454389][T13624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 254.459197][T13624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 254.464283][T13624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 254.468560][T13624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 254.472748][T13624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 254.478363][T13624] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 254.516346][ T45] bridge_slave_1: left allmulticast mode [ 254.519422][ T45] bridge_slave_1: left promiscuous mode [ 254.522232][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 254.528661][ T45] bridge_slave_0: left allmulticast mode [ 254.531091][ T45] bridge_slave_0: left promiscuous mode [ 254.533394][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 254.945633][ T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 254.953672][ T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 254.960532][ T45] bond0 (unregistering): Released all slaves [ 254.980545][T13624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 254.984031][T13624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 254.989110][T13624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 254.993628][T13624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 254.998866][T13624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 255.002917][T13624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.008473][T13624] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 256.386202][ T5207] Bluetooth: hci0: command tx timeout [ 256.471638][ T5207] Bluetooth: hci4: command tx timeout [ 256.979802][T13624] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.983412][T13624] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.987256][T13624] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.990439][T13624] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.123725][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.128934][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.208842][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.212409][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.302296][ T45] hsr_slave_0: left promiscuous mode [ 257.316320][ T45] hsr_slave_1: left promiscuous mode [ 257.319758][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 257.323149][ T45] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 257.331521][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 257.335612][ T45] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 257.387266][ T45] veth1_macvtap: left promiscuous mode [ 257.389801][ T45] veth0_macvtap: left promiscuous mode [ 257.392412][ T45] veth1_vlan: left promiscuous mode [ 257.395125][ T45] veth0_vlan: left promiscuous mode [ 258.465066][ T5207] Bluetooth: hci0: command tx timeout [ 258.571738][ T45] team0 (unregistering): Port device team_slave_1 removed [ 258.663894][ T45] team0 (unregistering): Port device team_slave_0 removed [ 259.558161][T13723] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 259.569820][T13723] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 259.584204][T13857] netlink: 'syz.1.3614': attribute type 15 has an invalid length. [ 259.597131][T13723] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 259.617000][T13723] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 259.759046][T13870] binder: 13869:13870 ioctl c018620b 0 returned -14 [ 259.764259][T13723] 8021q: adding VLAN 0 to HW filter on device bond0 [ 259.781488][T13723] 8021q: adding VLAN 0 to HW filter on device team0 [ 259.806152][ T5243] bridge0: port 1(bridge_slave_0) entered blocking state [ 259.809373][ T5243] bridge0: port 1(bridge_slave_0) entered forwarding state [ 259.814307][ T5243] bridge0: port 2(bridge_slave_1) entered blocking state [ 259.817903][ T5243] bridge0: port 2(bridge_slave_1) entered forwarding state [ 260.054261][T13723] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 260.544849][ T5207] Bluetooth: hci0: command tx timeout [ 262.210333][T13723] veth0_vlan: entered promiscuous mode [ 262.222522][T13723] veth1_vlan: entered promiscuous mode [ 262.257024][T13723] veth0_macvtap: entered promiscuous mode [ 262.264537][T13723] veth1_macvtap: entered promiscuous mode [ 262.281110][T13723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.287800][T13723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.292427][T13723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.299006][T13723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.303294][T13723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.308422][T13723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.319921][T13723] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 262.336187][T13723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.340910][T13723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.347418][T13723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.351983][T13723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.356417][T13723] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.361121][T13723] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.368327][T13723] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 262.377111][T13723] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.381796][T13723] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.388858][T13723] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.392676][T13723] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.455533][ T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 262.458999][ T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 262.467244][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 262.470831][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 263.103957][T13947] netlink: 'syz.3.3649': attribute type 4 has an invalid length. [ 263.298239][T13968] overlayfs: failed to create directory ./bus/work (errno: 28); mounting read-only [ 263.303117][T13968] overlayfs: failed to set uuid (/file1, err=-28); falling back to uuid=null. [ 263.629880][ T9] hid-generic 0000:0000:0000.000E: item fetching failed at offset 0/1 [ 263.633997][ T9] hid-generic 0000:0000:0000.000E: probe with driver hid-generic failed with error -22 [ 263.805759][T13994] [ 263.806835][T13994] ===================================================== [ 263.810337][T13994] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 263.813692][T13994] 6.10.0-rc5-syzkaller-00155-g66e55ff12e73 #0 Not tainted [ 263.816297][T13994] ----------------------------------------------------- [ 263.821142][T13994] syz.3.3669/13994 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 263.824657][T13994] ffff88802748d168 (&new->fa_lock){...-}-{2:2}, at: kill_fasync+0x138/0x4f0 [ 263.828800][T13994] [ 263.828800][T13994] and this task is already holding: [ 263.832677][T13994] ffff8880577b8028 (&client->buffer_lock){-.-.}-{2:2}, at: evdev_pass_values+0x10e/0x9b0 [ 263.837518][T13994] which would create a new lock dependency: [ 263.840086][T13994] (&client->buffer_lock){-.-.}-{2:2} -> (&new->fa_lock){...-}-{2:2} [ 263.843489][T13994] [ 263.843489][T13994] but this new dependency connects a HARDIRQ-irq-safe lock: [ 263.847436][T13994] (&client->buffer_lock){-.-.}-{2:2} [ 263.847464][T13994] [ 263.847464][T13994] ... which became HARDIRQ-irq-safe at: [ 263.853179][T13994] lock_acquire+0x1b1/0x560 [ 263.855540][T13994] _raw_spin_lock+0x2e/0x40 [ 263.857962][T13994] evdev_pass_values+0x10e/0x9b0 [ 263.860342][T13994] evdev_events+0x1b7/0x390 [ 263.862379][T13994] input_to_handler+0x2a1/0x4d0 [ 263.864515][T13994] input_pass_values+0x5c9/0x840 [ 263.866689][T13994] input_event_dispose+0x508/0x630 [ 263.868984][T13994] input_handle_event+0x11c/0xd80 [ 263.871158][T13994] input_event+0x83/0xa0 [ 263.873047][T13994] hidinput_hid_event+0xa12/0x2410 [ 263.875491][T13994] hid_process_event+0x4b7/0x5e0 [ 263.878045][T13994] hid_report_raw_event+0x96b/0x11c0 [ 263.880725][T13994] hid_input_report+0x345/0x440 [ 263.883066][T13994] hid_irq_in+0x35e/0x870 [ 263.885009][T13994] __usb_hcd_giveback_urb+0x466/0x6e0 [ 263.887429][T13994] usb_hcd_giveback_urb+0x396/0x450 [ 263.889731][T13994] dummy_timer+0x13f6/0x3530 [ 263.891794][T13994] __hrtimer_run_queues+0x20c/0xcc0 [ 263.894071][T13994] hrtimer_interrupt+0x31b/0x800 [ 263.896310][T13994] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 263.899038][T13994] sysvec_apic_timer_interrupt+0x90/0xb0 [ 263.901518][T13994] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 263.904173][T13994] _raw_spin_unlock_irq+0x29/0x50 [ 263.906421][T13994] get_signal+0x1dc9/0x2670 [ 263.908450][T13994] arch_do_signal_or_restart+0x90/0x7e0 [ 263.910873][T13994] syscall_exit_to_user_mode+0x14a/0x2a0 [ 263.913336][T13994] do_int80_emulation+0x111/0x200 [ 263.915640][T13994] asm_int80_emulation+0x1a/0x20 [ 263.917847][T13994] [ 263.917847][T13994] to a HARDIRQ-irq-unsafe lock: [ 263.921016][T13994] (tasklist_lock){.+.+}-{2:2} [ 263.921043][T13994] [ 263.921043][T13994] ... which became HARDIRQ-irq-unsafe at: [ 263.926586][T13994] ... [ 263.926595][T13994] lock_acquire+0x1b1/0x560 [ 263.929702][T13994] _raw_read_lock+0x5f/0x70 [ 263.931705][T13994] __do_wait+0x105/0x890 [ 263.933586][T13994] do_wait+0x219/0x570 [ 263.935431][T13994] kernel_wait+0xa0/0x160 [ 263.937152][T13994] call_usermodehelper_exec_work+0xf1/0x170 [ 263.939853][T13994] process_one_work+0x958/0x1ad0 [ 263.942143][T13994] worker_thread+0x6c8/0xf30 [ 263.944314][T13994] kthread+0x2c1/0x3a0 [ 263.946203][T13994] ret_from_fork+0x45/0x80 [ 263.948240][T13994] ret_from_fork_asm+0x1a/0x30 [ 263.950405][T13994] [ 263.950405][T13994] other info that might help us debug this: [ 263.950405][T13994] [ 263.954727][T13994] Chain exists of: [ 263.954727][T13994] &client->buffer_lock --> &new->fa_lock --> tasklist_lock [ 263.954727][T13994] [ 263.960611][T13994] Possible interrupt unsafe locking scenario: [ 263.960611][T13994] [ 263.964163][T13994] CPU0 CPU1 [ 263.966574][T13994] ---- ---- [ 263.968949][T13994] lock(tasklist_lock); [ 263.970855][T13994] local_irq_disable(); [ 263.973331][T13994] lock(&client->buffer_lock); [ 263.975961][T13994] lock(&new->fa_lock); [ 263.978392][T13994] [ 263.979949][T13994] lock(&client->buffer_lock); [ 263.982259][T13994] [ 263.982259][T13994] *** DEADLOCK *** [ 263.982259][T13994] [ 263.985665][T13994] 7 locks held by syz.3.3669/13994: [ 263.988159][T13994] #0: ffff88801daed110 (&evdev->mutex){+.+.}-{3:3}, at: evdev_write+0x1ff/0x750 [ 263.992520][T13994] #1: ffff88801927e230 (&dev->event_lock#2){-.-.}-{2:2}, at: input_inject_event+0xa4/0x370 [ 263.997033][T13994] #2: ffffffff8dbb5160 (rcu_read_lock){....}-{1:2}, at: input_inject_event+0xca/0x370 [ 264.001304][T13994] #3: ffffffff8dbb5160 (rcu_read_lock){....}-{1:2}, at: input_pass_values+0xb2/0x840 [ 264.005344][T13994] #4: ffffffff8dbb5160 (rcu_read_lock){....}-{1:2}, at: evdev_events+0x87/0x390 [ 264.009422][T13994] #5: ffff8880577b8028 (&client->buffer_lock){-.-.}-{2:2}, at: evdev_pass_values+0x10e/0x9b0 [ 264.013452][T13994] #6: ffffffff8dbb5160 (rcu_read_lock){....}-{1:2}, at: kill_fasync+0x6d/0x4f0 [ 264.016729][T13994] [ 264.016729][T13994] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 264.021091][T13994] -> (&client->buffer_lock){-.-.}-{2:2} { [ 264.023572][T13994] IN-HARDIRQ-W at: [ 264.025401][T13994] lock_acquire+0x1b1/0x560 [ 264.028024][T13994] _raw_spin_lock+0x2e/0x40 [ 264.030332][T13994] evdev_pass_values+0x10e/0x9b0 [ 264.032614][T13994] evdev_events+0x1b7/0x390 [ 264.035385][T13994] input_to_handler+0x2a1/0x4d0 [ 264.038269][T13994] input_pass_values+0x5c9/0x840 [ 264.041251][T13994] input_event_dispose+0x508/0x630 [ 264.044275][T13994] input_handle_event+0x11c/0xd80 [ 264.047282][T13994] input_event+0x83/0xa0 [ 264.049960][T13994] hidinput_hid_event+0xa12/0x2410 [ 264.052949][T13994] hid_process_event+0x4b7/0x5e0 [ 264.056054][T13994] hid_report_raw_event+0x96b/0x11c0 [ 264.059221][T13994] hid_input_report+0x345/0x440 [ 264.062391][T13994] hid_irq_in+0x35e/0x870 [ 264.065214][T13994] __usb_hcd_giveback_urb+0x466/0x6e0 [ 264.068349][T13994] usb_hcd_giveback_urb+0x396/0x450 [ 264.071529][T13994] dummy_timer+0x13f6/0x3530 [ 264.074354][T13994] __hrtimer_run_queues+0x20c/0xcc0 [ 264.077469][T13994] hrtimer_interrupt+0x31b/0x800 [ 264.080319][T13994] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 264.083738][T13994] sysvec_apic_timer_interrupt+0x90/0xb0 [ 264.086994][T13994] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 264.090384][T13994] _raw_spin_unlock_irq+0x29/0x50 [ 264.093125][T13994] get_signal+0x1dc9/0x2670 [ 264.095354][T13994] arch_do_signal_or_restart+0x90/0x7e0 [ 264.097815][T13994] syscall_exit_to_user_mode+0x14a/0x2a0 [ 264.100554][T13994] do_int80_emulation+0x111/0x200 [ 264.102828][T13994] asm_int80_emulation+0x1a/0x20 [ 264.105401][T13994] IN-SOFTIRQ-W at: [ 264.106797][T13994] lock_acquire+0x1b1/0x560 [ 264.109042][T13994] _raw_spin_lock+0x2e/0x40 [ 264.111524][T13994] evdev_pass_values+0x10e/0x9b0 [ 264.113884][T13994] evdev_events+0x1b7/0x390 [ 264.116129][T13994] input_to_handler+0x2a1/0x4d0 [ 264.118979][T13994] input_pass_values+0x5c9/0x840 [ 264.121644][T13994] input_event_dispose+0x508/0x630 [ 264.124314][T13994] input_handle_event+0x11c/0xd80 [ 264.127412][T13994] input_event+0x83/0xa0 [ 264.129918][T13994] hidinput_hid_event+0xa12/0x2410 [ 264.132310][T13994] hid_process_event+0x4b7/0x5e0 [ 264.134987][T13994] hid_report_raw_event+0x96b/0x11c0 [ 264.137851][T13994] hid_input_report+0x345/0x440 [ 264.140593][T13994] hid_irq_in+0x35e/0x870 [ 264.143123][T13994] __usb_hcd_giveback_urb+0x389/0x6e0 [ 264.145753][T13994] usb_hcd_giveback_urb+0x396/0x450 [ 264.148697][T13994] dummy_timer+0x13f6/0x3530 [ 264.151550][T13994] __hrtimer_run_queues+0x20c/0xcc0 [ 264.154596][T13994] hrtimer_interrupt+0x31b/0x800 [ 264.157425][T13994] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 264.160159][T13994] sysvec_apic_timer_interrupt+0x43/0xb0 [ 264.163199][T13994] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 264.166506][T13994] _raw_spin_unlock_irqrestore+0x31/0x80 [ 264.169705][T13994] call_timer_fn+0x1a0/0x610 [ 264.172415][T13994] __run_timers+0x74b/0xaf0 [ 264.175179][T13994] run_timer_base+0x111/0x190 [ 264.178009][T13994] run_timer_softirq+0x1a/0x40 [ 264.180781][T13994] handle_softirqs+0x216/0x8f0 [ 264.183457][T13994] irq_exit_rcu+0xbb/0x120 [ 264.186041][T13994] sysvec_apic_timer_interrupt+0x95/0xb0 [ 264.188893][T13994] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 264.191584][T13994] _raw_spin_unlock_irq+0x29/0x50 [ 264.193859][T13994] get_signal+0x1dc9/0x2670 [ 264.196057][T13994] arch_do_signal_or_restart+0x90/0x7e0 [ 264.198810][T13994] syscall_exit_to_user_mode+0x14a/0x2a0 [ 264.201425][T13994] do_int80_emulation+0x111/0x200 [ 264.204316][T13994] asm_int80_emulation+0x1a/0x20 [ 264.207190][T13994] INITIAL USE at: [ 264.208917][T13994] lock_acquire+0x1b1/0x560 [ 264.211380][T13994] _raw_spin_lock_irqsave+0x3a/0x60 [ 264.214264][T13994] evdev_do_ioctl+0xada/0x1ae0 [ 264.216596][T13994] evdev_ioctl_compat+0x173/0x1a0 [ 264.219393][T13994] __do_compat_sys_ioctl+0x2c3/0x330 [ 264.221744][T13994] __do_fast_syscall_32+0x73/0x120 [ 264.224422][T13994] do_fast_syscall_32+0x32/0x80 [ 264.227123][T13994] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 264.230443][T13994] } [ 264.231584][T13994] ... key at: [] __key.1+0x0/0x40 [ 264.234665][T13994] [ 264.234665][T13994] the dependencies between the lock to be acquired [ 264.234673][T13994] and HARDIRQ-irq-unsafe lock: [ 264.240417][T13994] -> (tasklist_lock){.+.+}-{2:2} { [ 264.242607][T13994] HARDIRQ-ON-R at: [ 264.244481][T13994] lock_acquire+0x1b1/0x560 [ 264.247281][T13994] _raw_read_lock+0x5f/0x70 [ 264.249990][T13994] __do_wait+0x105/0x890 [ 264.252651][T13994] do_wait+0x219/0x570 [ 264.255296][T13994] kernel_wait+0xa0/0x160 [ 264.258089][T13994] call_usermodehelper_exec_work+0xf1/0x170 [ 264.261454][T13994] process_one_work+0x958/0x1ad0 [ 264.264474][T13994] worker_thread+0x6c8/0xf30 [ 264.267355][T13994] kthread+0x2c1/0x3a0 [ 264.270316][T13994] ret_from_fork+0x45/0x80 [ 264.272975][T13994] ret_from_fork_asm+0x1a/0x30 [ 264.275753][T13994] SOFTIRQ-ON-R at: [ 264.277472][T13994] lock_acquire+0x1b1/0x560 [ 264.280107][T13994] _raw_read_lock+0x5f/0x70 [ 264.283012][T13994] __do_wait+0x105/0x890 [ 264.285281][T13994] do_wait+0x219/0x570 [ 264.287383][T13994] kernel_wait+0xa0/0x160 [ 264.289775][T13994] call_usermodehelper_exec_work+0xf1/0x170 [ 264.293115][T13994] process_one_work+0x958/0x1ad0 [ 264.295735][T13994] worker_thread+0x6c8/0xf30 [ 264.298775][T13994] kthread+0x2c1/0x3a0 [ 264.301492][T13994] ret_from_fork+0x45/0x80 [ 264.303918][T13994] ret_from_fork_asm+0x1a/0x30 [ 264.306251][T13994] INITIAL USE at: [ 264.307704][T13994] lock_acquire+0x1b1/0x560 [ 264.310323][T13994] _raw_write_lock_irq+0x36/0x50 [ 264.313289][T13994] copy_process+0x4784/0x6f50 [ 264.316172][T13994] kernel_clone+0xfd/0x980 [ 264.319247][T13994] user_mode_thread+0xb4/0xf0 [ 264.322037][T13994] rest_init+0x23/0x2b0 [ 264.324182][T13994] start_kernel+0x3df/0x4c0 [ 264.326611][T13994] x86_64_start_reservations+0x18/0x30 [ 264.329629][T13994] x86_64_start_kernel+0xb2/0xc0 [ 264.332883][T13994] common_startup_64+0x13e/0x148 [ 264.335276][T13994] INITIAL READ USE at: [ 264.336862][T13994] lock_acquire+0x1b1/0x560 [ 264.339314][T13994] _raw_read_lock+0x5f/0x70 [ 264.342227][T13994] __do_wait+0x105/0x890 [ 264.345042][T13994] do_wait+0x219/0x570 [ 264.347416][T13994] kernel_wait+0xa0/0x160 [ 264.349960][T13994] call_usermodehelper_exec_work+0xf1/0x170 [ 264.353663][T13994] process_one_work+0x958/0x1ad0 [ 264.356915][T13994] worker_thread+0x6c8/0xf30 [ 264.359928][T13994] kthread+0x2c1/0x3a0 [ 264.362809][T13994] ret_from_fork+0x45/0x80 [ 264.365732][T13994] ret_from_fork_asm+0x1a/0x30 [ 264.368897][T13994] } [ 264.370204][T13994] ... key at: [] tasklist_lock+0x18/0x40 [ 264.373741][T13994] ... acquired at: [ 264.375531][T13994] _raw_read_lock+0x5f/0x70 [ 264.377605][T13994] send_sigio+0xb4/0x3c0 [ 264.379259][T13994] kill_fasync+0x1f6/0x4f0 [ 264.381275][T13994] lease_break_callback+0x23/0x30 [ 264.383551][T13994] __break_lease+0x67c/0x17d0 [ 264.385360][T13994] vfs_truncate+0x32e/0x4e0 [ 264.387394][T13994] do_sys_truncate+0x130/0x190 [ 264.389597][T13994] __do_fast_syscall_32+0x73/0x120 [ 264.391611][T13994] do_fast_syscall_32+0x32/0x80 [ 264.393335][T13994] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 264.395548][T13994] [ 264.396374][T13994] -> (&f->f_owner.lock){...-}-{2:2} { [ 264.398263][T13994] IN-SOFTIRQ-R at: [ 264.399795][T13994] lock_acquire+0x1b1/0x560 [ 264.402490][T13994] _raw_read_lock_irqsave+0x46/0x90 [ 264.405510][T13994] send_sigurg+0x22/0xc30 [ 264.408195][T13994] sk_send_sigurg+0x7a/0x370 [ 264.410883][T13994] tcp_urg+0x343/0xb80 [ 264.413299][T13994] tcp_rcv_established+0x8de/0x21b0 [ 264.416379][T13994] tcp_v6_do_rcv+0x836/0x16f0 [ 264.419258][T13994] tcp_v6_rcv+0x2e54/0x3b10 [ 264.422198][T13994] ip6_protocol_deliver_rcu+0x188/0x1530 [ 264.425699][T13994] ip6_input_finish+0x14f/0x2f0 [ 264.428789][T13994] ip6_input+0xa1/0xd0 [ 264.431189][T13994] ipv6_rcv+0x265/0x680 [ 264.433853][T13994] __netif_receive_skb_one_core+0x12e/0x1e0 [ 264.437236][T13994] __netif_receive_skb+0x1d/0x160 [ 264.440188][T13994] process_backlog+0x133/0x760 [ 264.442777][T13994] __napi_poll.constprop.0+0xb7/0x550 [ 264.445253][T13994] net_rx_action+0x9b6/0xf10 [ 264.447490][T13994] handle_softirqs+0x216/0x8f0 [ 264.449932][T13994] do_softirq+0xb2/0xf0 [ 264.452080][T13994] __local_bh_enable_ip+0x100/0x120 [ 264.454476][T13994] sk_stream_wait_memory+0x65e/0x10e0 [ 264.456919][T13994] tcp_sendmsg_locked+0xa7c/0x3550 [ 264.459405][T13994] tcp_sendmsg+0x2e/0x50 [ 264.462141][T13994] inet6_sendmsg+0xb9/0x140 [ 264.464949][T13994] __sys_sendto+0x371/0x4e0 [ 264.467763][T13994] __ia32_sys_sendto+0xdd/0x1b0 [ 264.470518][T13994] __do_fast_syscall_32+0x73/0x120 [ 264.473324][T13994] do_fast_syscall_32+0x32/0x80 [ 264.475667][T13994] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 264.479095][T13994] INITIAL USE at: [ 264.480919][T13994] lock_acquire+0x1b1/0x560 [ 264.483635][T13994] _raw_write_lock_irq+0x36/0x50 [ 264.486491][T13994] f_modown+0x2a/0x380 [ 264.489095][T13994] fcntl_dirnotify+0x8d2/0xdf0 [ 264.491598][T13994] do_fcntl+0x310/0x1380 [ 264.493670][T13994] do_compat_fcntl64+0x35d/0x6b0 [ 264.496019][T13994] __do_fast_syscall_32+0x73/0x120 [ 264.498371][T13994] do_fast_syscall_32+0x32/0x80 [ 264.501389][T13994] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 264.504477][T13994] INITIAL READ USE at: [ 264.506024][T13994] lock_acquire+0x1b1/0x560 [ 264.508315][T13994] _raw_read_lock_irq+0x67/0x80 [ 264.510906][T13994] do_fcntl+0x4b7/0x1380 [ 264.513146][T13994] do_compat_fcntl64+0x35d/0x6b0 [ 264.515601][T13994] __do_fast_syscall_32+0x73/0x120 [ 264.518098][T13994] do_fast_syscall_32+0x32/0x80 [ 264.520594][T13994] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 264.523454][T13994] } [ 264.524501][T13994] ... key at: [] __key.2+0x0/0x40 [ 264.527010][T13994] ... acquired at: [ 264.528329][T13994] _raw_read_lock_irqsave+0x74/0x90 [ 264.530672][T13994] send_sigio+0x28/0x3c0 [ 264.532604][T13994] kill_fasync+0x1f6/0x4f0 [ 264.534597][T13994] sock_wake_async+0x132/0x160 [ 264.536686][T13994] sock_def_error_report+0x352/0x400 [ 264.538995][T13994] sk_error_report+0x3e/0x2a0 [ 264.541088][T13994] tcp_reset+0x1cb/0x450 [ 264.542997][T13994] tcp_rcv_state_process+0x1f8a/0x4f30 [ 264.545395][T13994] tcp_v6_do_rcv+0x42f/0x16f0 [ 264.547576][T13994] __release_sock+0x14c/0x400 [ 264.549725][T13994] release_sock+0x5a/0x220 [ 264.551723][T13994] tcp_sendmsg+0x38/0x50 [ 264.553611][T13994] inet6_sendmsg+0xb9/0x140 [ 264.555585][T13994] __sys_sendto+0x371/0x4e0 [ 264.557582][T13994] __ia32_sys_sendto+0xdd/0x1b0 [ 264.559768][T13994] __do_fast_syscall_32+0x73/0x120 [ 264.561971][T13994] do_fast_syscall_32+0x32/0x80 [ 264.564154][T13994] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 264.566890][T13994] [ 264.567891][T13994] -> (&new->fa_lock){...-}-{2:2} { [ 264.570053][T13994] IN-SOFTIRQ-R at: [ 264.571725][T13994] lock_acquire+0x1b1/0x560 [ 264.574295][T13994] _raw_read_lock_irqsave+0x46/0x90 [ 264.577194][T13994] kill_fasync+0x138/0x4f0 [ 264.579763][T13994] sock_wake_async+0x132/0x160 [ 264.582445][T13994] sock_def_readable+0x520/0x610 [ 264.585125][T13994] tcp_urg+0x656/0xb80 [ 264.587323][T13994] tcp_rcv_established+0x8de/0x21b0 [ 264.590116][T13994] tcp_v6_do_rcv+0x836/0x16f0 [ 264.592778][T13994] tcp_v6_rcv+0x2e54/0x3b10 [ 264.595257][T13994] ip6_protocol_deliver_rcu+0x188/0x1530 [ 264.598347][T13994] ip6_input_finish+0x14f/0x2f0 [ 264.601245][T13994] ip6_input+0xa1/0xd0 [ 264.603702][T13994] ipv6_rcv+0x265/0x680 [ 264.606243][T13994] __netif_receive_skb_one_core+0x12e/0x1e0 [ 264.609026][T13994] __netif_receive_skb+0x1d/0x160 [ 264.611416][T13994] process_backlog+0x133/0x760 [ 264.613907][T13994] __napi_poll.constprop.0+0xb7/0x550 [ 264.616705][T13994] net_rx_action+0x9b6/0xf10 [ 264.619374][T13994] handle_softirqs+0x216/0x8f0 [ 264.621717][T13994] do_softirq+0xb2/0xf0 [ 264.623691][T13994] __local_bh_enable_ip+0x100/0x120 [ 264.626043][T13994] sk_stream_wait_memory+0x65e/0x10e0 [ 264.628533][T13994] tcp_sendmsg_locked+0xa7c/0x3550 [ 264.630971][T13994] tcp_sendmsg+0x2e/0x50 [ 264.632964][T13994] inet6_sendmsg+0xb9/0x140 [ 264.635073][T13994] __sys_sendto+0x371/0x4e0 [ 264.637332][T13994] __ia32_sys_sendto+0xdd/0x1b0 [ 264.639594][T13994] __do_fast_syscall_32+0x73/0x120 [ 264.641970][T13994] do_fast_syscall_32+0x32/0x80 [ 264.644222][T13994] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 264.647229][T13994] INITIAL USE at: [ 264.648885][T13994] lock_acquire+0x1b1/0x560 [ 264.651477][T13994] _raw_write_lock_irq+0x36/0x50 [ 264.654203][T13994] fasync_remove_entry+0xb9/0x1f0 [ 264.656985][T13994] fasync_helper+0xaf/0xd0 [ 264.659508][T13994] sock_fasync+0x98/0x140 [ 264.662049][T13994] __fput+0x94a/0xbb0 [ 264.664386][T13994] task_work_run+0x14e/0x250 [ 264.667011][T13994] syscall_exit_to_user_mode+0x278/0x2a0 [ 264.670052][T13994] __do_fast_syscall_32+0x80/0x120 [ 264.672906][T13994] do_fast_syscall_32+0x32/0x80 [ 264.675569][T13994] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 264.678324][T13994] INITIAL READ USE at: [ 264.679850][T13994] lock_acquire+0x1b1/0x560 [ 264.682066][T13994] _raw_read_lock_irqsave+0x74/0x90 [ 264.685037][T13994] kill_fasync+0x138/0x4f0 [ 264.687632][T13994] sock_wake_async+0x132/0x160 [ 264.690113][T13994] sock_def_error_report+0x352/0x400 [ 264.692870][T13994] sk_error_report+0x3e/0x2a0 [ 264.695533][T13994] tcp_reset+0x1cb/0x450 [ 264.698246][T13994] tcp_rcv_state_process+0x1f8a/0x4f30 [ 264.701403][T13994] tcp_v6_do_rcv+0x42f/0x16f0 [ 264.704278][T13994] __release_sock+0x14c/0x400 [ 264.706693][T13994] release_sock+0x5a/0x220 [ 264.708703][T13994] tcp_sendmsg+0x38/0x50 [ 264.710620][T13994] inet6_sendmsg+0xb9/0x140 [ 264.712629][T13994] __sys_sendto+0x371/0x4e0 [ 264.714760][T13994] __ia32_sys_sendto+0xdd/0x1b0 [ 264.717023][T13994] __do_fast_syscall_32+0x73/0x120 [ 264.719448][T13994] do_fast_syscall_32+0x32/0x80 [ 264.722054][T13994] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 264.725591][T13994] } [ 264.726688][T13994] ... key at: [] __key.0+0x0/0x40 [ 264.729254][T13994] ... acquired at: [ 264.730623][T13994] lock_acquire+0x1b1/0x560 [ 264.732292][T13994] _raw_read_lock_irqsave+0x74/0x90 [ 264.734225][T13994] kill_fasync+0x138/0x4f0 [ 264.735857][T13994] evdev_pass_values+0x619/0x9b0 [ 264.737461][T13994] evdev_events+0x1b7/0x390 [ 264.739315][T13994] input_to_handler+0x2a1/0x4d0 [ 264.741519][T13994] input_pass_values+0x5c9/0x840 [ 264.743742][T13994] input_event_dispose+0x37a/0x630 [ 264.746101][T13994] input_handle_event+0x11c/0xd80 [ 264.748464][T13994] input_inject_event+0x1bb/0x370 [ 264.751149][T13994] evdev_write+0x450/0x750 [ 264.753240][T13994] vfs_write+0x29a/0x1140 [ 264.755267][T13994] ksys_write+0x1f8/0x260 [ 264.757406][T13994] __do_fast_syscall_32+0x73/0x120 [ 264.759793][T13994] do_fast_syscall_32+0x32/0x80 [ 264.762365][T13994] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 264.765293][T13994] [ 264.766420][T13994] [ 264.766420][T13994] stack backtrace: [ 264.769480][T13994] CPU: 2 PID: 13994 Comm: syz.3.3669 Not tainted 6.10.0-rc5-syzkaller-00155-g66e55ff12e73 #0 [ 264.773916][T13994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 264.778748][T13994] Call Trace: [ 264.780261][T13994] [ 264.781692][T13994] dump_stack_lvl+0x116/0x1f0 [ 264.783911][T13994] check_irq_usage+0xe3c/0x1490 [ 264.786119][T13994] ? __pfx_check_irq_usage+0x10/0x10 [ 264.788510][T13994] ? hlock_conflict+0x58/0x200 [ 264.790960][T13994] ? __bfs+0x2fa/0x670 [ 264.793085][T13994] ? __pfx_hlock_conflict+0x10/0x10 [ 264.795595][T13994] ? lockdep_lock+0xc6/0x200 [ 264.797474][T13994] ? __pfx_lockdep_lock+0x10/0x10 [ 264.799610][T13994] ? __lock_acquire+0x248e/0x3b30 [ 264.801897][T13994] __lock_acquire+0x248e/0x3b30 [ 264.804205][T13994] ? __pfx___lock_acquire+0x10/0x10 [ 264.806838][T13994] ? __pfx___lock_acquire+0x10/0x10 [ 264.809342][T13994] lock_acquire+0x1b1/0x560 [ 264.811445][T13994] ? kill_fasync+0x138/0x4f0 [ 264.813555][T13994] ? __pfx_lock_acquire+0x10/0x10 [ 264.815869][T13994] ? __pfx_lock_acquire+0x10/0x10 [ 264.818425][T13994] ? __pfx_lock_acquire+0x10/0x10 [ 264.820974][T13994] _raw_read_lock_irqsave+0x74/0x90 [ 264.823358][T13994] ? kill_fasync+0x138/0x4f0 [ 264.825356][T13994] kill_fasync+0x138/0x4f0 [ 264.827308][T13994] evdev_pass_values+0x619/0x9b0 [ 264.829465][T13994] evdev_events+0x1b7/0x390 [ 264.831519][T13994] ? __pfx_evdev_events+0x10/0x10 [ 264.833672][T13994] input_to_handler+0x2a1/0x4d0 [ 264.836068][T13994] input_pass_values+0x5c9/0x840 [ 264.838440][T13994] input_event_dispose+0x37a/0x630 [ 264.840806][T13994] input_handle_event+0x11c/0xd80 [ 264.843063][T13994] input_inject_event+0x1bb/0x370 [ 264.845275][T13994] evdev_write+0x450/0x750 [ 264.847254][T13994] ? __pfx_evdev_write+0x10/0x10 [ 264.849346][T13994] ? bpf_lsm_file_permission+0x9/0x10 [ 264.851581][T13994] ? security_file_permission+0x98/0xc0 [ 264.853954][T13994] ? __pfx_evdev_write+0x10/0x10 [ 264.856318][T13994] vfs_write+0x29a/0x1140 [ 264.858180][T13994] ? __pfx_vfs_write+0x10/0x10 [ 264.860195][T13994] ? do_futex+0x123/0x350 [ 264.862152][T13994] ? __fget_files+0x256/0x400 [ 264.864248][T13994] ? __fget_light+0x173/0x210 [ 264.866320][T13994] ksys_write+0x1f8/0x260 [ 264.868247][T13994] ? __pfx_ksys_write+0x10/0x10 [ 264.870384][T13994] __do_fast_syscall_32+0x73/0x120 [ 264.872353][T13994] do_fast_syscall_32+0x32/0x80 [ 264.874205][T13994] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 264.877020][T13994] RIP: 0023:0xf7472579 [ 264.878430][T13994] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 264.886719][T13994] RSP: 002b:00000000f5d8a57c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 264.890271][T13994] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040 [ 264.893719][T13994] RDX: 0000000000001068 RSI: 0000000000000000 RDI: 0000000000000000 [ 264.897271][T13994] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 264.900959][T13994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 264.904452][T13994] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 264.907709][T13994] SYZFAIL: failed to recv rpc fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor) [ 265.309848][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.523644][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.630980][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.710779][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 265.828741][ T11] bridge_slave_1: left allmulticast mode [ 265.831222][ T11] bridge_slave_1: left promiscuous mode [ 265.833790][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.840538][ T11] bridge_slave_0: left allmulticast mode [ 265.842500][ T11] bridge_slave_0: left promiscuous mode [ 265.844522][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 266.009061][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 266.013706][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 266.018213][ T11] bond0 (unregistering): Released all slaves [ 266.315882][ T11] hsr_slave_0: left promiscuous mode [ 266.319342][ T11] hsr_slave_1: left promiscuous mode [ 266.323090][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 266.326630][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 266.330925][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 266.334501][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 266.340174][ T11] veth1_macvtap: left promiscuous mode [ 266.342989][ T11] veth0_macvtap: left promiscuous mode [ 266.345792][ T11] veth1_vlan: left promiscuous mode [ 266.348042][ T11] veth0_vlan: left promiscuous mode [ 266.693657][ T11] team0 (unregistering): Port device team_slave_1 removed [ 266.745845][ T11] team0 (unregistering): Port device team_slave_0 removed [ 267.567997][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.661531][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.731318][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.823007][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.946312][ T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.018572][ T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.092138][ T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.151413][ T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.281838][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.331500][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.421421][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.490089][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.608399][ T11] bridge_slave_1: left allmulticast mode [ 268.610839][ T11] bridge_slave_1: left promiscuous mode [ 268.613368][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.621959][ T11] bridge_slave_0: left allmulticast mode [ 268.624440][ T11] bridge_slave_0: left promiscuous mode [ 268.627556][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.634288][ T11] bridge_slave_1: left allmulticast mode [ 268.639034][ T11] bridge_slave_1: left promiscuous mode [ 268.641662][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.647003][ T11] bridge_slave_0: left promiscuous mode [ 268.649179][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 269.053203][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 269.059781][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 269.065209][ T11] bond0 (unregistering): Released all slaves [ 269.077430][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 269.083287][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 269.088843][ T11] bond0 (unregistering): Released all slaves [ 269.097268][ T11] bond1 (unregistering): Released all slaves [ 269.109989][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 269.115729][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 269.120754][ T11] bond0 (unregistering): Released all slaves [ 269.133213][ T11] bond1 (unregistering): Released all slaves [ 269.228424][ T11] tipc: Left network mode [ 269.315476][ T11] IPVS: stopping backup sync thread 12143 ... [ 269.765455][ T11] hsr_slave_0: left promiscuous mode [ 269.768638][ T11] hsr_slave_1: left promiscuous mode [ 269.772360][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 269.776370][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 269.780482][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 269.783812][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 269.791115][ T11] hsr_slave_0: left promiscuous mode [ 269.794106][ T11] hsr_slave_1: left promiscuous mode [ 269.797748][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 269.801030][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 269.805057][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 269.808334][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 269.814969][ T11] hsr_slave_0: left promiscuous mode [ 269.817878][ T11] hsr_slave_1: left promiscuous mode [ 269.820698][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 269.823498][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 269.829837][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 269.833130][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 269.839387][ T11] veth1_macvtap: left promiscuous mode [ 269.841336][ T11] veth0_macvtap: left promiscuous mode [ 269.843288][ T11] veth1_vlan: left promiscuous mode [ 269.845378][ T11] veth0_vlan: left promiscuous mode [ 269.847898][ T11] veth1_macvtap: left promiscuous mode [ 269.849844][ T11] veth0_macvtap: left promiscuous mode [ 269.852019][ T11] veth1_vlan: left promiscuous mode [ 269.854447][ T11] veth0_vlan: left promiscuous mode [ 269.866122][ T11] veth1_macvtap: left promiscuous mode [ 269.868559][ T11] veth0_macvtap: left promiscuous mode [ 269.871130][ T11] veth1_vlan: left promiscuous mode [ 269.873617][ T11] veth0_vlan: left promiscuous mode [ 270.218236][ T11] team0 (unregistering): Port device team_slave_1 removed [ 270.272204][ T11] team0 (unregistering): Port device team_slave_0 removed [ 270.744760][ T11] team0 (unregistering): Port device team_slave_1 removed [ 270.793218][ T11] team0 (unregistering): Port device team_slave_0 removed [ 271.041101][ T11] pimreg (unregistering): left allmulticast mode [ 271.047583][ T11] pim6reg (unregistering): left allmulticast mode [ 271.176672][ T11] team0 (unregistering): Port device team_slave_1 removed [ 271.225395][ T11] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 19:04:43 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=00fff80000040838 RCX=1ffff920003e6e64 RDX=ffff88801a35c880 RSI=ffffffff81c7ff2a RDI=0000000000000004 RBP=ffffea0000afe400 RSP=ffffc90001f37308 R8 =0000000000000004 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000000 R12=00fff20000040801 R13=0000000000000003 R14=ffff8880154b4000 R15=0000000000000000 RIP=ffffffff81c7ff59 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f74980a4 CR3=000000005bdb0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000e08e000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000002e800000000 0000000900000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000001f5eec RBX=0000000000000001 RCX=ffffffff8adc2d59 RDX=ffffed1005826fde RSI=ffffffff8b8fb860 RDI=ffffffff816724fc RBP=ffffed1002bff910 RSP=ffffc90000477e08 R8 =0000000000000000 R9 =ffffed1005826fdd R10=ffff88802c137eeb R11=0000000000000001 R12=0000000000000001 R13=ffff888015ffc880 R14=ffffffff8fe2a710 R15=0000000000000000 RIP=ffffffff8adc414f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7476230 CR3=000000005082a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000e08e000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84f96845 RDI=ffffffff94d5c040 RBP=ffffffff94d5c000 RSP=ffffc900078a70b0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000002d R14=ffffffff84f967e0 R15=0000000000000000 RIP=ffffffff84f9686f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c200000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002da1cff8 CR3=0000000029144000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000e08e000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=cbfc0c58cbfc0c58 cbfc0c58cbfc0c58 cbfc0c58cbfc0c58 cbfc0c58cbfc0c58 cbfc0c58cbfc0c58 cbfc0c58cbfc0c58 cbfc0c58cbfc0c58 cbfc0c58cbfc0c58 ZMM22=d5110e96d5110e96 d5110e96d5110e96 d5110e96d5110e96 d5110e96d5110e96 d5110e96d5110e96 d5110e96d5110e96 d5110e96d5110e96 d5110e96d5110e96 ZMM23=f20ed2fbf20ed2fb f20ed2fbf20ed2fb f20ed2fbf20ed2fb f20ed2fbf20ed2fb f20ed2fbf20ed2fb f20ed2fbf20ed2fb f20ed2fbf20ed2fb f20ed2fbf20ed2fb ZMM24=912c07b1912c07b1 912c07b1912c07b1 912c07b1912c07b1 912c07b1912c07b1 912c07b1912c07b1 912c07b1912c07b1 912c07b1912c07b1 912c07b1912c07b1 ZMM25=de678c33de678c33 de678c33de678c33 de678c33de678c33 de678c33de678c33 de678c33de678c33 de678c33de678c33 de678c33de678c33 de678c33de678c33 ZMM26=22db4a0a22db4a0a 22db4a0a22db4a0a 22db4a0a22db4a0a 22db4a0a22db4a0a 22db4a0a22db4a0a 22db4a0a22db4a0a 22db4a0a22db4a0a 22db4a0a22db4a0a ZMM27=4e9ed8074e9ed807 4e9ed8074e9ed807 4e9ed8074e9ed807 4e9ed8074e9ed807 4e9ed8074e9ed807 4e9ed8074e9ed807 4e9ed8074e9ed807 4e9ed8074e9ed807 ZMM28=000000900000008f 0000008e0000008d 0000008c0000008b 0000008a00000089 0000008800000087 0000008600000085 0000008400000083 0000008200000081 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=d2280000d2280000 d2280000d2280000 d2280000d2280000 d2280000d2280000 d2280000d2280000 d2280000d2280000 d2280000d2280000 d2280000d2280000 info registers vcpu 3 CPU#3 RAX=00000000001423fc RBX=0000000000000003 RCX=ffffffff8adc2d59 RDX=ffffed1005866fde RSI=ffffffff8b8fb860 RDI=ffffffff816724fc RBP=ffffed1002c6a488 RSP=ffffc90000497e08 R8 =0000000000000000 R9 =ffffed1005866fdd R10=ffff88802c337eeb R11=0000000000000000 R12=0000000000000003 R13=ffff888016352440 R14=ffffffff8fe2a710 R15=0000000000000000 RIP=ffffffff8adc414f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7487230 CR3=0000000055404000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000004ffffffe3 00000190000000c8 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000