last executing test programs: 51.221802896s ago: executing program 2 (id=512): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10) openat$pmem0(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r1, 0x0) 51.169913076s ago: executing program 2 (id=522): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10) openat$pmem0(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r1, 0x0) 50.15238916s ago: executing program 2 (id=516): prctl$PR_SET_SECUREBITS(0x1c, 0x2c) setuid(0xee00) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='tasks\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000400), 0x12) 49.26440888s ago: executing program 2 (id=519): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000400)='./file0/file0\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x3125899, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x202) 49.170165796s ago: executing program 2 (id=531): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000180)={0xfffc, [0x1, 0x10000]}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r1, 0x400455c8, 0x0) 49.085880178s ago: executing program 2 (id=529): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r3, 0x4068aea3, &(0x7f0000001980)={0xbe, 0x0, 0x80001}) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000400)=ANY=[@ANYBLOB="0100000000080000074d564b"]) 48.97264379s ago: executing program 32 (id=529): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r3, 0x4068aea3, &(0x7f0000001980)={0xbe, 0x0, 0x80001}) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000400)=ANY=[@ANYBLOB="0100000000080000074d564b"]) 33.311148764s ago: executing program 3 (id=853): bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], 0x0, 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4140aecd, &(0x7f00000000c0)) 33.193691955s ago: executing program 3 (id=857): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe8381, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x4048aec9, &(0x7f0000000980)={0x1, 0x0, @ioapic={0xfee00, 0x296a, 0xf7c, 0x3, 0x0, [{0x98, 0x37, 0x81, '\x00', 0x7f}, {0x41, 0xf0, 0x81, '\x00', 0xf5}, {0xe9, 0x1, 0x9, '\x00', 0x11}, {0x7, 0x9, 0x3, '\x00', 0x8f}, {0x3, 0x80, 0xb1, '\x00', 0xa}, {0xf, 0x2, 0x8, '\x00', 0xaa}, {0x4, 0x8, 0x4, '\x00', 0x8}, {0x1, 0x3, 0x2, '\x00', 0x67}, {0x2, 0x7, 0xa, '\x00', 0x8}, {0x8, 0x3, 0x43, '\x00', 0x80}, {0xf, 0x8, 0x4, '\x00', 0x3}, {0x2, 0x4c, 0x3, '\x00', 0xa}, {0x7, 0x6, 0x3, '\x00', 0xa6}, {0x8, 0x0, 0x8, '\x00', 0x9}, {0x2, 0x4c, 0xa2, '\x00', 0x1}, {0x8, 0x5e, 0x4, '\x00', 0x3}, {0x5, 0xa0, 0x47, '\x00', 0x5}, {0x0, 0x3, 0x2, '\x00', 0xff}, {0x5, 0x0, 0xf, '\x00', 0x7}, {0x5e, 0xa, 0xb, '\x00', 0x3}, {0x7f, 0x6, 0x7, '\x00', 0x4}, {0x93, 0x44, 0x9, '\x00', 0x10}, {0x2, 0x8, 0x0, '\x00', 0xfc}, {0x6, 0xc, 0x92, '\x00', 0x8}]}}) 33.074103569s ago: executing program 3 (id=858): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, r3, 0x0, 0x39000, 0x0) r4 = memfd_create(&(0x7f0000000080), 0x0) splice(r2, 0x0, r4, 0x0, 0x408cd, 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e) 32.138884501s ago: executing program 3 (id=868): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000400)='./file0/file0\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x3125899, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x202) 32.134072466s ago: executing program 3 (id=871): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f0000000340)='./file0\x00') rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00') r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f00000008c0)=""/54, 0x36) 31.772266453s ago: executing program 3 (id=872): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) readv(r0, &(0x7f0000000240)=[{&(0x7f0000000140)=""/201, 0xf}], 0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) 31.724537026s ago: executing program 33 (id=872): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) readv(r0, &(0x7f0000000240)=[{&(0x7f0000000140)=""/201, 0xf}], 0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) 2.543557178s ago: executing program 0 (id=1294): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x69) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}}) 2.538668673s ago: executing program 0 (id=1295): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000b00)=0x6) read(r1, &(0x7f0000000a40)=""/141, 0x8d) 2.19161633s ago: executing program 1 (id=1301): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r2, 0xc06c4124, &(0x7f0000000340)) 1.870997925s ago: executing program 5 (id=1305): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r1 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0) close(0x3) syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02) syz_usb_disconnect(r1) write$tun(r0, 0x0, 0xffe) 1.870574797s ago: executing program 4 (id=1306): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = syz_io_uring_setup(0xec6, &(0x7f0000000c00)={0x0, 0x31f0, 0x2, 0xfffffffe, 0xfffffffd}, &(0x7f0000000500)=0x0, &(0x7f0000000600)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_enter(r0, 0x140d, 0x10a5, 0x47, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') read$eventfd(r2, &(0x7f0000000180), 0x8) 1.621869529s ago: executing program 0 (id=1307): r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0xfffffffd) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000001000), 0x581, 0x40000000, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f00000002c0)={0x3, 0x1, 0x2, 0xff, 0xa4, 0x0, 0x1, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2, 0x20}, 0xe) 1.52176047s ago: executing program 0 (id=1308): setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0)=0x20001, 0x4) r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000600)={@in={{0x2, 0x4e24, @remote}}, 0x0, 0x0, 0x34, 0x0, "679f672c00b69e65b0934066fc7c3406caf2c09e33bd50116312e2b00fee650af69b2150ccaa762a3db7ad752fe616e085e991c0436e7e7111238865d27b4e82dcc94700ddd1878b088736009d15f1fa"}, 0xd8) setsockopt$inet_tcp_int(r0, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6) sendto$inet(r1, 0x0, 0x0, 0x20048050, &(0x7f0000000540)={0x2, 0x0, @remote}, 0x6d) 1.521527548s ago: executing program 0 (id=1309): ioperm(0x2, 0x8, 0xa) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = eventfd2(0x0, 0x0) read$eventfd(r1, &(0x7f0000000040), 0x8) 1.289615582s ago: executing program 1 (id=1310): socket$l2tp6(0xa, 0x2, 0x73) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}]}]}, 0x70}}, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r1], 0x90}, 0x1, 0x0, 0x0, 0x44004}, 0x0) 1.180593366s ago: executing program 4 (id=1311): symlink(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file1\x00') symlink(&(0x7f0000004500)='./file1/file0\x00', &(0x7f0000004540)='./file0\x00') r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80}) io_uring_enter(r0, 0x3516, 0xfffffffc, 0x0, 0x0, 0x0) 1.121005748s ago: executing program 1 (id=1312): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x10, &(0x7f0000000e40)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r1, 0xfffff000, 0xe, 0x0, &(0x7f0000000840)="7dc6c1e4019550edc59b2d768d0b", 0x0, 0x2f02, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000340)) 1.120269243s ago: executing program 4 (id=1313): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents(r0, 0x0, 0x0) lseek(r0, 0x57, 0x1) 1.05608938s ago: executing program 1 (id=1314): r0 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_FLAGS(r1, 0x114, &(0x7f0000000180)=0x1, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000200)={0x42}, &(0x7f0000000240)='./file1\x00', 0x18, 0x0, 0x12345}) io_uring_enter(r0, 0x1, 0x1, 0x1, 0x0, 0x0) r3 = syz_io_uring_complete(r1) close(r3) 1.054847091s ago: executing program 4 (id=1315): openat$audio1(0xffffffffffffff9c, &(0x7f00000000c0), 0x66c2e2, 0x0) io_setup(0x6, &(0x7f0000001380)=0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0x4002}) io_submit(r0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) write$tun(r1, &(0x7f0000000240)=ANY=[], 0x2f6) 1.054676829s ago: executing program 1 (id=1316): openat$binfmt_register(0xffffff9c, &(0x7f0000000180), 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') r1 = memfd_create(&(0x7f00000000c0)='v\xa6\xf5lj6,r\xaf\xe8\x10/\xecg\xed\xe3h\x80\xb8!y6w\xda\xdd\xb9\nR\xe8@\x99\xb9\x8a\x0fZ\t\x90\x8bp\x10\x84\x86t\x8a\xba\xc6\xfb\xd2\f\xef&\xad\xa8M\xe8\b\xb0#\xac)\x81\x1e\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc\\\x11\x95\xf8\xe6\xa7\xc3\xbc\x18+\x92\x92N\a\xa7\x7fN\x9bL\xf8\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9d\x85\xea\x1a*\x1bC\xd8\x1c\xe8\x9bYS', 0x0) write(r1, &(0x7f0000002140)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) readlinkat(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000019240)=""/102393, 0x18ff9) 1.030029324s ago: executing program 1 (id=1317): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000000001090224000100000000090400000903000000092100000001222200090581030800000000"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0) syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') syz_usb_ep_write(r0, 0x81, 0x7, &(0x7f0000000000)='BBBBBBB') 925.383309ms ago: executing program 4 (id=1318): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x600, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc018aec0, &(0x7f0000000040)={0x1}) write$6lowpan_control(r0, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000680), 0x40000, 0x19) 713.325933ms ago: executing program 4 (id=1319): syz_usb_connect(0x1, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) r1 = syz_io_uring_setup(0x417a, &(0x7f00000000c0)={0x0, 0xad54, 0x10710, 0x1, 0xffffffff}, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4004, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r1, 0x567, 0x20, 0x0, 0x0, 0x0) write$char_usb(r0, &(0x7f0000000200)="1f29f919700d501c1b4026acab5dfa752eadf8e334a103e924748fecb9d2234fd129db10565f6ffb23a342cdd3eb1a998df6c38e37b20ffdfc814d6ab3255213fe8edd20dfa5a1eb45a93e0269166fdf276daa6d1cba506bb62adb78cccf118c111c4d4aa6f238", 0x67) 660.675787ms ago: executing program 0 (id=1320): r0 = syz_clone(0x202080, 0x0, 0xfffffffffffffd62, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff0000000000010902"], 0x0) fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r2 = syz_open_procfs(r0, &(0x7f0000000200)='stat\x00') preadv(r2, &(0x7f00000001c0)=[{&(0x7f0000000240)=""/230, 0xe6}], 0x1, 0x401, 0x2ab) 430.110483ms ago: executing program 5 (id=1321): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="000000db", @ANYRES16, @ANYBLOB="000129bd7000fbdbdf25350000000c00990006000000300000000a003400010101010101000005002001370000000500200152000000090034005c71"], 0x64}, 0x1, 0x0, 0x0, 0x20040080}, 0x810) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000100)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r1, 0x0) ioctl$TCSETS(r0, 0x89f0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7ff, 0x0, "5dee000000594000"}) 311.578395ms ago: executing program 5 (id=1322): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, 0xffffffffffffffff}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000740)=@framed={{}, [@snprintf={{0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x8, 0xfe00}, {0x7, 0x0, 0x8}, {}, {0x5}, {0x7, 0x0, 0x2, 0x0}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x49}}]}, &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001c00)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76389e6a65585578f830e9000000", 0x0, 0x80000, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 71.925311ms ago: executing program 5 (id=1323): r0 = syz_io_uring_setup(0x24fc, &(0x7f0000000180)={0x0, 0x6386, 0x10100, 0x3}, &(0x7f00000000c0)=0x0, &(0x7f0000000100)=0x0) ioctl$UI_BEGIN_FF_UPLOAD(0xffffffffffffffff, 0xc06855c8, &(0x7f0000000040)={0x10, 0x198, {0x54, 0x3, 0x3, {0x7, 0x4}, {0x1, 0x4}, @const={0x6, {0x7, 0x1ff}}}, {0x51, 0x6c3, 0xfffc, {0x92, 0x6}, {0x350, 0x4}, @ramp={0x9, 0xa7, {0x2, 0x1, 0x8001, 0x81}}}}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[@ANYBLOB='1q'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 71.60691ms ago: executing program 5 (id=1324): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x1, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x3, 0x7, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018100000", @ANYRES32=r1, @ANYBLOB="000000000000000018100000", @ANYRES32=r2, @ANYBLOB="000000000000000095"], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, &(0x7f0000000180), 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r3, 0xe0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) 0s ago: executing program 5 (id=1325): r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000100)=0xfffe, 0x4) recvmmsg(r1, &(0x7f0000001440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40002002, 0x0) write$binfmt_misc(r0, &(0x7f00000000c0), 0x3e) write$binfmt_misc(r0, &(0x7f0000000040), 0xffc1) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:60979' (ED25519) to the list of known hosts. [ 42.109397][ T5907] cgroup: Unknown subsys name 'net' [ 42.255423][ T5907] cgroup: Unknown subsys name 'cpuset' [ 42.259247][ T5907] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 43.050536][ T5907] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 46.289785][ T5947] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 46.294980][ T5954] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 46.295032][ T5952] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 46.300088][ T5953] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 46.303541][ T5952] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 46.303618][ T5953] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 46.306788][ T5952] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 46.308538][ T5953] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 46.310696][ T5952] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 46.313147][ T5953] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 46.315298][ T5952] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 46.317421][ T5953] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 46.318179][ T5947] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 46.319312][ T5947] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 46.319797][ T5952] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 46.331353][ T5947] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 46.334968][ T5947] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 46.338484][ T5958] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 46.345697][ T5295] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 46.352413][ T5295] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 46.591498][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 46.660464][ T5955] chnl_net:caif_netlink_parms(): no params data found [ 46.681009][ T5941] chnl_net:caif_netlink_parms(): no params data found [ 46.756625][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.759384][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.761833][ T5942] bridge_slave_0: entered allmulticast mode [ 46.765434][ T5942] bridge_slave_0: entered promiscuous mode [ 46.821003][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.824191][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.827351][ T5942] bridge_slave_1: entered allmulticast mode [ 46.831211][ T5942] bridge_slave_1: entered promiscuous mode [ 46.834798][ T5945] chnl_net:caif_netlink_parms(): no params data found [ 46.941827][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.056196][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.086786][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.089185][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.091517][ T5955] bridge_slave_0: entered allmulticast mode [ 47.095356][ T5955] bridge_slave_0: entered promiscuous mode [ 47.098261][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.101208][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.104326][ T5941] bridge_slave_0: entered allmulticast mode [ 47.108120][ T5941] bridge_slave_0: entered promiscuous mode [ 47.208127][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.211112][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.214518][ T5955] bridge_slave_1: entered allmulticast mode [ 47.218261][ T5955] bridge_slave_1: entered promiscuous mode [ 47.221699][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.224616][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.227439][ T5941] bridge_slave_1: entered allmulticast mode [ 47.230362][ T5941] bridge_slave_1: entered promiscuous mode [ 47.251017][ T5942] team0: Port device team_slave_0 added [ 47.254647][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.257369][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.259757][ T5945] bridge_slave_0: entered allmulticast mode [ 47.263183][ T5945] bridge_slave_0: entered promiscuous mode [ 47.298437][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.302862][ T5942] team0: Port device team_slave_1 added [ 47.305438][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.307825][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.310150][ T5945] bridge_slave_1: entered allmulticast mode [ 47.312933][ T5945] bridge_slave_1: entered promiscuous mode [ 47.331286][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.441921][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.470043][ T5941] team0: Port device team_slave_0 added [ 47.473137][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.475364][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.484007][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.489368][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.493729][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.499610][ T5941] team0: Port device team_slave_1 added [ 47.502274][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.505491][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.516190][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.522925][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.629469][ T5955] team0: Port device team_slave_0 added [ 47.631879][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.634441][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.644196][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.650783][ T5945] team0: Port device team_slave_0 added [ 47.654701][ T5955] team0: Port device team_slave_1 added [ 47.672159][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.674857][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.683373][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.688262][ T5945] team0: Port device team_slave_1 added [ 47.740254][ T5942] hsr_slave_0: entered promiscuous mode [ 47.744472][ T5942] hsr_slave_1: entered promiscuous mode [ 47.762373][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.765267][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.774586][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.779692][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.781778][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.789718][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.813714][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.815981][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.824339][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.829365][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.831569][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.839558][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.921574][ T5941] hsr_slave_0: entered promiscuous mode [ 47.927037][ T5941] hsr_slave_1: entered promiscuous mode [ 47.929182][ T5941] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.931594][ T5941] Cannot create hsr debugfs directory [ 48.006876][ T5955] hsr_slave_0: entered promiscuous mode [ 48.010053][ T5955] hsr_slave_1: entered promiscuous mode [ 48.015752][ T5955] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 48.018985][ T5955] Cannot create hsr debugfs directory [ 48.025954][ T5945] hsr_slave_0: entered promiscuous mode [ 48.028849][ T5945] hsr_slave_1: entered promiscuous mode [ 48.031372][ T5945] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 48.034158][ T5945] Cannot create hsr debugfs directory [ 48.336969][ T5942] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 48.342682][ T5942] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 48.347275][ T5942] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 48.357290][ T5942] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 48.381934][ T5941] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 48.383066][ T5949] Bluetooth: hci3: command tx timeout [ 48.384126][ T5295] Bluetooth: hci2: command tx timeout [ 48.384249][ T5295] Bluetooth: hci1: command tx timeout [ 48.384985][ T5947] Bluetooth: hci0: command tx timeout [ 48.397503][ T5941] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 48.409346][ T5941] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 48.425293][ T5941] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 48.455897][ T5945] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 48.460178][ T5945] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 48.464783][ T5945] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 48.469386][ T5945] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 48.524049][ T5955] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 48.531908][ T5955] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 48.541450][ T5955] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 48.549242][ T5955] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 48.589161][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.609840][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.630067][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.655132][ T96] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.657625][ T96] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.670905][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.674712][ T5941] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.677715][ T96] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.680134][ T96] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.695548][ T65] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.697821][ T65] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.718847][ T65] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.721926][ T65] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.727992][ T5945] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.733619][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.743719][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.746685][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.767720][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.770051][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.794417][ T5955] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.809761][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.812111][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.827482][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.829935][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.926563][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.958112][ T5942] veth0_vlan: entered promiscuous mode [ 48.971052][ T5942] veth1_vlan: entered promiscuous mode [ 48.981415][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.013908][ T5942] veth0_macvtap: entered promiscuous mode [ 49.034033][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.036751][ T5942] veth1_macvtap: entered promiscuous mode [ 49.042929][ T5941] veth0_vlan: entered promiscuous mode [ 49.055645][ T5941] veth1_vlan: entered promiscuous mode [ 49.060019][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.069581][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.078422][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.083442][ T5942] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.086296][ T5942] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.089047][ T5942] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.091761][ T5942] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.144139][ T5941] veth0_macvtap: entered promiscuous mode [ 49.150514][ T5945] veth0_vlan: entered promiscuous mode [ 49.155301][ T5955] veth0_vlan: entered promiscuous mode [ 49.161128][ T5941] veth1_macvtap: entered promiscuous mode [ 49.170874][ T5945] veth1_vlan: entered promiscuous mode [ 49.188042][ T5955] veth1_vlan: entered promiscuous mode [ 49.193707][ T1247] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.196665][ T1247] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.199682][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.203937][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.208737][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.225709][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.228992][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.233382][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.239783][ T5941] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.242826][ T5941] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.245576][ T5941] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.248332][ T5941] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.261481][ T5945] veth0_macvtap: entered promiscuous mode [ 49.266156][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.269134][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.274173][ T5945] veth1_macvtap: entered promiscuous mode [ 49.286388][ T5955] veth0_macvtap: entered promiscuous mode [ 49.290797][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.294264][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.297288][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.300540][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.305330][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.313837][ T5955] veth1_macvtap: entered promiscuous mode [ 49.316785][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.318990][ T5942] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 49.320556][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.328430][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.331682][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.335844][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.344936][ T5945] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.347875][ T5945] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.350668][ T5945] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.354036][ T5945] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.375159][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.377576][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.384863][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.388346][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.391605][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.395557][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.398769][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.402236][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.406922][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.418319][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.422244][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.422315][ T6007] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1'. [ 49.427673][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.434186][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.437447][ T5955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.441322][ T5955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.445892][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.457305][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.459035][ T5955] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.460499][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.463960][ T5955] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.470249][ T5955] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.473459][ T5955] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.505246][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.507831][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.559754][ T96] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.563696][ T96] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.573071][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.576730][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.611967][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.620793][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.472809][ T5949] Bluetooth: hci3: command tx timeout [ 50.473510][ T5958] Bluetooth: hci2: command tx timeout [ 50.473632][ T5947] Bluetooth: hci0: command tx timeout [ 50.475185][ T5295] Bluetooth: hci1: command tx timeout [ 50.482660][ T66] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 50.652766][ T66] usb 5-1: Using ep0 maxpacket: 32 [ 50.656472][ T66] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 50.664567][ T66] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 50.667732][ T66] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 50.670339][ T66] usb 5-1: Product: syz [ 50.675182][ T66] usb 5-1: Manufacturer: syz [ 50.680216][ T66] usb 5-1: SerialNumber: syz [ 50.686109][ T66] usb 5-1: config 0 descriptor?? [ 50.691760][ T6060] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 50.969483][ T835] usb 5-1: USB disconnect, device number 2 [ 51.527335][ T6102] Invalid source name [ 51.528764][ T6102] UBIFS error (pid: 6102): cannot open "./file0", error -22 [ 51.725670][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.732557][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 51.735232][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.739072][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.743931][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 52.543776][ T5295] Bluetooth: hci1: command tx timeout [ 52.543828][ T5958] Bluetooth: hci3: command tx timeout [ 52.554037][ T5958] Bluetooth: hci0: command tx timeout [ 52.555687][ T5958] Bluetooth: hci2: command tx timeout [ 52.827887][ T6139] syz.0.53 uses obsolete (PF_INET,SOCK_PACKET) [ 53.091369][ T6161] Bluetooth: MGMT ver 1.23 [ 54.107260][ T6184] IPv4: Oversized IP packet from 127.202.26.0 [ 54.358876][ T6195] capability: warning: `syz.1.73' uses deprecated v2 capabilities in a way that may be insecure [ 54.554664][ T9] hid-generic 00A0:0008:0003.0002: unknown main item tag 0x0 [ 54.554694][ T9] hid-generic 00A0:0008:0003.0002: unknown main item tag 0x0 [ 54.554706][ T9] hid-generic 00A0:0008:0003.0002: unknown main item tag 0x0 [ 54.554716][ T9] hid-generic 00A0:0008:0003.0002: unknown main item tag 0x0 [ 54.554739][ T9] hid-generic 00A0:0008:0003.0002: unknown main item tag 0x0 [ 54.554750][ T9] hid-generic 00A0:0008:0003.0002: unknown main item tag 0x0 [ 54.554764][ T9] hid-generic 00A0:0008:0003.0002: unknown main item tag 0x0 [ 54.554775][ T9] hid-generic 00A0:0008:0003.0002: unknown main item tag 0x0 [ 54.554786][ T9] hid-generic 00A0:0008:0003.0002: unknown main item tag 0x0 [ 54.554796][ T9] hid-generic 00A0:0008:0003.0002: unknown main item tag 0x0 [ 54.554807][ T9] hid-generic 00A0:0008:0003.0002: unknown main item tag 0x0 [ 54.554818][ T9] hid-generic 00A0:0008:0003.0002: unknown main item tag 0x0 [ 54.554828][ T9] hid-generic 00A0:0008:0003.0002: unknown main item tag 0x0 [ 54.557051][ T9] hid-generic 00A0:0008:0003.0002: hidraw1: HID v0.05 Device [syz1] on syz0 [ 54.623739][ T5295] Bluetooth: hci2: command tx timeout [ 54.623764][ T5295] Bluetooth: hci1: command tx timeout [ 54.623811][ T5295] Bluetooth: hci0: command tx timeout [ 54.623826][ T5295] Bluetooth: hci3: command tx timeout [ 55.205378][ T6252] mmap: syz.0.95 (6252) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 55.349078][ T6256] nbd: device at index 2 is going down [ 55.622838][ T1323] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 55.784732][ T1323] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 55.789052][ T1323] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 55.792752][ T1323] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 55.796186][ T1323] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.801446][ T6258] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 55.806848][ T1323] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 56.009939][ T9] usb 7-1: USB disconnect, device number 2 [ 56.071883][ T6279] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 56.103254][ T6283] netlink: 4 bytes leftover after parsing attributes in process `syz.1.108'. [ 56.193984][ T6005] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 56.374394][ T6005] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 56.379159][ T6005] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 56.383973][ T6005] usb 8-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 56.387866][ T6005] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.393903][ T6005] usb 8-1: config 0 descriptor?? [ 56.469844][ T6299] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 56.575615][ T24] kernel write not supported for file [eventfd] (pid: 24 comm: kworker/2:0) [ 56.745511][ T40] audit: type=1326 audit(1746729039.180:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6309 comm="syz.2.118" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x0 [ 56.801631][ T6005] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0 [ 56.805023][ T6005] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0 [ 56.809058][ T6005] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/0003:0D8C:0022.0003/input/input7 [ 56.817932][ T6005] cm6533_jd 0003:0D8C:0022.0003: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0 [ 57.001382][ T9] usb 8-1: USB disconnect, device number 2 [ 57.382556][ T6005] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 57.532635][ T6005] usb 5-1: Using ep0 maxpacket: 8 [ 57.536941][ T6005] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 57.540604][ T6005] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 57.543736][ T6005] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.547730][ T6005] usb 5-1: config 0 descriptor?? [ 57.564226][ T6332] input: syz0 as /devices/virtual/input/input8 [ 57.708323][ T6351] process 'syz.3.133' launched './file0' with NULL argv: empty string added [ 57.755849][ T6358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.135'. [ 57.760307][ T6005] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 58.053356][ T6398] netlink: 'syz.2.147': attribute type 1 has an invalid length. [ 58.055962][ T6398] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.147'. [ 58.187473][ T6413] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 58.205349][ T6416] netlink: 6 bytes leftover after parsing attributes in process `syz.3.151'. [ 58.211685][ T6416] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 58.555692][ T40] audit: type=1326 audit(1746729040.990:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6444 comm="syz.3.164" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x0 [ 58.802579][ T1468] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 58.956380][ T1468] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 58.960112][ T1468] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 58.964335][ T1468] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 58.967304][ T1468] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 58.972810][ T6452] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 58.976530][ T1468] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 59.181122][ T5984] usb 7-1: USB disconnect, device number 3 [ 59.662636][ T9] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 59.665624][ T9] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 59.674127][ T5958] Bluetooth: hci0: command 0x0c1a tx timeout [ 59.674172][ T5984] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 59.804833][ T6523] netlink: 12 bytes leftover after parsing attributes in process `syz.3.195'. [ 59.829963][ T6523] bond2: entered promiscuous mode [ 59.831699][ T6523] bond2: entered allmulticast mode [ 59.834166][ T6523] 8021q: adding VLAN 0 to HW filter on device bond2 [ 59.834910][ T5984] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 59.840652][ T5984] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 59.843929][ T5984] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 59.848177][ T5984] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 59.851151][ T5984] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.854872][ T5984] usb 6-1: config 0 descriptor?? [ 59.890222][ T6523] bond2 (unregistering): Released all slaves [ 60.149890][ T6008] usb 5-1: USB disconnect, device number 3 [ 60.198363][ T6545] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 60.263752][ T5984] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving [ 60.268632][ T5984] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 60.306162][ T6559] usb usb8: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 60.337980][ T6565] ======================================================= [ 60.337980][ T6565] WARNING: The mand mount option has been deprecated and [ 60.337980][ T6565] and is ignored by this kernel. Remove the mand [ 60.337980][ T6565] option from the mount to silence this warning. [ 60.337980][ T6565] ======================================================= [ 60.879044][ T6619] tls_set_device_offload_rx: netdev not found [ 61.102590][ T1468] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 61.259946][ T1468] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 61.264609][ T1468] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 61.267931][ T1468] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 61.270817][ T1468] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 61.279016][ T1468] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 61.285934][ T1468] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 61.288935][ T1468] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 61.291497][ T1468] usb 8-1: Product: syz [ 61.294106][ T1468] usb 8-1: Manufacturer: syz [ 61.303380][ T1468] cdc_wdm 8-1:1.0: skipping garbage [ 61.305766][ T1468] cdc_wdm 8-1:1.0: skipping garbage [ 61.309436][ T1468] cdc_wdm 8-1:1.0: cdc-wdm1: USB WDM device [ 61.311391][ T1468] cdc_wdm 8-1:1.0: Unknown control protocol [ 61.342943][ T5958] Bluetooth: hci1: unexpected event for opcode 0x042e [ 61.463835][ T6655] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 61.707732][ T6671] input: syz0 as /devices/virtual/input/input9 [ 61.742554][ T9] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 61.744612][ T9] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 62.356122][ T5986] usb 6-1: USB disconnect, device number 2 [ 62.482579][ T5986] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 62.644763][ T5986] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 62.648427][ T5986] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 62.652890][ T5986] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 62.655825][ T5986] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 62.680585][ T6693] netlink: 156 bytes leftover after parsing attributes in process `syz.0.264'. [ 62.864822][ T5986] usb 6-1: usb_control_msg returned -32 [ 62.866830][ T5986] usbtmc 6-1:16.0: can't read capabilities [ 63.824399][ T9] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 63.826455][ T9] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 63.829481][ T5958] Bluetooth: hci2: command 0x0c1a tx timeout [ 63.881886][ T24] usb 8-1: USB disconnect, device number 3 [ 64.066631][ T6743] netlink: 'syz.2.284': attribute type 13 has an invalid length. [ 64.111085][ T6743] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.114260][ T6743] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.168031][ T6743] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 64.178872][ T6743] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 64.225031][ T6743] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.228088][ T6743] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.230976][ T6743] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.233981][ T6743] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.256407][ T6751] block nbd3: shutting down sockets [ 64.296264][ T6753] pim6reg1: entered promiscuous mode [ 64.298056][ T6753] pim6reg1: entered allmulticast mode [ 65.042942][ T24] usb 6-1: USB disconnect, device number 3 [ 65.085941][ T6781] usb usb8: usbfs: process 6781 (syz.1.299) did not claim interface 0 before use [ 65.292355][ T40] audit: type=1326 audit(1746729047.720:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6799 comm="syz.0.307" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x0 [ 65.902628][ T5958] Bluetooth: hci3: command 0x0c1a tx timeout [ 65.902980][ T9] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 65.907567][ T9] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 66.083410][ T6840] block nbd1: NBD_DISCONNECT [ 66.085708][ T6840] block nbd1: Disconnected due to user request. [ 66.088556][ T6840] block nbd1: shutting down sockets [ 66.156396][ T6847] 9pnet: p9_errstr2errno: server reported unknown error í 1 [ 79.150055][ T5295] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 79.153892][ T5295] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 79.157677][ T5295] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 79.161860][ T5295] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.168494][ T5958] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 79.171131][ T5958] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 79.175257][ T5958] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 79.178176][ T5958] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 79.181355][ T5958] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.209967][ T7358] trusted_key: syz.0.544 sent an empty control message without MSG_MORE. [ 79.262669][ T835] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 79.331464][ T7355] chnl_net:caif_netlink_parms(): no params data found [ 79.437694][ T835] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 79.442086][ T835] usb 6-1: config 0 has no interfaces? [ 79.447046][ T835] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 79.448621][ T7355] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.451015][ T835] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 79.454451][ T7355] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.457637][ T835] usb 6-1: Product: syz [ 79.460885][ T7355] bridge_slave_0: entered allmulticast mode [ 79.462110][ T7355] bridge_slave_0: entered promiscuous mode [ 79.462462][ T835] usb 6-1: Manufacturer: syz [ 79.467207][ T7355] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.469658][ T835] usb 6-1: config 0 descriptor?? [ 79.471621][ T7355] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.476415][ T7355] bridge_slave_1: entered allmulticast mode [ 79.480156][ T7355] bridge_slave_1: entered promiscuous mode [ 79.515953][ T7355] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.521013][ T7355] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.574956][ T7355] team0: Port device team_slave_0 added [ 79.578453][ T7355] team0: Port device team_slave_1 added [ 79.627591][ T7355] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.630636][ T7355] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.642595][ T7355] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.649027][ T7355] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.652096][ T7355] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.662279][ T7355] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.678770][ T24] usb 6-1: USB disconnect, device number 7 [ 79.709490][ T7355] hsr_slave_0: entered promiscuous mode [ 79.712244][ T7355] hsr_slave_1: entered promiscuous mode [ 79.714644][ T7355] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 79.717430][ T7355] Cannot create hsr debugfs directory [ 79.722703][ T835] usb 8-1: new full-speed USB device number 5 using dummy_hcd [ 79.870435][ T7355] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 79.874875][ T7355] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 79.879129][ T7355] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 79.885197][ T835] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 79.889589][ T835] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 79.895404][ T835] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 79.898954][ T835] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.909263][ T7355] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 79.949638][ T7355] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.960620][ T7355] 8021q: adding VLAN 0 to HW filter on device team0 [ 79.966779][ T1169] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.969966][ T1169] bridge0: port 1(bridge_slave_0) entered forwarding state [ 79.980048][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.983417][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.096678][ T7355] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.108646][ T835] usb 8-1: usb_control_msg returned -32 [ 80.110634][ T835] usbtmc 8-1:16.0: can't read capabilities [ 80.249263][ T7355] veth0_vlan: entered promiscuous mode [ 80.257092][ T7355] veth1_vlan: entered promiscuous mode [ 80.275502][ T7355] veth0_macvtap: entered promiscuous mode [ 80.279860][ T7355] veth1_macvtap: entered promiscuous mode [ 80.288215][ T7355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.292414][ T7355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.295837][ T7355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.299217][ T7355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.302778][ T7355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.307431][ T7355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.314745][ T7355] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.321497][ T7355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.326919][ T7355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.331107][ T7355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.336180][ T7355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.338451][ T7416] netlink: 'syz.0.560': attribute type 4 has an invalid length. [ 80.340008][ T7355] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.346587][ T7355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.351118][ T7355] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.356867][ T7416] netlink: 'syz.0.560': attribute type 4 has an invalid length. [ 80.358446][ T7355] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.362967][ T7355] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.366953][ T7355] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.370720][ T7355] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.415181][ T7355] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: macsec1 [ 80.419690][ T7355] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.426777][ T96] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.429419][ T96] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.440940][ T1247] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.444800][ T1247] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.457294][ T7428] netlink: 40 bytes leftover after parsing attributes in process `syz.0.565'. [ 80.461964][ T7428] netlink: 40 bytes leftover after parsing attributes in process `syz.0.565'. [ 80.466109][ T7428] Zero length message leads to an empty skb [ 80.635672][ T7440] hub 1-0:1.0: USB hub found [ 80.637378][ T7440] hub 1-0:1.0: 2 ports detected [ 80.678295][ T7444] serio: Serial port ptm0 [ 80.764506][ T7452] usb 8-1: USB disconnect, device number 5 [ 80.765007][ T7454] Bluetooth: hci0: too big key_count value 21773 [ 81.106439][ T29] cfg80211: failed to load regulatory.db [ 81.112979][ T66] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 81.252631][ T5986] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 81.273873][ T5295] Bluetooth: hci3: command tx timeout [ 81.283606][ T66] usb 9-1: Using ep0 maxpacket: 16 [ 81.287010][ T66] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 81.293649][ T66] usb 9-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 81.297148][ T66] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 81.299921][ T66] usb 9-1: Product: syz [ 81.301394][ T66] usb 9-1: Manufacturer: syz [ 81.303187][ T66] usb 9-1: SerialNumber: syz [ 81.307645][ T66] usb 9-1: config 0 descriptor?? [ 81.310548][ T66] hub 9-1:0.0: bad descriptor, ignoring hub [ 81.312671][ T66] hub 9-1:0.0: probe with driver hub failed with error -5 [ 81.316912][ T66] input: syz syz as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input10 [ 81.356748][ T7474] serio: Serial port ptm1 [ 81.428109][ T5986] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 81.432316][ T5986] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 81.436482][ T5986] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 81.440324][ T5986] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 81.446430][ T5986] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 81.449567][ T5986] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.454709][ T5986] usb 5-1: config 0 descriptor?? [ 81.457377][ T7467] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 81.867330][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.870780][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.874324][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.877648][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.880931][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.884521][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.887735][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.891039][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.894928][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.898218][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.901460][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.904925][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.908165][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.911432][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.914913][ T5986] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 81.920460][ T5986] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving [ 81.925901][ T5986] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 82.053001][ T7430] usb 9-1: USB disconnect, device number 2 [ 82.126581][ T5986] usb 5-1: USB disconnect, device number 8 [ 83.342847][ T5295] Bluetooth: hci3: command tx timeout [ 84.457367][ T7562] netlink: 12 bytes leftover after parsing attributes in process `syz.0.618'. [ 84.482752][ T7562] 8021q: adding VLAN 0 to HW filter on device bond1 [ 84.512441][ T7562] 8021q: adding VLAN 0 to HW filter on device bond1 [ 84.516055][ T7562] bond1: (slave vcan1): The slave device specified does not support setting the MAC address [ 84.521978][ T7562] bond1: (slave vcan1): Error -95 calling set_mac_address [ 84.709468][ T7575] netlink: 80 bytes leftover after parsing attributes in process `syz.4.621'. [ 84.717111][ T7575] netlink: 80 bytes leftover after parsing attributes in process `syz.4.621'. [ 85.121413][ T7604] usb usb8: usbfs: process 7604 (syz.0.634) did not claim interface 0 before use [ 85.195582][ T7606] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 85.423247][ T5295] Bluetooth: hci3: command tx timeout [ 85.908414][ T7651] syz.3.653 (7651) used greatest stack depth: 18280 bytes left [ 85.944281][ T7657] input: syz0 as /devices/virtual/input/input11 [ 86.361462][ T7681] netlink: 'syz.0.665': attribute type 12 has an invalid length. [ 86.364369][ T7681] netlink: 'syz.0.665': attribute type 29 has an invalid length. [ 86.367136][ T7681] netlink: 148 bytes leftover after parsing attributes in process `syz.0.665'. [ 86.370176][ T7681] netlink: 'syz.0.665': attribute type 1 has an invalid length. [ 86.373086][ T7681] netlink: 47 bytes leftover after parsing attributes in process `syz.0.665'. [ 87.365529][ T7765] netlink: 6 bytes leftover after parsing attributes in process `syz.1.705'. [ 87.370594][ T7765] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 87.512925][ T5295] Bluetooth: hci3: command tx timeout [ 87.519617][ T7780] input: syz0 as /devices/virtual/input/input12 [ 87.676097][ T7796] 9pnet: p9_errstr2errno: server reported unknown error í 1 [ 96.357290][ T5958] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 96.360389][ T5958] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 96.364681][ T5958] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 96.367375][ T5958] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 96.373759][ T5295] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 96.377587][ T5295] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 96.380266][ T5295] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 96.385988][ T5295] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 96.389453][ T5295] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 96.396042][ T85] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.462540][ T5986] usb 6-1: USB disconnect, device number 9 [ 96.566129][ T8170] chnl_net:caif_netlink_parms(): no params data found [ 96.621304][ T85] bridge_slave_1: left allmulticast mode [ 96.623979][ T85] bridge_slave_1: left promiscuous mode [ 96.627664][ T85] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.639323][ T85] bridge_slave_0: left allmulticast mode [ 96.641823][ T85] bridge_slave_0: left promiscuous mode [ 96.644782][ T85] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.959646][ T85] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 96.965303][ T85] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 96.971006][ T85] bond0 (unregistering): Released all slaves [ 96.978108][ T85] bond1 (unregistering): Released all slaves [ 97.041198][ T8170] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.044594][ T8170] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.047822][ T8170] bridge_slave_0: entered allmulticast mode [ 97.051933][ T8170] bridge_slave_0: entered promiscuous mode [ 97.058714][ T8170] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.062012][ T8170] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.065370][ T8170] bridge_slave_1: entered allmulticast mode [ 97.069205][ T8170] bridge_slave_1: entered promiscuous mode [ 97.158159][ T8170] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.164404][ T8170] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.203331][ T8170] team0: Port device team_slave_0 added [ 97.209403][ T8170] team0: Port device team_slave_1 added [ 97.216934][ T8211] input: syz1 as /devices/virtual/input/input14 [ 97.259581][ T8170] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.262045][ T8170] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.274686][ T8170] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.287527][ T85] batman_adv: batadv0: Interface deactivated: macsec1 [ 97.290423][ T85] mac80211_hwsim hwsim6 wlan0 (unregistering): left allmulticast mode [ 97.301744][ T85] batman_adv: batadv0: Removing interface: macsec1 [ 97.325628][ T8170] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.328781][ T8170] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.339475][ T8170] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.371665][ T85] hsr_slave_0: left promiscuous mode [ 97.374852][ T85] hsr_slave_1: left promiscuous mode [ 97.377695][ T85] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 97.380215][ T85] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 97.382792][ T29] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 97.386077][ T85] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 97.388771][ T85] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 97.412043][ T85] veth1_macvtap: left promiscuous mode [ 97.415034][ T85] veth0_macvtap: left promiscuous mode [ 97.417610][ T85] veth1_vlan: left promiscuous mode [ 97.420142][ T85] veth0_vlan: left promiscuous mode [ 97.535632][ T29] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 97.542650][ T29] usb 9-1: config 0 has no interfaces? [ 97.554677][ T29] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 97.559178][ T29] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 97.561773][ T29] usb 9-1: Product: syz [ 97.567198][ T29] usb 9-1: Manufacturer: syz [ 97.571411][ T29] usb 9-1: config 0 descriptor?? [ 97.787978][ T6062] usb 9-1: USB disconnect, device number 3 [ 98.020239][ T85] team0 (unregistering): Port device team_slave_1 removed [ 98.090018][ T85] team0 (unregistering): Port device team_slave_0 removed [ 98.462936][ T5295] Bluetooth: hci2: command tx timeout [ 98.765078][ T8170] hsr_slave_0: entered promiscuous mode [ 98.768336][ T8170] hsr_slave_1: entered promiscuous mode [ 98.771406][ T8170] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 98.775302][ T8170] Cannot create hsr debugfs directory [ 98.900102][ T8271] overlayfs: failed to verify upper root origin [ 98.972186][ T8170] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 98.979867][ T96] Bluetooth: hci4: Frame reassembly failed (-84) [ 98.981508][ T8170] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 98.990363][ T8170] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 98.998564][ T8170] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 99.067818][ T8170] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.084058][ T8170] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.089985][ T96] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.092379][ T96] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.098594][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.101075][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.251446][ T8170] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.409454][ T8170] veth0_vlan: entered promiscuous mode [ 99.418758][ T8170] veth1_vlan: entered promiscuous mode [ 99.451977][ T8170] veth0_macvtap: entered promiscuous mode [ 99.455816][ T8170] veth1_macvtap: entered promiscuous mode [ 99.464227][ T8170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.468144][ T8170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.472335][ T8170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.476058][ T8170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.479515][ T8170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.482955][ T8170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.487581][ T8170] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.493667][ T8170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.497277][ T8170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.500462][ T8170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.505110][ T8170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.508203][ T8170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.511500][ T8170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.515464][ T8170] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.521314][ T8170] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.524208][ T8170] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.527059][ T8170] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.529883][ T8170] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.556962][ T8170] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: macsec1 [ 99.560167][ T8170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.566345][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.569737][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.583254][ T85] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.586241][ T85] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.026500][ T8339] ubi0: attaching mtd0 [ 100.027566][ T8339] ubi0: scanning is finished [ 100.030874][ T8339] ubi0: empty MTD device detected [ 100.103671][ T8339] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 100.103686][ T8339] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 100.103695][ T8339] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 100.103704][ T8339] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 100.103712][ T8339] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 100.103720][ T8339] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 100.103728][ T8339] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3887168976 [ 100.103737][ T8339] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 100.103795][ T8347] ubi0: background thread "ubi_bgt0d" started, PID 8347 [ 100.109781][ T8343] ubi0: detaching mtd0 [ 100.137953][ T8343] ubi0: mtd0 is detached [ 100.492620][ T58] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 100.542639][ T5958] Bluetooth: hci2: command tx timeout [ 100.652628][ T58] usb 10-1: Using ep0 maxpacket: 16 [ 100.656587][ T58] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 100.662289][ T58] usb 10-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 100.666396][ T58] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 100.669667][ T58] usb 10-1: Product: syz [ 100.671422][ T58] usb 10-1: Manufacturer: syz [ 100.673744][ T58] usb 10-1: SerialNumber: syz [ 100.677412][ T58] usb 10-1: config 0 descriptor?? [ 100.680546][ T58] hub 10-1:0.0: bad descriptor, ignoring hub [ 100.683280][ T58] hub 10-1:0.0: probe with driver hub failed with error -5 [ 100.687628][ T58] input: syz syz as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input15 [ 101.022691][ T5958] Bluetooth: hci4: command 0x1003 tx timeout [ 101.024955][ T5295] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 101.065679][ T24] usb 10-1: USB disconnect, device number 2 [ 101.201623][ T8384] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 101.839315][ T8417] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 101.839479][ T8417] IPv6: NLM_F_CREATE should be set when creating new route [ 101.882072][ T8421] usb 2-1: USB disconnect, device number 2 [ 101.885937][ T8419] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 101.938048][ T8421] hub 2-0:1.0: USB hub found [ 101.940451][ T8421] hub 2-0:1.0: 6 ports detected [ 101.971969][ T8424] overlay: filesystem on ./bus not supported [ 102.102592][ T24] usb 2-1: new high-speed USB device number 3 using ehci-pci [ 102.262617][ T7430] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 102.332579][ T24] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 102.335548][ T24] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 102.338163][ T24] usb 2-1: Product: QEMU USB Tablet [ 102.339882][ T24] usb 2-1: Manufacturer: QEMU [ 102.341463][ T24] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 102.367605][ T24] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0008/input/input16 [ 102.422686][ T7430] usb 6-1: Using ep0 maxpacket: 16 [ 102.428869][ T7430] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 102.434065][ T7430] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 102.436803][ T7430] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 102.439146][ T7430] usb 6-1: Product: syz [ 102.440456][ T7430] usb 6-1: Manufacturer: syz [ 102.441890][ T7430] usb 6-1: SerialNumber: syz [ 102.447624][ T7430] usb 6-1: config 0 descriptor?? [ 102.452114][ T7430] hub 6-1:0.0: bad descriptor, ignoring hub [ 102.455631][ T24] hid-generic 0003:0627:0001.0008: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 102.459636][ T7430] hub 6-1:0.0: probe with driver hub failed with error -5 [ 102.465482][ T7430] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input17 [ 102.622797][ T5295] Bluetooth: hci2: command tx timeout [ 102.833844][ T8468] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 102.912859][ T1323] usb 6-1: USB disconnect, device number 10 [ 103.328014][ T58] hid-generic 00A0:0008:0003.0009: unknown main item tag 0x0 [ 103.330454][ T58] hid-generic 00A0:0008:0003.0009: unknown main item tag 0x0 [ 103.333197][ T58] hid-generic 00A0:0008:0003.0009: unknown main item tag 0x0 [ 103.336442][ T58] hid-generic 00A0:0008:0003.0009: unknown main item tag 0x0 [ 103.339697][ T58] hid-generic 00A0:0008:0003.0009: unknown main item tag 0x0 [ 103.343133][ T58] hid-generic 00A0:0008:0003.0009: unknown main item tag 0x0 [ 103.346450][ T58] hid-generic 00A0:0008:0003.0009: unknown main item tag 0x0 [ 103.349896][ T58] hid-generic 00A0:0008:0003.0009: unknown main item tag 0x0 [ 103.353341][ T58] hid-generic 00A0:0008:0003.0009: unknown main item tag 0x0 [ 103.356462][ T58] hid-generic 00A0:0008:0003.0009: unknown main item tag 0x0 [ 103.359956][ T58] hid-generic 00A0:0008:0003.0009: unknown main item tag 0x0 [ 103.362705][ T58] hid-generic 00A0:0008:0003.0009: unknown main item tag 0x0 [ 103.365114][ T58] hid-generic 00A0:0008:0003.0009: unknown main item tag 0x0 [ 103.368287][ T58] hid-generic 00A0:0008:0003.0009: hidraw1: HID v0.05 Device [syz1] on syz0 [ 103.920311][ T8520] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 104.712773][ T5295] Bluetooth: hci2: command tx timeout [ 105.473193][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.509507][ T8565] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1008'. [ 105.518235][ T8568] ieee802154 phy0 wpan0: encryption failed: -22 [ 105.564236][ T8574] netlink: 'syz.0.1012': attribute type 13 has an invalid length. [ 105.689055][ T8574] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.692392][ T8574] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.794348][ T40] audit: type=1804 audit(1746729088.230:12): pid=8585 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1016" name="/newroot/37/file0/file0" dev="9p" ino=35913965 res=1 errno=0 [ 105.808133][ T8574] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 105.818886][ T8574] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 105.912639][ T8574] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.916546][ T8574] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.920509][ T8574] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.927579][ T8574] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.958095][ T8574] batman_adv: batadv0: Interface deactivated: macsec1 [ 105.960905][ T8574] mac80211_hwsim hwsim2 wlan0: left allmulticast mode [ 106.508392][ T8616] ieee802154 phy0 wpan0: encryption failed: -22 [ 106.522208][ T8618] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1037'. [ 107.432786][ T8628] netlink: 'syz.5.1033': attribute type 13 has an invalid length. [ 107.450661][ T8633] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1042'. [ 107.680632][ T8628] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.683475][ T8628] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.756206][ T8628] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 107.763857][ T8628] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 107.848561][ T8628] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.851478][ T8628] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.855215][ T8628] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 107.858191][ T8628] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.356933][ T8677] Invalid ELF header magic: != ELF [ 108.384521][ T8679] netlink: 'syz.4.1052': attribute type 13 has an invalid length. [ 108.601741][ T8679] bridge0: port 2(bridge_slave_1) entered disabled state [ 108.604485][ T8679] bridge0: port 1(bridge_slave_0) entered disabled state [ 108.657377][ T8679] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 108.665759][ T8679] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 108.779070][ T8679] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.782005][ T8679] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.785240][ T8679] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.788150][ T8679] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.941516][ T8711] netlink: 'syz.1.1063': attribute type 13 has an invalid length. [ 109.953435][ T8715] ubi0: attaching mtd0 [ 109.955632][ T8715] ubi0: scanning is finished [ 110.025427][ T8715] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 110.028008][ T8715] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 110.030399][ T8715] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 110.034699][ T8715] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 110.037277][ T8715] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 110.039633][ T8715] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 110.042334][ T8715] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3887168976 [ 110.046067][ T8715] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 110.049359][ T8720] ubi0: background thread "ubi_bgt0d" started, PID 8720 [ 110.049375][ T8717] ubi0: detaching mtd0 [ 110.056874][ T8717] ubi0: mtd0 is detached [ 110.236781][ T8711] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.239415][ T8711] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.366256][ T8711] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 110.377537][ T8711] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 110.489525][ T8711] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.493010][ T8711] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.496203][ T8711] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.499873][ T8711] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.645102][ T8734] ieee802154 phy0 wpan0: encryption failed: -22 [ 112.622707][ T5295] Bluetooth: hci2: command 0x0c1a tx timeout [ 112.622806][ T8713] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 112.942879][ T8713] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 112.951779][ T8713] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 113.902288][ T8754] ubi0: attaching mtd0 [ 113.905893][ T8754] ubi0: scanning is finished [ 114.005868][ T8754] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 114.009568][ T8754] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 114.012061][ T8754] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 114.016103][ T8754] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 114.019200][ T8754] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 114.021867][ T8754] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 114.025082][ T8754] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3887168976 [ 114.028943][ T8754] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 114.033157][ T8756] ubi0: background thread "ubi_bgt0d" started, PID 8756 [ 114.035504][ T8755] ubi0: detaching mtd0 [ 114.038202][ T8755] ubi0: mtd0 is detached [ 114.085668][ T8758] kvm: Disabled LAPIC found during irq injection [ 114.284665][ T8788] ubi0: attaching mtd0 [ 114.287305][ T8788] ubi0: scanning is finished [ 114.358948][ T8788] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 114.362600][ T8788] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 114.365725][ T8788] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 114.368641][ T8788] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 114.371790][ T8788] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 114.375075][ T8788] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 114.378957][ T8788] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3887168976 [ 114.383634][ T8788] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 114.388158][ T8789] ubi0: detaching mtd0 [ 114.390951][ T8792] ubi0: background thread "ubi_bgt0d" started, PID 8792 [ 114.402193][ T8789] ubi0: mtd0 is detached [ 114.631996][ T8806] loop6: detected capacity change from 0 to 524287999 [ 114.675626][ T8811] Illegal XDP return value 2884010939 on prog (id 177) dev syz_tun, expect packet loss! [ 114.708649][ T5295] Bluetooth: hci2: command 0x0c1a tx timeout [ 115.810735][ T8881] syzkaller1: entered promiscuous mode [ 115.812703][ T8881] syzkaller1: entered allmulticast mode [ 115.842844][ T8882] ieee802154 phy0 wpan0: encryption failed: -22 [ 116.040404][ T8898] overlayfs: invalid origin (0000007900ffffffffaaaaaaaaaabb0800450000300000000000011a0ee0000001ac1414aa0c003d270009000045f00006006700070b670002ffffffff640101) [ 116.152121][ T8904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1137'. [ 116.156469][ T8904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1137'. [ 116.392661][ T8922] netlink: 'syz.4.1143': attribute type 13 has an invalid length. [ 116.403327][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.406078][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.408922][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.411593][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.452638][ T8926] ieee802154 phy0 wpan0: encryption failed: -22 [ 116.784901][ T5295] Bluetooth: hci2: command 0x0c1a tx timeout [ 116.933264][ T8941] cdrom: dropping to single frame dma [ 117.937554][ T5295] Bluetooth: hci2: unexpected event for opcode 0x0c5b [ 117.964678][ T9016] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1180'. [ 117.967688][ T9016] netlink: 'syz.0.1180': attribute type 7 has an invalid length. [ 117.970227][ T9016] netlink: 'syz.0.1180': attribute type 8 has an invalid length. [ 117.973895][ T9016] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1180'. [ 117.994962][ T9019] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1183'. [ 118.127570][ T9012] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 118.220536][ T9038] netlink: 'syz.1.1192': attribute type 39 has an invalid length. [ 118.759472][ T9082] IPVS: Error connecting to the multicast addr [ 119.045176][ T9098] unknown channel width for channel at 909000KHz? [ 119.047482][ T9098] unknown channel width for channel at 909000KHz? [ 119.049585][ T9098] unknown channel width for channel at 909000KHz? [ 119.486420][ T5295] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 119.490163][ T5295] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 119.494419][ T5295] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 119.498263][ T5295] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 119.500973][ T5295] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 119.656631][ T13] bridge_slave_1: left allmulticast mode [ 119.658553][ T13] bridge_slave_1: left promiscuous mode [ 119.661333][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 119.665222][ T13] bridge_slave_0: left allmulticast mode [ 119.667103][ T13] bridge_slave_0: left promiscuous mode [ 119.669598][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 119.982113][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 119.985924][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 119.989205][ T13] bond0 (unregistering): Released all slaves [ 120.039144][ T9105] chnl_net:caif_netlink_parms(): no params data found [ 120.049566][ T9120] syzkaller1: entered promiscuous mode [ 120.051399][ T9120] syzkaller1: entered allmulticast mode [ 120.142719][ T5958] Bluetooth: hci2: command 0x0c1a tx timeout [ 120.156231][ T9105] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.158622][ T9105] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.161170][ T9105] bridge_slave_0: entered allmulticast mode [ 120.165798][ T9105] bridge_slave_0: entered promiscuous mode [ 120.169149][ T9105] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.172162][ T9105] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.174986][ T9105] bridge_slave_1: entered allmulticast mode [ 120.178263][ T9105] bridge_slave_1: entered promiscuous mode [ 120.237994][ T9105] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 120.245914][ T9105] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 120.325402][ T9105] team0: Port device team_slave_0 added [ 120.338328][ T9105] team0: Port device team_slave_1 added [ 120.358185][ T13] hsr_slave_0: left promiscuous mode [ 120.360626][ T13] hsr_slave_1: left promiscuous mode [ 120.363156][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 120.366840][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 120.986349][ T13] team0 (unregistering): Port device team_slave_1 removed [ 121.058559][ T13] team0 (unregistering): Port device team_slave_0 removed [ 121.435428][ T9165] block device autoloading is deprecated and will be removed. [ 121.450495][ T9165] syz.0.1238: attempt to access beyond end of device [ 121.450495][ T9165] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 121.592610][ T5958] Bluetooth: hci3: command tx timeout [ 121.601549][ T9105] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 121.603943][ T9105] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.612164][ T9105] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 121.616307][ T9155] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 121.618828][ T9105] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 121.623993][ T9105] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.632393][ T9105] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 121.664269][ T9177] kernel read not supported for file /!sel (pid: 9177 comm: syz.1.1243) [ 121.670226][ T40] audit: type=1800 audit(1746729104.100:13): pid=9177 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1243" name="!sel" dev="mqueue" ino=26351 res=0 errno=0 [ 121.691244][ T9105] hsr_slave_0: entered promiscuous mode [ 121.693760][ T9105] hsr_slave_1: entered promiscuous mode [ 121.696034][ T9105] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 121.698728][ T9105] Cannot create hsr debugfs directory [ 122.240789][ T9105] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 122.254902][ T9105] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 122.261214][ T9105] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 122.267621][ T9105] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 122.329598][ T9105] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.350301][ T9105] 8021q: adding VLAN 0 to HW filter on device team0 [ 122.357387][ T1136] bridge0: port 1(bridge_slave_0) entered blocking state [ 122.359819][ T1136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 122.366219][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.368752][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 122.487280][ T9105] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 122.534597][ T9196] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1248'. [ 122.646211][ T9105] veth0_vlan: entered promiscuous mode [ 122.651218][ T9105] veth1_vlan: entered promiscuous mode [ 122.664822][ T9203] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 122.673909][ T9105] veth0_macvtap: entered promiscuous mode [ 122.678511][ T9105] veth1_macvtap: entered promiscuous mode [ 122.687728][ T9105] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 122.694462][ T9105] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 122.699132][ T9105] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.702049][ T9105] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.705176][ T9105] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.708308][ T9105] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.750189][ T1169] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.755648][ T1169] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 122.769255][ T1169] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 122.771952][ T1169] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.044827][ T5958] Bluetooth: hci2: unexpected event for opcode 0x0c7d [ 123.052717][ T58] usb 9-1: new low-speed USB device number 4 using dummy_hcd [ 123.165831][ T9254] wireguard0: entered promiscuous mode [ 123.167825][ T9254] wireguard0: entered allmulticast mode [ 123.223994][ T58] usb 9-1: config 0 has an invalid interface number: 1 but max is 0 [ 123.227677][ T58] usb 9-1: config 0 has no interface number 0 [ 123.229726][ T58] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 123.233490][ T58] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 123.236972][ T58] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 123.239879][ T58] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.243570][ T58] usb 9-1: config 0 descriptor?? [ 123.250009][ T9227] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 123.254770][ T58] iowarrior 9-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 123.358002][ T6008] IPVS: starting estimator thread 0... [ 123.358266][ T9268] tipc: Started in network mode [ 123.361603][ T9268] tipc: Node identity ac1414aa, cluster identity 4711 [ 123.364730][ T9268] tipc: Enabled bearer , priority 10 [ 123.442755][ T9269] IPVS: using max 49 ests per chain, 117600 per kthread [ 123.456403][ T6008] usb 9-1: USB disconnect, device number 4 [ 123.662645][ T5958] Bluetooth: hci3: command tx timeout [ 124.364117][ T24] tipc: Node number set to 2886997162 [ 125.115695][ T9295] Invalid ELF header magic: != ELF [ 125.742562][ T5958] Bluetooth: hci3: command tx timeout [ 126.352596][ T66] usb 10-1: new high-speed USB device number 4 using dummy_hcd [ 126.514320][ T66] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 126.519408][ T66] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 126.523783][ T66] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 126.527903][ T66] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.534188][ T9341] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 126.538570][ T66] usb 10-1: Quirk or no altset; falling back to MIDI 1.0 [ 126.618017][ T9350] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1310'. [ 126.622000][ T9350] netlink: 'syz.1.1310': attribute type 7 has an invalid length. [ 126.626225][ T9350] netlink: 'syz.1.1310': attribute type 8 has an invalid length. [ 126.629341][ T9350] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1310'. [ 126.636024][ T9350] erspan0: entered promiscuous mode [ 126.638299][ T9350] gretap0: entered promiscuous mode [ 126.650162][ T9350] erspan0: left promiscuous mode [ 126.686877][ T9350] gretap0: left promiscuous mode [ 126.748586][ T24] usb 10-1: USB disconnect, device number 4 [ 127.162804][ T66] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 127.198273][ T9367] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 127.201236][ T9367] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 127.203442][ T9367] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 127.207754][ T9367] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 127.338334][ T66] usb 6-1: Using ep0 maxpacket: 16 [ 127.344272][ T66] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 127.349048][ T66] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 127.354867][ T66] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 127.359083][ T66] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.366044][ T66] usb 6-1: config 0 descriptor?? [ 127.492571][ T6003] usb 9-1: new low-speed USB device number 5 using dummy_hcd [ 127.534860][ T1169] bridge_slave_1: left allmulticast mode [ 127.536642][ T1169] bridge_slave_1: left promiscuous mode [ 127.538452][ T1169] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.541844][ T1169] bridge_slave_0: left allmulticast mode [ 127.543659][ T1169] bridge_slave_0: left promiscuous mode [ 127.545425][ T1169] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.643799][ T6003] usb 9-1: config 0 has an invalid interface number: 55 but max is 0 [ 127.646477][ T6003] usb 9-1: config 0 has no interface number 0 [ 127.648489][ T6003] usb 9-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 127.651957][ T6003] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 127.662587][ T6003] usb 9-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 127.667583][ T6003] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 127.672294][ T6003] usb 9-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 127.692986][ T6003] usb 9-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 127.698574][ T6003] usb 9-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 127.702461][ T6003] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.712898][ T6003] usb 9-1: config 0 descriptor?? [ 127.722837][ T9370] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 127.725243][ T9370] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 127.732767][ T6003] ldusb 9-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 127.775296][ T66] HID 045e:07da: Invalid code 65791 type 1 [ 127.779554][ T66] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:045E:07DA.000A/input/input20 [ 127.788263][ T66] microsoft 0003:045E:07DA.000A: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0 [ 127.956218][ T6008] usb 9-1: USB disconnect, device number 5 [ 127.963135][ T6008] ldusb 9-1:0.55: LD USB Device #0 now disconnected [ 127.979143][ T1169] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 127.983547][ C3] [ 127.984404][ C3] ======================================================== [ 127.986874][ C3] WARNING: possible irq lock inversion dependency detected [ 127.989533][ C3] 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 Not tainted [ 127.994160][ C3] -------------------------------------------------------- [ 127.996536][ C3] syz-executor/8170 just changed the state of lock: [ 127.998674][ C3] ffff88806362d230 (&dev->event_lock#2){..-.}-{3:3}, at: input_event+0x70/0xb0 [ 128.001628][ C3] but this lock took another, SOFTIRQ-READ-unsafe lock in the past: [ 128.004220][ C3] (tasklist_lock){.+.+}-{3:3} [ 128.004236][ C3] [ 128.004236][ C3] [ 128.004236][ C3] and interrupts could create inverse lock ordering between them. [ 128.004236][ C3] [ 128.010281][ C3] [ 128.010281][ C3] other info that might help us debug this: [ 128.012841][ C3] Chain exists of: [ 128.012841][ C3] &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock [ 128.012841][ C3] [ 128.017187][ C3] Possible interrupt unsafe locking scenario: [ 128.017187][ C3] [ 128.019896][ C3] CPU0 CPU1 [ 128.021655][ C3] ---- ---- [ 128.023424][ C3] lock(tasklist_lock); [ 128.024829][ C3] local_irq_disable(); [ 128.027015][ C3] lock(&dev->event_lock#2); [ 128.029396][ C3] lock(&client->buffer_lock); [ 128.031794][ C3] [ 128.033018][ C3] lock(&dev->event_lock#2); [ 128.034660][ C3] [ 128.034660][ C3] *** DEADLOCK *** [ 128.034660][ C3] [ 128.037310][ C3] 5 locks held by syz-executor/8170: [ 128.039035][ C3] #0: ffff888026246420 (sb_writers#5){.+.+}-{0:0}, at: filename_create+0x10e/0x4a0 [ 128.042095][ C3] #1: ffff8880214264c0 (&type->i_mutex_dir_key#5/1){+.+.}-{4:4}, at: filename_create+0x1bb/0x4a0 [ 128.045516][ C3] #2: ffffffff8ee255d0 (tomoyo_ss){.+.+}-{0:0}, at: tomoyo_path_number_perm+0x237/0x580 [ 128.048742][ C3] #3: ffffffff8e3bf440 (rcu_read_lock){....}-{1:3}, at: prepend_path+0xab/0xfb0 [ 128.051725][ C3] #4: ffffffff8e3bf440 (rcu_read_lock){....}-{1:3}, at: prepend_path+0x219/0xfb0 [ 128.054716][ C3] [ 128.054716][ C3] the shortest dependencies between 2nd lock and 1st lock: [ 128.057754][ C3] -> (tasklist_lock){.+.+}-{3:3} { [ 128.059580][ C3] HARDIRQ-ON-R at: [ 128.061011][ C3] lock_acquire+0x179/0x350 [ 128.063239][ C3] _raw_read_lock+0x5f/0x70 [ 128.065467][ C3] __do_wait+0x105/0x890 [ 128.067627][ C3] do_wait+0x21e/0x5a0 [ 128.069757][ C3] kernel_wait+0x9f/0x160 [ 128.071920][ C3] call_usermodehelper_exec_work+0xf1/0x170 [ 128.074571][ C3] process_one_work+0x9cc/0x1b70 [ 128.076968][ C3] worker_thread+0x6c8/0xf10 [ 128.079228][ C3] kthread+0x3c2/0x780 [ 128.081332][ C3] ret_from_fork+0x45/0x80 [ 128.083539][ C3] ret_from_fork_asm+0x1a/0x30 [ 128.085837][ C3] SOFTIRQ-ON-R at: [ 128.087269][ C3] lock_acquire+0x179/0x350 [ 128.089577][ C3] _raw_read_lock+0x5f/0x70 [ 128.091754][ C3] __do_wait+0x105/0x890 [ 128.093895][ C3] do_wait+0x21e/0x5a0 [ 128.095991][ C3] kernel_wait+0x9f/0x160 [ 128.098165][ C3] call_usermodehelper_exec_work+0xf1/0x170 [ 128.100847][ C3] process_one_work+0x9cc/0x1b70 [ 128.103272][ C3] worker_thread+0x6c8/0xf10 [ 128.105521][ C3] kthread+0x3c2/0x780 [ 128.107651][ C3] ret_from_fork+0x45/0x80 [ 128.109882][ C3] ret_from_fork_asm+0x1a/0x30 [ 128.112159][ C3] INITIAL USE at: [ 128.113566][ C3] lock_acquire+0x179/0x350 [ 128.115776][ C3] _raw_write_lock_irq+0x36/0x50 [ 128.118137][ C3] copy_process+0x3f09/0x91a0 [ 128.120403][ C3] kernel_clone+0xfc/0x960 [ 128.122523][ C3] user_mode_thread+0xc7/0x110 [ 128.124793][ C3] rest_init+0x23/0x2b0 [ 128.126904][ C3] start_kernel+0x3e9/0x4d0 [ 128.129129][ C3] x86_64_start_reservations+0x18/0x30 [ 128.131650][ C3] x86_64_start_kernel+0xb0/0xc0 [ 128.133999][ C3] common_startup_64+0x13e/0x148 [ 128.136436][ C3] INITIAL READ USE at: [ 128.138141][ C3] lock_acquire+0x179/0x350 [ 128.140570][ C3] _raw_read_lock+0x5f/0x70 [ 128.142965][ C3] __do_wait+0x105/0x890 [ 128.145272][ C3] do_wait+0x21e/0x5a0 [ 128.147626][ C3] kernel_wait+0x9f/0x160 [ 128.149969][ C3] call_usermodehelper_exec_work+0xf1/0x170 [ 128.152778][ C3] process_one_work+0x9cc/0x1b70 [ 128.155273][ C3] worker_thread+0x6c8/0xf10 [ 128.157682][ C3] kthread+0x3c2/0x780 [ 128.159910][ C3] ret_from_fork+0x45/0x80 [ 128.162194][ C3] ret_from_fork_asm+0x1a/0x30 [ 128.164644][ C3] } [ 128.165610][ C3] ... key at: [] tasklist_lock+0x18/0x40 [ 128.168264][ C3] ... acquired at: [ 128.169650][ C3] _raw_read_lock+0x5f/0x70 [ 128.171211][ C3] send_sigurg+0xed/0xc80 [ 128.172756][ C3] sk_send_sigurg+0x76/0x360 [ 128.174320][ C3] unix_stream_sendmsg+0xe77/0x1160 [ 128.176096][ C3] ____sys_sendmsg+0xa95/0xc70 [ 128.177746][ C3] ___sys_sendmsg+0x134/0x1d0 [ 128.179393][ C3] __sys_sendmmsg+0x2f9/0x420 [ 128.181001][ C3] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 128.182923][ C3] __do_fast_syscall_32+0x73/0x120 [ 128.184690][ C3] do_fast_syscall_32+0x32/0x80 [ 128.186396][ C3] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.188576][ C3] [ 128.189403][ C3] -> (&f_owner->lock){....}-{3:3} { [ 128.191214][ C3] INITIAL USE at: [ 128.192598][ C3] lock_acquire+0x179/0x350 [ 128.194731][ C3] _raw_write_lock_irq+0x36/0x50 [ 128.197072][ C3] __f_setown+0x61/0x3c0 [ 128.199145][ C3] generic_setlease+0xeef/0x1300 [ 128.201440][ C3] kernel_setlease+0x106/0x140 [ 128.203667][ C3] vfs_setlease+0x258/0x2d0 [ 128.205822][ C3] fcntl_setlease+0x3ed/0x5a0 [ 128.208057][ C3] do_fcntl+0x75a/0x1590 [ 128.210136][ C3] do_compat_fcntl64+0x370/0x700 [ 128.212441][ C3] __do_fast_syscall_32+0x73/0x120 [ 128.214812][ C3] do_fast_syscall_32+0x32/0x80 [ 128.217129][ C3] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.219871][ C3] INITIAL READ USE at: [ 128.221405][ C3] lock_acquire+0x179/0x350 [ 128.223708][ C3] _raw_read_lock_irqsave+0x74/0x90 [ 128.226217][ C3] send_sigio+0x31/0x3e0 [ 128.228461][ C3] dnotify_handle_event+0x15e/0x2b0 [ 128.230936][ C3] fsnotify_handle_inode_event.isra.0+0x1df/0x3f0 [ 128.233839][ C3] fsnotify+0x13d6/0x1dc0 [ 128.236069][ C3] vfs_mkdir+0x71d/0x8c0 [ 128.238265][ C3] do_mkdirat+0x304/0x3e0 [ 128.240440][ C3] __ia32_sys_mkdirat+0x82/0xb0 [ 128.242831][ C3] __do_fast_syscall_32+0x73/0x120 [ 128.245356][ C3] do_fast_syscall_32+0x32/0x80 [ 128.247810][ C3] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.250711][ C3] } [ 128.251653][ C3] ... key at: [] __key.1+0x0/0x40 [ 128.254047][ C3] ... acquired at: [ 128.255425][ C3] _raw_read_lock_irqsave+0x74/0x90 [ 128.257186][ C3] send_sigio+0x31/0x3e0 [ 128.258639][ C3] kill_fasync+0x214/0x510 [ 128.260186][ C3] sock_wake_async+0xf1/0x160 [ 128.261790][ C3] sk_send_sigurg+0x179/0x360 [ 128.263416][ C3] unix_stream_sendmsg+0xe77/0x1160 [ 128.265188][ C3] ____sys_sendmsg+0xa95/0xc70 [ 128.266850][ C3] ___sys_sendmsg+0x134/0x1d0 [ 128.268486][ C3] __sys_sendmmsg+0x2f9/0x420 [ 128.270101][ C3] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 128.272030][ C3] __do_fast_syscall_32+0x73/0x120 [ 128.273768][ C3] do_fast_syscall_32+0x32/0x80 [ 128.275438][ C3] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.277564][ C3] [ 128.278369][ C3] -> (&new->fa_lock){....}-{3:3} { [ 128.280128][ C3] INITIAL USE at: [ 128.281481][ C3] lock_acquire+0x179/0x350 [ 128.283586][ C3] _raw_write_lock_irq+0x36/0x50 [ 128.285807][ C3] fasync_remove_entry+0xb2/0x1e0 [ 128.288099][ C3] fasync_helper+0xaf/0xd0 [ 128.290186][ C3] lease_modify+0x232/0x500 [ 128.292287][ C3] locks_remove_file+0x29e/0x5b0 [ 128.294518][ C3] __fput+0x351/0xb70 [ 128.296435][ C3] task_work_run+0x14d/0x240 [ 128.298533][ C3] syscall_exit_to_user_mode+0x27b/0x2a0 [ 128.301014][ C3] __do_fast_syscall_32+0x80/0x120 [ 128.303312][ C3] do_fast_syscall_32+0x32/0x80 [ 128.305596][ C3] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.308326][ C3] INITIAL READ USE at: [ 128.309840][ C3] lock_acquire+0x179/0x350 [ 128.312071][ C3] _raw_read_lock_irqsave+0x74/0x90 [ 128.314524][ C3] kill_fasync+0x138/0x510 [ 128.316760][ C3] evdev_pass_values+0x619/0x9b0 [ 128.319174][ C3] evdev_events+0x1bb/0x390 [ 128.321413][ C3] input_pass_values+0x6c4/0x890 [ 128.323795][ C3] input_handle_event+0xf00/0x14d0 [ 128.326245][ C3] input_inject_event+0x1cd/0x390 [ 128.328710][ C3] evdev_write+0x2e1/0x440 [ 128.330919][ C3] vfs_write+0x25c/0x1180 [ 128.333102][ C3] ksys_write+0x205/0x240 [ 128.335279][ C3] __do_fast_syscall_32+0x73/0x120 [ 128.337733][ C3] do_fast_syscall_32+0x32/0x80 [ 128.340096][ C3] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.342897][ C3] } [ 128.343814][ C3] ... key at: [] __key.0+0x0/0x40 [ 128.346216][ C3] ... acquired at: [ 128.347577][ C3] _raw_read_lock_irqsave+0x74/0x90 [ 128.349369][ C3] kill_fasync+0x138/0x510 [ 128.350892][ C3] evdev_pass_values+0x619/0x9b0 [ 128.352585][ C3] evdev_events+0x1bb/0x390 [ 128.354138][ C3] input_pass_values+0x6c4/0x890 [ 128.355821][ C3] input_handle_event+0xf00/0x14d0 [ 128.357461][ C3] input_inject_event+0x1cd/0x390 [ 128.359172][ C3] evdev_write+0x2e1/0x440 [ 128.360709][ C3] vfs_write+0x25c/0x1180 [ 128.362207][ C3] ksys_write+0x205/0x240 [ 128.363724][ C3] __do_fast_syscall_32+0x73/0x120 [ 128.365458][ C3] do_fast_syscall_32+0x32/0x80 [ 128.367146][ C3] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.369291][ C3] [ 128.370106][ C3] -> (&client->buffer_lock){....}-{3:3} { [ 128.372038][ C3] INITIAL USE at: [ 128.373363][ C3] lock_acquire+0x179/0x350 [ 128.375413][ C3] _raw_spin_lock+0x2e/0x40 [ 128.377528][ C3] evdev_pass_values+0x10e/0x9b0 [ 128.379721][ C3] evdev_events+0x1bb/0x390 [ 128.381766][ C3] input_pass_values+0x6c4/0x890 [ 128.383946][ C3] input_handle_event+0xf00/0x14d0 [ 128.386181][ C3] input_inject_event+0x1cd/0x390 [ 128.388376][ C3] evdev_write+0x2e1/0x440 [ 128.390401][ C3] vfs_write+0x25c/0x1180 [ 128.392392][ C3] ksys_write+0x205/0x240 [ 128.394372][ C3] __do_fast_syscall_32+0x73/0x120 [ 128.396633][ C3] do_fast_syscall_32+0x32/0x80 [ 128.398803][ C3] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.401432][ C3] } [ 128.402314][ C3] ... key at: [] __key.1+0x0/0x40 [ 128.404667][ C3] ... acquired at: [ 128.405955][ C3] _raw_spin_lock+0x2e/0x40 [ 128.407584][ C3] evdev_pass_values+0x10e/0x9b0 [ 128.409282][ C3] evdev_events+0x1bb/0x390 [ 128.410841][ C3] input_pass_values+0x6c4/0x890 [ 128.412532][ C3] input_handle_event+0xf00/0x14d0 [ 128.414257][ C3] input_inject_event+0x1cd/0x390 [ 128.415976][ C3] evdev_write+0x2e1/0x440 [ 128.417568][ C3] vfs_write+0x25c/0x1180 [ 128.419070][ C3] ksys_write+0x205/0x240 [ 128.420594][ C3] __do_fast_syscall_32+0x73/0x120 [ 128.422323][ C3] do_fast_syscall_32+0x32/0x80 [ 128.423989][ C3] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.426113][ C3] [ 128.426953][ C3] -> (&dev->event_lock#2){..-.}-{3:3} { [ 128.428821][ C3] IN-SOFTIRQ-W at: [ 128.430153][ C3] lock_acquire+0x179/0x350 [ 128.432184][ C3] _raw_spin_lock_irqsave+0x3a/0x60 [ 128.434462][ C3] input_event+0x70/0xb0 [ 128.436416][ C3] hidinput_report_event+0xb2/0x100 [ 128.438655][ C3] hid_report_raw_event+0x268/0x1290 [ 128.440901][ C3] __hid_input_report.constprop.0+0x33f/0x450 [ 128.443444][ C3] hid_irq_in+0x35e/0x870 [ 128.445411][ C3] __usb_hcd_giveback_urb+0x38a/0x6e0 [ 128.447732][ C3] usb_hcd_giveback_urb+0x39b/0x450 [ 128.449962][ C3] dummy_timer+0x180e/0x3a20 [ 128.451999][ C3] __hrtimer_run_queues+0x1ff/0xad0 [ 128.454191][ C3] hrtimer_run_softirq+0x17d/0x350 [ 128.456394][ C3] handle_softirqs+0x216/0x8e0 [ 128.458497][ C3] __irq_exit_rcu+0x109/0x170 [ 128.460576][ C3] irq_exit_rcu+0x9/0x30 [ 128.462508][ C3] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 128.464768][ C3] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 128.466996][ C3] prepend_path+0x334/0xfb0 [ 128.469014][ C3] d_absolute_path+0xfe/0x1a0 [ 128.471087][ C3] tomoyo_realpath_from_path+0x355/0x6e0 [ 128.473468][ C3] tomoyo_path_number_perm+0x245/0x580 [ 128.475771][ C3] tomoyo_path_mkdir+0x9b/0xe0 [ 128.477875][ C3] security_path_mkdir+0x154/0x2f0 [ 128.480107][ C3] do_mkdirat+0x175/0x3e0 [ 128.482070][ C3] __ia32_sys_mkdirat+0x82/0xb0 [ 128.484187][ C3] __do_fast_syscall_32+0x73/0x120 [ 128.486385][ C3] do_fast_syscall_32+0x32/0x80 [ 128.488556][ C3] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.491139][ C3] INITIAL USE at: [ 128.492423][ C3] lock_acquire+0x179/0x350 [ 128.494416][ C3] _raw_spin_lock_irqsave+0x3a/0x60 [ 128.496638][ C3] input_inject_event+0x9f/0x390 [ 128.498753][ C3] led_set_brightness+0x214/0x290 [ 128.500923][ C3] kbd_led_trigger_activate+0xcb/0x110 [ 128.503222][ C3] led_trigger_set+0x597/0xc50 [ 128.505286][ C3] led_trigger_set_default+0x1bd/0x2a0 [ 128.507531][ C3] led_classdev_register_ext+0x7b8/0xa10 [ 128.509884][ C3] input_leds_connect+0x552/0x8e0 [ 128.512029][ C3] input_attach_handler.isra.0+0x181/0x260 [ 128.514413][ C3] input_register_device+0xa84/0x1130 [ 128.516661][ C3] atkbd_connect+0x5da/0xa20 [ 128.518674][ C3] serio_driver_probe+0x74/0xb0 [ 128.520774][ C3] really_probe+0x23e/0xa90 [ 128.522747][ C3] __driver_probe_device+0x1de/0x440 [ 128.524995][ C3] driver_probe_device+0x4c/0x1b0 [ 128.527153][ C3] __driver_attach+0x283/0x580 [ 128.529220][ C3] bus_for_each_dev+0x13b/0x1d0 [ 128.531337][ C3] serio_handle_event+0x247/0xa50 [ 128.533497][ C3] process_one_work+0x9cc/0x1b70 [ 128.535632][ C3] worker_thread+0x6c8/0xf10 [ 128.537652][ C3] kthread+0x3c2/0x780 [ 128.539446][ C3] ret_from_fork+0x45/0x80 [ 128.541352][ C3] ret_from_fork_asm+0x1a/0x30 [ 128.543333][ C3] } [ 128.544175][ C3] ... key at: [] __key.7+0x0/0x40 [ 128.546412][ C3] ... acquired at: [ 128.547718][ C3] __lock_acquire+0x9b9/0x1ba0 [ 128.549295][ C3] lock_acquire+0x179/0x350 [ 128.550812][ C3] _raw_spin_lock_irqsave+0x3a/0x60 [ 128.552538][ C3] input_event+0x70/0xb0 [ 128.554000][ C3] hidinput_report_event+0xb2/0x100 [ 128.555757][ C3] hid_report_raw_event+0x268/0x1290 [ 128.557524][ C3] __hid_input_report.constprop.0+0x33f/0x450 [ 128.559493][ C3] hid_irq_in+0x35e/0x870 [ 128.560913][ C3] __usb_hcd_giveback_urb+0x38a/0x6e0 [ 128.562672][ C3] usb_hcd_giveback_urb+0x39b/0x450 [ 128.564324][ C3] dummy_timer+0x180e/0x3a20 [ 128.565806][ C3] __hrtimer_run_queues+0x1ff/0xad0 [ 128.567526][ C3] hrtimer_run_softirq+0x17d/0x350 [ 128.569189][ C3] handle_softirqs+0x216/0x8e0 [ 128.570825][ C3] __irq_exit_rcu+0x109/0x170 [ 128.572427][ C3] irq_exit_rcu+0x9/0x30 [ 128.573895][ C3] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 128.575799][ C3] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 128.577825][ C3] prepend_path+0x334/0xfb0 [ 128.579350][ C3] d_absolute_path+0xfe/0x1a0 [ 128.580856][ C3] tomoyo_realpath_from_path+0x355/0x6e0 [ 128.582624][ C3] tomoyo_path_number_perm+0x245/0x580 [ 128.584350][ C3] tomoyo_path_mkdir+0x9b/0xe0 [ 128.585893][ C3] security_path_mkdir+0x154/0x2f0 [ 128.587531][ C3] do_mkdirat+0x175/0x3e0 [ 128.588974][ C3] __ia32_sys_mkdirat+0x82/0xb0 [ 128.590563][ C3] __do_fast_syscall_32+0x73/0x120 [ 128.592273][ C3] do_fast_syscall_32+0x32/0x80 [ 128.593866][ C3] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.595943][ C3] [ 128.596718][ C3] [ 128.596718][ C3] stack backtrace: [ 128.598584][ C3] CPU: 3 UID: 0 PID: 8170 Comm: syz-executor Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(full) [ 128.598598][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 128.598605][ C3] Call Trace: [ 128.598610][ C3] [ 128.598614][ C3] dump_stack_lvl+0x116/0x1f0 [ 128.598629][ C3] print_irq_inversion_bug.part.0+0x212/0x270 [ 128.598645][ C3] mark_lock+0x2e5/0x610 [ 128.598658][ C3] __lock_acquire+0x9b9/0x1ba0 [ 128.598671][ C3] ? do_raw_spin_lock+0x12c/0x2b0 [ 128.598686][ C3] lock_acquire+0x179/0x350 [ 128.598698][ C3] ? input_event+0x70/0xb0 [ 128.598712][ C3] ? __asan_memcpy+0x3c/0x60 [ 128.598721][ C3] _raw_spin_lock_irqsave+0x3a/0x60 [ 128.598733][ C3] ? input_event+0x70/0xb0 [ 128.598744][ C3] input_event+0x70/0xb0 [ 128.598756][ C3] hidinput_report_event+0xb2/0x100 [ 128.598768][ C3] hid_report_raw_event+0x268/0x1290 [ 128.598778][ C3] ? ww_mutex_lock+0x117/0x160 [ 128.598793][ C3] __hid_input_report.constprop.0+0x33f/0x450 [ 128.598805][ C3] hid_irq_in+0x35e/0x870 [ 128.598819][ C3] __usb_hcd_giveback_urb+0x38a/0x6e0 [ 128.598835][ C3] usb_hcd_giveback_urb+0x39b/0x450 [ 128.598850][ C3] dummy_timer+0x180e/0x3a20 [ 128.598866][ C3] ? __pfx_dummy_timer+0x10/0x10 [ 128.598875][ C3] ? __pfx_dummy_timer+0x10/0x10 [ 128.598883][ C3] ? mark_held_locks+0x49/0x80 [ 128.598895][ C3] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 128.598908][ C3] ? __pfx_dummy_timer+0x10/0x10 [ 128.598915][ C3] __hrtimer_run_queues+0x1ff/0xad0 [ 128.598933][ C3] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 128.598947][ C3] ? read_tsc+0x9/0x20 [ 128.598961][ C3] hrtimer_run_softirq+0x17d/0x350 [ 128.598977][ C3] handle_softirqs+0x216/0x8e0 [ 128.598988][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 128.599000][ C3] __irq_exit_rcu+0x109/0x170 [ 128.599010][ C3] irq_exit_rcu+0x9/0x30 [ 128.599020][ C3] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 128.599033][ C3] [ 128.599036][ C3] [ 128.599039][ C3] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 128.599050][ C3] RIP: 0010:prepend_path+0x334/0xfb0 [ 128.599063][ C3] Code: 75 08 48 c7 c7 48 67 01 8e e8 38 83 55 ff 9c 5b 81 e3 00 02 00 00 31 ff 48 89 de e8 56 87 78 ff 5a 48 85 db 0f 85 f3 0a 00 00 d7 8b 78 ff 48 8b 85 00 ff ff ff 0f b6 00 84 c0 74 08 3c 03 0f [ 128.599073][ C3] RSP: 0018:ffffc90003b478d0 EFLAGS: 00000293 [ 128.599083][ C3] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff824231de [ 128.599089][ C3] RDX: ffff88802581c880 RSI: ffffffff82421937 RDI: 0000000000000007 [ 128.599110][ C3] RBP: ffffc90003b479d8 R08: 0000000000000007 R09: 0000000000000000 [ 128.599118][ C3] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 128.599124][ C3] R13: ffffc90003b47da8 R14: 1ffff92000768f29 R15: dffffc0000000000 [ 128.599132][ C3] ? d_absolute_path+0xfe/0x1a0 [ 128.599143][ C3] ? prepend_path+0xb77/0xfb0 [ 128.599157][ C3] ? __pfx_prepend_path+0x10/0x10 [ 128.599169][ C3] d_absolute_path+0xfe/0x1a0 [ 128.599179][ C3] ? __pfx_d_absolute_path+0x10/0x10 [ 128.599191][ C3] ? trace_kmalloc+0x2b/0xd0 [ 128.599206][ C3] tomoyo_realpath_from_path+0x355/0x6e0 [ 128.599220][ C3] ? tomoyo_profile+0x47/0x60 [ 128.599235][ C3] tomoyo_path_number_perm+0x245/0x580 [ 128.599246][ C3] ? tomoyo_path_number_perm+0x237/0x580 [ 128.599258][ C3] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 128.599283][ C3] ? d_add+0x47a/0x780 [ 128.599306][ C3] ? do_raw_spin_unlock+0x172/0x230 [ 128.599320][ C3] ? current_check_access_path+0x33c/0x460 [ 128.599333][ C3] ? __pfx_current_check_access_path+0x10/0x10 [ 128.599345][ C3] ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160 [ 128.599358][ C3] ? lookup_dcache+0x66/0x170 [ 128.599370][ C3] tomoyo_path_mkdir+0x9b/0xe0 [ 128.599385][ C3] ? __pfx_tomoyo_path_mkdir+0x10/0x10 [ 128.599401][ C3] security_path_mkdir+0x154/0x2f0 [ 128.599414][ C3] do_mkdirat+0x175/0x3e0 [ 128.599423][ C3] ? __pfx_do_mkdirat+0x10/0x10 [ 128.599432][ C3] ? getname_flags.part.0+0x1c5/0x550 [ 128.599445][ C3] __ia32_sys_mkdirat+0x82/0xb0 [ 128.599455][ C3] __do_fast_syscall_32+0x73/0x120 [ 128.599469][ C3] do_fast_syscall_32+0x32/0x80 [ 128.599482][ C3] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.599494][ C3] RIP: 0023:0xf7f12579 [ 128.599502][ C3] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 128.599512][ C3] RSP: 002b:00000000ff9dd038 EFLAGS: 00000286 ORIG_RAX: 0000000000000128 [ 128.599522][ C3] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000ff9dd0d4 [ 128.599528][ C3] RDX: 00000000000001ff RSI: 00000000ffffd120 RDI: 00000000ff9dd0d4 [ 128.599535][ C3] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 128.599541][ C3] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 128.599547][ C3] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 128.599555][ C3] [ 128.762928][ T1169] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 128.770884][ T1169] bond0 (unregistering): Released all slaves SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 128.854833][ T6004] usb 6-1: USB disconnect, device number 11 [ 129.012552][ T24] usb 10-1: new high-speed USB device number 5 using dummy_hcd [ 129.281102][ T1169] hsr_slave_0: left promiscuous mode [ 129.283058][ T1169] hsr_slave_1: left promiscuous mode [ 129.284832][ T1169] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 129.287451][ T1169] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 129.751865][ T1169] team0 (unregistering): Port device team_slave_1 removed [ 129.811400][ T1169] team0 (unregistering): Port device team_slave_0 removed [ 130.835955][ T1169] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.954998][ T1169] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.015209][ T1169] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.065287][ T1169] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.649680][ T1169] bridge_slave_1: left allmulticast mode [ 131.652135][ T1169] bridge_slave_1: left promiscuous mode [ 131.654771][ T1169] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.658573][ T1169] bridge_slave_0: left allmulticast mode [ 131.660505][ T1169] bridge_slave_0: left promiscuous mode [ 131.662414][ T1169] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.666289][ T1169] bridge_slave_1: left allmulticast mode [ 131.668242][ T1169] bridge_slave_1: left promiscuous mode [ 131.670262][ T1169] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.673596][ T1169] bridge_slave_0: left allmulticast mode [ 131.675506][ T1169] bridge_slave_0: left promiscuous mode [ 131.677437][ T1169] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.680835][ T1169] bridge_slave_1: left allmulticast mode [ 131.683247][ T1169] bridge_slave_1: left promiscuous mode [ 131.685112][ T1169] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.688028][ T1169] bridge_slave_0: left allmulticast mode [ 131.690003][ T1169] bridge_slave_0: left promiscuous mode [ 131.691939][ T1169] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.695584][ T1169] bridge_slave_1: left allmulticast mode [ 131.697502][ T1169] bridge_slave_1: left promiscuous mode [ 131.699361][ T1169] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.702096][ T1169] bridge_slave_0: left allmulticast mode [ 131.704148][ T1169] bridge_slave_0: left promiscuous mode [ 131.706111][ T1169] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.313736][ T1416] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.315915][ T1416] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.419110][ T1169] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 132.423509][ T1169] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 132.427563][ T1169] bond0 (unregistering): Released all slaves [ 132.486095][ T1169] bond1 (unregistering): Released all slaves [ 132.491680][ T1169] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 132.496411][ T1169] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 132.500920][ T1169] bond0 (unregistering): Released all slaves [ 132.562810][ T1169] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 132.566224][ T1169] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 132.569358][ T1169] bond0 (unregistering): Released all slaves [ 132.630737][ T1169] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 132.634811][ T1169] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 132.637874][ T1169] bond0 (unregistering): Released all slaves [ 132.704005][ T1169] tipc: Disabling bearer [ 132.706204][ T1169] tipc: Left network mode [ 132.836435][ T1169] batman_adv: batadv0: Removing interface: macsec1 [ 133.290703][ T1169] hsr_slave_0: left promiscuous mode [ 133.292885][ T1169] hsr_slave_1: left promiscuous mode [ 133.294783][ T1169] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 133.297341][ T1169] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 133.301793][ T1169] hsr_slave_0: left promiscuous mode [ 133.304237][ T1169] hsr_slave_1: left promiscuous mode [ 133.306706][ T1169] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 133.309183][ T1169] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 133.312010][ T1169] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 133.315195][ T1169] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 133.320597][ T1169] hsr_slave_0: left promiscuous mode [ 133.323151][ T1169] hsr_slave_1: left promiscuous mode [ 133.325555][ T1169] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 133.328310][ T1169] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 133.332509][ T1169] hsr_slave_0: left promiscuous mode [ 133.335193][ T1169] hsr_slave_1: left promiscuous mode [ 133.337765][ T1169] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 133.340358][ T1169] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 133.345658][ T1169] veth1_macvtap: left promiscuous mode [ 133.347809][ T1169] veth0_macvtap: left promiscuous mode [ 133.349689][ T1169] veth1_vlan: left promiscuous mode [ 133.351547][ T1169] veth0_vlan: left promiscuous mode [ 133.858946][ T1169] team0 (unregistering): Port device team_slave_1 removed [ 133.921129][ T1169] team0 (unregistering): Port device team_slave_0 removed [ 134.440305][ T1169] team0 (unregistering): Port device team_slave_1 removed [ 134.473384][ T1169] team0 (unregistering): Port device team_slave_0 removed [ 134.937725][ T1169] team0 (unregistering): Port device team_slave_1 removed [ 134.990516][ T1169] team0 (unregistering): Port device team_slave_0 removed [ 135.818708][ T1169] team0 (unregistering): Port device team_slave_1 removed [ 135.872427][ T1169] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 18:31:50 Registers: info registers vcpu 0 CPU#0 RAX=000000000011177c RBX=0000000000000000 RCX=ffffffff8b6933e9 RDX=ffffed10056465be RSI=ffffffff8bf46c60 RDI=ffffffff81912241 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10 R8 =0000000000000000 R9 =ffffed10056465bd R10=ffff88802b232deb R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90850c10 R15=0000000000000000 RIP=ffffffff8b691c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880977ee000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002d210ffc CR3=0000000064dcb000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000114f6b RBX=0000000000000001 RCX=ffffffff8b6933e9 RDX=0000000000000000 RSI=ffffffff8dbdb811 RDI=ffffffff8bf46ce0 RBP=ffffed1003b52488 RSP=ffffc9000046fdf8 R8 =0000000000000001 R9 =ffffed10056665bd R10=ffff88802b332deb R11=0000000000000000 R12=0000000000000001 R13=ffff88801da92440 R14=ffffffff90850c10 R15=0000000000000000 RIP=ffffffff8b691c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880978ee000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080010000 CR3=00000000505e4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000001290a4 RBX=0000000000000002 RCX=ffffffff8b6933e9 RDX=ffffed10056865be RSI=ffffffff8bf46c60 RDI=ffffffff81912241 RBP=ffffed1003b52910 RSP=ffffc9000047fdf8 R8 =0000000000000000 R9 =ffffed10056865bd R10=ffff88802b432deb R11=0000000000000000 R12=0000000000000002 R13=ffff88801da94880 R14=ffffffff90850c10 R15=0000000000000000 RIP=ffffffff8b691c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880979ee000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000558bf0ba4f40 CR3=000000004f474000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=fa7bf2dbdb859e8e 825fa25e9942116d fa7bf2dbdb859e8e 825fa25e9942116d fa7bf2dbdb859e8e 825fa25e9942116d fa7bf2dbdb859e8e 825fa25e9942116d ZMM18=a22e2c11bfcdbb17 0ca0f9f4804f9f03 a22e2c11bfcdbb17 0ca0f9f4804f9f03 a22e2c11bfcdbb17 0ca0f9f4804f9f03 a22e2c11bfcdbb17 0ca0f9f4804f9f03 ZMM19=a008000000000000 0000000000000004 a008000000000000 0000000000000003 a008000000000000 0000000000000002 a008000000000000 0000000000000001 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 296564655f337365 642862636501ffff ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 fffffffffffeff08 3003000800280300 0800200300000000 0000726568706963 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6b7301ffffffffff ffffffe30804034c 040000030008000a 08004c080006006f ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0300000000000008 ffffffae00000000 ffffffff8a0ff0bf ffffffff8a0ff9b2 ZMM25=0ca0f9f40ca0f9f4 0ca0f9f40ca0f9f4 0ca0f9f40ca0f9f4 0ca0f9f40ca0f9f4 0ca0f9f40ca0f9f4 0ca0f9f40ca0f9f4 0ca0f9f40ca0f9f4 0ca0f9f40ca0f9f4 ZMM26=bfcdbb17bfcdbb17 bfcdbb17bfcdbb17 bfcdbb17bfcdbb17 bfcdbb17bfcdbb17 bfcdbb17bfcdbb17 bfcdbb17bfcdbb17 bfcdbb17bfcdbb17 bfcdbb17bfcdbb17 ZMM27=a22e2c11a22e2c11 a22e2c11a22e2c11 a22e2c11a22e2c11 a22e2c11a22e2c11 a22e2c11a22e2c11 a22e2c11a22e2c11 a22e2c11a22e2c11 a22e2c11a22e2c11 ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=9f0800009f080000 9f0800009f080000 9f0800009f080000 9f0800009f080000 9f0800009f080000 9f0800009f080000 9f0800009f080000 9f0800009f080000 info registers vcpu 3 CPU#3 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854c1175 RDI=ffffffff9adddbc0 RBP=ffffffff9adddb80 RSP=ffffc900005e82b0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e35312e36 R12=0000000000000000 R13=0000000000000020 R14=ffffffff9adddb80 R15=ffffffff854c1110 RIP=ffffffff854c119f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097aee000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000580a699c CR3=00000000550c0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000