last executing test programs: 518.273225ms ago: executing program 1 (id=4233): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000000100)={{0x0, 0x3}}) 517.862367ms ago: executing program 2 (id=4236): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000d08000640ffffff0008000340000000383c0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000100003800c0000800800034010"], 0xd0}}, 0x0) 391.505952ms ago: executing program 1 (id=4239): socketpair(0x1, 0x80001, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @dev}}) 384.773702ms ago: executing program 2 (id=4240): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)=@ipv6_newroute={0x2c, 0x18, 0xc98a65522eb2cd77, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00}, [@RTA_EXPIRES={0x8, 0x1e}, @RTA_OIF={0x8}]}, 0x2c}}, 0x0) 381.562602ms ago: executing program 3 (id=4241): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, 0x1418, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}}, 0x0) 292.941857ms ago: executing program 0 (id=4242): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001e0081064e81f782db44b9040a02080006007c09e8fe04a10a0015c00200142603600e120800080024000000a86286cf6c00014003000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db701000000400ad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) 292.695818ms ago: executing program 1 (id=4243): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x2c, 0x2, 0x3, 0x401, 0x0, 0x0, {}, [@NFQA_CFG_MASK={0x8}, @NFQA_CFG_FLAGS={0x8}, @NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x2c}}, 0x0) 287.546246ms ago: executing program 3 (id=4244): set_mempolicy(0x4001, &(0x7f0000001540)=0x8, 0x9) set_mempolicy(0x8000, 0x0, 0x3) 287.296608ms ago: executing program 2 (id=4245): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) lremovexattr(0x0, 0x0) 272.332274ms ago: executing program 0 (id=4246): r0 = socket(0x10, 0x3, 0x4) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x68, 0x14, 0xf0b, 0x0, 0x0, {0x2}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}, {{0x1c, 0x1, {0xd, 0x40, 0xc}}, {0x4}}]}]}, 0x68}}, 0x0) 216.511496ms ago: executing program 3 (id=4247): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000005d80)=@newtaction={0x48, 0x76, 0x1, 0x0, 0x0, {}, [{0x34, 0x1, [@m_police={0x30, 0xd, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0) 216.241107ms ago: executing program 1 (id=4248): r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="1400000022000b0fd25a806c8c6f94f90324fc60", 0x14}], 0x1}, 0x0) 214.942099ms ago: executing program 0 (id=4249): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb4, 0x15, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0xc0}, {0x2000000000}, {0x2c7}}}, 0xb4}}, 0x4000800) 214.855724ms ago: executing program 2 (id=4250): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r0, 0x4b4b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 140.747606ms ago: executing program 3 (id=4251): r0 = syz_open_dev$sg(&(0x7f0000000380), 0x0, 0x0) ioctl$BLKTRACESTART(r0, 0x2275, 0xffefff1f00000000) 140.529116ms ago: executing program 0 (id=4252): r0 = socket$can_raw(0x1d, 0x3, 0x1) getsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x7, 0x0, &(0x7f0000000040)=0xfffffffffffffdde) 138.518442ms ago: executing program 1 (id=4253): r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x8d, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f0000000340)={{0xa, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz0\x00', 0x0}) 138.276072ms ago: executing program 3 (id=4254): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet(r0, &(0x7f0000004e40)=[{{&(0x7f0000000080)={0x2, 0x0, @local}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000200)="e6", 0x1}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x400d0) 130.040966ms ago: executing program 2 (id=4255): msgctl$IPC_SET(0x0, 0x1, 0x0) msgsnd(0x0, &(0x7f0000000000)={0x1}, 0x8, 0x800) 67.417248ms ago: executing program 0 (id=4256): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_ifreq(r0, 0x8937, &(0x7f0000000040)={'batadv_slave_0\x00', @ifru_settings={0x80000001, 0x0, @fr_pvc=0x0}}) 64.116011ms ago: executing program 1 (id=4257): pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) tee(r0, r0, 0x4a, 0x0) 2.498975ms ago: executing program 3 (id=4258): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000400)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491dc6aaee0d409731091f4fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e1590bab105b0cb578af7dc7d5e87d48d376444e2de02f47c61e8e84ff828de453f34c2b08660b080efc707e676e1fb4d5865c0ca177a4c7fbb4e829ab0894a1062b445c00f576b2b5cc7f819abd0f885cc4806f47ffb966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329bb8cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5b5a182cb5e8380100632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481edbf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026def743f1213bf817becd9e5a225d67521d1128eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979030000007081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661351df747aa6a65872dfdcfa68f65bd06b4082d43e121861b5cc09b986bf56c747d9a1cc5b506892c3a16ff10feea20bdac89bfb758cf3500000000000000000000000000000098e6db5a96055e764a3bfd4ccb20d2e800994f4b602d25b2c076f21c7102687e054bb93b2d013be6227fd99902b074c0de00733128c81c48c5e140b17d71ac48f137d10798c4272826d2ba55bbda0059636528c132ed06759d880d1bc291a76456ed7ee8bcb392fdf886dbc74879ec4b831904d7c101ebbaef3c0ae6d0cf0000000000000000000000000000000011cb735f66a559ef0cdb5163a15c0bb986474bf5d9542e3e48805ce53127e4c076d69d868df543717aaaa07d7aca056f7f036c2bcba0795d1a64868a29ac5321b3cd6ef5b1a741afc7124ee3df174c1d68b45fcfd7e531090ceae2f05536a4d5d6a4081e743827fb9c031d1fc9f195c2da189c49eaed6c30c71da0452e502ef393efeb02ebe82b1851cae5fa7c958ba23110b5e0e5b890803f28a356b2920e74564e0f8377b0ba5187fed2882b4780a1bcb583f1cb1470003ef9b592b9461328cfc01ebfce0ecdcea714a517dc40000000000000000000000000006bd0561e1cc72880cc3ec1bdf35eb670a9040e3b53cd826b94ad8aeb014e74787fe89fb3247a87d8bfb6d400142369f88964708d1d4d"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xfe, 0x60000004, &(0x7f0000000100)="b9ff03076044238cb89e14f043050de0ffff00184000632f77fbac14140ee000000d62079f4b4d0f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x25, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e062b311453dcbb62932a01105d0a8066ca8e5e1f2f575d0d6e996b57fd408d420abb7337934e59815d75b4eb3e7206afce", &(0x7f0000000380)="af5fa441b438b5156d8a9fcc090f586e979858f64170cde36889dcc8539ffcca62621a4c3ea3f7acee366e6fb0b94314f90931dec60fed6c9fee64af416c29f65e47110b81f6b4da06db5e1aad1f627acb", 0x0, 0x3}, 0x2c) 2.345448ms ago: executing program 2 (id=4259): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="20000000040a03"], 0x20}}, 0x0) 0s ago: executing program 0 (id=4260): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000001000)=ANY=[@ANYBLOB='trans=virtio,noextend']) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:51262' (ED25519) to the list of known hosts. [ 48.191638][ T5337] cgroup: Unknown subsys name 'net' [ 48.351541][ T5337] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 49.439071][ T5337] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 54.815010][ T5558] mmap: syz.2.200 (5558) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 59.524582][ T5673] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 59.529219][ T5673] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 59.530530][ T5680] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 59.531127][ T5676] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 59.539522][ T5680] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 59.543127][ T5680] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 59.545420][ T5673] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 59.546545][ T5673] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 59.551413][ T5673] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 59.551800][ T5680] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 59.554900][ T5673] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 59.556186][ T5676] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 59.559202][ T5673] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 59.562940][ T5676] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 59.563812][ T5673] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 59.566940][ T5676] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 59.568016][ T5673] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 59.575573][ T4792] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 59.579822][ T4792] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 59.584487][ T4792] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 59.587302][ T4792] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 59.594081][ T4792] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 59.596458][ T4792] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 59.598457][ T4792] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 60.092071][ T5671] chnl_net:caif_netlink_parms(): no params data found [ 60.096453][ T5681] chnl_net:caif_netlink_parms(): no params data found [ 60.101005][ T5672] chnl_net:caif_netlink_parms(): no params data found [ 60.112392][ T5670] chnl_net:caif_netlink_parms(): no params data found [ 60.471990][ T5671] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.474590][ T5671] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.476504][ T5671] bridge_slave_0: entered allmulticast mode [ 60.479756][ T5671] bridge_slave_0: entered promiscuous mode [ 60.540045][ T5672] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.542035][ T5672] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.544354][ T5672] bridge_slave_0: entered allmulticast mode [ 60.546745][ T5672] bridge_slave_0: entered promiscuous mode [ 60.550028][ T5672] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.551964][ T5672] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.553968][ T5672] bridge_slave_1: entered allmulticast mode [ 60.556442][ T5672] bridge_slave_1: entered promiscuous mode [ 60.559666][ T5671] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.561578][ T5671] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.563509][ T5671] bridge_slave_1: entered allmulticast mode [ 60.566446][ T5671] bridge_slave_1: entered promiscuous mode [ 60.685766][ T5670] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.688594][ T5670] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.691247][ T5670] bridge_slave_0: entered allmulticast mode [ 60.694819][ T5670] bridge_slave_0: entered promiscuous mode [ 60.698666][ T5681] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.701307][ T5681] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.704482][ T5681] bridge_slave_0: entered allmulticast mode [ 60.707965][ T5681] bridge_slave_0: entered promiscuous mode [ 60.712463][ T5681] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.715167][ T5681] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.717635][ T5681] bridge_slave_1: entered allmulticast mode [ 60.720797][ T5681] bridge_slave_1: entered promiscuous mode [ 60.781494][ T5671] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.789488][ T5671] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.792931][ T5670] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.795470][ T5670] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.797871][ T5670] bridge_slave_1: entered allmulticast mode [ 60.800660][ T5670] bridge_slave_1: entered promiscuous mode [ 60.861929][ T5681] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.866390][ T5672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.912026][ T5670] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.920343][ T5681] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.926197][ T5672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.961203][ T5670] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.057067][ T5671] team0: Port device team_slave_0 added [ 61.063197][ T5671] team0: Port device team_slave_1 added [ 61.099354][ T5681] team0: Port device team_slave_0 added [ 61.124767][ T5672] team0: Port device team_slave_0 added [ 61.155523][ T5670] team0: Port device team_slave_0 added [ 61.159355][ T5681] team0: Port device team_slave_1 added [ 61.164543][ T5672] team0: Port device team_slave_1 added [ 61.205497][ T5670] team0: Port device team_slave_1 added [ 61.272319][ T5671] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.274983][ T5671] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.284701][ T5671] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.326346][ T5681] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.328193][ T5681] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.334151][ T5681] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.338606][ T5672] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.340890][ T5672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.348829][ T5672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.353466][ T5671] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.355951][ T5671] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.364435][ T5671] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.368849][ T5670] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.370874][ T5670] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.378471][ T5670] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.382506][ T5681] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.384943][ T5681] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.391708][ T5681] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.396186][ T5672] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.398406][ T5672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.406458][ T5672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.422274][ T5670] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.424964][ T5670] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.433390][ T5670] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.513642][ T5670] hsr_slave_0: entered promiscuous mode [ 61.517888][ T5670] hsr_slave_1: entered promiscuous mode [ 61.584896][ T4792] Bluetooth: hci0: command tx timeout [ 61.632169][ T5672] hsr_slave_0: entered promiscuous mode [ 61.634885][ T5672] hsr_slave_1: entered promiscuous mode [ 61.637398][ T5672] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.640215][ T5672] Cannot create hsr debugfs directory [ 61.663971][ T4792] Bluetooth: hci3: command tx timeout [ 61.664007][ T5680] Bluetooth: hci2: command tx timeout [ 61.664031][ T66] Bluetooth: hci1: command tx timeout [ 61.683471][ T5671] hsr_slave_0: entered promiscuous mode [ 61.686513][ T5671] hsr_slave_1: entered promiscuous mode [ 61.688638][ T5671] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.690681][ T5671] Cannot create hsr debugfs directory [ 61.791587][ T5681] hsr_slave_0: entered promiscuous mode [ 61.794813][ T5681] hsr_slave_1: entered promiscuous mode [ 61.797600][ T5681] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.800389][ T5681] Cannot create hsr debugfs directory [ 62.322578][ T5670] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 62.336832][ T5670] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 62.343222][ T5670] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 62.352331][ T5670] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 62.405921][ T5672] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 62.418059][ T5672] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 62.429259][ T5672] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 62.436426][ T5672] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 62.483572][ T5671] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 62.490893][ T5671] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 62.501181][ T5671] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 62.506746][ T5671] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 62.578714][ T5681] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 62.586287][ T5681] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 62.597979][ T5681] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 62.615964][ T5681] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 62.684556][ T5670] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.745418][ T5671] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.769489][ T5670] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.808001][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.810823][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.846737][ T5672] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.859652][ T5671] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.867410][ T76] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.869872][ T76] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.900056][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.902702][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.926757][ T5672] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.932535][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.935312][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.966128][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.968700][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.979153][ T5681] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.007004][ T1215] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.009711][ T1215] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.044109][ T5681] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.091708][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.095942][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.125955][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.129129][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.175036][ T5672] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 63.178547][ T5672] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.319189][ T5670] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.365107][ T5671] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.448227][ T5670] veth0_vlan: entered promiscuous mode [ 63.459536][ T5671] veth0_vlan: entered promiscuous mode [ 63.479422][ T5671] veth1_vlan: entered promiscuous mode [ 63.485704][ T5672] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.489048][ T5670] veth1_vlan: entered promiscuous mode [ 63.538933][ T5681] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.567591][ T5670] veth0_macvtap: entered promiscuous mode [ 63.572145][ T5670] veth1_macvtap: entered promiscuous mode [ 63.588843][ T5671] veth0_macvtap: entered promiscuous mode [ 63.610504][ T5671] veth1_macvtap: entered promiscuous mode [ 63.636687][ T5671] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.651884][ T5672] veth0_vlan: entered promiscuous mode [ 63.657448][ T5670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.666821][ T5670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.673064][ T5670] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.674002][ T5680] Bluetooth: hci0: command tx timeout [ 63.681153][ T5671] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.691397][ T5671] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.695287][ T5671] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.698232][ T5671] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.701304][ T5671] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.717261][ T5672] veth1_vlan: entered promiscuous mode [ 63.721382][ T5670] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.725920][ T5670] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.730978][ T5670] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.744454][ T5680] Bluetooth: hci1: command tx timeout [ 63.744508][ T4792] Bluetooth: hci3: command tx timeout [ 63.754251][ T4792] Bluetooth: hci2: command tx timeout [ 63.759362][ T5670] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.762567][ T5670] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.765815][ T5670] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.768756][ T5670] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.792262][ T5681] veth0_vlan: entered promiscuous mode [ 63.872436][ T5681] veth1_vlan: entered promiscuous mode [ 63.906884][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.909872][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.933365][ T5672] veth0_macvtap: entered promiscuous mode [ 63.940375][ T5672] veth1_macvtap: entered promiscuous mode [ 63.977454][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.979924][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.998411][ T5681] veth0_macvtap: entered promiscuous mode [ 63.998515][ T1104] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.004837][ T1104] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.006141][ T5681] veth1_macvtap: entered promiscuous mode [ 64.041036][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.041491][ T5672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.044044][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.048024][ T5672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.054311][ T5672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.057715][ T5672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.062460][ T5672] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.087303][ T5672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.090878][ T5672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.095217][ T5672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.099161][ T5672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.104692][ T5672] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.145962][ T5681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.149718][ T5681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.166610][ T5681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.170121][ T5681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.173511][ T5681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.177675][ T5681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.184148][ T5681] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.190447][ T5672] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.193074][ T5672] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.211357][ T5672] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.215353][ T5672] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.246478][ T5681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.250421][ T5681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.255241][ T5681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.259068][ T5681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.262924][ T5681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.268388][ T5681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.274781][ T5681] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.299007][ T5681] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.302227][ T5681] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.307503][ T5681] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.310791][ T5681] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.409853][ T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.412214][ T5736] ICMPv6: NA: fd:f9:a6:84:a5:1b advertised our address fe80::aa on syz_tun! [ 64.422163][ T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.480646][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.490433][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.536385][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.539254][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.567485][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.571384][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.696172][ T5833] capability: warning: `syz.3.336' uses deprecated v2 capabilities in a way that may be insecure [ 65.744036][ T4792] Bluetooth: hci0: command tx timeout [ 65.834354][ T4792] Bluetooth: hci1: command tx timeout [ 66.414521][ T5898] PKCS7: Unknown OID: [4] 2.19.0.2.86.14.43(bad) [ 66.418635][ T5898] PKCS7: Only support pkcs7_signedData type [ 66.699489][ T39] audit: type=1326 audit(1726230841.818:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5917 comm="syz.2.376" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x0 [ 67.833855][ T4792] Bluetooth: hci0: command tx timeout [ 69.587782][ T4792] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 69.591428][ T4792] Bluetooth: hci2: Injecting HCI hardware error event [ 69.597092][ T5680] Bluetooth: hci2: hardware error 0x00 [ 70.394623][ T6252] syz.3.540 (6252): attempted to duplicate a private mapping with mremap. This is not supported. [ 70.502181][ T6260] dns_resolver: Unsupported server list version (0) [ 70.685105][ T6276] futex_wake_op: syz.3.554 tries to shift op by -1; fix this program [ 70.792345][ T6283] virtio-fs: tag <(null)> not found [ 70.817687][ T983] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 71.017393][ T983] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 71.021936][ T983] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 71.027608][ T983] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.040643][ T983] usb 5-1: config 0 descriptor?? [ 71.264500][ T4792] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 71.269150][ T4792] Bluetooth: hci1: Injecting HCI hardware error event [ 71.273993][ T66] Bluetooth: hci1: hardware error 0x00 [ 71.312900][ T983] ath6kl: Failed to submit usb control message: -71 [ 71.323878][ T983] ath6kl: unable to send the bmi data to the device: -71 [ 71.333166][ T983] ath6kl: Unable to send get target info: -71 [ 71.363432][ T983] ath6kl: Failed to init ath6kl core: -71 [ 71.395844][ T983] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 71.448780][ T983] usb 5-1: USB disconnect, device number 2 [ 71.663755][ T5680] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 72.429589][ T6410] syz.3.618[6410] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 72.429747][ T6410] syz.3.618[6410] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 72.456077][ T6412] UBIFS error (pid: 6412): cannot open "ubifs", error -22 [ 73.343812][ T66] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 75.470157][ T39] audit: type=1326 audit(1726239042.588:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6634 comm="syz.1.730" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x0 [ 75.571355][ T6642] syz.3.734 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 76.172178][ T1379] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.183925][ T1379] ieee802154 phy1 wpan1: encryption failed: -22 [ 77.148975][ T6788] autofs: Unknown parameter 'no9 PG!8E8- ŖEeլ( Ir\u}ibT0;my[Gc#>QkbY&#w@/VVL~12lhOh'rK1\kU{!eܚ7 [ 77.148975][ T6788] Ue[%#s' [ 77.253259][ T10] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 77.418340][ T6811] 9pnet_fd: Insufficient options for proto=fd [ 77.466285][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 77.470963][ T10] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 77.501813][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.510709][ T10] usb 6-1: config 0 descriptor?? [ 77.747386][ T10] ath6kl: Failed to submit usb control message: -71 [ 77.750700][ T10] ath6kl: unable to send the bmi data to the device: -71 [ 77.755632][ T10] ath6kl: Unable to send get target info: -71 [ 77.763502][ T10] ath6kl: Failed to init ath6kl core: -71 [ 77.766785][ T10] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 77.811525][ T10] usb 6-1: USB disconnect, device number 2 [ 77.927691][ T6841] autofs: Unknown parameter 'no9 PG!8E8- ŖEeլ( Ir\u}ibT0;my[Gc#>QkbY&#w@/VVL~12lhOh'rK1\kU{!eܚ7 [ 77.927691][ T6841] Ue[%#s' [ 78.256210][ T6868] autofs: Unknown parameter 'no9 PG!8E8- ŖEeլ( Ir\u}ibT0;my[Gc#>QkbY&#w@/VVL~12lhOh'rK1\kU{!eܚ7 [ 78.256210][ T6868] Ue[%#s' [ 78.762182][ T6915] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 79.035327][ T6931] 9pnet: Unknown protocol version 9p20\++} [ 79.555232][ T6971] futex_wake_op: syz.3.897 tries to shift op by -1; fix this program [ 79.947802][ T7015] futex_wake_op: syz.0.919 tries to shift op by -1; fix this program [ 80.113659][ T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 80.323843][ T10] usb 7-1: Using ep0 maxpacket: 32 [ 80.330627][ T10] usb 7-1: New USB device found, idVendor=0545, idProduct=8002, bcdDevice= 3.0a [ 80.335060][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 80.337898][ T10] usb 7-1: Product: syz [ 80.340011][ T10] usb 7-1: Manufacturer: syz [ 80.341679][ T10] usb 7-1: SerialNumber: syz [ 80.355277][ T10] usb 7-1: config 0 descriptor?? [ 80.371642][ T10] gspca_main: xirlink-cit-2.14.0 probing 0545:8002 [ 80.425606][ T10] input: xirlink-cit as /devices/platform/dummy_hcd.2/usb7/7-1/input/input5 [ 80.582899][ T5741] usb 7-1: USB disconnect, device number 2 [ 81.001650][ T7098] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 81.004538][ T7098] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 81.011470][ T7098] vhci_hcd vhci_hcd.0: Device attached [ 81.033264][ T7099] vhci_hcd: connection closed [ 81.036236][ T1215] vhci_hcd: stop threads [ 81.040515][ T1215] vhci_hcd: release socket [ 81.042710][ T1215] vhci_hcd: disconnect device [ 81.158613][ T7113] dccp_v6_rcv: dropped packet with invalid checksum [ 81.286252][ T35] cfg80211: failed to load regulatory.db [ 82.519248][ T7238] binder: Bad value for 'max' [ 83.539900][ T7340] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0004 with DS=0x7 [ 83.864604][ T7365] IPv6: addrconf: prefix option has invalid lifetime [ 84.748611][ T7423] ip_tunnel: non-ECT from 172.30.0.3 with TOS=0x2 [ 86.401562][ T7582] dccp_v4_rcv: dropped packet with invalid checksum [ 87.198728][ T7661] erofs: (device loop1): erofs_read_superblock: cannot find valid erofs superblock [ 89.423460][ T983] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 89.633467][ T983] usb 6-1: Using ep0 maxpacket: 32 [ 89.646233][ T983] usb 6-1: New USB device found, idVendor=0545, idProduct=8002, bcdDevice= 3.0a [ 89.655365][ T983] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 89.660059][ T983] usb 6-1: Product: syz [ 89.662034][ T983] usb 6-1: Manufacturer: syz [ 89.665984][ T983] usb 6-1: SerialNumber: syz [ 89.669748][ T983] usb 6-1: config 0 descriptor?? [ 89.680394][ T983] gspca_main: xirlink-cit-2.14.0 probing 0545:8002 [ 89.691448][ T983] input: xirlink-cit as /devices/platform/dummy_hcd.1/usb6/6-1/input/input6 [ 89.783405][ T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 89.920003][ T5710] usb 6-1: USB disconnect, device number 3 [ 89.973265][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 89.989218][ T10] usb 5-1: unable to get BOS descriptor or descriptor too short [ 89.998949][ T10] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 90.007905][ T10] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 90.014852][ T10] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 90.019487][ T10] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 90.023643][ T10] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 90.030930][ T10] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 90.037014][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 90.039994][ T10] usb 5-1: Product: syz [ 90.041589][ T10] usb 5-1: Manufacturer: syz [ 90.044986][ T10] usb 5-1: SerialNumber: syz [ 90.059205][ T7900] could not allocate digest TFM handle rmd128-generic [ 90.111535][ T7910] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 90.273804][ T10] cdc_ncm 5-1:1.0: bind() failure [ 90.286969][ T10] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 90.290239][ T10] cdc_ncm 5-1:1.1: bind() failure [ 90.302518][ T10] usb 5-1: USB disconnect, device number 3 [ 91.840222][ T8051] futex_wake_op: syz.1.1433 tries to shift op by -1; fix this program [ 92.141161][ T8087] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xd [ 92.515997][ T5710] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 92.529116][ T39] audit: type=1326 audit(1726241638.649:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8119 comm="syz.2.1467" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x0 [ 92.559625][ T8122] futex_wake_op: syz.1.1468 tries to shift op by 32; fix this program [ 92.703532][ T5741] usb 8-1: new low-speed USB device number 2 using dummy_hcd [ 92.734875][ T5710] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 92.739132][ T5710] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64 [ 92.744913][ T8132] dccp_invalid_packet: P.Data Offset(80) too large [ 92.748058][ T5710] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22 [ 92.757324][ T5710] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 92.760998][ T5710] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 92.765919][ T5710] usb 5-1: SerialNumber: syz [ 92.775227][ T8095] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 92.778474][ T8095] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 92.784623][ T5710] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 92.787761][ T5710] cdc_acm 5-1:1.0: This needs exactly 3 endpoints [ 92.795787][ T5710] cdc_acm 5-1:1.0: probe with driver cdc_acm failed with error -22 [ 92.885251][ T5741] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 92.889427][ T5741] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 0, changing to 10 [ 92.894360][ T5741] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 200, setting to 8 [ 92.898246][ T5741] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 92.902949][ T5741] usb 8-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 92.906987][ T5741] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.912623][ T5741] usb 8-1: config 0 descriptor?? [ 92.916813][ T8114] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 92.992596][ T8] usb 5-1: USB disconnect, device number 4 [ 93.129542][ T5710] usb 8-1: USB disconnect, device number 2 [ 93.938212][ T8191] tmpfs: Bad value for 'mpol' [ 94.873351][ T39] audit: type=1326 audit(1726241640.989:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8281 comm="syz.0.1546" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f56579 code=0x0 [ 96.649222][ T8481] syz.2.1643(8481): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 96.996851][ T8514] tmpfs: Unknown parameter 'smackfshat' [ 97.153499][ T39] audit: type=1326 audit(1726242411.274:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8527 comm="syz.3.1667" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x0 [ 97.592934][ T8568] 9pnet_fd: Insufficient options for proto=fd [ 99.223949][ T8710] bpf: Bad value for 'uid' [ 99.800862][ C1] Adjusting tsc more than 11% (5229282 vs 7162514) [ 100.627970][ T8850] futex_wake_op: syz.1.1827 tries to shift op by 144; fix this program [ 101.136402][ T8895] binder: Binderfs stats mode cannot be changed during a remount [ 102.072407][ T8990] MTD: Attempt to mount non-MTD device "/dev/nbd3" [ 102.078309][ T8990] syz.3.1896: attempt to access beyond end of device [ 102.078309][ T8990] nbd3: rw=0, sector=0, nr_sectors = 2 limit=0 [ 102.307613][ T9005] ======================================================= [ 102.307613][ T9005] WARNING: The mand mount option has been deprecated and [ 102.307613][ T9005] and is ignored by this kernel. Remove the mand [ 102.307613][ T9005] option from the mount to silence this warning. [ 102.307613][ T9005] ======================================================= [ 102.341589][ T9005] syz.3.1903: attempt to access beyond end of device [ 102.341589][ T9005] nbd3: rw=0, sector=1, nr_sectors = 1 limit=0 [ 102.347362][ T9005] VFS: could not find a valid V7 on nbd3. [ 102.391808][ T9011] netlink: 'syz.2.1906': attribute type 3 has an invalid length. [ 102.412276][ T9011] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.1906'. [ 102.501134][ T9019] netlink: 'syz.1.1909': attribute type 23 has an invalid length. [ 102.766836][ T9042] netlink: 'syz.3.1920': attribute type 1 has an invalid length. [ 102.906948][ T9051] Illegal XDP return value 3565746611 on prog (id 175) dev N/A, expect packet loss! [ 103.197143][ T9074] openvswitch: netlink: Missing key (keys=20040, expected=100) [ 103.272271][ T833] IPVS: starting estimator thread 0... [ 103.447200][ T9081] IPVS: using max 24 ests per chain, 57600 per kthread [ 103.511974][ T9099] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1949'. [ 103.514893][ T9099] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1949'. [ 103.518397][ T9099] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 103.555176][ T9099] bond1: entered allmulticast mode [ 103.557151][ T9099] 8021q: adding VLAN 0 to HW filter on device bond1 [ 103.734932][ T9114] netlink: 'syz.0.1954': attribute type 3 has an invalid length. [ 103.745491][ T9114] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.1954'. [ 103.768706][ T9118] netlink: 'syz.3.1956': attribute type 2 has an invalid length. [ 103.927116][ T9128] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 104.063416][ T9139] misc userio: No port type given on /dev/userio [ 104.095055][ T9140] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1968'. [ 104.232491][ T9150] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1973'. [ 104.239106][ T9150] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1973'. [ 104.247410][ T9150] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 104.305748][ T9150] bond1: entered allmulticast mode [ 104.311828][ T9150] 8021q: adding VLAN 0 to HW filter on device bond1 [ 104.512355][ T9170] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1981'. [ 104.568920][ T9175] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 104.637087][ T9183] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 104.649676][ T9183] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 104.679445][ T9185] REISERFS warning (device nullb0): super-6502 reiserfs_getopt: unknown mount option "&@" [ 104.912242][ T9207] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 105.184219][ T9231] libceph: resolve '0' (ret=-3): failed [ 105.273109][ T9241] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2018'. [ 105.666574][ T9278] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2037'. [ 105.732555][ T9285] netlink: 'syz.3.2040': attribute type 20 has an invalid length. [ 106.866544][ T9372] usb usb8: usbfs: process 9372 (syz.0.2081) did not claim interface 0 before use [ 107.432029][ T9419] warning: `syz.0.2106' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 107.608199][ T9430] IPVS: sync thread started: state = BACKUP, mcast_ifn = lo, syncid = 0, id = 0 [ 107.933497][ T9461] syz.2.2126 uses obsolete (PF_INET,SOCK_PACKET) [ 107.974885][ T9465] syz.1.2128 (9465): /proc/9463/oom_adj is deprecated, please use /proc/9463/oom_score_adj instead. [ 108.625676][ T9514] can0: slcan on ttyS3. [ 108.789548][ T9511] can0 (unregistered): slcan off ttyS3. [ 108.799928][ T9532] __nla_validate_parse: 4 callbacks suppressed [ 108.799937][ T9532] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2160'. [ 108.948996][ T9541] netlink: 140 bytes leftover after parsing attributes in process `syz.0.2162'. [ 109.247161][ T9574] Device name cannot be null; rc = [-22] [ 109.251557][ T9570] netlink: 'syz.0.2173': attribute type 1 has an invalid length. [ 109.261792][ T9576] cannot load conntrack support for proto=3 [ 109.511081][ T9598] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 109.765465][ T9622] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2199'. [ 109.798049][ T9626] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2201'. [ 109.874494][ T9631] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2203'. [ 109.962603][ T9640] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 110.208761][ T9652] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2214'. [ 110.213782][ T9652] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2214'. [ 110.314675][ T9658] bond0: (slave caif0): Error: Device type is different from other slaves [ 110.733356][ T5710] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 110.955111][ T5710] usb 7-1: Using ep0 maxpacket: 16 [ 110.957707][ T9692] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2234'. [ 110.963009][ T5710] usb 7-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 110.967693][ T5710] usb 7-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 110.997764][ T5710] usb 7-1: config 0 interface 0 has no altsetting 0 [ 111.014177][ T5710] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 111.027579][ T5710] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 111.031112][ T5710] usb 7-1: Product: syz [ 111.032606][ T5710] usb 7-1: Manufacturer: syz [ 111.034336][ T5710] usb 7-1: SerialNumber: syz [ 111.041104][ T9696] affs: No valid root block on device nullb0 [ 111.046666][ T5710] usb 7-1: config 0 descriptor?? [ 111.053937][ T5710] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input7 [ 111.322725][ T9712] tmpfs: Bad value for 'mpol' [ 111.407990][ T35] usb 7-1: USB disconnect, device number 3 [ 111.481371][ T9724] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 111.501069][ T9724] CIFS mount error: No usable UNC path provided in device string! [ 111.501069][ T9724] [ 111.505300][ T9724] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 111.605906][ T9731] netlink: 'syz.3.2253': attribute type 10 has an invalid length. [ 111.610010][ T9731] bridge0: port 3(team0) entered blocking state [ 111.612482][ T9731] bridge0: port 3(team0) entered disabled state [ 111.615019][ T9731] team0: entered allmulticast mode [ 111.617186][ T9731] team_slave_0: entered allmulticast mode [ 111.622498][ T9731] team_slave_1: entered allmulticast mode [ 111.626909][ T9731] team0: entered promiscuous mode [ 111.633062][ T9731] team_slave_0: entered promiscuous mode [ 111.635769][ T9731] team_slave_1: entered promiscuous mode [ 111.638994][ T9731] bridge0: port 3(team0) entered blocking state [ 111.641649][ T9731] bridge0: port 3(team0) entered forwarding state [ 111.854904][ T5671] cgroup: fork rejected by pids controller in /syz0 [ 112.038395][ T9752] usb usb8: usbfs: process 9752 (syz.1.2262) did not claim interface 0 before use [ 112.063908][ T9756] netlink: 'syz.2.2263': attribute type 1 has an invalid length. [ 112.067230][ T9756] netlink: 244 bytes leftover after parsing attributes in process `syz.2.2263'. [ 112.206287][ T9764] affs: No valid root block on device nullb0 [ 112.303320][ T9768] VFS: unable to find oldfs superblock on device nullb0 [ 112.344798][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.505901][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.581693][ T9779] netlink: 'syz.3.2274': attribute type 1 has an invalid length. [ 112.627516][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.678229][ T9786] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2278'. [ 112.679644][ T5680] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 112.686148][ T5680] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 112.711182][ T5680] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 112.722628][ T5680] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 112.746098][ T5680] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 112.766864][ T5680] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 112.791333][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.894582][ T9802] netlink: 'syz.1.2291': attribute type 1 has an invalid length. [ 113.015615][ T13] bridge_slave_1: left allmulticast mode [ 113.019011][ T13] bridge_slave_1: left promiscuous mode [ 113.022295][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.046016][ T13] bridge_slave_0: left allmulticast mode [ 113.048149][ T13] bridge_slave_0: left promiscuous mode [ 113.050284][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.237974][ T9825] affs: No valid root block on device nullb0 [ 113.338084][ T9833] binder: 9829:9833 ioctl c018620b 0 returned -14 [ 113.705945][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 113.713890][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 113.721311][ T13] bond0 (unregistering): Released all slaves [ 113.861553][ T13] bond1 (unregistering): Released all slaves [ 114.033976][ T9790] chnl_net:caif_netlink_parms(): no params data found [ 114.048726][ T13] IPVS: stopping backup sync thread 9430 ... [ 114.468893][ T9790] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.471652][ T9790] bridge0: port 1(bridge_slave_0) entered disabled state [ 114.474312][ T9790] bridge_slave_0: entered allmulticast mode [ 114.494951][ T9790] bridge_slave_0: entered promiscuous mode [ 114.507380][ T9790] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.523820][ T9790] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.536008][ T9790] bridge_slave_1: entered allmulticast mode [ 114.539450][ T9790] bridge_slave_1: entered promiscuous mode [ 114.543787][ T9884] netlink: 'syz.2.2319': attribute type 15 has an invalid length. [ 114.888655][ T9790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 114.896559][ T9790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 114.970260][ T66] Bluetooth: hci1: command tx timeout [ 115.008668][ T9790] team0: Port device team_slave_0 added [ 115.043586][ T9790] team0: Port device team_slave_1 added [ 115.105163][ T13] hsr_slave_0: left promiscuous mode [ 115.106271][ T13] hsr_slave_1: left promiscuous mode [ 115.113264][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 115.113329][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 115.116018][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 115.116040][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 115.188299][ T13] veth1_macvtap: left promiscuous mode [ 115.190828][ T13] veth0_macvtap: left promiscuous mode [ 115.193007][ T13] veth1_vlan: left promiscuous mode [ 115.196123][ T13] veth0_vlan: left promiscuous mode [ 115.200283][ T9921] UBIFS error (pid: 9921): cannot open "./file0", error -22 [ 116.413559][ T13] team0 (unregistering): Port device team_slave_1 removed [ 116.542436][ T13] team0 (unregistering): Port device team_slave_0 removed [ 117.199049][ T66] Bluetooth: hci1: command tx timeout [ 117.476140][ T9928] __nla_validate_parse: 1 callbacks suppressed [ 117.476157][ T9928] netlink: 200 bytes leftover after parsing attributes in process `syz.1.2336'. [ 117.552715][ T9790] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 117.556059][ T9790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 117.569300][ T9790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 117.593655][ T9790] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 117.599739][ T9790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 117.620782][ T9790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 117.840768][ T9790] hsr_slave_0: entered promiscuous mode [ 117.894224][ T9790] hsr_slave_1: entered promiscuous mode [ 117.910860][ T9790] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 117.914832][ T9790] Cannot create hsr debugfs directory [ 118.029194][ T9982] QAT: Invalid ioctl 21531 [ 118.338807][T10004] netlink: 'syz.1.2371': attribute type 1 has an invalid length. [ 118.648698][T10024] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2379'. [ 118.754567][T10033] netlink: 'syz.2.2383': attribute type 1 has an invalid length. [ 118.757884][T10033] nbd: illegal input index 11862028 [ 118.955524][T10050] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2390'. [ 118.959849][T10050] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2390'. [ 119.160959][ T9790] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 119.169540][ T9790] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 119.222340][ T9790] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 119.227064][T10073] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2397'. [ 119.256513][ T9790] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 119.341850][T10081] Invalid ELF header magic: != ELF [ 119.426867][ T66] Bluetooth: hci1: command tx timeout [ 119.454415][ T9790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 119.507055][ T9790] 8021q: adding VLAN 0 to HW filter on device team0 [ 119.511384][T10093] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 119.527523][ T1215] bridge0: port 1(bridge_slave_0) entered blocking state [ 119.530046][ T1215] bridge0: port 1(bridge_slave_0) entered forwarding state [ 119.573655][ T1104] bridge0: port 2(bridge_slave_1) entered blocking state [ 119.577796][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state [ 119.702060][ T9790] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 119.722353][T10110] netlink: 168 bytes leftover after parsing attributes in process `syz.2.2413'. [ 119.729855][T10110] netlink: 168 bytes leftover after parsing attributes in process `syz.2.2413'. [ 120.009688][ T9790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 120.049014][T10134] netlink: 1076 bytes leftover after parsing attributes in process `syz.2.2421'. [ 120.085017][ T9790] veth0_vlan: entered promiscuous mode [ 120.194937][ T9790] veth1_vlan: entered promiscuous mode [ 120.262625][ T9790] veth0_macvtap: entered promiscuous mode [ 120.306634][ T9790] veth1_macvtap: entered promiscuous mode [ 120.332374][T10149] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 120.337647][T10149] overlayfs: missing 'lowerdir' [ 120.337900][ T9790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 120.343107][ T9790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.349572][ T9790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 120.353829][ T9790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.360411][ T9790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 120.365148][ T9790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.372942][ T9790] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 120.387808][ T9790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 120.393572][ T9790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.396941][ T9790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 120.408567][ T9790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.420220][ T9790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 120.424028][ T9790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 120.432680][ T9790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 120.446913][T10153] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 120.461840][ T9790] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.467474][ T9790] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.470531][ T9790] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.482069][ T9790] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.502175][T10157] random: crng reseeded on system resumption [ 120.676953][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.680047][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 120.725786][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 120.729400][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 121.214488][T10208] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2449'. [ 121.217529][T10208] netlink: 50 bytes leftover after parsing attributes in process `syz.3.2449'. [ 121.650262][ T66] Bluetooth: hci1: command tx timeout [ 121.841434][T10264] netlink: 'syz.0.2469': attribute type 1 has an invalid length. [ 122.179501][T10288] QAT: Device 253 not found [ 122.836441][T10346] __nla_validate_parse: 5 callbacks suppressed [ 122.836457][T10346] netlink: 80 bytes leftover after parsing attributes in process `syz.0.2511'. [ 123.197528][T10378] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2528'. [ 123.239724][T10382] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 123.460816][T10402] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2540'. [ 123.799732][T10430] overlayfs: missing 'lowerdir' [ 124.223936][T10467] netlink: 'syz.0.2569': attribute type 4 has an invalid length. [ 124.271476][T10469] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2570'. [ 124.638867][T10499] netlink: 'syz.0.2583': attribute type 10 has an invalid length. [ 124.641698][T10499] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2583'. [ 124.647134][T10499] veth0_vlan: entered allmulticast mode [ 124.650275][T10499] bridge0: port 3(veth0_vlan) entered blocking state [ 124.652792][T10499] bridge0: port 3(veth0_vlan) entered disabled state [ 124.662123][T10499] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check. [ 124.964332][T10517] netlink: 'syz.3.2593': attribute type 1 has an invalid length. [ 125.075259][T10523] netlink: 'syz.3.2597': attribute type 10 has an invalid length. [ 125.098746][T10523] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 125.101917][T10523] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 125.105876][T10523] team0: Port device netdevsim0 added [ 125.308786][T10537] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2602'. [ 125.542824][T10553] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING [ 125.625004][T10559] random: crng reseeded on system resumption [ 125.830204][T10574] xt_cgroup: xt_cgroup: no path or classid specified [ 125.863640][T10578] netlink: 'syz.0.2622': attribute type 61 has an invalid length. [ 125.873833][T10580] netlink: 'syz.3.2623': attribute type 4 has an invalid length. [ 126.145866][T10596] libceph: resolve '400' (ret=-3): failed [ 126.435243][T10625] random: crng reseeded on system resumption [ 126.609761][ C3] vkms_vblank_simulate: vblank timer overrun [ 126.684580][T10646] random: crng reseeded on system resumption [ 126.698878][T10641] : entered promiscuous mode [ 126.702626][T10644] netlink: 'syz.1.2653': attribute type 21 has an invalid length. [ 126.705614][T10644] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2653'. [ 126.712494][T10644] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2653'. [ 127.009849][T10671] random: crng reseeded on system resumption [ 127.101008][T10677] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2672'. [ 127.127314][T10677] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 127.131152][T10677] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 127.134953][T10677] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 127.143009][T10677] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 127.271749][T10692] xt_CT: You must specify a L4 protocol and not use inversions on it [ 127.483508][T10708] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2685'. [ 128.126085][T10758] netlink: 'syz.1.2711': attribute type 1 has an invalid length. [ 128.129069][T10758] netlink: 'syz.1.2711': attribute type 1 has an invalid length. [ 128.395922][T10784] usb usb9: usbfs: process 10784 (syz.2.2725) did not claim interface 10 before use [ 128.628257][T10806] netlink: 'syz.1.2735': attribute type 1 has an invalid length. [ 128.697441][T10811] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:20000 [ 128.724354][T10809] 9pnet: Could not find request transport: xen [ 129.243434][T10866] __nla_validate_parse: 1 callbacks suppressed [ 129.243449][T10866] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2761'. [ 129.666753][T10895] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2775'. [ 130.579285][T10942] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2798'. [ 131.314036][T10986] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2820'. [ 131.378589][T10994] kAFS: No cell specified [ 131.454198][T11001] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2825'. [ 131.805442][T11035] cgroup: subsys name conflicts with all [ 132.201988][T11072] ufs: You didn't specify the type of your ufs filesystem [ 132.201988][T11072] [ 132.201988][T11072] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 132.201988][T11072] [ 132.201988][T11072] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 132.217367][T11072] ufs: ufstype=old is supported read-only [ 132.221478][T11072] ufs: ufs_fill_super(): bad magic number [ 132.424818][T11095] tmpfs: Bad value for 'mpol' [ 132.521445][T11105] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2871'. [ 132.832259][T11135] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2886'. [ 132.898822][ T39] audit: type=1400 audit(1726242444.379:7): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=11137 comm="syz.2.2887" [ 133.014317][T11151] validate_nla: 2 callbacks suppressed [ 133.014333][T11151] netlink: 'syz.0.2895': attribute type 3 has an invalid length. [ 133.294234][ T39] audit: type=1326 audit(1726242444.744:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11168 comm="syz.2.2902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x7ffc0000 [ 133.308991][ T39] audit: type=1326 audit(1726242444.744:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11168 comm="syz.2.2902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x7ffc0000 [ 133.313495][T11173] syz.3.2906: attempt to access beyond end of device [ 133.313495][T11173] loop3: rw=0, sector=2, nr_sectors = 2 limit=0 [ 133.322398][T11173] syz.3.2906: attempt to access beyond end of device [ 133.322398][T11173] loop3: rw=0, sector=16, nr_sectors = 2 limit=0 [ 133.329647][ T39] audit: type=1326 audit(1726242444.753:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11168 comm="syz.2.2902" exe="/syz-executor" sig=0 arch=40000003 syscall=281 compat=1 ip=0xf7f38579 code=0x7ffc0000 [ 133.337801][ T39] audit: type=1326 audit(1726242444.753:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11168 comm="syz.2.2902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x7ffc0000 [ 133.346156][ T39] audit: type=1326 audit(1726242444.753:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11168 comm="syz.2.2902" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x7ffc0000 [ 133.368419][T11176] xt_CT: You must specify a L4 protocol and not use inversions on it [ 134.002834][T11225] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2931'. [ 134.098984][T11231] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2934'. [ 134.469286][T11266] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 134.524438][ T39] audit: type=1326 audit(1726242445.885:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11264 comm="syz.1.2951" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 134.532133][ T39] audit: type=1326 audit(1726242445.885:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11264 comm="syz.1.2951" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 134.741343][T11291] dvmrp1: entered allmulticast mode [ 134.858707][T11304] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2970'. [ 134.990560][T11313] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2972'. [ 135.992751][T11414] netlink: 660 bytes leftover after parsing attributes in process `syz.0.3023'. [ 135.995972][T11414] netlink: 660 bytes leftover after parsing attributes in process `syz.0.3023'. [ 136.042653][T11417] netlink: 'syz.2.3025': attribute type 2 has an invalid length. [ 136.049630][T11417] netlink: 723 bytes leftover after parsing attributes in process `syz.2.3025'. [ 136.158386][T11428] netlink: 'syz.3.3032': attribute type 1 has an invalid length. [ 136.164463][T11428] netlink: 112860 bytes leftover after parsing attributes in process `syz.3.3032'. [ 136.340577][T11445] dvmrp1: entered allmulticast mode [ 136.532366][ T5109] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 136.557407][T11459] netlink: 830 bytes leftover after parsing attributes in process `syz.3.3045'. [ 136.739105][ T5109] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 136.742516][ T5109] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 136.746178][ T5109] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 136.758963][ T5109] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 136.768596][ T5109] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 136.776667][ T5109] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 136.782060][ T5109] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 136.784998][ T5109] usb 7-1: Product: syz [ 136.786657][ T5109] usb 7-1: Manufacturer: syz [ 136.799301][ T5109] cdc_wdm 7-1:1.0: skipping garbage [ 136.803013][ T5109] cdc_wdm 7-1:1.0: skipping garbage [ 136.810700][ T5109] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 136.813644][ T5109] cdc_wdm 7-1:1.0: Unknown control protocol [ 136.887916][T11486] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3059'. [ 137.041005][T11435] cdc_wdm 7-1:1.0: Error submitting int urb - -90 [ 137.057377][ T5109] usb 7-1: USB disconnect, device number 4 [ 137.826288][T11553] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 137.970567][T11560] team0: Port device team_slave_0 removed [ 137.983912][T11560] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 138.024393][T11563] ISOFS: Unable to identify CD-ROM format. [ 138.301455][T11587] netlink: 'syz.1.3109': attribute type 10 has an invalid length. [ 138.331691][T11587] macvlan0: entered promiscuous mode [ 138.333622][T11587] macvlan0: entered allmulticast mode [ 138.344175][T11587] veth1_vlan: entered allmulticast mode [ 138.365760][T11587] bond0: (slave macvlan0): Enslaving as an active interface with an up link [ 138.591061][T11613] xt_CT: You must specify a L4 protocol and not use inversions on it [ 138.795779][T11633] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3132'. [ 138.945636][T11647] autofs4:pid:11647:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(1.2), cmd(0xc0189374) [ 138.950679][T11647] autofs4:pid:11647:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189374) [ 138.971538][T11651] random: crng reseeded on system resumption [ 139.387198][T11689] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 139.459226][T11695] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3162'. [ 139.753208][T11725] : renamed from bridge_slave_0 (while UP) [ 140.087852][T11751] random: crng reseeded on system resumption [ 140.386548][T11773] block device autoloading is deprecated and will be removed. [ 140.398550][T11782] random: crng reseeded on system resumption [ 140.535721][T11792] netlink: 'syz.0.3209': attribute type 9 has an invalid length. [ 140.554971][T11794] program syz.1.3210 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 140.633495][T11800] __nla_validate_parse: 3 callbacks suppressed [ 140.633511][T11800] netlink: 108 bytes leftover after parsing attributes in process `syz.0.3213'. [ 140.652185][T11800] netlink: 108 bytes leftover after parsing attributes in process `syz.0.3213'. [ 140.655484][T11800] netlink: 84 bytes leftover after parsing attributes in process `syz.0.3213'. [ 140.729923][ T1379] ieee802154 phy0 wpan0: encryption failed: -22 [ 140.732288][ T1379] ieee802154 phy1 wpan1: encryption failed: -22 [ 140.823963][ T39] audit: type=1326 audit(1726242451.787:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11813 comm="syz.3.3220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000 [ 140.836015][ T39] audit: type=1326 audit(1726242451.787:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11813 comm="syz.3.3220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000 [ 140.850265][ T39] audit: type=1326 audit(1726242451.806:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11813 comm="syz.3.3220" exe="/syz-executor" sig=0 arch=40000003 syscall=174 compat=1 ip=0xf742e579 code=0x7ffc0000 [ 140.887820][ T39] audit: type=1326 audit(1726242451.806:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11813 comm="syz.3.3220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000 [ 140.902108][ T39] audit: type=1326 audit(1726242451.806:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11813 comm="syz.3.3220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000 [ 141.015680][T11828] netlink: 'syz.0.3227': attribute type 1 has an invalid length. [ 141.040469][ C3] ata1: illegal qc_active transition (00000000->00010000) [ 141.081790][T11830] openvswitch: netlink: Missing key (keys=20040, expected=200000) [ 141.142950][ T39] audit: type=1326 audit(1726242452.087:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11837 comm="syz.1.3232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 141.173456][ T39] audit: type=1326 audit(1726242452.087:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11837 comm="syz.1.3232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 141.183683][ T39] audit: type=1326 audit(1726242452.087:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11837 comm="syz.1.3232" exe="/syz-executor" sig=0 arch=40000003 syscall=461 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 141.210736][ T39] audit: type=1326 audit(1726242452.087:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11837 comm="syz.1.3232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 141.307146][T11854] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3241'. [ 141.393771][T11864] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3243'. [ 141.403024][ T1072] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300) [ 141.415198][T11866] netlink: 'syz.2.3246': attribute type 7 has an invalid length. [ 141.415444][ T1072] ata1.00: configured for UDMA/100 [ 141.609330][T11880] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 141.677872][T11886] netlink: 'syz.2.3256': attribute type 32 has an invalid length. [ 141.684990][T11886] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3256'. [ 141.691869][T11886] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 141.838336][T11903] netlink: 'syz.3.3264': attribute type 12 has an invalid length. [ 141.944328][ T39] audit: type=1326 audit(1726242452.844:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11914 comm="syz.2.3270" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f38579 code=0x7ffc0000 [ 141.991411][T11919] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3272'. [ 142.095494][T11933] openvswitch: netlink: Missing key (keys=20040, expected=80) [ 142.362894][T11950] ufs: You didn't specify the type of your ufs filesystem [ 142.362894][T11950] [ 142.362894][T11950] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 142.362894][T11950] [ 142.362894][T11950] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 142.388291][T11950] syz.2.3286: attempt to access beyond end of device [ 142.388291][T11950] loop2: rw=0, sector=16, nr_sectors = 2 limit=0 [ 142.533660][T11964] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3294'. [ 142.566395][T11969] (syz.2.3296,11969,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 142.570495][T11969] (syz.2.3296,11969,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 142.632991][T11973] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 142.670257][T11977] 9pnet_fd: p9_fd_create_tcp (11977): problem connecting socket to 127.0.0.1 [ 143.099692][T12014] netlink: 'syz.0.3318': attribute type 2 has an invalid length. [ 143.100599][T12012] program syz.1.3317 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 143.102795][T12014] netlink: 'syz.0.3318': attribute type 1 has an invalid length. [ 143.121077][T12014] netlink: 'syz.0.3318': attribute type 1 has an invalid length. [ 143.237995][T12022] team0: mtu less than device minimum [ 143.285878][T12009] syz.3.3314 (12009) used greatest stack depth: 20288 bytes left [ 143.451554][T12036] netlink: 830 bytes leftover after parsing attributes in process `syz.2.3330'. [ 143.943704][T12090] 9pnet_fd: p9_fd_create_tcp (12090): problem connecting socket to 127.0.0.1 [ 144.045876][T12103] netlink: 'syz.0.3362': attribute type 1 has an invalid length. [ 144.053086][T12103] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.3362'. [ 144.574536][T12144] netlink: 'syz.3.3382': attribute type 1 has an invalid length. [ 145.009557][T12180] syz.2.3399: attempt to access beyond end of device [ 145.009557][T12180] loop2: rw=0, sector=1, nr_sectors = 1 limit=0 [ 145.019322][T12180] qnx4: unable to read the superblock [ 145.742478][T12244] syz.1.3430: attempt to access beyond end of device [ 145.742478][T12244] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0 [ 145.747873][T12244] syz.1.3430: attempt to access beyond end of device [ 145.747873][T12244] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0 [ 145.770565][T12244] Mount JFS Failure: -5 [ 145.982211][T12266] ERROR: device name not specified. [ 146.025165][T12271] overlayfs: failed to resolve './file0': -2 [ 146.098519][T12277] __nla_validate_parse: 2 callbacks suppressed [ 146.098537][T12277] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3446'. [ 146.478843][T12302] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3458'. [ 146.596811][T12314] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 146.604015][ T39] kauditd_printk_skb: 8 callbacks suppressed [ 146.604030][ T39] audit: type=1326 audit(1726242457.194:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12313 comm="syz.3.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x50000 [ 146.636085][ T39] audit: type=1326 audit(1726242457.194:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12313 comm="syz.3.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x50000 [ 146.645000][ T39] audit: type=1326 audit(1726242457.194:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12313 comm="syz.3.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x50000 [ 146.688402][ T39] audit: type=1326 audit(1726242457.194:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12313 comm="syz.3.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x50000 [ 146.698855][ T39] audit: type=1326 audit(1726242457.194:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12313 comm="syz.3.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x50000 [ 146.721793][ T39] audit: type=1326 audit(1726242457.194:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12313 comm="syz.3.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x50000 [ 146.729023][ T39] audit: type=1326 audit(1726242457.194:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12313 comm="syz.3.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x50000 [ 146.753723][ T39] audit: type=1326 audit(1726242457.194:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12313 comm="syz.3.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x50000 [ 146.761554][ T39] audit: type=1326 audit(1726242457.194:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12313 comm="syz.3.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x50000 [ 146.796448][ T39] audit: type=1326 audit(1726242457.194:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12313 comm="syz.3.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x50000 [ 147.442001][T12355] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3483'. [ 147.692157][T12375] tmpfs: Bad value for 'grpquota_block_hardlimit' [ 147.706822][T12378] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3494'. [ 148.161844][T12406] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3507'. [ 148.805952][T12440] validate_nla: 1 callbacks suppressed [ 148.805967][T12440] netlink: 'syz.1.3525': attribute type 33 has an invalid length. [ 148.819558][T12442] tmpfs: Bad value for 'grpquota_block_hardlimit' [ 149.880006][T12483] netlink: 'syz.1.3546': attribute type 1 has an invalid length. [ 149.942200][T12490] netlink: 'syz.0.3550': attribute type 1 has an invalid length. [ 150.006992][T12494] workqueue: name exceeds WQ_NAME_LEN. Truncating to: C|+i!3rU&6 bOo '1© [ 150.264693][T12511] program syz.3.3560 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 150.285333][T12515] netlink: 'syz.1.3561': attribute type 4 has an invalid length. [ 150.482391][T12531] netlink: 'syz.3.3569': attribute type 8 has an invalid length. [ 150.529515][T12533] netlink: 'syz.1.3570': attribute type 3 has an invalid length. [ 150.539199][T12533] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.3570'. [ 151.028703][T12581] debugfs: Directory 'C|+i!3rU&6 bOo '1©|' with parent 'ieee80211' already present! [ 151.336945][T12610] x_tables: ip6_tables: mh match: only valid for protocol 135 [ 151.520196][T12630] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22 [ 151.529232][T12630] netdevsim netdevsim2: Direct firmware load for . failed with error -22 [ 151.537017][T12633] x_tables: ip6_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 151.541847][T12630] netdevsim netdevsim2: Falling back to sysfs fallback for: . [ 151.839497][T12655] sctp: [Deprecated]: syz.3.3624 (pid 12655) Use of int in max_burst socket option deprecated. [ 151.839497][T12655] Use struct sctp_assoc_value instead [ 152.091035][T12668] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 152.553447][T12706] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3648'. [ 152.562600][T12707] netlink: 'syz.1.3647': attribute type 5 has an invalid length. [ 152.615602][T12710] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3649'. [ 152.654760][T12714] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3651'. [ 152.665967][T12716] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3652'. [ 152.768201][T12723] REISERFS warning (device nullb0): super-6502 reiserfs_getopt: unknown mount option "b_v-f`" [ 153.027365][T12750] netlink: 'syz.2.3665': attribute type 9 has an invalid length. [ 153.040174][T12750] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.3665'. [ 153.280302][ T833] usb 8-1: new full-speed USB device number 3 using dummy_hcd [ 153.429222][T12768] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3674'. [ 153.500219][ T833] usb 8-1: unable to get BOS descriptor or descriptor too short [ 153.504444][ T833] usb 8-1: not running at top speed; connect to a high speed hub [ 153.535012][ T833] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 153.548112][ T833] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.550507][ T833] usb 8-1: Product: syz [ 153.560540][ T833] usb 8-1: Manufacturer: syz [ 153.562227][ T833] usb 8-1: SerialNumber: syz [ 153.567379][T12777] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 154.047547][T12808] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3694'. [ 154.058278][T12810] misc userio: The device must be registered before sending interrupts [ 154.074035][ T833] cdc_ncm 8-1:1.0: bind() failure [ 154.093687][ T833] cdc_ncm 8-1:1.1: probe with driver cdc_ncm failed with error -71 [ 154.097657][ T833] cdc_mbim 8-1:1.1: probe with driver cdc_mbim failed with error -71 [ 154.106634][ T833] usbtest 8-1:1.1: probe with driver usbtest failed with error -71 [ 154.113914][T12815] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3697'. [ 154.117020][T12815] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3697'. [ 154.123416][ T833] usb 8-1: USB disconnect, device number 3 [ 154.500794][ C0] vkms_vblank_simulate: vblank timer overrun [ 154.592799][ C0] vkms_vblank_simulate: vblank timer overrun [ 154.945331][T12874] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3726'. [ 155.001718][T12877] bridge0: entered promiscuous mode [ 155.003457][T12877] bridge0: entered allmulticast mode [ 155.059318][T12883] i2c i2c-1: Invalid block write size 34 [ 155.417797][T12910] i2c i2c-1: Invalid block write size 34 [ 155.505915][ T39] kauditd_printk_skb: 10385 callbacks suppressed [ 155.505929][ T39] audit: type=1326 audit(1726242465.528:10428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12920 comm="syz.3.3750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000 [ 155.516600][ T39] audit: type=1326 audit(1726242465.538:10429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12920 comm="syz.3.3750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000 [ 155.535558][ T39] audit: type=1326 audit(1726242465.547:10430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12920 comm="syz.3.3750" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf742e579 code=0x7ffc0000 [ 155.556913][ T39] audit: type=1326 audit(1726242465.547:10431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12920 comm="syz.3.3750" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742e579 code=0x7ffc0000 [ 157.148382][T13019] tmpfs: Bad value for 'mpol' [ 157.468226][T13037] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'filter' [ 157.786500][T13060] netlink: 'syz.1.3817': attribute type 21 has an invalid length. [ 157.790312][T13060] netlink: 'syz.1.3817': attribute type 5 has an invalid length. [ 157.793967][T13060] netlink: 'syz.1.3817': attribute type 6 has an invalid length. [ 158.004052][ T6842] IPVS: starting estimator thread 0... [ 158.089206][T13085] xt_CT: You must specify a L4 protocol and not use inversions on it [ 158.097803][T13079] IPVS: using max 21 ests per chain, 50400 per kthread [ 158.239033][T13095] __nla_validate_parse: 8 callbacks suppressed [ 158.239048][T13095] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.3831'. [ 158.548492][T13118] netlink: 6 bytes leftover after parsing attributes in process `syz.1.3846'. [ 158.592862][T13121] netlink: 'syz.3.3847': attribute type 2 has an invalid length. [ 158.770785][T13133] syz.3.3854: attempt to access beyond end of device [ 158.770785][T13133] loop3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 158.776144][T13133] exFAT-fs (loop3): unable to read boot sector [ 158.783532][T13133] exFAT-fs (loop3): failed to read boot sector [ 158.785659][T13133] exFAT-fs (loop3): failed to recognize exfat type [ 158.973205][T13148] program syz.1.3861 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 158.975522][T13149] openvswitch: netlink: IP tunnel dst address not specified [ 159.107713][T13159] IPVS: length: 215 != 24 [ 159.226234][T13169] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes [ 159.573512][T13189] usb usb8: usbfs: process 13189 (syz.1.3880) did not claim interface 0 before use [ 159.597697][T13191] netlink: 6 bytes leftover after parsing attributes in process `syz.3.3881'. [ 160.051330][T13228] netlink: 105120 bytes leftover after parsing attributes in process `syz.1.3900'. [ 160.064536][T13231] netlink: 6 bytes leftover after parsing attributes in process `syz.2.3899'. [ 160.286118][ T39] audit: type=1400 audit(1726242470.000:10432): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=222F2F26 pid=13248 comm="syz.0.3910" [ 160.593773][T13271] netlink: 6 bytes leftover after parsing attributes in process `syz.0.3917'. [ 160.857273][T13295] netlink: 'syz.3.3932': attribute type 21 has an invalid length. [ 160.860171][T13295] netlink: 156 bytes leftover after parsing attributes in process `syz.3.3932'. [ 160.944413][T13303] ip6t_rpfilter: unknown options [ 160.956440][T13308] netlink: 'syz.3.3939': attribute type 21 has an invalid length. [ 160.959325][T13308] netlink: 144 bytes leftover after parsing attributes in process `syz.3.3939'. [ 160.991510][ T39] audit: type=1326 audit(1726242470.654:10433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13310 comm="syz.0.3940" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 161.016228][ T39] audit: type=1326 audit(1726242470.673:10434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13310 comm="syz.0.3940" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 161.024156][ T39] audit: type=1326 audit(1726242470.673:10435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13310 comm="syz.0.3940" exe="/syz-executor" sig=0 arch=40000003 syscall=312 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 161.035433][ T39] audit: type=1326 audit(1726242470.673:10436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13310 comm="syz.0.3940" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 161.351027][T13343] zonefs (nbd1) ERROR: Not a zoned block device [ 161.667876][ T5650] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 161.682706][T13375] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3971'. [ 161.820173][T13383] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3975'. [ 161.861537][ T5650] usb 7-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 161.864928][ T5650] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.872311][ T5650] usb 7-1: config 0 descriptor?? [ 161.885657][ T5650] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input13 [ 162.050517][T13401] netlink: 'syz.1.3983': attribute type 14 has an invalid length. [ 162.163325][ T5650] usb 7-1: USB disconnect, device number 5 [ 162.609524][T13438] xt_limit: Overflow, try lower: 4294965249/4 [ 162.669381][T13445] usb usb8: usbfs: process 13445 (syz.1.4006) did not claim interface 0 before use [ 163.189897][T13488] netlink: 'syz.0.4027': attribute type 1 has an invalid length. [ 163.351431][T13501] netlink: 'syz.3.4033': attribute type 10 has an invalid length. [ 163.354662][T13501] bridge0: port 4(batadv0) entered blocking state [ 163.366054][T13501] bridge0: port 4(batadv0) entered disabled state [ 163.373368][T13501] batadv0: entered allmulticast mode [ 163.378069][T13501] batadv0: entered promiscuous mode [ 163.382408][T13501] bridge0: port 4(batadv0) entered blocking state [ 163.385339][T13501] bridge0: port 4(batadv0) entered forwarding state [ 163.569568][T13511] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 163.716670][ T1103] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 163.722806][ T1103] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 163.887375][ T39] audit: type=1326 audit(1726242473.367:10437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.0.4056" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 163.933553][ T39] audit: type=1326 audit(1726242473.367:10438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.0.4056" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 163.940871][ T39] audit: type=1326 audit(1726242473.376:10439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.0.4056" exe="/syz-executor" sig=0 arch=40000003 syscall=275 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 163.949063][ T39] audit: type=1326 audit(1726242473.376:10440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.0.4056" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 163.957269][ T39] audit: type=1326 audit(1726242473.376:10441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13545 comm="syz.0.4056" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 164.036755][T13558] Timeout policy `syz1' can only be used by L3 protocol number 0 [ 164.146876][T13568] netlink: 'syz.3.4068': attribute type 5 has an invalid length. [ 164.356480][ T39] audit: type=1326 audit(1726242473.807:10442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13587 comm="syz.0.4077" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 164.375966][T13590] xt_TPROXY: Can be used only with -p tcp or -p udp [ 164.719260][T13625] __nla_validate_parse: 3 callbacks suppressed [ 164.719277][T13625] netlink: 4104 bytes leftover after parsing attributes in process `syz.3.4094'. [ 164.727297][T13625] openvswitch: netlink: ct_state flags 00020000 unsupported [ 164.839464][T13633] tmpfs: Bad value for 'nr_blocks' [ 164.847661][T13632] xt_policy: neither incoming nor outgoing policy selected [ 164.949224][T13641] netlink: 'syz.1.4102': attribute type 10 has an invalid length. [ 164.952518][T13641] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4102'. [ 164.956244][T13641] bridge0: port 3(batadv0) entered blocking state [ 164.961209][T13641] bridge0: port 3(batadv0) entered disabled state [ 164.963926][T13641] batadv0: entered allmulticast mode [ 164.967285][T13641] batadv0: entered promiscuous mode [ 164.969689][T13641] bridge0: port 3(batadv0) entered blocking state [ 164.972970][T13641] bridge0: port 3(batadv0) entered forwarding state [ 165.231744][T13663] xt_NFQUEUE: number of total queues is 0 [ 165.324242][T13674] netlink: 'syz.3.4119': attribute type 11 has an invalid length. [ 165.368850][T13677] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4120'. [ 165.399988][ T13] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 165.407191][ T13] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 165.414419][T13682] netlink: 2 bytes leftover after parsing attributes in process `syz.3.4122'. [ 165.421140][T13682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 165.426494][T13682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.440977][T13682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 165.450185][T13682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.464482][T13682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 165.470870][T13682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 165.476112][T13682] batadv_slave_1: entered promiscuous mode [ 165.663829][T13703] netlink: 'syz.1.4133': attribute type 1 has an invalid length. [ 166.016538][T13732] netlink: 'syz.1.4147': attribute type 3 has an invalid length. [ 166.022968][T13732] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.4147'. [ 166.123453][T13738] No such timeout policy "syz0" [ 166.295315][T13749] ax25_connect(): syz.1.4155 uses autobind, please contact jreuter@yaina.de [ 166.409541][T13756] ALSA: mixer_oss: invalid index -1404626105 [ 166.574817][T13709] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 166.781256][T13789] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4176'. [ 166.844873][ T39] kauditd_printk_skb: 10 callbacks suppressed [ 166.844888][ T39] audit: type=1400 audit(1726242476.136:10453): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=13792 comm="syz.3.4178" [ 166.941872][T13801] netlink: 'syz.3.4181': attribute type 22 has an invalid length. [ 166.945991][T13801] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4181'. [ 167.175452][T13820] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4192'. [ 167.198271][T13823] Malformed UNC in devname [ 167.198271][T13823] [ 167.200964][T13823] CIFS: VFS: Malformed UNC in devname [ 167.289022][T13832] netlink: 2 bytes leftover after parsing attributes in process `syz.1.4196'. [ 167.295984][T13832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 167.309387][T13832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 167.314089][T13832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 167.322532][T13832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 167.325843][T13832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 167.329755][T13832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 167.345529][T13832] batadv_slave_1: entered promiscuous mode [ 167.351488][T13837] netlink: 'syz.0.4199': attribute type 10 has an invalid length. [ 167.425974][T13837] team0: Port device wlan1 added [ 167.474804][T13845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 167.478372][T13845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 167.493624][T13845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 167.497636][T13845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 167.501151][T13845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 167.516796][T13845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 167.528382][ T39] audit: type=1326 audit(1726242476.781:10454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13847 comm="syz.1.4204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 167.551278][T13850] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4205'. [ 167.558834][ T39] audit: type=1326 audit(1726242476.791:10455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13847 comm="syz.1.4204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 167.583414][ T39] audit: type=1326 audit(1726242476.791:10456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13847 comm="syz.1.4204" exe="/syz-executor" sig=0 arch=40000003 syscall=299 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 167.600712][ T39] audit: type=1326 audit(1726242476.791:10457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13847 comm="syz.1.4204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 167.626132][ T39] audit: type=1326 audit(1726242476.800:10458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13847 comm="syz.1.4204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6579 code=0x7ffc0000 [ 167.734980][T13860] qnx6: unable to read the first superblock [ 167.936668][ T66] Bluetooth: hci0: command 0x0c1a tx timeout [ 168.457441][T13922] (unnamed net_device) (uninitialized): option mode: invalid value (254) [ 168.739046][T13955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.743237][T13955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.753696][T13955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.759134][T13955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.763545][T13955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.771142][T13955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.832490][ C0] ================================================================== [ 168.835426][ C0] BUG: KASAN: slab-use-after-free in __lock_acquire+0x2de0/0x3cb0 [ 168.841270][ C0] Read of size 8 at addr ffff888022715818 by task syz.1.4257/13960 [ 168.847557][ C0] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 168.848478][ C0] CPU: 0 UID: 0 PID: 13960 Comm: syz.1.4257 Not tainted 6.11.0-rc7-syzkaller-00097-g196145c606d0 #0 [ 168.851953][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 168.868299][ C0] Call Trace: [ 168.872114][ C0] [ 168.873176][ C0] dump_stack_lvl+0x116/0x1f0 [ 168.874854][ C0] print_report+0xc3/0x620 [ 168.876434][ C0] ? __virt_addr_valid+0x5e/0x590 [ 168.878259][ C0] ? __phys_addr+0xc6/0x150 [ 168.885701][ C0] kasan_report+0xd9/0x110 [ 168.887340][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 168.889272][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 168.891609][ C0] __lock_acquire+0x2de0/0x3cb0 [ 168.893917][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 168.896375][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 168.898836][ C0] lock_acquire+0x1b1/0x560 [ 168.901338][ C0] ? p9_req_put+0xaf/0x250 [ 168.903379][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 168.905683][ C0] ? __pfx_lock_release+0x10/0x10 [ 168.907989][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 168.912123][ C0] ? p9_req_put+0xaf/0x250 [ 168.914185][ C0] p9_req_put+0xaf/0x250 [ 168.916201][ C0] req_done+0x1e7/0x2f0 [ 168.918352][ C0] ? __pfx_req_done+0x10/0x10 [ 168.919961][ C0] ? __pfx_req_done+0x10/0x10 [ 168.921904][ C0] vring_interrupt+0x31b/0x400 [ 168.923395][ C0] ? __pfx_vring_interrupt+0x10/0x10 [ 168.925270][ C0] __handle_irq_event_percpu+0x229/0x7c0 [ 168.927298][ C0] handle_irq_event+0xab/0x1e0 [ 168.929268][ C0] handle_edge_irq+0x263/0xd10 [ 168.931075][ C0] __common_interrupt+0xdf/0x250 [ 168.932861][ C0] common_interrupt+0xab/0xd0 [ 168.934810][ C0] [ 168.935903][ C0] [ 168.936997][ C0] asm_common_interrupt+0x26/0x40 [ 168.939152][ C0] RIP: 0010:debug_check_no_obj_freed+0x354/0x600 [ 168.942602][ C0] Code: 35 d1 b2 8a 0b 7d 07 44 89 35 c8 b2 8a 0b 48 81 44 24 50 00 10 00 00 48 8b 74 24 20 48 8b 44 24 50 48 39 f0 0f 85 01 fe ff ff <48> 8b 5c 24 18 45 89 ee 44 3b 35 99 b2 8a 0b 7e 07 44 89 35 90 b2 [ 168.950196][ C0] RSP: 0018:ffffc9002354f620 EFLAGS: 00000246 [ 168.952307][ C0] RAX: ffff8880266d9000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 168.955161][ C0] RDX: 0000000000000001 RSI: ffff8880266d9000 RDI: 0000000000000001 [ 168.959072][ C0] RBP: ffffc9002354f760 R08: 0000000000000001 R09: fffffbfff2d126e7 [ 168.963740][ C0] R10: ffffffff9689373f R11: 0000000000000000 R12: ffffffff9a3fa1e0 [ 168.967675][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: ffff8880266d8a80 [ 168.972097][ C0] ? mark_lock+0xb5/0xc60 [ 168.973706][ C0] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 168.975955][ C0] ? rcu_read_unlock+0x17/0x60 [ 168.977670][ C0] kmem_cache_free+0x26f/0x3a0 [ 168.979379][ C0] ? tlb_remove_table+0xde/0xa80 [ 168.983022][ C0] ? ___pte_free_tlb+0x1d/0x260 [ 168.985297][ C0] ___pte_free_tlb+0x1d/0x260 [ 168.987989][ C0] free_pgd_range+0x4e7/0xbc0 [ 168.990177][ C0] free_pgtables+0x1c1/0x950 [ 168.992387][ C0] ? __pfx_free_pgtables+0x10/0x10 [ 168.994845][ C0] ? __pfx_down_write+0x10/0x10 [ 168.997185][ C0] exit_mmap+0x3c9/0xb20 [ 168.999135][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 169.001900][ C0] __mmput+0x12a/0x480 [ 169.003785][ C0] mmput+0x62/0x70 [ 169.005582][ C0] do_exit+0x9bf/0x2bb0 [ 169.007963][ C0] ? get_signal+0x8fb/0x26d0 [ 169.010391][ C0] ? __pfx_do_exit+0x10/0x10 [ 169.012590][ C0] ? do_raw_spin_lock+0x12d/0x2c0 [ 169.015255][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 169.017964][ C0] do_group_exit+0xd3/0x2a0 [ 169.020624][ C0] get_signal+0x2658/0x26d0 [ 169.022768][ C0] ? find_held_lock+0x2d/0x110 [ 169.024743][ C0] ? __pfx_get_signal+0x10/0x10 [ 169.026442][ C0] ? __pfx_do_futex+0x10/0x10 [ 169.028108][ C0] arch_do_signal_or_restart+0x90/0x7e0 [ 169.030427][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 169.032776][ C0] syscall_exit_to_user_mode+0x150/0x2a0 [ 169.035087][ C0] __do_fast_syscall_32+0x80/0x120 [ 169.037037][ C0] do_fast_syscall_32+0x32/0x80 [ 169.039345][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 169.042303][ C0] RIP: 0023:0xf7fa6579 [ 169.044194][ C0] Code: Unable to access opcode bytes at 0xf7fa654f. [ 169.047235][ C0] RSP: 002b:00000000f572660c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0 [ 169.051082][ C0] RAX: fffffffffffffe00 RBX: 00000000f7464f88 RCX: 0000000000000080 [ 169.054655][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f7464f8c [ 169.057770][ C0] RBP: 0000000000000081 R08: 0000000000000000 R09: 0000000000000000 [ 169.060739][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 169.064421][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 169.068058][ C0] [ 169.069211][ C0] [ 169.070062][ C0] Allocated by task 13963: [ 169.072145][ C0] kasan_save_stack+0x33/0x60 [ 169.073986][ C0] kasan_save_track+0x14/0x30 [ 169.075615][ C0] __kasan_kmalloc+0xaa/0xb0 [ 169.077243][ C0] p9_client_create+0xcf/0x11b0 [ 169.078975][ C0] v9fs_session_init+0x1f8/0x1a80 [ 169.080905][ C0] v9fs_mount+0xc6/0xa50 [ 169.082505][ C0] legacy_get_tree+0x109/0x220 [ 169.084680][ C0] vfs_get_tree+0x8f/0x380 [ 169.086306][ C0] path_mount+0x6e1/0x1f10 [ 169.088438][ C0] __ia32_sys_mount+0x292/0x310 [ 169.090670][ C0] __do_fast_syscall_32+0x73/0x120 [ 169.093050][ C0] do_fast_syscall_32+0x32/0x80 [ 169.095978][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 169.098921][ C0] [ 169.100033][ C0] Freed by task 13963: [ 169.101802][ C0] kasan_save_stack+0x33/0x60 [ 169.103496][ C0] kasan_save_track+0x14/0x30 [ 169.105237][ C0] kasan_save_free_info+0x3b/0x60 [ 169.107076][ C0] poison_slab_object+0xf7/0x160 [ 169.108866][ C0] __kasan_slab_free+0x32/0x50 [ 169.110727][ C0] kfree+0x12a/0x3b0 [ 169.112145][ C0] p9_client_create+0x9ca/0x11b0 [ 169.113835][ C0] v9fs_session_init+0x1f8/0x1a80 [ 169.115780][ C0] v9fs_mount+0xc6/0xa50 [ 169.117257][ C0] legacy_get_tree+0x109/0x220 [ 169.118892][ C0] vfs_get_tree+0x8f/0x380 [ 169.120447][ C0] path_mount+0x6e1/0x1f10 [ 169.122203][ C0] __ia32_sys_mount+0x292/0x310 [ 169.124920][ C0] __do_fast_syscall_32+0x73/0x120 [ 169.126778][ C0] do_fast_syscall_32+0x32/0x80 [ 169.128526][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 169.130839][ C0] [ 169.131696][ C0] The buggy address belongs to the object at ffff888022715800 [ 169.131696][ C0] which belongs to the cache kmalloc-512 of size 512 [ 169.140840][ C0] The buggy address is located 24 bytes inside of [ 169.140840][ C0] freed 512-byte region [ffff888022715800, ffff888022715a00) [ 169.148134][ C0] [ 169.149052][ C0] The buggy address belongs to the physical page: [ 169.151824][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x22714 [ 169.155064][ C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 169.158587][ C0] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 169.162455][ C0] page_type: 0xfdffffff(slab) [ 169.164658][ C0] raw: 00fff00000000040 ffff88801ac42c80 dead000000000100 dead000000000122 [ 169.168954][ C0] raw: 0000000000000000 0000000080100010 00000001fdffffff 0000000000000000 [ 169.173755][ C0] head: 00fff00000000040 ffff88801ac42c80 dead000000000100 dead000000000122 [ 169.177922][ C0] head: 0000000000000000 0000000080100010 00000001fdffffff 0000000000000000 [ 169.180951][ C0] head: 00fff00000000002 ffffea000089c501 ffffffffffffffff 0000000000000000 [ 169.183960][ C0] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 169.186907][ C0] page dumped because: kasan: bad access detected [ 169.189158][ C0] page_owner tracks the page as allocated [ 169.191167][ C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5653, tgid 5653 (syz-executor), ts 55756090169, free_ts 55615152373 [ 169.201454][ C0] post_alloc_hook+0x2d1/0x350 [ 169.203827][ C0] get_page_from_freelist+0x1351/0x2e50 [ 169.205916][ C0] __alloc_pages_noprof+0x22b/0x2460 [ 169.208223][ C0] alloc_slab_page+0x4e/0xf0 [ 169.210494][ C0] new_slab+0x84/0x260 [ 169.211995][ C0] ___slab_alloc+0xdac/0x1870 [ 169.214034][ C0] __slab_alloc.constprop.0+0x56/0xb0 [ 169.216822][ C0] __kmalloc_cache_noprof+0x2c5/0x310 [ 169.219296][ C0] __ipv6_dev_mc_inc+0x2b7/0xc10 [ 169.221638][ C0] ipv6_add_dev+0xa93/0x1400 [ 169.223741][ C0] addrconf_notify+0x546/0x19d0 [ 169.228415][ C0] notifier_call_chain+0xb9/0x410 [ 169.231224][ C0] call_netdevice_notifiers_info+0xbe/0x140 [ 169.234040][ C0] register_netdevice+0x1728/0x1e20 [ 169.236916][ C0] register_netdev+0x2f/0x50 [ 169.239358][ C0] ip6_tnl_init_net+0x28e/0x410 [ 169.241440][ C0] page last free pid 112 tgid 112 stack trace: [ 169.243670][ C0] free_unref_folios+0x9e9/0x1390 [ 169.245510][ C0] shrink_folio_list+0x2c6c/0x41e0 [ 169.247278][ C0] evict_folios+0x6e0/0x1b30 [ 169.249008][ C0] try_to_shrink_lruvec+0x612/0x9b0 [ 169.251813][ C0] shrink_one+0x3e3/0x7b0 [ 169.253666][ C0] shrink_node+0x2452/0x39d0 [ 169.255797][ C0] balance_pgdat+0xc19/0x18f0 [ 169.257920][ C0] kswapd+0x5ea/0xbf0 [ 169.259902][ C0] kthread+0x2c1/0x3a0 [ 169.262401][ C0] ret_from_fork+0x45/0x80 [ 169.264622][ C0] ret_from_fork_asm+0x1a/0x30 [ 169.267105][ C0] [ 169.268217][ C0] Memory state around the buggy address: [ 169.270941][ C0] ffff888022715700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 169.274624][ C0] ffff888022715780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 169.277489][ C0] >ffff888022715800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 169.281149][ C0] ^ [ 169.282923][ C0] ffff888022715880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 169.289812][ C0] ffff888022715900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 169.292497][ C0] ================================================================== [ 169.295308][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 169.297838][ C0] CPU: 0 UID: 0 PID: 13960 Comm: syz.1.4257 Not tainted 6.11.0-rc7-syzkaller-00097-g196145c606d0 #0 [ 169.301557][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 169.305418][ C0] Call Trace: [ 169.306686][ C0] [ 169.308132][ C0] dump_stack_lvl+0x3d/0x1f0 [ 169.310339][ C0] panic+0x6dc/0x7c0 [ 169.312514][ C0] ? __pfx_panic+0x10/0x10 [ 169.314966][ C0] ? rcu_is_watching+0x12/0xc0 [ 169.317530][ C0] ? __pfx_lock_release+0x10/0x10 [ 169.320122][ C0] ? check_panic_on_warn+0x1f/0xb0 [ 169.322782][ C0] check_panic_on_warn+0xab/0xb0 [ 169.325383][ C0] end_report+0x117/0x180 [ 169.327616][ C0] kasan_report+0xe9/0x110 [ 169.329876][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 169.333439][ C0] ? __lock_acquire+0x2de0/0x3cb0 [ 169.336067][ C0] __lock_acquire+0x2de0/0x3cb0 [ 169.338571][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 169.341328][ C0] ? __pfx___lock_acquire+0x10/0x10 [ 169.344616][ C0] lock_acquire+0x1b1/0x560 [ 169.346000][ C0] ? p9_req_put+0xaf/0x250 [ 169.348876][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 169.351652][ C0] ? __pfx_lock_release+0x10/0x10 [ 169.354776][ C0] _raw_spin_lock_irqsave+0x3a/0x60 [ 169.357205][ C0] ? p9_req_put+0xaf/0x250 [ 169.359311][ C0] p9_req_put+0xaf/0x250 [ 169.361307][ C0] req_done+0x1e7/0x2f0 [ 169.363244][ C0] ? __pfx_req_done+0x10/0x10 [ 169.365426][ C0] ? __pfx_req_done+0x10/0x10 [ 169.367641][ C0] vring_interrupt+0x31b/0x400 [ 169.369708][ C0] ? __pfx_vring_interrupt+0x10/0x10 [ 169.372151][ C0] __handle_irq_event_percpu+0x229/0x7c0 [ 169.374330][ C0] handle_irq_event+0xab/0x1e0 [ 169.376212][ C0] handle_edge_irq+0x263/0xd10 [ 169.378066][ C0] __common_interrupt+0xdf/0x250 [ 169.380029][ C0] common_interrupt+0xab/0xd0 [ 169.381957][ C0] [ 169.383203][ C0] [ 169.384584][ C0] asm_common_interrupt+0x26/0x40 [ 169.387974][ C0] RIP: 0010:debug_check_no_obj_freed+0x354/0x600 [ 169.391085][ C0] Code: 35 d1 b2 8a 0b 7d 07 44 89 35 c8 b2 8a 0b 48 81 44 24 50 00 10 00 00 48 8b 74 24 20 48 8b 44 24 50 48 39 f0 0f 85 01 fe ff ff <48> 8b 5c 24 18 45 89 ee 44 3b 35 99 b2 8a 0b 7e 07 44 89 35 90 b2 [ 169.401373][ C0] RSP: 0018:ffffc9002354f620 EFLAGS: 00000246 [ 169.403594][ C0] RAX: ffff8880266d9000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 169.406512][ C0] RDX: 0000000000000001 RSI: ffff8880266d9000 RDI: 0000000000000001 [ 169.410673][ C0] RBP: ffffc9002354f760 R08: 0000000000000001 R09: fffffbfff2d126e7 [ 169.413571][ C0] R10: ffffffff9689373f R11: 0000000000000000 R12: ffffffff9a3fa1e0 [ 169.417555][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: ffff8880266d8a80 [ 169.423195][ C0] ? mark_lock+0xb5/0xc60 [ 169.424762][ C0] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 169.426850][ C0] ? rcu_read_unlock+0x17/0x60 [ 169.428413][ C0] kmem_cache_free+0x26f/0x3a0 [ 169.430183][ C0] ? tlb_remove_table+0xde/0xa80 [ 169.431935][ C0] ? ___pte_free_tlb+0x1d/0x260 [ 169.433740][ C0] ___pte_free_tlb+0x1d/0x260 [ 169.435393][ C0] free_pgd_range+0x4e7/0xbc0 [ 169.436972][ C0] free_pgtables+0x1c1/0x950 [ 169.438517][ C0] ? __pfx_free_pgtables+0x10/0x10 [ 169.440155][ C0] ? __pfx_down_write+0x10/0x10 [ 169.442908][ C0] exit_mmap+0x3c9/0xb20 [ 169.444584][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 169.446967][ C0] __mmput+0x12a/0x480 [ 169.448778][ C0] mmput+0x62/0x70 [ 169.450369][ C0] do_exit+0x9bf/0x2bb0 [ 169.451879][ C0] ? get_signal+0x8fb/0x26d0 [ 169.453506][ C0] ? __pfx_do_exit+0x10/0x10 [ 169.455108][ C0] ? do_raw_spin_lock+0x12d/0x2c0 [ 169.456947][ C0] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 169.458884][ C0] do_group_exit+0xd3/0x2a0 [ 169.460523][ C0] get_signal+0x2658/0x26d0 [ 169.462162][ C0] ? find_held_lock+0x2d/0x110 [ 169.463946][ C0] ? __pfx_get_signal+0x10/0x10 [ 169.465802][ C0] ? __pfx_do_futex+0x10/0x10 [ 169.467565][ C0] arch_do_signal_or_restart+0x90/0x7e0 [ 169.469583][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 169.471760][ C0] syscall_exit_to_user_mode+0x150/0x2a0 [ 169.473828][ C0] __do_fast_syscall_32+0x80/0x120 [ 169.475600][ C0] do_fast_syscall_32+0x32/0x80 [ 169.477289][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 169.479342][ C0] RIP: 0023:0xf7fa6579 [ 169.480662][ C0] Code: Unable to access opcode bytes at 0xf7fa654f. [ 169.483431][ C0] RSP: 002b:00000000f572660c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0 [ 169.486247][ C0] RAX: fffffffffffffe00 RBX: 00000000f7464f88 RCX: 0000000000000080 [ 169.488680][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000f7464f8c [ 169.491105][ C0] RBP: 0000000000000081 R08: 0000000000000000 R09: 0000000000000000 [ 169.493514][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 169.495947][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 169.499057][ C0] [ 169.505051][ C0] Kernel Offset: disabled [ 169.507609][ C0] Rebooting in 86400 seconds.. VM DIAGNOSIS: 12:35:44 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fc2b05 RDI=ffffffff9a516680 RBP=ffffffff9a516640 RSP=ffffc90000007610 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3230383838666666 R12=0000000000000000 R13=0000000000000031 R14=ffffffff84fc2aa0 R15=0000000000000000 RIP=ffffffff84fc2b2f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f71f1830 CR3=0000000055086000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=00000000000000ea RCX=ffffffff81da35db RDX=1ffff1100358c5e8 RSI=00000000000000ea RDI=0000000000000100 RBP=ffff88801ac62f58 RSP=ffffc90000eef6c8 R8 =0000000000000005 R9 =0000000000000100 R10=00000000000000e9 R11=0000000000000000 R12=0000000000000000 R13=ffff88801ac61958 R14=dffffc0000000000 R15=0000000000000001 RIP=ffffffff818b1c50 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000ffbd9004 CR3=00000000459f4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=ffffea0001c297c0 RCX=ffffc900035b7650 RDX=0000000000000000 RSI=ffffffff8b4cd360 RDI=ffff8880252d0444 RBP=ffff8880252d0000 RSP=ffffc900035b7698 R8 =0000000000000000 R9 =fffffbfff2023cfb R10=ffffffff9011e7df R11=0000000000000000 R12=ffff8880448a6048 R13=dffffc0000000000 R14=0000000000000001 R15=0000000000000001 RIP=ffffffff81723ae0 RFL=00000807 [-O---PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b800000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f73d321c CR3=000000002639e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73cbff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=ffff8880561f8ad0 RBX=0000000000000001 RCX=ffffffff81690f98 RDX=ffff8880561f8ad0 RSI=0000000000000008 RDI=ffffffff96893700 RBP=0000000000000000 RSP=ffffc90002f9f848 R8 =0000000000000000 R9 =fffffbfff2d126e0 R10=ffffffff96893707 R11=0000000000000000 R12=dffffc0000000000 R13=ffff8880561f8b08 R14=0000000000000004 R15=ffff8880561f8000 RIP=ffffffff81690a9d RFL=00000047 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b900000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f72a1830 CR3=000000005990a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000