last executing test programs: 5.421592031s ago: executing program 3 (id=762): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}}, 0xb8}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x50, 0x11, [{@in=@loopback, @in=@private=0xa010100, @in=@private=0xa010100, @in=@rand_addr=0x64010100, 0x3c, 0x0, 0x0, 0x0, 0xa, 0x2}]}]}, 0xa0}}, 0x0) 5.339333624s ago: executing program 3 (id=763): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$packet(0x11, 0x2, 0x300) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0) syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x3, 0x8, 0x2, 0xb}, 0x0, &(0x7f0000000280)={0x3ff, 0x0, 0x0, 0x400d, 0x0, 0x9, 0x466}, 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 4.723353724s ago: executing program 1 (id=769): bind$inet6(0xffffffffffffffff, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) creat(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x3fe) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2d42, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000cc0)='net/netlink\x00') read$FUSE(r1, &(0x7f00000027c0)={0x2020}, 0x2038) 3.741899917s ago: executing program 1 (id=774): r0 = socket$l2tp6(0xa, 0x2, 0x73) setsockopt$inet6_int(r0, 0x29, 0x10, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) socket(0x200000100000011, 0x3, 0x3) read$FUSE(0xffffffffffffffff, 0x0, 0x0) r5 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x121041) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, 0x0) write$evdev(r5, 0x0, 0x0) fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0) connect$bt_rfcomm(0xffffffffffffffff, 0x0, 0x0) 2.84569249s ago: executing program 1 (id=777): r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg$kcm(r0, &(0x7f0000001a40)={0x0, 0x0, &(0x7f0000001740)=[{0x0}, {&(0x7f0000000240)="fbd8dc869fee", 0x6}], 0x2}, 0x40000000) 2.78175532s ago: executing program 1 (id=778): socket$isdn(0x22, 0x3, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000200)={{0x80, 0x5}, 'port1\x00', 0xbf04, 0x1040, 0x7, 0x0, 0xffffffff, 0x5, 0x0, 0x0, 0xd, 0x2}) creat(&(0x7f0000000380)='./file0\x00', 0xecf86c37d53049e1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) ioprio_set$uid(0x3, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) pipe(0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f00000001c0)=0x7f, 0x4) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r2, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0) splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x406f413, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8042, 0x0) fallocate(r3, 0x0, 0x1000000, 0x3) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r3, 0x0) 2.571823653s ago: executing program 1 (id=780): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3) 2.040472319s ago: executing program 3 (id=781): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x3) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) keyctl$session_to_parent(0x12) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000400), 0x0, 0x0, 0x0, 0xe0000000}, 0x20000000) 1.938910212s ago: executing program 2 (id=783): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x2, 0x1, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xb, 0x5}, {0xe, 0xffff}, {0xa, 0xfff1}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_ECN={0x8, 0x4, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4048084) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 1.938578218s ago: executing program 0 (id=784): open(0x0, 0x0, 0x194) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x48, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}]}, 0x48}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000057c0)={0x28, 0x9, 0x6, 0x201, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000084) 1.861848528s ago: executing program 0 (id=785): syz_open_dev$vim2m(0x0, 0x255b, 0x2) connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0xffffffb3, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount$tmpfs(0x0, 0x0, &(0x7f0000000280), 0x800800, &(0x7f0000000100)=ANY=[]) getpgrp(0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f00000000c0)='westwood\x00', 0x9) recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) 1.123176822s ago: executing program 3 (id=786): r0 = gettid() r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYRES32, @ANYBLOB], 0x19c}}, 0x10) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r2, &(0x7f0000000100)='cpuacct.usage_all\x00', 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000340), 0x206, 0x8401) ioctl$USBDEVFS_CONTROL(r3, 0xc0185500, &(0x7f0000000200)={0x40, 0x17, 0x6, 0x401, 0x300, 0x4, 0x0}) mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x0) read$alg(0xffffffffffffffff, &(0x7f0000000240)=""/4096, 0xfffffdef) 1.051587502s ago: executing program 2 (id=787): syz_open_procfs(0x0, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@updpolicy={0xb8, 0x19, 0xfd3649826d894c67, 0x0, 0x25dfdbfd, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x10, 0x26b9ffe36856e205, 0x33}, {0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffc}, {}, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3}}, 0xb8}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x20, 0x2, 0x0, 0xcc2}}}}}}}, 0x0) 1.051440719s ago: executing program 2 (id=788): socket$kcm(0x10, 0x2, 0x0) socket$kcm(0xa, 0x2, 0x0) socket$kcm(0x10, 0x400000002, 0x0) socket$kcm(0xa, 0x1, 0x106) socket$kcm(0x10, 0x400000002, 0x0) socket$kcm(0xa, 0x5, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r0], 0x20) 1.001850069s ago: executing program 2 (id=789): ioctl$SNDRV_TIMER_IOCTL_STATUS32(0xffffffffffffffff, 0x80585414, 0x0) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = fanotify_init(0x8, 0x101000) fanotify_mark(r1, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000340)='./file0\x00') close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) socket$alg(0x26, 0x5, 0x0) openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0) openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x4, 0x0, 0x7fffffff}, 0x0, 0x0) 1.001576183s ago: executing program 3 (id=790): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x0) sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="640000000906010800000000000000000600000505000100070000003c0007801800148014000240fc0000000000000000000000000000011800018014000240ff01000000000000000000000000000105000300070000000900020073797a31"], 0x64}}, 0x4800) syz_open_procfs$pagemap(0x0, &(0x7f0000000140)) symlinkat(&(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000040)={0x13, 0x24, 0x1, 0x12, 0x1001, 0x0, 0x4, 0xfe}) socket$inet_tcp(0x2, 0x1, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000000306050000000000000000000000000005000100240000000100000084fa"], 0x1c}}, 0x20000090) 980.728039ms ago: executing program 0 (id=791): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket(0x1, 0x803, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) socket$nl_netfilter(0x10, 0x3, 0xc) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000800)) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_GET_COALESCE(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r4], 0x3c}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, 0x0, {0xfff2}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0) 966.301532ms ago: executing program 3 (id=792): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x2ddd, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f0000000380)=0x0) r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_ADDFB2(r4, 0xc06864b8, &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x0, 0x4}) syz_io_uring_setup(0x5e2, &(0x7f00000003c0), &(0x7f0000000040)=0x0, &(0x7f0000000180)) socket$inet_sctp(0x2, 0x5, 0x84) r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0601, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x14) r7 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) r8 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, r7) pipe2$watch_queue(0x0, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r7, 0xffffffffffffffff, 0x1e) r9 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f0000000280)={'fscrypt:', @auto=[0x66, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, 0x35, 0x0, 0xd, 0x65]}, &(0x7f0000000180)={0x0, "de8d0d27ca969fa15f8b3b7bae39c1b3327d4332f8c149d2d65a347d67f6db7eb90dfdad3cdebaaf421412f812305c9da91699b5a02c1295596f0fd9ec78f2fd", 0x2d}, 0x48, r7) keyctl$KEYCTL_MOVE(0x1e, r9, r7, r8, 0x0) capset(&(0x7f0000000000)={0x20071026}, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_io_uring_submit(r5, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r2, 0xa3d, 0x0, 0x0, 0x0, 0x0) r10 = mq_open(0x0, 0x6e93ebbbcc0884f2, 0x12e, &(0x7f0000000300)={0x0, 0x1, 0x7}) madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x14) mq_timedsend(r10, 0x0, 0x0, 0x0, 0x0) mq_timedsend(r10, 0x0, 0x0, 0x0, 0x0) 881.896371ms ago: executing program 0 (id=793): open(0x0, 0x0, 0x194) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x48, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}]}, 0x48}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000057c0)={0x2c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000084) 881.44888ms ago: executing program 0 (id=794): openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000c40)={0x8000203d}) 821.829508ms ago: executing program 0 (id=795): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x2, 0x1, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xb, 0x5}, {0xe, 0xffff}, {0xa, 0xfff1}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_ECN={0x8, 0x4, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4048084) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff81", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 376.662332ms ago: executing program 1 (id=796): bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x0, 0x0, 0xd, 0x1, 0x200, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x1, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3b}}, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x48004, &(0x7f0000000180)={0xa, 0x4e20, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7}, 0x1c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0xb) syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902"], 0x0) 180.791783ms ago: executing program 2 (id=797): bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00"/11], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$inet6(0xa, 0x80002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2a8, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x328, 0x3d8, 0x3d8, 0x328, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0, 0x4001}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x308) 0s ago: executing program 2 (id=798): syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000240)={@hyper}) syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x4a243) close(r0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:44102' (ED25519) to the list of known hosts. [ 40.858154][ T5890] cgroup: Unknown subsys name 'net' [ 40.984420][ T5890] cgroup: Unknown subsys name 'cpuset' [ 40.988202][ T5890] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 41.845789][ T5890] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.072754][ T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.074764][ T5949] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.079655][ T5949] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 45.080971][ T5953] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.083287][ T5949] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.085839][ T5953] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 45.089399][ T5949] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 45.091901][ T5953] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.094712][ T5949] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 45.097731][ T5953] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.102182][ T5953] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.102389][ T5949] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 45.107501][ T5949] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 45.113382][ T5959] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 45.116867][ T5959] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 45.118538][ T5957] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.120381][ T5959] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.123394][ T5957] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.128797][ T5957] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.131270][ T5957] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 45.381112][ T5952] chnl_net:caif_netlink_parms(): no params data found [ 45.397492][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 45.501453][ T5943] chnl_net:caif_netlink_parms(): no params data found [ 45.585919][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.588654][ T5952] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.591008][ T5952] bridge_slave_0: entered allmulticast mode [ 45.593850][ T5952] bridge_slave_0: entered promiscuous mode [ 45.601727][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.603959][ T5952] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.606213][ T5952] bridge_slave_1: entered allmulticast mode [ 45.608853][ T5952] bridge_slave_1: entered promiscuous mode [ 45.627753][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.630194][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.632537][ T5942] bridge_slave_0: entered allmulticast mode [ 45.635098][ T5942] bridge_slave_0: entered promiscuous mode [ 45.638181][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.640949][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.643288][ T5942] bridge_slave_1: entered allmulticast mode [ 45.646248][ T5942] bridge_slave_1: entered promiscuous mode [ 45.663834][ T5951] chnl_net:caif_netlink_parms(): no params data found [ 45.686635][ T5952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.730707][ T5952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.749092][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.778817][ T5952] team0: Port device team_slave_0 added [ 45.783782][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.812402][ T5952] team0: Port device team_slave_1 added [ 45.886582][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.888902][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.891483][ T5943] bridge_slave_0: entered allmulticast mode [ 45.894118][ T5943] bridge_slave_0: entered promiscuous mode [ 45.939051][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.942197][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.945258][ T5943] bridge_slave_1: entered allmulticast mode [ 45.949162][ T5943] bridge_slave_1: entered promiscuous mode [ 45.968801][ T5942] team0: Port device team_slave_0 added [ 46.029280][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.032378][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.040533][ T5952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.045852][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.048614][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.058649][ T5952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.063616][ T5942] team0: Port device team_slave_1 added [ 46.065694][ T5951] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.068033][ T5951] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.070326][ T5951] bridge_slave_0: entered allmulticast mode [ 46.073734][ T5951] bridge_slave_0: entered promiscuous mode [ 46.076762][ T5951] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.078991][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.081534][ T5951] bridge_slave_1: entered allmulticast mode [ 46.084169][ T5951] bridge_slave_1: entered promiscuous mode [ 46.088368][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.138496][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.157686][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.159864][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.169031][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.202273][ T5951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.206030][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.208321][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.216178][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.236225][ T5943] team0: Port device team_slave_0 added [ 46.239701][ T5951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.264979][ T5943] team0: Port device team_slave_1 added [ 46.302049][ T5952] hsr_slave_0: entered promiscuous mode [ 46.304458][ T5952] hsr_slave_1: entered promiscuous mode [ 46.336802][ T5951] team0: Port device team_slave_0 added [ 46.353339][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.355570][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.363741][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.368063][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.370341][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.378819][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.384300][ T5951] team0: Port device team_slave_1 added [ 46.443411][ T5942] hsr_slave_0: entered promiscuous mode [ 46.446403][ T5942] hsr_slave_1: entered promiscuous mode [ 46.449132][ T5942] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.452431][ T5942] Cannot create hsr debugfs directory [ 46.502958][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.505119][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.512990][ T5951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.517154][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.519285][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.528165][ T5951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.651405][ T5951] hsr_slave_0: entered promiscuous mode [ 46.654088][ T5951] hsr_slave_1: entered promiscuous mode [ 46.656209][ T5951] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.658842][ T5951] Cannot create hsr debugfs directory [ 46.665870][ T5943] hsr_slave_0: entered promiscuous mode [ 46.668367][ T5943] hsr_slave_1: entered promiscuous mode [ 46.670828][ T5943] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.673540][ T5943] Cannot create hsr debugfs directory [ 46.904184][ T5952] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 46.913730][ T5952] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 46.918686][ T5952] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 46.927160][ T5952] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 46.950731][ T5942] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 46.955274][ T5942] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 46.959328][ T5942] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 46.963557][ T5942] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.003394][ T5951] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 47.008689][ T5951] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 47.014856][ T5951] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 47.020336][ T5951] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 47.063625][ T5943] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 47.069329][ T5943] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 47.074026][ T5943] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 47.078282][ T5943] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 47.120089][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.133880][ T5952] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.143364][ T5957] Bluetooth: hci0: command tx timeout [ 47.145272][ T5959] Bluetooth: hci1: command tx timeout [ 47.145368][ T63] Bluetooth: hci2: command tx timeout [ 47.149723][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.157263][ T5952] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.166786][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.169120][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.179237][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.181714][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.197290][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.199575][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.210996][ T5951] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.212174][ T5959] Bluetooth: hci3: command tx timeout [ 47.217766][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.220044][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.228243][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.246386][ T5942] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 47.259423][ T5951] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.267713][ T5943] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.274565][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.276798][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.287026][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.289312][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.298805][ T80] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.301100][ T80] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.319286][ T80] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.322156][ T80] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.375957][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.398315][ T5942] veth0_vlan: entered promiscuous mode [ 47.410575][ T5942] veth1_vlan: entered promiscuous mode [ 47.434041][ T5952] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.450704][ T5942] veth0_macvtap: entered promiscuous mode [ 47.462924][ T5942] veth1_macvtap: entered promiscuous mode [ 47.470348][ T5951] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.476189][ T5952] veth0_vlan: entered promiscuous mode [ 47.486139][ T5952] veth1_vlan: entered promiscuous mode [ 47.494761][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.500524][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.507889][ T5942] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.511059][ T5942] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.513834][ T5942] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.516560][ T5942] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.530387][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.557242][ T5952] veth0_macvtap: entered promiscuous mode [ 47.563884][ T5951] veth0_vlan: entered promiscuous mode [ 47.568520][ T5952] veth1_macvtap: entered promiscuous mode [ 47.586095][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.588694][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.588859][ T5951] veth1_vlan: entered promiscuous mode [ 47.601064][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.616796][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.620773][ T5952] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.624330][ T5952] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.627049][ T5952] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.629642][ T5952] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.637524][ T84] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.640142][ T84] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.651015][ T5943] veth0_vlan: entered promiscuous mode [ 47.662317][ T5943] veth1_vlan: entered promiscuous mode [ 47.676801][ T5951] veth0_macvtap: entered promiscuous mode [ 47.680102][ T5942] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 47.690589][ T5951] veth1_macvtap: entered promiscuous mode [ 47.697425][ T1241] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.699857][ T1241] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.719751][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.726570][ T1241] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.727679][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.728960][ T1241] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.737692][ T5943] veth0_macvtap: entered promiscuous mode [ 47.742785][ T5951] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.745512][ T5951] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.748178][ T5951] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.751175][ T5951] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.756598][ T5943] veth1_macvtap: entered promiscuous mode [ 47.784135][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.797389][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.800083][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.802397][ T5943] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.802428][ T5943] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.802443][ T5943] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.802457][ T5943] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.807826][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.828457][ T84] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.831476][ T84] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.853599][ T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.856110][ T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.872946][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.875423][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.885814][ T6012] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 47.888266][ T6012] IPv6: NLM_F_CREATE should be set when creating new route [ 47.890646][ T6012] IPv6: NLM_F_CREATE should be set when creating new route [ 47.892960][ T6012] IPv6: NLM_F_CREATE should be set when creating new route [ 47.896931][ T6012] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 47.899345][ T6012] Zero length message leads to an empty skb [ 47.951755][ T6013] nbd2: detected capacity change from 0 to 67108884 [ 47.955124][ T5947] block nbd2: Send control failed (result -89) [ 47.962532][ T5947] block nbd2: Request send failed, requeueing [ 47.970276][ T5959] block nbd2: Receive control failed (result -32) [ 47.972739][ T67] block nbd2: Dead connection, failed to find a fallback [ 47.976142][ T67] block nbd2: shutting down sockets [ 47.977926][ T67] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 47.981477][ T67] Buffer I/O error on dev nbd2, logical block 0, async page read [ 47.984489][ T5947] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 47.990238][ T5947] Buffer I/O error on dev nbd2, logical block 0, async page read [ 47.993599][ T5947] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 47.997689][ T5947] Buffer I/O error on dev nbd2, logical block 0, async page read [ 48.007870][ T5947] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 48.013468][ T5947] Buffer I/O error on dev nbd2, logical block 0, async page read [ 48.016330][ T5947] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 48.017025][ T6023] netlink: 'syz.3.7': attribute type 12 has an invalid length. [ 48.019320][ T5947] Buffer I/O error on dev nbd2, logical block 0, async page read [ 48.024587][ T5947] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 48.027423][ T5947] Buffer I/O error on dev nbd2, logical block 0, async page read [ 48.030066][ T5947] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 48.033258][ T5947] Buffer I/O error on dev nbd2, logical block 0, async page read [ 48.035845][ T5947] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 48.039075][ T5947] Buffer I/O error on dev nbd2, logical block 0, async page read [ 48.046237][ T5947] ldm_validate_partition_table(): Disk read failed. [ 48.048360][ T5947] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 48.051179][ T5947] Buffer I/O error on dev nbd2, logical block 0, async page read [ 48.051491][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 48.054242][ T5947] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 48.058658][ T5947] Buffer I/O error on dev nbd2, logical block 0, async page read [ 48.061289][ T5947] Dev nbd2: unable to read RDB block 0 [ 48.064701][ T5947] nbd2: unable to read partition table [ 48.257067][ T6013] ldm_validate_partition_table(): Disk read failed. [ 48.259575][ T6013] Dev nbd2: unable to read RDB block 0 [ 48.262810][ T6013] nbd2: unable to read partition table [ 48.266042][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 48.269766][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=33554441, location=33554441 [ 48.273324][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=33554185, location=33554185 [ 48.275018][ T5947] ldm_validate_partition_table(): Disk read failed. [ 48.276571][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=33554440, location=33554440 [ 48.282330][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=33554184, location=33554184 [ 48.283454][ T5947] Dev nbd2: unable to read RDB block 0 [ 48.285582][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=33554439, location=33554439 [ 48.290777][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=33554183, location=33554183 [ 48.291036][ T5947] nbd2: unable to read partition table [ 48.294486][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=33554291, location=33554291 [ 48.299770][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=33554035, location=33554035 [ 48.304280][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=33554289, location=33554289 [ 48.307736][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=33554033, location=33554033 [ 48.311047][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 48.315659][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 48.318743][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=16777220, location=16777220 [ 48.321920][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=16776964, location=16776964 [ 48.325189][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=16777219, location=16777219 [ 48.328471][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=16776963, location=16776963 [ 48.333205][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=16777218, location=16777218 [ 48.336399][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=16776962, location=16776962 [ 48.340039][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=16777070, location=16777070 [ 48.343504][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=16776814, location=16776814 [ 48.346664][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=16777068, location=16777068 [ 48.350087][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=16776812, location=16776812 [ 48.353489][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 48.357103][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256 [ 48.360170][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=8388609, location=8388609 [ 48.363422][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=8388353, location=8388353 [ 48.366683][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=8388608, location=8388608 [ 48.369932][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=8388352, location=8388352 [ 48.373219][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=8388607, location=8388607 [ 48.376617][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=8388351, location=8388351 [ 48.379728][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=8388459, location=8388459 [ 48.382893][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=8388203, location=8388203 [ 48.385952][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=8388457, location=8388457 [ 48.389042][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=8388201, location=8388201 [ 48.392314][ T6013] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512 [ 48.395234][ T6013] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1) [ 48.500440][ T6041] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 48.502888][ T6041] IPv6: NLM_F_CREATE should be set when creating new route [ 48.505227][ T6041] IPv6: NLM_F_CREATE should be set when creating new route [ 48.507665][ T6041] IPv6: NLM_F_CREATE should be set when creating new route [ 48.511098][ T6041] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 48.548693][ T6043] trusted_key: syz.2.16 sent an empty control message without MSG_MORE. [ 48.588172][ T40] audit: type=1326 audit(1748656772.636:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.2.17" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 48.591749][ T6046] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17'. [ 48.594850][ T40] audit: type=1326 audit(1748656772.636:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.2.17" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 48.604494][ T40] audit: type=1326 audit(1748656772.636:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.2.17" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 48.610908][ T40] audit: type=1326 audit(1748656772.636:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.2.17" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 48.617537][ T40] audit: type=1326 audit(1748656772.636:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.2.17" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 48.625147][ T40] audit: type=1326 audit(1748656772.636:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.2.17" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 48.632001][ T40] audit: type=1326 audit(1748656772.636:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.2.17" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 48.638270][ T40] audit: type=1326 audit(1748656772.636:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.2.17" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 48.644740][ T40] audit: type=1326 audit(1748656772.636:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.2.17" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 48.651188][ T40] audit: type=1326 audit(1748656772.636:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.2.17" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 49.211602][ T5959] Bluetooth: hci1: command tx timeout [ 49.211625][ T5957] Bluetooth: hci2: command tx timeout [ 49.221465][ T5957] Bluetooth: hci0: command tx timeout [ 49.301434][ T5957] Bluetooth: hci3: command tx timeout [ 49.423326][ T60] cfg80211: failed to load regulatory.db [ 50.190491][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 50.251849][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.484738][ T6079] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 50.487012][ T6079] IPv6: NLM_F_CREATE should be set when creating new route [ 50.489271][ T6079] IPv6: NLM_F_CREATE should be set when creating new route [ 50.491554][ T6079] IPv6: NLM_F_CREATE should be set when creating new route [ 50.521622][ T6080] nbd1: detected capacity change from 0 to 67108884 [ 50.525825][ T5947] block nbd1: Send control failed (result -89) [ 50.527769][ T5947] block nbd1: Request send failed, requeueing [ 50.530313][ T5957] block nbd1: Receive control failed (result -32) [ 50.530664][ T1174] block nbd1: Dead connection, failed to find a fallback [ 50.535479][ T1174] block nbd1: shutting down sockets [ 50.537863][ T5947] ldm_validate_partition_table(): Disk read failed. [ 50.540161][ T5947] Dev nbd1: unable to read RDB block 0 [ 50.542333][ T5947] nbd1: unable to read partition table [ 50.545863][ T6080] ldm_validate_partition_table(): Disk read failed. [ 50.549084][ T6080] Dev nbd1: unable to read RDB block 0 [ 50.559138][ T6080] nbd1: unable to read partition table [ 50.562465][ T5947] ldm_validate_partition_table(): Disk read failed. [ 50.564749][ T5947] Dev nbd1: unable to read RDB block 0 [ 50.566879][ T5947] nbd1: unable to read partition table [ 50.572608][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 50.575722][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=33554441, location=33554441 [ 50.579488][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=33554185, location=33554185 [ 50.585342][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=33554440, location=33554440 [ 50.588934][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=33554184, location=33554184 [ 50.594912][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=33554439, location=33554439 [ 50.598416][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=33554183, location=33554183 [ 50.603619][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=33554291, location=33554291 [ 50.608071][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=33554035, location=33554035 [ 50.612649][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=33554289, location=33554289 [ 50.617468][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=33554033, location=33554033 [ 50.623797][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 50.629049][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 50.632293][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16777220, location=16777220 [ 50.636990][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16776964, location=16776964 [ 50.641745][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16777219, location=16777219 [ 50.646083][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16776963, location=16776963 [ 50.650459][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16777218, location=16777218 [ 50.655919][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16776962, location=16776962 [ 50.659305][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16777070, location=16777070 [ 50.662898][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16776814, location=16776814 [ 50.666225][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16777068, location=16777068 [ 50.669550][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=16776812, location=16776812 [ 50.673522][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 50.677802][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 50.682481][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388609, location=8388609 [ 50.685954][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388353, location=8388353 [ 50.689238][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388608, location=8388608 [ 50.693147][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388352, location=8388352 [ 50.696567][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388607, location=8388607 [ 50.699796][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388351, location=8388351 [ 50.703458][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388459, location=8388459 [ 50.706819][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388203, location=8388203 [ 50.710169][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388457, location=8388457 [ 50.713549][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388201, location=8388201 [ 50.717779][ T6080] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 50.721792][ T6080] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1) [ 51.291740][ T5957] Bluetooth: hci2: command tx timeout [ 51.291793][ T5959] Bluetooth: hci0: command tx timeout [ 51.291818][ T63] Bluetooth: hci1: command tx timeout [ 51.371958][ T63] Bluetooth: hci3: command tx timeout [ 51.472636][ T6098] netlink: 16 bytes leftover after parsing attributes in process `syz.0.34'. [ 51.476379][ T6098] netlink: 16 bytes leftover after parsing attributes in process `syz.0.34'. [ 51.554202][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.558397][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.571277][ T6101] netlink: 8 bytes leftover after parsing attributes in process `syz.0.35'. [ 51.581673][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.584888][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.931478][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!! [ 52.567791][ T6121] syz.0.41: attempt to access beyond end of device [ 52.567791][ T6121] nbd0: rw=0, sector=64, nr_sectors = 2 limit=0 [ 52.571916][ T6121] syz.0.41: attempt to access beyond end of device [ 52.571916][ T6121] nbd0: rw=0, sector=512, nr_sectors = 2 limit=0 [ 52.575716][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 52.578596][ T6121] syz.0.41: attempt to access beyond end of device [ 52.578596][ T6121] nbd0: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 52.581410][ T6116] nbd0: detected capacity change from 0 to 67108884 [ 52.582467][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 52.588227][ T6121] block nbd0: Send control failed (result -89) [ 52.590237][ T6121] block nbd0: Request send failed, requeueing [ 52.592753][ T63] block nbd0: Receive control failed (result -32) [ 52.592876][ T5947] block nbd0: Dead connection, failed to find a fallback [ 52.596957][ T5947] block nbd0: shutting down sockets [ 52.597389][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 52.599793][ T5947] ldm_validate_partition_table(): Disk read failed. [ 52.601677][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=16777220, location=16777220 [ 52.604189][ T5947] Dev nbd0: unable to read RDB block 0 [ 52.606800][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=16776964, location=16776964 [ 52.608771][ T5947] nbd0: unable to read partition table [ 52.611801][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=16777219, location=16777219 [ 52.617037][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=16776963, location=16776963 [ 52.618255][ T5947] ldm_validate_partition_table(): Disk read failed. [ 52.620258][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=16777218, location=16777218 [ 52.623739][ T5947] Dev nbd0: unable to read RDB block 0 [ 52.625461][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=16776962, location=16776962 [ 52.627758][ T5947] nbd0: unable to read partition table [ 52.630404][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=16777070, location=16777070 [ 52.635486][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=16776814, location=16776814 [ 52.638700][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=16777068, location=16777068 [ 52.642795][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=16776812, location=16776812 [ 52.646447][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 52.650440][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 52.654356][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=8388609, location=8388609 [ 52.657994][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=8388353, location=8388353 [ 52.661289][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=8388608, location=8388608 [ 52.666086][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=8388352, location=8388352 [ 52.669293][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=8388607, location=8388607 [ 52.673188][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=8388351, location=8388351 [ 52.676311][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=8388459, location=8388459 [ 52.679401][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=8388203, location=8388203 [ 52.682686][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=8388457, location=8388457 [ 52.685830][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=8388201, location=8388201 [ 52.688953][ T6121] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 52.691939][ T6121] UDF-fs: warning (device nbd0): udf_fill_super: No partition found (1) [ 52.792235][ T5991] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 52.812304][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 53.061548][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 53.295524][ T6137] fuse: Unknown parameter 'grou00000000000000000000' [ 53.372015][ T63] Bluetooth: hci1: command tx timeout [ 53.374414][ T5957] Bluetooth: hci0: command tx timeout [ 53.376461][ T5957] Bluetooth: hci2: command tx timeout [ 53.408710][ T6142] netlink: 12 bytes leftover after parsing attributes in process `syz.2.48'. [ 53.417843][ T6142] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.420635][ T6142] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.423467][ T6142] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.426205][ T6142] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 53.431797][ T6142] vxlan0: entered promiscuous mode [ 53.451611][ T63] Bluetooth: hci3: command tx timeout [ 53.754251][ T5991] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 53.757761][ T5991] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 53.760819][ T5991] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 53.763667][ T5991] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 53.769404][ T6119] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 53.777141][ T5991] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 54.031028][ T9] usb 8-1: USB disconnect, device number 2 [ 54.577220][ T6158] random: crng reseeded on system resumption [ 54.587155][ T6158] netlink: 36 bytes leftover after parsing attributes in process `syz.0.52'. [ 54.641501][ T6162] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 54.644046][ T6162] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 54.833817][ T6166] fuse: Unknown parameter 'grou00000000000000000000' [ 55.411383][ T5991] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 55.834099][ T59] Bluetooth: hci4: Frame reassembly failed (-84) [ 55.837027][ T59] Bluetooth: hci4: Frame reassembly failed (-84) [ 55.851929][ T5991] usb 6-1: Using ep0 maxpacket: 16 [ 55.852343][ T5957] Bluetooth: hci3: command 0x0405 tx timeout [ 55.855318][ T5991] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 55.858809][ T5991] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 55.865164][ T5991] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 55.867830][ T5991] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 55.870346][ T5991] usb 6-1: Product: syz [ 55.871688][ T5991] usb 6-1: Manufacturer: syz [ 55.873092][ T5991] usb 6-1: SerialNumber: syz [ 55.876360][ T5991] usb 6-1: config 0 descriptor?? [ 55.881395][ T5991] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 55.884244][ T5991] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class) [ 55.889835][ T6190] Invalid source name [ 55.891267][ T6190] UBIFS error (pid: 6190): cannot open "./file0", error -22 [ 55.896406][ T6190] syz.3.61 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 56.061501][ T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 56.216086][ T9] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 56.219690][ T9] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 56.222925][ T9] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 56.225741][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.233089][ T6187] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 56.239833][ T9] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 56.442457][ T9] usb 5-1: USB disconnect, device number 2 [ 56.484583][ T5991] em28xx 6-1:0.0: unknown em28xx chip ID (0) [ 56.487273][ T5991] em28xx 6-1:0.0: Config register raw data: 0xfffffffb [ 56.998911][ T6197] fuse: Unknown parameter 'grou00000000000000000000' [ 57.099414][ T5991] em28xx 6-1:0.0: Unknown AC97 audio processor detected! [ 57.257782][ T6201] random: crng reseeded on system resumption [ 57.292480][ T838] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 57.318425][ T6202] netlink: 36 bytes leftover after parsing attributes in process `syz.2.67'. [ 57.443653][ T838] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 57.447209][ T838] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 57.451807][ T838] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 57.455665][ T838] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 57.460202][ T838] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 57.467003][ T838] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 57.470630][ T838] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 57.473753][ T838] usb 5-1: Product: syz [ 57.475042][ T838] usb 5-1: Manufacturer: syz [ 57.482980][ T838] cdc_wdm 5-1:1.0: skipping garbage [ 57.484679][ T838] cdc_wdm 5-1:1.0: skipping garbage [ 57.488581][ T838] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 57.490420][ T838] cdc_wdm 5-1:1.0: Unknown control protocol [ 57.503498][ T5991] em28xx 6-1:0.0: couldn't setup AC97 register 2 [ 57.505993][ T5991] em28xx 6-1:0.0: couldn't setup AC97 register 4 [ 57.508303][ T5991] em28xx 6-1:0.0: couldn't setup AC97 register 6 [ 57.510558][ T5991] em28xx 6-1:0.0: couldn't setup AC97 register 54 [ 57.513014][ T5991] em28xx 6-1:0.0: couldn't setup AC97 register 56 [ 57.518580][ T5991] usb 6-1: USB disconnect, device number 2 [ 57.687133][ T838] usb 5-1: USB disconnect, device number 3 [ 57.851521][ T63] Bluetooth: hci4: command 0x1003 tx timeout [ 57.854360][ T5959] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 58.222017][ T6218] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 58.224548][ T6218] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 58.404897][ T6229] random: crng reseeded on system resumption [ 58.411621][ T6229] netlink: 36 bytes leftover after parsing attributes in process `syz.3.78'. [ 59.201917][ T5991] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 59.226856][ T6247] vlan2: entered promiscuous mode [ 59.228586][ T6247] vlan2: entered allmulticast mode [ 59.230282][ T6247] hsr_slave_1: entered allmulticast mode [ 59.269282][ T6247] netlink: 4 bytes leftover after parsing attributes in process `syz.2.82'. [ 59.362605][ T5991] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 59.365303][ T5991] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 59.368972][ T5991] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 59.372715][ T5991] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 59.377067][ T5991] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 59.383468][ T5991] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 59.387173][ T5991] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 59.390463][ T5991] usb 8-1: Product: syz [ 59.392271][ T5991] usb 8-1: Manufacturer: syz [ 59.399550][ T5991] cdc_wdm 8-1:1.0: skipping garbage [ 59.401657][ T5991] cdc_wdm 8-1:1.0: skipping garbage [ 59.404948][ T5991] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 59.407128][ T5991] cdc_wdm 8-1:1.0: Unknown control protocol [ 59.605781][ T29] usb 8-1: USB disconnect, device number 3 [ 59.627079][ T6251] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 59.629719][ T6251] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 60.262256][ T6267] fuse: Unknown parameter 'group_i00000000000000000000' [ 60.743128][ T6273] random: crng reseeded on system resumption [ 60.765548][ T6273] netlink: 36 bytes leftover after parsing attributes in process `syz.1.90'. [ 61.095648][ T6283] netlink: 20 bytes leftover after parsing attributes in process `syz.3.95'. [ 61.178751][ C2] vcan0: j1939_tp_rxtimer: 0xffff88802462a000: rx timeout, send abort [ 61.204934][ T6287] fuse: Unknown parameter 'group_i00000000000000000000' [ 61.361390][ T5991] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 61.512787][ T5991] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 61.515480][ T5991] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 61.519617][ T5991] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 61.523341][ T5991] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 61.527742][ T5991] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 61.534798][ T5991] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 61.538280][ T5991] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 61.540740][ T5991] usb 8-1: Product: syz [ 61.542229][ T5991] usb 8-1: Manufacturer: syz [ 61.547438][ T5991] cdc_wdm 8-1:1.0: skipping garbage [ 61.549130][ T5991] cdc_wdm 8-1:1.0: skipping garbage [ 61.551923][ T5991] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 61.553789][ T5991] cdc_wdm 8-1:1.0: Unknown control protocol [ 61.679038][ C2] vcan0: j1939_tp_rxtimer: 0xffff88802462b400: rx timeout, send abort [ 61.682059][ C2] vcan0: j1939_tp_rxtimer: 0xffff88802462a000: abort rx timeout. Force session deactivation [ 61.755155][ T837] usb 8-1: USB disconnect, device number 4 [ 61.789654][ T6309] netlink: 20 bytes leftover after parsing attributes in process `syz.2.105'. [ 61.849499][ T6313] fuse: Unknown parameter 'group_id00000000000000000000' [ 62.182025][ C2] vcan0: j1939_tp_rxtimer: 0xffff88802462b400: abort rx timeout. Force session deactivation [ 62.465512][ T6338] fuse: Unknown parameter 'group_id00000000000000000000' [ 62.470388][ C2] vcan0: j1939_tp_rxtimer: 0xffff888023a0bc00: rx timeout, send abort [ 62.746795][ T6345] vxcan1: tx drop: invalid da for name 0x0000000000000001 [ 62.970445][ C2] vcan0: j1939_tp_rxtimer: 0xffff8880248d1000: rx timeout, send abort [ 62.973689][ C2] vcan0: j1939_tp_rxtimer: 0xffff888023a0bc00: abort rx timeout. Force session deactivation [ 63.457611][ T6362] fuse: Unknown parameter 'group_id00000000000000000000' [ 63.473664][ C2] vcan0: j1939_tp_rxtimer: 0xffff8880248d1000: abort rx timeout. Force session deactivation [ 63.564084][ T6370] fuse: Bad value for 'user_id' [ 63.565684][ T6370] fuse: Bad value for 'user_id' [ 63.721444][ T838] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 63.882815][ T838] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 63.886288][ T838] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 63.889294][ T838] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 63.892448][ T838] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.899658][ T6364] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 63.904432][ T838] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 63.990773][ T6392] fuse: Bad value for 'user_id' [ 63.992544][ T6392] fuse: Bad value for 'user_id' [ 64.112616][ T838] usb 5-1: USB disconnect, device number 4 [ 64.683737][ T6401] random: crng reseeded on system resumption [ 65.107873][ T6418] netlink: 4 bytes leftover after parsing attributes in process `syz.2.146'. [ 65.221615][ T5991] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 65.381380][ T5991] usb 6-1: Using ep0 maxpacket: 16 [ 65.384363][ T5991] usb 6-1: config 3 has an invalid interface number: 155 but max is 0 [ 65.387055][ T5991] usb 6-1: config 3 has an invalid interface association descriptor of length 3, skipping [ 65.390199][ T5991] usb 6-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config [ 65.394279][ T5991] usb 6-1: config 3 has no interface number 0 [ 65.397094][ T5991] usb 6-1: config 3 interface 155 has no altsetting 0 [ 65.402672][ T5991] usb 6-1: New USB device found, idVendor=05a9, idProduct=264a, bcdDevice=e5.4c [ 65.406556][ T5991] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 65.409537][ T5991] usb 6-1: Product: syz [ 65.410962][ T5991] usb 6-1: Manufacturer: syz [ 65.412766][ T5991] usb 6-1: SerialNumber: syz [ 65.624612][ T5991] usb 6-1: USB disconnect, device number 3 [ 65.782211][ T5959] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 65.784921][ T5959] Bluetooth: hci2: Injecting HCI hardware error event [ 65.787430][ T5959] Bluetooth: hci2: hardware error 0x00 [ 65.821431][ T60] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 65.973579][ T60] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 65.977213][ T60] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 65.980345][ T60] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 65.983377][ T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.988424][ T6424] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 65.992886][ T60] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 66.207513][ T10] usb 5-1: USB disconnect, device number 5 [ 66.208385][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 66.208394][ T40] audit: type=1326 audit(1748656790.226:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz.1.152" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 66.218189][ T40] audit: type=1326 audit(1748656790.226:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz.1.152" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 66.224791][ T40] audit: type=1326 audit(1748656790.226:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz.1.152" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702e598 code=0x7ffc0000 [ 66.235126][ T40] audit: type=1326 audit(1748656790.226:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz.1.152" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 66.254461][ T40] audit: type=1326 audit(1748656790.226:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz.1.152" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 66.261720][ T40] audit: type=1326 audit(1748656790.226:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz.1.152" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702e598 code=0x7ffc0000 [ 66.268543][ T40] audit: type=1326 audit(1748656790.226:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz.1.152" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 66.277283][ T40] audit: type=1326 audit(1748656790.226:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz.1.152" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702e598 code=0x7ffc0000 [ 66.284097][ T40] audit: type=1326 audit(1748656790.226:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz.1.152" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 66.292386][ T40] audit: type=1326 audit(1748656790.226:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz.1.152" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf702e598 code=0x7ffc0000 [ 67.851399][ T5959] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 68.139859][ T6480] fuse: Bad value for 'fd' [ 68.321415][ T5991] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 68.472914][ T5991] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 68.476777][ T5991] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 68.479869][ T5991] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 68.482943][ T5991] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.490180][ T6476] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 68.494391][ T5991] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 68.699395][ T9] usb 5-1: USB disconnect, device number 6 [ 69.564199][ T29] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 69.711374][ T29] usb 6-1: Using ep0 maxpacket: 32 [ 69.714417][ T29] usb 6-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 69.717379][ T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.721960][ T29] usb 6-1: config 0 descriptor?? [ 69.725707][ T29] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 70.823982][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.826203][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.935751][ T29] gspca_nw80x: reg_w err -71 [ 70.937347][ T29] nw80x 6-1:0.0: probe with driver nw80x failed with error -71 [ 70.941428][ T29] usb 6-1: USB disconnect, device number 4 [ 70.985745][ T6526] fuse: Bad value for 'fd' [ 71.064298][ T6534] netlink: 28 bytes leftover after parsing attributes in process `syz.2.189'. [ 71.067410][ T6534] netlink: 28 bytes leftover after parsing attributes in process `syz.2.189'. [ 71.076300][ T6534] erspan0: entered promiscuous mode [ 71.079474][ T6534] gretap0: entered promiscuous mode [ 71.115122][ T6536] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 71.118315][ T6536] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 71.251413][ T10] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 71.402601][ T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 71.406600][ T10] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 71.410136][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.411541][ T29] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 71.415854][ T10] usb 5-1: config 0 descriptor?? [ 71.419544][ T10] pwc: Askey VC010 type 2 USB webcam detected. [ 71.511918][ T6550] fuse: Bad value for 'fd' [ 71.530046][ T6552] fuse: Bad value for 'fd' [ 71.573508][ T29] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 71.577187][ T29] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 71.580454][ T29] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 71.583628][ T29] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.588409][ T6540] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 71.593115][ T29] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 71.798705][ T60] usb 8-1: USB disconnect, device number 5 [ 71.823926][ T10] pwc: recv_control_msg error -32 req 02 val 2b00 [ 71.826611][ T10] pwc: recv_control_msg error -32 req 02 val 2700 [ 71.829413][ T10] pwc: recv_control_msg error -32 req 02 val 2c00 [ 71.831984][ T10] pwc: recv_control_msg error -32 req 04 val 1000 [ 71.834382][ T10] pwc: recv_control_msg error -32 req 04 val 1300 [ 71.836827][ T10] pwc: recv_control_msg error -32 req 04 val 1400 [ 71.839237][ T10] pwc: recv_control_msg error -32 req 02 val 2000 [ 71.841648][ T10] pwc: recv_control_msg error -32 req 02 val 2100 [ 71.844046][ T10] pwc: recv_control_msg error -32 req 04 val 1500 [ 71.846605][ T10] pwc: recv_control_msg error -32 req 02 val 2500 [ 72.049682][ T10] pwc: recv_control_msg error -71 req 02 val 2600 [ 72.053341][ T10] pwc: recv_control_msg error -71 req 02 val 2900 [ 72.055625][ T10] pwc: recv_control_msg error -71 req 02 val 2800 [ 72.057957][ T10] pwc: recv_control_msg error -71 req 04 val 1100 [ 72.060197][ T10] pwc: recv_control_msg error -71 req 04 val 1200 [ 72.064497][ T10] pwc: Registered as video103. [ 72.069027][ T10] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb5/5-1/input/input5 [ 72.079456][ T10] usb 5-1: USB disconnect, device number 7 [ 72.800838][ T6585] fuse: Bad value for 'fd' [ 73.166315][ T6593] fuse: Bad value for 'fd' [ 73.472770][ T9] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 73.624274][ T9] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 73.628159][ T9] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 73.631641][ T9] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 73.634707][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.643363][ T6595] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 73.655114][ T9] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 73.794833][ T6612] fuse: Invalid rootmode [ 73.864521][ T29] usb 6-1: USB disconnect, device number 5 [ 73.871909][ T6616] fuse: Bad value for 'fd' [ 74.285405][ T5959] Bluetooth: hci3: unexpected Set CIG Parameters response data [ 74.288546][ T5959] Bluetooth: hci3: unexpected event for opcode 0x2062 [ 74.336743][ T6633] fuse: Invalid rootmode [ 74.364703][ T6635] mmap: syz.2.227 (6635) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 74.490495][ T6643] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 74.570036][ T6646] netlink: 28 bytes leftover after parsing attributes in process `syz.3.231'. [ 75.029351][ T6656] netlink: 40 bytes leftover after parsing attributes in process `syz.0.236'. [ 75.087020][ T6661] fuse: Bad value for 'rootmode' [ 75.351526][ T61] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 75.514808][ T61] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 75.517979][ T61] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 75.520846][ T61] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 75.526166][ T61] usb 5-1: config 0 descriptor?? [ 75.529855][ T61] pwc: Askey VC010 type 2 USB webcam detected. [ 75.569606][ T6670] netlink: 'syz.3.241': attribute type 39 has an invalid length. [ 75.942760][ T61] pwc: recv_control_msg error -32 req 02 val 2b00 [ 75.955075][ T61] pwc: recv_control_msg error -32 req 02 val 2700 [ 75.957628][ T61] pwc: recv_control_msg error -32 req 02 val 2c00 [ 75.965319][ T61] pwc: recv_control_msg error -32 req 04 val 1000 [ 75.967824][ T61] pwc: recv_control_msg error -32 req 04 val 1300 [ 75.970343][ T61] pwc: recv_control_msg error -32 req 04 val 1400 [ 76.173529][ T61] pwc: recv_control_msg error -71 req 02 val 2100 [ 76.176205][ T61] pwc: recv_control_msg error -71 req 04 val 1500 [ 76.178520][ T61] pwc: recv_control_msg error -71 req 02 val 2500 [ 76.180817][ T61] pwc: recv_control_msg error -71 req 02 val 2400 [ 76.183387][ T61] pwc: recv_control_msg error -71 req 02 val 2600 [ 76.185689][ T61] pwc: recv_control_msg error -71 req 02 val 2900 [ 76.188048][ T61] pwc: recv_control_msg error -71 req 02 val 2800 [ 76.190362][ T61] pwc: recv_control_msg error -71 req 04 val 1100 [ 76.192780][ T61] pwc: recv_control_msg error -71 req 04 val 1200 [ 76.196237][ T61] pwc: Registered as video103. [ 76.199151][ T61] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb5/5-1/input/input6 [ 76.205324][ T61] usb 5-1: USB disconnect, device number 8 [ 77.056302][ T6691] netlink: 28 bytes leftover after parsing attributes in process `syz.2.248'. [ 77.925943][ T6721] netlink: 32 bytes leftover after parsing attributes in process `syz.1.261'. [ 77.972196][ T6727] netlink: 12 bytes leftover after parsing attributes in process `syz.2.263'. [ 78.170991][ T6743] netlink: 28 bytes leftover after parsing attributes in process `syz.2.268'. [ 78.331497][ T5959] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 78.334929][ T5959] Bluetooth: hci3: Injecting HCI hardware error event [ 78.339739][ T5959] Bluetooth: hci3: hardware error 0x00 [ 79.179622][ T6784] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 79.288753][ T6788] fuse: Bad value for 'fd' [ 79.489122][ T6794] fuse: Unknown parameter 'use00000000000000000000' [ 79.776157][ T10] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 79.926520][ T10] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 79.931073][ T10] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 79.936140][ T10] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 79.940158][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.953687][ T6796] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 79.960291][ T10] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 80.011653][ T6813] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 80.073926][ T6815] input: syz0 as /devices/virtual/input/input7 [ 80.173744][ T10] usb 6-1: USB disconnect, device number 6 [ 80.412954][ T5959] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 80.433123][ T84] Bluetooth: hci4: Frame reassembly failed (-84) [ 80.611594][ T6835] fuse: Unknown parameter 'user_i00000000000000000000' [ 80.738403][ T6841] usb usb1: usbfs: process 6841 (syz.0.308) did not claim interface 0 before use [ 81.745574][ T6854] syz.1.311: attempt to access beyond end of device [ 81.745574][ T6854] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0 [ 81.749881][ T6854] syz.1.311: attempt to access beyond end of device [ 81.749881][ T6854] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0 [ 81.754459][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 81.757735][ T6854] syz.1.311: attempt to access beyond end of device [ 81.757735][ T6854] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 81.763610][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 81.767785][ T6854] syz.1.311: attempt to access beyond end of device [ 81.767785][ T6854] nbd1: rw=0, sector=64, nr_sectors = 4 limit=0 [ 81.771829][ T6854] syz.1.311: attempt to access beyond end of device [ 81.771829][ T6854] nbd1: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 81.775933][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 81.779038][ T6854] syz.1.311: attempt to access beyond end of device [ 81.779038][ T6854] nbd1: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 81.781854][ T6848] nbd1: detected capacity change from 0 to 67108884 [ 81.786017][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 81.790806][ T5947] block nbd1: Send control failed (result -89) [ 81.792940][ T5947] block nbd1: Request send failed, requeueing [ 81.794971][ T63] block nbd1: Receive control failed (result -32) [ 81.797685][ T35] block nbd1: Dead connection, failed to find a fallback [ 81.799876][ T35] block nbd1: shutting down sockets [ 81.801494][ T5947] blk_print_req_error: 312 callbacks suppressed [ 81.801503][ T5947] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.801517][ T5947] buffer_io_error: 205 callbacks suppressed [ 81.801522][ T5947] Buffer I/O error on dev nbd1, logical block 1, async page read [ 81.812158][ T35] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.815554][ T35] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.818627][ T6854] I/O error, dev nbd1, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.821727][ T5947] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.821743][ T5947] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.827842][ T5947] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.828439][ T6854] I/O error, dev nbd1, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.830598][ T5947] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.834601][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 81.836404][ T5947] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.839452][ T6854] I/O error, dev nbd1, sector 67108872 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.842405][ T5947] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.846002][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388609, location=8388609 [ 81.847704][ T5947] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.850962][ T6854] I/O error, dev nbd1, sector 67106824 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.853898][ T5947] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.857075][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388353, location=8388353 [ 81.859236][ T5947] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.864647][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388608, location=8388608 [ 81.865030][ T5947] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.868307][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388352, location=8388352 [ 81.870679][ T5947] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.874756][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388607, location=8388607 [ 81.876425][ T5947] ldm_validate_partition_table(): Disk read failed. [ 81.880137][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388351, location=8388351 [ 81.881855][ T5947] Buffer I/O error on dev nbd1, logical block 0, async page read [ 81.882052][ T5947] Dev nbd1: unable to read RDB block 0 [ 81.886770][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388459, location=8388459 [ 81.888259][ T5947] nbd1: unable to read partition table [ 81.890444][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388203, location=8388203 [ 81.899019][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388457, location=8388457 [ 81.902893][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=8388201, location=8388201 [ 81.903568][ T5947] ldm_validate_partition_table(): Disk read failed. [ 81.906154][ T6854] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 81.908342][ T5947] Dev nbd1: unable to read RDB block 0 [ 81.911014][ T6854] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1) [ 81.916443][ T5947] nbd1: unable to read partition table [ 82.291472][ T29] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 82.442801][ T29] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 82.446771][ T29] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 82.449908][ T29] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 82.453175][ T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.460142][ T6864] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 82.464811][ T29] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 82.501535][ T63] Bluetooth: hci4: command 0x1003 tx timeout [ 82.502803][ T5959] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 82.676484][ T29] usb 6-1: USB disconnect, device number 7 [ 82.974573][ T6880] kernel read not supported for file /!selinu˙ (pid: 6880 comm: syz.0.322) [ 82.977961][ T40] kauditd_printk_skb: 7 callbacks suppressed [ 82.977970][ T40] audit: type=1800 audit(1748656807.026:43): pid=6880 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.322" name=2173656C696E75FF7F dev="mqueue" ino=9106 res=0 errno=0 [ 85.786503][ T6922] fuse: Unknown parameter 'user_id00000000000000000000' [ 87.196773][ T6954] usb usb1: usbfs: process 6954 (syz.3.343) did not claim interface 0 before use [ 87.361425][ T5991] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 87.524679][ T5991] usb 5-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 87.529229][ T5991] usb 5-1: config 1 interface 0 has no altsetting 0 [ 87.535031][ T5991] usb 5-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40 [ 87.538255][ T5991] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 87.541667][ T5991] usb 5-1: Product: syz [ 87.543008][ T5991] usb 5-1: Manufacturer: syz [ 87.544463][ T5991] usb 5-1: SerialNumber: syz [ 87.762613][ T5991] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/input/input8 [ 87.773316][ T5991] usb 5-1: USB disconnect, device number 9 [ 87.773406][ C0] pxrc 5-1:1.0: pxrc_usb_irq - usb_submit_urb failed with result: -19 [ 87.778943][ T5341] pxrc 5-1:1.0: pxrc_open - usb_submit_urb failed, error: -19 [ 89.947206][ T7009] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 89.949542][ T7009] IPv6: NLM_F_CREATE should be set when creating new route [ 89.951827][ T7009] IPv6: NLM_F_CREATE should be set when creating new route [ 89.954023][ T7009] IPv6: NLM_F_CREATE should be set when creating new route [ 90.015347][ T7011] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.104779][ T7011] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.164794][ T7029] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 90.190114][ T7011] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.262389][ T7011] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.381034][ T7011] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.394322][ T7011] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.403702][ T7011] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.413933][ T7011] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.196726][ T7048] netlink: 12 bytes leftover after parsing attributes in process `syz.3.378'. [ 91.332589][ T7058] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 91.408611][ T7064] fuse: Unknown parameter '0x0000000000000003' [ 91.700281][ T7073] : entered promiscuous mode [ 92.271921][ T7089] fuse: Unknown parameter '0x0000000000000003' [ 92.358464][ T7100] netlink: 12 bytes leftover after parsing attributes in process `syz.0.396'. [ 92.523593][ T7119] fuse: Unknown parameter '0x0000000000000003' [ 92.614314][ T7123] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 92.617515][ T7123] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.720173][ T7123] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 92.723848][ T7123] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.802531][ T7123] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 92.805801][ T7123] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.868581][ T7123] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 92.873240][ T7123] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.985378][ T7123] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 92.988000][ T7123] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.995479][ T7123] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 92.998049][ T7123] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.006174][ T7123] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 93.008739][ T7123] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.016071][ T7123] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 93.018617][ T7123] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.361013][ T7136] block nbd0: NBD_DISCONNECT [ 93.630032][ T7145] fuse: Unknown parameter '0x0000000000000003' [ 93.716057][ T7150] netlink: 12 bytes leftover after parsing attributes in process `syz.1.417'. [ 93.891447][ T838] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 94.042754][ T838] usb 7-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 94.046143][ T838] usb 7-1: config 1 interface 0 has no altsetting 0 [ 94.049819][ T838] usb 7-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40 [ 94.052756][ T838] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 94.055175][ T838] usb 7-1: Product: syz [ 94.056445][ T838] usb 7-1: Manufacturer: syz [ 94.057848][ T838] usb 7-1: SerialNumber: syz [ 94.272465][ T838] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/input/input9 [ 94.282932][ T838] usb 7-1: USB disconnect, device number 2 [ 95.081081][ T7179] netlink: 12 bytes leftover after parsing attributes in process `syz.0.427'. [ 95.705402][ T7188] fuse: Bad value for 'group_id' [ 95.706964][ T7188] fuse: Bad value for 'group_id' [ 95.785193][ T7194] team_slave_0: entered promiscuous mode [ 95.787394][ T7194] team_slave_1: entered promiscuous mode [ 95.789586][ T7194] macvlan2: entered promiscuous mode [ 95.791251][ T7194] team0: entered promiscuous mode [ 95.795681][ T7194] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 95.798230][ T7194] team0: Device macvlan2 is already an upper device of the team interface [ 95.801948][ T7194] team0: left promiscuous mode [ 95.803802][ T7194] team_slave_0: left promiscuous mode [ 95.805520][ T7194] team_slave_1: left promiscuous mode [ 95.983651][ T7209] netlink: 'syz.2.435': attribute type 1 has an invalid length. [ 96.152175][ T7225] netlink: 12 bytes leftover after parsing attributes in process `syz.2.443'. [ 96.295064][ T7227] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7) [ 96.297443][ T7227] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 96.301864][ T7227] vhci_hcd vhci_hcd.0: Device attached [ 96.304738][ T7229] vhci_hcd: connection closed [ 96.305828][ T80] vhci_hcd: stop threads [ 96.309674][ T80] vhci_hcd: release socket [ 96.311153][ T80] vhci_hcd: disconnect device [ 96.877650][ T5959] Bluetooth: hci1: link tx timeout [ 96.879547][ T5959] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 96.948075][ T7248] fuse: Bad value for 'group_id' [ 96.949720][ T7248] fuse: Bad value for 'group_id' [ 97.790071][ T63] Bluetooth: hci1: link tx timeout [ 97.792599][ T63] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 98.713608][ T7291] input: syz0 as /devices/virtual/input/input10 [ 98.891390][ T63] Bluetooth: hci1: command 0x0406 tx timeout [ 98.942488][ T7307] netlink: 12 bytes leftover after parsing attributes in process `syz.2.473'. [ 99.241388][ T5991] usb 6-1: new full-speed USB device number 8 using dummy_hcd [ 99.392972][ T5991] usb 6-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 99.396951][ T5991] usb 6-1: config 1 interface 0 has no altsetting 0 [ 99.403263][ T5991] usb 6-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40 [ 99.406438][ T5991] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.408997][ T5991] usb 6-1: Product: syz [ 99.410532][ T5991] usb 6-1: Manufacturer: syz [ 99.412381][ T5991] usb 6-1: SerialNumber: syz [ 99.623971][ T5991] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/input/input11 [ 99.631919][ T5991] usb 6-1: USB disconnect, device number 8 [ 99.633986][ T5341] pxrc 6-1:1.0: pxrc_open - usb_submit_urb failed, error: -19 [ 99.754231][ T7316] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 99.944978][ T40] audit: type=1326 audit(1748656823.996:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7323 comm="syz.2.482" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 99.953500][ T40] audit: type=1326 audit(1748656823.996:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7323 comm="syz.2.482" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 99.964850][ T40] audit: type=1326 audit(1748656823.996:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7323 comm="syz.2.482" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 99.974096][ T40] audit: type=1326 audit(1748656823.996:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7323 comm="syz.2.482" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 99.980847][ T40] audit: type=1326 audit(1748656823.996:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7323 comm="syz.2.482" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 99.987732][ T40] audit: type=1326 audit(1748656823.996:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7323 comm="syz.2.482" exe="/syz-executor" sig=0 arch=40000003 syscall=372 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 100.210229][ T7335] netlink: 12 bytes leftover after parsing attributes in process `syz.1.486'. [ 100.948129][ T40] audit: type=1326 audit(1748656824.996:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.0.491" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000 [ 100.956648][ T40] audit: type=1326 audit(1748656824.996:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.0.491" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7f57579 code=0x7ffc0000 [ 100.966746][ T40] audit: type=1326 audit(1748656825.006:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.0.491" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57579 code=0x7ffc0000 [ 100.976679][ T40] audit: type=1326 audit(1748656825.006:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7347 comm="syz.0.491" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7f57579 code=0x7ffc0000 [ 101.983915][ T7373] veth1_to_bond: entered allmulticast mode [ 101.986412][ T7373] veth1_to_bond: left allmulticast mode [ 102.073995][ T7383] netlink: 12 bytes leftover after parsing attributes in process `syz.2.503'. [ 102.226713][ T7394] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 102.491460][ T838] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 102.642716][ T838] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 102.646037][ T838] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 102.649051][ T838] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 102.652018][ T838] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.657758][ T7396] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 102.663084][ T838] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 102.868656][ T34] usb 6-1: USB disconnect, device number 9 [ 103.094244][ T7404] fuse: Unknown parameter 'grou00000000000000000000' [ 103.281249][ T7415] netlink: 28 bytes leftover after parsing attributes in process `syz.0.519'. [ 103.553641][ T7423] fuse: Unknown parameter 'grou00000000000000000000' [ 104.185032][ T7432] netlink: 28 bytes leftover after parsing attributes in process `syz.0.534'. [ 104.541522][ T29] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 104.708416][ T29] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 104.711773][ T29] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 104.714881][ T29] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 104.717954][ T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.730192][ T7436] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 104.736833][ T29] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 104.938816][ T5991] usb 6-1: USB disconnect, device number 10 [ 105.134264][ T7449] fuse: Unknown parameter 'group_i00000000000000000000' [ 105.522886][ T7466] netlink: 28 bytes leftover after parsing attributes in process `syz.3.541'. [ 105.791434][ T5991] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 105.951409][ T5991] usb 6-1: Using ep0 maxpacket: 16 [ 105.954588][ T5991] usb 6-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 105.957178][ T5991] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 105.959992][ T5991] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 105.964103][ T5991] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 105.966740][ T5991] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 105.969719][ T5991] usb 6-1: Product: syz [ 105.970922][ T5991] usb 6-1: Manufacturer: syz [ 105.972352][ T5991] usb 6-1: SerialNumber: syz [ 106.292880][ T5991] usb 6-1: 0:2 : does not exist [ 106.301009][ T5991] usb 6-1: USB disconnect, device number 11 [ 106.309087][ T5947] udevd[5947]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 109.028603][ T7524] netlink: 4 bytes leftover after parsing attributes in process `syz.0.564'. [ 109.032847][ T7524] netlink: 4 bytes leftover after parsing attributes in process `syz.0.564'. [ 109.151491][ T838] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 109.323553][ T838] usb 7-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 109.328222][ T838] usb 7-1: config 1 interface 0 has no altsetting 0 [ 109.333634][ T838] usb 7-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40 [ 109.337532][ T838] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.340950][ T838] usb 7-1: Product: syz [ 109.342872][ T838] usb 7-1: Manufacturer: syz [ 109.344839][ T838] usb 7-1: SerialNumber: syz [ 109.556450][ T838] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/input/input12 [ 109.563713][ T838] usb 7-1: USB disconnect, device number 3 [ 109.565949][ T5341] pxrc 7-1:1.0: pxrc_open - usb_submit_urb failed, error: -19 [ 110.171493][ T838] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 110.333258][ T838] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 110.337929][ T838] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 110.342361][ T838] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 110.346237][ T838] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.354228][ T7551] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 110.359243][ T838] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 110.379911][ T6147] libceph: connect (1)[c::]:6789 error -101 [ 110.384354][ T6147] libceph: mon0 (1)[c::]:6789 connect error [ 110.562119][ T6147] usb 6-1: USB disconnect, device number 12 [ 110.643148][ T5991] libceph: connect (1)[c::]:6789 error -101 [ 110.645902][ T5991] libceph: mon0 (1)[c::]:6789 connect error [ 111.002948][ T7563] ceph: No mds server is up or the cluster is laggy [ 111.210827][ T7584] fuse: Bad value for 'user_id' [ 111.212631][ T63] Bluetooth: hci1: command 0x0406 tx timeout [ 111.212669][ T7584] fuse: Bad value for 'user_id' [ 111.351421][ T837] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 111.513303][ T837] usb 7-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 111.517418][ T837] usb 7-1: config 1 interface 0 has no altsetting 0 [ 111.522627][ T837] usb 7-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40 [ 111.526261][ T837] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 111.529966][ T837] usb 7-1: Product: syz [ 111.531986][ T837] usb 7-1: Manufacturer: syz [ 111.534062][ T837] usb 7-1: SerialNumber: syz [ 111.750598][ T837] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/input/input13 [ 111.773592][ T837] usb 7-1: USB disconnect, device number 4 [ 112.210391][ T7601] input: syz0 as /devices/virtual/input/input14 [ 112.531477][ T5991] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 112.570563][ T7619] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 112.693550][ T5991] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 112.697127][ T5991] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 112.700303][ T5991] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 112.703471][ T5991] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.708612][ T7607] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 112.714342][ T5991] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 112.916327][ T5991] usb 6-1: USB disconnect, device number 13 [ 113.097895][ T7633] fuse: Bad value for 'fd' [ 113.459127][ T7649] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 114.341394][ T5991] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 114.503121][ T5991] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 114.507706][ T5991] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 114.512062][ T5991] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 114.515817][ T5991] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.523182][ T7667] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 114.528905][ T5991] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 114.731248][ T5955] usb 5-1: USB disconnect, device number 10 [ 115.679141][ T7689] fuse: Bad value for 'fd' [ 115.745305][ T7693] fuse: Bad value for 'fd' [ 116.157387][ T7695] Bluetooth: MGMT ver 1.23 [ 116.481478][ T5991] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 116.644821][ T5991] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 116.649909][ T5991] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 116.657286][ T5991] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 116.662865][ T5991] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.685661][ T7703] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 116.691800][ T5991] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 116.897683][ T5985] usb 5-1: USB disconnect, device number 11 [ 117.533311][ T5991] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 117.693286][ T5991] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 117.697326][ T5991] usb 7-1: config 0 interface 0 has no altsetting 0 [ 117.702156][ T5991] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 117.705973][ T5991] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 117.708745][ T5991] usb 7-1: Product: syz [ 117.710166][ T5991] usb 7-1: Manufacturer: syz [ 117.711743][ T5991] usb 7-1: SerialNumber: syz [ 117.716580][ T5991] usb 7-1: config 0 descriptor?? [ 117.724653][ T5991] usb 7-1: selecting invalid altsetting 0 [ 117.930749][ T5991] usb 7-1: USB disconnect, device number 5 [ 118.523413][ T7756] fuse: Bad value for 'rootmode' [ 118.648676][ T7761] netlink: 8 bytes leftover after parsing attributes in process `syz.3.655'. [ 119.361056][ T7777] fuse: Bad value for 'rootmode' [ 119.469768][ T7787] netlink: 4 bytes leftover after parsing attributes in process `syz.1.667'. [ 119.478014][ T7787] dummy0: entered promiscuous mode [ 119.479870][ T7787] macvtap1: entered promiscuous mode [ 119.482407][ T7787] macvtap1: entered allmulticast mode [ 119.484142][ T7787] dummy0: entered allmulticast mode [ 119.499156][ T7787] dummy0: left allmulticast mode [ 119.501363][ T7787] dummy0: left promiscuous mode [ 119.564980][ T7795] fuse: Bad value for 'rootmode' [ 119.683128][ T7809] netlink: 4 bytes leftover after parsing attributes in process `syz.2.678'. [ 120.514463][ T7823] fuse: Unknown parameter 'use00000000000000000000' [ 120.633987][ T7836] netlink: 8 bytes leftover after parsing attributes in process `syz.2.683'. [ 121.311198][ T7849] netlink: 28 bytes leftover after parsing attributes in process `syz.1.691'. [ 121.318633][ T7848] netlink: 36 bytes leftover after parsing attributes in process `syz.0.692'. [ 121.439699][ T7859] fuse: Unknown parameter 'use00000000000000000000' [ 121.986390][ T7883] fuse: Unknown parameter 'use00000000000000000000' [ 122.271446][ T5955] usb 6-1: new full-speed USB device number 14 using dummy_hcd [ 122.292586][ T7896] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 122.350044][ T7899] netlink: 28 bytes leftover after parsing attributes in process `syz.3.709'. [ 122.432819][ T5955] usb 6-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 122.436297][ T5955] usb 6-1: config 1 interface 0 has no altsetting 0 [ 122.439972][ T5955] usb 6-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40 [ 122.443054][ T5955] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.445808][ T5955] usb 6-1: Product: syz [ 122.447139][ T5955] usb 6-1: Manufacturer: syz [ 122.448612][ T5955] usb 6-1: SerialNumber: syz [ 122.660235][ T5955] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/input/input15 [ 122.672516][ T5955] usb 6-1: USB disconnect, device number 14 [ 123.184810][ T7912] fuse: Unknown parameter 'user_i00000000000000000000' [ 123.245174][ T7920] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 123.392942][ T7935] Bluetooth: MGMT ver 1.23 [ 123.631411][ T838] usb 5-1: new full-speed USB device number 12 using dummy_hcd [ 123.803216][ T838] usb 5-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 123.806547][ T838] usb 5-1: config 1 interface 0 has no altsetting 0 [ 123.811141][ T838] usb 5-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40 [ 123.813979][ T838] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.816773][ T838] usb 5-1: Product: syz [ 123.818073][ T838] usb 5-1: Manufacturer: syz [ 123.819509][ T838] usb 5-1: SerialNumber: syz [ 124.031520][ T838] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/input/input16 [ 124.042356][ T838] usb 5-1: USB disconnect, device number 12 [ 124.042530][ C0] pxrc 5-1:1.0: pxrc_usb_irq - usb_submit_urb failed with result: -19 [ 124.156972][ T7940] fuse: Unknown parameter 'user_i00000000000000000000' [ 124.496174][ T7952] sd 0:0:0:0: PR command failed: 1026 [ 124.498024][ T7952] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 124.500091][ T7952] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 124.746543][ T7960] Illegal XDP return value 4294967294 on prog (id 90) dev N/A, expect packet loss! [ 125.134311][ T7964] fuse: Unknown parameter 'user_i00000000000000000000' [ 125.611378][ T5959] Bluetooth: hci0: command 0x0406 tx timeout [ 125.748736][ T7986] fuse: Unknown parameter 'user_id00000000000000000000' [ 126.220537][ T8005] sd 0:0:0:0: PR command failed: 1026 [ 126.223709][ T8005] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 126.225938][ T8005] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 126.630149][ T8013] fuse: Unknown parameter 'user_id00000000000000000000' [ 127.009338][ T8030] netlink: 4 bytes leftover after parsing attributes in process `syz.3.762'. [ 127.064064][ T8034] fuse: Unknown parameter 'user_id00000000000000000000' [ 128.185442][ T8054] netlink: 40 bytes leftover after parsing attributes in process `syz.0.771'. [ 128.860982][ T839] libceph: connect (1)[c::]:6789 error -101 [ 128.864112][ T839] libceph: mon0 (1)[c::]:6789 connect error [ 129.121789][ T839] libceph: connect (1)[c::]:6789 error -101 [ 129.123718][ T839] libceph: mon0 (1)[c::]:6789 connect error [ 129.485095][ T8064] ceph: No mds server is up or the cluster is laggy [ 130.518031][ T8098] netlink: 40 bytes leftover after parsing attributes in process `syz.2.783'. [ 131.323914][ T8105] netlink: 4 bytes leftover after parsing attributes in process `syz.2.787'. [ 131.459237][ T8114] netlink: 4 bytes leftover after parsing attributes in process `syz.0.791'. [ 131.620042][ T8125] netlink: 40 bytes leftover after parsing attributes in process `syz.0.795'. [ 131.814896][ T8126] capability: warning: `syz.3.792' uses deprecated v2 capabilities in a way that may be insecure [ 132.265493][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.267732][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.481477][ T1420] ================================================================== [ 132.483996][ T1420] BUG: KASAN: slab-use-after-free in handle_tx+0x5dc/0x630 [ 132.486209][ T1420] Read of size 1 at addr ffff888071bc0490 by task aoe_tx0/1420 [ 132.489917][ T1420] [ 132.491072][ T1420] CPU: 2 UID: 0 PID: 1420 Comm: aoe_tx0 Not tainted 6.15.0-syzkaller-09113-g8477ab143069 #0 PREEMPT(full) [ 132.491086][ T1420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 132.491093][ T1420] Call Trace: [ 132.491097][ T1420] [ 132.491102][ T1420] dump_stack_lvl+0x116/0x1f0 [ 132.491118][ T1420] print_report+0xcd/0x680 [ 132.491131][ T1420] ? __virt_addr_valid+0x81/0x610 [ 132.491145][ T1420] ? __phys_addr+0xe8/0x180 [ 132.491159][ T1420] ? handle_tx+0x5dc/0x630 [ 132.491174][ T1420] kasan_report+0xe0/0x110 [ 132.491186][ T1420] ? handle_tx+0x5dc/0x630 [ 132.491225][ T1420] handle_tx+0x5dc/0x630 [ 132.491243][ T1420] dev_hard_start_xmit+0x97/0x740 [ 132.491255][ T1420] __dev_queue_xmit+0x7eb/0x43e0 [ 132.491266][ T1420] ? lockdep_hardirqs_on+0x7c/0x110 [ 132.491277][ T1420] ? rcu_is_watching+0x12/0xc0 [ 132.491291][ T1420] ? __pfx___dev_queue_xmit+0x10/0x10 [ 132.491312][ T1420] ? __pv_queued_spin_lock_slowpath+0x28d/0xcf0 [ 132.491327][ T1420] ? __lock_acquire+0xb8a/0x1c90 [ 132.491337][ T1420] ? __lock_acquire+0xb8a/0x1c90 [ 132.491348][ T1420] ? do_raw_spin_lock+0x12c/0x2b0 [ 132.491360][ T1420] ? find_held_lock+0x2b/0x80 [ 132.491373][ T1420] ? skb_dequeue+0x126/0x180 [ 132.491387][ T1420] ? find_held_lock+0x2b/0x80 [ 132.491400][ T1420] ? rcu_is_watching+0x12/0xc0 [ 132.491414][ T1420] tx+0xcc/0x190 [ 132.491423][ T1420] ? __pfx_tx+0x10/0x10 [ 132.491431][ T1420] kthread+0x1e4/0x3e0 [ 132.491445][ T1420] ? find_held_lock+0x2b/0x80 [ 132.491457][ T1420] ? __pfx_kthread+0x10/0x10 [ 132.491471][ T1420] ? __pfx_default_wake_function+0x10/0x10 [ 132.491487][ T1420] ? lockdep_hardirqs_on+0x7c/0x110 [ 132.491498][ T1420] ? __kthread_parkme+0x19e/0x250 [ 132.491513][ T1420] ? __pfx_kthread+0x10/0x10 [ 132.491526][ T1420] kthread+0x3c5/0x780 [ 132.491537][ T1420] ? __pfx_kthread+0x10/0x10 [ 132.491548][ T1420] ? rcu_is_watching+0x12/0xc0 [ 132.491560][ T1420] ? __pfx_kthread+0x10/0x10 [ 132.491571][ T1420] ret_from_fork+0x5d4/0x6f0 [ 132.491581][ T1420] ? __pfx_kthread+0x10/0x10 [ 132.491592][ T1420] ret_from_fork_asm+0x1a/0x30 [ 132.491605][ T1420] [ 132.491608][ T1420] [ 132.556234][ T1420] Allocated by task 8122: [ 132.557567][ T1420] kasan_save_stack+0x33/0x60 [ 132.558990][ T1420] kasan_save_track+0x14/0x30 [ 132.560435][ T1420] __kasan_kmalloc+0xaa/0xb0 [ 132.561852][ T1420] alloc_tty_struct+0x96/0x8c0 [ 132.563326][ T1420] tty_init_dev.part.0+0x1e/0x500 [ 132.564882][ T1420] tty_open+0xa50/0xf90 [ 132.566205][ T1420] chrdev_open+0x234/0x6a0 [ 132.567627][ T1420] do_dentry_open+0x744/0x1c10 [ 132.569140][ T1420] vfs_open+0x82/0x3f0 [ 132.570431][ T1420] path_openat+0x1de4/0x2cb0 [ 132.571967][ T1420] do_filp_open+0x20b/0x470 [ 132.573404][ T1420] do_sys_openat2+0x11b/0x1d0 [ 132.574913][ T1420] __ia32_compat_sys_openat+0x16d/0x210 [ 132.576662][ T1420] __do_fast_syscall_32+0x7c/0x3a0 [ 132.578234][ T1420] do_fast_syscall_32+0x32/0x80 [ 132.579722][ T1420] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 132.581639][ T1420] [ 132.582400][ T1420] Freed by task 838: [ 132.583605][ T1420] kasan_save_stack+0x33/0x60 [ 132.585069][ T1420] kasan_save_track+0x14/0x30 [ 132.586496][ T1420] kasan_save_free_info+0x3b/0x60 [ 132.588070][ T1420] __kasan_slab_free+0x51/0x70 [ 132.589598][ T1420] kfree+0x2b4/0x4d0 [ 132.590837][ T1420] process_one_work+0x9cc/0x1b70 [ 132.592331][ T1420] worker_thread+0x6c8/0xf10 [ 132.593740][ T1420] kthread+0x3c5/0x780 [ 132.595035][ T1420] ret_from_fork+0x5d4/0x6f0 [ 132.596495][ T1420] ret_from_fork_asm+0x1a/0x30 [ 132.598002][ T1420] [ 132.598777][ T1420] Last potentially related work creation: [ 132.600494][ T1420] kasan_save_stack+0x33/0x60 [ 132.601926][ T1420] kasan_record_aux_stack+0xa7/0xc0 [ 132.603565][ T1420] insert_work+0x36/0x230 [ 132.604936][ T1420] __queue_work+0x97e/0x10f0 [ 132.606389][ T1420] queue_work_on+0x1a4/0x1f0 [ 132.607827][ T1420] release_tty+0x4de/0x5d0 [ 132.609207][ T1420] tty_release_struct+0xb7/0xe0 [ 132.610687][ T1420] tty_release+0xe2d/0x1430 [ 132.612074][ T1420] __fput+0x3ff/0xb70 [ 132.613311][ T1420] task_work_run+0x14d/0x240 [ 132.614754][ T1420] exit_to_user_mode_loop+0xeb/0x110 [ 132.616348][ T1420] __do_fast_syscall_32+0x2ac/0x3a0 [ 132.617939][ T1420] do_fast_syscall_32+0x32/0x80 [ 132.619417][ T1420] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 132.621318][ T1420] [ 132.622077][ T1420] The buggy address belongs to the object at ffff888071bc0000 [ 132.622077][ T1420] which belongs to the cache kmalloc-cg-2k of size 2048 [ 132.626432][ T1420] The buggy address is located 1168 bytes inside of [ 132.626432][ T1420] freed 2048-byte region [ffff888071bc0000, ffff888071bc0800) [ 132.630668][ T1420] [ 132.631448][ T1420] The buggy address belongs to the physical page: [ 132.633437][ T1420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x71bc0 [ 132.636194][ T1420] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 132.638783][ T1420] memcg:ffff8880687f2201 [ 132.640115][ T1420] anon flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 132.642589][ T1420] page_type: f5(slab) [ 132.643854][ T1420] raw: 04fff00000000040 ffff88801b44c140 0000000000000000 dead000000000001 [ 132.646512][ T1420] raw: 0000000000000000 0000000000080008 00000000f5000000 ffff8880687f2201 [ 132.649148][ T1420] head: 04fff00000000040 ffff88801b44c140 0000000000000000 dead000000000001 [ 132.651818][ T1420] head: 0000000000000000 0000000000080008 00000000f5000000 ffff8880687f2201 [ 132.654507][ T1420] head: 04fff00000000003 ffffea0001c6f001 00000000ffffffff 00000000ffffffff [ 132.657187][ T1420] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 132.659856][ T1420] page dumped because: kasan: bad access detected [ 132.661836][ T1420] page_owner tracks the page as allocated [ 132.663604][ T1420] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5952, tgid 5952 (syz-executor), ts 88308163570, free_ts 88306759349 [ 132.670056][ T1420] post_alloc_hook+0x1c0/0x230 [ 132.671569][ T1420] get_page_from_freelist+0x135c/0x3950 [ 132.673290][ T1420] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 132.675147][ T1420] alloc_pages_mpol+0x1fb/0x550 [ 132.676678][ T1420] new_slab+0x23b/0x330 [ 132.677981][ T1420] ___slab_alloc+0xd9c/0x1940 [ 132.679457][ T1420] __slab_alloc.constprop.0+0x56/0xb0 [ 132.681127][ T1420] __kvmalloc_node_noprof+0x3af/0x620 [ 132.682737][ T1420] xt_alloc_table_info+0x3e/0xa0 [ 132.684257][ T1420] compat_do_replace+0x184/0x3c0 [ 132.685823][ T1420] do_ip6t_set_ctl+0x55d/0xa70 [ 132.687334][ T1420] nf_setsockopt+0x8d/0xf0 [ 132.688750][ T1420] ipv6_setsockopt+0x135/0x170 [ 132.690250][ T1420] tcp_setsockopt+0xa7/0x100 [ 132.691712][ T1420] do_sock_setsockopt+0x221/0x470 [ 132.693290][ T1420] __sys_setsockopt+0x120/0x1a0 [ 132.694830][ T1420] page last free pid 5952 tgid 5952 stack trace: [ 132.696781][ T1420] __free_frozen_pages+0x7fe/0x1180 [ 132.698404][ T1420] __put_partials+0x16d/0x1c0 [ 132.699890][ T1420] qlist_free_all+0x4d/0x120 [ 132.701343][ T1420] kasan_quarantine_reduce+0x195/0x1e0 [ 132.703046][ T1420] __kasan_slab_alloc+0x69/0x90 [ 132.704615][ T1420] __kmalloc_cache_node_noprof+0x217/0x420 [ 132.706446][ T1420] __get_vm_area_node+0x101/0x330 [ 132.708063][ T1420] __vmalloc_node_range_noprof+0x277/0x1520 [ 132.709926][ T1420] __vmalloc_node_noprof+0xad/0xf0 [ 132.711541][ T1420] xt_compat_init_offsets+0xe6/0x1f0 [ 132.713206][ T1420] compat_table_info+0xb7/0x5b0 [ 132.714750][ T1420] compat_get_entries+0x20f/0x7f0 [ 132.716338][ T1420] do_ipt_get_ctl+0x51f/0xa10 [ 132.717819][ T1420] nf_getsockopt+0x7c/0xe0 [ 132.719178][ T1420] ip_getsockopt+0x18c/0x1e0 [ 132.720646][ T1420] tcp_getsockopt+0xa1/0x100 [ 132.722101][ T1420] [ 132.722868][ T1420] Memory state around the buggy address: [ 132.724635][ T1420] ffff888071bc0380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 132.727114][ T1420] ffff888071bc0400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 132.729640][ T1420] >ffff888071bc0480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 132.732135][ T1420] ^ [ 132.733613][ T1420] ffff888071bc0500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 132.736119][ T1420] ffff888071bc0580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 132.738601][ T1420] ================================================================== [ 132.741141][ T1420] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 132.743401][ T1420] CPU: 2 UID: 0 PID: 1420 Comm: aoe_tx0 Not tainted 6.15.0-syzkaller-09113-g8477ab143069 #0 PREEMPT(full) [ 132.746826][ T1420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 132.750076][ T1420] Call Trace: [ 132.751093][ T1420] [ 132.752010][ T1420] dump_stack_lvl+0x3d/0x1f0 [ 132.753416][ T1420] panic+0x71c/0x800 [ 132.754643][ T1420] ? __pfx_panic+0x10/0x10 [ 132.756016][ T1420] ? irqentry_exit+0x3b/0x90 [ 132.757401][ T1420] ? lockdep_hardirqs_on+0x7c/0x110 [ 132.758941][ T1420] ? handle_tx+0x5dc/0x630 [ 132.760326][ T1420] ? check_panic_on_warn+0x1f/0xb0 [ 132.761842][ T1420] ? handle_tx+0x5dc/0x630 [ 132.763177][ T1420] check_panic_on_warn+0xab/0xb0 [ 132.764740][ T1420] end_report+0x107/0x170 [ 132.766057][ T1420] kasan_report+0xee/0x110 [ 132.767424][ T1420] ? handle_tx+0x5dc/0x630 [ 132.768790][ T1420] handle_tx+0x5dc/0x630 [ 132.770082][ T1420] dev_hard_start_xmit+0x97/0x740 [ 132.771597][ T1420] __dev_queue_xmit+0x7eb/0x43e0 [ 132.773088][ T1420] ? lockdep_hardirqs_on+0x7c/0x110 [ 132.774685][ T1420] ? rcu_is_watching+0x12/0xc0 [ 132.776141][ T1420] ? __pfx___dev_queue_xmit+0x10/0x10 [ 132.777749][ T1420] ? __pv_queued_spin_lock_slowpath+0x28d/0xcf0 [ 132.779612][ T1420] ? __lock_acquire+0xb8a/0x1c90 [ 132.781110][ T1420] ? __lock_acquire+0xb8a/0x1c90 [ 132.782677][ T1420] ? do_raw_spin_lock+0x12c/0x2b0 [ 132.784203][ T1420] ? find_held_lock+0x2b/0x80 [ 132.785638][ T1420] ? skb_dequeue+0x126/0x180 [ 132.787081][ T1420] ? find_held_lock+0x2b/0x80 [ 132.788561][ T1420] ? rcu_is_watching+0x12/0xc0 [ 132.790045][ T1420] tx+0xcc/0x190 [ 132.791151][ T1420] ? __pfx_tx+0x10/0x10 [ 132.792432][ T1420] kthread+0x1e4/0x3e0 [ 132.793685][ T1420] ? find_held_lock+0x2b/0x80 [ 132.795129][ T1420] ? __pfx_kthread+0x10/0x10 [ 132.796548][ T1420] ? __pfx_default_wake_function+0x10/0x10 [ 132.798373][ T1420] ? lockdep_hardirqs_on+0x7c/0x110 [ 132.799983][ T1420] ? __kthread_parkme+0x19e/0x250 [ 132.801510][ T1420] ? __pfx_kthread+0x10/0x10 [ 132.802929][ T1420] kthread+0x3c5/0x780 [ 132.804207][ T1420] ? __pfx_kthread+0x10/0x10 [ 132.805652][ T1420] ? rcu_is_watching+0x12/0xc0 [ 132.807114][ T1420] ? __pfx_kthread+0x10/0x10 [ 132.808569][ T1420] ret_from_fork+0x5d4/0x6f0 [ 132.809953][ T1420] ? __pfx_kthread+0x10/0x10 [ 132.811354][ T1420] ret_from_fork_asm+0x1a/0x30 [ 132.812831][ T1420] [ 132.814460][ T1420] Kernel Offset: disabled [ 132.815818][ T1420] Rebooting in 86400 seconds.. VM DIAGNOSIS: 02:00:56 Registers: info registers vcpu 0 CPU#0 RAX=000000000045d6a7 RBX=0000000000000000 RCX=ffffffff8b78a419 RDX=0000000000000000 RSI=ffffffff8dc00788 RDI=ffffffff8bf51b00 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e08 R8 =0000000000000001 R9 =ffffed100564663d R10=ffff88802b2331eb R11=0000000000000001 R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90878150 R15=0000000000000000 RIP=ffffffff8b788f7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809777b000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000800ec000 CR3=000000007153b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88804f249b82 RCX=0000000000000006 RDX=1ffff1100d35c385 RSI=ffffffff8b76c1d7 RDI=ffff888069ae1c28 RBP=ffffc90002ddf600 RSP=ffffc90002ddf588 R8 =0000000000000001 R9 =000000000000003f R10=0000000000000006 R11=0000000000000001 R12=0000000000000010 R13=ffff888069ae1b80 R14=ffff88806b3190b8 R15=0000000000000416 RIP=ffffffff8b789976 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88809787b000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f5075880 CR3=0000000071c57000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8555adc5 RDI=ffffffff9ae53d80 RBP=ffffffff9ae53d40 RSP=ffffc90007b2f458 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552 R12=0000000000000000 R13=0000000000000034 R14=ffffffff9ae53d40 R15=ffffffff8555ad60 RIP=ffffffff8555adef RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809797b000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000080078000 CR3=000000007153b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000003 RCX=0000000000000002 RDX=ffff88801c31c880 RSI=ffffffff8169cf81 RDI=ffffffff8bf51b00 RBP=ffff8880696e9d40 RSP=ffffc900005cf6a8 R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff90878157 R11=0000000000002bf0 R12=0000000000000003 R13=0000000000000003 R14=ffff88802b53cdc0 R15=ffffed100d2dd3a8 RIP=ffffffff8b788f7f RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097a7b000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002f6edffc CR3=000000007153b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000