last executing test programs: 1m23.635806829s ago: executing program 2 (id=666): r0 = syz_open_dev$swradio(&(0x7f0000000140), 0x0, 0x2) r1 = dup(r0) read(r1, &(0x7f0000000040), 0x0) ioctl$VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000000)={0xf0f046}) 1m23.586040435s ago: executing program 2 (id=669): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c0100001000030426bd70000000000000000400", @ANYRES32=0x0, @ANYBLOB="4003000000090000140012800c0001006d616376746170000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES64=r2], 0x12c}}, 0x0) 1m23.482682504s ago: executing program 2 (id=670): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0xc4700, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000440)={r0, 0x0, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1c, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c18e8438ef2a565ef1e83323695c58d66500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b1d8772fd29f35239d200000000000000000000000000008000", "24431a1e77a68e174f000000000000000010e200", [0x0, 0x800000]}}) ioctl$LOOP_CHANGE_FD(r1, 0x125f, r0) 1m23.467845889s ago: executing program 2 (id=672): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x84000, 0x0) 1m23.44421029s ago: executing program 2 (id=674): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xcc, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000080850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f00000021c0)={r2, 0x0, 0x0}, 0x10) 1m23.174129437s ago: executing program 2 (id=681): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) lremovexattr(0x0, 0x0) 1m23.140196315s ago: executing program 32 (id=681): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) lremovexattr(0x0, 0x0) 36.395565161s ago: executing program 0 (id=1724): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x34, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_HOOK={0x8, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x4}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000) 36.388257402s ago: executing program 0 (id=1727): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001b00)=@newqdisc={0x78, 0x24, 0xd0f, 0x0, 0x25dfdbff, {0x60, 0x0, 0x0, r2, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x4, 0x1}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x7fffffff, 0x14, 0xfcc, 0x400, 0x9}, 0x81, 0x0, 0xc8c3, 0x40, 0x4, 0x1c, 0x11, 0x9, 0x8, 0xffffffff, {0xfffffff5, 0x4, 0xad8, 0x7, 0x2, 0x4}}}}]}, 0x78}}, 0x14) 36.326428592s ago: executing program 0 (id=1728): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ac0)={&(0x7f0000000a80)='mm_page_free\x00', r1}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40500000000000061103800000000001e050000000000009500002dbda67c00"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 36.320350021s ago: executing program 0 (id=1731): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f0000000740)={0x0, 0x8, 0xcd, 0x81, @vifc_lcl_ifindex=r1, @multicast1}, 0x10) 36.258605034s ago: executing program 0 (id=1733): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="02030e00d3fc02000000ab5d71acedd7c9560385dcb188a884d7dc0398062f2405ce811cc352", 0xff88, 0x0, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) 36.184201552s ago: executing program 0 (id=1734): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r1, 0x400448cb, 0x0) 21.191403222s ago: executing program 33 (id=1734): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r1, 0x400448cb, 0x0) 1.934526646s ago: executing program 5 (id=2422): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000004c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000500)={0x30, r1, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x405d}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x2}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4080}, 0x4004000) 1.899054193s ago: executing program 5 (id=2423): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x20000010}) write$UHID_INPUT(r0, 0x0, 0x0) 1.896778649s ago: executing program 5 (id=2426): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r0, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x9b4}]]}, 0x24}}, 0x0) 1.864166558s ago: executing program 5 (id=2427): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) fspick(0xffffffffffffffff, 0x0, 0x0) 1.832816887s ago: executing program 3 (id=2432): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newqdisc={0x6c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0xffffffffffffffd8}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}]}, 0x6c}}, 0x0) 1.800221223s ago: executing program 3 (id=2434): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000300)=0x20, 0x4) write$binfmt_misc(r0, &(0x7f0000000300), 0x6) 1.72553634s ago: executing program 3 (id=2436): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x5, &(0x7f00000003c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000400)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) connect$unix(r0, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) 1.654088876s ago: executing program 3 (id=2438): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000b40)=@newqdisc={0x58, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x20}}, @TCA_RATE={0x6, 0x5, {0x7, 0x9}}]}, 0xfcf1}}, 0xc014) 1.652133648s ago: executing program 5 (id=2439): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f00000000c0)='./file0\x00') lstat64(&(0x7f0000000080)='./cgroup\x00', &(0x7f0000000a00)) 1.620850372s ago: executing program 3 (id=2441): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$igmp(0x2, 0x3, 0x2) getsockopt$IP_VS_SO_GET_VERSION(r1, 0x0, 0x480, &(0x7f0000000380), &(0x7f0000000480)=0x40) 1.618062637s ago: executing program 5 (id=2442): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x1) ioctl$KDSIGACCEPT(r0, 0x400455cb, 0x9) 1.569837385s ago: executing program 3 (id=2445): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x1) ioctl$KDSIGACCEPT(r0, 0x400455c8, 0x9) 1.062427277s ago: executing program 4 (id=2465): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x13) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 1.000841442s ago: executing program 4 (id=2466): r0 = socket$kcm(0x10, 0x2, 0x4) close(r0) socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)="5c00000010006bcc9e3be35c6e17aa31076b876c1d000000000000000000000304001ac00800400004000500020000000064bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 1.000425834s ago: executing program 4 (id=2467): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xb, 0x10, &(0x7f0000000200)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb6}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x10, 0x10, &(0x7f00000006c0)="0000000005000000", &(0x7f0000000700)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 923.986015ms ago: executing program 4 (id=2468): r0 = msgget$private(0x0, 0xafb0e20fef648796) msgrcv(r0, 0x0, 0x0, 0x3, 0x3000) ioperm(0x0, 0x1, 0x1) quotactl$Q_GETFMT(0xfd2613a96d5ee55f, 0x0, 0x0, 0x0) 274.756107ms ago: executing program 1 (id=2469): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 203.189638ms ago: executing program 1 (id=2470): r0 = signalfd(0xffffffffffffffff, &(0x7f0000006540), 0x8) fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x1, 0x0, 0x100000000000, 0x0, 0xffffffffffffffff}) fcntl$lock(r0, 0x6, &(0x7f0000000040)={0x0, 0x1, 0x3, 0x80001}) fcntl$lock(r0, 0x24, &(0x7f0000000680)={0x0, 0x0, 0x1ff}) 203.034921ms ago: executing program 1 (id=2471): r0 = landlock_create_ruleset(&(0x7f0000000040)={0x4, 0x3, 0x2}, 0x18, 0x0) landlock_restrict_self(r0, 0x5) r1 = getpid() syz_pidfd_open(r1, 0x0) 144.083175ms ago: executing program 1 (id=2472): rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f00000003c0)=[{&(0x7f0000000300)='S', 0x1}], 0x1, 0x0) write$binfmt_script(r1, &(0x7f0000000540)={'#! ', './file0'}, 0xb) 75.382779ms ago: executing program 4 (id=2473): r0 = syz_open_dev$vim2m(&(0x7f0000000180), 0x3, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x9, 0x2, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f00000000c0)=0x2) close(r0) 75.13549ms ago: executing program 1 (id=2474): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000001680)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@rights={{0x10, 0x1, 0x1, [r0]}}], 0x10}, 0x0) recvmmsg$unix(r0, &(0x7f0000000f40)=[{{&(0x7f00000000c0)=@abs, 0x0, &(0x7f0000000240)=[{&(0x7f0000000180)=""/146}], 0x0, &(0x7f0000000280)=[@rights={{0x0, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred, @cred, @cred, @cred, @cred, @cred, @rights]}}, {{&(0x7f0000000340), 0x0, &(0x7f0000000440)=[{&(0x7f00000003c0)=""/111}], 0x0, &(0x7f0000000480)=[@rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights, @rights]}}, {{&(0x7f0000000540)=@abs, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000640)=""/28}, {&(0x7f0000000680)=""/18}], 0x0, &(0x7f0000000700)=[@rights={{0x0, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred, @rights={{0x0, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred]}}, {{&(0x7f0000000780), 0x0, &(0x7f0000000e00)=[{&(0x7f0000000800)=""/190}, {&(0x7f00000008c0)=""/64}, {&(0x7f0000000900)=""/99}, {&(0x7f0000000980)=""/222}, {&(0x7f0000000a80)=""/224}, {&(0x7f0000000b80)=""/4}, {&(0x7f0000000bc0)=""/237}, {&(0x7f0000000cc0)=""/60}, {&(0x7f0000000d00)=""/226}], 0x0, &(0x7f0000000e80)=[@cred, @rights={{0x0, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x0, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x0, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred]}}], 0x7e4, 0x2, 0x0) 210.857µs ago: executing program 4 (id=2475): openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 0s ago: executing program 1 (id=2476): syz_open_dev$sndpcmc(&(0x7f0000000480), 0x0, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = socket$igmp(0x2, 0x3, 0x2) getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000380), &(0x7f0000000480)=0x40) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:38815' (ED25519) to the list of known hosts. [ 42.110973][ T5930] cgroup: Unknown subsys name 'net' [ 42.241350][ T5930] cgroup: Unknown subsys name 'cpuset' [ 42.247255][ T5930] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 43.145021][ T5930] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 46.183819][ T5949] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 46.190131][ T5951] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 46.193587][ T5951] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 46.195826][ T5951] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 46.197305][ T5957] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 46.198800][ T5951] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 46.200202][ T5957] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 46.200654][ T5955] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 46.201354][ T5955] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 46.201543][ T5955] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 46.202341][ T5955] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 46.202363][ T5951] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 46.205391][ T5957] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 46.206997][ T5951] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 46.207090][ T5955] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 46.208486][ T5955] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 46.208966][ T5961] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 46.209231][ T5961] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 46.209721][ T5957] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 46.211476][ T5951] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 46.475097][ T5958] chnl_net:caif_netlink_parms(): no params data found [ 46.504255][ T5953] chnl_net:caif_netlink_parms(): no params data found [ 46.572765][ T5950] chnl_net:caif_netlink_parms(): no params data found [ 46.687855][ T5958] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.691137][ T5958] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.693301][ T5958] bridge_slave_0: entered allmulticast mode [ 46.697672][ T5958] bridge_slave_0: entered promiscuous mode [ 46.702737][ T5958] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.705477][ T5958] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.708002][ T5958] bridge_slave_1: entered allmulticast mode [ 46.710335][ T5958] bridge_slave_1: entered promiscuous mode [ 46.734891][ T5946] chnl_net:caif_netlink_parms(): no params data found [ 46.810181][ T5958] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.831211][ T5953] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.833342][ T5953] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.835397][ T5953] bridge_slave_0: entered allmulticast mode [ 46.837809][ T5953] bridge_slave_0: entered promiscuous mode [ 46.858308][ T5958] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.876611][ T5953] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.878965][ T5953] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.880864][ T5953] bridge_slave_1: entered allmulticast mode [ 46.883203][ T5953] bridge_slave_1: entered promiscuous mode [ 46.906121][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.910458][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.912927][ T5950] bridge_slave_0: entered allmulticast mode [ 46.916603][ T5950] bridge_slave_0: entered promiscuous mode [ 46.972548][ T5953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.975353][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.978488][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.980478][ T5950] bridge_slave_1: entered allmulticast mode [ 46.982980][ T5950] bridge_slave_1: entered promiscuous mode [ 47.020846][ T5953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.040894][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.045442][ T5958] team0: Port device team_slave_0 added [ 47.053421][ T5958] team0: Port device team_slave_1 added [ 47.120721][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.173799][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.176239][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.178417][ T5946] bridge_slave_0: entered allmulticast mode [ 47.180841][ T5946] bridge_slave_0: entered promiscuous mode [ 47.184905][ T5953] team0: Port device team_slave_0 added [ 47.220916][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.223084][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.225152][ T5946] bridge_slave_1: entered allmulticast mode [ 47.227826][ T5946] bridge_slave_1: entered promiscuous mode [ 47.249358][ T5953] team0: Port device team_slave_1 added [ 47.264545][ T5958] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.266513][ T5958] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.273627][ T5958] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.314376][ T5950] team0: Port device team_slave_0 added [ 47.317185][ T5958] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.319292][ T5958] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.326466][ T5958] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.331055][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.350676][ T5950] team0: Port device team_slave_1 added [ 47.360584][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.376309][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.379186][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.388589][ T5953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.435586][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.438260][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.446277][ T5953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.469149][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.471088][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.478968][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.484136][ T5946] team0: Port device team_slave_0 added [ 47.490009][ T5946] team0: Port device team_slave_1 added [ 47.527698][ T5958] hsr_slave_0: entered promiscuous mode [ 47.529775][ T5958] hsr_slave_1: entered promiscuous mode [ 47.532334][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.534275][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.541333][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.575154][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.577292][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.584134][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.588174][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.590109][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.597858][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.700611][ T5953] hsr_slave_0: entered promiscuous mode [ 47.702667][ T5953] hsr_slave_1: entered promiscuous mode [ 47.704498][ T5953] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.706907][ T5953] Cannot create hsr debugfs directory [ 47.774362][ T5950] hsr_slave_0: entered promiscuous mode [ 47.776306][ T5950] hsr_slave_1: entered promiscuous mode [ 47.778126][ T5950] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.780153][ T5950] Cannot create hsr debugfs directory [ 47.790324][ T5946] hsr_slave_0: entered promiscuous mode [ 47.792259][ T5946] hsr_slave_1: entered promiscuous mode [ 47.794052][ T5946] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.796077][ T5946] Cannot create hsr debugfs directory [ 48.078400][ T5958] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 48.084720][ T5958] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 48.088749][ T5958] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 48.097763][ T5958] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 48.122890][ T5953] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 48.130001][ T5953] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 48.136238][ T5953] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 48.145773][ T5953] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 48.179692][ T5946] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 48.203667][ T5946] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 48.208312][ T5946] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 48.233668][ T5946] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 48.250486][ T5958] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.257404][ T5954] Bluetooth: hci2: command tx timeout [ 48.257616][ T68] Bluetooth: hci3: command tx timeout [ 48.261663][ T5950] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 48.267241][ T68] Bluetooth: hci1: command tx timeout [ 48.267255][ T5954] Bluetooth: hci0: command tx timeout [ 48.271289][ T5958] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.273940][ T5950] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 48.280446][ T5950] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 48.301903][ T5950] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 48.320700][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.323385][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.340182][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.342140][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.404482][ T5953] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.419137][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.434566][ T5946] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.442411][ T1150] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.444711][ T1150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.450009][ T5953] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.455918][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.460056][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.461944][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.472597][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.474616][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.488642][ T76] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.490839][ T76] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.506155][ T5950] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.523638][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.526177][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.533080][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.535568][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.573166][ T5958] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.630647][ T5958] veth0_vlan: entered promiscuous mode [ 48.646116][ T5958] veth1_vlan: entered promiscuous mode [ 48.659946][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.691057][ T5958] veth0_macvtap: entered promiscuous mode [ 48.697878][ T5946] veth0_vlan: entered promiscuous mode [ 48.699832][ T5958] veth1_macvtap: entered promiscuous mode [ 48.711214][ T5953] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.716561][ T5946] veth1_vlan: entered promiscuous mode [ 48.722588][ T5958] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.731494][ T5958] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.738441][ T5958] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.741303][ T5958] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.743920][ T5958] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.746453][ T5958] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.763181][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.777066][ T5946] veth0_macvtap: entered promiscuous mode [ 48.789615][ T5946] veth1_macvtap: entered promiscuous mode [ 48.816110][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.819540][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.823171][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.830036][ T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.832240][ T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.841171][ T5953] veth0_vlan: entered promiscuous mode [ 48.846428][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.850083][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.854083][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.858333][ T5946] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.861062][ T5946] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.863448][ T5946] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.865753][ T5946] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.881194][ T5950] veth0_vlan: entered promiscuous mode [ 48.887205][ T1150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.890426][ T1150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.897786][ T5953] veth1_vlan: entered promiscuous mode [ 48.903495][ T5950] veth1_vlan: entered promiscuous mode [ 48.933251][ T5953] veth0_macvtap: entered promiscuous mode [ 48.934266][ T1137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.937600][ T5953] veth1_macvtap: entered promiscuous mode [ 48.941349][ T1137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.949794][ T5958] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 48.960468][ T5950] veth0_macvtap: entered promiscuous mode [ 48.964823][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.968277][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.970842][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.973556][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.977257][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.980654][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.981005][ T1150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.983620][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.983638][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.983645][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.986115][ T1150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.990053][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.002886][ T5950] veth1_macvtap: entered promiscuous mode [ 49.008301][ T5953] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.010650][ T5953] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.012979][ T5953] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.015321][ T5953] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.025365][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.028405][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.031306][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.034137][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.037225][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.040471][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.044440][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.047965][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.051581][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.054286][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.057603][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.060112][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.063241][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.067567][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.079990][ T5950] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.082364][ T5950] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.084796][ T5950] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.087564][ T5950] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.101973][ T6024] Illegal XDP return value 4294967294 on prog (id 2) dev N/A, expect packet loss! [ 49.150321][ T1139] Bluetooth: hci4: Frame reassembly failed (-84) [ 49.159770][ T1137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.162000][ T1137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.169736][ T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.171833][ T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.183080][ T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.185227][ T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.195367][ T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.198114][ T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.029400][ T40] audit: type=1800 audit(1744283474.184:2): pid=6117 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.38" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 50.074345][ T6125] netlink: 'syz.3.43': attribute type 1 has an invalid length. [ 50.294180][ T6141] netlink: 8 bytes leftover after parsing attributes in process `syz.1.50'. [ 50.347768][ T68] Bluetooth: hci1: command tx timeout [ 50.349266][ T68] Bluetooth: hci3: command tx timeout [ 50.350726][ T68] Bluetooth: hci0: command tx timeout [ 50.352175][ T68] Bluetooth: hci2: command tx timeout [ 50.432653][ T6151] raw_sendmsg: syz.0.54 forgot to set AF_INET. Fix it! [ 50.623411][ T6169] Bluetooth: MGMT ver 1.23 [ 50.738088][ T6183] capability: warning: `syz.0.70' uses 32-bit capabilities (legacy support in use) [ 51.065245][ T6209] netlink: 24 bytes leftover after parsing attributes in process `syz.3.82'. [ 51.094674][ T6211] process 'syz.3.83' launched '/dev/fd/3' with NULL argv: empty string added [ 51.176005][ T6215] warning: `syz.3.85' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 51.216841][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 51.265067][ T6221] netlink: 4 bytes leftover after parsing attributes in process `syz.2.88'. [ 51.396736][ T1463] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 51.546725][ T1463] usb 6-1: Using ep0 maxpacket: 8 [ 51.551451][ T1463] usb 6-1: config 0 has no interfaces? [ 51.555740][ T1463] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 51.559785][ T1463] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 51.562861][ T1463] usb 6-1: Product: syz [ 51.564467][ T1463] usb 6-1: Manufacturer: syz [ 51.566319][ T1463] usb 6-1: SerialNumber: syz [ 51.573112][ T1463] usb 6-1: config 0 descriptor?? [ 51.771376][ T6237] netlink: 830 bytes leftover after parsing attributes in process `syz.0.95'. [ 51.789510][ T6011] usb 6-1: USB disconnect, device number 2 [ 51.817805][ T40] audit: type=1326 audit(1744283475.974:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6241 comm="syz.0.97" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf743e579 code=0x0 [ 52.211006][ T6261] netlink: 'syz.3.106': attribute type 29 has an invalid length. [ 52.223834][ T6261] netlink: 'syz.3.106': attribute type 29 has an invalid length. [ 52.363390][ T6271] dlm: no local IP address has been set [ 52.366478][ T6271] dlm: cannot start dlm midcomms -107 [ 52.417185][ T5954] Bluetooth: hci2: command tx timeout [ 52.417312][ T5951] Bluetooth: hci0: command tx timeout [ 52.419825][ T68] Bluetooth: hci3: command tx timeout [ 52.421230][ T5951] Bluetooth: hci1: command tx timeout [ 52.632899][ T6285] netlink: 12 bytes leftover after parsing attributes in process `syz.3.117'. [ 53.021802][ T6323] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 53.133385][ T6341] netlink: 4 bytes leftover after parsing attributes in process `syz.3.141'. [ 53.195679][ T6347] netlink: 4 bytes leftover after parsing attributes in process `syz.3.144'. [ 53.349649][ T6368] netlink: 108 bytes leftover after parsing attributes in process `syz.2.153'. [ 53.469056][ T6378] ptrace attach of ""[6380] was attempted by "/syz-executor exec"[6378] [ 53.781522][ T6400] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 54.023041][ T6413] netlink: 8 bytes leftover after parsing attributes in process `syz.1.175'. [ 54.033344][ T6410] Zero length message leads to an empty skb [ 54.251345][ T6442] netlink: 451 bytes leftover after parsing attributes in process `syz.2.189'. [ 54.397188][ T6447] netlink: 'syz.1.191': attribute type 1 has an invalid length. [ 54.496779][ T5954] Bluetooth: hci2: command tx timeout [ 54.496834][ T5304] Bluetooth: hci0: command tx timeout [ 54.500052][ T5954] Bluetooth: hci1: command tx timeout [ 54.500481][ T5951] Bluetooth: hci3: command tx timeout [ 54.743980][ T34] hid-generic 0005:0C45:FF3E.0002: item fetching failed at offset 0/2 [ 54.749877][ T34] hid-generic 0005:0C45:FF3E.0002: probe with driver hid-generic failed with error -22 [ 55.031856][ T6513] syz.2.221 uses obsolete (PF_INET,SOCK_PACKET) [ 55.496776][ T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 55.658088][ T10] usb 5-1: config 0 has no interfaces? [ 55.659831][ T10] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 55.662397][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.667907][ T10] usb 5-1: config 0 descriptor?? [ 55.890100][ T10] usb 5-1: USB disconnect, device number 2 [ 56.409726][ T6575] __nla_validate_parse: 2 callbacks suppressed [ 56.409736][ T6575] netlink: 14 bytes leftover after parsing attributes in process `syz.2.251'. [ 56.572301][ T6584] 9pnet_virtio: no channels available for device syz [ 56.952714][ T6619] Attempt to restore checkpoint with obsolete wellknown handles [ 57.170201][ T6633] ======================================================= [ 57.170201][ T6633] WARNING: The mand mount option has been deprecated and [ 57.170201][ T6633] and is ignored by this kernel. Remove the mand [ 57.170201][ T6633] option from the mount to silence this warning. [ 57.170201][ T6633] ======================================================= [ 57.615940][ T6650] netlink: 28 bytes leftover after parsing attributes in process `syz.0.286'. [ 57.619132][ T6650] netlink: 28 bytes leftover after parsing attributes in process `syz.0.286'. [ 57.666829][ T6656] overlay: filesystem on ./file0 not supported [ 57.978162][ T6684] loop9: detected capacity change from 0 to 8 [ 57.982566][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 57.985233][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 57.989618][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 57.992133][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 57.997910][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.000436][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 58.002741][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.005286][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 58.008266][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.010792][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 58.013109][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.015926][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 58.018888][ C2] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.022215][ C2] Buffer I/O error on dev loop9, logical block 0, async page read [ 58.025581][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.028195][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 58.030599][ T6684] ldm_validate_partition_table(): Disk read failed. [ 58.034735][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.038266][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 58.041889][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 58.044966][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 58.047818][ T6684] Dev loop9: unable to read RDB block 0 [ 58.052496][ T6684] loop9: unable to read partition table [ 58.054457][ T6684] loop9: partition table beyond EOD, truncated [ 58.056256][ T6684] loop_reread_partitions: partition scan of loop9 (3 ) failed (rc=-5) [ 58.191345][ T40] audit: type=1326 audit(1744283482.344:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6703 comm="syz.3.309" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 58.204567][ T40] audit: type=1326 audit(1744283482.344:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6703 comm="syz.3.309" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 58.211012][ T40] audit: type=1326 audit(1744283482.354:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6703 comm="syz.3.309" exe="/syz-executor" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 58.216947][ T40] audit: type=1326 audit(1744283482.354:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6703 comm="syz.3.309" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 58.222720][ T40] audit: type=1326 audit(1744283482.354:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6703 comm="syz.3.309" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 58.229792][ T40] audit: type=1326 audit(1744283482.374:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6703 comm="syz.3.309" exe="/syz-executor" sig=0 arch=40000003 syscall=271 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 58.235782][ T40] audit: type=1326 audit(1744283482.374:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6703 comm="syz.3.309" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 58.241929][ T40] audit: type=1326 audit(1744283482.374:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6703 comm="syz.3.309" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 58.296691][ T40] audit: type=1326 audit(1744283482.434:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6715 comm="syz.3.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 58.302858][ T40] audit: type=1326 audit(1744283482.444:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6715 comm="syz.3.315" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 58.569193][ T6731] rtc_cmos 00:05: Alarms can be up to one day in the future [ 59.044569][ T835] rtc_cmos 00:05: Alarms can be up to one day in the future [ 59.047340][ T835] rtc_cmos 00:05: Alarms can be up to one day in the future [ 59.049949][ T835] rtc_cmos 00:05: Alarms can be up to one day in the future [ 59.052647][ T835] rtc_cmos 00:05: Alarms can be up to one day in the future [ 59.054706][ T835] rtc rtc0: __rtc_set_alarm: err=-22 [ 59.226228][ T5994] kernel read not supported for file /dsp (pid: 5994 comm: kworker/1:3) [ 59.298034][ T6673] Set syz1 is full, maxelem 65536 reached [ 59.896765][ T5994] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 60.054178][ T5994] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 60.058624][ T5994] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 60.062205][ T5994] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 60.065554][ T5994] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.077505][ T6786] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 60.084903][ T5994] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 60.291921][ T10] usb 6-1: USB disconnect, device number 3 [ 60.324537][ T5990] Process accounting resumed [ 60.361327][ T6846] netlink: 20 bytes leftover after parsing attributes in process `syz.0.375'. [ 60.416381][ T6854] mmap: syz.3.380 (6854) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 60.456594][ T6860] netlink: 14 bytes leftover after parsing attributes in process `syz.2.383'. [ 60.833371][ T6877] sch_fq: defrate 113 ignored. [ 60.999381][ T6887] program syz.3.395 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 61.201830][ T6901] kernel read not supported for file /.pending_reads (pid: 6901 comm: syz.3.401) [ 61.358404][ T6908] batadv_slave_1: entered promiscuous mode [ 61.360718][ T6908] batadv_slave_1: left promiscuous mode [ 61.550343][ T6932] netlink: 8 bytes leftover after parsing attributes in process `syz.3.414'. [ 61.654872][ T6942] bridge_slave_0: left allmulticast mode [ 61.656558][ T6942] bridge_slave_0: left promiscuous mode [ 61.658922][ T6942] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.664543][ T6942] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 61.794670][ T6954] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.799244][ T6954] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.801379][ T6954] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.805698][ T6962] netlink: 8 bytes leftover after parsing attributes in process `syz.2.428'. [ 62.088709][ T7002] netlink: 8 bytes leftover after parsing attributes in process `syz.1.444'. [ 62.093587][ T7002] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.108115][ T7007] netlink: 84 bytes leftover after parsing attributes in process `syz.0.446'. [ 62.251424][ T7020] vivid-007: disconnect [ 62.253955][ T7019] vivid-007: reconnect [ 62.326130][ T7030] sp0: Synchronizing with TNC [ 62.443861][ T7038] capability: warning: `syz.3.461' uses deprecated v2 capabilities in a way that may be insecure [ 63.337715][ T7112] input: syz0 as /devices/virtual/input/input10 [ 63.410532][ T7116] block nbd0: shutting down sockets [ 63.582770][ T7136] netlink: 'syz.0.508': attribute type 1 has an invalid length. [ 63.585114][ T7136] netlink: 244 bytes leftover after parsing attributes in process `syz.0.508'. [ 63.775153][ T7164] loop2: detected capacity change from 0 to 7 [ 63.779283][ T7164] Dev loop2: unable to read RDB block 7 [ 63.781278][ T7164] loop2: AHDI p1 p2 p3 [ 63.782467][ T7164] loop2: partition table partially beyond EOD, truncated [ 63.785620][ T7164] loop2: p1 start 1601398130 is beyond EOD, truncated [ 63.787527][ T7164] loop2: p2 start 1702059890 is beyond EOD, truncated [ 63.877669][ T7174] netlink: 108 bytes leftover after parsing attributes in process `syz.1.525'. [ 64.027920][ T7182] Falling back ldisc for ttyS3. [ 64.352953][ T7201] netlink: 64 bytes leftover after parsing attributes in process `syz.1.537'. [ 64.592151][ T7219] ref_ctr_offset mismatch. inode: 0x2c3 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x4 [ 64.770521][ T40] kauditd_printk_skb: 12 callbacks suppressed [ 64.770531][ T40] audit: type=1326 audit(1744283488.924:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 64.779629][ T40] audit: type=1326 audit(1744283488.924:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 64.790125][ T40] audit: type=1326 audit(1744283488.924:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 64.798346][ T40] audit: type=1326 audit(1744283488.924:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 64.805070][ T40] audit: type=1326 audit(1744283488.924:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 64.811159][ T40] audit: type=1326 audit(1744283488.924:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf73ce598 code=0x7ffc0000 [ 64.817163][ T40] audit: type=1326 audit(1744283488.924:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf73ce598 code=0x7ffc0000 [ 64.822983][ T40] audit: type=1326 audit(1744283488.924:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf73ce598 code=0x7ffc0000 [ 64.829091][ T40] audit: type=1326 audit(1744283488.924:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf73ce598 code=0x7ffc0000 [ 64.834950][ T40] audit: type=1326 audit(1744283488.924:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7239 comm="syz.1.556" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf73ce598 code=0x7ffc0000 [ 65.743972][ T7283] netlink: 36 bytes leftover after parsing attributes in process `syz.1.576'. [ 65.746497][ T7283] netlink: 36 bytes leftover after parsing attributes in process `syz.1.576'. [ 65.749077][ T7283] netlink: 36 bytes leftover after parsing attributes in process `syz.1.576'. [ 66.776301][ T7314] random: crng reseeded on system resumption [ 66.890131][ T7334] input: syz0 as /devices/virtual/input/input11 [ 66.945954][ T7341] vlan2: entered allmulticast mode [ 66.949023][ T7341] batadv0: entered allmulticast mode [ 66.995153][ T7352] loop6: detected capacity change from 0 to 524287999 [ 66.998375][ C2] blk_print_req_error: 7 callbacks suppressed [ 66.998385][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 67.002715][ C2] buffer_io_error: 6 callbacks suppressed [ 67.002721][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.007989][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 67.010572][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.013140][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 67.015745][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.018883][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 67.021999][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.027174][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 67.029682][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.033182][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 67.035995][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.040054][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 67.042588][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.044922][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 67.047622][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.050331][ T7352] ldm_validate_partition_table(): Disk read failed. [ 67.052467][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 67.055079][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.067444][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 67.070314][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 67.078104][ T7352] Dev loop6: unable to read RDB block 0 [ 67.083153][ T7352] loop6: unable to read partition table [ 67.084952][ T7352] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 67.097628][ T7360] ldm_validate_partition_table(): Disk read failed. [ 67.100372][ T7360] Dev loop6: unable to read RDB block 0 [ 67.102372][ T7360] loop6: unable to read partition table [ 67.311592][ T7394] loop6: detected capacity change from 0 to 524287999 [ 67.331562][ T7394] ldm_validate_partition_table(): Disk read failed. [ 67.335028][ T7394] Dev loop6: unable to read RDB block 0 [ 67.339377][ T7394] loop6: unable to read partition table [ 67.341452][ T7394] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 67.350462][ T7394] ldm_validate_partition_table(): Disk read failed. [ 67.353644][ T7394] Dev loop6: unable to read RDB block 0 [ 67.358740][ T7394] loop6: unable to read partition table [ 67.516383][ T7423] veth1_to_batadv: entered promiscuous mode [ 67.518370][ T7423] macsec1: entered promiscuous mode [ 67.693704][ T7443] __nla_validate_parse: 6 callbacks suppressed [ 67.693795][ T7443] netlink: 4 bytes leftover after parsing attributes in process `syz.3.638'. [ 68.540262][ T7466] netlink: 452 bytes leftover after parsing attributes in process `syz.2.651'. [ 68.580514][ T7471] netlink: 4 bytes leftover after parsing attributes in process `syz.2.653'. [ 68.583611][ T7471] netlink: 4 bytes leftover after parsing attributes in process `syz.2.653'. [ 68.721192][ T7498] netlink: 16 bytes leftover after parsing attributes in process `syz.0.667'. [ 68.745461][ T7502] netlink: 232 bytes leftover after parsing attributes in process `syz.2.669'. [ 68.753074][ T7502] macvtap1: entered promiscuous mode [ 68.843521][ T7508] loop6: detected capacity change from 0 to 524287999 [ 68.847764][ T7508] ldm_validate_partition_table(): Disk read failed. [ 68.850754][ T7508] Dev loop6: unable to read RDB block 0 [ 68.852919][ T7508] loop6: unable to read partition table [ 68.854618][ T7508] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 68.862350][ T7508] ldm_validate_partition_table(): Disk read failed. [ 68.865236][ T7508] Dev loop6: unable to read RDB block 0 [ 68.868534][ T7508] loop6: unable to read partition table [ 69.164914][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.219392][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.334870][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.338959][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.342129][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.344650][ T5954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.348065][ T5954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.350518][ T5954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.408193][ T7534] netlink: 168 bytes leftover after parsing attributes in process `syz.3.685'. [ 69.440646][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.469474][ T7530] chnl_net:caif_netlink_parms(): no params data found [ 69.553135][ T7530] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.555328][ T7530] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.557558][ T7530] bridge_slave_0: entered allmulticast mode [ 69.559903][ T7530] bridge_slave_0: entered promiscuous mode [ 69.562593][ T7530] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.564596][ T7530] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.566549][ T7530] bridge_slave_1: entered allmulticast mode [ 69.570679][ T7530] bridge_slave_1: entered promiscuous mode [ 69.623935][ T7530] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.628899][ T7530] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.687482][ T12] bridge_slave_1: left allmulticast mode [ 69.689168][ T12] bridge_slave_1: left promiscuous mode [ 69.691658][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.699387][ T12] bridge_slave_0: left allmulticast mode [ 69.701002][ T12] bridge_slave_0: left promiscuous mode [ 69.703108][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.956374][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 69.961347][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 69.964554][ T12] bond0 (unregistering): Released all slaves [ 69.982378][ T7530] team0: Port device team_slave_0 added [ 69.991943][ T7530] team0: Port device team_slave_1 added [ 70.067104][ T7530] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.069658][ T7530] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.076783][ T7530] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.113964][ T7530] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.115976][ T7530] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.125069][ T7530] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.188160][ T7530] hsr_slave_0: entered promiscuous mode [ 70.190209][ T7530] hsr_slave_1: entered promiscuous mode [ 70.192180][ T7530] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.194675][ T7530] Cannot create hsr debugfs directory [ 70.299418][ T12] hsr_slave_0: left promiscuous mode [ 70.301924][ T12] hsr_slave_1: left promiscuous mode [ 70.304723][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 70.308359][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 70.311864][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 70.314661][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 70.348757][ T12] veth1_macvtap: left promiscuous mode [ 70.351058][ T12] veth0_macvtap: left promiscuous mode [ 70.353210][ T12] veth1_vlan: left promiscuous mode [ 70.355213][ T12] veth0_vlan: left promiscuous mode [ 70.847380][ T12] team0 (unregistering): Port device team_slave_1 removed [ 70.898037][ T12] team0 (unregistering): Port device team_slave_0 removed [ 70.913855][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.917104][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.269767][ T7596] netlink: 'syz.3.707': attribute type 6 has an invalid length. [ 71.369941][ T7530] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 71.375521][ T7530] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 71.387512][ T7530] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 71.389526][ T5954] Bluetooth: hci0: command tx timeout [ 71.393281][ T7530] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 71.452406][ T7530] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.461144][ T7530] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.470456][ T1137] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.472514][ T1137] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.485919][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.487957][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.511351][ T7530] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.591371][ T7530] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.592748][ T7633] KVM: debugfs: duplicate directory 7633-4 [ 71.722241][ T7530] veth0_vlan: entered promiscuous mode [ 71.730434][ T7530] veth1_vlan: entered promiscuous mode [ 71.744409][ T7530] veth0_macvtap: entered promiscuous mode [ 71.748643][ T7530] veth1_macvtap: entered promiscuous mode [ 71.756260][ T7530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.760920][ T7530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.763962][ T7530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.767066][ T7530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.770324][ T7530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.773259][ T7530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.777606][ T7530] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.782240][ T7530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.785156][ T7530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.788759][ T7530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.792034][ T7530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.794948][ T7530] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.797843][ T7530] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.802247][ T7530] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.810361][ T7530] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.812792][ T7530] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.815108][ T7530] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.817644][ T7530] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.865957][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.871977][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.884789][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.889824][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.927607][ T7680] netlink: 4 bytes leftover after parsing attributes in process `syz.3.731'. [ 71.936017][ T7680] netlink: 4 bytes leftover after parsing attributes in process `syz.3.731'. [ 72.089795][ T7707] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input12 [ 72.267883][ T7730] netlink: 4 bytes leftover after parsing attributes in process `syz.3.748'. [ 72.309167][ T5992] kernel read not supported for file /dsp1 (pid: 5992 comm: kworker/2:4) [ 72.547651][ T7773] netlink: 'syz.3.764': attribute type 1 has an invalid length. [ 72.696313][ T40] kauditd_printk_skb: 818 callbacks suppressed [ 72.696328][ T40] audit: type=1800 audit(1744283496.844:854): pid=7780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.765" name="memory.events.local" dev="tmpfs" ino=1036 res=0 errno=0 [ 73.005002][ T7785] syz.3.769 (7785): drop_caches: 2 [ 73.061558][ T1137] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 1 [ 73.066539][ T1137] Bluetooth: hci4: Frame reassembly failed (-84) [ 73.127572][ T7817] netlink: 76 bytes leftover after parsing attributes in process `syz.4.782'. [ 73.331549][ T7830] netlink: 4 bytes leftover after parsing attributes in process `syz.1.788'. [ 73.467026][ T5951] Bluetooth: hci0: command tx timeout [ 74.046896][ T1137] Bluetooth: hci5: Frame reassembly failed (-84) [ 74.049102][ T7868] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 74.272305][ T7875] netlink: 12 bytes leftover after parsing attributes in process `syz.1.807'. [ 74.561934][ T7896] netlink: 12 bytes leftover after parsing attributes in process `syz.4.817'. [ 74.730613][ T7911] syz.1.830: attempt to access beyond end of device [ 74.730613][ T7911] loop1: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 74.734318][ T7911] EXT4-fs (loop1): unable to read superblock [ 75.136786][ T68] Bluetooth: hci4: command 0x1003 tx timeout [ 75.136937][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 75.310518][ T7931] bond0: option fail_over_mac: unable to set because the bond device has slaves [ 75.515600][ T64] kernel write not supported for file /input/mouse0 (pid: 64 comm: kworker/2:1) [ 75.546777][ T5954] Bluetooth: hci0: command tx timeout [ 76.100228][ T5954] Bluetooth: hci5: command 0x1003 tx timeout [ 76.100246][ T5951] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 76.639001][ T8001] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 76.679785][ T8003] kvm: kvm [8002]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc1) = 0x7fffffffffffffff [ 76.953302][ T8034] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 77.067505][ T835] e1000 0000:00:06.0 eth0: Reset adapter [ 77.298268][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 77.616732][ T5951] Bluetooth: hci0: command tx timeout [ 79.218292][ T835] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 81.147768][ T58] cfg80211: failed to load regulatory.db [ 87.959718][ T8165] Bluetooth: MGMT ver 1.23 [ 88.185549][ T8194] netlink: 20 bytes leftover after parsing attributes in process `syz.1.912'. [ 88.189011][ T8194] netlink: 20 bytes leftover after parsing attributes in process `syz.1.912'. [ 88.697926][ T8235] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 88.701454][ T8235] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 88.703633][ T8235] gretap1: entered promiscuous mode [ 88.705087][ T8235] gretap1: entered allmulticast mode [ 89.132994][ T8266] trusted_key: syz.3.947 sent an empty control message without MSG_MORE. [ 89.369955][ T8300] block nbd1: NBD_DISCONNECT [ 90.560102][ T8362] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 90.988217][ T8401] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 91.116096][ T8410] input: syz0 as /devices/virtual/input/input13 [ 91.267226][ T8413] block nbd0: server does not support multiple connections per device. [ 91.270947][ T8413] block nbd0: shutting down sockets [ 91.669131][ T40] audit: type=1800 audit(1744283515.824:855): pid=8445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1030" name="file0" dev="9p" ino=36831618 res=0 errno=0 [ 91.784895][ T8452] netlink: 'syz.3.1033': attribute type 4 has an invalid length. [ 91.955002][ T8465] input: syz0 as /devices/virtual/input/input14 [ 92.046039][ T8475] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1045'. [ 92.220363][ T40] audit: type=1326 audit(1744283516.374:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8495 comm="syz.3.1054" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f84579 code=0x0 [ 92.913790][ T40] audit: type=1326 audit(1744283517.064:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.4.1074" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 92.921085][ T40] audit: type=1326 audit(1744283517.064:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.4.1074" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 92.928702][ T40] audit: type=1326 audit(1744283517.084:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.4.1074" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 92.936767][ T40] audit: type=1326 audit(1744283517.084:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.4.1074" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 92.946861][ T40] audit: type=1326 audit(1744283517.084:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.4.1074" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 92.953740][ T40] audit: type=1326 audit(1744283517.084:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.4.1074" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 92.962942][ T40] audit: type=1326 audit(1744283517.084:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.4.1074" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 92.971153][ T40] audit: type=1326 audit(1744283517.084:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8542 comm="syz.4.1074" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 93.010463][ T8555] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1079'. [ 93.013155][ T8555] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1079'. [ 93.099900][ T8568] IPv6: NLM_F_CREATE should be specified when creating new route [ 93.608411][ T8605] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1103'. [ 93.611230][ T8605] netlink: 'syz.1.1103': attribute type 20 has an invalid length. [ 93.613767][ T8605] netlink: 'syz.1.1103': attribute type 21 has an invalid length. [ 93.843864][ T8625] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1112'. [ 94.099927][ T8650] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 94.376737][ T66] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 94.537558][ T66] usb 9-1: Using ep0 maxpacket: 16 [ 94.540250][ T66] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 94.543103][ T66] usb 9-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 94.545557][ T66] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.549663][ T66] usb 9-1: config 0 descriptor?? [ 94.555071][ T66] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input15 [ 94.806556][ T5348] bcm5974 9-1:0.0: could not read from device [ 94.811951][ T5348] bcm5974 9-1:0.0: could not read from device [ 94.813506][ T66] usb 9-1: USB disconnect, device number 2 [ 94.818636][ T5348] bcm5974 9-1:0.0: could not read from device [ 94.827099][ T8654] bcm5974 9-1:0.0: could not read from device [ 95.645554][ T8719] CIFS: VFS: Malformed UNC in devname [ 96.176817][ T5954] Bluetooth: hci4: command 0x1003 tx timeout [ 96.179406][ T5951] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 96.280350][ T8782] syz.0.1182: attempt to access beyond end of device [ 96.280350][ T8782] loop1: rw=0, sector=0, nr_sectors = 1 limit=0 [ 96.284799][ T8782] FAT-fs (loop1): unable to read boot sector [ 96.353700][ T8790] tmpfs: Invalid gid '0x00000000ffffffff' [ 96.987499][ T8856] batadv_slave_1: entered promiscuous mode [ 96.990381][ T8855] batadv_slave_1: left promiscuous mode [ 97.090871][ T8867] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1220'. [ 97.121960][ T8876] loop9: detected capacity change from 0 to 7 [ 97.125189][ T8876] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 97.126898][ T8876] loop9: partition table partially beyond EOD, truncated [ 97.129544][ T8876] loop9: p1 size 2437361653 extends beyond EOD, truncated [ 97.148292][ T8142] udevd[8142]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory [ 97.157253][ T8880] ALSA: mixer_oss: invalid OSS volume 'DIGTAL1' [ 97.328730][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 97.328745][ T40] audit: type=1326 audit(1744283521.484:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8900 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 97.340194][ T40] audit: type=1326 audit(1744283521.484:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8900 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 97.347478][ T40] audit: type=1326 audit(1744283521.484:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8900 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 97.355772][ T40] audit: type=1326 audit(1744283521.484:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8900 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf743e598 code=0x7ffc0000 [ 97.362912][ T40] audit: type=1326 audit(1744283521.484:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8900 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 97.369718][ T8907] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1240'. [ 97.369757][ T40] audit: type=1326 audit(1744283521.484:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8900 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 97.379178][ T8907] bridge0: port 3(vlan2) entered blocking state [ 97.381266][ T40] audit: type=1326 audit(1744283521.484:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8900 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf743e598 code=0x7ffc0000 [ 97.382158][ T8907] bridge0: port 3(vlan2) entered disabled state [ 97.388871][ T40] audit: type=1326 audit(1744283521.484:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8900 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x7ffc0000 [ 97.388908][ T40] audit: type=1326 audit(1744283521.484:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8900 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf743e598 code=0x7ffc0000 [ 97.388937][ T40] audit: type=1326 audit(1744283521.484:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8900 comm="syz.0.1237" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf743e598 code=0x7ffc0000 [ 97.398911][ T8905] libceph: resolve '0' (ret=-3): failed [ 97.400897][ T8907] vlan2: entered allmulticast mode [ 97.418506][ T8907] bridge0: entered allmulticast mode [ 97.627806][ T8907] vlan2: left allmulticast mode [ 97.629590][ T8907] bridge0: left allmulticast mode [ 98.244150][ T8923] mkiss: ax0: crc mode is auto. [ 98.786279][ T8969] vxcan1: tx address claim with dlc 0 [ 99.132747][ T5951] Bluetooth: hci1: Dropping invalid advertising data [ 99.135539][ T5951] Bluetooth: hci1: Malformed LE Event: 0x02 [ 99.703374][ T9045] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1302'. [ 99.749594][ T9052] batadv_slave_1: entered promiscuous mode [ 99.752591][ T9051] batadv_slave_1: left promiscuous mode [ 102.222455][ T9068] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1305'. [ 102.295491][ T66] IPVS: starting estimator thread 0... [ 102.409573][ T9085] IPVS: using max 45 ests per chain, 108000 per kthread [ 102.410747][ T9097] kvm: kvm [9096]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x4000008e) [ 102.905545][ T9146] netlink: 'syz.3.1342': attribute type 2 has an invalid length. [ 102.909379][ T9146] netlink: 119 bytes leftover after parsing attributes in process `syz.3.1342'. [ 103.241281][ T9176] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1356'. [ 103.297877][ T34] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 103.344516][ T9194] wireguard0: entered promiscuous mode [ 103.346736][ T9194] wireguard0: entered allmulticast mode [ 103.357434][ T64] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 103.387746][ T5990] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 103.405178][ T9206] set match dimension is over the limit! [ 103.426750][ T5994] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 103.464501][ T9216] netlink: 'syz.1.1375': attribute type 10 has an invalid length. [ 103.478801][ T1463] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 103.556978][ T34] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 103.602642][ T9239] bridge0: entered allmulticast mode [ 103.638491][ T9] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 103.676829][ T9] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 103.776732][ T5994] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 103.777496][ T64] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 103.827009][ T64] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 103.956689][ T5994] usb 5-1: Using ep0 maxpacket: 16 [ 103.959550][ T5994] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 103.962354][ T5994] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 103.964817][ T5994] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.977788][ T5994] usb 5-1: config 0 descriptor?? [ 103.981755][ T5994] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input16 [ 104.235332][ T5348] bcm5974 5-1:0.0: could not read from device [ 104.237230][ T34] usb 5-1: USB disconnect, device number 3 [ 104.247602][ T8552] bcm5974 5-1:0.0: could not read from device [ 104.490763][ T9247] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 104.793305][ T40] kauditd_printk_skb: 112 callbacks suppressed [ 104.793316][ T40] audit: type=1800 audit(1744283528.944:989): pid=9269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1398" name="file0" dev="9p" ino=36831618 res=0 errno=0 [ 105.115475][ T9284] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1406'. [ 105.118108][ T9284] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1406'. [ 105.378198][ T1143] wlan1: Trigger new scan to find an IBSS to join [ 107.356709][ T5990] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 107.526764][ T5990] usb 6-1: Using ep0 maxpacket: 16 [ 107.529454][ T5990] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 107.532363][ T5990] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 107.535183][ T5990] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.537460][ T40] audit: type=1800 audit(1744283531.694:990): pid=9306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1413" name="file0" dev="9p" ino=36831618 res=0 errno=0 [ 107.542988][ T5990] usb 6-1: config 0 descriptor?? [ 107.549820][ T5990] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input17 [ 107.788826][ T9317] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1419'. [ 107.803943][ T5348] bcm5974 6-1:0.0: could not read from device [ 107.811954][ T9289] bcm5974 6-1:0.0: could not read from device [ 107.814544][ T5990] usb 6-1: USB disconnect, device number 4 [ 107.820300][ T5348] bcm5974 6-1:0.0: could not read from device [ 107.949379][ T9334] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1427'. [ 107.952692][ T9334] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1427'. [ 107.991053][ T9339] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1431'. [ 107.997413][ T9339] macsec0: entered promiscuous mode [ 108.154049][ T9351] input: syz0 as /devices/virtual/input/input18 [ 108.156066][ T9351] input: failed to attach handler leds to device input18, error: -6 [ 108.510141][ T9386] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1451'. [ 108.656907][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 108.818346][ T9420] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1466'. [ 108.821261][ T9420] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 109.009491][ T40] audit: type=1326 audit(1744283533.164:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.3.1481" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 109.016259][ T40] audit: type=1326 audit(1744283533.164:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.3.1481" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f845a7 code=0x7ffc0000 [ 109.042068][ T40] audit: type=1326 audit(1744283533.164:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.3.1481" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 109.048178][ T40] audit: type=1326 audit(1744283533.164:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.3.1481" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f845a7 code=0x7ffc0000 [ 109.054173][ T40] audit: type=1326 audit(1744283533.164:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.3.1481" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 109.061252][ T40] audit: type=1326 audit(1744283533.164:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.3.1481" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f845a7 code=0x7ffc0000 [ 109.067259][ T40] audit: type=1326 audit(1744283533.164:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.3.1481" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 109.073952][ T40] audit: type=1326 audit(1744283533.164:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9450 comm="syz.3.1481" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f845a7 code=0x7ffc0000 [ 109.531045][ T9502] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 110.114558][ T9539] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1523'. [ 110.118084][ T9539] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1523'. [ 110.184099][ T9547] /dev/nbd3: Can't open blockdev [ 110.346844][ T9568] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1531'. [ 110.358424][ T9570] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1530'. [ 110.732947][ T9626] tun0: tun_chr_ioctl cmd 1074025675 [ 110.735084][ T9626] tun0: persist disabled [ 112.640564][ T9689] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1579'. [ 113.156852][ T9750] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1608'. [ 113.500796][ T9784] netlink: 'syz.4.1623': attribute type 2 has an invalid length. [ 113.503817][ T9784] netlink: 119 bytes leftover after parsing attributes in process `syz.4.1623'. [ 113.744698][ T9809] netlink: 'syz.1.1635': attribute type 3 has an invalid length. [ 113.747758][ T9809] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1635'. [ 113.955851][ T9823] loop5: detected capacity change from 0 to 7 [ 113.959624][ T9823] buffer_io_error: 92 callbacks suppressed [ 113.959638][ T9823] Buffer I/O error on dev loop5, logical block 0, async page read [ 113.964772][ T9823] Buffer I/O error on dev loop5, logical block 0, async page read [ 113.968251][ T9823] Buffer I/O error on dev loop5, logical block 0, async page read [ 113.971155][ T9823] Buffer I/O error on dev loop5, logical block 0, async page read [ 113.974085][ T9823] Buffer I/O error on dev loop5, logical block 0, async page read [ 113.977417][ T9823] Buffer I/O error on dev loop5, logical block 0, async page read [ 113.980364][ T9823] Buffer I/O error on dev loop5, logical block 0, async page read [ 113.983067][ T9823] ldm_validate_partition_table(): Disk read failed. [ 113.985433][ T9823] Buffer I/O error on dev loop5, logical block 0, async page read [ 113.988389][ T9823] Buffer I/O error on dev loop5, logical block 0, async page read [ 113.991265][ T9823] Buffer I/O error on dev loop5, logical block 0, async page read [ 113.994221][ T9823] Dev loop5: unable to read RDB block 0 [ 113.996560][ T9823] loop5: unable to read partition table [ 114.002305][ T9823] loop5: partition table beyond EOD, truncated [ 114.004247][ T9823] loop_reread_partitions: partition scan of loop5 (被xڬdƤݡ [ 114.004247][ T9823] ) failed (rc=-5) [ 114.060839][ T1463] IPVS: starting estimator thread 0... [ 114.166907][ T9832] IPVS: using max 46 ests per chain, 110400 per kthread [ 114.485102][ T40] kauditd_printk_skb: 200 callbacks suppressed [ 114.485117][ T40] audit: type=1326 audit(1744284051.638:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1662" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 114.496794][ T40] audit: type=1326 audit(1744284051.638:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1662" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 114.503243][ T40] audit: type=1326 audit(1744284051.638:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1662" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f845a7 code=0x7ffc0000 [ 114.513447][ T40] audit: type=1326 audit(1744284051.638:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1662" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 114.521597][ T40] audit: type=1326 audit(1744284051.638:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1662" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f845a7 code=0x7ffc0000 [ 114.529517][ T40] audit: type=1326 audit(1744284051.638:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1662" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 114.537191][ T40] audit: type=1326 audit(1744284051.638:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1662" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f845a7 code=0x7ffc0000 [ 114.545335][ T40] audit: type=1326 audit(1744284051.638:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1662" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 114.553067][ T40] audit: type=1326 audit(1744284051.638:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1662" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f845a7 code=0x7ffc0000 [ 114.557124][ T835] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 114.560562][ T40] audit: type=1326 audit(1744284051.638:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1662" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 114.706997][ T835] usb 9-1: Using ep0 maxpacket: 16 [ 114.711973][ T835] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 114.714793][ T835] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 114.719177][ T835] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 114.725257][ T835] usb 9-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 114.729238][ T835] usb 9-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 114.732101][ T835] usb 9-1: Manufacturer: syz [ 114.735352][ T835] usb 9-1: config 0 descriptor?? [ 114.836757][ T9905] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1680'. [ 114.963644][ T1463] usb 9-1: USB disconnect, device number 3 [ 115.201890][ T9950] gtp0: entered promiscuous mode [ 115.203354][ T9950] gtp0: entered allmulticast mode [ 115.444513][ T9970] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1708'. [ 115.508795][ T9976] input: syz1 as /devices/virtual/input/input19 [ 116.050950][T10017] netlink: 'syz.4.1729': attribute type 10 has an invalid length. [ 116.054289][T10017] bridge0: port 2(bridge_slave_1) entered disabled state [ 116.056551][T10017] bridge0: port 1(bridge_slave_0) entered disabled state [ 116.062636][T10017] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.064641][T10017] bridge0: port 2(bridge_slave_1) entered forwarding state [ 116.066843][T10017] bridge0: port 1(bridge_slave_0) entered blocking state [ 116.068813][T10017] bridge0: port 1(bridge_slave_0) entered forwarding state [ 116.073315][T10017] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 116.075764][T10019] bridge0: entered allmulticast mode [ 116.754207][T10037] wireguard0: entered promiscuous mode [ 116.756283][T10037] wireguard0: entered allmulticast mode [ 117.003094][T10042] tap0: tun_chr_ioctl cmd 1074025678 [ 117.004705][T10042] tap0: group set to 0 [ 117.461053][T10050] netlink: 'syz.3.1744': attribute type 10 has an invalid length. [ 117.463851][T10050] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.466376][T10050] bridge0: port 1(bridge_slave_0) entered disabled state [ 117.475429][T10050] bridge0: port 2(bridge_slave_1) entered blocking state [ 117.478076][T10050] bridge0: port 2(bridge_slave_1) entered forwarding state [ 117.480339][T10050] bridge0: port 1(bridge_slave_0) entered blocking state [ 117.482518][T10050] bridge0: port 1(bridge_slave_0) entered forwarding state [ 117.486370][T10050] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 117.899514][T10063] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1750'. [ 118.378149][T10070] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1754'. [ 118.566108][T10075] wireguard: wg1: Could not create IPv4 socket [ 118.670251][T10085] mkiss: ax0: crc mode is auto. [ 118.773320][T10088] mkiss: ax0: crc mode is auto. [ 119.026960][T10113] delete_channel: no stack [ 119.029901][T10112] delete_channel: no stack [ 119.104082][T10124] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1780'. [ 119.321618][T10150] vxcan0: tx address claim with dest, not broadcast [ 120.345368][ T40] kauditd_printk_skb: 224 callbacks suppressed [ 120.345378][ T40] audit: type=1326 audit(1744284057.498:1433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10201 comm="syz.1.1815" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 120.353715][ T40] audit: type=1326 audit(1744284057.498:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10201 comm="syz.1.1815" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 120.359588][ T40] audit: type=1326 audit(1744284057.508:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10201 comm="syz.1.1815" exe="/syz-executor" sig=0 arch=40000003 syscall=448 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 120.364784][ T40] audit: type=1326 audit(1744284057.508:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10201 comm="syz.1.1815" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 120.371141][ T40] audit: type=1326 audit(1744284057.508:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10201 comm="syz.1.1815" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 121.094387][T10272] netlink: 'syz.1.1848': attribute type 11 has an invalid length. [ 122.313674][ T40] audit: type=1804 audit(1744284059.468:1438): pid=10309 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm=6C2586CE36DB0CCF197CC94F7FCE8F name="/newroot/524/file0" dev="tmpfs" ino=2693 res=1 errno=0 [ 122.501306][T10324] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1872'. [ 122.989116][T10348] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1883'. [ 123.038900][T10353] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 123.041041][T10353] IPv6: NLM_F_CREATE should be set when creating new route [ 123.294688][T10382] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1899'. [ 123.658586][T10414] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1914'. [ 123.660976][T10414] netlink: 'syz.1.1914': attribute type 30 has an invalid length. [ 123.667528][T10414] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 123.670909][T10414] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 123.674043][T10414] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 123.678927][T10414] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 124.461927][T10462] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1935'. [ 124.470543][T10462] bond0: entered promiscuous mode [ 124.472345][T10462] bond_slave_0: entered promiscuous mode [ 124.474945][T10462] bond_slave_1: entered promiscuous mode [ 124.479306][T10462] batadv0: entered promiscuous mode [ 124.482593][T10462] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 124.534937][T10468] sp0: Synchronizing with TNC [ 125.271145][T10523] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.419760][T10534] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1972'. [ 125.436763][T10534] netlink: 'syz.4.1972': attribute type 5 has an invalid length. [ 125.439065][T10534] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1972'. [ 125.461161][ T40] audit: type=1326 audit(1744284062.618:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10536 comm="syz.3.1973" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 125.467926][ T40] audit: type=1326 audit(1744284062.618:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10536 comm="syz.3.1973" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 125.473767][ T40] audit: type=1326 audit(1744284062.618:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10536 comm="syz.3.1973" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 125.480146][ T40] audit: type=1326 audit(1744284062.618:1442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10536 comm="syz.3.1973" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f845a7 code=0x7ffc0000 [ 125.485885][ T40] audit: type=1326 audit(1744284062.618:1443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10536 comm="syz.3.1973" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 125.491729][ T40] audit: type=1326 audit(1744284062.618:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10536 comm="syz.3.1973" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f845a7 code=0x7ffc0000 [ 125.497855][ T40] audit: type=1326 audit(1744284062.618:1445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10536 comm="syz.3.1973" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 125.504035][ T40] audit: type=1326 audit(1744284062.618:1446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10536 comm="syz.3.1973" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f845a7 code=0x7ffc0000 [ 125.511227][ T40] audit: type=1326 audit(1744284062.618:1447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10536 comm="syz.3.1973" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 125.516981][ T40] audit: type=1326 audit(1744284062.618:1448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10536 comm="syz.3.1973" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f845a7 code=0x7ffc0000 [ 126.697075][T10587] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1997'. [ 126.725418][ T5992] hid-generic C990:0003:0000.0003: unknown main item tag 0x0 [ 126.728739][ T5992] hid-generic C990:0003:0000.0003: unknown main item tag 0x0 [ 126.738177][ T5992] hid-generic C990:0003:0000.0003: hidraw1: HID v0.00 Device [syz0] on syz1 [ 126.748021][T10593] netlink: 'syz.4.2000': attribute type 16 has an invalid length. [ 126.750305][T10593] netlink: 'syz.4.2000': attribute type 3 has an invalid length. [ 126.752524][T10593] netlink: 64066 bytes leftover after parsing attributes in process `syz.4.2000'. [ 126.828482][T10600] can0: slcan on ttyprintk. [ 126.928173][T10599] can0 (unregistered): slcan off ttyprintk. [ 127.882047][T10706] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 127.885837][T10706] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.888823][T10706] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 127.891748][T10706] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.895109][T10706] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 127.899016][T10706] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.901764][T10706] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 127.904842][T10706] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 129.163978][T10739] bridge_slave_0: invalid flags given to default FDB implementation [ 129.194546][T10741] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 129.354792][T10746] bridge_slave_0: entered promiscuous mode [ 129.523745][T10756] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2074'. [ 130.257064][ T5990] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 130.417181][ T5990] usb 9-1: Using ep0 maxpacket: 16 [ 130.423104][ T5990] usb 9-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 130.425702][ T5990] usb 9-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 130.429001][ T5990] usb 9-1: Product: syz [ 130.430288][ T5990] usb 9-1: Manufacturer: syz [ 130.432124][ T5990] usb 9-1: SerialNumber: syz [ 130.435254][ T5990] usb 9-1: config 0 descriptor?? [ 130.443753][T10827] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2105'. [ 130.456492][T10827] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2105'. [ 130.459572][T10827] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2105'. [ 130.643616][ T835] usb 9-1: USB disconnect, device number 4 [ 130.694722][T10850] loop8: detected capacity change from 0 to 1 [ 130.699310][T10850] Dev loop8: unable to read RDB block 1 [ 130.701511][T10850] loop8: unable to read partition table [ 130.703791][T10850] loop8: partition table beyond EOD, truncated [ 130.706139][T10850] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 130.937193][ T1463] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 131.098892][ T1463] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 131.104159][ T1463] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 131.106724][ T1463] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 131.108854][ T1463] usb 6-1: SerialNumber: syz [ 131.284209][ T68] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 131.288236][ T68] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 131.291420][ T68] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 131.294548][ T68] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 131.298033][ T68] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 131.431514][T10863] chnl_net:caif_netlink_parms(): no params data found [ 131.512726][T10863] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.514934][T10863] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.517364][T10863] bridge_slave_0: entered allmulticast mode [ 131.520314][T10863] bridge_slave_0: entered promiscuous mode [ 131.523144][T10863] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.525201][T10863] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.529095][T10863] bridge_slave_1: entered allmulticast mode [ 131.531603][T10863] bridge_slave_1: entered promiscuous mode [ 131.533751][T10887] netlink: 116 bytes leftover after parsing attributes in process `syz.3.2130'. [ 131.576112][T10863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 131.581121][T10863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 131.623646][T10863] team0: Port device team_slave_0 added [ 131.629833][T10863] team0: Port device team_slave_1 added [ 131.665325][T10863] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 131.667711][T10863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 131.675083][T10863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 131.679252][T10863] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 131.681219][T10863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 131.688767][T10863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 131.735248][T10863] hsr_slave_0: entered promiscuous mode [ 131.737984][T10863] hsr_slave_1: entered promiscuous mode [ 131.740292][T10863] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 131.742981][T10863] Cannot create hsr debugfs directory [ 131.860632][T10863] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 131.864658][T10863] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 131.875932][T10863] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 131.882660][T10912] mkiss: ax0: crc mode is auto. [ 131.882667][T10863] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 131.898499][T10863] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.900490][T10863] bridge0: port 2(bridge_slave_1) entered forwarding state [ 131.902586][T10863] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.904540][T10863] bridge0: port 1(bridge_slave_0) entered forwarding state [ 131.926850][ T1463] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71 [ 131.930487][ T1463] usb 6-1: USB disconnect, device number 5 [ 131.933923][T10863] 8021q: adding VLAN 0 to HW filter on device bond0 [ 131.941729][ T1137] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.945850][ T1137] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.961653][T10916] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2143'. [ 131.962613][T10863] 8021q: adding VLAN 0 to HW filter on device team0 [ 131.970621][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.973239][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 131.980808][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.982933][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 132.096244][T10863] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 132.146227][ T5990] kernel write not supported for file /media2 (pid: 5990 comm: kworker/3:3) [ 132.206554][T10863] veth0_vlan: entered promiscuous mode [ 132.216517][T10863] veth1_vlan: entered promiscuous mode [ 132.241797][T10863] veth0_macvtap: entered promiscuous mode [ 132.245202][T10863] veth1_macvtap: entered promiscuous mode [ 132.259011][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 132.263375][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.267762][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 132.271037][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.274692][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 132.278757][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.282923][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 132.287118][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.293931][T10863] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 132.303600][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.308241][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.312057][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.315807][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.318789][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.321664][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.324443][T10863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.327804][T10863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.334065][T10863] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 132.341565][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.347690][T10863] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.350161][T10863] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.352544][T10863] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.354875][T10863] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.399602][ T1137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 132.401800][ T1137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 132.416015][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 132.421159][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 132.731270][ T835] hid-generic C990:0003:3E71.0004: unknown main item tag 0x0 [ 132.734248][ T835] hid-generic C990:0003:3E71.0004: unknown main item tag 0x0 [ 132.739320][ T835] hid-generic C990:0003:3E71.0004: hidraw1: HID v100000.00 Device [syz0] on syz1 [ 132.909353][ T40] kauditd_printk_skb: 44 callbacks suppressed [ 132.909367][ T40] audit: type=1326 audit(1744284070.068:1493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11002 comm="syz.5.2176" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000 [ 132.931390][ T40] audit: type=1326 audit(1744284070.068:1494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11002 comm="syz.5.2176" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000 [ 132.939599][ T40] audit: type=1326 audit(1744284070.078:1495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11002 comm="syz.5.2176" exe="/syz-executor" sig=0 arch=40000003 syscall=448 compat=1 ip=0xf7f88579 code=0x7ffc0000 [ 132.947934][ T40] audit: type=1326 audit(1744284070.078:1496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11002 comm="syz.5.2176" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000 [ 132.955787][ T40] audit: type=1326 audit(1744284070.078:1497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11002 comm="syz.5.2176" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000 [ 133.010370][T11009] netlink: 168 bytes leftover after parsing attributes in process `syz.5.2180'. [ 133.377028][ T5954] Bluetooth: hci4: command tx timeout [ 133.628261][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 133.698480][T11075] netlink: 'syz.4.2210': attribute type 11 has an invalid length. [ 133.822814][T11092] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 133.883997][T11100] netlink: 'syz.5.2222': attribute type 11 has an invalid length. [ 133.910170][T11103] netlink: 'syz.5.2229': attribute type 25 has an invalid length. [ 133.912408][T11103] netlink: 'syz.5.2229': attribute type 6 has an invalid length. [ 134.257334][ T835] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 134.524438][T11132] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2236'. [ 134.726586][T11142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2241'. [ 134.971689][T11161] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 134.972111][T11162] loop4: detected capacity change from 0 to 524255232 [ 135.299117][ T835] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 135.456804][ T5954] Bluetooth: hci4: command tx timeout [ 135.537132][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 135.797589][T11233] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2281'. [ 136.058868][T11258] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 136.123728][T11266] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2293'. [ 136.339629][ T64] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 136.406192][T11282] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2299'. [ 136.424419][T11284] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2302'. [ 136.498559][ T5990] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 137.186773][ T9] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 137.362283][T11327] trusted_key: encrypted_key: keyword 'updat' not recognized [ 137.366797][ T9] usb 9-1: Using ep0 maxpacket: 16 [ 137.374549][ T9] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 137.377970][ T835] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 137.378489][ T9] usb 9-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 137.387527][ T9] usb 9-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a [ 137.390845][ T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.393795][ T9] usb 9-1: Product: syz [ 137.395583][ T9] usb 9-1: Manufacturer: syz [ 137.397508][ T9] usb 9-1: SerialNumber: syz [ 137.401247][ T9] usb 9-1: config 0 descriptor?? [ 137.537067][ T5954] Bluetooth: hci4: command tx timeout [ 137.612649][ T64] usb 9-1: USB disconnect, device number 5 [ 138.419473][ T64] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 138.419576][T11413] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2360'. [ 138.654500][T11440] netlink: 872 bytes leftover after parsing attributes in process `syz.3.2371'. [ 138.697441][T11447] sp0: Synchronizing with TNC [ 138.708934][ T40] audit: type=1326 audit(1744284588.866:1498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11448 comm="syz.3.2377" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 138.715139][ T40] audit: type=1326 audit(1744284588.866:1499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11448 comm="syz.3.2377" exe="/syz-executor" sig=0 arch=40000003 syscall=76 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 138.723024][ T40] audit: type=1326 audit(1744284588.866:1500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11448 comm="syz.3.2377" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 138.731132][ T40] audit: type=1326 audit(1744284588.866:1501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11448 comm="syz.3.2377" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x7ffc0000 [ 138.743725][ T5994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 138.822732][T11459] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 138.941696][T11479] sp0: Synchronizing with TNC [ 138.981598][T11483] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2393'. [ 138.986982][T11483] bond0: entered promiscuous mode [ 138.988405][T11483] bond_slave_0: entered promiscuous mode [ 138.990114][T11483] bond_slave_1: entered promiscuous mode [ 138.991774][T11483] bridge0: entered promiscuous mode [ 138.994214][T11483] batadv0: entered promiscuous mode [ 138.996099][T11483] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 138.999116][T11483] Cannot create hsr debugfs directory [ 139.001856][T11483] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 139.068492][T11492] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2397'. [ 139.357550][ T64] e1000 0000:00:06.0 eth0: Reset adapter [ 139.444839][T11516] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 139.457722][ T835] e1000 0000:00:06.0 eth0: Reset adapter [ 139.459498][ T64] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 139.536874][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 139.567707][ T835] e1000 0000:00:06.0 eth0: Reset adapter [ 139.585819][T11523] 9pnet: p9_errstr2errno: server reported unknown error [ 139.617201][ T5954] Bluetooth: hci4: command tx timeout [ 139.789994][ T34] kernel read not supported for file /dsp (pid: 34 comm: kworker/3:0) [ 139.908815][ T835] kernel read not supported for file /dsp1 (pid: 835 comm: kworker/2:2) [ 140.497741][ T64] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 140.657844][ T1463] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 140.660856][ T835] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 141.537597][ T64] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 141.698480][ T64] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 142.579243][ T835] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 143.616936][ T835] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 144.497198][ T76] net_ratelimit: 1 callbacks suppressed [ 144.497214][ T76] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 144.657494][ T835] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 145.697358][ T835] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 146.737327][ T64] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 146.739642][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 147.697904][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 147.777203][ T835] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 148.338961][ T5994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 148.817544][ T835] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 149.777051][ T836] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 149.857221][ T64] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.257832][ T76] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 150.321567][ T40] audit: type=1326 audit(1744285113.477:1502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11559 comm="syz.5.2414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000 [ 150.332366][ T40] audit: type=1326 audit(1744285113.477:1503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11559 comm="syz.5.2414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000 [ 150.340131][ T40] audit: type=1326 audit(1744285113.487:1504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11559 comm="syz.5.2414" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7f88579 code=0x7ffc0000 [ 150.346019][ T40] audit: type=1326 audit(1744285113.487:1505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11559 comm="syz.5.2414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000 [ 150.352062][ T40] audit: type=1326 audit(1744285113.487:1506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11559 comm="syz.5.2414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000 [ 150.358755][ T40] audit: type=1326 audit(1744285113.487:1507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11559 comm="syz.5.2414" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f88579 code=0x7ffc0000 [ 150.364944][ T40] audit: type=1326 audit(1744285113.507:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11559 comm="syz.5.2414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88579 code=0x7ffc0000 [ 150.474934][T11577] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2425'. [ 150.511662][T11586] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2429'. [ 150.542386][T11591] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2431'. [ 150.546333][T11592] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2432'. [ 150.715607][T11605] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2438'. [ 150.720407][T11605] netlink: 'syz.3.2438': attribute type 5 has an invalid length. [ 150.773495][T11615] ntfs3(nullb0): Primary boot signature is not NTFS. [ 150.778228][T11615] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00 [ 150.896900][ T64] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 151.140144][T11643] ntfs3(nullb0): Primary boot signature is not NTFS. [ 151.142176][T11643] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00 [ 151.334958][T11664] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2466'. [ 151.937543][ T64] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 152.032466][ T40] audit: type=1326 audit(1744285115.187:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11650 comm="syz.1.2460" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7fc00000 [ 152.537800][ T64] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 152.635833][T11702] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2481'. [ 152.787497][T11713] IPVS: persistence engine module ip_vs_pe_ not found [ 152.817588][ T5954] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 152.818319][ T34] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 152.827324][ T68] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 152.829563][ T5954] Bluetooth: hci6: command 0x1003 tx timeout [ 152.858027][ T64] kernel read not supported for file /dsp (pid: 64 comm: kworker/2:1) [ 152.977231][ T835] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 154.017165][ T64] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 154.097727][ T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 154.737344][ T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 155.057617][ T5992] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 155.385571][ T5992] ================================================================== [ 155.388376][ T5992] BUG: KASAN: slab-use-after-free in __mutex_lock+0xa65/0xb90 [ 155.390730][ T5992] Read of size 8 at addr ffff888013736b20 by task kworker/2:4/5992 [ 155.394013][ T5992] [ 155.394890][ T5992] CPU: 2 UID: 0 PID: 5992 Comm: kworker/2:4 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 155.394904][ T5992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 155.394912][ T5992] Workqueue: events l2cap_chan_timeout [ 155.394926][ T5992] Call Trace: [ 155.394931][ T5992] [ 155.394935][ T5992] dump_stack_lvl+0x116/0x1f0 [ 155.394950][ T5992] print_report+0xc3/0x670 [ 155.394959][ T5992] ? __virt_addr_valid+0x5e/0x590 [ 155.394974][ T5992] ? __phys_addr+0xc6/0x150 [ 155.394988][ T5992] ? __mutex_lock+0xa65/0xb90 [ 155.395001][ T5992] kasan_report+0xe0/0x110 [ 155.395009][ T5992] ? __mutex_lock+0xa65/0xb90 [ 155.395024][ T5992] __mutex_lock+0xa65/0xb90 [ 155.395038][ T5992] ? l2cap_chan_timeout+0x6d/0x310 [ 155.395048][ T5992] ? __pfx___mutex_lock+0x10/0x10 [ 155.395064][ T5992] ? lock_acquire+0x62/0x350 [ 155.395074][ T5992] ? l2cap_chan_timeout+0x6d/0x310 [ 155.395083][ T5992] l2cap_chan_timeout+0x6d/0x310 [ 155.395093][ T5992] process_one_work+0x9cc/0x1b70 [ 155.395112][ T5992] ? __pfx_defense_work_handler+0x10/0x10 [ 155.395126][ T5992] ? __pfx_process_one_work+0x10/0x10 [ 155.395138][ T5992] ? assign_work+0x1a0/0x250 [ 155.395149][ T5992] worker_thread+0x6c8/0xf10 [ 155.395161][ T5992] ? __kthread_parkme+0x19e/0x250 [ 155.395176][ T5992] ? __pfx_worker_thread+0x10/0x10 [ 155.395186][ T5992] kthread+0x3c2/0x780 [ 155.395196][ T5992] ? __pfx_kthread+0x10/0x10 [ 155.395205][ T5992] ? __pfx_kthread+0x10/0x10 [ 155.395214][ T5992] ? __pfx_kthread+0x10/0x10 [ 155.395223][ T5992] ? __pfx_kthread+0x10/0x10 [ 155.395231][ T5992] ? rcu_is_watching+0x12/0xc0 [ 155.395244][ T5992] ? __pfx_kthread+0x10/0x10 [ 155.395253][ T5992] ret_from_fork+0x45/0x80 [ 155.395264][ T5992] ? __pfx_kthread+0x10/0x10 [ 155.395273][ T5992] ret_from_fork_asm+0x1a/0x30 [ 155.395291][ T5992] [ 155.395294][ T5992] [ 155.445410][ T5992] Allocated by task 9903: [ 155.446589][ T5992] kasan_save_stack+0x33/0x60 [ 155.447871][ T5992] kasan_save_track+0x14/0x30 [ 155.449186][ T5992] __kasan_kmalloc+0xaa/0xb0 [ 155.450470][ T5992] l2cap_conn_add.part.0+0x60/0xa60 [ 155.452080][ T5992] l2cap_chan_connect+0x15e5/0x2020 [ 155.453475][ T5992] l2cap_sock_connect+0x3b7/0x740 [ 155.454848][ T5992] kernel_connect+0x104/0x180 [ 155.456112][ T5992] rfcomm_dlc_open+0x821/0xaa0 [ 155.457390][ T5992] rfcomm_sock_connect+0x423/0x670 [ 155.458763][ T5992] __sys_connect_file+0x13e/0x1a0 [ 155.460234][ T5992] __sys_connect+0x14d/0x170 [ 155.461460][ T5992] __ia32_sys_connect+0x71/0xb0 [ 155.462718][ T5992] __do_fast_syscall_32+0x73/0x120 [ 155.464105][ T5992] do_fast_syscall_32+0x32/0x80 [ 155.465481][ T5992] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 155.467165][ T5992] [ 155.467826][ T5992] Freed by task 10025: [ 155.468912][ T5992] kasan_save_stack+0x33/0x60 [ 155.470179][ T5992] kasan_save_track+0x14/0x30 [ 155.471452][ T5992] kasan_save_free_info+0x3b/0x60 [ 155.472761][ T5992] __kasan_slab_free+0x51/0x70 [ 155.474027][ T5992] kfree+0x2b6/0x4d0 [ 155.475078][ T5992] l2cap_conn_del+0x59c/0x730 [ 155.476309][ T5992] l2cap_disconn_cfm+0x96/0xd0 [ 155.477575][ T5992] hci_conn_hash_flush+0x10b/0x260 [ 155.478944][ T5992] hci_dev_reset+0x1ee/0x530 [ 155.480468][ T5992] hci_sock_ioctl+0x493/0x7d0 [ 155.481867][ T5992] hci_sock_compat_ioctl+0x43/0x80 [ 155.483163][ T5992] compat_sock_ioctl+0x173/0x7c0 [ 155.484452][ T5992] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 155.485952][ T5992] __do_fast_syscall_32+0x73/0x120 [ 155.487662][ T5992] do_fast_syscall_32+0x32/0x80 [ 155.489184][ T5992] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 155.490980][ T5992] [ 155.491703][ T5992] The buggy address belongs to the object at ffff888013736800 [ 155.491703][ T5992] which belongs to the cache kmalloc-1k of size 1024 [ 155.495813][ T5992] The buggy address is located 800 bytes inside of [ 155.495813][ T5992] freed 1024-byte region [ffff888013736800, ffff888013736c00) [ 155.499481][ T5992] [ 155.500223][ T5992] The buggy address belongs to the physical page: [ 155.502055][ T5992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x13730 [ 155.504719][ T5992] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 155.507465][ T5992] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 155.509593][ T5992] page_type: f5(slab) [ 155.510831][ T5992] raw: 00fff00000000040 ffff88801b442dc0 dead000000000100 dead000000000122 [ 155.513264][ T5992] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 155.515547][ T5992] head: 00fff00000000040 ffff88801b442dc0 dead000000000100 dead000000000122 [ 155.517830][ T5992] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 155.520244][ T5992] head: 00fff00000000003 ffffea00004dcc01 00000000ffffffff 00000000ffffffff [ 155.522532][ T5992] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 155.524806][ T5992] page dumped because: kasan: bad access detected [ 155.526520][ T5992] page_owner tracks the page as allocated [ 155.528026][ T5992] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 0, tgid 0 (swapper/2), ts 81300656050, free_ts 81299510050 [ 155.532860][ T5992] post_alloc_hook+0x181/0x1b0 [ 155.534167][ T5992] get_page_from_freelist+0x1193/0x39b0 [ 155.535622][ T5992] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 155.537203][ T5992] alloc_pages_mpol+0x1fb/0x550 [ 155.538506][ T5992] new_slab+0x23c/0x330 [ 155.539606][ T5992] ___slab_alloc+0xd9c/0x1940 [ 155.540887][ T5992] __slab_alloc.constprop.0+0x56/0xb0 [ 155.542289][ T5992] __kmalloc_noprof+0x2f2/0x510 [ 155.543554][ T5992] ___neigh_create+0x14e6/0x28c0 [ 155.544902][ T5992] ndisc_router_discovery+0x1413/0x3550 [ 155.546377][ T5992] ndisc_rcv+0x3fa/0x620 [ 155.547498][ T5992] icmpv6_rcv+0x17c6/0x1c50 [ 155.548724][ T5992] ip6_protocol_deliver_rcu+0xf86/0x1520 [ 155.550240][ T5992] ip6_input_finish+0x102/0x180 [ 155.551524][ T5992] ip6_input+0x105/0x2f0 [ 155.552709][ T5992] ip6_mc_input+0x465/0xfd0 [ 155.553961][ T5992] page last free pid 1137 tgid 1137 stack trace: [ 155.555639][ T5992] __free_frozen_pages+0x69d/0xff0 [ 155.557082][ T5992] __put_partials+0x16d/0x1c0 [ 155.558407][ T5992] qlist_free_all+0x4e/0x120 [ 155.559726][ T5992] kasan_quarantine_reduce+0x195/0x1e0 [ 155.561246][ T5992] __kasan_slab_alloc+0x69/0x90 [ 155.562627][ T5992] kmem_cache_alloc_node_noprof+0x1d5/0x3b0 [ 155.564263][ T5992] __alloc_skb+0x2b2/0x380 [ 155.565536][ T5992] mld_newpack.isra.0+0x18e/0xa20 [ 155.566945][ T5992] add_grhead+0x299/0x340 [ 155.568179][ T5992] add_grec+0x112a/0x1680 [ 155.569460][ T5992] mld_send_initial_cr.part.0+0xe2/0x260 [ 155.571033][ T5992] ipv6_mc_dad_complete+0x22c/0x2b0 [ 155.572393][ T5992] addrconf_dad_completed+0xbb8/0x10d0 [ 155.573868][ T5992] addrconf_dad_work+0x84d/0x14e0 [ 155.575243][ T5992] process_one_work+0x9cc/0x1b70 [ 155.576573][ T5992] worker_thread+0x6c8/0xf10 [ 155.577861][ T5992] [ 155.578504][ T5992] Memory state around the buggy address: [ 155.579979][ T5992] ffff888013736a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 155.582123][ T5992] ffff888013736a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 155.584235][ T5992] >ffff888013736b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 155.586382][ T5992] ^ [ 155.587708][ T5992] ffff888013736b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 155.589837][ T5992] ffff888013736c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 155.591948][ T5992] ================================================================== [ 155.594127][ C2] vkms_vblank_simulate: vblank timer overrun [ 155.596421][ T5992] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 155.598358][ T5992] CPU: 2 UID: 0 PID: 5992 Comm: kworker/2:4 Not tainted 6.15.0-rc1-syzkaller-00065-g3b07108ada81 #0 PREEMPT(full) [ 155.601533][ T5992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 155.604397][ T5992] Workqueue: events l2cap_chan_timeout [ 155.605841][ T5992] Call Trace: [ 155.606730][ T5992] [ 155.607527][ T5992] dump_stack_lvl+0x3d/0x1f0 [ 155.608754][ T5992] panic+0x71c/0x800 [ 155.609952][ T5992] ? __pfx_panic+0x10/0x10 [ 155.611145][ T5992] ? mark_held_locks+0x49/0x80 [ 155.612375][ T5992] ? __mutex_lock+0xa65/0xb90 [ 155.613618][ T5992] ? check_panic_on_warn+0x1f/0xb0 [ 155.614953][ T5992] ? __mutex_lock+0xa65/0xb90 [ 155.616164][ T5992] check_panic_on_warn+0xab/0xb0 [ 155.617442][ T5992] end_report+0x107/0x170 [ 155.618624][ T5992] kasan_report+0xee/0x110 [ 155.619805][ T5992] ? __mutex_lock+0xa65/0xb90 [ 155.621084][ T5992] __mutex_lock+0xa65/0xb90 [ 155.622361][ T5992] ? l2cap_chan_timeout+0x6d/0x310 [ 155.623798][ T5992] ? __pfx___mutex_lock+0x10/0x10 [ 155.625210][ T5992] ? lock_acquire+0x62/0x350 [ 155.626496][ T5992] ? l2cap_chan_timeout+0x6d/0x310 [ 155.627909][ T5992] l2cap_chan_timeout+0x6d/0x310 [ 155.629359][ T5992] process_one_work+0x9cc/0x1b70 [ 155.630749][ T5992] ? __pfx_defense_work_handler+0x10/0x10 [ 155.632362][ T5992] ? __pfx_process_one_work+0x10/0x10 [ 155.633863][ T5992] ? assign_work+0x1a0/0x250 [ 155.635447][ T5992] worker_thread+0x6c8/0xf10 [ 155.636711][ T5992] ? __kthread_parkme+0x19e/0x250 [ 155.638068][ T5992] ? __pfx_worker_thread+0x10/0x10 [ 155.639420][ T5992] kthread+0x3c2/0x780 [ 155.640628][ T5992] ? __pfx_kthread+0x10/0x10 [ 155.641883][ T5992] ? __pfx_kthread+0x10/0x10 [ 155.643150][ T5992] ? __pfx_kthread+0x10/0x10 [ 155.644412][ T5992] ? __pfx_kthread+0x10/0x10 [ 155.645656][ T5992] ? rcu_is_watching+0x12/0xc0 [ 155.646930][ T5992] ? __pfx_kthread+0x10/0x10 [ 155.648184][ T5992] ret_from_fork+0x45/0x80 [ 155.649429][ T5992] ? __pfx_kthread+0x10/0x10 [ 155.650762][ T5992] ret_from_fork_asm+0x1a/0x30 [ 155.652064][ T5992] [ 155.653487][ T5992] Kernel Offset: disabled [ 155.654649][ T5992] Rebooting in 86400 seconds.. VM DIAGNOSIS: 11:12:59 Registers: info registers vcpu 0 CPU#0 RAX=0000000000160171 RBX=0000000000000000 RCX=ffffffff8b6ff439 RDX=0000000000000000 RSI=ffffffff8dbeaf36 RDI=ffffffff8bf451c0 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10 R8 =0000000000000001 R9 =ffffed10056465bd R10=ffff88802b232deb R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90867310 R15=0000000000000000 RIP=ffffffff8b6fdccf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880977b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffd7dddd718 CR3=000000006b44c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000062003 Opmask01=00000000011000d0 Opmask02=000000000fffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000030687465 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd7ddcd4e0 0000003000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff0000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff0000000000ff00 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 50422064656e7761 7073203a73250050 5241006e65706f5f 667062203a732500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 50420541404b5244 5556051f56000050 5241004b40554a5f 435547051f560000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00306e6170772f74 656e2f307968702f 3435313230386565 65692f6d69737768 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 0700000000000029 00316e6170772f74 656e2f317968702f ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 000055986a07c233 73656d5f70636864 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 725f0f22cecb6661 72610f7dfaed737f 656775fb7b77ffff 7f7f7d7f75777965 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0073253a73252d73 253a73252d732500 73252d7325007473 65757165726f6e20 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 0000726565666965 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 00006d5f65636864 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbf2b313423342c ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 info registers vcpu 1 CPU#1 RAX=00000000000eed69 RBX=0000000000000001 RCX=ffffffff8b6ff439 RDX=0000000000000000 RSI=ffffffff8dbeaf36 RDI=ffffffff8bf451c0 RBP=ffffed1003b57488 RSP=ffffc9000046fdf8 R8 =0000000000000001 R9 =ffffed10056665bd R10=ffff88802b332deb R11=0000000000000000 R12=0000000000000001 R13=ffff88801daba440 R14=ffffffff90867310 R15=0000000000000000 RIP=ffffffff8b6fdccf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880978b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffd7ddc9590 CR3=000000004d3f4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000004040101 Opmask01=0000000001100000 Opmask02=000000000fffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd7dded470 0000003000000010 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd7dded470 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff0000ffffffff ffff000000ff0000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5548474900000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5548474953004d52 4c4147495300424b 4c56444049405700 4d52455447495300 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00306e6170772f74 656e2f307968702f 3435313230386565 65692f6d69737768 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 0700000000000029 00316e6170772f74 656e2f317968702f ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 000055986a07c233 73656d5f70636864 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 725f0f22cecb6661 72610f7dfaed737f 656775fb7b77ffff 7f7f7d7f75777965 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0073253a73252d73 253a73252d732500 73252d7325007473 65757165726f6e20 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 0000726565666965 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 00006d5f65636864 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbf2b313423342c ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 info registers vcpu 2 CPU#2 RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854bd005 RDI=ffffffff9ae12bc0 RBP=ffffffff9ae12b80 RSP=ffffc90004fef550 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3130383838666666 R12=0000000000000000 R13=0000000000000035 R14=ffffffff9ae12b80 R15=ffffffff854bcfa0 RIP=ffffffff854bd02f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880979b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffd7ddeb418 CR3=0000000026a0a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000004040101 Opmask01=0000000000000000 Opmask02=000000000fffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd7dded470 0000003000000010 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd7dded470 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff0000ffffffff ffff000000ff0000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5548474900000005 0000000700000000 0000000000000000 0f02000a00000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5548474953004d52 4c4147495300424b 4c56444049405700 4d52455447495300 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00306e6170772f74 656e2f307968702f 3435313230386565 65692f6d69737768 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 0700000000000029 00316e6170772f74 656e2f317968702f ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 000055986a07c233 73656d5f70636864 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 725f0f22cecb6661 72610f7dfaed737f 656775fb7b77ffff 7f7f7d7f75777965 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0073253a73252d73 253a73252d732500 73252d7325007473 65757165726f6e20 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 0000726565666965 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 00006d5f65636864 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbf2b313423342c ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 info registers vcpu 3 CPU#3 RAX=000000000010c233 RBX=0000000000000003 RCX=ffffffff8b6ff439 RDX=0000000000000000 RSI=ffffffff8dbeaf36 RDI=ffffffff8bf451c0 RBP=ffffed1003b5a000 RSP=ffffc9000048fdf8 R8 =0000000000000001 R9 =ffffed10056a65bd R10=ffff88802b532deb R11=0000000000000000 R12=0000000000000003 R13=ffff88801dad0000 R14=ffffffff90867310 R15=0000000000000000 RIP=ffffffff8b6fdccf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097ab9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f47baae1300 CR3=0000000026a0a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000062003 Opmask01=00000000011000d0 Opmask02=000000000fffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000030687465 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd7ddcd4e0 0000003000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e2e2e2e2e2e2e2e 2e2e2e2e2e2e2e2e ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000ff0000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff0000000000ff00 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 50422064656e7761 7073203a73250050 5241006e65706f5f 667062203a732500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 50420541404b5244 5556051f56000050 5241004b40554a5f 435547051f560000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00306e6170772f74 656e2f307968702f 3435313230386565 65692f6d69737768 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 0700000000000029 00316e6170772f74 656e2f317968702f ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 000055986a07c233 73656d5f70636864 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 725f0f22cecb6661 72610f7dfaed737f 656775fb7b77ffff 7f7f7d7f75777965 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0073253a73252d73 253a73252d732500 73252d7325007473 65757165726f6e20 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 0000726565666965 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000000 0000000000000031 00006d5f65636864 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbf2b313423342c ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020