last executing test programs: 5.19041162s ago: executing program 3 (id=1011): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCAPPLICATION(r1, 0x4802, 0x0) 3.188481262s ago: executing program 1 (id=1020): r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000ac0)={0xc, 0x2, 0x0, "f78772b8b72b71a9340ae4c7caa29b4d6e0dceee2da304af885b3c302db04a7d"}) 3.094397332s ago: executing program 1 (id=1021): r0 = socket$can_bcm(0x1d, 0x2, 0x2) creat(&(0x7f0000000280)='./file0\x00', 0x0) r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70300000000000085000000ad000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={r2, 0xffffffffffffffff, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)=[0x0], 0x0, 0x0, 0x1}}, 0x40) r3 = getpid() process_vm_readv(r3, &(0x7f0000000340)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0xe8}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 2.627625963s ago: executing program 2 (id=1023): openat$ppp(0xffffff9c, &(0x7f0000000000), 0x80000, 0x0) r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x62882, 0x0) close(r0) 2.538092384s ago: executing program 2 (id=1024): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='contention_begin\x00', r2}, 0x10) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = dup(r3) ioctl$KVM_SET_MSRS(r4, 0xc048aeca, &(0x7f0000000040)=ANY=[]) 2.49743744s ago: executing program 1 (id=1026): pipe(&(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000300)={0xa, 0x8000002, 0x0, @loopback}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x20058041, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback}, 0x1c) splice(r1, 0x0, r0, 0x0, 0x7, 0x0) sendto$packet(r1, &(0x7f0000000340), 0xfffffffffffffd4d, 0x0, 0x0, 0x0) 2.280250374s ago: executing program 2 (id=1029): sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ptrace$setregset(0x4205, 0xffffffffffffffff, 0x4, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x8, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000186a00000300000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x21}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_inet_SIOCGIFADDR(r2, 0x8915, &(0x7f0000000300)={'netpci0\x00', {0x2, 0x0, @multicast2}}) sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0) recvmmsg(r2, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000100)=""/210, 0xd2}, {&(0x7f0000000400)=""/203, 0xcb}, {&(0x7f0000000200)=""/7, 0x7}, {&(0x7f0000000280)=""/118, 0x76}], 0x4}}], 0x1, 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000044882, 0x0) move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0) io_setup(0x1, &(0x7f00000004c0)=0x0) io_submit(r4, 0xca, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0xf, 0x0, 0x0, r3, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}]) r5 = socket$inet6(0xa, 0x3, 0x2) getsockname(r5, &(0x7f0000000d00)=@xdp={0x2c, 0x0, 0x0}, &(0x7f0000000c80)=0x80) r7 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000810500", @ANYRES32=r6, @ANYBLOB="0000000000000000280012800a0001006361"], 0x48}}, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10) getsockopt$ARPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x60, 0x0, &(0x7f0000000100)) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='io.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10, 0xffffffffffffffff, 0x0) 2.138467649s ago: executing program 3 (id=1030): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) io_uring_setup(0x5237, &(0x7f00000002c0)) ioctl$SNDCTL_DSP_SETFMT(r0, 0x5001, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 1.54983208s ago: executing program 1 (id=1031): socket$alg(0x26, 0x5, 0x0) creat(&(0x7f00000000c0)='./file0\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0xd7, 0x7fdf, 0x1}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0xd7, 0x7fdf, 0x1}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x275a, 0x0) socket$inet6(0xa, 0x2, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = syz_io_uring_setup(0x24fa, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_setup(0x24f7, &(0x7f0000000140), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_mptcp(0xa, 0x1, 0x106) socket$inet6_mptcp(0xa, 0x1, 0x106) io_uring_setup(0x671c, &(0x7f0000000240)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[@ANYRES64=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 1.364951738s ago: executing program 1 (id=1033): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'virt_wifi0\x00'}) ioctl(r0, 0x8b22, &(0x7f0000000040)) 1.308886512s ago: executing program 0 (id=1034): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000600)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f00000000c0)={0x7, 0x8, 0xfa00, {r1}}, 0x10) write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f0000000080)={0x7, 0x10, 0xfa00, {0x0}}, 0x18) 1.258455272s ago: executing program 3 (id=1035): syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x1046, 0x0, 0x0, 0x0, 0x0}, 0x0, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="cc000000000000009e"]) 1.258080369s ago: executing program 1 (id=1036): r0 = socket$inet(0x2, 0x3, 0x394) setsockopt$inet_msfilter(r0, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYRES8], 0x1) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000000c0)={0x0, @local, @local}, &(0x7f0000000140)=0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f0000000500), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) gettid() bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x6, 0x80, 0x42}, 0x48) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee3, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r3 = syz_open_dev$video(&(0x7f0000000000), 0x0, 0x0) openat$binderfs(0xffffff9c, &(0x7f0000000440)='./binderfs/binder1\x00', 0x800, 0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f0000000540)={'ip6tnl0\x00', &(0x7f00000005c0)={'syztnl0\x00', 0x0, 0x29, 0x20, 0x2c, 0x6, 0x58, @mcast2, @remote, 0x7800, 0x8, 0x7fffffff, 0x2}}) mkdirat(0xffffffffffffff9c, 0x0, 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100)) r5 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='io.stat\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000080), 0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x300000a, 0x12, r6, 0x0) ioctl$AUTOFS_IOC_ASKUMOUNT(r5, 0xc0089364, &(0x7f00000001c0)) ioctl$VIDIOC_SUBSCRIBE_EVENT(r3, 0x4020565a, &(0x7f0000000040)={0x3}) syz_socket_connect_nvme_tcp() r7 = openat$ppp(0xffffff9c, &(0x7f0000000340), 0x4280, 0x0) ioctl$PPPIOCGFLAGS1(r7, 0x8004745a, &(0x7f0000000380)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) 1.257813831s ago: executing program 0 (id=1037): socket$inet6_sctp(0xa, 0x1, 0x84) getpid() r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x40}}, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f00000004c0)=ANY=[@ANYRESHEX=r2, @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r3, 0x25, 0x0, @val=@tcx}, 0x40) r5 = socket$inet(0x2, 0x3, 0x6) setsockopt$sock_int(r5, 0x1, 0x2e, &(0x7f0000000180)=0x207f, 0x4) shutdown(r5, 0x0) recvmmsg(r5, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a00000006000100970000003e4effbd5bddb7a25a0bff07c1"], 0x1c}}, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000000), r2) socket$nl_route(0x10, 0x3, 0x0) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r6, &(0x7f0000000300)="aa", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) sendto$inet6(r6, &(0x7f0000000140)="11", 0x1, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @private2}, 0x1c) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000340)=""/88, 0x58}, {&(0x7f00000005c0)=""/117, 0x75}, {&(0x7f0000000640)}], 0x3, &(0x7f0000000a40)=""/4096, 0x1000}, 0x50) socket$inet6_udp(0xa, 0x2, 0x0) syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="04330affffffffffff030000007f2f67d144dd0180ceb22298cab50fde81a652a3a90bca7231ca0a846865eb0fd942218ce3f51aafd5d52a5d1283a1826e75761af25e8de549fdc7a7234ea674a81c688f75509fea7ae7dddd9f954264802dfa8c4882a291fc6a73ac13b4dd115c7cac2a0244207b0dccf89427c701e7f0bf8b332e621de32ccce7feb36dd07f9d56454c10018d69743b3919645af57c0aac51e148437948217e443b"], 0xd) 1.164906936s ago: executing program 3 (id=1038): r0 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000200)={0x3, 0x0, &(0x7f00000001c0)=[0x0, 0x0, 0x0]}) ioctl$DRM_IOCTL_MODE_GETPROPERTY(r0, 0xc04064aa, &(0x7f0000000240)={0x0, 0x0, r1}) 1.108723471s ago: executing program 3 (id=1039): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0}, 0x90) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90) r1 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000000)=0x49fe, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b) r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r3, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10) recvmmsg(r3, &(0x7f0000005280)=[{{0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0xffffffff00003f00}, 0x5}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000002cc0)=""/152, 0x98}, {&(0x7f0000000340)=""/211, 0xd3}], 0x2}}, {{&(0x7f00000038c0)=@sco, 0x80, 0x0}}], 0x3, 0x40002006, 0x0) sendfile(r3, r2, 0x0, 0xffefffff) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0)={0x1}, 0x4) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_emit_ethernet(0x86, &(0x7f0000000240)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x17, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @rand_addr, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x7, 0x0, [@multicast1]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@multicast1}, {@private}, {@local}, {@remote}, {@private}, {@dev}, {@private}]}]}}}}}}}, 0x0) 697.299263ms ago: executing program 2 (id=1040): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x52, 0x1, 0x0, 0x0, {0x2}, [@typed={0xc, 0x1, 0x0, 0x0, @u64}]}, 0x20}}, 0x0) 607.966811ms ago: executing program 2 (id=1041): r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r0) syz_open_dev$dri(&(0x7f0000000000), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f00000001c0)={0x0, 0x4, 0x0, 0x34325241}) 562.535839ms ago: executing program 0 (id=1042): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x5c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x5c}}, 0x0) 558.605339ms ago: executing program 2 (id=1043): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) io_uring_setup(0x5237, &(0x7f00000002c0)) ioctl$SNDCTL_DSP_SETFMT(r0, 0x5001, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 497.417062ms ago: executing program 0 (id=1044): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000005840)) lseek(r0, 0x0, 0x0) 318.334406ms ago: executing program 0 (id=1045): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe2000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f00000000c0)="bad004b00dee0fe7390fc7be08003e0f18240f20d86635200000000f22d80f79b541e1b8a00b8ee08c4a02b880008ed00fe8ea", 0x83}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, 0x0}, 0x0) 212.362862ms ago: executing program 3 (id=1046): bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x3, 0x8, 0x1}, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x100008c}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x202) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) sched_getaffinity(0x0, 0x8, &(0x7f0000000200)) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x0, 0x40000102, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) bpf$ENABLE_STATS(0x3, 0x0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) dup3(r3, 0xffffffffffffffff, 0x0) ppoll(&(0x7f0000000440)=[{r3}], 0x1, &(0x7f0000000480)={0x0, 0x989680}, 0x0, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000740), 0x0, 0x0, 0x0}) r4 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f0000000100), 0x8) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000001440)=ANY=[@ANYBLOB="0017"], 0xc0) mkdir(&(0x7f00000002c0)='./bus\x00', 0x0) mkdir(&(0x7f0000000200)='./bus/file0\x00', 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mkdir(&(0x7f0000000240)='./file0/file0\x00', 0x0) mount(&(0x7f0000000040)=@filename='./bus/file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x3000, 0x0) sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0) setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, 0x0, 0x0) 0s ago: executing program 0 (id=1047): r0 = syz_open_dev$dri(&(0x7f00000005c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000200)={0x3, 0x0, &(0x7f00000001c0)=[0x0, 0x0, 0x0]}) ioctl$DRM_IOCTL_MODE_GETPROPERTY(r0, 0xc04064aa, &(0x7f0000000240)={0x0, 0x0, r1}) kernel console output (not intermixed with test programs): evsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.395795][ T5213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.400385][ T5213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.405789][ T5213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.410902][ T5213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.417833][ T5213] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.447970][ T5226] veth0_macvtap: entered promiscuous mode [ 63.455392][ T5213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.459261][ T5213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.466226][ T5213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.470703][ T5213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.476848][ T5213] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.504396][ T5226] veth1_macvtap: entered promiscuous mode [ 63.517747][ T5213] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.521614][ T5213] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.526130][ T5213] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.531880][ T5213] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.574342][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.578550][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.582187][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.587351][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.591627][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.598397][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.603715][ T5226] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.608996][ T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.612652][ T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.613046][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.620781][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.626647][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.633624][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.638538][ T5226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.643191][ T5226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.650335][ T5226] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.662017][ T5226] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.666143][ T5226] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.671572][ T5226] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.681434][ T5226] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.716211][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.719916][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.786944][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.789977][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.805071][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.808141][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.879533][ T1084] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.882763][ T1084] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.914841][ T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.918634][ T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.961031][ T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.967132][ T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.971042][ T1084] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.974646][ T1084] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.184027][ T39] audit: type=1326 audit(1721726867.685:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5283 comm="syz.3.4" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x0 [ 64.333147][ T5293] futex_wake_op: syz.1.5 tries to shift op by -1; fix this program [ 64.373167][ T5294] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4'. [ 64.454767][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 64.475639][ T4648] Bluetooth: hci0: command tx timeout [ 64.478702][ T4648] Bluetooth: hci1: command tx timeout [ 64.534691][ T5217] Bluetooth: hci2: command tx timeout [ 64.536700][ T4648] Bluetooth: hci3: command tx timeout [ 64.668472][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 65.087690][ T5318] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 65.357038][ T5277] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 65.567387][ T5277] usb 8-1: Using ep0 maxpacket: 8 [ 65.588579][ T5277] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 65.592792][ T5277] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 65.597404][ T5277] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 65.602018][ T5277] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 65.607144][ T5277] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 65.611273][ T5277] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.883015][ T5277] usb 8-1: GET_CAPABILITIES returned 0 [ 65.890825][ T5277] usbtmc 8-1:16.0: can't read capabilities [ 66.536058][ T4648] Bluetooth: hci0: command tx timeout [ 66.615545][ T5217] Bluetooth: hci3: command tx timeout [ 66.618256][ T4648] Bluetooth: hci2: command tx timeout [ 68.161032][ T2676] usb 8-1: USB disconnect, device number 2 [ 68.320825][ T5424] binder: BINDER_SET_CONTEXT_MGR already set [ 68.325855][ T5424] binder: 5423:5424 ioctl 4018620d 200001c0 returned -16 [ 69.178414][ T39] audit: type=1326 audit(1721726872.685:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5453 comm="syz.1.46" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x0 [ 69.254787][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 69.264550][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 69.392615][ T5459] netlink: 12 bytes leftover after parsing attributes in process `syz.1.46'. [ 69.894682][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 70.135397][ T4648] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 70.140387][ T4648] Bluetooth: hci1: Injecting HCI hardware error event [ 70.145634][ T5217] Bluetooth: hci1: hardware error 0x00 [ 70.189507][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 70.412822][ T39] audit: type=1326 audit(1721726873.915:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5477 comm="syz.2.53" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0 [ 70.497028][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 71.467888][ T0] NOHZ tick-stop error: local softirq work is pending, handler #20a!!! [ 71.570621][ T5498] overlayfs: unescaped trailing colons in lowerdir mount option. [ 71.941281][ T39] audit: type=1326 audit(1721726875.445:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5512 comm="syz.3.66" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x0 [ 72.224396][ T5217] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 72.504270][ T58] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 72.704309][ T58] usb 5-1: Using ep0 maxpacket: 8 [ 72.709714][ T58] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 72.713821][ T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 72.718681][ T58] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 72.723146][ T58] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 72.729077][ T58] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 72.733121][ T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.858114][ T5524] veth0_vlan: left promiscuous mode [ 72.901150][ T5530] overlayfs: unescaped trailing colons in lowerdir mount option. [ 72.960598][ T58] usb 5-1: GET_CAPABILITIES returned 0 [ 72.963129][ T58] usbtmc 5-1:16.0: can't read capabilities [ 73.169290][ C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 73.178675][ T58] usb 5-1: USB disconnect, device number 2 [ 73.310888][ T5535] tap0: tun_chr_ioctl cmd 1074025677 [ 73.313739][ T5535] tap0: linktype set to 147 [ 73.470265][ T5539] netlink: 256 bytes leftover after parsing attributes in process `syz.3.74'. [ 73.613819][ T39] audit: type=1326 audit(1721726877.115:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5542 comm="syz.3.77" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x0 [ 73.640047][ T5545] ======================================================= [ 73.640047][ T5545] WARNING: The mand mount option has been deprecated and [ 73.640047][ T5545] and is ignored by this kernel. Remove the mand [ 73.640047][ T5545] option from the mount to silence this warning. [ 73.640047][ T5545] ======================================================= [ 73.670842][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 73.754325][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 74.165680][ T5566] veth0_vlan: left promiscuous mode [ 74.414319][ T35] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 74.614222][ T35] usb 6-1: Using ep0 maxpacket: 8 [ 74.626464][ T35] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 74.630825][ T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 74.644313][ T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 74.649094][ T35] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 74.659352][ T35] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 74.663816][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.930371][ T35] usb 6-1: GET_CAPABILITIES returned 0 [ 74.933115][ T35] usbtmc 6-1:16.0: can't read capabilities [ 74.995287][ T39] audit: type=1326 audit(1721726878.495:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5591 comm="syz.2.95" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd8579 code=0x0 [ 75.053511][ T5596] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 75.178976][ C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 75.184543][ T5597] netlink: 12 bytes leftover after parsing attributes in process `syz.2.95'. [ 75.203634][ T5597] sctp: [Deprecated]: syz.2.95 (pid 5597) Use of int in max_burst socket option deprecated. [ 75.203634][ T5597] Use struct sctp_assoc_value instead [ 75.225348][ T5256] usb 6-1: USB disconnect, device number 2 [ 75.415528][ T5598] mmap: syz.0.96 (5598) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 75.797000][ T5601] tmpfs: Bad value for 'mpol' [ 76.134822][ T39] audit: type=1326 audit(1721726879.645:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5607 comm="syz.1.101" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x7ffc0000 [ 76.155193][ T39] audit: type=1326 audit(1721726879.645:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5607 comm="syz.1.101" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x7ffc0000 [ 76.275221][ T5613] futex_wake_op: syz.0.102 tries to shift op by -1; fix this program [ 76.632650][ T5617] overlayfs: failed to get index nlink (file1/bus, err=-61) [ 76.639931][ T5617] evm: overlay not supported [ 76.875237][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.879149][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.974407][ T39] audit: type=1326 audit(1721726880.475:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5624 comm="syz.3.108" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x0 [ 77.177511][ T5633] netlink: 12 bytes leftover after parsing attributes in process `syz.3.108'. [ 77.705225][ T5571] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 77.904661][ T5571] usb 7-1: Using ep0 maxpacket: 8 [ 77.911565][ T5571] usb 7-1: config 0 has no interfaces? [ 77.915096][ T5571] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 77.919296][ T5571] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.930873][ T5571] usb 7-1: config 0 descriptor?? [ 77.933905][ T39] audit: type=1326 audit(1721726881.435:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5639 comm="syz.1.114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x7ffc0000 [ 77.961341][ T39] audit: type=1326 audit(1721726881.465:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5639 comm="syz.1.114" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe3579 code=0x7ffc0000 [ 78.183697][ T5636] Bluetooth: MGMT ver 1.23 [ 78.202645][ T5256] usb 7-1: USB disconnect, device number 2 [ 78.773800][ T5656] input: syz0 as /devices/virtual/input/input5 [ 78.872591][ T5658] team_slave_0: entered promiscuous mode [ 78.876229][ T5658] team_slave_1: entered promiscuous mode [ 80.854087][ T5693] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 80.858556][ T5693] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 80.889902][ T5693] vhci_hcd vhci_hcd.0: Device attached [ 81.107050][ T5697] vhci_hcd: connection closed [ 81.110383][ T1084] vhci_hcd: stop threads [ 81.115555][ T1084] vhci_hcd: release socket [ 81.124329][ T1084] vhci_hcd: disconnect device [ 81.154327][ T58] usb 19-1: new high-speed USB device number 2 using vhci_hcd [ 81.157300][ T58] usb 19-1: enqueue for inactive port 0 [ 81.234281][ T58] vhci_hcd: vhci_device speed not set [ 81.645148][ T5254] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 81.834759][ T5254] usb 5-1: Using ep0 maxpacket: 8 [ 81.839572][ T5254] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 81.845020][ T5254] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 81.849634][ T5254] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 81.856151][ T5254] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 81.863799][ T5254] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 81.868870][ T5254] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.985649][ T30] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 82.084485][ T5214] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 82.141593][ T5254] usb 5-1: GET_CAPABILITIES returned 0 [ 82.147156][ T5254] usbtmc 5-1:16.0: can't read capabilities [ 82.217503][ T30] usb 6-1: Using ep0 maxpacket: 8 [ 82.223348][ T30] usb 6-1: config 0 has no interfaces? [ 82.230673][ T30] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 82.234805][ T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.241582][ T30] usb 6-1: config 0 descriptor?? [ 82.274837][ T5214] usb 8-1: Using ep0 maxpacket: 32 [ 82.281021][ T5214] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 82.287034][ T5214] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 82.295119][ T5214] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 82.303540][ T5214] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 82.309637][ T5214] usb 8-1: Product: syz [ 82.311567][ T5214] usb 8-1: Manufacturer: syz [ 82.313399][ T5214] usb 8-1: SerialNumber: syz [ 82.541052][ T5753] netlink: 4 bytes leftover after parsing attributes in process `syz.2.160'. [ 82.579105][ T5214] usblp 8-1:1.0: usblp1: USB Unidirectional printer dev 3 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 82.603808][ T2676] usb 6-1: USB disconnect, device number 3 [ 82.772973][ T30] usb 8-1: USB disconnect, device number 3 [ 82.813043][ T30] usblp1: removed [ 83.267512][ T5774] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 83.270310][ T5774] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 83.276135][ T5774] vhci_hcd vhci_hcd.0: Device attached [ 83.478512][ T5775] vhci_hcd: connection closed [ 83.478669][ T5383] vhci_hcd: stop threads [ 83.483226][ T5383] vhci_hcd: release socket [ 83.492200][ T5383] vhci_hcd: disconnect device [ 83.545002][ T5256] usb 15-1: new high-speed USB device number 2 using vhci_hcd [ 83.553023][ T5256] usb 15-1: enqueue for inactive port 0 [ 83.634297][ T5256] vhci_hcd: vhci_device speed not set [ 84.078945][ T5571] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 84.275398][ T5571] usb 7-1: Using ep0 maxpacket: 8 [ 84.280747][ T5571] usb 7-1: config 0 has no interfaces? [ 84.283222][ T5571] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 84.288004][ T5571] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.296794][ T5571] usb 7-1: config 0 descriptor?? [ 84.553235][ T2676] usb 5-1: USB disconnect, device number 3 [ 84.642040][ T5256] usb 7-1: USB disconnect, device number 3 [ 84.735061][ T25] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 84.819104][ T5217] Bluetooth: min 0 < 6 [ 84.944223][ T25] usb 6-1: Using ep0 maxpacket: 32 [ 84.948814][ T25] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 84.954054][ T25] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 84.964812][ T25] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 84.969841][ T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.973139][ T25] usb 6-1: Product: syz [ 84.975573][ T25] usb 6-1: Manufacturer: syz [ 84.977751][ T25] usb 6-1: SerialNumber: syz [ 85.256589][ T25] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 85.490232][ T5256] usb 6-1: USB disconnect, device number 4 [ 85.499538][ T5256] usblp0: removed [ 85.632733][ T5820] capability: warning: `syz.2.180' uses deprecated v2 capabilities in a way that may be insecure [ 86.789048][ T5217] Bluetooth: hci3: unexpected event 0x31 length: 23 > 6 [ 86.854642][ T5844] netdevsim netdevsim0: Direct firmware load for ng failed with error -2 [ 86.855142][ T5844] netdevsim netdevsim0: Falling back to sysfs fallback for: ng [ 86.865880][ T5217] Bluetooth: hci3: command tx timeout [ 87.100831][ T8] cfg80211: failed to load regulatory.db [ 87.314342][ T5254] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 87.574419][ T5254] usb 6-1: Using ep0 maxpacket: 16 [ 87.584043][ T5254] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 87.590071][ T5254] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 87.596082][ T5254] usb 6-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 87.600513][ T5254] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.609800][ T5859] syz.2.197 uses obsolete (PF_INET,SOCK_PACKET) [ 87.654524][ T5254] usb 6-1: config 0 descriptor?? [ 87.806029][ T5864] Bluetooth: MGMT ver 1.23 [ 87.989750][ T5848] netlink: 264 bytes leftover after parsing attributes in process `syz.1.191'. [ 88.226657][ T5848] netlink: 4 bytes leftover after parsing attributes in process `syz.1.191'. [ 88.282734][ T5873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 88.289518][ T5873] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 88.307422][ T5254] hid (null): unknown global tag 0xe [ 88.319756][ T5254] hid (null): bogus close delimiter [ 88.323862][ T5254] hid (null): unknown global tag 0xd [ 88.339376][ T5254] hid-generic 0003:0158:0100.0002: unknown main item tag 0x1 [ 88.342831][ T5254] hid-generic 0003:0158:0100.0002: unexpected long global item [ 88.358241][ T5254] hid-generic 0003:0158:0100.0002: probe with driver hid-generic failed with error -22 [ 88.532611][ T5254] usb 6-1: USB disconnect, device number 5 [ 88.834408][ T5571] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 89.014217][ T5571] usb 8-1: Using ep0 maxpacket: 8 [ 89.018645][ T5571] usb 8-1: config 0 has no interfaces? [ 89.021081][ T5571] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 89.025416][ T5571] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.040316][ T5571] usb 8-1: config 0 descriptor?? [ 89.477332][ T25] usb 8-1: USB disconnect, device number 4 [ 90.774841][ T5254] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 91.000398][ T5254] usb 8-1: Using ep0 maxpacket: 16 [ 91.019243][ T5254] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 91.032820][ T5254] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 91.049955][ T5254] usb 8-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 91.064983][ T5254] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.077150][ T5254] usb 8-1: config 0 descriptor?? [ 91.108198][ T5929] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 91.392458][ T5916] netlink: 264 bytes leftover after parsing attributes in process `syz.3.214'. [ 91.520186][ T5571] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 91.673230][ T5942] netlink: 4 bytes leftover after parsing attributes in process `syz.3.214'. [ 91.690465][ T5942] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 91.696060][ T5942] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 91.719214][ T5254] hid (null): unknown global tag 0xe [ 91.723807][ T5254] hid (null): bogus close delimiter [ 91.727489][ T5254] hid (null): unknown global tag 0xd [ 91.735501][ T5254] hid-generic 0003:0158:0100.0003: unknown main item tag 0x1 [ 91.739085][ T5254] hid-generic 0003:0158:0100.0003: unexpected long global item [ 91.743713][ T5254] hid-generic 0003:0158:0100.0003: probe with driver hid-generic failed with error -22 [ 91.752898][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.787632][ T5571] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 91.792857][ T5571] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 91.797509][ T5571] usb 5-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00 [ 91.801462][ T5571] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.806287][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.810567][ T5571] usb 5-1: config 0 descriptor?? [ 91.812987][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.816140][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.819398][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.822219][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.827627][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.831173][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.835219][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.838795][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.842075][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.846123][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.849394][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.852680][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.856685][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.860712][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.863958][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.868170][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.871567][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.875823][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.879310][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.882837][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.886396][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.889774][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.893085][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.896662][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.900685][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.905772][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.909225][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.912580][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.918543][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.922589][ T59] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 91.930205][ T25] usb 8-1: USB disconnect, device number 5 [ 91.937313][ T59] hid-generic 0000:0000:0000.0004: hidraw1: HID v0.00 Device [syz0] on syz0 [ 92.064279][ T5261] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 92.272146][ T5261] usb 6-1: config 0 has no interfaces? [ 92.276863][ T5261] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 92.283370][ T5261] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.314926][ T5261] usb 6-1: config 0 descriptor?? [ 92.471487][ T5933] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 92.477879][ T5933] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 92.503509][ T5571] usbhid 5-1:0.0: can't add hid device: -71 [ 92.512392][ T5571] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 92.534602][ T5571] usb 5-1: USB disconnect, device number 4 [ 92.635271][ T5217] Bluetooth: hci2: unexpected event 0x31 length: 23 > 6 [ 92.650988][ T5956] netdevsim netdevsim3: Direct firmware load for ng failed with error -2 [ 92.671045][ T5956] netdevsim netdevsim3: Falling back to sysfs fallback for: ng [ 93.818055][ T59] usb 6-1: USB disconnect, device number 6 [ 95.903536][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 95.908536][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 95.911923][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 95.955178][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 95.959442][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 95.967286][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 95.970341][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 95.984947][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 95.988189][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 95.991397][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 95.995207][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 95.998289][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.005248][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.008931][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.012396][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.016258][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.019596][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.022880][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.039964][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.043489][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.047025][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.050158][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.053244][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.065759][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.069442][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.076980][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.082647][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.095750][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.099557][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.102747][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.105986][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.109131][ T25] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 96.122306][ T25] hid-generic 0000:0000:0000.0005: hidraw1: HID v0.00 Device [syz0] on syz0 [ 96.204308][ T2676] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 96.396207][ T2676] usb 8-1: config 0 has no interfaces? [ 96.398886][ T2676] usb 8-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 96.402744][ T2676] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.416431][ T2676] usb 8-1: config 0 descriptor?? [ 96.747290][ T6024] process 'syz.0.249' launched './file2' with NULL argv: empty string added [ 97.737152][ T5571] usb 8-1: USB disconnect, device number 6 [ 105.174636][ T6163] UBIFS error (pid: 6163): cannot open "/dev/iommu", error -22 [ 105.177971][ T6161] 9pnet_fd: Insufficient options for proto=fd [ 105.601755][ T5217] Bluetooth: min 0 < 6 [ 106.077566][ T6197] tipc: Started in network mode [ 106.080073][ T6197] tipc: Node identity f7, cluster identity 4711 [ 106.083033][ T6197] tipc: Node number set to 247 [ 106.496211][ T6216] netlink: 60 bytes leftover after parsing attributes in process `syz.0.315'. [ 106.500724][ T6216] netlink: 60 bytes leftover after parsing attributes in process `syz.0.315'. [ 107.210200][ T5217] Bluetooth: min 0 < 6 [ 107.795424][ T6259] netlink: 'syz.0.329': attribute type 38 has an invalid length. [ 107.827894][ T6259] netlink: 4 bytes leftover after parsing attributes in process `syz.0.329'. [ 108.462018][ T5217] Bluetooth: hci2: Malformed HCI Event [ 108.685737][ T6289] netlink: 'syz.2.340': attribute type 38 has an invalid length. [ 108.689486][ T6289] netlink: 4 bytes leftover after parsing attributes in process `syz.2.340'. [ 109.158822][ T6312] netlink: 277 bytes leftover after parsing attributes in process `syz.3.348'. [ 109.178840][ T6312] netlink: 277 bytes leftover after parsing attributes in process `syz.3.348'. [ 109.188648][ T6312] netlink: 12 bytes leftover after parsing attributes in process `syz.3.348'. [ 109.270955][ T5217] Bluetooth: hci2: command tx timeout [ 110.243495][ T5217] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 110.537352][ T5217] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 110.544835][ T5217] Bluetooth: hci2: Injecting HCI hardware error event [ 110.549101][ T5217] Bluetooth: hci2: hardware error 0x00 [ 110.565750][ T6338] netlink: 277 bytes leftover after parsing attributes in process `syz.3.358'. [ 110.569823][ T6338] netlink: 277 bytes leftover after parsing attributes in process `syz.3.358'. [ 110.580483][ T6338] netlink: 12 bytes leftover after parsing attributes in process `syz.3.358'. [ 111.071508][ T6348] futex_wake_op: syz.0.363 tries to shift op by -1; fix this program [ 111.154887][ T5225] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 111.159632][ T5225] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 111.163640][ T5225] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 111.168735][ T5225] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 111.172828][ T5225] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 111.177562][ T5225] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 111.505093][ T5225] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 111.512468][ T5225] Bluetooth: hci3: Injecting HCI hardware error event [ 111.512763][ T6349] chnl_net:caif_netlink_parms(): no params data found [ 111.516537][ T5225] Bluetooth: hci3: hardware error 0x00 [ 111.829179][ T6349] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.832834][ T6349] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.835975][ T6349] bridge_slave_0: entered allmulticast mode [ 111.839874][ T6349] bridge_slave_0: entered promiscuous mode [ 111.848203][ T6349] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.851500][ T6349] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.855257][ T6349] bridge_slave_1: entered allmulticast mode [ 111.860261][ T6349] bridge_slave_1: entered promiscuous mode [ 111.943804][ T6349] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 111.953938][ T6349] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 112.084073][ T6349] team0: Port device team_slave_0 added [ 112.097151][ T6349] team0: Port device team_slave_1 added [ 112.243960][ T6349] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 112.247273][ T6349] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.259087][ T6349] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 112.266380][ T6349] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 112.269745][ T6349] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.281742][ T6349] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 112.614365][ T5217] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 112.635799][ T6349] hsr_slave_0: entered promiscuous mode [ 112.691688][ T6349] hsr_slave_1: entered promiscuous mode [ 112.743477][ T6349] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 112.754214][ T6349] Cannot create hsr debugfs directory [ 113.255036][ T5217] Bluetooth: hci1: command tx timeout [ 113.515539][ T6349] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.576355][ T5225] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 113.712768][ T6349] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.863345][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863392][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863410][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863426][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863443][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863460][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863476][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863493][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863509][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863525][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863541][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863558][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863574][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863591][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863607][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863623][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863639][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863656][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863672][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863689][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863705][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863721][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863738][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863754][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863771][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863787][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863804][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863821][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863837][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863854][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863870][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.863887][ T5261] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 113.869792][ T5261] hid-generic 0000:0000:0000.0006: hidraw1: HID v0.00 Device [syz0] on syz0 [ 113.874514][ T6349] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.097086][ T6349] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.187267][ T5261] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 114.301825][ T6349] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 114.369870][ T6349] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 114.393350][ T6349] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 114.403566][ T5261] usb 8-1: config 0 has no interfaces? [ 114.406606][ T6349] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 114.419379][ T5261] usb 8-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 114.493254][ T5261] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.512719][ T5261] usb 8-1: config 0 descriptor?? [ 114.616024][ T6349] 8021q: adding VLAN 0 to HW filter on device bond0 [ 114.666606][ T6349] 8021q: adding VLAN 0 to HW filter on device team0 [ 114.676305][ T5261] bridge0: port 1(bridge_slave_0) entered blocking state [ 114.680696][ T5261] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.694678][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 114.699813][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 114.761260][ T6349] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 115.030212][ T6386] netlink: 277 bytes leftover after parsing attributes in process `syz.1.371'. [ 115.035920][ T6386] netlink: 277 bytes leftover after parsing attributes in process `syz.1.371'. [ 115.046961][ T6386] netlink: 12 bytes leftover after parsing attributes in process `syz.1.371'. [ 115.111234][ T6349] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 115.182533][ T6349] veth0_vlan: entered promiscuous mode [ 115.205082][ T6349] veth1_vlan: entered promiscuous mode [ 115.217075][ C1] dccp_v6_rcv: dropped packet with invalid checksum [ 115.260437][ T6349] veth0_macvtap: entered promiscuous mode [ 115.268595][ T6349] veth1_macvtap: entered promiscuous mode [ 115.285245][ T6349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 115.292727][ T6349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.297183][ T6349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 115.301632][ T6349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.306150][ T6349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 115.310417][ T6349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.314747][ T6349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 115.318870][ T6349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.326301][ T6349] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 115.334659][ T5225] Bluetooth: hci1: command tx timeout [ 115.345978][ T6349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 115.352495][ T6349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.360399][ T6349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 115.367776][ T6349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.372565][ T6349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 115.377962][ T6349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.382279][ T6349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 115.387980][ T6349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 115.396868][ T6349] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 115.412190][ T6349] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.416054][ T6349] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.421141][ T6349] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.426574][ T6349] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 115.429321][ T6395] 9pnet_fd: Insufficient options for proto=fd [ 115.555404][ T1084] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.558658][ T1084] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.613927][ T1084] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 115.632544][ T1084] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 115.892030][ T6409] netlink: 16 bytes leftover after parsing attributes in process `syz.0.378'. [ 115.904974][ T5261] usb 8-1: USB disconnect, device number 7 [ 116.105599][ C1] dccp_v6_rcv: dropped packet with invalid checksum [ 116.918815][ T5254] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 117.134398][ T5254] usb 6-1: Using ep0 maxpacket: 32 [ 117.139759][ T5254] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 117.144603][ T5254] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 117.165206][ T5254] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 117.180093][ T5254] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 117.186231][ T5254] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 117.190277][ T5254] usb 6-1: Product: syz [ 117.192863][ T5254] usb 6-1: Manufacturer: syz [ 117.197097][ T5254] usb 6-1: SerialNumber: syz [ 117.414561][ T5225] Bluetooth: hci1: command tx timeout [ 118.218822][ T6433] syz.3.386[6433] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 118.218974][ T6433] syz.3.386[6433] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 118.363909][ T39] audit: type=1326 audit(1721726921.865:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6432 comm="syz.3.386" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f84579 code=0x0 [ 118.452924][ T6433] syz.3.386[6433] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 118.453079][ T6433] syz.3.386[6433] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 118.547119][ T5254] usb 6-1: 0:2 : does not exist [ 118.578750][ T5254] usb 6-1: USB disconnect, device number 7 [ 118.807311][ T5755] udevd[5755]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 119.505296][ T5225] Bluetooth: hci1: command tx timeout [ 120.714214][ T58] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 120.924388][ T58] usb 7-1: Using ep0 maxpacket: 32 [ 120.929258][ T58] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 120.933050][ T58] usb 7-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 120.940336][ T58] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 120.953984][ T58] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 120.958994][ T58] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 120.970900][ T58] usb 7-1: Product: syz [ 120.972973][ T58] usb 7-1: Manufacturer: syz [ 120.975500][ T58] usb 7-1: SerialNumber: syz [ 121.929327][ T6501] netlink: 'syz.1.408': attribute type 5 has an invalid length. [ 122.386147][ T58] usb 7-1: 0:2 : does not exist [ 122.412465][ T58] usb 7-1: USB disconnect, device number 4 [ 122.645758][ T5755] udevd[5755]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 122.805702][ T6521] netlink: 'syz.0.417': attribute type 5 has an invalid length. [ 123.164377][ T30] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 123.344272][ T30] usb 6-1: Using ep0 maxpacket: 8 [ 123.348366][ T30] usb 6-1: New USB device found, idVendor=0c10, idProduct=0000, bcdDevice=bd.3b [ 123.352523][ T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.369290][ T30] usb 6-1: config 0 descriptor?? [ 123.543371][ T6542] overlayfs: statfs failed on './file0' [ 123.642396][ T30] usb 6-1: USB disconnect, device number 8 [ 124.434276][ T57] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 124.624221][ T57] usb 5-1: Using ep0 maxpacket: 32 [ 124.637787][ T57] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 124.641324][ T57] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 124.646145][ T57] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 124.652900][ T57] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 124.656618][ T57] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 124.660117][ T57] usb 5-1: Product: syz [ 124.661845][ T57] usb 5-1: Manufacturer: syz [ 124.663941][ T57] usb 5-1: SerialNumber: syz [ 125.199077][ T6572] futex_wake_op: syz.2.437 tries to shift op by -1; fix this program [ 126.144852][ T57] usb 5-1: 0:2 : does not exist [ 126.179545][ T57] usb 5-1: USB disconnect, device number 5 [ 126.437220][ T5755] udevd[5755]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 126.795952][ T6584] overlayfs: statfs failed on './file0' [ 127.035406][ T6590] (unnamed net_device) (uninitialized): ARP target 1.0.0.0 is already present [ 127.039561][ T6590] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (1) [ 127.297495][ T6599] netlink: 16 bytes leftover after parsing attributes in process `syz.0.447'. [ 130.585970][ T6623] (unnamed net_device) (uninitialized): ARP target 1.0.0.0 is already present [ 130.600443][ T6623] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (1) [ 130.953501][ T5217] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 130.959677][ T5217] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 130.966309][ T5217] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 130.998255][ T5217] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 131.011432][ T5217] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 131.016406][ T5217] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 131.403344][ T6633] chnl_net:caif_netlink_parms(): no params data found [ 131.805134][ T6633] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.808791][ T6633] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.812473][ T6633] bridge_slave_0: entered allmulticast mode [ 131.835598][ T6633] bridge_slave_0: entered promiscuous mode [ 131.855775][ T6633] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.860304][ T6633] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.882323][ T6633] bridge_slave_1: entered allmulticast mode [ 131.887784][ T6633] bridge_slave_1: entered promiscuous mode [ 131.997847][ T6633] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 132.006683][ T6633] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 132.091204][ T6633] team0: Port device team_slave_0 added [ 132.097505][ T6633] team0: Port device team_slave_1 added [ 132.218161][ T6633] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 132.221352][ T6633] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.238254][ T6633] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 132.284891][ T6633] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 132.289280][ T6633] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.325534][ T6633] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 132.507219][ T6633] hsr_slave_0: entered promiscuous mode [ 132.523845][ T6633] hsr_slave_1: entered promiscuous mode [ 132.530489][ T6633] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 132.534128][ T6633] Cannot create hsr debugfs directory [ 133.044328][ T6633] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.106553][ T5217] Bluetooth: hci4: command tx timeout [ 133.218436][ T6633] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.347589][ T6633] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.486856][ T6633] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.727450][ T6633] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 133.735109][ T6633] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 133.751061][ T6633] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 133.758152][ T6633] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 133.856262][ T6633] 8021q: adding VLAN 0 to HW filter on device bond0 [ 133.908029][ T6633] 8021q: adding VLAN 0 to HW filter on device team0 [ 133.917418][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.920676][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 133.934966][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.938252][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 134.149092][ T6633] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 134.200294][ T6633] veth0_vlan: entered promiscuous mode [ 134.210881][ T6633] veth1_vlan: entered promiscuous mode [ 134.262579][ T6633] veth0_macvtap: entered promiscuous mode [ 134.271624][ T6633] veth1_macvtap: entered promiscuous mode [ 134.289475][ T6633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.295331][ T6633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.299843][ T6633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.306538][ T6633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.312224][ T6633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.317316][ T6633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.321571][ T6633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.326737][ T6633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.331047][ T6633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.336239][ T6633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.342807][ T6633] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 134.355204][ T6633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.358740][ T6633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.362873][ T6633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.370116][ T6633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.381450][ T6633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.386539][ T6633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.390802][ T6633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.401992][ T6633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.406884][ T6633] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.411426][ T6633] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.424694][ T6633] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 134.434051][ T6633] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.438769][ T6633] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.442526][ T6633] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.447895][ T6633] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.524880][ T6702] netlink: 'syz.0.482': attribute type 6 has an invalid length. [ 134.528599][ T6702] netlink: 4 bytes leftover after parsing attributes in process `syz.0.482'. [ 134.532682][ T6702] netlink: 'syz.0.482': attribute type 5 has an invalid length. [ 134.539926][ T6702] netlink: 4 bytes leftover after parsing attributes in process `syz.0.482'. [ 134.582810][ T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.588108][ T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.612290][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 134.616164][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.907266][ T6710] netlink: 48 bytes leftover after parsing attributes in process `syz.0.484'. [ 135.186953][ T5217] Bluetooth: hci4: command tx timeout [ 135.483854][ T6726] netlink: 'syz.3.491': attribute type 6 has an invalid length. [ 135.496320][ T6726] netlink: 4 bytes leftover after parsing attributes in process `syz.3.491'. [ 135.500020][ T6726] netlink: 'syz.3.491': attribute type 5 has an invalid length. [ 135.524067][ T6726] netlink: 4 bytes leftover after parsing attributes in process `syz.3.491'. [ 135.945411][ T6737] 9pnet: Unknown protocol version 9p2000. [ 135.951564][ T39] audit: type=1326 audit(1721727195.456:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6736 comm="syz.2.495" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x0 [ 136.301215][ T6745] netlink: 'syz.0.499': attribute type 7 has an invalid length. [ 136.311073][ T6745] netlink: 15 bytes leftover after parsing attributes in process `syz.0.499'. [ 136.315930][ T6745] netlink: 40 bytes leftover after parsing attributes in process `syz.0.499'. [ 136.320033][ T6745] netlink: 872 bytes leftover after parsing attributes in process `syz.0.499'. [ 136.324859][ T6745] netlink: 'syz.0.499': attribute type 7 has an invalid length. [ 136.328170][ T6745] netlink: 15 bytes leftover after parsing attributes in process `syz.0.499'. [ 136.554466][ T6748] netlink: 4 bytes leftover after parsing attributes in process `syz.0.500'. [ 136.671514][ T6753] tipc: Started in network mode [ 136.673721][ T6753] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 136.679720][ T6753] tipc: New replicast peer: fe80:0000:0000:ffff:ffe2:0000:0000:00bb [ 136.683591][ T6753] tipc: Enabled bearer , priority 10 [ 136.778864][ T6757] netlink: 'syz.2.503': attribute type 16 has an invalid length. [ 136.785670][ T6757] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.990342][ T5217] Bluetooth: hci1: Malformed LE Event: 0x0d [ 137.140790][ T6768] warning: `syz.2.507' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 137.265303][ T5217] Bluetooth: hci4: command tx timeout [ 137.591035][ T6779] netlink: 'syz.2.510': attribute type 6 has an invalid length. [ 137.595833][ T6779] netlink: 'syz.2.510': attribute type 5 has an invalid length. [ 137.724405][ T6781] tipc: Started in network mode [ 137.726696][ T6781] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 137.730702][ T6781] tipc: New replicast peer: fe80:0000:0000:ffff:ffe2:0000:0000:00bb [ 137.742153][ T6781] tipc: Enabled bearer , priority 10 [ 137.795929][ T59] tipc: Node number set to 1 [ 138.021409][ C3] vkms_vblank_simulate: vblank timer overrun [ 138.335972][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.339119][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.864474][ T5261] tipc: Node number set to 1 [ 139.334370][ T5217] Bluetooth: hci4: command tx timeout [ 139.582113][ T6807] netlink: 'syz.1.519': attribute type 7 has an invalid length. [ 139.632002][ T6807] __nla_validate_parse: 3 callbacks suppressed [ 139.632017][ T6807] netlink: 15 bytes leftover after parsing attributes in process `syz.1.519'. [ 139.638877][ T6807] netlink: 40 bytes leftover after parsing attributes in process `syz.1.519'. [ 139.643086][ T6807] netlink: 872 bytes leftover after parsing attributes in process `syz.1.519'. [ 139.648730][ T6807] netlink: 'syz.1.519': attribute type 7 has an invalid length. [ 139.652350][ T6807] netlink: 15 bytes leftover after parsing attributes in process `syz.1.519'. [ 141.440175][ T6817] serio: Serial port pts0 [ 141.697639][ T6820] netlink: 'syz.1.523': attribute type 16 has an invalid length. [ 141.701727][ T6820] netlink: 48 bytes leftover after parsing attributes in process `syz.1.523'. [ 141.714325][ T6820] bridge0: port 1(bridge_slave_0) entered disabled state [ 141.742951][ T6822] netlink: 4 bytes leftover after parsing attributes in process `syz.2.524'. [ 142.236297][ T6831] syzkaller0: entered promiscuous mode [ 142.239077][ T6831] syzkaller0: entered allmulticast mode [ 142.961350][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961380][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961398][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961414][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961430][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961447][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961464][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961480][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961495][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961511][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961526][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961543][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961559][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961575][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961592][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961607][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961625][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961641][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961657][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961673][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961690][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961706][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961722][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961738][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961754][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961771][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961791][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961807][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961823][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961839][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961855][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.961871][ T59] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 142.964064][ T59] hid-generic 0000:0000:0000.0007: hidraw1: HID v0.00 Device [syz0] on syz0 [ 143.269530][ T8] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 143.478771][ T8] usb 5-1: config 0 has no interfaces? [ 143.478810][ T8] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 143.478829][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.489332][ T8] usb 5-1: config 0 descriptor?? [ 144.185358][ T6855] serio: Serial port pts0 [ 144.333858][ T6858] netlink: 'syz.3.535': attribute type 16 has an invalid length. [ 144.333877][ T6858] netlink: 48 bytes leftover after parsing attributes in process `syz.3.535'. [ 144.348325][ T6858] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.918748][ T59] usb 5-1: USB disconnect, device number 6 [ 145.221857][ T6877] syzkaller0: entered promiscuous mode [ 145.243718][ T6877] syzkaller0: entered allmulticast mode [ 145.952393][ T5217] Bluetooth: Unknown BR/EDR signaling command 0x0c [ 145.955029][ T5217] Bluetooth: Wrong link type (-22) [ 145.991105][ T6898] netlink: 16 bytes leftover after parsing attributes in process `syz.2.550'. [ 147.482190][ T6930] netlink: 8 bytes leftover after parsing attributes in process `syz.3.565'. [ 147.487465][ T6930] netlink: 16 bytes leftover after parsing attributes in process `syz.3.565'. [ 147.499080][ T6930] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 34949 - 0 [ 147.502444][ T6928] serio: Serial port pts0 [ 147.503602][ T6930] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 34949 - 0 [ 147.510820][ T6930] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 34949 - 0 [ 147.520020][ T6930] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 34949 - 0 [ 147.563924][ T6930] netlink: 4 bytes leftover after parsing attributes in process `syz.3.565'. [ 147.590280][ T6930] netdevsim netdevsim3 netdevsim0: unset [1, 1] type 2 family 0 port 34949 - 0 [ 147.594005][ T6930] netdevsim netdevsim3 netdevsim1: unset [1, 1] type 2 family 0 port 34949 - 0 [ 147.607956][ T6930] netdevsim netdevsim3 netdevsim2: unset [1, 1] type 2 family 0 port 34949 - 0 [ 147.652300][ T6930] netdevsim netdevsim3 netdevsim3: unset [1, 1] type 2 family 0 port 34949 - 0 [ 147.964383][ T6936] netlink: 132 bytes leftover after parsing attributes in process `syz.3.567'. [ 148.703958][ T6944] netlink: 8 bytes leftover after parsing attributes in process `syz.0.570'. [ 150.467504][ T6980] syzkaller0: entered promiscuous mode [ 150.470094][ T6980] syzkaller0: entered allmulticast mode [ 151.205414][ T7002] netlink: 132 bytes leftover after parsing attributes in process `syz.3.588'. [ 151.460344][ T7006] ALSA: seq fatal error: cannot create timer (-22) [ 151.764720][ T7021] netlink: 132 bytes leftover after parsing attributes in process `syz.1.597'. [ 151.891506][ T7029] ALSA: seq fatal error: cannot create timer (-22) [ 152.316809][ T7030] block nbd2: shutting down sockets [ 153.243229][ T7079] ALSA: seq fatal error: cannot create timer (-22) [ 153.473594][ T7070] syzkaller0: entered promiscuous mode [ 153.516333][ T7070] syzkaller0: entered allmulticast mode [ 154.002186][ T7093] block nbd2: shutting down sockets [ 154.437080][ T7115] (syz.2.619,7115,3):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options [ 154.441227][ T7115] (syz.2.619,7115,3):ocfs2_fill_super:1178 ERROR: status = -22 [ 154.526368][ T7117] ALSA: seq fatal error: cannot create timer (-22) [ 154.870734][ T5217] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 154.877263][ T5217] Bluetooth: hci4: Injecting HCI hardware error event [ 154.884493][ T5217] Bluetooth: hci4: hardware error 0x00 [ 155.064228][ T5571] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 155.257349][ T5571] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 155.274787][ T5571] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 155.288374][ T5571] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 155.292504][ T5571] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 155.319562][ T5571] usb 7-1: SerialNumber: syz [ 155.554724][ T7123] fuse: Unknown parameter 'goup_id' [ 155.589629][ T5571] usb 7-1: 0:2 : does not exist [ 155.593966][ T5571] usb 7-1: unit 5: unexpected type 0x09 [ 155.610647][ T5571] usb 7-1: USB disconnect, device number 5 [ 155.732849][ T5225] Bluetooth: unknown link type 32 [ 155.737497][ T5225] Bluetooth: hci0: connection err: -111 [ 155.895457][ T5755] udevd[5755]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 155.997260][ T7136] netlink: 8 bytes leftover after parsing attributes in process `syz.1.629'. [ 156.945257][ T5217] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 158.482477][ T7161] team0: Port device virt_wifi0 added [ 161.439145][ T7188] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 161.755142][ T58] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 161.762479][ T5217] Bluetooth: Unexpected start frame (len 32) [ 162.274359][ T7201] block nbd0: shutting down sockets [ 162.290111][ T58] usb 6-1: too many configurations: 12, using maximum allowed: 8 [ 162.419116][ T58] usb 6-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e [ 162.423262][ T58] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.465406][ T58] usb 6-1: config 0 descriptor?? [ 162.749556][ T7227] Process accounting resumed [ 163.023847][ T7231] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(9) [ 163.026919][ T7231] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 163.114532][ T7231] vhci_hcd vhci_hcd.0: Device attached [ 163.331745][ T5254] vhci_hcd: vhci_device speed not set [ 163.405107][ T5254] usb 15-2: new full-speed USB device number 3 using vhci_hcd [ 163.544749][ T5256] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 163.734511][ T5256] usb 5-1: Using ep0 maxpacket: 16 [ 163.744005][ T5256] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 163.761948][ T5256] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 163.793608][ T5256] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.816880][ T5256] usb 5-1: config 0 descriptor?? [ 164.071614][ T7236] PKCS7: Unknown OID: [4] (bad) [ 164.081483][ T7236] PKCS7: Only support pkcs7_signedData type [ 164.159090][ T7236] netlink: 12 bytes leftover after parsing attributes in process `syz.0.657'. [ 164.471466][ T7236] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 164.484299][ T7236] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 164.694419][ T5217] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 164.697951][ T5217] Bluetooth: hci0: Injecting HCI hardware error event [ 164.702174][ T5217] Bluetooth: hci0: hardware error 0x00 [ 165.024333][ T5256] usbhid 5-1:0.0: can't add hid device: -71 [ 165.026784][ T5256] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 165.053918][ T5256] usb 5-1: USB disconnect, device number 7 [ 166.774389][ T5217] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 167.544264][ T7264] netlink: 28 bytes leftover after parsing attributes in process `syz.3.667'. [ 167.585913][ T58] usb 6-1: string descriptor 0 read error: -32 [ 168.062309][ T7281] netlink: 24 bytes leftover after parsing attributes in process `syz.3.670'. [ 168.072089][ T7281] netlink: 8 bytes leftover after parsing attributes in process `syz.3.670'. [ 168.264054][ T7286] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.671'. [ 168.445397][ T7232] vhci_hcd: connection reset by peer [ 168.452730][ T40] vhci_hcd: stop threads [ 168.455307][ T40] vhci_hcd: release socket [ 168.458722][ T58] usb 6-1: USB disconnect, device number 9 [ 168.464272][ T40] vhci_hcd: disconnect device [ 168.554775][ T5254] vhci_hcd: vhci_device speed not set [ 169.152223][ T7305] netlink: 24 bytes leftover after parsing attributes in process `syz.0.680'. [ 169.159282][ T7305] netlink: 8 bytes leftover after parsing attributes in process `syz.0.680'. [ 169.254072][ T7303] netlink: 28 bytes leftover after parsing attributes in process `syz.3.679'. [ 169.490215][ T7313] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 169.884445][ T57] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 170.075432][ T57] usb 5-1: too many configurations: 12, using maximum allowed: 8 [ 170.091918][ T57] usb 5-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e [ 170.096694][ T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.101209][ T57] usb 5-1: config 0 descriptor?? [ 170.470787][ T7334] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(9) [ 170.478441][ T7334] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 170.482865][ T7334] vhci_hcd vhci_hcd.0: Device attached [ 170.724511][ T2676] vhci_hcd: vhci_device speed not set [ 170.791363][ T7341] netlink: 24 bytes leftover after parsing attributes in process `syz.1.690'. [ 170.804459][ T2676] usb 13-2: new full-speed USB device number 2 using vhci_hcd [ 170.806417][ T7341] netlink: 8 bytes leftover after parsing attributes in process `syz.1.690'. [ 170.955983][ T7347] bad cache= option: none [ 170.955983][ T7347] [ 170.959172][ T7347] CIFS: VFS: bad cache= option: none [ 171.528231][ T7358] syzkaller0: entered promiscuous mode [ 171.531355][ T7358] syzkaller0: entered allmulticast mode [ 171.538060][ C2] hrtimer: interrupt took 2142837 ns [ 172.690465][ T7367] netlink: 3 bytes leftover after parsing attributes in process `syz.2.701'. [ 172.996135][ T7377] bad cache= option: none [ 172.996135][ T7377] [ 172.999425][ T7377] CIFS: VFS: bad cache= option: none [ 173.059156][ T7375] netlink: 28 bytes leftover after parsing attributes in process `syz.2.704'. [ 173.996968][ T7391] syzkaller0: entered promiscuous mode [ 174.004194][ T7335] vhci_hcd: connection reset by peer [ 174.004267][ T7391] syzkaller0: entered allmulticast mode [ 174.005455][ T57] usb 5-1: string descriptor 0 read error: -71 [ 174.008479][ T57] usb 5-1: USB disconnect, device number 8 [ 174.027021][ T1092] vhci_hcd: stop threads [ 174.029066][ T1092] vhci_hcd: release socket [ 174.035247][ T1092] vhci_hcd: disconnect device [ 174.290863][ T7397] netlink: 'syz.0.713': attribute type 4 has an invalid length. [ 174.360578][ T7401] bad cache= option: none [ 174.360578][ T7401] [ 174.363638][ T7401] CIFS: VFS: bad cache= option: none [ 174.639275][ T7413] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.720'. [ 175.894309][ T2676] vhci_hcd: vhci_device speed not set [ 175.972441][ T7442] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.730'. [ 176.633445][ T7458] netlink: 3 bytes leftover after parsing attributes in process `syz.3.733'. [ 176.924527][ T7445] netlink: 32 bytes leftover after parsing attributes in process `syz.2.731'. [ 176.965114][ T7462] program syz.3.735 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 177.188821][ T7465] Process accounting resumed [ 177.968980][ T1193] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.116071][ T1193] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.248852][ T1193] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.365536][ T1193] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 178.577822][ T5225] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 178.583673][ T5225] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 178.588159][ T5225] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 178.595171][ T5225] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 178.600043][ T5225] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 178.603617][ T5225] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 178.676122][ T1193] bridge_slave_1: left allmulticast mode [ 178.679400][ T1193] bridge_slave_1: left promiscuous mode [ 178.683463][ T1193] bridge0: port 2(bridge_slave_1) entered disabled state [ 178.734443][ T1193] bridge_slave_0: left allmulticast mode [ 178.737079][ T1193] bridge_slave_0: left promiscuous mode [ 178.739552][ T1193] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.419338][ T1193] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 179.446700][ T1193] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 179.457027][ T1193] bond0 (unregistering): Released all slaves [ 179.488533][ T1193] bond1 (unregistering): Released all slaves [ 179.569778][ T7488] netlink: 32 bytes leftover after parsing attributes in process `syz.2.746'. [ 179.637241][ T1193] tipc: Disabling bearer [ 179.643105][ T1193] tipc: Left network mode [ 180.222490][ T7485] chnl_net:caif_netlink_parms(): no params data found [ 180.563635][ T1193] hsr_slave_0: left promiscuous mode [ 180.572829][ T1193] hsr_slave_1: left promiscuous mode [ 180.579276][ T1193] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 180.582644][ T1193] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 180.588029][ T1193] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 180.591778][ T1193] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 180.669842][ T1193] veth1_macvtap: left promiscuous mode [ 180.673076][ T1193] veth0_macvtap: left promiscuous mode [ 180.677150][ T1193] veth1_vlan: left promiscuous mode [ 180.694265][ T5225] Bluetooth: hci3: command tx timeout [ 181.851960][ T1193] team0 (unregistering): Port device team_slave_1 removed [ 181.952385][ T1193] team0 (unregistering): Port device team_slave_0 removed [ 182.787126][ T5225] Bluetooth: hci3: command tx timeout [ 182.992113][ T7518] bridge0: port 2(bridge_slave_1) entered disabled state [ 183.016865][ T7522] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.753'. [ 183.037144][ T7485] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.040878][ T7485] bridge0: port 1(bridge_slave_0) entered disabled state [ 183.044082][ T7485] bridge_slave_0: entered allmulticast mode [ 183.055132][ T7485] bridge_slave_0: entered promiscuous mode [ 183.061282][ T7485] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.065689][ T7485] bridge0: port 2(bridge_slave_1) entered disabled state [ 183.068659][ T7485] bridge_slave_1: entered allmulticast mode [ 183.071963][ T7485] bridge_slave_1: entered promiscuous mode [ 183.124104][ T7526] vivid-002: disconnect [ 183.154281][ T7524] vivid-002: reconnect [ 183.156228][ T7529] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 183.159008][ T7529] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 183.165332][ T7529] vhci_hcd vhci_hcd.0: Device attached [ 183.253228][ T7485] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 183.270478][ T7485] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 183.364706][ T59] vhci_hcd: vhci_device speed not set [ 183.374395][ T25] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 183.434837][ T7529] /dev/sr0: Can't open blockdev [ 183.439283][ T59] usb 19-1: new full-speed USB device number 3 using vhci_hcd [ 183.447201][ T7485] team0: Port device team_slave_0 added [ 183.464057][ T7485] team0: Port device team_slave_1 added [ 183.536878][ T7536] /dev/sr0: Can't open blockdev [ 183.573868][ T7485] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 183.577926][ T25] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 183.589593][ T7485] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 183.602043][ T25] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 183.607031][ T7485] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 183.614209][ T25] usb 7-1: Product: syz [ 183.615257][ T7530] vhci_hcd: connection reset by peer [ 183.615850][ T1086] vhci_hcd: stop threads [ 183.615879][ T1086] vhci_hcd: release socket [ 183.616265][ T1086] vhci_hcd: disconnect device [ 183.625789][ T7485] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 183.634516][ T25] usb 7-1: Manufacturer: syz [ 183.635683][ T7485] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 183.644561][ T25] usb 7-1: SerialNumber: syz [ 183.648048][ T7485] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 183.655454][ T25] usb 7-1: config 0 descriptor?? [ 183.869871][ T7485] hsr_slave_0: entered promiscuous mode [ 183.878181][ T25] usb 7-1: USB disconnect, device number 6 [ 183.901520][ T7485] hsr_slave_1: entered promiscuous mode [ 183.915557][ T7485] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 183.919807][ T7485] Cannot create hsr debugfs directory [ 184.854610][ T5225] Bluetooth: hci3: command tx timeout [ 184.902062][ T5385] bridge_slave_1: left allmulticast mode [ 184.905680][ T5385] bridge_slave_1: left promiscuous mode [ 184.908459][ T5385] bridge0: port 2(bridge_slave_1) entered disabled state [ 184.915379][ T5385] bridge_slave_0: left allmulticast mode [ 184.918869][ T5385] bridge_slave_0: left promiscuous mode [ 184.921587][ T5385] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.095627][ T7597] netlink: 9412 bytes leftover after parsing attributes in process `syz.2.774'. [ 185.580080][ T5385] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 185.586757][ T5385] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 185.592945][ T5385] bond0 (unregistering): Released all slaves [ 185.718381][ T5385] tipc: Left network mode [ 185.846704][ T5254] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 185.952693][ T7485] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 185.969074][ T7485] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 186.043463][ T7485] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 186.059471][ T5254] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 186.065671][ T7485] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 186.069045][ T5254] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.072428][ T5254] usb 7-1: Product: syz [ 186.074580][ T5254] usb 7-1: Manufacturer: syz [ 186.076841][ T5254] usb 7-1: SerialNumber: syz [ 186.082544][ T5254] usb 7-1: config 0 descriptor?? [ 186.262127][ T5385] hsr_slave_0: left promiscuous mode [ 186.284515][ T5385] hsr_slave_1: left promiscuous mode [ 186.299867][ T5385] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 186.303254][ T5385] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 186.319765][ T5385] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 186.323600][ T5385] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 186.331235][ T5257] usb 7-1: USB disconnect, device number 7 [ 186.483521][ T5385] veth1_macvtap: left promiscuous mode [ 186.486190][ T5385] veth0_macvtap: left promiscuous mode [ 186.508093][ T5385] veth1_vlan: left promiscuous mode [ 186.510447][ T39] audit: type=1804 audit(1721727246.016:15): pid=7635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.789" name="/newroot/189/file0/bus/bus" dev="overlay" ino=11 res=1 errno=0 [ 186.516050][ T7635] Invalid ELF header magic: != ELF [ 186.522820][ T5385] veth0_vlan: left promiscuous mode [ 186.934454][ T5225] Bluetooth: hci3: command tx timeout [ 187.323395][ T7655] ptrace attach of "/syz-executor exec"[6349] was attempted by "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 187.412565][ T7657] vivid-004: disconnect [ 187.471493][ T7656] vivid-004: reconnect [ 187.792418][ T5385] team0 (unregistering): Port device team_slave_1 removed [ 187.929915][ T5385] team0 (unregistering): Port device team_slave_0 removed [ 188.535846][ T59] vhci_hcd: vhci_device speed not set [ 188.917336][ T7649] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.089427][ T7485] 8021q: adding VLAN 0 to HW filter on device bond0 [ 189.108180][ T7485] 8021q: adding VLAN 0 to HW filter on device team0 [ 189.120932][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.123895][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 189.138816][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.141913][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 189.438125][ T7685] ptrace attach of "/syz-executor exec"[6349] was attempted by "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 189.440904][ T7485] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 189.535818][ T7485] veth0_vlan: entered promiscuous mode [ 189.563129][ T7485] veth1_vlan: entered promiscuous mode [ 189.604628][ T7485] veth0_macvtap: entered promiscuous mode [ 189.611776][ T7485] veth1_macvtap: entered promiscuous mode [ 189.628151][ T7485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 189.632747][ T7485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.637206][ T7485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 189.642200][ T7485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.647189][ T7485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 189.652142][ T7485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.657250][ T7485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 189.661838][ T7485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.670352][ T7485] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 189.681698][ T7485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 189.686151][ T7485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.690558][ T7485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 189.695965][ T7485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.701318][ T7485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 189.708012][ T7485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.713197][ T7485] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 189.718829][ T7485] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.725607][ T7485] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 189.732956][ T7485] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.738096][ T7485] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.741630][ T7485] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.745647][ T7485] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.877102][ T39] audit: type=1326 audit(1721727249.376:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7701 comm="syz.2.809" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 189.892948][ T39] audit: type=1326 audit(1721727249.376:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7701 comm="syz.2.809" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 189.900884][ T5385] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.910493][ T39] audit: type=1326 audit(1721727249.396:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7701 comm="syz.2.809" exe="/syz-executor" sig=0 arch=40000003 syscall=97 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 189.925612][ T39] audit: type=1326 audit(1721727249.396:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7701 comm="syz.2.809" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 189.934199][ T39] audit: type=1326 audit(1721727249.396:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7701 comm="syz.2.809" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 189.961250][ T39] audit: type=1326 audit(1721727249.396:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7701 comm="syz.2.809" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 189.985468][ T39] audit: type=1326 audit(1721727249.396:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7701 comm="syz.2.809" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 190.001087][ T39] audit: type=1326 audit(1721727249.396:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7701 comm="syz.2.809" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 190.013411][ T39] audit: type=1326 audit(1721727249.396:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7701 comm="syz.2.809" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 190.035478][ T5385] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.059320][ T1085] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.062634][ T1085] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.095621][ T5217] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 190.101846][ T5217] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 190.107341][ T5217] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 190.113942][ T1086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 190.113952][ T5217] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 190.121714][ T1086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 190.126871][ T5217] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 190.134054][ T5217] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 190.165325][ T5385] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.270913][ T5385] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.336435][ T7716] program syz.0.744 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 190.515927][ T7709] chnl_net:caif_netlink_parms(): no params data found [ 190.660955][ T5385] bridge_slave_1: left allmulticast mode [ 190.663604][ T7726] Invalid ELF header magic: != ELF [ 190.663719][ T5385] bridge_slave_1: left promiscuous mode [ 190.670197][ T5385] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.672370][ T5385] bridge_slave_0: left promiscuous mode [ 190.672464][ T5385] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.069347][ T7737] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 191.141231][ T5385] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 191.159969][ T5385] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 191.167569][ T5385] bond0 (unregistering): Released all slaves [ 191.341943][ T7709] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.346081][ T7709] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.350006][ T7709] bridge_slave_0: entered allmulticast mode [ 191.353987][ T7709] bridge_slave_0: entered promiscuous mode [ 191.391653][ T7709] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.395882][ T7709] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.399155][ T7709] bridge_slave_1: entered allmulticast mode [ 191.403407][ T7709] bridge_slave_1: entered promiscuous mode [ 191.487973][ T7709] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 191.524029][ T7709] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.606084][ T5385] hsr_slave_0: left promiscuous mode [ 191.610691][ T5385] hsr_slave_1: left promiscuous mode [ 191.614783][ T5385] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 191.618121][ T5385] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 191.621762][ T5385] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 191.626308][ T5385] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 191.695584][ T5385] veth1_macvtap: left promiscuous mode [ 191.698398][ T5385] veth0_macvtap: left promiscuous mode [ 191.701225][ T5385] veth1_vlan: left promiscuous mode [ 192.226692][ T5217] Bluetooth: hci0: command tx timeout [ 192.361280][ T39] kauditd_printk_skb: 59 callbacks suppressed [ 192.361295][ T39] audit: type=1326 audit(1721727251.866:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7748 comm="syz.2.817" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 192.373472][ T39] audit: type=1326 audit(1721727251.866:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7748 comm="syz.2.817" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 192.386400][ T39] audit: type=1326 audit(1721727251.896:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7748 comm="syz.2.817" exe="/syz-executor" sig=0 arch=40000003 syscall=97 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 192.397309][ T39] audit: type=1326 audit(1721727251.896:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7748 comm="syz.2.817" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 192.454655][ T39] audit: type=1326 audit(1721727251.896:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7748 comm="syz.2.817" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 192.471567][ T39] audit: type=1326 audit(1721727251.896:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7748 comm="syz.2.817" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 192.486026][ T39] audit: type=1326 audit(1721727251.896:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7748 comm="syz.2.817" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 192.496550][ T39] audit: type=1326 audit(1721727251.896:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7748 comm="syz.2.817" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 192.505589][ T39] audit: type=1326 audit(1721727251.896:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7748 comm="syz.2.817" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 192.513674][ T39] audit: type=1326 audit(1721727251.896:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7748 comm="syz.2.817" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 192.816883][ T5385] team0 (unregistering): Port device team_slave_1 removed [ 192.916145][ T5385] team0 (unregistering): Port device team_slave_0 removed [ 193.748369][ T7709] team0: Port device team_slave_0 added [ 193.839241][ T7709] team0: Port device team_slave_1 added [ 193.901749][ T7709] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 193.905458][ T7709] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 193.917678][ T7709] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 193.923391][ T7709] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 193.927020][ T7709] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 193.942161][ T7709] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 194.045475][ T7791] netlink: 'syz.3.832': attribute type 1 has an invalid length. [ 194.053839][ T7791] netlink: 244 bytes leftover after parsing attributes in process `syz.3.832'. [ 194.068106][ T7709] hsr_slave_0: entered promiscuous mode [ 194.077826][ T7781] Invalid ELF header magic: != ELF [ 194.079664][ T7709] hsr_slave_1: entered promiscuous mode [ 194.294566][ T5217] Bluetooth: hci0: command tx timeout [ 194.720088][ T7829] Invalid ELF header magic: != ELF [ 194.850336][ T7709] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 194.886157][ T7709] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 194.897366][ T7709] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 194.906483][ T7709] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 194.979008][ T7709] 8021q: adding VLAN 0 to HW filter on device bond0 [ 195.027014][ T7709] 8021q: adding VLAN 0 to HW filter on device team0 [ 195.043440][ T5259] bridge0: port 1(bridge_slave_0) entered blocking state [ 195.046670][ T5259] bridge0: port 1(bridge_slave_0) entered forwarding state [ 195.057593][ T5259] bridge0: port 2(bridge_slave_1) entered blocking state [ 195.060724][ T5259] bridge0: port 2(bridge_slave_1) entered forwarding state [ 195.333577][ T7709] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 195.372867][ T7709] veth0_vlan: entered promiscuous mode [ 195.382623][ T7709] veth1_vlan: entered promiscuous mode [ 195.471174][ T7709] veth0_macvtap: entered promiscuous mode [ 195.482072][ T7709] veth1_macvtap: entered promiscuous mode [ 195.498081][ T7709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.503077][ T7709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.514089][ T7709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.520465][ T7709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.520482][ T7709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.520496][ T7709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.520508][ T7709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 195.520520][ T7709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.522455][ T7709] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 195.560801][ T7709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.569044][ T7709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.573249][ T7709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.584944][ T7709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.589087][ T7709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.593602][ T7709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.606549][ T7709] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.610985][ T7709] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.622767][ T7709] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 195.633696][ T7709] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.644686][ T7709] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.651326][ T7709] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.659979][ T7709] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.824022][ T1085] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 195.828905][ T1085] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 195.873621][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 195.881961][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 196.390328][ T5217] Bluetooth: hci0: command tx timeout [ 197.456497][ T7922] netlink: 40 bytes leftover after parsing attributes in process `syz.0.873'. [ 198.454880][ T5217] Bluetooth: hci0: command tx timeout [ 199.751386][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.754512][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.801865][ C2] vkms_vblank_simulate: vblank timer overrun [ 201.736771][ T7966] netlink: 40 bytes leftover after parsing attributes in process `syz.1.890'. [ 201.968274][ T7969] dccp_xmit_packet: Payload too large (65475) for featneg. [ 202.025875][ T7971] netlink: 4 bytes leftover after parsing attributes in process `syz.0.892'. [ 202.035658][ T7971] netlink: 72 bytes leftover after parsing attributes in process `syz.0.892'. [ 202.039875][ T7971] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check. [ 204.364747][ T5257] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 204.486056][ T7994] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.898'. [ 205.685139][ T8002] netlink: 4 bytes leftover after parsing attributes in process `syz.0.901'. [ 205.689280][ T8002] netlink: 72 bytes leftover after parsing attributes in process `syz.0.901'. [ 205.693422][ T8002] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check. [ 207.175215][ T5225] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 207.181078][ T5225] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 207.187155][ T5225] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 207.191505][ T5225] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 207.195498][ T5225] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 207.198906][ T5225] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 207.352685][ T8025] chnl_net:caif_netlink_parms(): no params data found [ 207.392798][ T1092] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.527808][ T1092] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.599770][ T1092] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.607257][ T8025] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.611505][ T8025] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.619769][ T8025] bridge_slave_0: entered allmulticast mode [ 207.623157][ T8025] bridge_slave_0: entered promiscuous mode [ 207.629200][ T8025] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.632033][ T8025] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.640859][ T8025] bridge_slave_1: entered allmulticast mode [ 207.644964][ T8025] bridge_slave_1: entered promiscuous mode [ 207.728709][ T1092] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.746277][ T8025] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 207.753645][ T8025] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 207.818054][ T8025] team0: Port device team_slave_0 added [ 207.823660][ T8025] team0: Port device team_slave_1 added [ 207.897323][ T8025] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 207.900165][ T8025] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 207.911306][ T8025] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 207.919767][ T8038] netlink: 4 bytes leftover after parsing attributes in process `syz.1.911'. [ 207.926597][ T8038] netlink: 72 bytes leftover after parsing attributes in process `syz.1.911'. [ 207.930822][ T8038] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check. [ 207.976334][ T8025] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 207.979377][ T8025] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.004254][ T8025] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 208.190865][ T1092] bridge_slave_1: left allmulticast mode [ 208.193432][ T1092] bridge_slave_1: left promiscuous mode [ 208.196837][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state [ 208.210175][ T1092] bridge_slave_0: left promiscuous mode [ 208.212707][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.404527][ T5257] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 208.594195][ T5257] usb 6-1: Using ep0 maxpacket: 8 [ 208.598218][ T5257] usb 6-1: config 0 has no interfaces? [ 208.600520][ T5257] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 208.605535][ T5257] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.610993][ T5257] usb 6-1: config 0 descriptor?? [ 208.642439][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 208.652662][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 208.664752][ T1092] bond0 (unregistering): Released all slaves [ 208.740133][ T8025] hsr_slave_0: entered promiscuous mode [ 208.744090][ T5225] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 208.770933][ T5225] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 208.781810][ T5225] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 208.784796][ T8025] hsr_slave_1: entered promiscuous mode [ 208.792803][ T8025] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 208.796581][ T5225] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 208.797304][ T8025] Cannot create hsr debugfs directory [ 208.805571][ T5225] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 208.808068][ T1092] tipc: Disabling bearer [ 208.811886][ T5225] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 208.812952][ T1092] tipc: Left network mode [ 208.853434][ T5257] usb 6-1: USB disconnect, device number 11 [ 209.264674][ T5225] Bluetooth: hci1: command tx timeout [ 209.308962][ T1092] hsr_slave_0: left promiscuous mode [ 209.324171][ T1092] hsr_slave_1: left promiscuous mode [ 209.327137][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 209.330200][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 209.346370][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 209.349870][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 209.434808][ T1092] veth1_macvtap: left promiscuous mode [ 209.437464][ T1092] veth0_macvtap: left promiscuous mode [ 209.440352][ T1092] veth1_vlan: left promiscuous mode [ 209.442856][ T1092] veth0_vlan: left promiscuous mode [ 210.486418][ T8076] netlink: 9412 bytes leftover after parsing attributes in process `syz.0.921'. [ 210.578373][ T1092] team0 (unregistering): Port device team_slave_1 removed [ 210.668205][ T1092] team0 (unregistering): Port device team_slave_0 removed [ 210.866969][ T5225] Bluetooth: hci2: command tx timeout [ 211.344247][ T5225] Bluetooth: hci1: command tx timeout [ 211.478328][ T8047] chnl_net:caif_netlink_parms(): no params data found [ 211.705872][ T30] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 211.777672][ T8047] bridge0: port 1(bridge_slave_0) entered blocking state [ 211.783200][ T8047] bridge0: port 1(bridge_slave_0) entered disabled state [ 211.793302][ T8047] bridge_slave_0: entered allmulticast mode [ 211.809022][ T8047] bridge_slave_0: entered promiscuous mode [ 211.818197][ T8047] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.821130][ T8047] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.825812][ T8047] bridge_slave_1: entered allmulticast mode [ 211.829478][ T8047] bridge_slave_1: entered promiscuous mode [ 211.908858][ T30] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 211.918291][ T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 211.924364][ T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 211.938348][ T30] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 211.950837][ T8047] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 211.958229][ T8047] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 211.961722][ T30] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 211.985509][ T30] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 211.992264][ T30] usb 5-1: Manufacturer: syz [ 212.000712][ T30] usb 5-1: config 0 descriptor?? [ 212.052364][ T8047] team0: Port device team_slave_0 added [ 212.059592][ T8047] team0: Port device team_slave_1 added [ 212.091405][ T8025] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 212.098510][ T8025] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 212.109778][ T8025] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 212.118906][ T8025] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 212.160300][ T8047] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 212.163405][ T8047] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.179559][ T8047] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 212.188148][ T8047] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 212.191321][ T8047] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.204911][ T8047] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 212.355510][ T8047] hsr_slave_0: entered promiscuous mode [ 212.362118][ T8047] hsr_slave_1: entered promiscuous mode [ 212.367905][ T8047] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 212.371361][ T8047] Cannot create hsr debugfs directory [ 212.435505][ T30] appleir 0003:05AC:8243.0008: unknown main item tag 0x0 [ 212.441025][ T30] appleir 0003:05AC:8243.0008: No inputs registered, leaving [ 212.474041][ T30] appleir 0003:05AC:8243.0008: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 212.559388][ T1092] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.733406][ T35] usb 5-1: USB disconnect, device number 9 [ 212.752967][ T8109] netlink: 60 bytes leftover after parsing attributes in process `syz.1.928'. [ 212.766840][ T1092] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.820668][ T8109] Κό: entered promiscuous mode [ 212.909697][ T1092] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.935169][ T5225] Bluetooth: hci2: command tx timeout [ 213.050115][ T1092] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.062211][ T8025] 8021q: adding VLAN 0 to HW filter on device bond0 [ 213.098665][ T8025] 8021q: adding VLAN 0 to HW filter on device team0 [ 213.107175][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.110389][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 213.121490][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 213.124673][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 213.219195][ T1092] bridge_slave_1: left allmulticast mode [ 213.221501][ T1092] bridge_slave_1: left promiscuous mode [ 213.223929][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.229803][ T1092] bridge_slave_0: left allmulticast mode [ 213.231887][ T1092] bridge_slave_0: left promiscuous mode [ 213.234055][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.257389][ T1092] bridge_slave_1: left allmulticast mode [ 213.259794][ T1092] bridge_slave_1: left promiscuous mode [ 213.262279][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.288210][ T1092] bridge_slave_0: left promiscuous mode [ 213.290737][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.323069][ T8120] capability: warning: `syz.0.929' uses 32-bit capabilities (legacy support in use) [ 213.373418][ T8119] qrtr: Invalid version 0 [ 213.414920][ T5225] Bluetooth: hci1: command tx timeout [ 214.056805][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 214.066268][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 214.073108][ T1092] bond0 (unregistering): Released all slaves [ 214.195023][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 214.202189][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 214.212550][ T1092] bond0 (unregistering): Released all slaves [ 214.233129][ T1092] bond1 (unregistering): Released all slaves [ 214.363273][ T8025] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 214.565182][ T8025] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 214.751379][ T8047] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 214.759000][ T8047] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 214.795237][ T8047] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 214.801904][ T8047] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 214.839883][ T8025] veth0_vlan: entered promiscuous mode [ 214.866628][ T8025] veth1_vlan: entered promiscuous mode [ 214.953612][ T8025] veth0_macvtap: entered promiscuous mode [ 214.968528][ T8025] veth1_macvtap: entered promiscuous mode [ 215.014879][ T5225] Bluetooth: hci2: command tx timeout [ 215.039298][ T1092] hsr_slave_0: left promiscuous mode [ 215.048948][ T1092] hsr_slave_1: left promiscuous mode [ 215.052051][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 215.055449][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 215.065087][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 215.068532][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 215.087691][ T1092] hsr_slave_0: left promiscuous mode [ 215.090886][ T1092] hsr_slave_1: left promiscuous mode [ 215.093985][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 215.097692][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 215.101589][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 215.105908][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 215.192693][ T1092] veth1_macvtap: left promiscuous mode [ 215.195274][ T1092] veth0_macvtap: left promiscuous mode [ 215.197928][ T1092] veth1_vlan: left promiscuous mode [ 215.200856][ T1092] veth0_vlan: left promiscuous mode [ 215.207546][ T1092] veth1_macvtap: left promiscuous mode [ 215.210105][ T1092] veth0_macvtap: left promiscuous mode [ 215.212463][ T1092] veth1_vlan: left promiscuous mode [ 215.218012][ T1092] veth0_vlan: left promiscuous mode [ 215.443686][ T8155] 9pnet_fd: Insufficient options for proto=fd [ 215.472274][ T8155] Cannot find set identified by id 0 to match [ 215.502423][ T5225] Bluetooth: hci1: command tx timeout [ 216.271820][ T1092] team0 (unregistering): Port device team_slave_1 removed [ 216.354284][ T1092] team0 (unregistering): Port device team_slave_0 removed [ 216.894218][ T58] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 217.084302][ T58] usb 6-1: Using ep0 maxpacket: 32 [ 217.088890][ T58] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 217.096236][ T58] usb 6-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5 [ 217.100304][ T58] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 217.103924][ T58] usb 6-1: Product: syz [ 217.104388][ T5225] Bluetooth: hci2: command tx timeout [ 217.106805][ T58] usb 6-1: Manufacturer: syz [ 217.110214][ T58] usb 6-1: SerialNumber: syz [ 217.114383][ T58] usb 6-1: config 0 descriptor?? [ 217.117848][ T8163] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 217.217765][ T1092] team0 (unregistering): Port device virt_wifi0 removed [ 217.336736][ T58] usb 6-1: USB disconnect, device number 12 [ 217.704468][ T1092] team0 (unregistering): Port device team_slave_1 removed [ 217.772544][ T1092] team0 (unregistering): Port device team_slave_0 removed [ 218.453122][ T8025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 218.458561][ T8025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.462314][ T8025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 218.473994][ T8025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.481115][ T8025] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 218.494585][ T8025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 218.499135][ T8025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.503005][ T8025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 218.522297][ T8025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 218.529314][ T8025] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 218.537652][ T8025] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.541848][ T8025] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.545933][ T8025] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.549746][ T8025] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.560470][ T8047] 8021q: adding VLAN 0 to HW filter on device bond0 [ 218.575435][ T8047] 8021q: adding VLAN 0 to HW filter on device team0 [ 218.613242][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.616629][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 218.621985][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.625593][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 218.779075][ T1086] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 218.782372][ T1086] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.818090][ T1084] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 218.821594][ T1084] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.969373][ T8047] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 219.037053][ T8047] veth0_vlan: entered promiscuous mode [ 219.052878][ T8047] veth1_vlan: entered promiscuous mode [ 219.101362][ T8186] loop7: detected capacity change from 0 to 16384 [ 219.107918][ T8047] veth0_macvtap: entered promiscuous mode [ 219.115323][ T8047] veth1_macvtap: entered promiscuous mode [ 219.129508][ T8047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 219.133152][ T8047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.139250][ T8047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 219.147169][ T8047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.152043][ T8047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 219.157547][ T8047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.164884][ T8047] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 219.175897][ T8047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 219.188961][ T8047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.193351][ T8047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 219.199343][ T8047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.205116][ T8047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 219.210485][ T8047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 219.219638][ T8047] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 219.304809][ T8047] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.308914][ T8047] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.313267][ T8047] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.317697][ T8047] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 219.412429][ T1084] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.423253][ T1084] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 219.447864][ T5385] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 219.457728][ T5385] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 221.690031][ T8226] qrtr: Invalid version 0 [ 223.012281][ T8240] sch_fq: defrate 0 ignored. [ 223.117903][ T8243] 9pnet_fd: Insufficient options for proto=fd [ 223.145148][ T8243] Cannot find set identified by id 0 to match [ 223.526355][ T8254] input: syz0 as /devices/virtual/input/input8 [ 223.554084][ T8254] kcapi: manufacturer command 0 unknown. [ 223.819044][ T8266] netlink: 'syz.2.978': attribute type 1 has an invalid length. [ 225.111010][ T8292] kvm: pic: non byte read [ 225.128340][ T8292] kvm: pic: level sensitive irq not supported [ 225.128789][ T8292] kvm: pic: non byte read [ 225.303617][ T8303] netlink: 'syz.3.992': attribute type 1 has an invalid length. [ 225.444962][ T8309] qrtr: Invalid version 0 [ 225.638166][ T8318] dvmrp1: tun_chr_ioctl cmd 1074025677 [ 225.640866][ T8318] dvmrp1: linktype set to 1 [ 225.958159][ T8324] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1001'. [ 226.267874][ T8329] kvm: pic: non byte read [ 226.271233][ T8329] kvm: pic: level sensitive irq not supported [ 226.271604][ T8329] kvm: pic: non byte read [ 226.898136][ T8350] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1010'. [ 227.043328][ T8355] input: syz0 as /devices/virtual/input/input9 [ 227.136833][ T8355] kcapi: manufacturer command 0 unknown. [ 228.447804][ T8374] kAFS: Can only specify source 'none' with -o dyn [ 230.017256][ T8405] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1029'. [ 230.795775][ T8421] program syz.3.1035 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 231.912458][ T8449] kvm: pic: non byte write [ 231.915662][ T8449] kvm: pic: non byte write [ 231.919543][ T8449] kvm: pic: non byte write [ 231.922225][ T8449] kvm: pic: non byte write [ 231.925789][ T8449] kvm: pic: non byte write [ 231.928852][ T8449] kvm: pic: non byte write [ 232.049340][ T8447] syz.1.1036 (8447) used greatest stack depth: 20832 bytes left [ 232.083011][ T8458] [ 232.084000][ T8458] ====================================================== [ 232.086887][ T8458] WARNING: possible circular locking dependency detected [ 232.089674][ T8458] 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 Not tainted [ 232.093794][ T8458] ------------------------------------------------------ [ 232.097877][ T8458] syz.0.1048/8458 is trying to acquire lock: [ 232.100218][ T8458] ffff88803fffece0 (&pgdat->kswapd_wait){....}-{2:2}, at: __wake_up+0x1c/0x60 [ 232.103474][ T8458] [ 232.103474][ T8458] but task is already holding lock: [ 232.106605][ T8458] ffff8880265621f8 (&trie->lock){....}-{2:2}, at: trie_update_elem+0xc7/0xdb0 [ 232.110291][ T8458] [ 232.110291][ T8458] which lock already depends on the new lock. [ 232.110291][ T8458] [ 232.114758][ T8458] [ 232.114758][ T8458] the existing dependency chain (in reverse order) is: [ 232.118720][ T8458] [ 232.118720][ T8458] -> #3 (&trie->lock){....}-{2:2}: [ 232.121694][ T8458] _raw_spin_lock_irqsave+0x3a/0x60 [ 232.123834][ T8458] trie_delete_elem+0xb0/0x820 [ 232.125796][ T8458] 0xffffffffa0001e11 [ 232.127605][ T8458] bpf_trace_run4+0x245/0x5a0 [ 232.129636][ T8458] __traceiter_sched_switch+0x6c/0xc0 [ 232.131935][ T8458] __schedule+0x17cf/0x5490 [ 232.133897][ T8458] schedule+0xe7/0x350 [ 232.135964][ T8458] futex_wait_queue+0xfc/0x1f0 [ 232.138358][ T8458] __futex_wait+0x291/0x3c0 [ 232.140526][ T8458] futex_wait+0xe9/0x380 [ 232.142613][ T8458] do_futex+0x22b/0x350 [ 232.144593][ T8458] __ia32_sys_futex_time32+0x1da/0x460 [ 232.147015][ T8458] __do_fast_syscall_32+0x73/0x120 [ 232.149514][ T8458] do_fast_syscall_32+0x32/0x80 [ 232.151730][ T8458] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 232.154304][ T8458] [ 232.154304][ T8458] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 232.157073][ T8458] _raw_spin_lock_nested+0x31/0x40 [ 232.159698][ T8458] raw_spin_rq_lock_nested+0x29/0x130 [ 232.162137][ T8458] task_fork_fair+0x73/0x250 [ 232.164286][ T8458] sched_cgroup_fork+0x3cf/0x510 [ 232.166414][ T8458] copy_process+0x4710/0x6f50 [ 232.169015][ T8458] kernel_clone+0xfd/0x980 [ 232.171254][ T8458] user_mode_thread+0xb4/0xf0 [ 232.173592][ T8458] rest_init+0x23/0x2b0 [ 232.175567][ T8458] start_kernel+0x3df/0x4c0 [ 232.177593][ T8458] x86_64_start_reservations+0x18/0x30 [ 232.180083][ T8458] x86_64_start_kernel+0xb2/0xc0 [ 232.182502][ T8458] common_startup_64+0x13e/0x148 [ 232.184977][ T8458] [ 232.184977][ T8458] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 232.187923][ T8458] _raw_spin_lock_irqsave+0x3a/0x60 [ 232.190197][ T8458] try_to_wake_up+0x9a/0x13e0 [ 232.192212][ T8458] autoremove_wake_function+0x16/0x150 [ 232.194556][ T8458] __wake_up_common+0x131/0x1e0 [ 232.196961][ T8458] __wake_up+0x31/0x60 [ 232.198767][ T8458] wakeup_kswapd+0x45e/0x640 [ 232.200905][ T8458] get_page_from_freelist+0x9bb/0x2e50 [ 232.203244][ T8458] __alloc_pages_noprof+0x22b/0x2460 [ 232.205373][ T8458] alloc_pages_mpol_noprof+0x275/0x610 [ 232.207541][ T8458] __vmalloc_node_range_noprof+0xa6a/0x1520 [ 232.210009][ T8458] vmalloc_user_noprof+0x6b/0x90 [ 232.212117][ T8458] kcov_ioctl+0x4f/0x730 [ 232.214083][ T8458] __do_compat_sys_ioctl+0x2c3/0x330 [ 232.216553][ T8458] __do_fast_syscall_32+0x73/0x120 [ 232.218709][ T8458] do_fast_syscall_32+0x32/0x80 [ 232.220849][ T8458] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 232.223478][ T8458] [ 232.223478][ T8458] -> #0 (&pgdat->kswapd_wait){....}-{2:2}: [ 232.226536][ T8458] __lock_acquire+0x24ed/0x3cb0 [ 232.228606][ T8458] lock_acquire+0x1b1/0x560 [ 232.230656][ T8458] _raw_spin_lock_irqsave+0x3a/0x60 [ 232.232841][ T8458] __wake_up+0x1c/0x60 [ 232.234726][ T8458] wakeup_kswapd+0x45e/0x640 [ 232.236675][ T8458] get_page_from_freelist+0x9bb/0x2e50 [ 232.239097][ T8458] __alloc_pages_noprof+0x22b/0x2460 [ 232.241485][ T8458] ___kmalloc_large_node+0x7f/0x1a0 [ 232.243777][ T8458] __kmalloc_large_node_noprof+0x1c/0x70 [ 232.246014][ T8458] __kmalloc_node_noprof.cold+0x5/0x5f [ 232.248095][ T8458] bpf_map_kmalloc_node+0x98/0x4a0 [ 232.250067][ T8458] trie_update_elem+0x1ef/0xdb0 [ 232.251945][ T8458] bpf_map_update_value+0x2c1/0x6c0 [ 232.254083][ T8458] generic_map_update_batch+0x454/0x5f0 [ 232.256557][ T8458] bpf_map_do_batch+0x615/0x6e0 [ 232.258678][ T8458] __sys_bpf+0x1fad/0x5600 [ 232.260664][ T8458] __ia32_sys_bpf+0x76/0xe0 [ 232.262647][ T8458] __do_fast_syscall_32+0x73/0x120 [ 232.264886][ T8458] do_fast_syscall_32+0x32/0x80 [ 232.267074][ T8458] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 232.269850][ T8458] [ 232.269850][ T8458] other info that might help us debug this: [ 232.269850][ T8458] [ 232.273913][ T8458] Chain exists of: [ 232.273913][ T8458] &pgdat->kswapd_wait --> &rq->__lock --> &trie->lock [ 232.273913][ T8458] [ 232.278563][ T8458] Possible unsafe locking scenario: [ 232.278563][ T8458] [ 232.281533][ T8458] CPU0 CPU1 [ 232.283672][ T8458] ---- ---- [ 232.285867][ T8458] lock(&trie->lock); [ 232.287544][ T8458] lock(&rq->__lock); [ 232.290522][ T8458] lock(&trie->lock); [ 232.293362][ T8458] lock(&pgdat->kswapd_wait); [ 232.295393][ T8458] [ 232.295393][ T8458] *** DEADLOCK *** [ 232.295393][ T8458] [ 232.298593][ T8458] 2 locks held by syz.0.1048/8458: [ 232.300725][ T8458] #0: ffffffff8dbb89a0 (rcu_read_lock){....}-{1:2}, at: bpf_map_update_value+0x24b/0x6c0 [ 232.304738][ T8458] #1: ffff8880265621f8 (&trie->lock){....}-{2:2}, at: trie_update_elem+0xc7/0xdb0 [ 232.309148][ T8458] [ 232.309148][ T8458] stack backtrace: [ 232.311524][ T8458] CPU: 3 UID: 0 PID: 8458 Comm: syz.0.1048 Not tainted 6.10.0-syzkaller-12030-g66ebbdfdeb09 #0 [ 232.316124][ T8458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 232.320552][ T8458] Call Trace: [ 232.322130][ T8458] [ 232.323366][ T8458] dump_stack_lvl+0x116/0x1f0 [ 232.325537][ T8458] check_noncircular+0x31a/0x400 [ 232.327717][ T8458] ? __pfx_check_noncircular+0x10/0x10 [ 232.329927][ T8458] ? mark_lock+0xb5/0xc60 [ 232.331667][ T8458] ? mark_lock+0xb5/0xc60 [ 232.333404][ T8458] ? __lock_acquire+0xbdd/0x3cb0 [ 232.335406][ T8458] ? lockdep_lock+0xc6/0x200 [ 232.337446][ T8458] ? __pfx_lockdep_lock+0x10/0x10 [ 232.339780][ T8458] __lock_acquire+0x24ed/0x3cb0 [ 232.341783][ T8458] ? __pfx___lock_acquire+0x10/0x10 [ 232.343906][ T8458] ? set_pfnblock_flags_mask+0x290/0x480 [ 232.346222][ T8458] ? __mod_zone_page_state+0xcc/0x1a0 [ 232.348570][ T8458] lock_acquire+0x1b1/0x560 [ 232.350616][ T8458] ? __wake_up+0x1c/0x60 [ 232.352456][ T8458] ? __pfx_lock_acquire+0x10/0x10 [ 232.354497][ T8458] ? rcu_is_watching+0x12/0xc0 [ 232.356467][ T8458] ? trace_mm_page_alloc_zone_locked+0x123/0x190 [ 232.359110][ T8458] ? find_held_lock+0x2d/0x110 [ 232.361340][ T8458] ? __zone_watermark_ok+0x252/0x4d0 [ 232.363806][ T8458] _raw_spin_lock_irqsave+0x3a/0x60 [ 232.365845][ T8458] ? __wake_up+0x1c/0x60 [ 232.367510][ T8458] __wake_up+0x1c/0x60 [ 232.369154][ T8458] wakeup_kswapd+0x45e/0x640 [ 232.371005][ T8458] get_page_from_freelist+0x9bb/0x2e50 [ 232.373104][ T8458] ? __pfx_get_page_from_freelist+0x10/0x10 [ 232.375391][ T8458] ? prepare_alloc_pages.constprop.0+0x412/0x560 [ 232.377816][ T8458] ? __pfx_mark_lock+0x10/0x10 [ 232.379664][ T8458] __alloc_pages_noprof+0x22b/0x2460 [ 232.381780][ T8458] ? hlock_class+0x4e/0x130 [ 232.383526][ T8458] ? __lock_acquire+0xbdd/0x3cb0 [ 232.385541][ T8458] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 232.387753][ T8458] ? __pfx___lock_acquire+0x10/0x10 [ 232.389773][ T8458] ? lock_acquire+0x1b1/0x560 [ 232.391555][ T8458] ? find_held_lock+0x2d/0x110 [ 232.393274][ T8458] ___kmalloc_large_node+0x7f/0x1a0 [ 232.395117][ T8458] __kmalloc_large_node_noprof+0x1c/0x70 [ 232.397103][ T8458] __kmalloc_node_noprof.cold+0x5/0x5f [ 232.399480][ T8458] ? bpf_map_kmalloc_node+0x98/0x4a0 [ 232.401631][ T8458] bpf_map_kmalloc_node+0x98/0x4a0 [ 232.403692][ T8458] trie_update_elem+0x1ef/0xdb0 [ 232.405607][ T8458] bpf_map_update_value+0x2c1/0x6c0 [ 232.407686][ T8458] generic_map_update_batch+0x454/0x5f0 [ 232.409986][ T8458] ? __pfx_generic_map_update_batch+0x10/0x10 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 232.412322][ T8458] ? __pfx_generic_map_update_batch+0x10/0x10 [ 232.416288][ T8458] bpf_map_do_batch+0x615/0x6e0 [ 232.418480][ T8458] __sys_bpf+0x1fad/0x5600 [ 232.420436][ T8458] ? __pfx___sys_bpf+0x10/0x10 [ 232.422304][ T8458] ? futex_wait+0x121/0x380 [ 232.424258][ T8458] ? __pfx_futex_wait+0x10/0x10 [ 232.431503][ T8458] ? do_futex+0x123/0x350 [ 232.432956][ T8458] ? __pfx_do_futex+0x10/0x10 [ 232.434830][ T8458] ? xfd_validate_state+0x5d/0x180 [ 232.436963][ T8458] __ia32_sys_bpf+0x76/0xe0 [ 232.438786][ T8458] __do_fast_syscall_32+0x73/0x120 [ 232.440559][ T8458] do_fast_syscall_32+0x32/0x80 [ 232.442656][ T8458] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 232.445420][ T8458] RIP: 0023:0xf744e579 [ 232.447192][ T8458] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 232.455170][ T8458] RSP: 002b:00000000f576657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 232.458686][ T8458] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000020000300 [ 232.462042][ T8458] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000 [ 232.465485][ T8458] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 232.468785][ T8458] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 232.472068][ T8458] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 232.475443][ T8458] [ 232.998001][ T1092] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 233.077274][ T1092] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 233.150039][ T1092] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 233.267922][ T1092] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 233.379134][ T1092] bridge_slave_1: left allmulticast mode [ 233.382032][ T1092] bridge_slave_1: left promiscuous mode [ 233.384777][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state [ 233.405539][ T1092] bridge_slave_0: left allmulticast mode [ 233.407945][ T1092] bridge_slave_0: left promiscuous mode [ 233.410397][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state [ 233.545813][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 233.551617][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 233.556809][ T1092] bond0 (unregistering): Released all slaves [ 233.563295][ T1092] bond1 (unregistering): Released all slaves [ 233.874065][ T1092] hsr_slave_0: left promiscuous mode [ 233.877294][ T1092] hsr_slave_1: left promiscuous mode [ 233.880122][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 233.883269][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 233.887300][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 233.890453][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 233.896558][ T1092] veth1_macvtap: left promiscuous mode [ 233.899206][ T1092] veth0_macvtap: left promiscuous mode [ 233.901769][ T1092] veth1_vlan: left promiscuous mode [ 233.904302][ T1092] veth0_vlan: left promiscuous mode [ 234.221469][ T1092] team0 (unregistering): Port device team_slave_1 removed [ 234.260186][ T1092] team0 (unregistering): Port device team_slave_0 removed [ 234.883479][ T1092] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 234.972375][ T1092] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.040921][ T1092] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.130853][ T1092] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.231186][ T1092] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.311181][ T1092] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.381454][ T1092] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.442744][ T1092] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 235.544889][ T1092] bridge_slave_1: left allmulticast mode [ 235.547070][ T1092] bridge_slave_1: left promiscuous mode [ 235.549214][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state [ 235.554492][ T1092] bridge_slave_0: left allmulticast mode [ 235.556913][ T1092] bridge_slave_0: left promiscuous mode [ 235.559408][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state [ 235.564646][ T1092] bridge_slave_1: left allmulticast mode [ 235.567198][ T1092] bridge_slave_1: left promiscuous mode [ 235.569607][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state [ 235.574713][ T1092] bridge_slave_0: left allmulticast mode [ 235.577217][ T1092] bridge_slave_0: left promiscuous mode [ 235.579710][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state [ 235.872734][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 235.878848][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 235.883954][ T1092] bond0 (unregistering): Released all slaves [ 235.892371][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 235.898062][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 235.903114][ T1092] bond0 (unregistering): Released all slaves [ 235.967157][ T1092] Κό: left promiscuous mode [ 236.412942][ T1092] hsr_slave_0: left promiscuous mode [ 236.418204][ T1092] hsr_slave_1: left promiscuous mode [ 236.421268][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 236.424637][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 236.428487][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 236.431704][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 236.438991][ T1092] hsr_slave_0: left promiscuous mode [ 236.442135][ T1092] hsr_slave_1: left promiscuous mode [ 236.445689][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 236.448833][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 236.452562][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 236.458373][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 236.463046][ T1092] veth1_macvtap: left promiscuous mode [ 236.465365][ T1092] veth0_macvtap: left promiscuous mode [ 236.467917][ T1092] veth1_vlan: left promiscuous mode [ 236.469718][ T1092] veth0_vlan: left promiscuous mode [ 236.472746][ T1092] veth1_macvtap: left promiscuous mode [ 236.475559][ T1092] veth0_macvtap: left promiscuous mode [ 236.478086][ T1092] veth1_vlan: left promiscuous mode [ 236.480447][ T1092] veth0_vlan: left promiscuous mode [ 236.796355][ T1092] team0 (unregistering): Port device team_slave_1 removed [ 236.838152][ T1092] team0 (unregistering): Port device team_slave_0 removed [ 237.087247][ T1092] team0 (unregistering): Port device team_slave_1 removed [ 237.132083][ T1092] team0 (unregistering): Port device team_slave_0 removed [ 238.079437][ T1092] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.167990][ T1092] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.241960][ T1092] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.331963][ T1092] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.444217][ T1092] bridge_slave_1: left allmulticast mode [ 238.446781][ T1092] bridge_slave_1: left promiscuous mode [ 238.449321][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.457457][ T1092] bridge_slave_0: left allmulticast mode [ 238.460037][ T1092] bridge_slave_0: left promiscuous mode [ 238.462632][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.619794][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 238.625289][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 238.630492][ T1092] bond0 (unregistering): Released all slaves [ 238.985309][ T1092] hsr_slave_0: left promiscuous mode [ 238.988358][ T1092] hsr_slave_1: left promiscuous mode [ 238.991382][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 238.994889][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 238.998578][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 239.001794][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 239.006969][ T1092] veth1_macvtap: left promiscuous mode [ 239.008970][ T1092] veth0_macvtap: left promiscuous mode [ 239.010916][ T1092] veth1_vlan: left promiscuous mode [ 239.012744][ T1092] veth0_vlan: left promiscuous mode [ 239.245930][ T1092] team0 (unregistering): Port device team_slave_1 removed [ 239.278741][ T1092] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 09:30:35 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000002 RBX=0000000000000001 RCX=ffffffff813c8599 RDX=ffff8880201f8000 RSI=0000000000000002 RDI=0000000000000001 RBP=ffffffff8b29d100 RSP=ffffc9000fadea78 R8 =0000000000000001 R9 =0000000000000002 R10=0000000000000002 R11=ffffffff8b2f4ac0 R12=0000000000000002 R13=0000000000000001 R14=0000000000000003 R15=0000000000000002 RIP=ffffffff818b18bb RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020004004 CR3=000000002a504000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000374114 RBX=0000000000000001 RCX=ffffffff8ae40d89 RDX=ffffed1005826fe2 RSI=ffffffff8b908160 RDI=ffffffff81632fcc RBP=ffffed1002c60910 RSP=ffffc90000477e08 R8 =0000000000000000 R9 =ffffed1005826fe1 R10=ffff88802c137f0b R11=0000000000000001 R12=0000000000000001 R13=ffff888016304880 R14=ffffffff8fe59f58 R15=0000000000000000 RIP=ffffffff8ae4217f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002f91fffc CR3=00000000196cc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000184bb4 RBX=0000000000000002 RCX=ffffffff8ae40d89 RDX=ffffed1005846fe2 RSI=ffffffff8b908160 RDI=ffffffff81632fcc RBP=ffffed1002ce2000 RSP=ffffc90000487e08 R8 =0000000000000000 R9 =ffffed1005846fe1 R10=ffff88802c237f0b R11=0000000000000001 R12=0000000000000002 R13=ffff888016710000 R14=ffffffff8fe59f58 R15=0000000000000000 RIP=ffffffff8ae4217f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f74760e8 CR3=0000000011afc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84f99935 RDI=ffffffff94dbf140 RBP=ffffffff94dbf100 RSP=ffffc9000f5e6c88 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000005b R14=ffffffff84f998d0 R15=0000000000000000 RIP=ffffffff84f9995f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c300000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020100000 CR3=000000000d6ea000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000