last executing test programs: 4.021504975s ago: executing program 2 (id=631): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000440)={0x10, &(0x7f0000000240)={0x40}, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0xc0145b0e, 0x0) 1.622334802s ago: executing program 3 (id=662): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000c00)={0x1c, r1, 0x1, 0x70bd31, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0xc050}, 0x40004) 1.621973383s ago: executing program 3 (id=664): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000133700000008000300", @ANYRES32=r1, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0) 1.572205135s ago: executing program 0 (id=665): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000060000000800000001"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYBLOB="180000000000e3ff000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="040e"], 0xf) 1.571851765s ago: executing program 3 (id=666): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x3, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x800}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ptype\x00') read$msr(r5, &(0x7f0000000040)=""/59, 0xffb5) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) semctl$IPC_INFO(0x0, 0x2, 0x3, 0x0) 1.571753004s ago: executing program 0 (id=667): mkdir(0x0, 0xb4) open(&(0x7f0000000980)='./bus\x00', 0x30000, 0x1b0) r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast1, @local}, 0xc) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{0x0}], 0x1}, 0x0) 1.502261253s ago: executing program 0 (id=668): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, 0x0, 0x800, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x40) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f00000005c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x4) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000600), 0x400800, 0x0) ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000680)={0x2, &(0x7f0000000640)=[{0xfffa, 0x15, 0x0, 0xbb}, {0x8, 0x1, 0x4, 0x7}]}) recvmsg(r0, 0x0, 0x40000022) sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f0000001bc0)={&(0x7f0000001ac0)={0x10, 0x0, 0x0, 0x10}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8001}, 0x44000) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000001c00), r1) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001d80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000001dc0)={'wpan1\x00', 0x0}) ioctl$PPPIOCSDEBUG(r2, 0x40047440, &(0x7f0000001f80)=0x1) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_BEACON(r5, &(0x7f0000002100)={&(0x7f0000001fc0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000020c0)={&(0x7f0000002080)={0x28, r6, 0x300, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IE_ASSOC_RESP={0xa, 0x80, [@ext_channel_switch={0x3c, 0x4, {0x0, 0x67, 0xb0, 0x1a}}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20040041}, 0x24000001) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r1, 0x0, 0x20004841) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000002580)={r0}) ioctl$sock_inet_tcp_SIOCOUTQNSD(r7, 0x894b, &(0x7f00000025c0)) sendmsg$NL802154_CMD_SET_CHANNEL(r1, &(0x7f0000002700)={0x0, 0x0, &(0x7f00000026c0)={&(0x7f0000002640)={0x50, r3, 0x209, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x14}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x6}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x800) 1.501867465s ago: executing program 0 (id=669): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x4) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000380)={0xaa, 0x564}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/236, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/66}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000010000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379753200"], 0x7c}}, 0x0) 1.451973058s ago: executing program 0 (id=670): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0x7ff, @dev={0xfe, 0x80, '\x00', 0x14}, 0x7}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 1.050821076s ago: executing program 1 (id=672): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r0) sendmsg$IEEE802154_START_REQ(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001b80)=ANY=[@ANYBLOB='<\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000d000000050017000000000006000a000000000005001800000000000500070000000000060008"], 0x3c}}, 0x0) 991.815927ms ago: executing program 1 (id=673): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f00000006c0)=ANY=[@ANYBLOB='+cpu'], 0x5) write$cgroup_subtree(r1, 0x0, 0x5) 991.602732ms ago: executing program 2 (id=674): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000c00)={0x1c, r1, 0x1, 0x70bd31, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0xc050}, 0x40004) 991.516958ms ago: executing program 1 (id=675): r0 = socket$qrtr(0x2a, 0x2, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'wlan1\x00'}) 919.805185ms ago: executing program 2 (id=676): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000060000000800000001"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000d40)=ANY=[@ANYBLOB="180000000000e3ff000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="040e"], 0xf) 918.846437ms ago: executing program 1 (id=677): mkdir(0x0, 0xb4) open(&(0x7f0000000980)='./bus\x00', 0x30000, 0x1b0) r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast1, @local}, 0xc) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{0x0}], 0x1}, 0x0) 918.62178ms ago: executing program 2 (id=678): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x2}, 0x18) socket$nl_route(0x10, 0x3, 0x0) socket(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_sctp(0xa, 0x5, 0x84) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r2, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r4}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0) 871.373758ms ago: executing program 1 (id=679): sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a"], 0x64}}, 0x0) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 871.121232ms ago: executing program 2 (id=680): signalfd(0xffffffffffffffff, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = gettid() r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0) listen(r1, 0x0) accept4$x25(r1, 0x0, 0x0, 0x80800) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 672.21674ms ago: executing program 3 (id=681): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={@dev, 0x0, r2}) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00', 0x0}) socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000540)={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x4400046, r4}) socket$inet6_mptcp(0xa, 0x1, 0x106) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv6_newroute={0x30, 0x18, 0x1ef, 0x0, 0x0, {}, [@RTA_GATEWAY={0x14, 0x5, @loopback={0x0, 0x2}}]}, 0x30}, 0x1, 0x11}, 0x0) 671.935103ms ago: executing program 3 (id=682): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan1\x00'}) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[], 0x2c}}, 0x0) 601.738254ms ago: executing program 3 (id=683): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000440)={0x10, &(0x7f0000000240)={0x40}, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0xc0145b0e, 0x0) 601.530298ms ago: executing program 0 (id=684): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000440)={0x10, &(0x7f0000000240)={0x40}, 0x0, 0x0}) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001400010000000000000000c9"], 0x1c}], 0x1, 0x0, 0x0, 0x100}, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0xc0145b0e, &(0x7f0000000040)) 595.814µs ago: executing program 1 (id=685): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac14"], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001e80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 0s ago: executing program 2 (id=686): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8fe00000000bfa200000000000007020000f8ffffffb703000008000000b70400008f2000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) creat(&(0x7f0000000040)='./file0\x00', 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r1}, 0x10) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 0s ago: executing program 1 (id=687): r0 = memfd_create(&(0x7f0000000480)='\xff\x00l\x1e\xa0 1 [ 45.747400][ T5959] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.751225][ T5959] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.754486][ T5958] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.754536][ T5959] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.757992][ T5958] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.761553][ T5959] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.763506][ T5958] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 45.766574][ T5959] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.767602][ T5958] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 45.769244][ T5963] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 45.769980][ T5963] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 45.770390][ T5959] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.771200][ T5959] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.771559][ T5959] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 45.771733][ T5959] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 45.772302][ T5958] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 45.772513][ T5958] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 45.772613][ T5958] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 45.775135][ T5958] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.794773][ T5964] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 45.798952][ T5964] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 45.801391][ T5964] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 45.803480][ T5964] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.990586][ T5960] chnl_net:caif_netlink_parms(): no params data found [ 46.005510][ T5947] chnl_net:caif_netlink_parms(): no params data found [ 46.024648][ T5946] chnl_net:caif_netlink_parms(): no params data found [ 46.200470][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.202495][ T5947] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.204665][ T5947] bridge_slave_0: entered allmulticast mode [ 46.206915][ T5947] bridge_slave_0: entered promiscuous mode [ 46.228225][ T5960] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.230856][ T5960] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.233624][ T5960] bridge_slave_0: entered allmulticast mode [ 46.236628][ T5960] bridge_slave_0: entered promiscuous mode [ 46.240547][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.243228][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.245649][ T5946] bridge_slave_0: entered allmulticast mode [ 46.248252][ T5946] bridge_slave_0: entered promiscuous mode [ 46.251218][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.253996][ T5947] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.256801][ T5947] bridge_slave_1: entered allmulticast mode [ 46.260235][ T5947] bridge_slave_1: entered promiscuous mode [ 46.280683][ T5960] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.283404][ T5960] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.285988][ T5960] bridge_slave_1: entered allmulticast mode [ 46.288824][ T5960] bridge_slave_1: entered promiscuous mode [ 46.302495][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.304763][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.307517][ T5946] bridge_slave_1: entered allmulticast mode [ 46.310056][ T5946] bridge_slave_1: entered promiscuous mode [ 46.313776][ T5948] chnl_net:caif_netlink_parms(): no params data found [ 46.333510][ T5947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.369271][ T5947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.373460][ T5960] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.401653][ T5960] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.406204][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.428782][ T5947] team0: Port device team_slave_0 added [ 46.450393][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.457937][ T5960] team0: Port device team_slave_0 added [ 46.460658][ T5947] team0: Port device team_slave_1 added [ 46.490013][ T5960] team0: Port device team_slave_1 added [ 46.546728][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.548801][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.555771][ T5947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.562197][ T5946] team0: Port device team_slave_0 added [ 46.564040][ T5948] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.566385][ T5948] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.568747][ T5948] bridge_slave_0: entered allmulticast mode [ 46.570825][ T5948] bridge_slave_0: entered promiscuous mode [ 46.573462][ T5960] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.576096][ T5960] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.585509][ T5960] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.591028][ T5960] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.593601][ T5960] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.603153][ T5960] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.607919][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.609884][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.617432][ T5947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.622067][ T5946] team0: Port device team_slave_1 added [ 46.623888][ T5948] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.626037][ T5948] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.628284][ T5948] bridge_slave_1: entered allmulticast mode [ 46.630446][ T5948] bridge_slave_1: entered promiscuous mode [ 46.673704][ T5948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.724603][ T5948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.739389][ T5960] hsr_slave_0: entered promiscuous mode [ 46.741484][ T5960] hsr_slave_1: entered promiscuous mode [ 46.744976][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.747042][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.754943][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.760294][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.762715][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.770085][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.783093][ T5947] hsr_slave_0: entered promiscuous mode [ 46.785089][ T5947] hsr_slave_1: entered promiscuous mode [ 46.786970][ T5947] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.789992][ T5947] Cannot create hsr debugfs directory [ 46.805462][ T5948] team0: Port device team_slave_0 added [ 46.809983][ T5948] team0: Port device team_slave_1 added [ 46.890324][ T5946] hsr_slave_0: entered promiscuous mode [ 46.892673][ T5946] hsr_slave_1: entered promiscuous mode [ 46.895047][ T5946] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.898493][ T5946] Cannot create hsr debugfs directory [ 46.901872][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.904453][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.914738][ T5948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.919966][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.921921][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.929233][ T5948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.043670][ T5948] hsr_slave_0: entered promiscuous mode [ 47.045763][ T5948] hsr_slave_1: entered promiscuous mode [ 47.047860][ T5948] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.050017][ T5948] Cannot create hsr debugfs directory [ 47.189249][ T5947] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 47.194995][ T5947] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 47.199160][ T5947] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 47.203113][ T5947] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 47.228327][ T5960] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 47.232959][ T5960] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 47.236188][ T5960] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 47.240436][ T5960] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.263433][ T5946] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 47.269181][ T5946] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 47.272953][ T5946] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 47.276767][ T5946] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 47.314403][ T5948] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 47.330062][ T5948] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 47.335346][ T5948] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 47.339521][ T5948] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 47.376914][ T5960] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.382136][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.402982][ T5960] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.411824][ T5947] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.420415][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.423210][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.439123][ T1135] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.441217][ T1135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.444340][ T1135] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.446298][ T1135] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.454133][ T1135] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.456221][ T1135] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.480459][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.501350][ T5948] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.518904][ T5946] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.522970][ T5948] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.533738][ T95] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.536192][ T95] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.539662][ T95] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.541779][ T95] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.549864][ T95] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.552090][ T95] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.570918][ T95] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.573879][ T95] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.596564][ T5948] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 47.600787][ T5948] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 47.658494][ T5960] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.663729][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.702445][ T5960] veth0_vlan: entered promiscuous mode [ 47.706663][ T5947] veth0_vlan: entered promiscuous mode [ 47.716089][ T5948] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.720179][ T5960] veth1_vlan: entered promiscuous mode [ 47.728843][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.731798][ T5947] veth1_vlan: entered promiscuous mode [ 47.756767][ T5947] veth0_macvtap: entered promiscuous mode [ 47.761528][ T5960] veth0_macvtap: entered promiscuous mode [ 47.767095][ T5947] veth1_macvtap: entered promiscuous mode [ 47.779654][ T5960] veth1_macvtap: entered promiscuous mode [ 47.785907][ T5948] veth0_vlan: entered promiscuous mode [ 47.798061][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.804658][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.813999][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.817145][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.820921][ T5960] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.823539][ T5948] veth1_vlan: entered promiscuous mode [ 47.830093][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.833063][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.836461][ T5960] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.838989][ T5964] Bluetooth: hci1: command tx timeout [ 47.839137][ T65] Bluetooth: hci3: command tx timeout [ 47.841474][ T5964] Bluetooth: hci2: command tx timeout [ 47.843486][ T65] Bluetooth: hci0: command tx timeout [ 47.847142][ T5947] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.851610][ T5947] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.854164][ T5947] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.856614][ T5947] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.864788][ T5946] veth0_vlan: entered promiscuous mode [ 47.868125][ T5960] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.870562][ T5960] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.872966][ T5960] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.875219][ T5960] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.885382][ T5948] veth0_macvtap: entered promiscuous mode [ 47.892354][ T5948] veth1_macvtap: entered promiscuous mode [ 47.898365][ T5946] veth1_vlan: entered promiscuous mode [ 47.919334][ T5948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.924674][ T5948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.928046][ T5948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.931857][ T5948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.936966][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.942132][ T5948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.945429][ T5948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.948847][ T5948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.952389][ T5948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.957784][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.979670][ T5948] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.983112][ T5948] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.986477][ T5948] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.990374][ T5948] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.996955][ T5946] veth0_macvtap: entered promiscuous mode [ 48.011930][ T5946] veth1_macvtap: entered promiscuous mode [ 48.020930][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.024266][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.027118][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.030733][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.034915][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.038411][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.041105][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.043952][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.046649][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.049604][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.053025][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.069596][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.072497][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.075194][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.078793][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.081501][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.084377][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.088045][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.092753][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.095511][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.098442][ T5946] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.100960][ T5946] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.103367][ T5946] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.105811][ T5946] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.115731][ T1135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.120622][ T1135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.129146][ T1135] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.131216][ T1135] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.157424][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.159209][ T5960] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 48.159604][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.161805][ T1170] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.177251][ T1170] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.201283][ T1170] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.206085][ T1170] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.225616][ T6017] 9pnet_fd: Insufficient options for proto=fd [ 48.353223][ T6035] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3'. [ 48.388674][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.627440][ T5953] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 48.767490][ T5953] usb 5-1: device descriptor read/64, error -71 [ 49.027520][ T5953] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 49.143549][ T6047] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9'. [ 49.157436][ T5953] usb 5-1: device descriptor read/64, error -71 [ 49.185011][ T6049] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 49.277814][ T5953] usb usb5-port1: attempt power cycle [ 49.281280][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 49.569303][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 49.648509][ T6059] random: crng reseeded on system resumption [ 49.852726][ T5953] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 49.879357][ T5953] usb 5-1: device descriptor read/8, error -71 [ 49.917503][ T65] Bluetooth: hci0: command tx timeout [ 49.928208][ T65] Bluetooth: hci2: command tx timeout [ 49.928253][ T5958] Bluetooth: hci3: command tx timeout [ 49.930112][ T5964] Bluetooth: hci1: command tx timeout [ 50.127500][ T5953] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 50.158607][ T5953] usb 5-1: device descriptor read/8, error -71 [ 50.277654][ T5953] usb usb5-port1: unable to enumerate USB device [ 50.416622][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 50.494642][ T39] audit: type=1326 audit(1739314219.786:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6066 comm="syz.1.15" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fa0579 code=0x0 [ 50.647649][ T6074] vlan2: entered allmulticast mode [ 50.649545][ T6074] bond0: entered allmulticast mode [ 50.651666][ T6074] bond_slave_0: entered allmulticast mode [ 50.653464][ T6074] bond_slave_1: entered allmulticast mode [ 50.657093][ T6074] bridge0: port 3(vlan2) entered blocking state [ 50.662757][ T6074] bridge0: port 3(vlan2) entered disabled state [ 50.666831][ T6074] vlan2: entered promiscuous mode [ 50.668922][ T6074] bond0: entered promiscuous mode [ 50.670791][ T6074] bond_slave_0: entered promiscuous mode [ 50.673023][ T6074] bond_slave_1: entered promiscuous mode [ 50.675830][ T6074] bridge0: port 3(vlan2) entered blocking state [ 50.678938][ T6074] bridge0: port 3(vlan2) entered forwarding state [ 51.324778][ T6078] netlink: 4 bytes leftover after parsing attributes in process `syz.0.18'. [ 51.398018][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 51.453174][ T6009] IPVS: starting estimator thread 0... [ 51.500754][ T6095] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 51.560026][ T6093] IPVS: using max 24 ests per chain, 57600 per kthread [ 51.778121][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.780585][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.783527][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.786719][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.789740][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.997459][ T65] Bluetooth: hci2: command tx timeout [ 51.997590][ T5958] Bluetooth: hci0: command tx timeout [ 52.000524][ T5958] Bluetooth: hci3: command tx timeout [ 52.001610][ T5964] Bluetooth: hci1: command tx timeout [ 53.196745][ T6129] random: crng reseeded on system resumption [ 53.227387][ T30] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 53.387402][ T30] usb 6-1: Using ep0 maxpacket: 8 [ 53.401999][ T30] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 53.405070][ T30] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 53.407559][ T30] usb 6-1: Product: syz [ 53.408891][ T30] usb 6-1: Manufacturer: syz [ 53.410579][ T30] usb 6-1: SerialNumber: syz [ 53.428109][ T30] usb 6-1: config 0 descriptor?? [ 53.635119][ T30] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 54.087482][ T5964] Bluetooth: hci1: command tx timeout [ 54.087531][ T5952] Bluetooth: hci3: command tx timeout [ 54.089503][ T5964] Bluetooth: hci2: command tx timeout [ 54.089528][ T5964] Bluetooth: hci0: command tx timeout [ 54.727440][ T35] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 54.897413][ T35] usb 7-1: Using ep0 maxpacket: 8 [ 54.905903][ T35] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 54.909670][ T35] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 54.909696][ T35] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 54.909715][ T35] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 54.909746][ T35] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 54.909765][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.118727][ T35] usb 7-1: GET_CAPABILITIES returned 0 [ 55.120429][ T35] usbtmc 7-1:16.0: can't read capabilities [ 55.121876][ T6172] 9pnet_fd: Insufficient options for proto=fd [ 55.187395][ T6175] Device name cannot be null; rc = [-22] [ 55.257722][ T30] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 55.270037][ T30] usb 6-1: USB disconnect, device number 2 [ 55.325539][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.331171][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.333726][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.336519][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.339874][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.343281][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.346830][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.354026][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.357431][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.360858][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.363339][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.366549][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.370141][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.372832][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.375505][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.378330][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 55.384387][ T833] usb 7-1: USB disconnect, device number 2 [ 55.965424][ T6204] netlink: 4 bytes leftover after parsing attributes in process `syz.1.68'. [ 56.217732][ T833] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 56.367486][ T833] usb 8-1: Using ep0 maxpacket: 8 [ 56.370712][ T833] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 56.373422][ T833] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 56.376200][ T833] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 56.379672][ T833] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 56.384054][ T833] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 56.387436][ T833] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.417601][ T72] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 56.567383][ T72] usb 7-1: Using ep0 maxpacket: 32 [ 56.570291][ T72] usb 7-1: config 0 has an invalid interface number: 132 but max is 0 [ 56.572612][ T72] usb 7-1: config 0 has no interface number 0 [ 56.574378][ T72] usb 7-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 56.580466][ T72] usb 7-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5 [ 56.583019][ T72] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 56.585267][ T72] usb 7-1: Product: syz [ 56.586533][ T72] usb 7-1: Manufacturer: syz [ 56.587959][ T72] usb 7-1: SerialNumber: syz [ 56.591194][ T72] usb 7-1: config 0 descriptor?? [ 56.596992][ T72] em28xx 7-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132) [ 56.599842][ T833] usb 8-1: GET_CAPABILITIES returned 0 [ 56.601394][ T833] usbtmc 8-1:16.0: can't read capabilities [ 56.604116][ T72] em28xx 7-1:0.132: Video interface 132 found: [ 56.801570][ T56] usb 8-1: USB disconnect, device number 2 [ 57.000239][ T72] em28xx 7-1:0.132: unknown em28xx chip ID (0) [ 57.027488][ T833] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 57.062784][ T72] em28xx 7-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5) [ 57.066679][ T72] em28xx 7-1:0.132: board has no eeprom [ 57.127492][ T72] em28xx 7-1:0.132: Identified as Leadtek Winfast USB II (card=7) [ 57.130367][ T72] em28xx 7-1:0.132: analog set to bulk mode. [ 57.134294][ T6216] em28xx 7-1:0.132: Registering V4L2 extension [ 57.139257][ T72] usb 7-1: USB disconnect, device number 3 [ 57.142106][ T72] em28xx 7-1:0.132: Disconnecting em28xx [ 57.177479][ T833] usb 6-1: Using ep0 maxpacket: 8 [ 57.181212][ T833] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 57.184968][ T6216] em28xx 7-1:0.132: Config register raw data: 0xffffffed [ 57.188061][ T833] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 57.191887][ T6216] em28xx 7-1:0.132: AC97 chip type couldn't be determined [ 57.194612][ T6216] em28xx 7-1:0.132: No AC97 audio processor [ 57.197472][ T833] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 57.201062][ T833] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 57.205713][ T833] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 57.213736][ T6216] usb 7-1: Decoder not found [ 57.215510][ T6216] em28xx 7-1:0.132: failed to create media graph [ 57.218021][ T833] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.221527][ T6216] em28xx 7-1:0.132: V4L2 device video103 deregistered [ 57.232131][ T6216] em28xx 7-1:0.132: Remote control support is not available for this card. [ 57.236197][ T72] em28xx 7-1:0.132: Closing input extension [ 57.249459][ T72] em28xx 7-1:0.132: Freeing device [ 57.432512][ T833] usb 6-1: usb_control_msg returned -71 [ 57.434113][ T833] usbtmc 6-1:16.0: can't read capabilities [ 57.442060][ T833] usb 6-1: USB disconnect, device number 3 [ 57.524809][ T6239] IPv6: Can't replace route, no match found [ 57.560313][ T6244] netlink: 4 bytes leftover after parsing attributes in process `syz.0.83'. [ 57.650462][ T6251] netlink: 592 bytes leftover after parsing attributes in process `syz.0.86'. [ 58.657430][ T1460] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 58.687595][ T56] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 58.807402][ T1460] usb 8-1: Using ep0 maxpacket: 16 [ 58.810531][ T1460] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 58.814294][ T1460] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 58.820473][ T1460] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 58.823164][ T1460] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 58.825447][ T1460] usb 8-1: Product: syz [ 58.826708][ T1460] usb 8-1: Manufacturer: syz [ 58.828209][ T1460] usb 8-1: SerialNumber: syz [ 58.832300][ T1460] usb 8-1: config 0 descriptor?? [ 58.836322][ T1460] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 58.839200][ T1460] em28xx 8-1:0.0: Audio interface 0 found (Vendor Class) [ 58.847517][ T56] usb 7-1: Using ep0 maxpacket: 8 [ 58.850729][ T56] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 58.853812][ T56] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 58.856583][ T56] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 58.859320][ T56] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 58.862854][ T56] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 58.865361][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.033021][ T6291] netlink: 36 bytes leftover after parsing attributes in process `syz.0.103'. [ 59.038980][ T6283] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 59.042977][ T6283] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.064143][ T5952] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 59.069808][ T5952] CPU: 0 UID: 0 PID: 5952 Comm: kworker/u33:2 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0 [ 59.069824][ T5952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 59.069832][ T5952] Workqueue: hci3 hci_rx_work [ 59.069849][ T5952] Call Trace: [ 59.069884][ T5952] [ 59.069890][ T5952] dump_stack_lvl+0x16c/0x1f0 [ 59.069909][ T5952] sysfs_warn_dup+0x7f/0xa0 [ 59.069925][ T5952] sysfs_create_dir_ns+0x24d/0x2b0 [ 59.069940][ T5952] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 59.069955][ T5952] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 59.069974][ T5952] ? kobject_add_internal+0x12d/0x990 [ 59.069985][ T5952] ? do_raw_spin_unlock+0x172/0x230 [ 59.069999][ T5952] kobject_add_internal+0x2c8/0x990 [ 59.070016][ T5952] kobject_add+0x16f/0x240 [ 59.070027][ T5952] ? __pfx_kobject_add+0x10/0x10 [ 59.070039][ T5952] ? class_to_subsys+0x3e/0x160 [ 59.070059][ T5952] ? do_raw_spin_unlock+0x172/0x230 [ 59.070073][ T5952] ? kobject_put+0xab/0x5a0 [ 59.070089][ T5952] device_add+0x289/0x1a70 [ 59.070104][ T5952] ? __pfx_dev_set_name+0x10/0x10 [ 59.070122][ T5952] ? __pfx_device_add+0x10/0x10 [ 59.070137][ T5952] ? mgmt_send_event_skb+0x2f2/0x460 [ 59.070158][ T5952] hci_conn_add_sysfs+0x17e/0x230 [ 59.070190][ T5952] le_conn_complete_evt+0xfce/0x1d10 [ 59.070207][ T5952] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 59.070218][ T5952] ? trace_contention_end+0xee/0x140 [ 59.070234][ T5952] ? __mutex_lock+0x1cc/0xb10 [ 59.070249][ T5952] hci_le_conn_complete_evt+0x23c/0x370 [ 59.070263][ T5952] hci_le_meta_evt+0x2e2/0x5d0 [ 59.070276][ T5952] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 59.070292][ T5952] hci_event_packet+0x666/0x1190 [ 59.070303][ T5952] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 59.070315][ T5952] ? __pfx_hci_event_packet+0x10/0x10 [ 59.070324][ T5952] ? mark_held_locks+0x9f/0xe0 [ 59.070336][ T5952] ? kcov_remote_start+0x3cf/0x6e0 [ 59.070348][ T5952] ? lockdep_hardirqs_on+0x7c/0x110 [ 59.070365][ T5952] hci_rx_work+0x2c5/0x16b0 [ 59.070377][ T5952] ? process_one_work+0x8bb/0x1b30 [ 59.070390][ T5952] process_one_work+0x958/0x1b30 [ 59.070405][ T5952] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 59.070416][ T5952] ? __pfx_process_one_work+0x10/0x10 [ 59.070431][ T5952] ? assign_work+0x1a0/0x250 [ 59.070442][ T5952] worker_thread+0x6c8/0xf00 [ 59.070458][ T5952] ? __pfx_worker_thread+0x10/0x10 [ 59.070470][ T5952] kthread+0x3af/0x750 [ 59.070481][ T5952] ? __pfx_kthread+0x10/0x10 [ 59.070490][ T5952] ? lock_acquire+0x2f/0xb0 [ 59.070527][ T5952] ? __pfx_kthread+0x10/0x10 [ 59.070539][ T5952] ret_from_fork+0x45/0x80 [ 59.070553][ T5952] ? __pfx_kthread+0x10/0x10 [ 59.070565][ T5952] ret_from_fork_asm+0x1a/0x30 [ 59.070584][ T5952] [ 59.070646][ T5952] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 59.091318][ T56] usb 7-1: usb_control_msg returned -71 [ 59.093527][ T5952] Bluetooth: hci3: failed to register connection device [ 59.095038][ T56] usbtmc 7-1:16.0: can't read capabilities [ 59.127631][ T1460] em28xx 8-1:0.0: unknown em28xx chip ID (0) [ 59.134326][ T56] usb 7-1: USB disconnect, device number 4 [ 59.137729][ T1460] em28xx 8-1:0.0: Config register raw data: 0xfffffffb [ 59.168181][ T1460] em28xx 8-1:0.0: AC97 chip type couldn't be determined [ 59.170865][ T1460] em28xx 8-1:0.0: No AC97 audio processor [ 59.181722][ T1460] usb 8-1: USB disconnect, device number 3 [ 59.184848][ T1460] em28xx 8-1:0.0: Disconnecting em28xx [ 59.189378][ T1460] em28xx 8-1:0.0: Freeing device [ 59.738561][ T6314] capability: warning: `syz.2.113' uses deprecated v2 capabilities in a way that may be insecure [ 60.296090][ T6330] netlink: 12 bytes leftover after parsing attributes in process `syz.2.116'. [ 60.308129][ T6330] veth0_macvtap: left promiscuous mode [ 60.592904][ T6344] Zero length message leads to an empty skb [ 61.227388][ T833] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 61.367424][ T5318] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 61.378534][ T833] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 61.380991][ T833] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 61.383952][ T833] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 61.386620][ T833] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 61.397480][ T833] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 61.402419][ T833] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 61.404987][ T833] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 61.407209][ T833] usb 8-1: Product: syz [ 61.417361][ T833] usb 8-1: Manufacturer: syz [ 61.421044][ T833] cdc_wdm 8-1:1.0: skipping garbage [ 61.422536][ T833] cdc_wdm 8-1:1.0: skipping garbage [ 61.424732][ T833] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 61.426403][ T833] cdc_wdm 8-1:1.0: Unknown control protocol [ 61.517553][ T5318] usb 7-1: Using ep0 maxpacket: 8 [ 61.529686][ T5318] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 61.532747][ T5318] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 61.535532][ T5318] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 61.542142][ T5318] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 61.545780][ T5318] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 61.548505][ T5318] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.676911][ C2] cdc_wdm 8-1:1.0: nonzero urb status received: -71 [ 61.677999][ T35] usb 8-1: USB disconnect, device number 4 [ 61.679585][ C2] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes [ 61.683687][ C2] cdc_wdm 8-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 61.763399][ T5318] usb 7-1: GET_CAPABILITIES returned 0 [ 61.765658][ T5318] usbtmc 7-1:16.0: can't read capabilities [ 61.961202][ T6393] ======================================================= [ 61.961202][ T6393] WARNING: The mand mount option has been deprecated and [ 61.961202][ T6393] and is ignored by this kernel. Remove the mand [ 61.961202][ T6393] option from the mount to silence this warning. [ 61.961202][ T6393] ======================================================= [ 61.962756][ T833] usb 7-1: USB disconnect, device number 5 [ 61.971934][ T6393] tmpfs: Bad value for 'nr_blocks' [ 62.318919][ T5952] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 62.322179][ T5952] Bluetooth: hci2: Injecting HCI hardware error event [ 62.324808][ T5952] Bluetooth: hci2: hardware error 0x00 [ 62.669948][ T6402] netlink: 4 bytes leftover after parsing attributes in process `syz.2.138'. [ 63.041314][ T6416] netlink: 4 bytes leftover after parsing attributes in process `syz.0.144'. [ 63.108414][ T6422] syz.2.148 uses obsolete (PF_INET,SOCK_PACKET) [ 64.143468][ C0] vkms_vblank_simulate: vblank timer overrun [ 64.407504][ T5952] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 64.557508][ T833] usb 8-1: new full-speed USB device number 5 using dummy_hcd [ 64.708927][ T833] usb 8-1: config 0 has an invalid interface number: 29 but max is 0 [ 64.711302][ T833] usb 8-1: config 0 has no interface number 0 [ 64.713070][ T833] usb 8-1: config 0 interface 29 has no altsetting 0 [ 64.716675][ T833] usb 8-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac [ 64.719963][ T833] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 64.722220][ T833] usb 8-1: Product: syz [ 64.723445][ T833] usb 8-1: Manufacturer: syz [ 64.724877][ T833] usb 8-1: SerialNumber: syz [ 64.728927][ T833] usb 8-1: config 0 descriptor?? [ 64.940974][ T833] peak_usb 8-1:0.29 can0: unable to request usb[type=0 value=1] err=-71 [ 64.944624][ T833] peak_usb 8-1:0.29: unable to read PCAN-USB X6 firmware info (err -71) [ 65.037903][ T833] peak_usb 8-1:0.29: probe with driver peak_usb failed with error -71 [ 65.045108][ T833] usb 8-1: USB disconnect, device number 5 [ 66.448619][ T6543] random: crng reseeded on system resumption [ 66.535247][ T35] IPVS: starting estimator thread 0... [ 66.597676][ T72] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 66.617544][ T6547] IPVS: using max 38 ests per chain, 91200 per kthread [ 66.768572][ T72] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 66.770989][ T72] usb 8-1: config 0 has no interface number 0 [ 66.772739][ T72] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 66.775785][ T72] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 66.778630][ T72] usb 8-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18 [ 66.781231][ T72] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.784343][ T72] usb 8-1: config 0 descriptor?? [ 67.037549][ T5952] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 67.041031][ T5952] Bluetooth: hci0: Injecting HCI hardware error event [ 67.044155][ T5952] Bluetooth: hci0: hardware error 0x00 [ 67.405761][ T72] input: HID 04d9:a055 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.1/0003:04D9:A055.0002/input/input5 [ 67.478784][ T72] holtek_kbd 0003:04D9:A055.0002: input,hidraw1: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.3-1/input1 [ 67.594906][ T72] usb 8-1: USB disconnect, device number 6 [ 69.117476][ T5952] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 69.128449][ T6583] ptrace attach of "/syz-executor exec"[5947] was attempted by "/syz-executor exec"[6583] [ 70.238740][ T6615] netlink: 4 bytes leftover after parsing attributes in process `syz.0.220'. [ 70.724111][ T6637] random: crng reseeded on system resumption [ 70.963270][ T1412] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.966042][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.689025][ T5318] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 71.880028][ T5318] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 71.882772][ T5318] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 71.885669][ T5318] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 71.888961][ T5318] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 71.892138][ T5318] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 71.897948][ T5318] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 71.901571][ T5318] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 71.903966][ T5318] usb 6-1: Product: syz [ 71.905298][ T5318] usb 6-1: Manufacturer: syz [ 71.916150][ T5318] cdc_wdm 6-1:1.0: skipping garbage [ 71.917937][ T5318] cdc_wdm 6-1:1.0: skipping garbage [ 71.923315][ T5318] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 71.925169][ T5318] cdc_wdm 6-1:1.0: Unknown control protocol [ 72.144265][ T6673] netlink: 4 bytes leftover after parsing attributes in process `syz.3.237'. [ 72.169398][ C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 72.170632][ T6009] usb 6-1: USB disconnect, device number 4 [ 72.171869][ C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 72.175286][ C0] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 73.471077][ T6703] trusted_key: syz.3.245 sent an empty control message without MSG_MORE. [ 74.221228][ T6703] Set syz1 is full, maxelem 65536 reached [ 74.327759][ T5318] IPVS: starting estimator thread 0... [ 74.427402][ T6727] IPVS: using max 39 ests per chain, 93600 per kthread [ 75.319256][ T6743] process 'syz.0.256' launched '/dev/fd/9' with NULL argv: empty string added [ 75.343266][ T6741] block device autoloading is deprecated and will be removed. [ 75.899124][ T5952] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 75.901838][ T5952] CPU: 2 UID: 0 PID: 5952 Comm: kworker/u33:2 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0 [ 75.901853][ T5952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 75.901860][ T5952] Workqueue: hci3 hci_rx_work [ 75.901878][ T5952] Call Trace: [ 75.901882][ T5952] [ 75.901887][ T5952] dump_stack_lvl+0x16c/0x1f0 [ 75.901906][ T5952] sysfs_warn_dup+0x7f/0xa0 [ 75.901922][ T5952] sysfs_create_dir_ns+0x24d/0x2b0 [ 75.901937][ T5952] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 75.901979][ T5952] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 75.902013][ T5952] ? kobject_add_internal+0x12d/0x990 [ 75.902027][ T5952] ? do_raw_spin_unlock+0x172/0x230 [ 75.902060][ T5952] kobject_add_internal+0x2c8/0x990 [ 75.902076][ T5952] kobject_add+0x16f/0x240 [ 75.902104][ T5952] ? __pfx_kobject_add+0x10/0x10 [ 75.902115][ T5952] ? class_to_subsys+0x3e/0x160 [ 75.902150][ T5952] ? do_raw_spin_unlock+0x172/0x230 [ 75.902167][ T5952] ? kobject_put+0xab/0x5a0 [ 75.902205][ T5952] device_add+0x289/0x1a70 [ 75.902222][ T5952] ? __pfx_dev_set_name+0x10/0x10 [ 75.902261][ T5952] ? __pfx_device_add+0x10/0x10 [ 75.902293][ T5952] ? mgmt_send_event_skb+0x2f2/0x460 [ 75.902334][ T5952] hci_conn_add_sysfs+0x17e/0x230 [ 75.902350][ T5952] le_conn_complete_evt+0xfce/0x1d10 [ 75.902364][ T5952] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 75.902392][ T5952] ? trace_contention_end+0xee/0x140 [ 75.902408][ T5952] ? __mutex_lock+0x1cc/0xb10 [ 75.902442][ T5952] hci_le_conn_complete_evt+0x23c/0x370 [ 75.902456][ T5952] hci_le_meta_evt+0x2e2/0x5d0 [ 75.902484][ T5952] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 75.902500][ T5952] hci_event_packet+0x666/0x1190 [ 75.902529][ T5952] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 75.902544][ T5952] ? __pfx_hci_event_packet+0x10/0x10 [ 75.902555][ T5952] ? mark_held_locks+0x9f/0xe0 [ 75.902585][ T5952] ? kcov_remote_start+0x3cf/0x6e0 [ 75.902599][ T5952] ? lockdep_hardirqs_on+0x7c/0x110 [ 75.902635][ T5952] hci_rx_work+0x2c5/0x16b0 [ 75.902662][ T5952] ? process_one_work+0x8bb/0x1b30 [ 75.902678][ T5952] process_one_work+0x958/0x1b30 [ 75.902711][ T5952] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 75.902745][ T5952] ? __pfx_process_one_work+0x10/0x10 [ 75.902780][ T5952] ? assign_work+0x1a0/0x250 [ 75.902794][ T5952] worker_thread+0x6c8/0xf00 [ 75.902829][ T5952] ? __pfx_worker_thread+0x10/0x10 [ 75.902844][ T5952] kthread+0x3af/0x750 [ 75.902873][ T5952] ? __pfx_kthread+0x10/0x10 [ 75.902884][ T5952] ? lock_acquire+0x2f/0xb0 [ 75.902915][ T5952] ? __pfx_kthread+0x10/0x10 [ 75.902928][ T5952] ret_from_fork+0x45/0x80 [ 75.902958][ T5952] ? __pfx_kthread+0x10/0x10 [ 75.902970][ T5952] ret_from_fork_asm+0x1a/0x30 [ 75.902991][ T5952] [ 75.903085][ T5952] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 76.018209][ T5952] Bluetooth: hci3: failed to register connection device [ 77.142088][ T6775] netlink: 4 bytes leftover after parsing attributes in process `syz.1.269'. [ 78.414042][ T6802] random: crng reseeded on system resumption [ 79.457417][ T5953] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 79.607523][ T5953] usb 6-1: Using ep0 maxpacket: 8 [ 79.613526][ T5953] usb 6-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 79.617276][ T5953] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 79.621020][ T5953] usb 6-1: Product: syz [ 79.622692][ T5953] usb 6-1: Manufacturer: syz [ 79.624470][ T5953] usb 6-1: SerialNumber: syz [ 79.632472][ T5953] usb 6-1: config 0 descriptor?? [ 79.639739][ T5953] gspca_main: sq930x-2.14.0 probing 2770:930c [ 79.962991][ T6866] netlink: 'syz.3.304': attribute type 39 has an invalid length. [ 79.992298][ T6867] program syz.0.301 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 80.845614][ T6886] netlink: 4 bytes leftover after parsing attributes in process `syz.2.310'. [ 81.080303][ T6893] netlink: 'syz.2.313': attribute type 39 has an invalid length. [ 81.201534][ T8] cfg80211: failed to load regulatory.db [ 81.294212][ T6897] netlink: 12 bytes leftover after parsing attributes in process `syz.2.315'. [ 81.389588][ T6900] netlink: 24 bytes leftover after parsing attributes in process `syz.0.314'. [ 81.507362][ T5953] gspca_sq930x: reg_w 0105 0e00 failed -71 [ 81.727532][ T5953] gspca_sq930x: Sensor ov9630 not yet treated [ 81.729392][ T5953] sq930x 6-1:0.0: probe with driver sq930x failed with error -22 [ 81.738190][ T5953] usb 6-1: USB disconnect, device number 5 [ 81.958578][ T6892] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 82.032805][ T6872] syz.3.305: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 82.042961][ T6872] CPU: 3 UID: 0 PID: 6872 Comm: syz.3.305 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0 [ 82.042984][ T6872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.042992][ T6872] Call Trace: [ 82.042998][ T6872] [ 82.043004][ T6872] dump_stack_lvl+0x16c/0x1f0 [ 82.043035][ T6872] warn_alloc+0x24d/0x3a0 [ 82.043056][ T6872] ? __pfx_warn_alloc+0x10/0x10 [ 82.043081][ T6872] ? __get_vm_area_node+0x1b0/0x2f0 [ 82.043104][ T6872] ? __get_vm_area_node+0x1dc/0x2f0 [ 82.043132][ T6872] __vmalloc_node_range_noprof+0x1102/0x1530 [ 82.043156][ T6872] ? hash_netiface_create+0x3ea/0x1250 [ 82.043177][ T6872] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 82.043196][ T6872] ? __get_vm_area_node+0x1b0/0x2f0 [ 82.043218][ T6872] ? __get_vm_area_node+0x1dc/0x2f0 [ 82.043244][ T6872] __vmalloc_node_range_noprof+0xd82/0x1530 [ 82.043259][ T6872] ? hash_netiface_create+0x3ea/0x1250 [ 82.043281][ T6872] ? hash_netiface_create+0x3ea/0x1250 [ 82.043301][ T6872] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 82.043318][ T6872] ? rcu_is_watching+0x12/0xc0 [ 82.043340][ T6872] ? trace_kmalloc+0x2d/0xd0 [ 82.043359][ T6872] ? __kmalloc_node_noprof.cold+0x5a/0x5f [ 82.043377][ T6872] ? hash_netiface_create+0x3ea/0x1250 [ 82.043393][ T6872] __kvmalloc_node_noprof+0x14f/0x1a0 [ 82.043408][ T6872] ? hash_netiface_create+0x3ea/0x1250 [ 82.043435][ T6872] hash_netiface_create+0x3ea/0x1250 [ 82.043452][ T6872] ? __nla_validate+0x1b/0x50 [ 82.043476][ T6872] ? __pfx_hash_netiface_create+0x10/0x10 [ 82.043493][ T6872] ip_set_create+0x62a/0x1400 [ 82.043512][ T6872] ? rcu_is_watching+0x12/0xc0 [ 82.043534][ T6872] ? __pfx_ip_set_create+0x10/0x10 [ 82.043570][ T6872] nfnetlink_rcv_msg+0x9c3/0x11e0 [ 82.043629][ T6872] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 82.043655][ T6872] ? find_held_lock+0x2d/0x110 [ 82.043704][ T6872] netlink_rcv_skb+0x165/0x410 [ 82.043726][ T6872] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 82.043751][ T6872] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 82.043771][ T6872] ? __pfx_aa_get_newest_label+0x10/0x10 [ 82.043801][ T6872] ? bpf_lsm_capable+0x9/0x10 [ 82.043819][ T6872] ? security_capable+0x7e/0x260 [ 82.043840][ T6872] ? ns_capable+0xd7/0x110 [ 82.043862][ T6872] nfnetlink_rcv+0x1b4/0x430 [ 82.043884][ T6872] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 82.043906][ T6872] ? netlink_deliver_tap+0x1ae/0xca0 [ 82.043930][ T6872] netlink_unicast+0x53c/0x7f0 [ 82.043954][ T6872] ? __pfx_netlink_unicast+0x10/0x10 [ 82.043975][ T6872] ? __phys_addr_symbol+0x30/0x80 [ 82.043997][ T6872] ? __check_object_size+0x488/0x710 [ 82.044019][ T6872] netlink_sendmsg+0x8b8/0xd70 [ 82.044044][ T6872] ? __pfx_netlink_sendmsg+0x10/0x10 [ 82.044073][ T6872] ____sys_sendmsg+0x9ae/0xb40 [ 82.044096][ T6872] ? __pfx_____sys_sendmsg+0x10/0x10 [ 82.044115][ T6872] ? get_compat_msghdr+0x11b/0x170 [ 82.044144][ T6872] ___sys_sendmsg+0x135/0x1e0 [ 82.044162][ T6872] ? __pfx____sys_sendmsg+0x10/0x10 [ 82.044186][ T6872] ? __pfx_lock_release+0x10/0x10 [ 82.044203][ T6872] ? trace_lock_acquire+0x14e/0x1f0 [ 82.044225][ T6872] ? __fget_files+0x206/0x3a0 [ 82.044248][ T6872] __sys_sendmsg+0x16e/0x220 [ 82.044265][ T6872] ? __pfx___sys_sendmsg+0x10/0x10 [ 82.044281][ T6872] ? __ia32_sys_futex_time32+0x1da/0x460 [ 82.044311][ T6872] __do_fast_syscall_32+0x73/0x120 [ 82.044328][ T6872] do_fast_syscall_32+0x32/0x80 [ 82.044343][ T6872] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 82.044368][ T6872] RIP: 0023:0xf7fd3579 [ 82.044382][ T6872] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 82.044396][ T6872] RSP: 002b:00000000f50d555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 82.044442][ T6872] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000040 [ 82.044451][ T6872] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000 [ 82.044460][ T6872] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 82.044468][ T6872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 82.044476][ T6872] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 82.044495][ T6872] [ 82.044502][ T6872] Mem-Info: [ 82.171242][ T6872] active_anon:2903 inactive_anon:3891 isolated_anon:0 [ 82.171242][ T6872] active_file:1123 inactive_file:2463 isolated_file:0 [ 82.171242][ T6872] unevictable:1768 dirty:488 writeback:0 [ 82.171242][ T6872] slab_reclaimable:5849 slab_unreclaimable:56268 [ 82.171242][ T6872] mapped:24854 shmem:4403 pagetables:784 [ 82.171242][ T6872] sec_pagetables:302 bounce:0 [ 82.171242][ T6872] kernel_misc_reclaimable:0 [ 82.171242][ T6872] free:68402 free_pcp:5861 free_cma:0 [ 82.192197][ T6872] Node 0 active_anon:32kB inactive_anon:100kB active_file:152kB inactive_file:332kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:1576kB dirty:0kB writeback:0kB shmem:3572kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9652kB pagetables:1152kB sec_pagetables:1160kB all_unreclaimable? no [ 82.201388][ T6872] Node 1 active_anon:11620kB inactive_anon:15464kB active_file:4476kB inactive_file:9784kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:98220kB dirty:1952kB writeback:0kB shmem:14040kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2488kB pagetables:2060kB sec_pagetables:48kB all_unreclaimable? no [ 82.211847][ T6872] Node 0 DMA free:1132kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:8kB inactive_anon:16kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:144kB local_pcp:12kB free_cma:0kB [ 82.219795][ T6872] lowmem_reserve[]: 0 297 0 0 0 [ 82.221726][ T6872] Node 0 DMA32 free:17664kB boost:0kB min:13672kB low:17088kB high:20504kB reserved_highatomic:0KB active_anon:240kB inactive_anon:500kB active_file:56kB inactive_file:504kB unevictable:3536kB writepending:0kB present:1032196kB managed:305040kB mlocked:0kB bounce:0kB free_pcp:2176kB local_pcp:1432kB free_cma:0kB [ 82.223438][ T6909] netlink: 4 bytes leftover after parsing attributes in process `syz.1.320'. [ 82.230120][ T6872] lowmem_reserve[]: 0 0 0 0 0 [ 82.235103][ T6872] Node 1 DMA32 free:261828kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:4096KB active_anon:11620kB inactive_anon:15464kB active_file:4476kB inactive_file:9784kB unevictable:3536kB writepending:1952kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:13496kB local_pcp:8824kB free_cma:0kB [ 82.246254][ T6872] lowmem_reserve[]: 0 0 0 0 0 [ 82.247905][ T6872] Node 0 DMA: 35*4kB (U) 2*8kB (U) 1*16kB (U) 31*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 1164kB [ 82.251859][ T6872] Node 0 DMA32: 32*4kB (ME) 237*8kB (UME) 182*16kB (UME) 138*32kB (UME) 55*64kB (ME) 12*128kB (UME) 6*256kB (UM) 2*512kB (ME) 0*1024kB 0*2048kB 0*4096kB = 16968kB [ 82.256388][ T6872] Node 1 DMA32: 39*4kB (UMEH) 55*8kB (UMEH) 34*16kB (UMEH) 62*32kB (UMEH) 138*64kB (UMEH) 112*128kB (UMEH) 52*256kB (UMEH) 36*512kB (UMH) 23*1024kB (UMH) 8*2048kB (UM) 40*4096kB (U) = 261812kB [ 82.268395][ T6872] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 82.271158][ T6872] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 82.273770][ T6872] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 82.277074][ T6872] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 82.281703][ T6872] 8280 total pagecache pages [ 82.283106][ T6872] 34 pages in swap cache [ 82.284361][ T6872] Free swap = 116300kB [ 82.285932][ T6872] Total swap = 124996kB [ 82.288174][ T6872] 524155 pages RAM [ 82.289547][ T6872] 0 pages HighMem/MovableOnly [ 82.290929][ T6872] 206992 pages reserved [ 82.292203][ T6872] 0 pages cma reserved [ 82.766411][ T6931] netlink: 'syz.3.330': attribute type 39 has an invalid length. [ 83.536748][ T6954] netlink: 4 bytes leftover after parsing attributes in process `syz.0.339'. [ 84.039887][ T5953] IPVS: starting estimator thread 0... [ 84.128755][ T6975] IPVS: using max 39 ests per chain, 93600 per kthread [ 85.361153][ T7017] netlink: 'syz.1.361': attribute type 39 has an invalid length. [ 85.701019][ T7031] netlink: 'syz.1.368': attribute type 4 has an invalid length. [ 86.233936][ T7054] netlink: 4 bytes leftover after parsing attributes in process `syz.2.376'. [ 86.901629][ T7075] random: crng reseeded on system resumption [ 87.500821][ T5958] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 87.506264][ T5958] CPU: 2 UID: 0 PID: 5958 Comm: kworker/u33:4 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0 [ 87.506286][ T5958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.506298][ T5958] Workqueue: hci1 hci_rx_work [ 87.506460][ T5958] Call Trace: [ 87.506500][ T5958] [ 87.506506][ T5958] dump_stack_lvl+0x16c/0x1f0 [ 87.506543][ T5958] sysfs_warn_dup+0x7f/0xa0 [ 87.506594][ T5958] sysfs_create_dir_ns+0x24d/0x2b0 [ 87.506609][ T5958] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 87.506627][ T5958] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 87.506645][ T5958] ? kobject_add_internal+0x12d/0x990 [ 87.506658][ T5958] ? do_raw_spin_unlock+0x172/0x230 [ 87.506684][ T5958] kobject_add_internal+0x2c8/0x990 [ 87.506697][ T5958] kobject_add+0x16f/0x240 [ 87.506707][ T5958] ? __pfx_kobject_add+0x10/0x10 [ 87.506716][ T5958] ? class_to_subsys+0x3e/0x160 [ 87.506769][ T5958] ? do_raw_spin_unlock+0x172/0x230 [ 87.506785][ T5958] ? kobject_put+0xab/0x5a0 [ 87.506800][ T5958] device_add+0x289/0x1a70 [ 87.506821][ T5958] ? __pfx_dev_set_name+0x10/0x10 [ 87.506837][ T5958] ? __pfx_device_add+0x10/0x10 [ 87.506850][ T5958] ? mgmt_send_event_skb+0x2f2/0x460 [ 87.506874][ T5958] hci_conn_add_sysfs+0x17e/0x230 [ 87.506890][ T5958] le_conn_complete_evt+0xfce/0x1d10 [ 87.506906][ T5958] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 87.506916][ T5958] ? trace_contention_end+0xee/0x140 [ 87.506931][ T5958] ? __mutex_lock+0x1cc/0xb10 [ 87.506945][ T5958] hci_le_conn_complete_evt+0x23c/0x370 [ 87.506958][ T5958] hci_le_meta_evt+0x2e2/0x5d0 [ 87.506970][ T5958] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 87.506982][ T5958] hci_event_packet+0x666/0x1190 [ 87.507002][ T5958] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 87.507015][ T5958] ? __pfx_hci_event_packet+0x10/0x10 [ 87.507024][ T5958] ? mark_held_locks+0x9f/0xe0 [ 87.507036][ T5958] ? kcov_remote_start+0x3cf/0x6e0 [ 87.507049][ T5958] ? lockdep_hardirqs_on+0x7c/0x110 [ 87.507067][ T5958] hci_rx_work+0x2c5/0x16b0 [ 87.507078][ T5958] ? process_one_work+0x933/0x1b30 [ 87.507092][ T5958] process_one_work+0x958/0x1b30 [ 87.507110][ T5958] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 87.507122][ T5958] ? __pfx_process_one_work+0x10/0x10 [ 87.507137][ T5958] ? assign_work+0x1a0/0x250 [ 87.507148][ T5958] worker_thread+0x6c8/0xf00 [ 87.507164][ T5958] ? __pfx_worker_thread+0x10/0x10 [ 87.507176][ T5958] kthread+0x3af/0x750 [ 87.507186][ T5958] ? __pfx_kthread+0x10/0x10 [ 87.507213][ T5958] ? lock_acquire+0x2f/0xb0 [ 87.507228][ T5958] ? __pfx_kthread+0x10/0x10 [ 87.507239][ T5958] ret_from_fork+0x45/0x80 [ 87.507255][ T5958] ? __pfx_kthread+0x10/0x10 [ 87.507267][ T5958] ret_from_fork_asm+0x1a/0x30 [ 87.507289][ T5958] [ 87.609404][ T5958] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 87.614437][ T5958] Bluetooth: hci1: failed to register connection device [ 87.748629][ T7098] netlink: 'syz.3.391': attribute type 39 has an invalid length. [ 88.307238][ T7129] netlink: 'syz.0.403': attribute type 39 has an invalid length. [ 88.587537][ T7150] netlink: 24 bytes leftover after parsing attributes in process `syz.2.411'. [ 88.646727][ T7157] wireguard0: entered promiscuous mode [ 88.649625][ T7157] wireguard0: entered allmulticast mode [ 88.858349][ T7168] netlink: 'syz.2.418': attribute type 39 has an invalid length. [ 88.969440][ T7176] netlink: 24 bytes leftover after parsing attributes in process `syz.2.422'. [ 89.298986][ T7190] netlink: 'syz.3.428': attribute type 39 has an invalid length. [ 89.393418][ T7198] netlink: 16 bytes leftover after parsing attributes in process `syz.1.431'. [ 89.960926][ T7206] random: crng reseeded on system resumption [ 90.537409][ T7214] netlink: 'syz.1.437': attribute type 39 has an invalid length. [ 90.637739][ T5958] Bluetooth: hci3: command tx timeout [ 90.760317][ T7222] netlink: 16 bytes leftover after parsing attributes in process `syz.1.441'. [ 90.972452][ T7236] netlink: 'syz.3.448': attribute type 39 has an invalid length. [ 91.112027][ T7246] random: crng reseeded on system resumption [ 91.400407][ T7262] netlink: 'syz.3.458': attribute type 39 has an invalid length. [ 92.158256][ T7287] tmpfs: Bad value for 'nr_blocks' [ 92.452565][ T7295] netlink: 'syz.3.470': attribute type 39 has an invalid length. [ 92.561456][ T7299] netlink: 8 bytes leftover after parsing attributes in process `syz.3.472'. [ 92.934325][ T7321] netlink: 'syz.2.480': attribute type 39 has an invalid length. [ 93.404696][ T5990] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 93.547392][ T5990] usb 7-1: device descriptor read/64, error -71 [ 93.787394][ T5990] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 93.927397][ T5990] usb 7-1: device descriptor read/64, error -71 [ 94.009686][ T7358] random: crng reseeded on system resumption [ 94.047626][ T5990] usb usb7-port1: attempt power cycle [ 94.387432][ T5990] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 94.407915][ T5990] usb 7-1: device descriptor read/8, error -71 [ 94.687433][ T5990] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 94.727753][ T5990] usb 7-1: device descriptor read/8, error -71 [ 94.841821][ T5990] usb usb7-port1: unable to enumerate USB device [ 96.297393][ T72] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 96.437448][ T72] usb 8-1: device descriptor read/64, error -71 [ 96.677709][ T72] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 96.776621][ T7446] netlink: 'syz.1.530': attribute type 39 has an invalid length. [ 96.820074][ T72] usb 8-1: device descriptor read/64, error -71 [ 96.929558][ T72] usb usb8-port1: attempt power cycle [ 96.955386][ T7461] tmpfs: Bad value for 'nr_blocks' [ 97.277453][ T72] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 97.299828][ T72] usb 8-1: device descriptor read/8, error -71 [ 97.547544][ T72] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 97.567888][ T72] usb 8-1: device descriptor read/8, error -71 [ 97.679144][ T72] usb usb8-port1: unable to enumerate USB device [ 98.178133][ T7483] netlink: 12 bytes leftover after parsing attributes in process `syz.2.544'. [ 98.948390][ T7507] netlink: 12 bytes leftover after parsing attributes in process `syz.0.555'. [ 99.325605][ T7535] netlink: 12 bytes leftover after parsing attributes in process `syz.1.566'. [ 99.839474][ T5958] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 99.844474][ T5958] Bluetooth: hci3: Injecting HCI hardware error event [ 99.847236][ T5958] Bluetooth: hci3: hardware error 0x00 [ 100.539011][ T5318] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 100.677410][ T5318] usb 6-1: device descriptor read/64, error -71 [ 100.807852][ T5952] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 100.811661][ T5952] Bluetooth: hci1: Injecting HCI hardware error event [ 100.814970][ T5952] Bluetooth: hci1: hardware error 0x00 [ 100.917755][ T5318] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 101.057897][ T5318] usb 6-1: device descriptor read/64, error -71 [ 101.178365][ T5318] usb usb6-port1: attempt power cycle [ 101.519118][ T5318] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 101.538216][ T5318] usb 6-1: device descriptor read/8, error -71 [ 101.797384][ T5318] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 101.817811][ T5318] usb 6-1: device descriptor read/8, error -71 [ 101.917553][ T5958] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 101.929071][ T5318] usb usb6-port1: unable to enumerate USB device [ 102.877494][ T5952] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 103.977928][ T72] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 104.108280][ T72] usb 7-1: device descriptor read/64, error -71 [ 104.347495][ T72] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 104.487459][ T72] usb 7-1: device descriptor read/64, error -71 [ 104.597559][ T72] usb usb7-port1: attempt power cycle [ 104.947406][ T72] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 104.968206][ T72] usb 7-1: device descriptor read/8, error -71 [ 105.207629][ T72] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 105.228006][ T72] usb 7-1: device descriptor read/8, error -71 [ 105.337608][ T72] usb usb7-port1: unable to enumerate USB device [ 107.407485][ T5990] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 107.427431][ T1460] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 107.547432][ T5990] usb 8-1: device descriptor read/64, error -71 [ 107.557425][ T1460] usb 5-1: device descriptor read/64, error -71 [ 107.800637][ T5990] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 107.807920][ T1460] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 107.845817][ T7825] ------------[ cut here ]------------ [ 107.848147][ T7825] kernel BUG at mm/hugetlb.c:2333! [ 107.850084][ T7825] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 107.854704][ T7825] CPU: 0 UID: 0 PID: 7825 Comm: syz.1.687 Not tainted 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 #0 [ 107.858508][ T7825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 107.862341][ T7825] RIP: 0010:alloc_hugetlb_folio_reserve+0xac/0xc0 [ 107.864714][ T7825] Code: a3 d0 00 00 00 e8 e4 73 a2 ff 48 c7 c7 40 56 e1 8d e8 88 c2 32 09 48 89 e8 5b 5d 41 5c 41 5d c3 cc cc cc cc e8 c5 73 a2 ff 90 <0f> 0b e8 2d 55 05 00 eb ac 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 [ 107.871718][ T7825] RSP: 0018:ffffc9000773f8f0 EFLAGS: 00010087 [ 107.873922][ T7825] RAX: 00000000000007ee RBX: ffffffff9a83d758 RCX: ffffc9000c402000 [ 107.876844][ T7825] RDX: 0000000000080000 RSI: ffffffff82167acb RDI: 0000000000000007 [ 107.879738][ T7825] RBP: ffffea0000478000 R08: 0000000000000007 R09: 0000000000000000 [ 107.882596][ T7825] R10: 0000000000000000 R11: 0000000000000066 R12: 0000000000000000 [ 107.885469][ T7825] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000015 [ 107.888355][ T7825] FS: 0000000000000000(0000) GS:ffff88802b400000(0063) knlGS:00000000f50c6b40 [ 107.891718][ T7825] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 107.894137][ T7825] CR2: 00000000f742d230 CR3: 0000000021e04000 CR4: 0000000000352ef0 [ 107.897045][ T7825] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 107.899939][ T7825] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 107.902818][ T7825] Call Trace: [ 107.904083][ T7825] [ 107.905184][ T7825] ? die+0x31/0x80 [ 107.906616][ T7825] ? do_trap+0x232/0x430 [ 107.908187][ T7825] ? alloc_hugetlb_folio_reserve+0xac/0xc0 [ 107.910342][ T7825] ? alloc_hugetlb_folio_reserve+0xac/0xc0 [ 107.912508][ T7825] ? do_error_trap+0xf4/0x230 [ 107.914239][ T7825] ? alloc_hugetlb_folio_reserve+0xac/0xc0 [ 107.916458][ T7825] ? handle_invalid_op+0x34/0x40 [ 107.918289][ T7825] ? alloc_hugetlb_folio_reserve+0xac/0xc0 [ 107.920450][ T7825] ? exc_invalid_op+0x2e/0x50 [ 107.922186][ T7825] ? asm_exc_invalid_op+0x1a/0x20 [ 107.924065][ T7825] ? alloc_hugetlb_folio_reserve+0xab/0xc0 [ 107.926217][ T7825] ? alloc_hugetlb_folio_reserve+0xac/0xc0 [ 107.928344][ T7825] memfd_alloc_folio+0x16c/0x3b0 [ 107.930159][ T7825] memfd_pin_folios+0xe8c/0x1150 [ 107.932037][ T7825] ? __pfx_memfd_pin_folios+0x10/0x10 [ 107.934005][ T7825] ? __pfx___lock_acquire+0x10/0x10 [ 107.935946][ T7825] ? __pfx_down_read+0x10/0x10 [ 107.937449][ T1460] usb 5-1: device descriptor read/64, error -71 [ 107.937694][ T7825] ? __fget_files+0x206/0x3a0 [ 107.941391][ T7825] udmabuf_create+0x641/0x11e0 [ 107.943237][ T7825] ? __pfx_udmabuf_create+0x10/0x10 [ 107.945236][ T7825] ? lock_acquire+0x2f/0xb0 [ 107.946973][ T7825] ? __might_fault+0xe3/0x190 [ 107.948760][ T7825] ? __might_fault+0xe3/0x190 [ 107.950527][ T7825] udmabuf_ioctl+0x193/0x310 [ 107.952279][ T7825] ? __pfx_udmabuf_ioctl+0x10/0x10 [ 107.954175][ T7825] ? __fget_files+0x206/0x3a0 [ 107.956009][ T7825] ? __pfx_udmabuf_ioctl+0x10/0x10 [ 107.957927][ T7825] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 107.959910][ T7825] __do_fast_syscall_32+0x73/0x120 [ 107.961812][ T7825] do_fast_syscall_32+0x32/0x80 [ 107.963662][ T7825] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 107.966065][ T7825] RIP: 0023:0xf7fa0579 [ 107.967610][ T7825] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 107.974612][ T7825] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 107.977670][ T7825] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000040187542 [ 107.980545][ T7825] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 107.983407][ T7825] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 107.986315][ T7825] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 107.989190][ T7825] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 107.992108][ T7825] [ 107.993283][ T7825] Modules linked in: [ 107.994770][ T7825] ---[ end trace 0000000000000000 ]--- [ 107.996810][ T7825] RIP: 0010:alloc_hugetlb_folio_reserve+0xac/0xc0 [ 107.999179][ T7825] Code: a3 d0 00 00 00 e8 e4 73 a2 ff 48 c7 c7 40 56 e1 8d e8 88 c2 32 09 48 89 e8 5b 5d 41 5c 41 5d c3 cc cc cc cc e8 c5 73 a2 ff 90 <0f> 0b e8 2d 55 05 00 eb ac 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 [ 108.006310][ T7825] RSP: 0018:ffffc9000773f8f0 EFLAGS: 00010087 [ 108.008559][ T7825] RAX: 00000000000007ee RBX: ffffffff9a83d758 RCX: ffffc9000c402000 [ 108.011445][ T7825] RDX: 0000000000080000 RSI: ffffffff82167acb RDI: 0000000000000007 [ 108.014232][ T7825] RBP: ffffea0000478000 R08: 0000000000000007 R09: 0000000000000000 [ 108.017130][ T7825] R10: 0000000000000000 R11: 0000000000000066 R12: 0000000000000000 [ 108.019973][ T7825] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000015 [ 108.022864][ T7825] FS: 0000000000000000(0000) GS:ffff88802b400000(0063) knlGS:00000000f50c6b40 [ 108.026106][ T7825] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 108.028523][ T7825] CR2: 00000000f742d230 CR3: 0000000021e04000 CR4: 0000000000352ef0 [ 108.031415][ T7825] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 108.034306][ T7825] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 108.037246][ T7825] Kernel panic - not syncing: Fatal exception [ 108.040012][ T7825] Kernel Offset: disabled [ 108.041615][ T7825] Rebooting in 86400 seconds.. VM DIAGNOSIS: 22:47:01 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85388475 RDI=ffffffff9aad4e20 RBP=ffffffff9aad4de0 RSP=ffffc9000773f278 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6e69203a73706f4f R12=0000000000000000 R13=0000000000000020 R14=ffffffff9aad4de0 R15=0000000000000000 RIP=ffffffff8538849f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f742d230 CR3=0000000021e04000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000026c28c RBX=0000000000000001 RCX=ffffffff8b46be39 RDX=ffffed10056a6f86 RSI=ffffffff8bd2d660 RDI=ffffffff818ffe49 RBP=ffffed1003ad5910 RSP=ffffc9000047fe08 R8 =0000000000000000 R9 =ffffed10056a6f85 R10=ffff88802b537c2b R11=0000000000000000 R12=0000000000000001 R13=ffff88801d6ac880 R14=ffffffff905fea10 R15=0000000000000000 RIP=ffffffff8b46d21f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080000000 CR3=000000004c352000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000012400000000 0000000300000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=ffffc90007160000 RBX=0000000000000000 RCX=ffff888022221070 RDX=000000000000009d RSI=ffffffff867e0d56 RDI=ffff888022221268 RBP=0000000000000001 RSP=ffffc90000548b70 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=ffffc90000548ff8 R12=0000000000000001 R13=0000000000000fa0 R14=ffff888022221070 R15=0000000000000001 RIP=ffffffff867e0d93 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000559e7f15be95 CR3=000000004bd30000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007000000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000112dd4 RBX=0000000000000003 RCX=ffffffff8b46be39 RDX=ffffed10056e6f86 RSI=ffffffff8bd2d660 RDI=ffffffff818ffe49 RBP=ffffed1003ad8488 RSP=ffffc9000049fe08 R8 =0000000000000000 R9 =ffffed10056e6f85 R10=ffff88802b737c2b R11=0000000000000000 R12=0000000000000003 R13=ffff88801d6c2440 R14=ffffffff905fea10 R15=0000000000000000 RIP=ffffffff8b46d21f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=00000000485e2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f743cff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000