last executing test programs: 2.650719218s ago: executing program 2 (id=2676): r0 = socket$qrtr(0x2a, 0x2, 0x0) pwrite64(r0, &(0x7f0000000bc0)="5ee406ff9526c382e1a152c44d6060cfdaf1912341c74334c2cdc0e273a729e7bf815b43f646457aaca69ae6f7d6b8f19372ac79729975c5b431783a99e306ea7ef1b76067d5a1ae3825bcd88ec13e18f33db93038a29aa8fdd9f6e029b5b2869f5d0704145325aa34a9ae15891b861f670fad9857540b06a0d89ca3c98675c502411ffa8dacd902db805682babe7b863d235f5753688e578201226d619ebfbf597175a5f5e4df5835676507c14ad470e18de9c951e36a6e7251101962d5b30a6981e766f8852c569439e53b0dc7c51d9ae803c6eb0480e096d79ce53b231365f5f959ca262897127899db6fd58ab4cca267c441d2776926fdee8007d92779a00b7b1ab2bb9b0d43f6abea45b5f33569011625a941bc408747a8ab05aa8ac2f5685affd31e9523b5e8d2a6a3e188797f8ebcd910aa487ee50de943e851f132df6edf6e9b0d85af50ccfb313c8e9a173d9e163eacaae8e76470cb68d5dcbcbaa273aaeb43c57ebb4236490359ea2ef39e9c52e72cdee6987a644804c93db1ab427c7d325ac5fd58ba09773c415d514fc4d5ec9bdfe85046c41798c64bf678b81ca3e274db52e2e92d7009be46d6fb64d0f696738ccf9c66fb2b5f0d5d785a60755f056fbd1ad225a0438fdf2131632716f583e9e8dcf49ff351b2c04a957596f4c11116dc267f5b2bd6a9bc6047d79ac4fa00418640d34d64da79224cac70a77cf645256dc5fbc04a62a48d53ebcbda99b92990dbb93d3a8abefb15021cc7155ba16cb2128c4ba287364429b474108c5bee243e7b7a3435054e86bb43cd6686e5ecf888e0e6ccfa385ce8de400fc214ae4210f204a5fbf386fdd9ece3c3bbc77622a515d4d36e6bc805c290b6363d8c959305ce2d0a08b37d0ff72b77011415b21ff795dd7323604521fe2efca0f5a33fb429f6a5f33ac30cec81b1d525643cceb58d4d03b489ff7ee9d371550d3490ab5a5d12ad7eed8be60767eae7fb8882032efe9a88e0f5469ba4da749679fe7ac8840c9ec61125d9c579e032a8a8a6282957147d7794b5f67a74a7357b0810fcd31721696944b5d7dd2cf8171dff0797f33670a6366b202c82cb3f81e49680e18909df0f7650306a339c73beef289fd6441ba0908960e693cec3a33623cae1e5af43a5339e160c2b395ed22a64d88775825448ef65a41246ae9f2af591ce8232294cb13a5b5750f2f726ddf0b7688862202a5cc3ada0b33ee931e81fa1d6f925c88c474e579013f5b271b1c83a40f932f5ef92d8ecc22dbe9b4fb59a0cff7a93a46ff9083f26f1096e2e64e780edd2d5111e23c4042aa38a90081ebd40703ca2dae4f33af7ec9cee6f4a52a94d12c7d7045645a0d82b392fc12f0ac0d415ee271e56152a786e786faae3a9a4b1482540f645b76663c369e0e23db62190f9f76afe16f3f466c8db7a0e133bf32bf3c12d9fb68cfcbc4c2ee247e6ea3eed1963d88e8aaafc76d2d21b58e1d99dfa3ef6f6408e789c294976d0adc37b94ef5350b5ccc704896c7d00d9e48084edcb9860d6a6c059825a1e723802e31b32723c734c708295cf2f39f1762028c176a10276fe296e711eff57189a559cb430dc8343221c4abb377ceada3dfde547ea3b69eb55c6353e5adba2339b2cf79a653d4bcd5520192e0e5320f8320c210bf96873855f809df7d9ee0c202a66570ca5f64202811721102769001e298869f40281fc37b2c57ffac70d655764f432da08df8a9e5d6a092472aae1deb73fb85b81c2e82ba14616ebf39e9ccfbd91a912a544a6eb64f51f3b5c5a9e8776cc63ee8c47f535c5208c63f6a9f0c75a64e284910060846c87fcc9397ba9d714eaaed1d23a769b67068c2432dd6b196ebf33567016f8b8bf7a4d2c3eae4f233b4a8ef5233c957c790de0447b1d22747b4e8cb500f6dc9434edc72ac3c70ff54f64fafa393279d36783e029cc3a4f66744260a9a50c22e3ff08087ee86f2fc14c37c85ba3597b5a873ebcdb4598627ea901a01b6ab51d4e9b986c68dd71e7ce6cfafe22ff3dc5c14fa9680994b36567a6d136179cc8eaa6aeab32d752313efe18504347c40d7fa522ac73e4bdc81d3e085a708996d97a21003e0dcd5258215b0ad6a5fa1549d9bc944cfde21035d79f7a07f55368813c7cd010401e2b198fa53eecf5909392177cfc8218e34087fd29177eeb212ffc83980faa13c65ae345de36a4b68bd2a3c83788c3cc9ca165b5d89944f56fa5e8299dbabd1cb69da155dbc35268d707b83b39ae0432b39002182f057800b0861d34007b9000d5ab43f99d828f897fe1f3b70934ea79c4e610f5f23d364e39e853955161f12ddd9f9f0d6abf561cfda4e40319248d81a5a832e5006f0fb35d4af7a931264f424647c2993c622a858ee60315f3f55bf2eec2fce31fd1501631943bb11231d23f3838cda5dc87cf93acb99e3ee9d01d1d50d7aa49d954b50574244850a2c16d67ab60a7a35a3beda25bc5ffc5d0e8357d67a9f58bbc8702700a3860162eddad7b0c36312e09ac9c13efbbdb069cfc6d08190c3739ba0b96f89a87d59598931d93404d40a526b18173eda32b34365d8fa5dbd3c03aaad3687ebf6b5c4225a292e73f4683446c18519f77318e13cae4d1a80f553971136c6d650d1baea4a02fce408e0d2e8a8ffb69678cf77b52fa2007f3f77e9b0b530165131b804177249031b3b33f8fe809dceb0721735feffc58ed165fba0ab87c2af2ac8c149c9cc29371bac053f755214bfd04d79ae073233e0794be646a37148aefe08585c2984ae1bc86b6b5d1f13384cb4b4f630d0f189512fb0c738834191ee87838b9db823df2d89b06c0076b95101d10a8cd9fa2d8e07e48ac44c3254c5cdc080c10e34e6069549e5bd990c4f8b686246f48fd2266d746b60fbf9b98d4dbe2b3b0b7a682b5472f455b4b4b36510b4eddbda8077bb844060250086a7fae81220a09c61d4d35746a5df733f41c4480786394084419d6729f75f8751e23be730da507f86d0ae4db25f0d329e5dfafff62fef8a0322aa02247b180150b57a10ee68b97897a1362a434cd4ddac47941f7b7f0e5be497900e75dce5518f468814dd25bad099dfdaaba74a4b30110e67cce92c9b4454fd64bc6c5254bc36b265a9a4bad8bf4cee0eeb33fdc3f025d07baa4146fc1793ccbcd345b816cc7aac42f69d30534a2f95f7009c2ef9aab80f3f36f3ae51c1dbcf4a7cb737d4438a508daa4c37a5aa077d0c82723c48f6fdd008876e26bef1026d743bc5b436157bcb09548ccb8b8abf90f5338177eefdd657820a36e8f6c4ff59052d2657f1d0594248a0610c30206f8a93c25acb263f8abc5bb9b237dd0098bed356bf2d206ecbeb1a447f1839bf51f72f684eeabab29a327cf5b87fc61e3ff0a0751e33ffd0b629fea45f8fd85ce35cbbebeb687ffc0ba31092381d42ec3bdb071f14910a10e156e4caa76765c42016f1b92cf9d15d85c6180d3ec498c3b1c67e17b6384f9ed722353e934a0e562e9f00619065433794dfb21c402d8a40647c800f5a7365ada0db0081fb830ef03f1615cfee80ec1fbafb4a01a71f4799392f6b75d1f22a9a564fd1de51cc7f9b9ba7f88188633d13b8dc753d8a99a143a139b0fcfbbe228faa6f28b785668f0b2a870b8004212f93349ef3561941c1bc6ba12a5663424f178117e96081ca74848d132832b6e6b4024702934a717b990a1a8d189bb6d59f6261ef82197a42f8db357eb578a094eab97b0b7682a6b61cc9917854a3d3bfd6b46c17803b10e37b30766b45136973e8a4841b4aa3923b5a58c49ed0fc5c00690694068b32b2d8b9a4c10f325dc4f4144952a5aefc50e0a7fa05bd8e1bb07c71233fb1ad58d78f442fa450043076b36addecc2222b6e72c40188d8a134dcb87693ed1ef09084f99611f1aaa6d35c3f5111e544fa8c0109def397cf149b9cd3e26b663310272761ffd16903cb02c02d323ba8ce0ccb0afd00d499005464e3ed1f63c61e8619e85348ee21b024f4eabfae486016096a0e718e12c7d75a51381aed9a3f778590866c8bf14252b1b6855ced0726c04eed1ed39c4053d79fef6a8b2a3e62d4bcef8217159087271f8ad7ffdc8d426a76e0303933fb38b9aa7b2cd6ba5684746ff35e2230cc6a86bbe62bc2bdad0bfe21c72417b86a998b987b7b6b4441e6ccbbbbafc26bc9e368613bc7723ff3c2ffb04d6a9fe94263a465e18ae552e0346cea1e049a9009f13525dcf66b2f1b65bcb755c8ad9d741044d5227466842107db7681bb36dfa76e34b48c9d5ca482470db128adc7d5d1fd08b9bb7456403268da1fa1f376ce0f0a898841856e2168217e304efbc025a1a7e72b713b1fbc196dddfca00509433f639961f4da2714a443783ac64772a3bd6ab1cf8f68506d4f2360a804ed0d71bd38ed9748d2143aa89589893cbfce05c510add893b8bff74346f8aea0b98e7f37e85c691842a79ee31ad8023789236ac6da38140b38fa8f76fc6b11fc56bf345e824439aeac5c69eef577da79451fee9c7d84ed1f286aea4ec4f55ea391a8ac458dc1be4f622f6d9b448a073d2738dc76470c04180156e4a1e345093a80637b2eb1191d068665aecdebaaff90c41154217255e9099cdd2f9b32e5e7c84943ee13ef65683ea65d0b083c427f18cd159f94464f31009d06634888d2307401577c96e12f667ebf889fa2e807c66082ab70d3bc98a538ce06916129dec717ce3fefda01bc279234a5fda8db80095b12d91adc1814ce4ebd40caf1c33418cfbfed84955801951bbeb96242842dfcb90ecbf1098c5d79342cb48f90dba5a0a09eaf9f6ed8dbb0a8b0eafb900153c3a99dba5308484cb14d05521b64f190f1fa9ad2118c76ff2d0ecad742ef9d05c5107dd4d1fc35ec9571c989f6a9567b1850d5c11130ff2f3b626c1562110f03e27d872df8f01d1da128da9c6dc060017989543cc963ad5686dc07ddd4271c6a254963c45eb3d86b9439ed30cc23424b9e4dc304edbeb82e3c14cc4a8a2b8954ad1be001ae77af77e0d399faaee1d4f7fe2edb28df830ca77af882dcfa2638391f9b03eaa9d03b5710e1640268c41fd225cafb12a56218e265aba3fd11f71dd1349fc56bb3f01ed6ee9c08c8c6f5845201b491e2707900cca15bab51c3020f745cc68795bf81ae11cd09620eebdb2c93cfe02fcccb0b9304aefea25e2ca10f1be49c60c4414755f45cebc87d04597e0df3c8b2d0f9c6a1ba418b741a065eed3c57396d4e8f7c4e367e855f28267650450ab22def821ad9dd357795f4328c22dfb7c81eeb8631eed7b2f4226368b919ada49c0c0665d14c7635e3c0797f78a87248f2bcbf03939bc161bfd68754c0822e567bf89812e0f8021a3096471fb1ab1cc4d36da1a15b33a53d647fa6994f20e8083eb48c473c495db742f30785e37bec252557b7af168f00bf7c4f677eed6b4163affe8f095af9485d975712c0546f0f62e9ec5f4417c7f1ebf288c39854dd05a97dd3a37f9365871584f903d0f348036adeca3186c6b841dd3e520eaa4bd43ff85e2e042ca0b104807c91f1a1d3e2e304428b90a08794483d6cf533bf567fd633b2cc509e42f37d968181b615dfe977690691cdad01eb6ff8fedc3f1bc982f5fc1716f1e3e77dd3523d3ec17aba944cfe097e1ef90e685301523c15951e21d3804667be4a6f0d9f7063ef1df36a0cdd5732566f1eae2e0dc33b35ebde71099a6ce3c4ce3b8a92c8c02c972976e1c6574ed440da9458dd9d83d3ca8cf0763cc36d9aa47ed2907a7f17a989e1b7985303558f6cad7c5449ea8691ef6", 0x1000, 0x5) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0) mmap(&(0x7f0000543000/0x1000)=nil, 0x1000, 0x0, 0x2031, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) prctl$PR_SET_NAME(0xf, 0x0) pread64(r2, &(0x7f0000000300)=""/150, 0x96, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) 1.751538011s ago: executing program 2 (id=2677): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r3, 0x800448d2, 0x0) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10) bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) r4 = io_uring_setup(0x37e2, &(0x7f0000000240)) close_range(r4, 0xffffffffffffffff, 0x0) 1.670744559s ago: executing program 2 (id=2678): seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0001}]}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x0, 0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40082104, 0x0) 1.670466495s ago: executing program 2 (id=2679): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) 1.601668217s ago: executing program 2 (id=2680): r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) ioctl$SG_GET_PACK_ID(r0, 0x227c, 0x0) 1.601339227s ago: executing program 2 (id=2681): socket$netlink(0x10, 0x3, 0x0) sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x10) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769"], 0x40}}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x8, 0x0, 0x7ffc1ffb}]}) open(&(0x7f0000000140)='./bus\x00', 0x14937e, 0x0) r4 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) ftruncate(r4, 0x2007ffb) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}}, 0x0) socket$packet(0x11, 0x3, 0x300) r6 = open(&(0x7f00000005c0)='./bus\x00', 0x147842, 0x0) preadv2(r6, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0) 1.102405911s ago: executing program 0 (id=2690): r0 = openat$ptp0(0xffffff9c, &(0x7f0000000000), 0x8400, 0x0) ioctl$PTP_SYS_OFFSET_EXTENDED(r0, 0xc4c03d09, 0x0) 1.04125802s ago: executing program 0 (id=2693): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) iopl(0x3) 930.251305ms ago: executing program 0 (id=2696): r0 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) finit_module(r0, 0x0, 0x0) 861.93586ms ago: executing program 0 (id=2697): r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0) ioctl$LOOP_SET_STATUS(r0, 0x40081271, 0x0) 793.250048ms ago: executing program 0 (id=2700): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = socket(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, &(0x7f00000006c0)=ANY=[@ANYBLOB="3a0002"], 0x8) 769.12717ms ago: executing program 0 (id=2702): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = dup(r1) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RLERRORu(r2, &(0x7f0000000380)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f00000008c0)={0xe, 0x18, 0xfa00, @ib_path={0x0}}, 0x20) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000800000003003c02ffffffef3501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000680)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}}) 350.976057ms ago: executing program 3 (id=2712): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x6, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) lgetxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) 291.721366ms ago: executing program 3 (id=2713): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0xe, &(0x7f00000002c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0ff1100001f79a4f0ff00000000b706000000000081ad64020000000000450404"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0xe8, &(0x7f0000000540)={&(0x7f00000002c0)=ANY=[@ANYBLOB="6c010000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088040010c8054000b80080009"], 0x16c}}, 0x0) 291.471759ms ago: executing program 3 (id=2715): socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0) 158.82359ms ago: executing program 1 (id=2719): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000042020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = memfd_secret(0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r1, 0x0) ftruncate(r1, 0x51a9497) r2 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x40000000}, &(0x7f0000000100), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) 155.089007ms ago: executing program 1 (id=2720): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) 61.757345ms ago: executing program 1 (id=2721): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000003c0)=ANY=[], 0x8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) sendmmsg$inet6(r0, &(0x7f00000014c0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)="8252", 0x2}, {&(0x7f0000000040)="19299054eb395649bd9f0422ff12", 0xe}], 0x2}}], 0x1, 0x4000c000) sendto$inet6(r0, &(0x7f0000000180)="0239e50417c7c545ba68694d", 0xc, 0x4000800, 0x0, 0x0) 61.236746ms ago: executing program 1 (id=2722): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x68, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x3c, 0x3, 0x0, 0x1, [{0x38, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x2c, 0xb, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_QUOTA_FLAGS={0x8}, @NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x2db}]}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xec}}, 0x0) r0 = socket$inet6(0xa, 0x80002, 0x88) recvmsg(r0, &(0x7f0000000340)={0x0, 0x2, &(0x7f0000000280), 0x45}, 0x0) 61.11677ms ago: executing program 3 (id=2723): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) fadvise64(r0, 0xffffffffffff7fff, 0x4, 0x0) 60.899201ms ago: executing program 1 (id=2724): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x8001000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x268, 0x0, 0x11, 0x148, 0xf8, 0x0, 0x1d0, 0x2a8, 0x2a8, 0x1d0, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x98, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x3, 0x1, 0x4]}, {0xffffffffffffffff}}}}, {{@ip={@multicast2, @private, 0x0, 0x0, 'ip_vti0\x00', 'geneve0\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c8) 1.017218ms ago: executing program 3 (id=2725): setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3e, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) renameat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 387.467µs ago: executing program 3 (id=2726): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4) sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000180)="ec75", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000001080)="63c3b1aaea9b9e5481dcd8c125f478bedc0474ab0607636ee67ac131020000c8001af506896b01dc", 0x28}], 0x1}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000700)="acc841985992b79554acfc02163bb0fb2bb293e68702bb40b6b870bde5700d368744361ae9fce3a4ff", 0x29}, {&(0x7f0000000740)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc487553859348d48e6fc49d81c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b95e269169f5f7b51dd5319b8016623d1863d70581691a79a6678db1e5e7fa1c98c5b9e4a87272e9c4a1bde5fbc390c7ccb9d3c1020e80bd0659e82d861dc6fe4c62639134c54e708601eae992000000", 0xd2}, {&(0x7f0000000940)="5be3b011e12323e4ab88c0472f0700000000000000e71ba62334303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b39297bbbc2580600000000000000d6e36e737691a1c6bd2a64b2a85cbaaf648c910000000000000000", 0x7b}, {&(0x7f0000000ac0)="bd2f6aa36cea0e62ac00a4539dd80281164750339fcc3cd1f7bb1b74e98dbbe81e997d4847ee5d06a72e6f1c6b8a873c7ea7760f102483b578526af9775e51b84818d0", 0x43}, {&(0x7f0000000840)="d31547c4f8a72a1d1f163c917e6e9ec6044b034b0fb9ad2702a1952a1914f33cdc35f1bc4139b5b35c886ad316729ceb015bdfaaae494bd9b206f9b201fe6e3f06f72abee112774d0fc530e9b05abf1a8df5a4a0cf9931e439d263fd5308507f32e9fc5a26752d6d5b984699efb70fb7f6f59c93dff1549946427fc420bd55256245dfe80908c219b7c053c646823af43dbb8a8ab1e1b20809cca5d52815afb14c76b97dc2ca4f7bf783579e6fcfe7f7e9105b3bc57414bd4da31fd1f155dd075ebda47cb00d0c9021b1878ebe9aaf907f82a62b9d7300c6b70a74620f40a1df8beeee3c296bf362dddcebca", 0xec}, {&(0x7f0000000640)="91f863dc974c0b31640ea56f5f2219e02b867338a4451b988393b9364939b45ee08a130e785e56198dbd0b4eed94352b188d74078f545ed6f7a9860324bf3f63326549b3f6dd96ebd6c43870644a554bf8ee7b9409ca7f4a01aafd53907f", 0x5e}], 0x6}}], 0x3, 0xc0) setsockopt$sock_int(r0, 0x1, 0x8, 0x0, 0x0) sendto$inet(r0, &(0x7f00000012c0)="09268a92", 0x4, 0x11, 0x0, 0x0) 0s ago: executing program 1 (id=2727): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000001200)={0x1d, r2, 0x0, {0x0, 0x0, 0x4}}, 0x18) connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r2, 0x0, {0x1, 0xff}}, 0x18) writev(r1, &(0x7f0000000240)=[{&(0x7f0000000000)='h', 0xfdef}], 0x1) setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000700)=[{0x2, 0x3, {0x1}, {0x1}}, {0x0, 0x0, {}, {}, 0x0, 0xfe}], 0x40) r3 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000240)={'vxcan0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}}, 0x0) kernel console output (not intermixed with test programs): ] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 516.744901][T12195] vivid-001: Radio HW Seek Mode: Bounded [ 516.746909][T12195] vivid-001: Radio Programmable HW Seek: false [ 516.748991][T12195] vivid-001: RDS Rx I/O Mode: Block I/O [ 516.750840][T12195] vivid-001: Generate RBDS Instead of RDS: false [ 516.753112][T12195] vivid-001: RDS Reception: true [ 516.755236][T12195] vivid-001: RDS Program Type: 0 inactive [ 516.758423][T12195] vivid-001: RDS PS Name: inactive [ 516.758453][T12195] vivid-001: RDS Radio Text: inactive [ 516.758478][T12195] vivid-001: RDS Traffic Announcement: false inactive [ 516.758504][T12195] vivid-001: RDS Traffic Program: false inactive [ 516.758530][T12195] vivid-001: RDS Music: false inactive [ 516.758558][T12195] vivid-001: ================== END STATUS ================== [ 517.744512][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 517.789980][T12201] ax25_connect(): syz.2.1869 uses autobind, please contact jreuter@yaina.de [ 518.084141][T12204] input: syz0 as /devices/virtual/input/input178 [ 518.414392][T12207] capability: warning: `syz.0.1871' uses 32-bit capabilities (legacy support in use) [ 518.553543][T12209] syz.0.1872 (12209): drop_caches: 2 [ 518.558851][T12209] usb usb6: usbfs: process 12209 (syz.0.1872) did not claim interface 0 before use [ 518.774529][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 519.307948][T12223] netlink: 180 bytes leftover after parsing attributes in process `syz.0.1876'. [ 519.311312][T12223] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1876'. [ 519.413571][ T4792] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 519.542628][T12219] vivid-003: ================= START STATUS ================= [ 519.549835][T12219] vivid-003: Radio HW Seek Mode: Bounded [ 519.553348][T12219] vivid-003: Radio Programmable HW Seek: false [ 519.559106][T12219] vivid-003: RDS Rx I/O Mode: Block I/O [ 519.563795][T12219] vivid-003: Generate RBDS Instead of RDS: false [ 519.565760][T12219] vivid-003: RDS Reception: true [ 519.575230][T12219] vivid-003: RDS Program Type: 0 inactive [ 519.587414][T12219] vivid-003: RDS PS Name: inactive [ 519.591665][T12219] vivid-003: RDS Radio Text: inactive [ 519.606212][T12219] vivid-003: RDS Traffic Announcement: false inactive [ 519.613463][T12219] vivid-003: RDS Traffic Program: false inactive [ 519.613483][T12219] vivid-003: RDS Music: false inactive [ 519.613499][T12219] vivid-003: ================== END STATUS ================== [ 519.717626][T12237] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1880'. [ 519.814573][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 520.229581][T12241] ipvlan2: entered promiscuous mode [ 520.336831][T12244] tmpfs: Bad value for 'mpol' [ 520.854554][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 521.469331][T12252] syz.0.1884 (12252): drop_caches: 2 [ 521.543902][T12257] input: syz0 as /devices/virtual/input/input179 [ 521.594602][T11934] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 521.754722][T11934] usb 6-1: Using ep0 maxpacket: 8 [ 521.766521][T11934] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 521.769485][T11934] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 521.772922][T11934] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 521.784689][T11934] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 521.788167][T11934] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 521.792667][T11934] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 521.796393][T11934] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 521.904641][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 522.006475][T11934] usb 6-1: usb_control_msg returned -32 [ 522.008505][T11934] usbtmc 6-1:16.0: can't read capabilities [ 522.424527][T11934] usb 6-1: USB disconnect, device number 19 [ 522.944720][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 523.726019][T12288] input: syz0 as /devices/virtual/input/input180 [ 523.984531][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 524.444598][ T5385] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 524.614905][ T5385] usb 7-1: Using ep0 maxpacket: 32 [ 524.619266][ T5385] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 524.621532][ T5385] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 524.623914][ T5385] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 524.626909][ T5385] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 524.629587][ T5385] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 524.632190][ T5385] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 524.637444][ T5385] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 524.639914][ T5385] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 524.643957][ T5385] usb 7-1: config 0 descriptor?? [ 524.854975][ T5385] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 23 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 524.868115][ T5385] usb 7-1: USB disconnect, device number 23 [ 524.870780][ T5385] usblp0: removed [ 525.024544][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 525.210706][T12299] syz.0.1899 (12299): drop_caches: 2 [ 525.225166][T12299] usb usb6: usbfs: process 12299 (syz.0.1899) did not claim interface 0 before use [ 525.324839][ T5402] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 525.484557][ T5402] usb 7-1: Using ep0 maxpacket: 32 [ 525.488339][ T5402] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 525.490571][ T5402] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 525.493640][ T5402] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 525.496337][ T5402] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 525.499770][ T5402] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 525.504615][ T5402] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 525.508679][ T5402] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 525.511358][ T5402] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 525.519580][ T5402] usb 7-1: config 0 descriptor?? [ 525.732503][ T5402] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 24 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 525.954783][ T5385] usb 7-1: USB disconnect, device number 24 [ 525.958936][ T5385] usblp0: removed [ 526.064522][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 526.084869][ T30] usb 8-1: new high-speed USB device number 18 using dummy_hcd [ 526.286320][ T30] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 526.289829][ T30] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 526.294158][ T30] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 526.298224][ T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 526.305610][ T30] usb 8-1: config 0 descriptor?? [ 526.742464][ T30] usbhid 8-1:0.0: can't add hid device: -71 [ 526.746257][ T30] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 526.796526][ T30] usb 8-1: USB disconnect, device number 18 [ 526.961462][T12325] input: syz0 as /devices/virtual/input/input182 [ 527.094494][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 528.144506][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 528.800644][T12340] syz.2.1913 (12340): drop_caches: 2 [ 528.808115][T12340] usb usb6: usbfs: process 12340 (syz.2.1913) did not claim interface 0 before use [ 529.134671][ T5404] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 529.174556][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 529.294632][ T5404] usb 5-1: Using ep0 maxpacket: 32 [ 529.298843][ T5404] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 529.301596][ T5404] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 529.304380][ T5404] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 529.324690][ T5404] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 529.328036][ T5404] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 529.331315][ T5404] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 529.344721][ T5404] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 529.347887][ T5404] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 529.355348][ T5404] usb 5-1: config 0 descriptor?? [ 529.566851][ T5404] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 37 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 529.578497][ T5404] usb 5-1: USB disconnect, device number 37 [ 529.589102][ T5404] usblp0: removed [ 529.884589][ T30] usb 7-1: new high-speed USB device number 25 using dummy_hcd [ 529.971934][T12358] tmpfs: Bad value for 'mpol' [ 530.004540][ T7290] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 530.065985][ T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 530.070159][ T30] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 530.076404][ T30] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 530.079821][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 530.085157][ T30] usb 7-1: config 0 descriptor?? [ 530.164635][ T7290] usb 5-1: Using ep0 maxpacket: 32 [ 530.175218][ T7290] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 530.177520][ T7290] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 530.179782][ T7290] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 530.182172][ T7290] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 530.185108][ T7290] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 530.187589][ T7290] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 530.194503][ T7290] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 530.196864][ T7290] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 530.205756][ T7290] usb 5-1: config 0 descriptor?? [ 530.224588][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 530.398133][ T4792] Bluetooth: hci0: unexpected event for opcode 0x2002 [ 530.419215][ T7290] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 38 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 530.498891][ T30] usbhid 7-1:0.0: can't add hid device: -71 [ 530.501245][ T30] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 530.505495][ T30] usb 7-1: USB disconnect, device number 25 [ 530.629888][ T25] usb 5-1: USB disconnect, device number 38 [ 530.636696][ T25] usblp0: removed [ 530.885428][T12376] syz.3.1924 (12376): drop_caches: 2 [ 530.909035][T12376] usb usb6: usbfs: process 12376 (syz.3.1924) did not claim interface 0 before use [ 531.254503][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 531.354634][T12384] nbd0: detected capacity change from 0 to 12 [ 531.359983][T12125] block nbd0: Send control failed (result -89) [ 531.362177][T12125] block nbd0: Request send failed, requeueing [ 531.365807][ T4792] block nbd0: Receive control failed (result -32) [ 531.366641][ T53] block nbd0: Dead connection, failed to find a fallback [ 531.370866][T12385] block nbd0: NBD_DISCONNECT [ 531.372654][ T53] block nbd0: shutting down sockets [ 531.374801][T12385] block nbd0: Send disconnect failed -89 [ 531.376189][ T53] blk_print_req_error: 7 callbacks suppressed [ 531.376196][ T53] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 531.385507][ T53] buffer_io_error: 7 callbacks suppressed [ 531.385516][ T53] Buffer I/O error on dev nbd0, logical block 0, async page read [ 531.391428][T12125] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 531.395349][T12125] Buffer I/O error on dev nbd0, logical block 0, async page read [ 531.397763][T12125] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 531.400955][T12125] Buffer I/O error on dev nbd0, logical block 0, async page read [ 531.403830][T12125] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 531.406998][T12125] Buffer I/O error on dev nbd0, logical block 0, async page read [ 531.409860][T12125] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 531.412915][T12125] Buffer I/O error on dev nbd0, logical block 0, async page read [ 531.415742][T12125] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 531.418566][T12125] Buffer I/O error on dev nbd0, logical block 0, async page read [ 531.421409][T12125] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 531.424689][T12125] Buffer I/O error on dev nbd0, logical block 0, async page read [ 531.427491][T12125] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 531.430639][T12125] Buffer I/O error on dev nbd0, logical block 0, async page read [ 531.433294][T12125] ldm_validate_partition_table(): Disk read failed. [ 531.435801][T12125] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 531.438927][T12125] Buffer I/O error on dev nbd0, logical block 0, async page read [ 531.439746][T12384] IPVS: length: 29 != 24 [ 531.441695][T12125] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 531.446454][T12125] Buffer I/O error on dev nbd0, logical block 0, async page read [ 531.449357][T12125] Dev nbd0: unable to read RDB block 0 [ 531.451689][T12125] nbd0: unable to read partition table [ 531.453907][T12125] nbd0: partition table beyond EOD, truncated [ 531.458071][T12383] ldm_validate_partition_table(): Disk read failed. [ 531.460557][T12383] Dev nbd0: unable to read RDB block 0 [ 531.462155][T12383] nbd0: unable to read partition table [ 531.464109][T12383] nbd0: partition table beyond EOD, truncated [ 531.472728][T12125] ldm_validate_partition_table(): Disk read failed. [ 531.475994][T12125] Dev nbd0: unable to read RDB block 0 [ 531.477955][T12125] nbd0: unable to read partition table [ 531.479846][T12125] nbd0: partition table beyond EOD, truncated [ 532.237013][T12399] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 532.294521][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 532.640050][T12406] input: syz0 as /devices/virtual/input/input183 [ 533.344571][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 533.424701][ T8] usb 7-1: new high-speed USB device number 26 using dummy_hcd [ 533.544545][ T5385] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 533.590499][ T8] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 533.595321][ T8] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 533.604975][ T8] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 533.608212][ T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 533.614062][ T8] usb 7-1: config 0 descriptor?? [ 533.648233][T12416] input: syz0 as /devices/virtual/input/input184 [ 533.694828][ T5385] usb 5-1: Using ep0 maxpacket: 32 [ 533.701696][ T5385] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 533.703973][ T5385] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 533.706416][ T5385] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 533.708760][ T5385] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 533.711280][ T5385] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 533.714345][ T5385] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 533.723031][ T5385] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 533.725901][ T5385] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 533.735449][ T5385] usb 5-1: config 0 descriptor?? [ 533.950397][ T5385] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 39 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 533.963114][ T5385] usb 5-1: USB disconnect, device number 39 [ 533.971431][ T5385] usblp0: removed [ 534.028947][ T8] usbhid 7-1:0.0: can't add hid device: -71 [ 534.031252][ T8] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 534.035325][ T8] usb 7-1: USB disconnect, device number 26 [ 534.374586][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 534.424816][ T5402] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 534.456951][ T4792] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 534.460183][ T4792] Bluetooth: hci0: Injecting HCI hardware error event [ 534.463965][ T4792] Bluetooth: hci0: hardware error 0x00 [ 534.585452][ T5402] usb 5-1: Using ep0 maxpacket: 32 [ 534.589437][ T5402] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 534.591798][ T5402] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 534.594146][ T5402] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 534.596652][ T5402] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 534.599206][ T5402] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 534.601738][ T5402] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 534.605263][ T5402] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 534.607669][ T5402] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 534.610754][ T5402] usb 5-1: config 0 descriptor?? [ 534.640937][T12427] tmpfs: Bad value for 'mpol' [ 534.820638][ T5402] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 40 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 534.840835][T12432] input: syz0 as /devices/virtual/input/input185 [ 535.054058][ T5385] usb 5-1: USB disconnect, device number 40 [ 535.058190][ T5385] usblp0: removed [ 535.414528][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 535.927940][T12440] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 535.932227][T12440] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 535.933930][T12440] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 536.442595][T12454] input: syz0 as /devices/virtual/input/input186 [ 536.454554][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 536.534707][ T4792] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 536.694942][T12456] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1945'. [ 537.494561][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 537.894587][ T4792] Bluetooth: hci1: command 0x0406 tx timeout [ 537.986996][ T4792] Bluetooth: hci3: command 0x0406 tx timeout [ 537.993098][T12473] tmpfs: Bad value for 'mpol' [ 538.346042][T12477] tmpfs: Bad value for 'mpol' [ 538.534587][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 539.502033][T12491] vivid-003: ================= START STATUS ================= [ 539.508663][T12491] vivid-003: Radio HW Seek Mode: Bounded [ 539.511056][T12491] vivid-003: Radio Programmable HW Seek: false [ 539.513106][T12491] vivid-003: RDS Rx I/O Mode: Block I/O [ 539.515620][T12491] vivid-003: Generate RBDS Instead of RDS: false [ 539.517725][T12491] vivid-003: RDS Reception: true [ 539.519460][T12491] vivid-003: RDS Program Type: 0 inactive [ 539.521511][T12491] vivid-003: RDS PS Name: inactive [ 539.523154][T12491] vivid-003: RDS Radio Text: inactive [ 539.529434][T12491] vivid-003: RDS Traffic Announcement: false inactive [ 539.535460][T12491] vivid-003: RDS Traffic Program: false inactive [ 539.537305][T12491] vivid-003: RDS Music: false inactive [ 539.541292][T12491] vivid-003: ================== END STATUS ================== [ 539.574539][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 540.054616][ T4792] Bluetooth: hci3: command 0x0406 tx timeout [ 540.614595][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 540.838980][T12507] input: syz0 as /devices/virtual/input/input187 [ 541.654596][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 542.691087][T12527] syz.3.1962 (12527): drop_caches: 2 [ 542.701815][T12527] usb usb6: usbfs: process 12527 (syz.3.1962) did not claim interface 0 before use [ 542.705083][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 543.051293][T12531] tmpfs: Bad value for 'mpol' [ 543.734570][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 543.846512][T12542] tmpfs: Bad value for 'mpol' [ 544.092199][T12551] vivid-003: ================= START STATUS ================= [ 544.094279][T12551] vivid-003: Radio HW Seek Mode: Bounded [ 544.098267][T12551] vivid-003: Radio Programmable HW Seek: false [ 544.100330][T12551] vivid-003: RDS Rx I/O Mode: Block I/O [ 544.121741][T12551] vivid-003: Generate RBDS Instead of RDS: false [ 544.123534][T12551] vivid-003: RDS Reception: true [ 544.132325][T12551] vivid-003: RDS Program Type: 0 inactive [ 544.134520][T12551] vivid-003: RDS PS Name: inactive [ 544.138381][T12551] vivid-003: RDS Radio Text: inactive [ 544.140098][T12551] vivid-003: RDS Traffic Announcement: false inactive [ 544.160706][T12551] vivid-003: RDS Traffic Program: false inactive [ 544.170052][T12551] vivid-003: RDS Music: false inactive [ 544.170456][T12551] vivid-003: ================== END STATUS ================== [ 544.392677][T12554] FAULT_INJECTION: forcing a failure. [ 544.392677][T12554] name failslab, interval 1, probability 0, space 0, times 0 [ 544.392697][T12554] CPU: 1 UID: 0 PID: 12554 Comm: syz.3.1968 Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 544.392710][T12554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 544.392718][T12554] Call Trace: [ 544.392745][T12554] [ 544.392750][T12554] dump_stack_lvl+0x16c/0x1f0 [ 544.392852][T12554] should_fail_ex+0x497/0x5b0 [ 544.392886][T12554] should_failslab+0xc2/0x120 [ 544.392902][T12554] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 544.392917][T12554] ? skb_clone+0x190/0x3f0 [ 544.392949][T12554] skb_clone+0x190/0x3f0 [ 544.392965][T12554] netlink_deliver_tap+0xb26/0xcf0 [ 544.392996][T12554] netlink_unicast+0x5e1/0x7f0 [ 544.393010][T12554] ? __pfx_netlink_unicast+0x10/0x10 [ 544.393021][T12554] ? __phys_addr_symbol+0x30/0x80 [ 544.393034][T12554] ? __check_object_size+0x488/0x710 [ 544.393051][T12554] netlink_sendmsg+0x8b8/0xd70 [ 544.393065][T12554] ? __pfx_netlink_sendmsg+0x10/0x10 [ 544.393078][T12554] ? lock_acquire+0x2f/0xb0 [ 544.393096][T12554] ____sys_sendmsg+0x9ae/0xb40 [ 544.393110][T12554] ? __pfx_____sys_sendmsg+0x10/0x10 [ 544.393121][T12554] ? get_compat_msghdr+0x11b/0x170 [ 544.393150][T12554] ? __pfx___lock_acquire+0x10/0x10 [ 544.393171][T12554] ___sys_sendmsg+0x135/0x1e0 [ 544.393191][T12554] ? __pfx____sys_sendmsg+0x10/0x10 [ 544.393212][T12554] ? lock_acquire+0x2f/0xb0 [ 544.393226][T12554] ? __fget_files+0x40/0x3f0 [ 544.393242][T12554] ? fdget+0x176/0x210 [ 544.393254][T12554] __sys_sendmsg+0x117/0x1f0 [ 544.393269][T12554] ? __pfx___sys_sendmsg+0x10/0x10 [ 544.393283][T12554] ? __fget_files+0x244/0x3f0 [ 544.393302][T12554] __do_fast_syscall_32+0x73/0x120 [ 544.393362][T12554] do_fast_syscall_32+0x32/0x80 [ 544.393376][T12554] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 544.393407][T12554] RIP: 0023:0xf748e579 [ 544.393416][T12554] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 544.393429][T12554] RSP: 002b:00000000f577656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 544.393441][T12554] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200012c0 [ 544.393448][T12554] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 544.393455][T12554] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 544.393462][T12554] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 544.393468][T12554] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 544.393482][T12554] [ 544.622299][T12556] syzkaller0: entered promiscuous mode [ 544.622327][T12556] syzkaller0: entered allmulticast mode [ 544.774569][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 545.074604][ T5385] usb 8-1: new high-speed USB device number 19 using dummy_hcd [ 545.226207][ T5385] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 545.226228][ T5385] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 545.226239][ T5385] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 545.226257][ T5385] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 545.226270][ T5385] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 545.227183][ T5385] usb 8-1: config 0 descriptor?? [ 545.369200][T12560] input: syz0 as /devices/virtual/input/input188 [ 545.664246][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.664268][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.664279][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.664290][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.664342][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.664354][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.664365][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.664375][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.664386][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.664396][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.665327][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.665355][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.665367][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.665480][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.665492][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.665503][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.665514][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.678877][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.678901][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.678919][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x1 [ 545.678965][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.678982][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.678999][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679015][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679032][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679049][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679066][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679082][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679099][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679116][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679133][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679156][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679173][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679190][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679207][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679224][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679242][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679259][ T5385] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 545.679698][ T5385] plantronics 0003:047F:FFFF.001C: No inputs registered, leaving [ 545.712064][ T5385] plantronics 0003:047F:FFFF.001C: hiddev0,hidraw1: USB HID v0.00 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 545.824585][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 546.854813][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 547.014256][T12562] syz.1.1971 (12562): drop_caches: 2 [ 547.046980][T12562] usb usb6: usbfs: process 12562 (syz.1.1971) did not claim interface 0 before use [ 547.346769][ T5402] usb 8-1: USB disconnect, device number 19 [ 547.555295][T12584] FAULT_INJECTION: forcing a failure. [ 547.555295][T12584] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 547.558677][T12584] CPU: 2 UID: 0 PID: 12584 Comm: syz.2.1977 Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 547.561993][T12584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 547.565876][T12584] Call Trace: [ 547.567062][T12584] [ 547.567834][T12584] dump_stack_lvl+0x16c/0x1f0 [ 547.569052][T12584] should_fail_ex+0x497/0x5b0 [ 547.570348][T12584] _copy_from_user+0x30/0xf0 [ 547.571544][T12584] kstrtouint_from_user+0xd7/0x1c0 [ 547.572869][T12584] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 547.574364][T12584] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 547.575841][T12584] proc_fail_nth_write+0x84/0x250 [ 547.577159][T12584] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 547.578629][T12584] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 547.580136][T12584] vfs_write+0x28e/0x1140 [ 547.581700][T12584] ? __fget_files+0x23a/0x3f0 [ 547.583387][T12584] ? fdget_pos+0x24c/0x360 [ 547.585008][T12584] ? __pfx_lock_release+0x10/0x10 [ 547.586832][T12584] ? trace_lock_acquire+0x14a/0x1d0 [ 547.588294][T12584] ? __pfx_vfs_write+0x10/0x10 [ 547.589537][T12584] ? __pfx___mutex_lock+0x10/0x10 [ 547.590910][T12584] ? __fget_files+0x244/0x3f0 [ 547.592140][T12584] ksys_write+0x12f/0x260 [ 547.593254][T12584] ? __pfx_ksys_write+0x10/0x10 [ 547.594527][T12584] __do_fast_syscall_32+0x73/0x120 [ 547.595863][T12584] do_fast_syscall_32+0x32/0x80 [ 547.597129][T12584] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 547.598767][T12584] RIP: 0023:0xf7fb2579 [ 547.599811][T12584] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 547.606525][T12584] RSP: 002b:00000000f57365a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 547.608786][T12584] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5736620 [ 547.610904][T12584] RDX: 0000000000000001 RSI: 00000000f743bff4 RDI: 0000000000000000 [ 547.612941][T12584] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 547.615012][T12584] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 547.617062][T12584] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 547.619141][T12584] [ 547.649329][T12587] tmpfs: Bad value for 'mpol' [ 547.894549][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 548.364914][ T5402] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 548.539442][ T5402] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 548.542426][ T5402] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 548.547482][ T5402] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 548.550227][ T5402] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 548.552365][ T5402] usb 6-1: Manufacturer: syz [ 548.555421][ T5402] usb 6-1: config 0 descriptor?? [ 548.626137][ T5402] rc_core: IR keymap rc-hauppauge not found [ 548.627725][ T5402] Registered IR keymap rc-empty [ 548.629554][ T5402] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0 [ 548.633805][ T5402] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input189 [ 548.934695][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 549.818419][T12612] input: syz0 as /devices/virtual/input/input190 [ 549.834333][T12611] syzkaller0: entered promiscuous mode [ 549.844880][T12611] syzkaller0: entered allmulticast mode [ 549.975340][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 550.811227][ T5402] usb 6-1: USB disconnect, device number 20 [ 551.014601][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 551.019548][T12617] ntfs3: sr0: Primary boot signature is not NTFS. [ 551.024246][T12617] ntfs3: sr0: try to read out of volume at offset 0xf800 [ 551.529386][T12624] syz.2.1987 (12624): drop_caches: 2 [ 551.550021][T12624] usb usb6: usbfs: process 12624 (syz.2.1987) did not claim interface 0 before use [ 551.696581][T12628] ntfs3: sr0: Primary boot signature is not NTFS. [ 551.700227][T12628] ntfs3: sr0: try to read out of volume at offset 0xf800 [ 551.911236][T12634] tmpfs: Bad value for 'mpol' [ 552.054594][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 553.094579][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 553.266757][T12654] FAULT_INJECTION: forcing a failure. [ 553.266757][T12654] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 553.270419][T12654] CPU: 2 UID: 0 PID: 12654 Comm: syz.0.1995 Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 553.273332][T12654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 553.276865][T12654] Call Trace: [ 553.277718][T12654] [ 553.278449][T12654] dump_stack_lvl+0x16c/0x1f0 [ 553.279611][T12654] should_fail_ex+0x497/0x5b0 [ 553.280790][T12654] _copy_from_iter+0x29b/0x13e0 [ 553.282170][T12654] ? __pfx__copy_from_iter+0x10/0x10 [ 553.283581][T12654] ? __virt_addr_valid+0x1a4/0x590 [ 553.284938][T12654] ? __virt_addr_valid+0x5e/0x590 [ 553.286270][T12654] ? __phys_addr_symbol+0x30/0x80 [ 553.287585][T12654] ? __check_object_size+0x488/0x710 [ 553.288984][T12654] netlink_sendmsg+0x813/0xd70 [ 553.290254][T12654] ? __pfx_netlink_sendmsg+0x10/0x10 [ 553.291663][T12654] __sys_sendto+0x479/0x4d0 [ 553.292888][T12654] ? __pfx___sys_sendto+0x10/0x10 [ 553.294556][T12654] ? __might_fault+0x13b/0x190 [ 553.296311][T12654] ? __pfx_lock_release+0x10/0x10 [ 553.297864][T12654] __do_compat_sys_socketcall+0x5e2/0x700 [ 553.299397][T12654] ? __fget_files+0x244/0x3f0 [ 553.300699][T12654] ? __pfx___do_compat_sys_socketcall+0x10/0x10 [ 553.302446][T12654] ? fput+0x30/0x390 [ 553.303534][T12654] __do_fast_syscall_32+0x73/0x120 [ 553.304877][T12654] do_fast_syscall_32+0x32/0x80 [ 553.306207][T12654] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 553.307841][T12654] RIP: 0023:0xf7fc1579 [ 553.308912][T12654] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 553.313945][T12654] RSP: 002b:00000000f5745440 EFLAGS: 00000293 ORIG_RAX: 0000000000000066 [ 553.316205][T12654] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f5745454 [ 553.318312][T12654] RDX: 0000000000000000 RSI: 00000000f5745570 RDI: 00000000f744bff4 [ 553.320385][T12654] RBP: 00000000f5745570 R08: 0000000000000000 R09: 0000000000000000 [ 553.322488][T12654] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 553.325022][T12654] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 553.327445][T12654] [ 553.653454][T12657] vivid-001: ================= START STATUS ================= [ 553.656579][T12657] vivid-001: Radio HW Seek Mode: Bounded [ 553.658633][T12657] vivid-001: Radio Programmable HW Seek: false [ 553.660790][T12657] vivid-001: RDS Rx I/O Mode: Block I/O [ 553.662745][T12657] vivid-001: Generate RBDS Instead of RDS: false [ 553.666011][T12657] vivid-001: RDS Reception: true [ 553.667619][T12657] vivid-001: RDS Program Type: 0 inactive [ 553.667638][T12657] vivid-001: RDS PS Name: inactive [ 553.667653][T12657] vivid-001: RDS Radio Text: inactive [ 553.667772][T12657] vivid-001: RDS Traffic Announcement: false inactive [ 553.667850][T12657] vivid-001: RDS Traffic Program: false inactive [ 553.667866][T12657] vivid-001: RDS Music: false inactive [ 553.667881][T12657] vivid-001: ================== END STATUS ================== [ 554.134547][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 554.158065][T12669] program syz.1.1998 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 554.403828][T12671] syz.2.1999 (12671): drop_caches: 2 [ 554.413148][T12671] usb usb6: usbfs: process 12671 (syz.2.1999) did not claim interface 0 before use [ 555.174514][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 555.320975][T12680] ntfs3: sr0: Primary boot signature is not NTFS. [ 555.324706][T12680] ntfs3: sr0: try to read out of volume at offset 0xf800 [ 556.214514][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 556.563396][T12685] input: syz0 as /devices/virtual/input/input191 [ 556.733950][T12689] ntfs3: sr0: Primary boot signature is not NTFS. [ 556.740336][T12689] ntfs3: sr0: try to read out of volume at offset 0xf800 [ 557.254496][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 558.146663][T12700] tmpfs: Bad value for 'mpol' [ 558.294548][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 558.374527][ T5404] usb 8-1: new high-speed USB device number 20 using dummy_hcd [ 558.539830][ T5404] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 558.544407][ T5404] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 558.548373][ T5404] usb 8-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 558.551592][ T5404] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 558.566873][ T5404] usb 8-1: config 0 descriptor?? [ 558.986421][ T5404] cm6533_jd 0003:0D8C:0022.001D: unknown main item tag 0x0 [ 558.989441][ T5404] cm6533_jd 0003:0D8C:0022.001D: unknown main item tag 0x0 [ 558.992048][ T5404] cm6533_jd 0003:0D8C:0022.001D: unknown main item tag 0x0 [ 558.995783][ T5404] cm6533_jd 0003:0D8C:0022.001D: unknown main item tag 0x0 [ 558.998481][ T5404] cm6533_jd 0003:0D8C:0022.001D: unknown main item tag 0x0 [ 559.002139][ T5404] cm6533_jd 0003:0D8C:0022.001D: No inputs registered, leaving [ 559.010359][ T5404] cm6533_jd 0003:0D8C:0022.001D: hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0 [ 559.318237][ T5404] usb 8-1: USB disconnect, device number 20 [ 559.334561][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 559.399241][T12709] input: syz0 as /devices/virtual/input/input192 [ 559.434652][ T5234] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 559.584563][ T5234] usb 5-1: Using ep0 maxpacket: 32 [ 559.590048][ T5234] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 559.592276][ T5234] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 559.595102][ T5234] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 559.597632][ T5234] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 559.600439][ T5234] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 559.603137][ T5234] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 559.607593][ T5234] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 559.610085][ T5234] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 559.621943][ T5234] usb 5-1: config 0 descriptor?? [ 559.833338][ T5234] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 41 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 559.841918][ T5234] usb 5-1: USB disconnect, device number 41 [ 559.848372][ T5234] usblp0: removed [ 560.294640][ T5234] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 560.374537][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 560.444599][ T5234] usb 5-1: Using ep0 maxpacket: 32 [ 560.453457][ T5234] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 560.456373][ T5234] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 560.458775][ T5234] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 560.461187][ T5234] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 560.463834][ T5234] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 560.466716][ T5234] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 560.470225][ T5234] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 560.472645][ T5234] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 560.483777][ T5234] usb 5-1: config 0 descriptor?? [ 560.699499][ T5234] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 42 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 560.784582][ T8] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 560.913135][ T5402] usb 5-1: USB disconnect, device number 42 [ 560.922357][ T5402] usblp0: removed [ 560.944574][ T8] usb 6-1: Using ep0 maxpacket: 32 [ 560.950332][ T8] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 560.953112][ T8] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 560.956100][ T8] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 560.959145][ T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 560.962317][ T8] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 560.966637][ T8] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 560.970834][ T8] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 560.973808][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 560.978504][ T8] usb 6-1: config 0 descriptor?? [ 561.198037][ T8] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 21 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 561.204173][ T8] usb 6-1: USB disconnect, device number 21 [ 561.212216][ T8] usblp0: removed [ 561.219573][T12716] input: syz1 as /devices/virtual/input/input193 [ 561.231817][ T39] kauditd_printk_skb: 12 callbacks suppressed [ 561.231831][ T39] audit: type=1326 audit(1728129737.603:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12715 comm="syz.3.2012" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x0 [ 561.414524][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 561.665623][T12728] input: syz0 as /devices/virtual/input/input194 [ 561.694584][ T8] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 561.844585][ T8] usb 6-1: Using ep0 maxpacket: 32 [ 561.854326][ T8] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 561.856822][ T8] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 561.859497][ T8] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 561.861984][ T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 561.864859][ T8] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 561.867571][ T8] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 561.871200][ T8] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 561.873655][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 561.881163][ T8] usb 6-1: config 0 descriptor?? [ 562.097269][ T8] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 22 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 562.216164][ T1374] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.304369][ T5385] usb 6-1: USB disconnect, device number 22 [ 562.314341][ T5385] usblp0: removed [ 562.364681][ T8] usb 8-1: new high-speed USB device number 21 using dummy_hcd [ 562.454525][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 562.527269][ T8] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 562.531019][ T8] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 562.535808][ T8] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 562.538532][ T8] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 562.546357][ T8] usb 8-1: config 0 descriptor?? [ 562.778818][ T39] audit: type=1326 audit(1728129739.153:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12740 comm="syz.2.2022" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 562.784983][ T39] audit: type=1326 audit(1728129739.153:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12740 comm="syz.2.2022" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 562.792669][ T39] audit: type=1326 audit(1728129739.153:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12740 comm="syz.2.2022" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 562.801088][ T39] audit: type=1326 audit(1728129739.153:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12740 comm="syz.2.2022" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 562.808991][ T39] audit: type=1326 audit(1728129739.153:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12740 comm="syz.2.2022" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 562.817822][ T39] audit: type=1326 audit(1728129739.153:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12740 comm="syz.2.2022" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 562.825418][ T39] audit: type=1326 audit(1728129739.163:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12740 comm="syz.2.2022" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 562.833021][ T39] audit: type=1326 audit(1728129739.163:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12740 comm="syz.2.2022" exe="/syz-executor" sig=0 arch=40000003 syscall=299 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 562.842668][ T39] audit: type=1326 audit(1728129739.163:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12740 comm="syz.2.2022" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 562.915267][T12747] bond1: entered promiscuous mode [ 562.917214][T12747] bond1: entered allmulticast mode [ 562.919448][T12747] 8021q: adding VLAN 0 to HW filter on device bond1 [ 562.959518][ T8] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 562.961771][ T8] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 562.963625][ T8] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 562.965620][ T8] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 562.967528][ T8] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 562.969476][ T8] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 562.971396][ T8] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 562.973379][ T8] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 562.975596][ T8] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 562.977671][ T8] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 562.987839][T12751] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2026'. [ 562.991030][ T8] plantronics 0003:047F:FFFF.001E: No inputs registered, leaving [ 563.001587][ T8] plantronics 0003:047F:FFFF.001E: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 563.043986][T12747] bond1 (unregistering): Released all slaves [ 563.088511][T12755] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 563.091978][T12755] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 563.238570][T12732] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 563.244598][T12732] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 563.504553][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 563.578082][T12785] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2041'. [ 563.582058][T12785] tipc: Enabling of bearer rejected, media not registered [ 563.918692][T12797] geneve2: entered promiscuous mode [ 564.266152][T12820] bond1: entered promiscuous mode [ 564.267524][T12820] bond1: entered allmulticast mode [ 564.269162][T12820] 8021q: adding VLAN 0 to HW filter on device bond1 [ 564.301857][T12825] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2058'. [ 564.333875][T12828] loop0: detected capacity change from 0 to 8 [ 564.534787][ T4792] Bluetooth: hci1: command 0x0406 tx timeout [ 564.544494][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 564.599163][ C3] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 564.653333][T12849] netlink: 'syz.1.2069': attribute type 1 has an invalid length. [ 564.927458][T12853] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2070'. [ 565.132144][ T5404] usb 8-1: USB disconnect, device number 21 [ 565.272586][ T4792] Bluetooth: hci3: command 0x0406 tx timeout [ 565.359221][T12874] loop6: detected capacity change from 0 to 7 [ 565.361054][T12874] buffer_io_error: 40 callbacks suppressed [ 565.361062][T12874] Buffer I/O error on dev loop6, logical block 0, async page read [ 565.368401][T12874] Buffer I/O error on dev loop6, logical block 0, async page read [ 565.371100][T12874] Buffer I/O error on dev loop6, logical block 0, async page read [ 565.373773][T12874] Buffer I/O error on dev loop6, logical block 0, async page read [ 565.377088][T12874] Buffer I/O error on dev loop6, logical block 0, async page read [ 565.379783][T12874] Buffer I/O error on dev loop6, logical block 0, async page read [ 565.382450][T12874] Buffer I/O error on dev loop6, logical block 0, async page read [ 565.386669][T12874] ldm_validate_partition_table(): Disk read failed. [ 565.388955][T12874] Buffer I/O error on dev loop6, logical block 0, async page read [ 565.391656][T12874] Buffer I/O error on dev loop6, logical block 0, async page read [ 565.394324][T12874] Buffer I/O error on dev loop6, logical block 0, async page read [ 565.397830][T12874] Dev loop6: unable to read RDB block 0 [ 565.399837][T12874] loop6: unable to read partition table [ 565.401865][T12874] loop6: partition table beyond EOD, truncated [ 565.403966][T12874] loop_reread_partitions: partition scan of loop6 (被xڬdƤݡ [ 565.403966][T12874] ) failed (rc=-5) [ 565.469809][T12881] netlink: 'syz.3.2083': attribute type 1 has an invalid length. [ 565.472668][T12881] netlink: 112865 bytes leftover after parsing attributes in process `syz.3.2083'. [ 565.574663][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 565.758272][T12894] batadv_slave_0: entered promiscuous mode [ 565.760235][T12894] batadv_slave_0: left promiscuous mode [ 565.841451][ T1100] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 565.918606][ T1100] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 565.933140][T12900] tmpfs: Unknown parameter 'fscontext' [ 565.967033][ T67] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 565.970434][ T67] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 565.972901][ T67] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 565.976772][ T67] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 565.978989][ T67] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 565.981635][ T67] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 566.026961][ T1100] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 566.032451][T12906] netlink: 'syz.3.2096': attribute type 10 has an invalid length. [ 566.035858][T12906] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2096'. [ 566.038469][T12906] veth0_vlan: entered allmulticast mode [ 566.040285][T12906] bridge0: port 3(veth0_vlan) entered blocking state [ 566.042144][T12906] bridge0: port 3(veth0_vlan) entered disabled state [ 566.045692][T12906] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check. [ 566.167506][ T1100] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 566.229847][T12903] chnl_net:caif_netlink_parms(): no params data found [ 566.360946][T12903] bridge0: port 1(bridge_slave_0) entered blocking state [ 566.364223][T12903] bridge0: port 1(bridge_slave_0) entered disabled state [ 566.369541][T12903] bridge_slave_0: entered allmulticast mode [ 566.372442][T12903] bridge_slave_0: entered promiscuous mode [ 566.378499][T12903] bridge0: port 2(bridge_slave_1) entered blocking state [ 566.380709][T12903] bridge0: port 2(bridge_slave_1) entered disabled state [ 566.382657][T12903] bridge_slave_1: entered allmulticast mode [ 566.385125][T12903] bridge_slave_1: entered promiscuous mode [ 566.390673][ T39] kauditd_printk_skb: 53 callbacks suppressed [ 566.390687][ T39] audit: type=1326 audit(1728129742.763:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12924 comm="syz.3.2102" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 566.405909][ T39] audit: type=1326 audit(1728129742.783:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12924 comm="syz.3.2102" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 566.414289][ T39] audit: type=1326 audit(1728129742.783:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12924 comm="syz.3.2102" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 566.422921][ T39] audit: type=1326 audit(1728129742.783:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12924 comm="syz.3.2102" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 566.431733][ T39] audit: type=1326 audit(1728129742.793:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12924 comm="syz.3.2102" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 566.443792][ T39] audit: type=1326 audit(1728129742.793:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12924 comm="syz.3.2102" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 566.452610][T12903] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 566.466105][ T39] audit: type=1326 audit(1728129742.793:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12924 comm="syz.3.2102" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 566.473388][ T39] audit: type=1326 audit(1728129742.793:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12924 comm="syz.3.2102" exe="/syz-executor" sig=0 arch=40000003 syscall=327 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 566.474678][T12859] syz.2.2073: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 566.487062][T12859] CPU: 2 UID: 0 PID: 12859 Comm: syz.2.2073 Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 566.487171][ T39] audit: type=1326 audit(1728129742.793:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12924 comm="syz.3.2102" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 566.489941][T12859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 566.490590][T12903] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 566.497654][ T39] audit: type=1326 audit(1728129742.793:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12924 comm="syz.3.2102" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 566.500630][T12859] Call Trace: [ 566.500638][T12859] [ 566.510397][T12859] dump_stack_lvl+0x16c/0x1f0 [ 566.511662][T12859] warn_alloc+0x24d/0x3a0 [ 566.512818][T12859] ? __pfx_warn_alloc+0x10/0x10 [ 566.514123][T12859] ? __get_vm_area_node+0x190/0x2d0 [ 566.515502][T12859] ? __get_vm_area_node+0x1bc/0x2d0 [ 566.516886][T12859] __vmalloc_node_range_noprof+0x114a/0x15a0 [ 566.518492][T12859] ? hash_netiface_create+0x3ea/0x1250 [ 566.519971][T12859] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 566.521664][T12859] ? __get_vm_area_node+0x190/0x2d0 [ 566.523094][T12859] ? __get_vm_area_node+0x1bc/0x2d0 [ 566.524530][T12859] __vmalloc_node_range_noprof+0xd85/0x15a0 [ 566.526123][T12859] ? hash_netiface_create+0x3ea/0x1250 [ 566.527568][T12859] ? hash_netiface_create+0x3ea/0x1250 [ 566.529012][T12859] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 566.530703][T12859] ? trace_kmalloc+0x2d/0xe0 [ 566.531970][T12859] ? __kmalloc_node_noprof.cold+0x5a/0x5f [ 566.533514][T12859] ? hash_netiface_create+0x3ea/0x1250 [ 566.534953][T12859] __kvmalloc_node_noprof+0x14f/0x1a0 [ 566.536384][T12859] ? hash_netiface_create+0x3ea/0x1250 [ 566.537824][T12859] hash_netiface_create+0x3ea/0x1250 [ 566.539220][T12859] ? __nla_parse+0x1b/0x60 [ 566.540423][T12859] ? __pfx_hash_netiface_create+0x10/0x10 [ 566.541936][T12859] ip_set_create+0x62a/0x1400 [ 566.543210][T12859] ? __pfx_ip_set_create+0x10/0x10 [ 566.544563][T12859] ? rcu_is_watching+0x12/0xc0 [ 566.545869][T12859] nfnetlink_rcv_msg+0x9c3/0x11e0 [ 566.547225][T12859] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 566.548669][T12859] ? find_held_lock+0x2d/0x110 [ 566.549962][T12859] netlink_rcv_skb+0x165/0x410 [ 566.551240][T12859] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 566.552680][T12859] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 566.554081][T12859] ? __pfx_aa_get_newest_label+0x10/0x10 [ 566.555533][T12859] ? bpf_lsm_capable+0x9/0x10 [ 566.556770][T12859] ? security_capable+0x7e/0x260 [ 566.558102][T12859] ? ns_capable+0xd7/0x110 [ 566.559293][T12859] nfnetlink_rcv+0x1b4/0x430 [ 566.560519][T12859] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 566.561883][T12859] ? netlink_deliver_tap+0x1ae/0xcf0 [ 566.563285][T12859] netlink_unicast+0x53c/0x7f0 [ 566.564562][T12859] ? __pfx_netlink_unicast+0x10/0x10 [ 566.565977][T12859] ? __phys_addr_symbol+0x30/0x80 [ 566.567314][T12859] ? __check_object_size+0x488/0x710 [ 566.568719][T12859] netlink_sendmsg+0x8b8/0xd70 [ 566.570014][T12859] ? __pfx_netlink_sendmsg+0x10/0x10 [ 566.571421][T12859] ? lock_acquire+0x2f/0xb0 [ 566.572642][T12859] ____sys_sendmsg+0x9ae/0xb40 [ 566.574028][T12859] ? __pfx_____sys_sendmsg+0x10/0x10 [ 566.575435][T12859] ? get_compat_msghdr+0x11b/0x170 [ 566.576794][T12859] ? __pfx___lock_acquire+0x10/0x10 [ 566.578145][T12859] ___sys_sendmsg+0x135/0x1e0 [ 566.579368][T12859] ? __pfx____sys_sendmsg+0x10/0x10 [ 566.580682][T12859] ? lock_acquire+0x2f/0xb0 [ 566.581857][T12859] ? __fget_files+0x40/0x3f0 [ 566.583054][T12859] ? fdget+0x176/0x210 [ 566.584138][T12859] __sys_sendmsg+0x117/0x1f0 [ 566.585389][T12859] ? __pfx___sys_sendmsg+0x10/0x10 [ 566.586743][T12859] ? __ia32_sys_futex_time32+0x1da/0x460 [ 566.588245][T12859] __do_fast_syscall_32+0x73/0x120 [ 566.589598][T12859] do_fast_syscall_32+0x32/0x80 [ 566.590858][T12859] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 566.592465][T12859] RIP: 0023:0xf7fb2579 [ 566.593530][T12859] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 566.598440][T12859] RSP: 002b:00000000f573656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 566.601173][T12859] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000020000040 [ 566.603561][T12859] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 566.605673][T12859] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 566.607754][T12859] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 566.609847][T12859] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 566.611943][T12859] [ 566.613441][T12859] Mem-Info: [ 566.614326][T12859] active_anon:2918 inactive_anon:150 isolated_anon:0 [ 566.614326][T12859] active_file:8654 inactive_file:28790 isolated_file:0 [ 566.614326][T12859] unevictable:769 dirty:377 writeback:0 [ 566.614326][T12859] slab_reclaimable:4869 slab_unreclaimable:57320 [ 566.614326][T12859] mapped:17751 shmem:961 pagetables:688 [ 566.614326][T12859] sec_pagetables:324 bounce:0 [ 566.614326][T12859] kernel_misc_reclaimable:0 [ 566.614326][T12859] free:58020 free_pcp:1518 free_cma:0 [ 566.627999][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 566.631227][T12859] Node 0 active_anon:40kB inactive_anon:44kB active_file:4kB inactive_file:16kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4092kB dirty:8kB writeback:0kB shmem:2028kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9972kB pagetables:1492kB sec_pagetables:1208kB all_unreclaimable? no [ 566.640299][T12859] Node 1 active_anon:11732kB inactive_anon:556kB active_file:34612kB inactive_file:115144kB unevictable:1540kB isolated(anon):0kB isolated(file):0kB mapped:66912kB dirty:1100kB writeback:0kB shmem:1816kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3428kB pagetables:1260kB sec_pagetables:88kB all_unreclaimable? no [ 566.648814][T12859] Node 0 DMA free:820kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:8kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:148kB local_pcp:8kB free_cma:0kB [ 566.656156][T12859] lowmem_reserve[]: 0 273 0 0 0 [ 566.657479][T12859] Node 0 DMA32 free:19072kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:4096KB active_anon:132kB inactive_anon:0kB active_file:4kB inactive_file:8kB unevictable:1536kB writepending:8kB present:1032196kB managed:306280kB mlocked:0kB bounce:0kB free_pcp:872kB local_pcp:152kB free_cma:0kB [ 566.665180][T12859] lowmem_reserve[]: 0 0 0 0 0 [ 566.666555][T12859] Node 1 DMA32 free:214256kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:11732kB inactive_anon:556kB active_file:34612kB inactive_file:115144kB unevictable:1540kB writepending:1000kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:3308kB local_pcp:976kB free_cma:0kB [ 566.676259][T12859] lowmem_reserve[]: 0 0 0 0 0 [ 566.677542][T12859] Node 0 DMA: 0*4kB 4*8kB (U) 28*16kB (U) 11*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 832kB [ 566.680853][T12859] Node 0 DMA32: 555*4kB (UMEH) 152*8kB (UMEH) 33*16kB (UMEH) 56*32kB (UMEH) 31*64kB (UMEH) 19*128kB (MEH) 6*256kB (UMH) 10*512kB (UM) 2*1024kB (UM) 0*2048kB 0*4096kB = 18876kB [ 566.686011][T12859] Node 1 DMA32: 65*4kB (UME) 711*8kB (ME) 621*16kB (UME) 392*32kB (UME) 291*64kB (UME) 101*128kB (UME) 84*256kB (UM) 66*512kB (UM) 16*1024kB (UM) 18*2048kB (UM) 11*4096kB (UM) = 213580kB [ 566.690912][T12859] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 566.693424][T12859] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 566.696447][T12859] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 566.698965][T12859] Node 1 hugepages_total=6 hugepages_free=0 hugepages_surp=4 hugepages_size=2048kB [ 566.708074][T12859] 39098 total pagecache pages [ 566.708754][T12937] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2105'. [ 566.709351][T12859] 693 pages in swap cache [ 566.709358][T12859] Free swap = 113524kB [ 566.713986][T12859] Total swap = 124996kB [ 566.717048][T12859] 524155 pages RAM [ 566.718113][T12859] 0 pages HighMem/MovableOnly [ 566.719360][T12859] 206682 pages reserved [ 566.720459][T12859] 0 pages cma reserved [ 566.741732][T12903] team0: Port device team_slave_0 added [ 566.745274][ T1100] bridge_slave_1: left allmulticast mode [ 566.746896][ T1100] bridge_slave_1: left promiscuous mode [ 566.748363][ T1100] bridge0: port 2(bridge_slave_1) entered disabled state [ 566.755329][ T1100] bridge_slave_0: left allmulticast mode [ 566.756804][ T1100] bridge_slave_0: left promiscuous mode [ 566.758265][ T1100] bridge0: port 1(bridge_slave_0) entered disabled state [ 566.909900][ T1100] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 567.089557][ T1100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 567.093800][ T1100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 567.099906][ T1100] bond0 (unregistering): (slave team0): Releasing backup interface [ 567.104594][ T1100] bond0 (unregistering): Released all slaves [ 567.112043][T12903] team0: Port device team_slave_1 added [ 567.169627][T12903] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 567.172000][T12903] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 567.181020][T12903] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 567.186002][ T1100] tipc: Disabling bearer [ 567.190282][ T1100] tipc: Left network mode [ 567.190622][T12903] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 567.193778][T12903] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 567.211606][T12903] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 567.216119][ T1100] IPVS: stopping backup sync thread 5548 ... [ 567.279237][T12903] hsr_slave_0: entered promiscuous mode [ 567.284617][T12903] hsr_slave_1: entered promiscuous mode [ 567.288580][T12903] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 567.290572][T12903] Cannot create hsr debugfs directory [ 567.664512][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 567.711649][ T1100] hsr_slave_0: left promiscuous mode [ 567.713526][ T1100] hsr_slave_1: left promiscuous mode [ 567.716198][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 567.718134][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 567.721366][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 567.736170][ T1100] veth1_macvtap: left promiscuous mode [ 567.737655][ T1100] veth0_macvtap: left promiscuous mode [ 567.739108][ T1100] veth1_vlan: left promiscuous mode [ 567.740461][ T1100] veth0_vlan: left promiscuous mode [ 568.056816][ T67] Bluetooth: hci1: command tx timeout [ 568.622699][ T1100] team0 (unregistering): Port device team_slave_1 removed [ 568.700227][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 568.758257][ T1100] team0 (unregistering): Port device team_slave_0 removed [ 569.506574][T13019] serio: Serial port ptm0 [ 569.734504][ C3] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 569.804954][T12903] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 569.823783][T12903] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 569.834016][T12903] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 569.847987][T12903] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 569.897954][T12903] 8021q: adding VLAN 0 to HW filter on device bond0 [ 569.913404][T12903] 8021q: adding VLAN 0 to HW filter on device team0 [ 569.923803][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state [ 569.925780][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 569.940305][T11393] bridge0: port 2(bridge_slave_1) entered blocking state [ 569.942222][T11393] bridge0: port 2(bridge_slave_1) entered forwarding state [ 570.032667][T12903] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 570.052655][T12903] veth0_vlan: entered promiscuous mode [ 570.059414][T12903] veth1_vlan: entered promiscuous mode [ 570.073803][T12903] veth0_macvtap: entered promiscuous mode [ 570.078510][T12903] veth1_macvtap: entered promiscuous mode [ 570.085202][T12903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 570.088002][T12903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 570.091233][T12903] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 570.097173][T12903] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 570.099964][T12903] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 570.103236][T12903] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 570.108211][T12903] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 570.110598][T12903] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 570.112930][T12903] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 570.116397][T12903] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 570.134574][ T67] Bluetooth: hci1: command tx timeout [ 570.156919][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 570.158998][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 570.173152][T11393] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 570.176573][T11393] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 570.410067][T13063] syz.2.2137[13063] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 570.410136][T13063] syz.2.2137[13063] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 570.413305][T13063] syz.2.2137[13063] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 570.604640][ T5385] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 570.752786][T13072] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2140'. [ 570.758141][ T5385] usb 5-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00 [ 570.761119][ T5385] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 570.768575][ T5385] usb 5-1: config 0 descriptor?? [ 570.917841][T13078] Process accounting resumed [ 570.981255][ T5385] usbhid 5-1:0.0: can't add hid device: -71 [ 570.983440][ T5385] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 570.990806][ T5385] usb 5-1: USB disconnect, device number 43 [ 571.362410][T13102] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2155'. [ 571.652864][T13117] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2161'. [ 571.826587][T13120] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2162'. [ 571.933771][T13129] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 572.174837][ T39] kauditd_printk_skb: 69 callbacks suppressed [ 572.174853][ T39] audit: type=1326 audit(1728129748.556:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.1.2169" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 572.188624][ T39] audit: type=1326 audit(1728129748.566:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.1.2169" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 572.195799][ T39] audit: type=1326 audit(1728129748.566:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13145 comm="syz.0.2171" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x0 [ 572.203368][ T39] audit: type=1326 audit(1728129748.576:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.1.2169" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 572.212850][ T39] audit: type=1326 audit(1728129748.576:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.1.2169" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 572.222007][ T39] audit: type=1326 audit(1728129748.576:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.1.2169" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 572.229646][ T67] Bluetooth: hci1: command tx timeout [ 572.231539][ T39] audit: type=1326 audit(1728129748.586:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.1.2169" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 572.238863][ T39] audit: type=1326 audit(1728129748.586:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.1.2169" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 572.246208][ T39] audit: type=1326 audit(1728129748.586:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.1.2169" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 572.253154][ T39] audit: type=1326 audit(1728129748.586:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13136 comm="syz.1.2169" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 572.561869][T13164] netlink: 'syz.3.2175': attribute type 21 has an invalid length. [ 572.565874][T13164] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2175'. [ 573.770068][T13207] geneve2: entered promiscuous mode [ 573.771603][T13207] geneve2: entered allmulticast mode [ 574.069480][T13229] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2204'. [ 574.294806][ T67] Bluetooth: hci1: command tx timeout [ 574.308511][T13254] tipc: Started in network mode [ 574.309916][T13254] tipc: Node identity aaaaaaaaaa2a, cluster identity 4711 [ 574.311860][T13254] tipc: Enabled bearer , priority 27 [ 574.617237][T13260] veth0_vlan: left promiscuous mode [ 574.619696][T13260] veth0_vlan: entered promiscuous mode [ 574.799571][T13285] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 575.154375][T13307] input: syz0 as /devices/virtual/input/input195 [ 575.185317][T13308] nbd1: detected capacity change from 0 to 12 [ 575.197520][T12126] block nbd1: Send control failed (result -89) [ 575.199985][T13308] block nbd1: NBD_DISCONNECT [ 575.211893][T12126] block nbd1: Request send failed, requeueing [ 575.215032][T12126] block nbd1: Disconnected due to user request. [ 575.239679][ T53] blk_print_req_error: 40 callbacks suppressed [ 575.241012][ T53] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 575.245977][T13308] block nbd1: Send disconnect failed -89 [ 575.246395][ T53] buffer_io_error: 4 callbacks suppressed [ 575.246407][ T53] Buffer I/O error on dev nbd1, logical block 0, async page read [ 575.252648][T12126] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 575.257257][T12126] Buffer I/O error on dev nbd1, logical block 0, async page read [ 575.260186][T12126] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 575.263232][T12126] Buffer I/O error on dev nbd1, logical block 0, async page read [ 575.266493][T12126] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 575.269632][T12126] Buffer I/O error on dev nbd1, logical block 0, async page read [ 575.272592][T12126] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 575.276528][T12126] Buffer I/O error on dev nbd1, logical block 0, async page read [ 575.279805][T12126] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 575.282939][T12126] Buffer I/O error on dev nbd1, logical block 0, async page read [ 575.286369][T12126] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 575.289713][T12126] Buffer I/O error on dev nbd1, logical block 0, async page read [ 575.292736][T12126] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 575.296729][T12126] Buffer I/O error on dev nbd1, logical block 0, async page read [ 575.299870][T12126] ldm_validate_partition_table(): Disk read failed. [ 575.301266][T13300] IPVS: length: 29 != 24 [ 575.304074][T12126] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 575.308452][T12126] Buffer I/O error on dev nbd1, logical block 0, async page read [ 575.311588][T12126] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 575.315022][T12126] Buffer I/O error on dev nbd1, logical block 0, async page read [ 575.320696][T12126] Dev nbd1: unable to read RDB block 0 [ 575.323230][T12126] nbd1: unable to read partition table [ 575.325590][T12126] nbd1: partition table beyond EOD, truncated [ 575.344873][T12126] ldm_validate_partition_table(): Disk read failed. [ 575.349881][T12126] Dev nbd1: unable to read RDB block 0 [ 575.352254][T12126] nbd1: unable to read partition table [ 575.354174][T12126] nbd1: partition table beyond EOD, truncated [ 575.385560][T13308] ldm_validate_partition_table(): Disk read failed. [ 575.388036][T13308] Dev nbd1: unable to read RDB block 0 [ 575.390065][T13308] nbd1: unable to read partition table [ 575.392000][T13308] nbd1: partition table beyond EOD, truncated [ 575.428342][ T8] tipc: Node number set to 8432298 [ 576.080616][T13326] vivid-000: ================= START STATUS ================= [ 576.083742][T13326] vivid-000: Radio HW Seek Mode: Bounded [ 576.094409][T13326] vivid-000: Radio Programmable HW Seek: false [ 576.097547][T13326] vivid-000: RDS Rx I/O Mode: Block I/O [ 576.099534][T13326] vivid-000: Generate RBDS Instead of RDS: false [ 576.102375][T13326] vivid-000: RDS Reception: true [ 576.104206][T13326] vivid-000: RDS Program Type: 0 inactive [ 576.106525][T13326] vivid-000: RDS PS Name: inactive [ 576.115358][T13326] vivid-000: RDS Radio Text: inactive [ 576.116826][T13326] vivid-000: RDS Traffic Announcement: false inactive [ 576.118553][T13326] vivid-000: RDS Traffic Program: false inactive [ 576.120212][T13326] vivid-000: RDS Music: false inactive [ 576.121652][T13326] vivid-000: ================== END STATUS ================== [ 576.803754][T13336] syz.0.2243[13336] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 576.803814][T13336] syz.0.2243[13336] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 576.803950][T13336] syz.0.2243[13336] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 577.046816][T13342] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 577.049812][T13342] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 577.051255][T13342] bond0 (unregistering): Released all slaves [ 577.376513][ T39] kauditd_printk_skb: 96 callbacks suppressed [ 577.376549][ T39] audit: type=1326 audit(1728129753.756:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13354 comm="syz.3.2254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 577.376616][ T39] audit: type=1326 audit(1728129753.756:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13354 comm="syz.3.2254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 577.379808][ T39] audit: type=1326 audit(1728129753.756:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13354 comm="syz.3.2254" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 577.379841][ T39] audit: type=1326 audit(1728129753.756:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13354 comm="syz.3.2254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 577.379874][ T39] audit: type=1326 audit(1728129753.756:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13354 comm="syz.3.2254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 577.385315][ T39] audit: type=1326 audit(1728129753.766:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13354 comm="syz.3.2254" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 577.385347][ T39] audit: type=1326 audit(1728129753.766:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13354 comm="syz.3.2254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 577.385373][ T39] audit: type=1326 audit(1728129753.766:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13354 comm="syz.3.2254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 577.386236][ T39] audit: type=1326 audit(1728129753.766:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13354 comm="syz.3.2254" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 577.386267][ T39] audit: type=1326 audit(1728129753.766:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13354 comm="syz.3.2254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x7ffc0000 [ 578.602797][T13383] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks [ 578.907976][T13399] netlink: 3 bytes leftover after parsing attributes in process `syz.2.2272'. [ 578.911168][T13399] 0X: renamed from caif0 [ 578.915274][T13399] 0X: entered allmulticast mode [ 578.917371][T13399] A link change request failed with some changes committed already. Interface 60X may have been left with an inconsistent configuration, please check. [ 579.034292][T13411] random: crng reseeded on system resumption [ 579.079198][T13415] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2281'. [ 579.082519][T13415] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2281'. [ 579.108126][T13415] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2281'. [ 579.110670][T13415] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2281'. [ 579.149258][T13415] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2281'. [ 579.152289][T13415] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2281'. [ 579.158839][T13424] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2284'. [ 579.418170][T13439] syz.2.2292[13439] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 579.418223][T13439] syz.2.2292[13439] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 579.423186][T13439] syz.2.2292[13439] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 579.428551][ T4792] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 579.436246][ T4792] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 579.440818][ T4792] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 579.443753][ T4792] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 579.448571][ T4792] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 579.451210][ T4792] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 579.535925][ T8954] vivid-002: reconnect [ 579.537606][T13440] chnl_net:caif_netlink_parms(): no params data found [ 579.605435][ T1099] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 579.749829][ T1099] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 579.754175][T13440] bridge0: port 1(bridge_slave_0) entered blocking state [ 579.756751][T13440] bridge0: port 1(bridge_slave_0) entered disabled state [ 579.759238][T13440] bridge_slave_0: entered allmulticast mode [ 579.761820][T13440] bridge_slave_0: entered promiscuous mode [ 579.765022][T13440] bridge0: port 2(bridge_slave_1) entered blocking state [ 579.767431][T13440] bridge0: port 2(bridge_slave_1) entered disabled state [ 579.769786][T13440] bridge_slave_1: entered allmulticast mode [ 579.772251][T13440] bridge_slave_1: entered promiscuous mode [ 579.793240][T13461] tmpfs: Bad value for 'mpol' [ 579.817360][T13440] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 579.821052][T13440] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 579.859466][T13440] team0: Port device team_slave_0 added [ 579.862528][T13440] team0: Port device team_slave_1 added [ 579.906539][ T1099] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 579.911076][T13440] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 579.913019][T13440] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 579.921390][T13440] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 579.928003][T13440] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 579.930036][T13440] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 579.938548][T13440] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 580.028263][ T1099] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 580.044885][T13440] hsr_slave_0: entered promiscuous mode [ 580.055406][T13440] hsr_slave_1: entered promiscuous mode [ 580.580574][ T1099] bridge_slave_1: left allmulticast mode [ 580.580605][ T1099] bridge_slave_1: left promiscuous mode [ 580.580688][ T1099] bridge0: port 2(bridge_slave_1) entered disabled state [ 580.582994][ T1099] bridge_slave_0: left allmulticast mode [ 580.583008][ T1099] bridge_slave_0: left promiscuous mode [ 580.583081][ T1099] bridge0: port 1(bridge_slave_0) entered disabled state [ 580.902657][ T1099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 580.907241][ T1099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 580.911103][ T1099] bond0 (unregistering): Released all slaves [ 580.917189][ T1099] bond1 (unregistering): Released all slaves [ 580.999821][ T1099] tipc: Left network mode [ 581.038778][ T1099] IPVS: stopping backup sync thread 5785 ... [ 581.078698][ T5402] usb 7-1: new high-speed USB device number 27 using dummy_hcd [ 581.155926][T13496] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2307'. [ 581.270920][ T5402] usb 7-1: config index 0 descriptor too short (expected 23569, got 27) [ 581.273855][ T5402] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 581.288579][ T5402] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 581.291294][ T5402] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 581.293975][ T5402] usb 7-1: Manufacturer: syz [ 581.311282][ T5402] usb 7-1: config 0 descriptor?? [ 581.384554][ T5402] rc_core: IR keymap rc-hauppauge not found [ 581.386194][ T5402] Registered IR keymap rc-empty [ 581.389353][ T5402] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0 [ 581.395735][ T5402] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input196 [ 581.496755][ T4792] Bluetooth: hci0: command tx timeout [ 581.508473][ T1099] hsr_slave_0: left promiscuous mode [ 581.510946][ T1099] hsr_slave_1: left promiscuous mode [ 581.576163][ T1099] veth1_macvtap: left promiscuous mode [ 581.578317][ T1099] veth0_macvtap: left promiscuous mode [ 581.580485][ T1099] veth1_vlan: left promiscuous mode [ 581.737897][T13514] ntfs3: sr0: Primary boot signature is not NTFS. [ 581.749056][T13514] ntfs3: sr0: try to read out of volume at offset 0xf800 [ 582.507566][ T1099] team0 (unregistering): Port device team_slave_1 removed [ 582.609174][ T1099] team0 (unregistering): Port device team_slave_0 removed [ 583.293269][T13440] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 583.303841][T13440] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 583.317010][T13440] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 583.327208][T13440] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 583.376247][T13520] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2313'. [ 583.486404][ T30] usb 7-1: USB disconnect, device number 27 [ 583.575353][ T4792] Bluetooth: hci0: command tx timeout [ 583.578084][T13520] team0 (unregistering): Port device team_slave_0 removed [ 583.586727][T13520] team0 (unregistering): Port device team_slave_1 removed [ 583.626978][T13440] 8021q: adding VLAN 0 to HW filter on device bond0 [ 583.658953][T13440] 8021q: adding VLAN 0 to HW filter on device team0 [ 583.697256][T13052] bridge0: port 1(bridge_slave_0) entered blocking state [ 583.700310][T13052] bridge0: port 1(bridge_slave_0) entered forwarding state [ 583.703027][T13052] bridge0: port 2(bridge_slave_1) entered blocking state [ 583.705025][T13052] bridge0: port 2(bridge_slave_1) entered forwarding state [ 583.734154][ T39] kauditd_printk_skb: 45 callbacks suppressed [ 583.734164][ T39] audit: type=1326 audit(1728129760.106:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13544 comm="syz.1.2317" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 583.772145][ T39] audit: type=1326 audit(1728129760.106:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13544 comm="syz.1.2317" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 583.778392][ T39] audit: type=1326 audit(1728129760.126:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13544 comm="syz.1.2317" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 583.785850][ T39] audit: type=1326 audit(1728129760.126:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13544 comm="syz.1.2317" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 583.792052][ T39] audit: type=1326 audit(1728129760.126:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13544 comm="syz.1.2317" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 583.812554][ T39] audit: type=1326 audit(1728129760.126:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13544 comm="syz.1.2317" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 583.831439][ T39] audit: type=1326 audit(1728129760.126:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13544 comm="syz.1.2317" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 583.849647][ T39] audit: type=1326 audit(1728129760.126:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13544 comm="syz.1.2317" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 583.861306][ T39] audit: type=1326 audit(1728129760.126:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13544 comm="syz.1.2317" exe="/syz-executor" sig=0 arch=40000003 syscall=101 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 583.882623][ T39] audit: type=1326 audit(1728129760.126:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13544 comm="syz.1.2317" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd2579 code=0x7ffc0000 [ 583.972569][T13440] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 584.000611][T13568] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2323'. [ 584.029086][T13568] bond2: entered promiscuous mode [ 584.045506][T13440] veth0_vlan: entered promiscuous mode [ 584.104211][T13568] veth3: entered promiscuous mode [ 584.106567][T13568] bond2: (slave veth3): Enslaving as an active interface with an up link [ 584.113527][T13576] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2323'. [ 584.137985][T13576] bond2 (unregistering): (slave veth3): Releasing backup interface [ 584.143981][T13576] veth3: left promiscuous mode [ 584.150202][T13576] bond2 (unregistering): Released all slaves [ 584.160311][T13440] veth1_vlan: entered promiscuous mode [ 584.168803][T13440] veth0_macvtap: entered promiscuous mode [ 584.171798][T13440] veth1_macvtap: entered promiscuous mode [ 584.175173][T13580] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2328'. [ 584.188802][T13440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 584.191593][T13440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 584.194134][T13440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 584.197111][T13440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 584.200769][T13440] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 584.205373][T13440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 584.208134][T13440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 584.210655][T13440] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 584.213340][T13440] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 584.216971][T13440] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 584.220980][T13440] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 584.223268][T13440] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 584.233618][T13440] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 584.237164][T13440] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 584.265531][T13582] syz.0.2329[13582] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 584.265618][T13582] syz.0.2329[13582] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 584.269938][T13582] syz.0.2329[13582] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 584.296929][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 584.306770][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 584.327241][T13584] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2330'. [ 584.329646][T13584] netlink: 'syz.1.2330': attribute type 2 has an invalid length. [ 584.338143][ T1027] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 584.340634][ T1027] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 584.607319][T13608] : renamed from vlan0 [ 584.772172][T13612] bond1: entered promiscuous mode [ 584.773567][T13612] bond1: entered allmulticast mode [ 584.776193][T13612] 8021q: adding VLAN 0 to HW filter on device bond1 [ 584.878848][T13612] bond1 (unregistering): Released all slaves [ 585.141957][T13624] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2347'. [ 585.144737][T13624] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2347'. [ 585.333129][T13600] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 585.336301][T13600] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 585.337896][T13600] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 585.344774][T13600] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 585.347799][T13600] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 585.349501][T13600] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 585.351670][T13600] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 585.597576][T13649] IPv6: NLM_F_CREATE should be specified when creating new route [ 586.248595][T13700] veth0_vlan: entered allmulticast mode [ 586.552224][T13721] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2391'. [ 586.614586][ T4792] Bluetooth: hci3: command 0x0406 tx timeout [ 586.832386][ T67] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 586.837002][ T67] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 586.844684][ T67] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 586.853558][ T67] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 586.857016][ T67] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 586.860148][ T67] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 586.939723][T11393] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 587.037172][T11393] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 587.078245][T13731] chnl_net:caif_netlink_parms(): no params data found [ 587.146702][T11393] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 587.195772][T13731] bridge0: port 1(bridge_slave_0) entered blocking state [ 587.204542][T13731] bridge0: port 1(bridge_slave_0) entered disabled state [ 587.206480][T13731] bridge_slave_0: entered allmulticast mode [ 587.208442][T13731] bridge_slave_0: entered promiscuous mode [ 587.215569][T13731] bridge0: port 2(bridge_slave_1) entered blocking state [ 587.217440][T13731] bridge0: port 2(bridge_slave_1) entered disabled state [ 587.219310][T13731] bridge_slave_1: entered allmulticast mode [ 587.221298][T13731] bridge_slave_1: entered promiscuous mode [ 587.254554][T13731] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 587.262872][ C3] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 587.274967][T11393] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 587.283096][T13731] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 587.351089][T13731] team0: Port device team_slave_0 added [ 587.355779][T13731] team0: Port device team_slave_1 added [ 587.357671][T13761] netlink: 'syz.0.2405': attribute type 4 has an invalid length. [ 587.384383][T13731] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 587.386535][T13731] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 587.393783][T13731] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 587.397816][T13731] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 587.399588][T13731] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 587.406815][T13731] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 587.415021][ T4792] Bluetooth: hci0: command 0x0419 tx timeout [ 587.415038][ T67] Bluetooth: hci1: command 0x0c1a tx timeout [ 587.462928][T13731] hsr_slave_0: entered promiscuous mode [ 587.466112][T13731] hsr_slave_1: entered promiscuous mode [ 587.468780][T13731] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 587.472763][T13731] Cannot create hsr debugfs directory [ 587.495413][T11393] bridge_slave_1: left allmulticast mode [ 587.496942][T11393] bridge_slave_1: left promiscuous mode [ 587.499375][T11393] bridge0: port 2(bridge_slave_1) entered disabled state [ 587.502327][T11393] bridge_slave_0: left allmulticast mode [ 587.503870][T11393] bridge0: port 1(bridge_slave_0) entered disabled state [ 587.843192][T11393] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 587.847807][T11393] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 587.851513][T11393] bond0 (unregistering): Released all slaves [ 587.856014][T11393] bond1 (unregistering): Released all slaves [ 587.860510][T11393] bond2 (unregistering): Released all slaves [ 587.865264][T11393] bond3 (unregistering): Released all slaves [ 587.870141][T11393] bond4 (unregistering): Released all slaves [ 587.875144][T11393] bond5 (unregistering): Released all slaves [ 587.880089][T11393] bond6 (unregistering): Released all slaves [ 587.895726][T11393] bond7 (unregistering): Released all slaves [ 587.901275][T11393] bond8 (unregistering): Released all slaves [ 587.911153][T11393] bond9 (unregistering): Released all slaves [ 587.919275][T11393] bond10 (unregistering): Released all slaves [ 587.924878][T11393] bond11 (unregistering): Released all slaves [ 587.933797][T11393] bond12 (unregistering): Released all slaves [ 587.940499][T11393] bond13 (unregistering): Released all slaves [ 587.949833][T11393] bond14 (unregistering): Released all slaves [ 587.960241][T11393] bond15 (unregistering): Released all slaves [ 587.966915][T11393] bond16 (unregistering): Released all slaves [ 587.971670][T11393] bond17 (unregistering): Released all slaves [ 587.976491][T11393] bond18 (unregistering): Released all slaves [ 587.983382][T11393] bond19 (unregistering): Released all slaves [ 587.991355][T11393] bond20 (unregistering): Released all slaves [ 587.999988][T11393] bond21 (unregistering): Released all slaves [ 588.006892][T11393] bond22 (unregistering): Released all slaves [ 588.011841][T11393] bond23 (unregistering): Released all slaves [ 588.016178][T11393] bond24 (unregistering): Released all slaves [ 588.020479][T11393] bond25 (unregistering): Released all slaves [ 588.024833][T11393] bond26 (unregistering): Released all slaves [ 588.029052][T11393] bond27 (unregistering): Released all slaves [ 588.033350][T11393] bond28 (unregistering): Released all slaves [ 588.037773][T11393] bond29 (unregistering): Released all slaves [ 588.042444][T11393] bond30 (unregistering): Released all slaves [ 588.050133][T11393] bond31 (unregistering): Released all slaves [ 588.054387][T11393] bond32 (unregistering): Released all slaves [ 588.061238][T11393] bond33 (unregistering): Released all slaves [ 588.068253][T11393] bond34 (unregistering): Released all slaves [ 588.076276][T11393] bond35 (unregistering): Released all slaves [ 588.085432][T11393] bond36 (unregistering): Released all slaves [ 588.091426][T11393] bond37 (unregistering): Released all slaves [ 588.100118][T11393] bond38 (unregistering): Released all slaves [ 588.106716][T11393] bond39 (unregistering): Released all slaves [ 588.114066][T11393] bond40 (unregistering): Released all slaves [ 588.123179][T11393] bond41 (unregistering): Released all slaves [ 588.129984][T11393] bond42 (unregistering): Released all slaves [ 588.134476][T11393] bond43 (unregistering): Released all slaves [ 588.141594][T11393] bond44 (unregistering): Released all slaves [ 588.150796][T11393] bond45 (unregistering): Released all slaves [ 588.155717][T11393] bond46 (unregistering): Released all slaves [ 588.162682][T11393] bond47 (unregistering): Released all slaves [ 588.171583][T11393] bond48 (unregistering): Released all slaves [ 588.177185][T11393] bond49 (unregistering): Released all slaves [ 588.183661][T11393] bond50 (unregistering): Released all slaves [ 588.193942][T11393] bond51 (unregistering): Released all slaves [ 588.201842][T11393] bond52 (unregistering): Released all slaves [ 588.206299][T11393] bond53 (unregistering): Released all slaves [ 588.210815][T11393] bond54 (unregistering): Released all slaves [ 588.215172][T11393] bond55 (unregistering): Released all slaves [ 588.219516][T11393] bond56 (unregistering): Released all slaves [ 588.223709][T11393] bond57 (unregistering): Released all slaves [ 588.231462][T11393] bond58 (unregistering): Released all slaves [ 588.235808][T11393] bond59 (unregistering): Released all slaves [ 588.240188][T11393] bond60 (unregistering): Released all slaves [ 588.244407][T11393] bond61 (unregistering): Released all slaves [ 588.250006][T11393] bond62 (unregistering): Released all slaves [ 588.382896][T13788] netlink: 152 bytes leftover after parsing attributes in process `syz.0.2416'. [ 588.417605][T11393] tipc: Disabling bearer [ 588.419056][T11393] tipc: Left network mode [ 588.556321][T13801] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 588.727856][T13817] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2427'. [ 588.949578][ T67] Bluetooth: hci4: command tx timeout [ 588.952868][T13825] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2429'. [ 589.130594][T11393] hsr_slave_0: left promiscuous mode [ 589.133525][T11393] hsr_slave_1: left promiscuous mode [ 589.136940][T11393] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 589.138891][T11393] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 589.146652][T11393] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 589.148694][T11393] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 589.167823][T11393] veth0_macvtap: left promiscuous mode [ 589.345001][ T39] kauditd_printk_skb: 106 callbacks suppressed [ 589.345012][ T39] audit: type=1326 audit(1728129765.716:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13858 comm="+}[@" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 589.352082][ T39] audit: type=1326 audit(1728129765.716:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13858 comm="+}[@" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 589.357866][ T39] audit: type=1326 audit(1728129765.726:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13858 comm="+}[@" exe="/syz-executor" sig=0 arch=40000003 syscall=187 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 589.363310][ T39] audit: type=1326 audit(1728129765.726:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13858 comm="+}[@" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 589.369526][ T39] audit: type=1326 audit(1728129765.726:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13858 comm="+}[@" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 589.494816][ T67] Bluetooth: hci1: command 0x0c1a tx timeout [ 589.495103][ T4792] Bluetooth: hci0: command 0x0419 tx timeout [ 589.883523][T11393] team0 (unregistering): Port device team_slave_1 removed [ 589.986729][T11393] team0 (unregistering): Port device team_slave_0 removed [ 590.546100][T13842] __nla_validate_parse: 1 callbacks suppressed [ 590.546122][T13842] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2435'. [ 590.552549][T13842] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2435'. [ 590.555900][T13861] netem: incorrect ge model size [ 590.558826][T13861] netem: change failed [ 590.578453][T13870] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2446'. [ 590.595369][T13731] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 590.599510][T13731] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 590.602598][T13731] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 590.607120][T13731] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 590.608946][ T39] audit: type=1326 audit(1728129766.986:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13875 comm="syz.3.2448" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 590.614290][ T39] audit: type=1326 audit(1728129766.986:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13875 comm="syz.3.2448" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 590.620380][ T39] audit: type=1326 audit(1728129766.986:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13875 comm="syz.3.2448" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 590.626324][ T39] audit: type=1326 audit(1728129766.986:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13875 comm="syz.3.2448" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 590.631903][ T39] audit: type=1326 audit(1728129766.986:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13875 comm="syz.3.2448" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 590.693549][T13731] 8021q: adding VLAN 0 to HW filter on device bond0 [ 590.732962][T13731] 8021q: adding VLAN 0 to HW filter on device team0 [ 590.742643][ T1099] bridge0: port 1(bridge_slave_0) entered blocking state [ 590.744599][ T1099] bridge0: port 1(bridge_slave_0) entered forwarding state [ 590.756651][ T1099] bridge0: port 2(bridge_slave_1) entered blocking state [ 590.758618][ T1099] bridge0: port 2(bridge_slave_1) entered forwarding state [ 590.901013][T13731] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 590.916683][T13731] veth0_vlan: entered promiscuous mode [ 590.926109][T13731] veth1_vlan: entered promiscuous mode [ 590.952138][T13731] veth0_macvtap: entered promiscuous mode [ 590.955266][T13731] veth1_macvtap: entered promiscuous mode [ 590.965229][T13731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 590.965311][T11393] IPVS: stop unused estimator thread 0... [ 590.967848][T13731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 590.967859][T13731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 590.967867][T13731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 590.985266][T13731] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 590.992037][T13731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 590.995467][T13731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 590.997992][T13731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 591.000730][T13731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 591.004007][T13731] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 591.011619][T13731] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 591.013914][T13731] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 591.016370][T13731] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 591.018596][T13731] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 591.024808][ T4792] Bluetooth: hci4: command tx timeout [ 591.059615][T11393] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 591.062247][T11393] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 591.086222][ T1099] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 591.088307][ T1099] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 591.128516][T13914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2395'. [ 591.130924][T13914] bridge_slave_1: left allmulticast mode [ 591.132394][T13914] bridge_slave_1: left promiscuous mode [ 591.134012][T13914] bridge0: port 2(bridge_slave_1) entered disabled state [ 591.157959][T13914] bridge_slave_0: left allmulticast mode [ 591.159584][T13914] bridge_slave_0: left promiscuous mode [ 591.161242][T13914] bridge0: port 1(bridge_slave_0) entered disabled state [ 591.229053][T13920] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2395'. [ 591.574507][ T4792] Bluetooth: hci0: command 0x0419 tx timeout [ 591.574747][ T67] Bluetooth: hci1: command 0x0c1a tx timeout [ 591.952731][T13938] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 592.007342][T13942] syz.1.2467[13942] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 592.007395][T13942] syz.1.2467[13942] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 592.010456][T13942] syz.1.2467[13942] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 592.144303][T13942] tipc: Enabling of bearer rejected, failed to enable media [ 592.251190][ T5385] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0 [ 592.258403][ T5385] hid-generic 0000:0000:0000.001F: hidraw1: HID v0.00 Device [syz0] on syz0 [ 592.379397][T13963] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2477'. [ 593.094714][ T67] Bluetooth: hci4: command tx timeout [ 593.124228][T13980] ALSA: seq fatal error: cannot create timer (-22) [ 593.209187][T13986] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2486'. [ 593.360459][T13995] netlink: 4 bytes leftover after parsing attributes in process `+}[@'. [ 593.428791][T13999] netlink: 7 bytes leftover after parsing attributes in process `syz.1.2492'. [ 593.468919][T13995] hsr_slave_1 (unregistering): left promiscuous mode [ 593.654523][ T67] Bluetooth: hci0: command 0x0419 tx timeout [ 593.854274][T14038] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2507'. [ 593.859328][T14038] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 593.862205][T14038] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 593.864686][T14038] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 593.866982][T14038] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 593.871153][T14038] vxlan0: entered promiscuous mode [ 593.872557][T14038] vxlan0: entered allmulticast mode [ 594.055792][T14055] netlink: 'syz.2.2515': attribute type 10 has an invalid length. [ 594.063517][T14055] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 594.067589][T14055] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 594.490541][ T5404] IPVS: starting estimator thread 0... [ 594.493314][T14101] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 594.496736][T14101] tipc: Enabled bearer , priority 10 [ 594.528821][T14106] syz.2.2536 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 594.529195][ T39] kauditd_printk_skb: 86 callbacks suppressed [ 594.529207][ T39] audit: type=1326 audit(1728129770.906:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14105 comm="syz.2.2536" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 594.538242][ T39] audit: type=1326 audit(1728129770.906:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14105 comm="syz.2.2536" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 594.543770][ T39] audit: type=1326 audit(1728129770.906:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14105 comm="syz.2.2536" exe="/syz-executor" sig=0 arch=40000003 syscall=104 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 594.551095][ T39] audit: type=1326 audit(1728129770.906:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14105 comm="syz.2.2536" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 594.559138][ T39] audit: type=1326 audit(1728129770.906:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14105 comm="syz.2.2536" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 594.564266][ T39] audit: type=1326 audit(1728129770.916:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14108 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 594.569504][ T39] audit: type=1326 audit(1728129770.916:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14108 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 594.574666][ T39] audit: type=1326 audit(1728129770.916:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14108 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 594.579769][ T39] audit: type=1326 audit(1728129770.916:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14108 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 594.582007][T14116] random: crng reseeded on system resumption [ 594.585678][ T39] audit: type=1326 audit(1728129770.916:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14108 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 594.594604][T14102] IPVS: using max 35 ests per chain, 84000 per kthread [ 594.607039][T14114] hub 8-0:1.0: USB hub found [ 594.608497][T14114] hub 8-0:1.0: 1 port detected [ 594.636111][ C2] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 594.801668][T14137] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 594.862332][T14146] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 594.864482][T14146] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 594.867835][T14146] vhci_hcd vhci_hcd.0: Device attached [ 594.870221][T14147] vhci_hcd: connection closed [ 594.876125][ T1099] vhci_hcd: stop threads [ 594.878525][ T1099] vhci_hcd: release socket [ 594.884954][ T1099] vhci_hcd: disconnect device [ 594.904589][ C2] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 595.176054][ T67] Bluetooth: hci4: command tx timeout [ 595.434660][ C2] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 595.578142][T14193] syz.0.2563[14193] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 595.578195][T14193] syz.0.2563[14193] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 595.585198][T14193] syz.0.2563[14193] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 595.914342][T14229] batadv0: entered promiscuous mode [ 596.066230][T14243] usb usb1: usbfs: process 14243 (syz.2.2587) did not claim interface 0 before use [ 596.211851][T14259] __nla_validate_parse: 2 callbacks suppressed [ 596.211868][T14259] netlink: 532 bytes leftover after parsing attributes in process `syz.2.2593'. [ 596.220637][T14262] netlink: 116 bytes leftover after parsing attributes in process `syz.0.2594'. [ 596.382164][T14274] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2599'. [ 596.454560][ C2] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 596.670196][T14301] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2611'. [ 597.007658][T14327] IPv6: Can't replace route, no match found [ 597.254720][T14340] 9pnet_fd: Insufficient options for proto=fd [ 597.468505][T14351] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2633'. [ 597.494544][ C2] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 597.648702][T14358] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 597.934072][T14361] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2637'. [ 597.958773][T14364] smc: net device bond0 applied user defined pnetid SYZ0 [ 597.961929][T14364] smc: net device bond0 erased user defined pnetid SYZ0 [ 598.062861][T14371] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2642'. [ 598.257570][T14382] pimreg: entered allmulticast mode [ 598.260199][T14382] pimreg: left allmulticast mode [ 598.544499][ C2] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 598.869026][T14436] syzkaller0: entered promiscuous mode [ 598.870502][T14436] syzkaller0: entered allmulticast mode [ 599.577694][ C2] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 600.049822][ T39] kauditd_printk_skb: 224 callbacks suppressed [ 600.049833][ T39] audit: type=1326 audit(1728129776.426:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.2.2681" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 600.057971][ T39] audit: type=1326 audit(1728129776.426:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.2.2681" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 600.063995][ T39] audit: type=1326 audit(1728129776.426:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.2.2681" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 600.071670][ T39] audit: type=1326 audit(1728129776.426:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.2.2681" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 600.078701][ T39] audit: type=1326 audit(1728129776.426:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.2.2681" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 600.086697][ T39] audit: type=1326 audit(1728129776.426:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.2.2681" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 600.094039][ T39] audit: type=1326 audit(1728129776.426:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.2.2681" exe="/syz-executor" sig=0 arch=40000003 syscall=93 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 600.099951][ T39] audit: type=1326 audit(1728129776.426:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.2.2681" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 600.107231][ T39] audit: type=1326 audit(1728129776.426:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.2.2681" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 600.115156][ T39] audit: type=1326 audit(1728129776.426:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14460 comm="syz.2.2681" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd1579 code=0x7ffc0000 [ 600.233580][T14461] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2681'. [ 600.236004][T14461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2681'. [ 600.457108][T14479] syz.1.2687[14479] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 600.457179][T14479] syz.1.2687[14479] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 600.467960][T14479] syz.1.2687[14479] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 600.605853][T14493] Invalid ELF header magic: != ELF [ 600.614664][ C2] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 600.657950][T14496] Invalid ELF header magic: != ELF [ 600.672729][T14493] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2695'. [ 600.787748][T14503] bond1: entered promiscuous mode [ 600.791053][T14503] bond1: entered allmulticast mode [ 600.793323][T14503] 8021q: adding VLAN 0 to HW filter on device bond1 [ 600.841994][T14512] 9pnet_fd: Insufficient options for proto=fd [ 600.969281][T14503] bond1 (unregistering): Released all slaves [ 601.278402][T14538] __nla_validate_parse: 2 callbacks suppressed [ 601.278414][T14538] netlink: 232 bytes leftover after parsing attributes in process `syz.3.2713'. [ 601.282572][T14538] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2713'. [ 601.327485][T14544] netlink: 'syz.3.2715': attribute type 39 has an invalid length. [ 601.613546][T14565] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2727'. [ 601.621720][T14565] ------------[ cut here ]------------ [ 601.623490][T14565] refcount_t: underflow; use-after-free. [ 601.625534][T14565] WARNING: CPU: 1 PID: 14565 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210 [ 601.628162][T14565] Modules linked in: [ 601.629290][T14565] CPU: 1 UID: 0 PID: 14565 Comm: syz.1.2727 Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 601.634672][T14565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 601.638342][T14565] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 601.640483][T14565] Code: ff 89 de e8 a8 2e 04 fd 84 db 0f 85 66 ff ff ff e8 bb 2c 04 fd c6 05 0a 14 7d 0b 01 90 48 c7 c7 60 d6 b0 8b e8 07 ac c5 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 98 2c 04 fd 0f b6 1d e5 13 7d 0b 31 [ 601.647149][T14565] RSP: 0018:ffffc90003376e50 EFLAGS: 00010286 [ 601.649266][T14565] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc90002a8e000 [ 601.651968][T14565] RDX: 0000000000040000 RSI: ffffffff814e28c6 RDI: 0000000000000001 [ 601.654798][T14565] RBP: ffff88801f5fb624 R08: 0000000000000001 R09: 0000000000000000 [ 601.657546][T14565] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000002 [ 601.660273][T14565] R13: 0000000000000000 R14: ffff88801f5fb624 R15: 0000000000000001 [ 601.662992][T14565] FS: 0000000000000000(0000) GS:ffff88802b500000(0063) knlGS:00000000f5756b40 [ 601.664582][ C2] IPVS: sh: UDP 224.0.0.2:0 - no destination available [ 601.666173][T14565] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 601.670225][T14565] CR2: 0000000020001080 CR3: 000000005ccfc000 CR4: 0000000000352ef0 [ 601.672957][T14565] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 601.675712][T14565] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 601.678442][T14565] Call Trace: [ 601.679620][T14565] [ 601.680667][T14565] ? __warn+0xea/0x3d0 [ 601.682111][T14565] ? refcount_warn_saturate+0x14a/0x210 [ 601.684041][T14565] ? report_bug+0x3c0/0x580 [ 601.685758][T14565] ? handle_bug+0x54/0xa0 [ 601.687276][T14565] ? exc_invalid_op+0x17/0x50 [ 601.688917][T14565] ? asm_exc_invalid_op+0x1a/0x20 [ 601.690655][T14565] ? __warn_printk+0x1a6/0x350 [ 601.692333][T14565] ? refcount_warn_saturate+0x14a/0x210 [ 601.694303][T14565] sk_skb_reason_drop+0x183/0x1a0 [ 601.696189][T14565] j1939_session_destroy+0x163/0x460 [ 601.698063][T14565] j1939_session_deactivate_locked+0x275/0x320 [ 601.700197][T14565] j1939_cancel_active_session+0x183/0x350 [ 601.702257][T14565] j1939_netdev_notify+0x19e/0x1e0 [ 601.704034][T14565] notifier_call_chain+0xb9/0x410 [ 601.705968][T14565] ? __pfx_j1939_netdev_notify+0x10/0x10 [ 601.707910][T14565] call_netdevice_notifiers_info+0xbe/0x140 [ 601.710036][T14565] dev_close_many+0x333/0x6a0 [ 601.711705][T14565] ? vprintk+0x86/0xa0 [ 601.713182][T14565] ? _printk+0xc8/0x100 [ 601.714758][T14565] ? __pfx_dev_close_many+0x10/0x10 [ 601.716604][T14565] ? ___ratelimit+0x24c/0x570 [ 601.718287][T14565] ? __pfx_lock_release+0x10/0x10 [ 601.720070][T14565] unregister_netdevice_many_notify+0x489/0x1e50 [ 601.722308][T14565] ? do_trace_netlink_extack+0x16d/0x1e0 [ 601.724287][T14565] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 601.726743][T14565] ? __kernel_text_address+0xd/0x40 [ 601.728597][T14565] ? unregister_netdevice_queue+0x22f/0x3f0 [ 601.730689][T14565] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 601.732858][T14565] ? mark_lock+0xb5/0xc60 [ 601.734478][T14565] ? __pfx_vxcan_dellink+0x10/0x10 [ 601.736191][T14565] rtnl_dellink+0x3c9/0xae0 [ 601.737733][T14565] ? kasan_save_stack+0x42/0x60 [ 601.739349][T14565] ? kasan_save_stack+0x33/0x60 [ 601.740962][T14565] ? __pfx_rtnl_dellink+0x10/0x10 [ 601.742624][T14565] ? kmem_cache_free+0x152/0x4b0 [ 601.744400][T14565] ? trace_contention_end+0xea/0x140 [ 601.746342][T14565] ? __mutex_lock+0x1a6/0x9c0 [ 601.747983][T14565] ? rtnetlink_rcv_msg+0x372/0xea0 [ 601.749770][T14565] ? __pfx___mutex_lock+0x10/0x10 [ 601.751519][T14565] ? rtnetlink_rcv_msg+0x35a/0xea0 [ 601.753319][T14565] ? __pfx_rtnl_dellink+0x10/0x10 [ 601.755146][T14565] rtnetlink_rcv_msg+0x3c7/0xea0 [ 601.756881][T14565] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 601.757400][T14462] warn_alloc: 1 callbacks suppressed [ 601.757411][T14462] syz.2.2681: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null) [ 601.758756][T14565] ? __pfx___dev_queue_xmit+0x10/0x10 [ 601.758792][T14565] netlink_rcv_skb+0x165/0x410 [ 601.760321][T14462] ,cpuset= [ 601.765373][T14565] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 601.765405][T14565] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 601.768677][T14462] / [ 601.768991][T14565] ? netlink_deliver_tap+0x1ae/0xcf0 [ 601.770162][T14462] ,mems_allowed=0-1 [ 601.771949][T14565] netlink_unicast+0x53c/0x7f0 [ 601.771976][T14565] ? __pfx_netlink_unicast+0x10/0x10 [ 601.773433][T14462] [ 601.774219][T14565] ? __phys_addr_symbol+0x30/0x80 [ 601.776097][T14462] CPU: 0 UID: 0 PID: 14462 Comm: syz.2.2681 Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 601.776944][T14565] ? __check_object_size+0x488/0x710 [ 601.778192][T14462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 601.779905][T14565] netlink_sendmsg+0x8b8/0xd70 [ 601.780535][T14462] Call Trace: [ 601.780542][T14462] [ 601.782271][T14565] ? __pfx_netlink_sendmsg+0x10/0x10 [ 601.785033][T14462] dump_stack_lvl+0x16c/0x1f0 [ 601.785056][T14462] warn_alloc+0x24d/0x3a0 [ 601.785073][T14462] ? __pfx_warn_alloc+0x10/0x10 [ 601.785104][T14462] ? __get_vm_area_node+0x190/0x2d0 [ 601.787062][T14565] ? lock_acquire+0x2f/0xb0 [ 601.789831][T14462] ? __get_vm_area_node+0x1bc/0x2d0 [ 601.791485][T14565] ____sys_sendmsg+0x9ae/0xb40 [ 601.792367][T14462] __vmalloc_node_range_noprof+0x114a/0x15a0 [ 601.793406][T14565] ? __pfx_____sys_sendmsg+0x10/0x10 [ 601.794797][T14462] ? hash_netiface_create+0x3ea/0x1250 [ 601.794821][T14462] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 601.794837][T14462] ? __get_vm_area_node+0x190/0x2d0 [ 601.794849][T14462] ? __get_vm_area_node+0x1bc/0x2d0 [ 601.796473][T14565] ? get_compat_msghdr+0x11b/0x170 [ 601.797613][T14462] __vmalloc_node_range_noprof+0xd85/0x15a0 [ 601.799298][T14565] ? __pfx___lock_acquire+0x10/0x10 [ 601.800652][T14462] ? hash_netiface_create+0x3ea/0x1250 [ 601.802253][T14565] ___sys_sendmsg+0x135/0x1e0 [ 601.803603][T14462] ? hash_netiface_create+0x3ea/0x1250 [ 601.805326][T14565] ? __pfx____sys_sendmsg+0x10/0x10 [ 601.806840][T14462] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 601.808681][T14565] ? lock_acquire+0x2f/0xb0 [ 601.810085][T14462] ? trace_kmalloc+0x2d/0xe0 [ 601.812252][T14565] ? __fget_files+0x40/0x3f0 [ 601.813617][T14462] ? __kmalloc_node_noprof.cold+0x5a/0x5f [ 601.815072][T14565] ? fdget+0x176/0x210 [ 601.816353][T14462] ? hash_netiface_create+0x3ea/0x1250 [ 601.817937][T14565] __sys_sendmsg+0x117/0x1f0 [ 601.819283][T14462] __kvmalloc_node_noprof+0x14f/0x1a0 [ 601.820699][T14565] ? __pfx___sys_sendmsg+0x10/0x10 [ 601.821943][T14462] ? hash_netiface_create+0x3ea/0x1250 [ 601.823395][T14565] ? __ia32_sys_futex_time32+0x1da/0x460 [ 601.824748][T14462] hash_netiface_create+0x3ea/0x1250 [ 601.824767][T14462] ? __nla_parse+0x1b/0x60 [ 601.824803][T14462] ? __pfx_hash_netiface_create+0x10/0x10 [ 601.824816][T14462] ip_set_create+0x62a/0x1400 [ 601.824833][T14462] ? __pfx_ip_set_create+0x10/0x10 [ 601.824845][T14462] ? rcu_is_watching+0x12/0xc0 [ 601.824873][T14462] nfnetlink_rcv_msg+0x9c3/0x11e0 [ 601.824892][T14462] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 601.826539][T14565] __do_fast_syscall_32+0x73/0x120 [ 601.827754][T14462] ? find_held_lock+0x2d/0x110 [ 601.828972][T14565] do_fast_syscall_32+0x32/0x80 [ 601.830199][T14462] netlink_rcv_skb+0x165/0x410 [ 601.831658][T14565] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 601.832725][T14462] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 601.834147][T14565] RIP: 0023:0xf7fd2579 [ 601.835351][T14462] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 601.835368][T14462] ? __pfx_aa_get_newest_label+0x10/0x10 [ 601.835387][T14462] ? bpf_lsm_capable+0x9/0x10 [ 601.836783][T14565] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 601.838117][T14462] ? security_capable+0x7e/0x260 [ 601.839533][T14565] RSP: 002b:00000000f575656c EFLAGS: 00000296 [ 601.841026][T14462] ? ns_capable+0xd7/0x110 [ 601.842415][T14565] ORIG_RAX: 0000000000000172 [ 601.843594][T14462] nfnetlink_rcv+0x1b4/0x430 [ 601.845147][T14565] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200 [ 601.846355][T14462] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 601.847698][T14565] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 601.848961][T14462] ? netlink_deliver_tap+0x1ae/0xcf0 [ 601.850291][T14565] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 601.851728][T14462] netlink_unicast+0x53c/0x7f0 [ 601.853084][T14565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 601.854340][T14462] ? __pfx_netlink_unicast+0x10/0x10 [ 601.855653][T14565] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 601.856892][T14462] ? __phys_addr_symbol+0x30/0x80 [ 601.858553][T14565] [ 601.859965][T14462] ? __check_object_size+0x488/0x710 [ 601.861057][T14565] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 601.861067][T14565] CPU: 1 UID: 0 PID: 14565 Comm: syz.1.2727 Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 601.861081][T14565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 601.861087][T14565] Call Trace: [ 601.861091][T14565] [ 601.861096][T14565] dump_stack_lvl+0x3d/0x1f0 [ 601.861115][T14565] panic+0x71d/0x800 [ 601.861130][T14565] ? __pfx_panic+0x10/0x10 [ 601.861144][T14565] ? show_trace_log_lvl+0x29d/0x3d0 [ 601.861162][T14565] ? refcount_warn_saturate+0x14a/0x210 [ 601.861179][T14565] check_panic_on_warn+0xab/0xb0 [ 601.861194][T14565] __warn+0xf6/0x3d0 [ 601.861208][T14565] ? refcount_warn_saturate+0x14a/0x210 [ 601.861225][T14565] report_bug+0x3c0/0x580 [ 601.861240][T14565] handle_bug+0x54/0xa0 [ 601.861255][T14565] exc_invalid_op+0x17/0x50 [ 601.861270][T14565] asm_exc_invalid_op+0x1a/0x20 [ 601.861283][T14565] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 601.861300][T14565] Code: ff 89 de e8 a8 2e 04 fd 84 db 0f 85 66 ff ff ff e8 bb 2c 04 fd c6 05 0a 14 7d 0b 01 90 48 c7 c7 60 d6 b0 8b e8 07 ac c5 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 98 2c 04 fd 0f b6 1d e5 13 7d 0b 31 [ 601.861311][T14565] RSP: 0018:ffffc90003376e50 EFLAGS: 00010286 [ 601.861320][T14565] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc90002a8e000 [ 601.861327][T14565] RDX: 0000000000040000 RSI: ffffffff814e28c6 RDI: 0000000000000001 [ 601.861334][T14565] RBP: ffff88801f5fb624 R08: 0000000000000001 R09: 0000000000000000 [ 601.861340][T14565] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000002 [ 601.861347][T14565] R13: 0000000000000000 R14: ffff88801f5fb624 R15: 0000000000000001 [ 601.861358][T14565] ? __warn_printk+0x1a6/0x350 [ 601.861375][T14565] sk_skb_reason_drop+0x183/0x1a0 [ 601.861387][T14565] j1939_session_destroy+0x163/0x460 [ 601.861404][T14565] j1939_session_deactivate_locked+0x275/0x320 [ 601.861420][T14565] j1939_cancel_active_session+0x183/0x350 [ 601.861438][T14565] j1939_netdev_notify+0x19e/0x1e0 [ 601.861450][T14565] notifier_call_chain+0xb9/0x410 [ 601.861463][T14565] ? __pfx_j1939_netdev_notify+0x10/0x10 [ 601.861477][T14565] call_netdevice_notifiers_info+0xbe/0x140 [ 601.861489][T14565] dev_close_many+0x333/0x6a0 [ 601.861499][T14565] ? vprintk+0x86/0xa0 [ 601.861514][T14565] ? _printk+0xc8/0x100 [ 601.861529][T14565] ? __pfx_dev_close_many+0x10/0x10 [ 601.861540][T14565] ? ___ratelimit+0x24c/0x570 [ 601.861554][T14565] ? __pfx_lock_release+0x10/0x10 [ 601.861571][T14565] unregister_netdevice_many_notify+0x489/0x1e50 [ 601.861587][T14565] ? do_trace_netlink_extack+0x16d/0x1e0 [ 601.861607][T14565] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 601.861623][T14565] ? __kernel_text_address+0xd/0x40 [ 601.861644][T14565] ? unregister_netdevice_queue+0x22f/0x3f0 [ 601.861660][T14565] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 601.861676][T14565] ? mark_lock+0xb5/0xc60 [ 601.861693][T14565] ? __pfx_vxcan_dellink+0x10/0x10 [ 601.861707][T14565] rtnl_dellink+0x3c9/0xae0 [ 601.861722][T14565] ? kasan_save_stack+0x42/0x60 [ 601.861736][T14565] ? kasan_save_stack+0x33/0x60 [ 601.861749][T14565] ? __pfx_rtnl_dellink+0x10/0x10 [ 601.861762][T14565] ? kmem_cache_free+0x152/0x4b0 [ 601.861796][T14565] ? trace_contention_end+0xea/0x140 [ 601.861813][T14565] ? __mutex_lock+0x1a6/0x9c0 [ 601.861828][T14565] ? rtnetlink_rcv_msg+0x372/0xea0 [ 601.861845][T14565] ? __pfx___mutex_lock+0x10/0x10 [ 601.861858][T14565] ? rtnetlink_rcv_msg+0x35a/0xea0 [ 601.861876][T14565] ? __pfx_rtnl_dellink+0x10/0x10 [ 601.861889][T14565] rtnetlink_rcv_msg+0x3c7/0xea0 [ 601.861904][T14565] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 601.861918][T14565] ? __pfx___dev_queue_xmit+0x10/0x10 [ 601.861935][T14565] netlink_rcv_skb+0x165/0x410 [ 601.861947][T14565] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 601.861963][T14565] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 601.861981][T14565] ? netlink_deliver_tap+0x1ae/0xcf0 [ 601.861995][T14565] netlink_unicast+0x53c/0x7f0 [ 601.862008][T14565] ? __pfx_netlink_unicast+0x10/0x10 [ 601.862020][T14565] ? __phys_addr_symbol+0x30/0x80 [ 601.862033][T14565] ? __check_object_size+0x488/0x710 [ 601.862049][T14565] netlink_sendmsg+0x8b8/0xd70 [ 601.862062][T14565] ? __pfx_netlink_sendmsg+0x10/0x10 [ 601.862075][T14565] ? lock_acquire+0x2f/0xb0 [ 601.862093][T14565] ____sys_sendmsg+0x9ae/0xb40 [ 601.862106][T14565] ? __pfx_____sys_sendmsg+0x10/0x10 [ 601.862118][T14565] ? get_compat_msghdr+0x11b/0x170 [ 601.862132][T14565] ? __pfx___lock_acquire+0x10/0x10 [ 601.862148][T14565] ___sys_sendmsg+0x135/0x1e0 [ 601.862164][T14565] ? __pfx____sys_sendmsg+0x10/0x10 [ 601.862184][T14565] ? lock_acquire+0x2f/0xb0 [ 601.862199][T14565] ? __fget_files+0x40/0x3f0 [ 601.862214][T14565] ? fdget+0x176/0x210 [ 601.862226][T14565] __sys_sendmsg+0x117/0x1f0 [ 601.862241][T14565] ? __pfx___sys_sendmsg+0x10/0x10 [ 601.862257][T14565] ? __ia32_sys_futex_time32+0x1da/0x460 [ 601.862279][T14565] __do_fast_syscall_32+0x73/0x120 [ 601.862293][T14565] do_fast_syscall_32+0x32/0x80 [ 601.862307][T14565] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 601.862322][T14565] RIP: 0023:0xf7fd2579 [ 601.862330][T14565] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 601.862339][T14565] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 601.862350][T14565] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200 [ 601.862357][T14565] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 601.862363][T14565] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 601.862370][T14565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 601.862377][T14565] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 601.862389][T14565] [ 602.042952][T14565] Kernel Offset: disabled [ 602.044180][T14565] Rebooting in 86400 seconds.. VM DIAGNOSIS: 12:02:58 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff90b8dfc6 RDX=0000000000000000 RSI=1ffffffff2171bf9 RDI=ffffffff9034cfb0 RBP=ffffc900033565f8 RSP=ffffc90003356540 R8 =ffffffff90b8dfcc R9 =ffffffff90b8dfca R10=ffffc900033565b0 R11=000000000000d699 R12=ffffc90003356600 R13=ffffc900033565b0 R14=ffffc900033565e5 R15=ffffffff90b8dfcb RIP=ffffffff813cf1eb RFL=00000a06 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000005f21e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85034e45 RDI=ffffffff9a63a220 RBP=ffffffff9a63a1e0 RSP=ffffc900033767b8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000035 R14=ffffffff85034de0 R15=0000000000000000 RIP=ffffffff85034e6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020001080 CR3=000000005ccfc000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=58c45258731f1bcf RCX=ffffffff8169f018 RDX=ffff8880205e8b01 RSI=0000000000000008 RDI=ffff8880205e8b01 RBP=ffff8880205e8ae0 RSP=ffffc90000e4f580 R8 =0000000000000000 R9 =fffffbfff2d31588 R10=ffffffff9698ac47 R11=0000000000000002 R12=dffffc0000000000 R13=ffff8880205e8b08 R14=0000000000000004 R15=ffff8880205e8000 RIP=ffffffff8169ebd2 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000570c74c0 CR3=000000007716a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000003 RBX=0000000000000003 RCX=ffffffff8932ef9f RDX=ffff88801f4ec880 RSI=ffffffff89a0edec RDI=ffff88804944e500 RBP=ffff888026194a00 RSP=ffffc900005f0130 R8 =0000000000000004 R9 =0000000000000007 R10=0000000000000006 R11=0000000000000000 R12=1ffff920000be048 R13=ffff8880607c1e00 R14=ffffc900005f0390 R15=dffffc0000000000 RIP=ffffffff89a0ee1e RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020e68000 CR3=000000000db7c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000