last executing test programs: 17.192427401s ago: executing program 2 (id=1625): futex(&(0x7f0000000180), 0x5, 0x0, 0x0, &(0x7f0000000000), 0xaffffffa) 17.00923516s ago: executing program 2 (id=1626): syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) bpf$ENABLE_STATS(0x20, 0x0, 0x0) clock_settime(0x1, &(0x7f0000000080)) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000012003007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000007000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f9001cffb702000008000000b703000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x3, 0x139, 0x17, &(0x7f0000000500)="0000001afa3cb651ce2f2f009ec36c27f5dd6628b11d56bfee5d3b0b40e1f3889d2abfc932f2470e1000c2a688f255bfc631de0b4870eae055e7b5507687c130fd8100b55172a4597c46e4ee810630e3df0c2e55f390dafbeb07a5af19e31e7c4dd79a2db1516d4ff45bbfefe2e635b6e1a0e93636615d6e4db60bb4dcbac4538f81c32461402e9133471541fa99df2d666f32c0cee128eb77806d0328067f030683681cac4da7ddef62e8010c6e0bfc055d10716fb772f4954b2146f51d057be2077ce4e53975aec782823220a3874be8c10f10a4cc72e0154f890a20f67f26708d90b6c5c1fa08790bf17aef6998ac2370cf0dc4456c73e85df7bbf285d64bfe30233db0eb197926e9bb99a67867a1f9dc883a396c994c23ab106684bc041ea22e73c7bcfba3e2352d422767120fcf035895c14300000000", &(0x7f00000003c0)=""/23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) socket$nl_generic(0x10, 0x3, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)) r1 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0xfffffffffffffe5e) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000004000000000000000000850000002300000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000400)='de\x00ug\xc4\xd7\xec\xbdWG\x11+Z\x7f\x8c\xd0\xd4\x90E \x0f\xd6\xf4\xce\xad\xa24\xd6q^\xaak\x97\xafC\xca\xefb\xd47\x87\x86\xd7\x18\xc4\x93`y\x03=\x1bi\"\xc0I\xa9\xcal O\xe0S\x826\xa6\x96z\xfb\xdf\xcc\xce\xd1c\xca\n\x0e>\xd3^\xb1\xe09\xa1\x1d\xb6', &(0x7f0000000480)='nobloYc\xf0uR\xeat\x10\xd3\xc2\x0e\xf0\x85\xa6?T\xd6^ {\xf5', 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00', r2}, 0x10) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYRES32, @ANYRESOCT, @ANYRES8, @ANYRES16=r1], 0xb8}}, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000150001000000000000000000e00000020000000000000000000000000000000000000000000000000000000006000000000000000a00000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/111], 0xb8}}, 0x0) 16.798173926s ago: executing program 2 (id=1627): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='dctcp-reno\x00', 0xb) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x0, 0x0, 0x40}]}) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet6(0xa, 0x2, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB, @ANYRES32, @ANYBLOB], 0x64}}, 0x0) connect$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e1f, 0x0, @rand_addr, 0x2}, 0x1c) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$netlink_NETLINK_NO_ENOBUFS(r3, 0x10e, 0x5, &(0x7f0000000000)=0x1000, 0x4) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000100), 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3) write(r3, &(0x7f0000000280)="240000001a005f0214f9f40700090100000000000340000300000002080004004a000000", 0x24) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x0) r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000000)={@my=0x1}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000640)={{@my=0x1}, @hyper, 0x0, 0x2925, 0x0, 0x20000000, 0x4}) ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(r4, 0x7a4, &(0x7f0000000040)={{@my=0x1}}) sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x11) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) preadv2(0xffffffffffffffff, &(0x7f0000000280), 0x0, 0x0, 0x0, 0x0) socket$l2tp6(0xa, 0x2, 0x73) fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, &(0x7f00000000c0)) getsockopt$IP6T_SO_GET_INFO(0xffffffffffffffff, 0x29, 0xb, 0x0, &(0x7f0000000080)) 10.098885544s ago: executing program 2 (id=1635): syz_genetlink_get_family_id$tipc2(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="0103000000000000000007000000"], 0x14}, 0x1, 0x0, 0x0, 0x2000c804}, 0x0) syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f00000001c0)={0x1, @pix={0x0, 0x2, 0x0, 0x0, 0xfffffffa, 0xd9, 0x7, 0x4, 0x0, 0x0, 0x1}}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r1}, 0x10) socket$inet6(0xa, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) syz_emit_vhci(0x0, 0x1d) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) getrusage(0x0, &(0x7f0000000640)) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0x58, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000540)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x14}, @in6=@dev={0xfe, 0x80, '\x00', 0x17}, 0x4e24, 0x4, 0x4e22, 0x0, 0x2, 0x0, 0xa0, 0x6, r2, 0xffffffffffffffff}, {0x7c, 0x1, 0x7, 0xbe3, 0x0, 0x0, 0x9, 0x9}, {0x7fff, 0x1, 0x400, 0x5}, 0xe, 0x6e6bb1, 0x2, 0x1, 0x3}, {{@in6=@empty, 0x4d6, 0xf}, 0xa, @in=@private=0xa010102, 0x3504, 0x4, 0x2, 0x80, 0x3, 0x0, 0x7}}, 0xe4) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$SO_BINDTODEVICE_wg(r3, 0x1, 0x19, &(0x7f0000000080)='wg2\x00', 0x4) connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_int(r3, 0x0, 0x1, &(0x7f00000009c0)=0x1234, 0x4) setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xd2, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000001280)=""/64, 0x40}, {&(0x7f0000000080)=""/64, 0x40}], 0x2, 0x800000, 0x0) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)=ANY=[@ANYBLOB="0b00000000000000090000000000000005000000010000000100000002000000000000007f000000000200008000"/84]) syz_genetlink_get_family_id$l2tp(&(0x7f0000000480), 0xffffffffffffffff) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f0000000040)=0x3) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) 8.677620943s ago: executing program 2 (id=1636): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000040)=0xb6, 0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000019340), 0x0, 0x0) read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a42, 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) execveat(0xffffffffffffff9c, &(0x7f00000001c0)='./file2\x00', 0x0, 0x0, 0x1000) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/block/loop0', 0x0, 0x0) symlinkat(&(0x7f0000000280)='./file2\x00', r2, 0x0) lsm_set_self_attr(0x65, &(0x7f0000000240)=ANY=[], 0x20, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000019400)={0x8, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000300000000000000000000027000000222f00002500feff080000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x2}, 0x90) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x10) r3 = creat(&(0x7f0000019300)='./file0\x00', 0x1de) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, 0x0, 0x0) prlimit64(0x0, 0x6, &(0x7f0000000180)={0x2, 0xffffffff}, 0x0) set_mempolicy(0x8000, &(0x7f0000000140), 0x3) close(r3) 8.047098576s ago: executing program 0 (id=1639): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000600)=ANY=[@ANYRES16, @ANYRES16], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r1, &(0x7f0000000000), 0x10) 7.928747953s ago: executing program 0 (id=1640): r0 = socket(0x1e, 0x4, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) socket$rds(0x15, 0x5, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x2f, &(0x7f0000000380)={0x0}, 0x0) mount$fuse(0x0, &(0x7f0000000240)='./file1/file0/file0\x00', 0x0, 0x10001, 0x0) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x467e}, 0x1c) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x34}}, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[], 0x20}, 0x0) select(0x20000000, 0x0, 0x0, 0x0, 0x0) ioctl$VHOST_GET_VRING_ENDIAN(r1, 0x4008af14, &(0x7f0000000100)={0x3, 0x7}) syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x3}, &(0x7f0000000000), 0x0) syz_io_uring_submit(0x0, 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x4) socket$l2tp6(0xa, 0x2, 0x73) ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000040)) pselect6(0x40, &(0x7f0000000900), 0x0, &(0x7f0000000680)={0xff}, 0x0, 0x0) sched_setaffinity(0x0, 0xffffffffffffff84, &(0x7f0000000080)=0x6) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f000001c100)=""/102400, 0x19000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x1}], 0x1}}], 0x1, 0x0) sched_getaffinity(r3, 0x8, &(0x7f0000000180)) 6.160161106s ago: executing program 1 (id=1643): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, 0x0}) r3 = syz_open_procfs(r2, &(0x7f0000000600)='fd/4\x00') ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r3, 0x6628, 0x0) read$FUSE(r3, &(0x7f0000000640)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_LSEEK(r3, &(0x7f0000000180)={0x18, 0x0, r4}, 0x18) 5.777860677s ago: executing program 1 (id=1644): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0x10, 0x2}, 0x48) socket$kcm(0x10, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setsockopt$MRT_DEL_VIF(0xffffffffffffffff, 0x0, 0xcb, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x4c}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="b80000001400e9990000000003000000fc000000000000000000000000000000fc000000000000000000000000000000000000004e230000020000802b", @ANYRES32=0x0, @ANYRES32=0x0], 0xb8}}, 0x0) 4.00207503s ago: executing program 0 (id=1645): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002400)=@delchain={0x428, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x3}}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_u32={{0x8}, {0x54, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth0_to_team\x00'}, @TCA_U32_INDEV={0x14, 0x8, 'veth0\x00'}, @TCA_U32_HASH={0x8}, @TCA_U32_CLASSID={0x8, 0x1, {0xf}}, @TCA_U32_MARK={0x10}, @TCA_U32_CLASSID={0x8, 0x1, {0xe, 0xfff2}}]}}, @TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0x384, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_POLICE={0x18, 0x5, [@TCA_POLICE_RESULT={0x8, 0x5, 0xa68c}, @TCA_POLICE_RATE64={0xc, 0x8, 0x80000000}]}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_ACT={0x358, 0x6, [@m_ife={0x1b0, 0x0, 0x0, 0x0, {{0x8}, {0x48, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa, 0x4, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}}, @TCA_IFE_PARMS={0x1c}, @TCA_IFE_PARMS={0x1c}]}, {0x141, 0x6, "21b2caeba32a6f7c5900697624a17b85a9db3a31b129a4976a84cfb4f5d651fd8aa24a645c8f63c025fcca463a6b79a3d7e6c9a8b89a140805ef63939ac2e37b49004b0dc3b8446aa7038eceef52fe7bdca153fe865c65015a3b208b282c16472e451aa10a8631235c49cae271f5fc8ce5e34d9938e3d5f43ac7a0e31b0acfc73199ca90e81246819f4c740a4fa3247a2af88d6569da09be7179b89f9f024c9f465098a5a52058a431206bee68089bddc13ffe76ff0f000053fa1517700a54d423c13fb6732a5d39c87101b0882ccd8e86eb437849e249675c60d8a9cf9430b6aa206e8116810b35151fce1e1bf48c2b9cbf0728c53ba121a82f52d6365ff203b02c074528c59a49843dd5cd36ce48d9ed8513e383a84e436714bf5d49ab0247f4567ab52f84c8f43d6020d56cb20b8d6a13f35ae9adfe01f0e0a20f55"}, {0xc}, {0xc}}}, @m_nat={0x2c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_nat={0x178, 0x5, 0x0, 0x0, {{0x8}, {0x11c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x1ff, 0x9, 0x0, 0x49ef, 0x3}, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x2d}, 0xff0000ff}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0x7, 0x8, 0x2, 0x400}, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010101}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x6, 0x7}, @empty, @local}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x800, 0x0, 0x3, 0x1, 0x6}, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0xff, 0x3}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x4, 0xff, 0x3, 0x6, 0xfff}, @multicast1, @dev={0xac, 0x14, 0x14, 0xd}, 0xff000000, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x2, 0x2, 0xffffffffffffffff, 0x1, 0xfffff801}, @empty, @rand_addr=0x64010102, 0x0, 0x1}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x10, 0xa, 0x4, 0x7, 0x8}, @rand_addr=0x64010100, @empty, 0xff000000}}]}, {0x38, 0x6, "e2883ae87628213290090c46b292c413a043be8ba770cca01fa20097bd83cfc23612ac5340e4298ab5302946d49634d3b4030ae1"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x428}}, 0x0) r0 = socket$inet6(0xa, 0x80002, 0x0) syz_io_uring_setup(0x24fc, &(0x7f0000002280)={0x0, 0x0, 0x0, 0x8}, 0x0, 0x0) syz_open_dev$video(&(0x7f00000000c0), 0x0, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x7fff, 0x2) syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0) pselect6(0x40, &(0x7f0000000000)={0xfc}, 0x0, 0x0, 0x0, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000340)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000100)={r2}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000200)={0x0}) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)=ANY=[@ANYBLOB, @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',groupwid=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) read$FUSE(r4, &(0x7f0000000200)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r4, &(0x7f0000002300)={0x50, 0x0, r5, {0x7, 0x9}}, 0x50) read$FUSE(r4, &(0x7f0000004580)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INTERRUPT(r4, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r6}, 0x10) r7 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) dup3(r7, r4, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x9, 0x6, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0xb02, 0x0, 0x0, 0x0, 0x4}, [@jmp={0x5, 0x1, 0xd, 0x3, 0xa, 0x0, 0x10}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}]}, 0x0, 0x7f, 0x91, &(0x7f0000000880)=""/145, 0x41100, 0x10, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x8, 0x4}, 0x8, 0x10, &(0x7f00000005c0)={0x5, 0x2, 0x7, 0xfffffffd}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000006c0)=[0x1, 0x1, 0xffffffffffffffff, 0x1, 0x1, r0, 0x1], 0x0, 0x10, 0x5}, 0x90) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000b00)={@map=0x1, 0x6, 0x0, 0xc, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x9, 0x0, &(0x7f0000000780)=[0x0], &(0x7f0000000940)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000ac0)=[0x0], 0x0}, 0x40) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000b40)={@cgroup, r7, 0x54, 0x4, 0x0, @prog_fd=r8, r9}, 0x20) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000180)={r3, 0x3, r1, 0x6}) r10 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x2, r10, 0x0, 0x1000002, 0x0) r11 = socket(0x10, 0x803, 0x0) sendto(r11, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r11, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x14c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 4.001753876s ago: executing program 1 (id=1646): syz_emit_ethernet(0x4e, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6006000000182b00fc010900070000000000000000000000fe800000faffffff00aa8700000000000000000000000010907802000000000000000000000000001b52b15d92c700ffb1068c995745b5520151e4316fccef0faaf4bd5a033e0a4c06e4f07ca51e0a0b59db9a3fd56c9733f9d38f6bb796107c2b032c5b076121a7500f13b44a731f0707bcfe857206b6db50dbfde43d5bcdfed02396bf1e07adbe990ba8251ac85000f0d1110140bb2c9593afb44c892813cf02b2833a447c60df021a42f9bebe7a14d41ebd7b0bbfdab83a297013bb4cc5718d717377de06d271722c0441f134bf125c3034777fe9e409f07f2f7d64b7a2b563727b30fb984a0ff9719794e59b88524db7463d6a8d60f6c2e5"], 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$l2tp6(0xa, 0x2, 0x73) socket$inet_sctp(0x2, 0x1, 0x84) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)) r0 = socket(0x2, 0x2, 0x0) r1 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x0) ioctl$NBD_SET_SOCK(r1, 0xab00, r0) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000d40), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r2, 0x40085112, &(0x7f0000000d80)=@e={0xff, 0xa, 0x0, 0x0, @SEQ_NOTEON=@special}) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000300)="c99bfa0018", 0x5) recvmmsg(0xffffffffffffffff, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000003980)=""/4098, 0x1002}], 0x1}}], 0x1, 0x0, 0x0) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)=ANY=[], 0x1034}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) shmat(0x0, &(0x7f0000ffd000/0x3000)=nil, 0x7000) r5 = syz_open_procfs(0x0, &(0x7f0000001880)='numa_maps\x00') pread64(r5, &(0x7f0000000880)=""/4096, 0x1000, 0x0) r6 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, &(0x7f0000000180)={{0x3, 0x0, 0x0, 0x3}}) read(r6, 0x0, 0x0) bind$l2tp6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x65) connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0xfffffffc, @remote, 0xa}, 0x20) socket$l2tp6(0xa, 0x2, 0x73) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)) 2.979003655s ago: executing program 0 (id=1647): syz_genetlink_get_family_id$tipc2(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="0103000000000000000007000000"], 0x14}, 0x1, 0x0, 0x0, 0x2000c804}, 0x0) syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f00000001c0)={0x1, @pix={0x0, 0x2, 0x0, 0x0, 0xfffffffa, 0xd9, 0x7, 0x4, 0x0, 0x0, 0x1}}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r1}, 0x10) socket$inet6(0xa, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) syz_emit_vhci(0x0, 0x1d) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) getrusage(0x0, &(0x7f0000000640)) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0x58, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000540)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x14}, @in6=@dev={0xfe, 0x80, '\x00', 0x17}, 0x4e24, 0x4, 0x4e22, 0x0, 0x2, 0x0, 0xa0, 0x6, r2, 0xffffffffffffffff}, {0x7c, 0x1, 0x7, 0xbe3, 0x0, 0x0, 0x9, 0x9}, {0x7fff, 0x1, 0x400, 0x5}, 0xe, 0x6e6bb1, 0x2, 0x1, 0x3}, {{@in6=@empty, 0x4d6, 0xf}, 0xa, @in=@private=0xa010102, 0x3504, 0x4, 0x2, 0x80, 0x3, 0x0, 0x7}}, 0xe4) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$SO_BINDTODEVICE_wg(r3, 0x1, 0x19, &(0x7f0000000080)='wg2\x00', 0x4) connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) setsockopt$inet_int(r3, 0x0, 0x1, &(0x7f00000009c0)=0x1234, 0x4) setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xd2, 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000001280)=""/64, 0x40}, {&(0x7f0000000080)=""/64, 0x40}], 0x2, 0x800000, 0x0) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000380)=ANY=[@ANYBLOB="0b00000000000000090000000000000005000000010000000100000002000000000000007f000000000200008000"/84]) syz_genetlink_get_family_id$l2tp(&(0x7f0000000480), 0xffffffffffffffff) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f0000000040)=0x3) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) 2.978798237s ago: executing program 2 (id=1648): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x1, 0x2, 0x2, 0x1901, 0x1, 0x1adf, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x2, 0x3}, 0x48) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x324) r2 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'}) sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) r3 = userfaultfd(0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000040)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_WRITEPROTECT(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2}) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000400)={&(0x7f0000b36000/0x12000)=nil, &(0x7f0000841000/0x4000)=nil, 0x12000}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$UFFDIO_CONTINUE(r4, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1}) syz_io_uring_setup(0x6866, &(0x7f00000003c0)={0x0, 0x0, 0x2000}, &(0x7f0000000080), &(0x7f0000000140)) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) syz_open_procfs$userns(0x0, &(0x7f00000002c0)) userfaultfd(0x80001) 2.098682348s ago: executing program 1 (id=1649): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000580)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000500)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f00000005c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0, r1}}, 0x20) 1.840009971s ago: executing program 1 (id=1651): r0 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r0, &(0x7f0000000080), 0xc) read(r0, &(0x7f00000001c0)=""/149, 0x95) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc) write$binfmt_script(r1, 0x0, 0x0) 1.749301175s ago: executing program 0 (id=1652): pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') r3 = memfd_create(&(0x7f00000002c0)='D\xa3\xd5Wj\x00\x00\x8b\x14\xc2\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x9b\x12\x0eW\xcf\t\xb0\xa9 +H/\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2y\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xde\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4\x86\xd4\xc9\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg(\x03\xa7\x92\xe5\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xf8A\xaf\\\xaa\xf5u\xde\xfa\xa1\xc0\xf9&gR\x81.\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\b\x00'/244, 0x0) write(r3, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0) r4 = dup3(r2, r3, 0x0) fchdir(r4) r5 = inotify_init1(0x0) inotify_add_watch(r5, &(0x7f0000000040)='.\x00', 0x80000200) sendfile(r0, r1, 0x0, 0x10ffff) ioctl$TCSETS(r1, 0x5412, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "fe94b89fc43c3328eae0cae1f5eba329e6f216"}) 1.573996603s ago: executing program 0 (id=1653): openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)=ANY=[@ANYBLOB, @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(0xffffffffffffffff, 0x0, 0x0) r0 = inotify_init() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xffffffffffffff16) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, 0x40, 0x9, 0x0, 0x0, {0x2}, [@typed={0x8, 0x2, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prctl$PR_SET_DUMPABLE(0x4, 0x6) sendmsg$nl_netfilter(0xffffffffffffffff, 0x0, 0x0) request_key(0x0, 0x0, &(0x7f0000000280)=',\x00', 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r4, &(0x7f000001a240)=""/102400, 0x19000, 0x100008) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r5, 0x0, 0x0) setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f0000000140), 0x4) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x208) umount2(&(0x7f0000000000)='./file0\x00', 0x0) openat$vcsu(0xffffff9c, &(0x7f0000000080), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, 0x0) 1.519407072s ago: executing program 1 (id=1654): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) timer_create(0x3, &(0x7f0000000040)={0x0, 0x2e, 0x6, @thr={&(0x7f0000000300)="c6f670f200c25293c9f397627a68f362e6e00ef17e2b2628627c463f14bd0a0c064e8e649ea7947216642fe4bad5048da6e05baf814c462095a3ebed081f72c906479b399f3b49e45eaa05bbfc07dba4916d1897733dd35dc254a37b3d1146d5fd7eb8b019e9676979", &(0x7f0000000400)="389b6edfd2cd9ae37ad59c0dc82d6dddd23fe2c7cd9df5b1cc5fc7bc077daf350509259376cede2004dc6601862fd0c314d53a1a33343d33e495ceb9432345a56265cb24effa0cccbc8195a4fedca6a19d619aed3d86188fac3d3b31079a80f966f827f3dd6bf8667055cea9fc5bfc8df27d0a199d5e34936faf6764caf5f4a3de7cd62de39aafd52f51d722cbf1adda2c93801851fe316a861c0fd0d59f5d6e0ff0e662352e92d22f7394786f9e2db6d3af719cd8cf1cb38a288726b2eacddf72ef01f2175148d3073e98ea1b37206230384ac0c9a868dbba104b3701d1e00bdbc29a750c564ea33259982f3978d6577a76cd8ee8ba28335b66d87f9067dc1904f38a1c939a286235f16d3ffbb6e629d3f1e231518ccb12fd576da19c24f0f9deb881dc6654fc03e4789a1899a67b4ca17e610bdea801b5a5ffeb159a01b890a7981dc308a21ad9026f027128cbaafc9c1af6c1047103463612159584d2dbeca20d8dfd301d0e9cd0f3355710a71570f93e8c1d2db7140bf2027e9952cb6ed5fad7b626043575e78f4bba7d71dfc3ba994e6fd6f0362e79c9c6b3528abf5394ba3b84fe43782794e6cd5b248de0ab63bc9d55850acaa1a8375e574f4d732bd4962f5ff3e91ef0b25775168f4624b4d3260e29a12d6136a67e0dfa94f1f7dcb1cf48d0befe9c062b2f5e8b884947a7de899472b45f74c0c727d9c21e0afc51f88d200761626df8d98bdb062cb864f21e7789ea06f51bf32809c761b35a8734f5365023d24827afda67051dabceac638e0512a7e63b4d9d692972dcffea3bf076634c7a7bc9f01d9153f3314a11ab5ab60e30c8de317fb1df1eb06c00d06b3ae3970afac98e9e557d1bd31fddc2f2b0ad2b84d55b9b26cfdafc97b03cd5bfdc1b7a1fd203ec0cd719e7590305c9228e82ab35f1e95a4168597d5e04fda1b685251f64735fd1fd02eafa5e6bb22e3060f1f65528c2855c07d3d121fe63bf0ed9125ce49133f1023011fd050753aa49011e51a148fc511db15f62bfd9e0843ac79250fc3c0d3bdc3665f7552fc6859fd109454f6021bc2f078d473e2e6128a6b5b7ce6ff6a8e3f146ef3bbb5131bc38b325a8ffbde0317f2083021201b8178643640e797b01583deffb67a2b17ceb7ae9642e8111ec7ab1026aeab23c1e7dafb73f50a088b43c8af1d0c2c2a11577c1926bec31da6336f12479f82b72c2b2edc55eaa994d5c7959e2e7d18cf067b6b7950ed4793c4c555ab153d48974bc01b3ec8f66ad613bb09729b35296b049e2500c7e99db2ab0abeec17c18d36f9e0781b3361ac8f8fa8c751a6bc87fcf2dc84bb32140162677d0d54338fc0ff4ef850a1d02fe845358df93f8d7c707790f0ad57fd350e801beea060e23147c9f5a1f191efcf508c84c32c70541ab1c3c4ac048f460e1bfd32c436a56ff2caba8ba85d9338b44ca4ea499e3c3ee5aa363bc41d40a725424f5007284997e4d930b9ea5e80c4a5407f2a6fe213178f818a148ddcb5a6973371aa8628ee46d086236a273c72cb9adfe3f0f8981dc31c8763b8565258e41d3c355e728fd5118a984e0ac12c9ba1f8cf4933dd02fcbaf54fe582b26a40c3de8949f43776c82ecae323f4aefebadcc5ff74c857404341858f23443686541f2a10e939d894d0153252e969a84d3c770ca1457f4a1c97f146f4a1d804a6137c267e3a729793d54391b3580a098032f4b2c3bdfb51525525e0b1cecb7e235b74986d3dfee7eae6df46f77434fcfe6f0f9f222eceecac11ff57d1881687cad9bca32e7f1228e9b21829fb019dd01456e14c5551ea4294555505e975ed7ebe6ca29e16c8cd300a1b79510590623ca1be66656e557e603a296978455e7b6e8a6065deb9d0343c4b0819337d2f92682a45eaa66af44568599f4dcc33828bc4244d071090d1ffc3f900e2470f7d7642c1bdc5cb1ca6b38d86fec8dd4fab69de4c5ee621e49d4c4bcf1b2cec156b670b169091ab66396f7816768e98e5fae2ac4d950db4d70e4c636776f1fca9411b1f320a4929329c2d0277b1ec415c7440d5c163fb4a1a5788de5c5427740e20ccf6e10c0e25bb43f20835c2426c50b9d37582e1204c46987350fc67827e780d8ee6acec41df7e80f8f86a862c08b20c026a0dc648ad51dd397dc8b3e37c9ecb689e930e3b6922ae17d98a906ea026fdde229b567ae2aecccee796c7e52605387e3e108e8c9ad34c56b67f8797f9c896810f849ee374f58a341ec11c5aa1323af06cf07a3fc65b3ea360acaf22cb0731db96f77053f6a39db87c1db9920876bf2ae9675d0143b58b2b9e0027e68c8d4b41838368d3181a6cadebd72ed3920df995b85f00f436911f0d3e6ee69aae7639e933c0bd27c51d10cf98665d4704bc40222f2f092fdd98c7f6d4813a93795061976d681617756e810eacd7994c849f67356d71636cba934e249bdb1759775980d32747a4da876faf7b78d0548d25805558c2205fa71fb11eefc3a44dfd01a1cc44153acc0662c8a8599dd87fb87ef21bb44fa674c2f9e2c1174615c9fae82e66d01ea21f24a9a39545bbbece3211f820f75e5590093ea0aa1e214cccb8a6e4c0a6a1998526f9d8d23441ad4ede9f6e0d938f7e842e05a3b466e030b0742c2958c2bb36bd1d5e357d678d12c4c92dcc9511effdd8bcb9489dd05cd162cf8b8e542de94619fb281c72bb25a98988ec2cef87e341f9de416d88cce80530a718e079582028b4dfae06d54b4846782a07de08a21389ab5382b962791927a4197a974814467c2629b0bf989befd5638192f6d6a4692b3de1241c220e959b90669c3ff93571bc67855157ef99e3b6f7f36ee2c09be9c7d95040c0df2781ef5efd63207301a6673e147e1dfd72573a963a9642bceb761f73e538fee5bac15fb4b114e332f175b391ceed417baf63aa3d3df908eb6db11ab034dffda5ad7b7df13a82dbdba67a4f75dc5fd723fb1a98cf4b30b473a7439deb64957ad1caaec7c957809b70679145c7218fd2dd322f94143d02f791e765c972263ffc5d56e22d7164f01b9ab7bd3668cb5b7617857724b688c4b40c923e77d2a4ce7463392abd31734182adff1c72256ed3cba1a78e046fe1d953d0e6589a588b3adcaa35f7e769332149a9af9983eda2072071ee86d2c9bc8039c2317ba38d79ef3beb369c17cbf00eee386a37c1fe45fb80ca0de5b46f327485c5b18472a09e2660551df8da41a679a8dc045ca6ff9e7d5180678def3663b9a342a220bf870bad4614d20391ce1f9b07ea1a539c36f953ca0d82926a9c49407c189062d9204c523b66077a8af3b49789ec12a565f547a48f791e7ddffb26bae824add6d9e6959d6eb6e7af5885c0ed0cf898d20fa44e2d4dd46fa32e7048499c4fc01e1618b11440fa2347f98efc5b79c7a09974ee2bc9d5420905b05f836d2112f91d5d4fa76c059448c243ed6d7d855abe2bc39ecc7da0b8b4e6798bc0d14f163d6d90a02b12982291d84e789c1b32169c1d05b7a6b0b8443748bcb096ffc66b899d723096fa9500debff992454ae457ab77859ea58661f710d01590a81cfe762bac31a04fb3845db203165b8822fdede5da49525ea4fbbbad5460f45974825aff8e080a8257dfdaa99f31f8b0faf1c7991e46d947cb45d1f4b76713611661bc4345817d6b1575d8931e32c1387949a19a5cca6e719431c559be727e62a75815d5da8eb6360883b70b0ddccd5e472de9db0504ee54b39ae11e1235932c1399e87ea855f4dd4d0308a5cf57df953b8c8db573afd4f5f28ff06dcd8527880546d788cb49b9ce196f72cd8706eae26f38c78d3893399f7e8ff0aee1818f1e11f13cae4c173834474f6b577cbfc10c6c51b6b77324c2200dffda5225fc7b7b83ad198c559f2be7a31e0f2654ca21b0a29a8e28c0063d9c1d021a77f3767256f9578696134a2a6d29f9ab21ce1188d23abafd82adc190740b552bebb6730834ebf3d4468022c49d3b4f31b394cd9425a31e21f4736baa01a2d9ce617c68ee88eacd33333cabc0c883a67c6e1c7357224f5edbe41543c778ebef73be578d6535ce3efb361cfd5894e1f95fce240018f81b735c727cda2d339788eb34ea4430770199c00a8a9c109baac87ce4afd0452e33fdb44c0aef4f48974a959b006ba12001541ce09ea3fc373168977ae8b149cf01e1598cfeb0816e4d828df09d722d95ca83e69e671f28c6fe35679ff777527c2b0a8a1eade06555722bbf0e75fd081aa8ac11c4cd8bd5e670f813124bb4f8c6f55b5db30143baf5ccf51714d6a45d8ee1b5839b761fada991a15adcbbd0e3efec5405b259b216a80dd2ae81ab59e26a2150e85b134dfcb30c2de7042a2f0f1377029fe14c37d985457f868a60555493fc1ea7cf66b3f29496a3a88e5b0eae397d3268aab8db51572a7ab75c83ad2b6420b57a7815b5837afd499186d4b3158823bc24c57f7f4c0d90ad96b42f28598d7a6662ea7a775c750362228a76e2f53b78c922ee5153d3ebd17ccd244bc3316b9fe04109cd884a64be7feda3cdd1941a79b2ee69ab0d25907906b245ed6723e12727b7341ba4f699e1f48d9bdd5ad064c3a45eeba34573dc61ef4389d59aa3661603893264a2cda2688ac18e665582339726519564a281d8766165e0a7733d0e1dccd418fcbb01c4654fb2ae1bc186bcc7a942cc2eafaf2c2992503c6e4afef5e118f251c981e66df7792a2b417c664ebbd8086b8fe57e0aa2e6801d00a5aa92b0908ef570782f8c935495db448206072e7a3777d5a4400fa6a12b9bf4dd65a790f3d88bf4e3487b40c5ac857e1c8f662f1e381849b6398ed0292547f9dcf7f18bf7f2b4f8440c775cc2512b71c35e0c9b9c6ae6462478ff4ec1d3aee3656bdff8abfc6f8a122c57825dead997a2f580ba6bd4564d95013644322e35313307525964e90b6703920789c8c4e645f65f3f6473aa240e38e88e12dd3977d00dd1e1fe93bee977b3e12ea4dec3f35a2ab8d753ca5f8411b3fb64fcfe15d1ea07859387b416f03960d9b3310ddc4ea1f1324eff6759c2c98e294f46e330402049674130ae47a9eb5776ad51913257b3b0b71a006b37a0322ee76889b677a01859870efadd9cc5f765dbff02b5f8cbc2097c9fee0e4380392b7dec71ba797c8f9210e7ccb215bd87734de1b0f18de77ce8cd420b96a6223e1b8b464dff5747ef5076a0b717795b66366945bcc73d5f6708e06ef41be94eecd1c951f6d34cb170d6674a2b336bd19a48b91fa2f7402ead919ee9126156b54aeb6946d249aa6e86c317264624e3ea1bc11ffe7fd5b8f2f856bb3b0e8e3a687ab30122a5208cf41eaf73c9a5d76e24ab5abdebf04567a05ac5495aab2182004d5b9fc29b61f31fb69b8658c7a4c41d1c5c28b9d4daa1d3a37e21ff46762dc1fd5f0152b9f353c9a5c5e25976a69b6577b0180b43d48f0dab00ae2af59f99faff6f33e89ca51b07e25716cd2d899dac430fd15fe35b34edf5aa8d1e355c630168793e525068a6a04f0f078a6cb227404b3affd32c2458853e064ed8911f7e446d36af7774013dec227bdeae6afdf87fb4247982bf781aa8b445af3278bf82f940e4311c2c3cd43df5119ba0ff831169b71c5e6cb68cbe914386dd95b452ab3175ea586fc0ce8344fc13492fdceaed5b988356ba0c7edf287b062946348e4d2da0454fe02"}}, &(0x7f0000000100)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000032680)=""/102376, 0x18fe8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='virtiofs\x00', 0x0, 0x0) syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000013c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x90) sendmsg$inet6(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0xa, 0x4e23, 0x7, @ipv4={'\x00', '\xff\xff', @multicast2}, 0xb1}, 0x1c, &(0x7f0000000280)=[{&(0x7f0000000200)="bdcf5722ba942a31e139d8f8d79984f586440ad354177c8882da6be77b8278", 0x1f}], 0x1, &(0x7f0000000680)=[@rthdr_2292={{0x64, 0x29, 0x39, {0xff, 0xa, 0x0, 0x9, 0x0, [@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @remote, @remote, @mcast2, @local]}}}, @dontfrag={{0x10}}, @rthdrdstopts={{0x3c, 0x29, 0x37, {0x4, 0x4, '\x00', [@padn={0x1, 0x2, [0x0, 0x0]}, @pad1, @pad1, @generic={0x18}, @pad1, @calipso={0x7, 0x10, {0x0, 0x2, 0xf7, 0xbac, [0x9]}}]}}}, @rthdr={{0x74, 0x29, 0x39, {0x87, 0xc, 0x0, 0xf2, 0x0, [@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, @mcast1, @remote, @mcast1, @mcast1]}}}, @tclass={{0x10}}, @tclass={{0x10, 0x29, 0x43, 0x1}}, @hopopts={{0x24, 0x29, 0x36, {0x3c, 0x1, '\x00', [@ra={0x5, 0x2, 0x8}, @enc_lim={0x4, 0x1, 0xff}, @ra={0x5, 0x2, 0xd}]}}}, @dstopts={{0x14}}], 0x17c}, 0x4000) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}}) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30) read$FUSE(r4, &(0x7f00000021c0)={0x2020}, 0x2020) umount2(&(0x7f00000001c0)='./file0\x00', 0x0) write$FUSE_NOTIFY_DELETE(r4, &(0x7f0000000400)={0x36, 0x6, 0x0, {0x0, 0x0, 0xd, 0x0, 'dont_appraise'}}, 0x36) 999.853307ms ago: executing program 3 (id=1656): r0 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = socket$nl_rdma(0x10, 0x3, 0x14) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r2}, 0x10) r3 = fcntl$dupfd(r0, 0x0, r1) prlimit64(0x0, 0x7, &(0x7f00000003c0), 0x0) ioctl$TFD_IOC_SET_TICKS(r3, 0x40085400, &(0x7f0000000000)=0x25bb) 739.910748ms ago: executing program 3 (id=1657): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000690bb74108000300", @ANYRES32=r2], 0x24}}, 0x0) 573.145157ms ago: executing program 3 (id=1658): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000140), &(0x7f0000000180)=0x8) 296.795645ms ago: executing program 3 (id=1659): r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f30280c00"}}) 149.988437ms ago: executing program 3 (id=1660): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWCHAIN={0x28, 0x3, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_USERDATA={0x5, 0x3, "91"}]}], {0x14}}, 0x50}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aa4010000080a010400000000000000000200000a08000540fffffffe0b00070066696c74657200000900010073797a30"], 0x384}}, 0x0) 0s ago: executing program 3 (id=1661): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) gettid() mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0x4, 0xc}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r1}, 0x10) futex(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) pipe2$9p(&(0x7f0000001900), 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000007c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@restrict]}}, 0x0, 0x26}, 0x20) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffe, 0x0) dup(0xffffffffffffffff) mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$LOOP_GET_STATUS(0xffffffffffffffff, 0x4c03, 0x0) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) kernel console output (not intermixed with test programs): value: 3 [ 211.307457][ T833] usb 7-1: New USB device found, idVendor=5752, idProduct=75b9, bcdDevice=ae.00 [ 211.311364][ T833] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 211.320992][ T833] usb 7-1: Product: syz [ 211.322911][ T833] usb 7-1: Manufacturer: syz [ 211.327605][ T833] usb 7-1: SerialNumber: syz [ 211.363208][ T833] usb 7-1: config 0 descriptor?? [ 211.376549][ T833] usb-storage 7-1:0.0: USB Mass Storage device detected [ 211.639045][ T25] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 211.884133][ T25] usb 8-1: Using ep0 maxpacket: 8 [ 211.895263][ T25] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 211.901067][ T25] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 211.914027][ T25] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 211.918910][ T25] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 211.934956][ T25] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 211.941413][ T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 212.182043][ T4771] Bluetooth: hci3: unexpected event 0x06 length: 23 > 3 [ 212.738822][ T1289] usb 7-1: USB disconnect, device number 8 [ 214.214816][ T25] usb 8-1: usb_control_msg returned -71 [ 214.218670][ T25] usbtmc 8-1:16.0: can't read capabilities [ 214.237069][ T25] usb 8-1: USB disconnect, device number 12 [ 215.071135][ T8292] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 215.384404][ T1289] usb 7-1: new low-speed USB device number 9 using dummy_hcd [ 215.449204][ T4771] Bluetooth: hci3: unexpected event 0x08 length: 78 > 4 [ 215.475009][ T39] kauditd_printk_skb: 10 callbacks suppressed [ 215.475109][ T39] audit: type=1326 audit(1723027613.504:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8294 comm="syz.3.939" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 215.529780][ T39] audit: type=1326 audit(1723027613.504:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8294 comm="syz.3.939" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 215.554181][ T39] audit: type=1326 audit(1723027613.514:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8294 comm="syz.3.939" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 215.563672][ T39] audit: type=1326 audit(1723027613.514:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8294 comm="syz.3.939" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 215.581207][ T1289] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 215.583512][ T39] audit: type=1326 audit(1723027613.514:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8294 comm="syz.3.939" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 215.594766][ T39] audit: type=1326 audit(1723027613.554:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8294 comm="syz.3.939" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 215.601144][ T1289] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 215.603660][ T39] audit: type=1326 audit(1723027613.554:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8294 comm="syz.3.939" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 215.619589][ T39] audit: type=1326 audit(1723027613.554:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8294 comm="syz.3.939" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 215.624073][ T1289] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 215.629575][ T39] audit: type=1326 audit(1723027613.554:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8294 comm="syz.3.939" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 215.643689][ T39] audit: type=1326 audit(1723027613.554:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8294 comm="syz.3.939" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f62579 code=0x7ffc0000 [ 215.645449][ T1289] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 215.663842][ T1289] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 215.686573][ T1289] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 215.690807][ T1289] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 215.702138][ T1289] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 215.705085][ C2] vxcan0: j1939_tp_rxtimer: 0xffff88802b8d2400: rx timeout, send abort [ 215.708156][ T1289] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 215.710718][ C2] vxcan0: j1939_xtp_rx_abort_one: 0xffff88802b8d2400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 215.719018][ T1289] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 215.739097][ T1289] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 215.742664][ T1289] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 215.749810][ T1289] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 215.758103][ T1289] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 215.763357][ T1289] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 215.794874][ T1289] usb 7-1: string descriptor 0 read error: -22 [ 215.801829][ T1289] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 215.806052][ T1289] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 215.842285][ T1289] adutux 7-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 215.985877][ T8301] netlink: 105120 bytes leftover after parsing attributes in process `syz.0.942'. [ 216.098904][ T8305] tracefs: Unknown parameter '0x0000000000000000' [ 216.244493][ T9] usb 7-1: USB disconnect, device number 9 [ 216.304493][ T5405] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 216.531635][ T5405] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 216.536612][ T5405] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 216.544394][ T5405] usb 5-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00 [ 216.548409][ T5405] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.572597][ T5405] usb 5-1: config 0 descriptor?? [ 217.007476][ T5405] usbhid 5-1:0.0: can't add hid device: -71 [ 217.014301][ T5405] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 217.030775][ T5405] usb 5-1: USB disconnect, device number 10 [ 217.037982][ T8314] nbd1: detected capacity change from 0 to 12 [ 217.041618][ T7807] block nbd1: Send control failed (result -89) [ 217.051267][ T7807] block nbd1: Request send failed, requeueing [ 217.057102][ T52] block nbd1: Dead connection, failed to find a fallback [ 217.057365][ T4771] block nbd1: Receive control failed (result -32) [ 217.061284][ T52] block nbd1: shutting down sockets [ 217.067271][ T52] blk_print_req_error: 40 callbacks suppressed [ 217.067283][ T52] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 217.074751][ T52] buffer_io_error: 40 callbacks suppressed [ 217.074762][ T52] Buffer I/O error on dev nbd1, logical block 0, async page read [ 217.085408][ T7807] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 217.089481][ T7807] Buffer I/O error on dev nbd1, logical block 0, async page read [ 217.103533][ T7807] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 217.111976][ T7807] Buffer I/O error on dev nbd1, logical block 0, async page read [ 217.124114][ T7807] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 217.130407][ T7807] Buffer I/O error on dev nbd1, logical block 0, async page read [ 217.136447][ T8315] block nbd1: NBD_DISCONNECT [ 217.138761][ T8315] block nbd1: Send disconnect failed -89 [ 217.144195][ T7807] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 217.148718][ T7807] Buffer I/O error on dev nbd1, logical block 0, async page read [ 217.152436][ T7807] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 217.168691][ T7807] Buffer I/O error on dev nbd1, logical block 0, async page read [ 217.172476][ T7807] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 217.182911][ T7807] Buffer I/O error on dev nbd1, logical block 0, async page read [ 217.194123][ T7807] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 217.198341][ T7807] Buffer I/O error on dev nbd1, logical block 0, async page read [ 217.208472][ T7807] ldm_validate_partition_table(): Disk read failed. [ 217.211817][ T7807] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 217.237755][ T7807] Buffer I/O error on dev nbd1, logical block 0, async page read [ 217.241615][ T7807] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 217.246740][ T7807] Buffer I/O error on dev nbd1, logical block 0, async page read [ 217.250361][ T7807] Dev nbd1: unable to read RDB block 0 [ 217.253224][ T7807] nbd1: unable to read partition table [ 217.260943][ T7807] nbd1: partition table beyond EOD, truncated [ 217.267132][ T7807] ldm_validate_partition_table(): Disk read failed. [ 217.270318][ T7807] Dev nbd1: unable to read RDB block 0 [ 217.273008][ T7807] nbd1: unable to read partition table [ 217.284940][ T7807] nbd1: partition table beyond EOD, truncated [ 217.300921][ T8311] ldm_validate_partition_table(): Disk read failed. [ 217.353821][ T8311] Dev nbd1: unable to read RDB block 0 [ 217.378222][ T8311] nbd1: unable to read partition table [ 217.388331][ T8311] nbd1: partition table beyond EOD, truncated [ 217.610695][ T8321] netlink: 24 bytes leftover after parsing attributes in process `syz.0.950'. [ 217.903184][ T8325] mkiss: ax0: crc mode is auto. [ 218.627941][ T8345] syz.0.957: attempt to access beyond end of device [ 218.627941][ T8345] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 219.144431][ T8354] CIFS mount error: No usable UNC path provided in device string! [ 219.144431][ T8354] [ 219.149292][ T8354] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 219.424040][ T8358] nbd3: detected capacity change from 0 to 12 [ 219.427157][ T8361] block nbd3: NBD_DISCONNECT [ 219.428473][ T7793] block nbd3: Send control failed (result -89) [ 219.433114][ T7793] block nbd3: Request send failed, requeueing [ 219.455461][ T7793] block nbd3: Disconnected due to user request. [ 219.470169][ T8361] block nbd3: Send disconnect failed -89 [ 219.481327][ T7793] ldm_validate_partition_table(): Disk read failed. [ 219.484741][ T7793] Dev nbd3: unable to read RDB block 0 [ 219.487547][ T7793] nbd3: unable to read partition table [ 219.490145][ T7793] nbd3: partition table beyond EOD, truncated [ 219.507044][ T8358] ldm_validate_partition_table(): Disk read failed. [ 219.510425][ T8358] Dev nbd3: unable to read RDB block 0 [ 219.513174][ T8358] nbd3: unable to read partition table [ 219.556101][ T8358] nbd3: partition table beyond EOD, truncated [ 219.565534][ T7793] ldm_validate_partition_table(): Disk read failed. [ 219.568788][ T7793] Dev nbd3: unable to read RDB block 0 [ 219.571693][ T7793] nbd3: unable to read partition table [ 219.584473][ T7793] nbd3: partition table beyond EOD, truncated [ 220.657071][ T8389] netlink: 8 bytes leftover after parsing attributes in process `syz.2.967'. [ 220.670965][ T8389] netlink: 4 bytes leftover after parsing attributes in process `syz.2.967'. [ 220.773786][ T8396] devtmpfs: Cannot enable quota on remount [ 221.264088][ T8407] nbd0: detected capacity change from 0 to 12 [ 221.279000][ T7793] block nbd0: Send control failed (result -89) [ 221.281631][ T7793] block nbd0: Request send failed, requeueing [ 221.288800][ T4771] block nbd0: Receive control failed (result -32) [ 221.289241][ T8413] block nbd0: NBD_DISCONNECT [ 221.292201][ T6966] block nbd0: Dead connection, failed to find a fallback [ 221.296614][ T6966] block nbd0: shutting down sockets [ 221.302339][ T7793] ldm_validate_partition_table(): Disk read failed. [ 221.314318][ T7793] Dev nbd0: unable to read RDB block 0 [ 221.316862][ T7793] nbd0: unable to read partition table [ 221.319437][ T7793] nbd0: partition table beyond EOD, truncated [ 221.325307][ T8413] block nbd0: Send disconnect failed -89 [ 221.330364][ T7793] ldm_validate_partition_table(): Disk read failed. [ 221.333263][ T7793] Dev nbd0: unable to read RDB block 0 [ 221.338059][ T7793] nbd0: unable to read partition table [ 221.341314][ T7793] nbd0: partition table beyond EOD, truncated [ 221.449916][ T8403] ldm_validate_partition_table(): Disk read failed. [ 221.452865][ T8403] Dev nbd0: unable to read RDB block 0 [ 221.456967][ T8403] nbd0: unable to read partition table [ 221.459776][ T8403] nbd0: partition table beyond EOD, truncated [ 222.757162][ T8434] netlink: 28 bytes leftover after parsing attributes in process `syz.3.985'. [ 222.829734][ T8433] binder: 8432:8433 ioctl c0306201 20000280 returned -14 [ 222.960319][ T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 223.075343][ T8444] netlink: 104 bytes leftover after parsing attributes in process `syz.1.989'. [ 223.102715][ T8444] netlink: 'syz.1.989': attribute type 10 has an invalid length. [ 223.143510][ T8444] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 223.179166][ T8444] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 223.234222][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 223.239844][ T9] usb 5-1: config 0 has no interfaces? [ 223.246291][ T9] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 223.250144][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 223.253634][ T9] usb 5-1: Product: syz [ 223.255688][ T9] usb 5-1: Manufacturer: syz [ 223.257581][ T9] usb 5-1: SerialNumber: syz [ 223.270886][ T9] usb 5-1: config 0 descriptor?? [ 223.392651][ T8445] nbd3: detected capacity change from 0 to 12 [ 223.404466][ T8446] block nbd3: NBD_DISCONNECT [ 223.407281][ T8446] block nbd3: Send disconnect failed -89 [ 223.410821][ T7793] block nbd3: Send control failed (result -89) [ 223.413633][ T7793] block nbd3: Request send failed, requeueing [ 223.445533][ T7793] block nbd3: Disconnected due to user request. [ 223.462933][ T122] blk_print_req_error: 140 callbacks suppressed [ 223.462947][ T122] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 223.471738][ T122] buffer_io_error: 140 callbacks suppressed [ 223.471750][ T122] Buffer I/O error on dev nbd3, logical block 0, async page read [ 223.483075][ T7793] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 223.487070][ T7793] Buffer I/O error on dev nbd3, logical block 0, async page read [ 223.491808][ T7793] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 223.496347][ T7793] Buffer I/O error on dev nbd3, logical block 0, async page read [ 223.499837][ T7793] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 223.503669][ T7793] Buffer I/O error on dev nbd3, logical block 0, async page read [ 223.507607][ T7793] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 223.511621][ T7793] Buffer I/O error on dev nbd3, logical block 0, async page read [ 223.516156][ T7793] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 223.516888][ T9] usb 5-1: USB disconnect, device number 11 [ 223.520198][ T7793] Buffer I/O error on dev nbd3, logical block 0, async page read [ 223.526483][ T7793] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 223.536015][ T7793] Buffer I/O error on dev nbd3, logical block 0, async page read [ 223.539855][ T7793] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 223.548343][ T7793] Buffer I/O error on dev nbd3, logical block 0, async page read [ 223.552170][ T7793] ldm_validate_partition_table(): Disk read failed. [ 223.555385][ T7793] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 223.560025][ T7793] Buffer I/O error on dev nbd3, logical block 0, async page read [ 223.563616][ T7793] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 223.572084][ T7793] Buffer I/O error on dev nbd3, logical block 0, async page read [ 223.576695][ T7793] Dev nbd3: unable to read RDB block 0 [ 223.579347][ T7793] nbd3: unable to read partition table [ 223.582093][ T7793] nbd3: partition table beyond EOD, truncated [ 223.594871][ T8445] ldm_validate_partition_table(): Disk read failed. [ 223.598372][ T8445] Dev nbd3: unable to read RDB block 0 [ 223.601023][ T8445] nbd3: unable to read partition table [ 223.603646][ T8445] nbd3: partition table beyond EOD, truncated [ 223.625005][ T7793] ldm_validate_partition_table(): Disk read failed. [ 223.628019][ T7793] Dev nbd3: unable to read RDB block 0 [ 223.630450][ T7793] nbd3: unable to read partition table [ 223.633690][ T7793] nbd3: partition table beyond EOD, truncated [ 223.645894][ T5393] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 223.835921][ T5393] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 223.841458][ T5393] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 223.847296][ T5393] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 223.851835][ T5393] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 223.865265][ T8448] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 223.871005][ T5393] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 224.229754][ T834] usb 6-1: USB disconnect, device number 7 [ 226.075674][ T4771] Bluetooth: hci0: unexpected event 0x08 length: 78 > 4 [ 226.283481][ T8478] can0: slcan on ttyprintk. [ 227.549288][ T8477] can0 (unregistered): slcan off ttyprintk. [ 228.600637][ T8511] netlink: 76 bytes leftover after parsing attributes in process `syz.3.999'. [ 228.643495][ T8508] ip6erspan0: entered allmulticast mode [ 230.754813][ T8544] netlink: 'syz.0.1008': attribute type 2 has an invalid length. [ 230.758464][ T8544] netlink: 105116 bytes leftover after parsing attributes in process `syz.0.1008'. [ 231.256433][ T8547] netlink: 'syz.1.1009': attribute type 4 has an invalid length. [ 231.595039][ T8547] netlink: 'syz.1.1009': attribute type 17 has an invalid length. [ 233.098637][ T8557] Bluetooth: MGMT ver 1.23 [ 234.061652][ T8564] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 234.528913][ T58] usb 5-1: new low-speed USB device number 12 using dummy_hcd [ 234.737493][ T58] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 234.741864][ T58] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 234.746873][ T58] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 234.751372][ T58] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 234.776021][ T58] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 234.845675][ T58] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 234.848882][ T58] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 234.855035][ T58] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 234.858982][ T58] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 234.863238][ T58] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 234.875733][ T58] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 234.904119][ T58] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 234.944084][ T58] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 234.948398][ T58] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 235.000308][ T58] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 235.043892][ T58] usb 5-1: string descriptor 0 read error: -22 [ 235.047176][ T58] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 235.051528][ T58] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.068225][ T58] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 235.318226][ T8583] 9pnet_fd: Insufficient options for proto=fd [ 235.440195][ T988] usb 5-1: USB disconnect, device number 12 [ 235.472873][ T11] Bluetooth: hci6: Frame reassembly failed (-84) [ 237.136757][ T8589] nbd0: detected capacity change from 0 to 12 [ 237.152006][ T7793] block nbd0: Send control failed (result -89) [ 237.154986][ T7793] block nbd0: Request send failed, requeueing [ 237.158155][ T6966] block nbd0: Dead connection, failed to find a fallback [ 237.161143][ T6966] block nbd0: shutting down sockets [ 237.163350][ T6966] blk_print_req_error: 40 callbacks suppressed [ 237.163359][ T6966] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 237.170250][ T6966] buffer_io_error: 40 callbacks suppressed [ 237.170260][ T6966] Buffer I/O error on dev nbd0, logical block 0, async page read [ 237.177607][ T7793] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 237.181841][ T7793] Buffer I/O error on dev nbd0, logical block 0, async page read [ 237.184737][ T7793] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 237.186757][ T8589] block nbd0: NBD_DISCONNECT [ 237.189389][ T7793] Buffer I/O error on dev nbd0, logical block 0, async page read [ 237.189476][ T8589] block nbd0: Send disconnect failed -89 [ 237.204576][ T7793] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 237.241355][ T7793] Buffer I/O error on dev nbd0, logical block 0, async page read [ 237.245183][ T7793] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 237.255430][ T7793] Buffer I/O error on dev nbd0, logical block 0, async page read [ 237.262289][ T7793] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 237.271422][ T7793] Buffer I/O error on dev nbd0, logical block 0, async page read [ 237.284290][ T7793] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 237.307778][ T7793] Buffer I/O error on dev nbd0, logical block 0, async page read [ 237.316066][ T7793] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 237.468696][ T7793] Buffer I/O error on dev nbd0, logical block 0, async page read [ 237.472044][ T7793] ldm_validate_partition_table(): Disk read failed. [ 237.492380][ T7793] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 237.500784][ T7793] Buffer I/O error on dev nbd0, logical block 0, async page read [ 237.540907][ T7793] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 237.544413][ T7793] Buffer I/O error on dev nbd0, logical block 0, async page read [ 237.548854][ T5351] Bluetooth: hci6: command 0x1003 tx timeout [ 237.563562][ T4771] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 237.596473][ T7793] Dev nbd0: unable to read RDB block 0 [ 237.612105][ T7793] nbd0: unable to read partition table [ 237.616360][ T7793] nbd0: partition table beyond EOD, truncated [ 237.709222][ T7793] ldm_validate_partition_table(): Disk read failed. [ 237.713642][ T7793] Dev nbd0: unable to read RDB block 0 [ 237.717713][ T7793] nbd0: unable to read partition table [ 237.721652][ T7793] nbd0: partition table beyond EOD, truncated [ 237.726780][ T8588] ldm_validate_partition_table(): Disk read failed. [ 237.736428][ T8588] Dev nbd0: unable to read RDB block 0 [ 237.739890][ T8588] nbd0: unable to read partition table [ 237.742908][ T8588] nbd0: partition table beyond EOD, truncated [ 238.537720][ T8595] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 239.278260][ T8604] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1026'. [ 239.278396][ T8604] nbd: socks must be embedded in a SOCK_ITEM attr [ 241.118507][ C0] vkms_vblank_simulate: vblank timer overrun [ 244.441791][ T5345] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 244.448111][ T5345] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 244.452578][ T5345] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 244.495419][ T5345] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 244.500434][ T5345] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 244.506126][ T5345] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 244.660462][ T8627] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1032'. [ 245.269500][ T8618] chnl_net:caif_netlink_parms(): no params data found [ 245.846811][ T8618] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.849865][ T8618] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.920257][ T8618] bridge_slave_0: entered allmulticast mode [ 245.924239][ T8618] bridge_slave_0: entered promiscuous mode [ 245.937118][ T8618] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.945077][ T8618] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.951594][ T8618] bridge_slave_1: entered allmulticast mode [ 245.965160][ T8618] bridge_slave_1: entered promiscuous mode [ 246.109430][ T8618] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 246.126772][ T8618] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 246.145056][ T4771] Bluetooth: hci5: hardware error 0x00 [ 246.182366][ T8656] usb usb8: usbfs: process 8656 (syz.0.1036) did not claim interface 0 before use [ 246.251587][ T8618] team0: Port device team_slave_0 added [ 246.289197][ T8618] team0: Port device team_slave_1 added [ 246.392986][ T8618] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 246.404300][ T8618] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 246.427742][ T8618] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 246.434797][ T8618] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 246.445448][ T8618] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 246.457897][ T8618] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 246.556381][ T8618] hsr_slave_0: entered promiscuous mode [ 246.561858][ T8618] hsr_slave_1: entered promiscuous mode [ 246.564173][ T5351] Bluetooth: hci6: command tx timeout [ 246.572991][ T8618] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 246.581840][ T8618] Cannot create hsr debugfs directory [ 247.052781][ T8618] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.181958][ T8618] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.313672][ T8618] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.472206][ T8618] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.676374][ T8618] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 247.690434][ T8618] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 247.717294][ T8618] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 247.723580][ T8618] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 247.768207][ T5351] Bluetooth: hci4: command 0x0406 tx timeout [ 247.865187][ T8618] 8021q: adding VLAN 0 to HW filter on device bond0 [ 247.897441][ T8618] 8021q: adding VLAN 0 to HW filter on device team0 [ 247.907110][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 247.910910][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 247.926299][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 247.929852][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 248.164113][ T4771] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 248.390136][ T8618] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 248.443033][ T8618] veth0_vlan: entered promiscuous mode [ 248.463592][ T8618] veth1_vlan: entered promiscuous mode [ 248.510811][ T8618] veth0_macvtap: entered promiscuous mode [ 248.519692][ T8618] veth1_macvtap: entered promiscuous mode [ 248.563151][ T8618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 248.569224][ T8618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.594082][ T8618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 248.600519][ T8618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.614036][ T8618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 248.618053][ T8618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.623421][ T8618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 248.644152][ T4771] Bluetooth: hci6: command tx timeout [ 248.644296][ T8618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.651443][ T8618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 248.674132][ T8618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.679286][ T8618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 248.704122][ T8618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.710615][ T8618] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 248.804690][ T1199] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.847857][ T8618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 248.852880][ T8618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.883718][ T8618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 248.894166][ T8618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.898773][ T8618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 248.903444][ T8618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.924000][ T8618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 248.930279][ T8618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.944172][ T8618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 248.949297][ T8618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.965023][ T8618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 248.969639][ T8618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 248.978221][ T8618] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 248.985849][ T8618] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.989645][ T8618] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.993374][ T8618] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.997271][ T8618] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.066848][ T1199] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.151203][ T5345] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 249.160557][ T5345] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 249.179628][ T5345] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 249.194769][ T5345] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 249.200064][ T1199] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.213903][ T5345] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 249.237220][ T5345] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 249.328569][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 249.332027][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 249.416807][ T1199] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 249.435956][ T1215] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 249.449244][ T1215] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 249.742756][ T1199] bridge_slave_1: left allmulticast mode [ 249.745387][ T1199] bridge_slave_1: left promiscuous mode [ 249.748299][ T1199] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.807725][ T1199] bridge_slave_0: left allmulticast mode [ 249.810961][ T1199] bridge_slave_0: left promiscuous mode [ 249.834232][ T1199] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.014439][ T39] kauditd_printk_skb: 90 callbacks suppressed [ 250.014457][ T39] audit: type=1326 audit(1723027648.054:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8684 comm="syz.3.1029" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x0 [ 250.443424][ T1199] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 250.458328][ T1199] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 250.485754][ T1199] bond0 (unregistering): Released all slaves [ 250.509882][ T1199] bond1 (unregistering): Released all slaves [ 250.724128][ T4771] Bluetooth: hci6: command tx timeout [ 250.942251][ T8686] PKCS7: Unknown OID: [4] 2.19.0.2.86.14.43(bad) [ 250.945611][ T8686] PKCS7: Only support pkcs7_signedData type [ 251.014184][ T8680] chnl_net:caif_netlink_parms(): no params data found [ 251.370066][ T4771] Bluetooth: hci5: command tx timeout [ 251.862572][ T8680] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.872027][ T8680] bridge0: port 1(bridge_slave_0) entered disabled state [ 251.881476][ T8680] bridge_slave_0: entered allmulticast mode [ 251.890821][ T8680] bridge_slave_0: entered promiscuous mode [ 252.059110][ T1199] hsr_slave_0: left promiscuous mode [ 252.108729][ T1199] hsr_slave_1: left promiscuous mode [ 252.208089][ T1199] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 252.211371][ T1199] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 252.236839][ T1199] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 252.244253][ T1199] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 252.339311][ T1199] veth1_macvtap: left promiscuous mode [ 252.342888][ T1199] veth0_macvtap: left promiscuous mode [ 252.354290][ T1199] veth1_vlan: left promiscuous mode [ 252.358418][ T1199] veth0_vlan: left promiscuous mode [ 252.804341][ T4771] Bluetooth: hci6: command tx timeout [ 253.444206][ T4771] Bluetooth: hci5: command tx timeout [ 255.524513][ T4771] Bluetooth: hci5: command tx timeout [ 256.677477][ T1199] team0 (unregistering): Port device team_slave_1 removed [ 256.973352][ T1199] team0 (unregistering): Port device team_slave_0 removed [ 257.608608][ T4771] Bluetooth: hci5: command tx timeout [ 259.176279][ T8680] bridge0: port 2(bridge_slave_1) entered blocking state [ 259.179835][ T8680] bridge0: port 2(bridge_slave_1) entered disabled state [ 259.183785][ T8680] bridge_slave_1: entered allmulticast mode [ 259.206728][ T8680] bridge_slave_1: entered promiscuous mode [ 259.448241][ T8680] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 259.596905][ T8680] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 259.899782][ T8680] team0: Port device team_slave_0 added [ 259.925154][ T8680] team0: Port device team_slave_1 added [ 260.198541][ T8680] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 260.212460][ T8680] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 260.262228][ T8680] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 260.304360][ T8680] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 260.307388][ T8680] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 260.393065][ T8680] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 260.948796][ T8680] hsr_slave_0: entered promiscuous mode [ 260.958560][ T8680] hsr_slave_1: entered promiscuous mode [ 260.973904][ T8680] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 260.984013][ T8680] Cannot create hsr debugfs directory [ 261.064631][ T1381] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.067457][ T1381] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.416061][ T8680] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 262.448365][ T8680] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 262.460727][ T8680] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 262.512486][ T8680] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 262.560792][ T5345] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 262.568971][ T5345] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 262.573118][ T5345] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 262.579167][ T5345] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 262.585007][ T5345] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 262.590499][ T5345] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 263.144181][ T8792] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 263.179320][ T8680] 8021q: adding VLAN 0 to HW filter on device bond0 [ 263.283033][ T8680] 8021q: adding VLAN 0 to HW filter on device team0 [ 263.329318][ T833] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.332708][ T833] bridge0: port 1(bridge_slave_0) entered forwarding state [ 263.343605][ T8789] chnl_net:caif_netlink_parms(): no params data found [ 263.447233][ T1289] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.450749][ T1289] bridge0: port 2(bridge_slave_1) entered forwarding state [ 263.935292][ T8789] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.939616][ T8789] bridge0: port 1(bridge_slave_0) entered disabled state [ 263.943469][ T8789] bridge_slave_0: entered allmulticast mode [ 263.975806][ T8789] bridge_slave_0: entered promiscuous mode [ 263.986799][ T8789] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.990017][ T8789] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.993366][ T8789] bridge_slave_1: entered allmulticast mode [ 264.006735][ T8789] bridge_slave_1: entered promiscuous mode [ 264.409348][ T8789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 264.432076][ T8789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 264.655603][ T4771] Bluetooth: hci7: command tx timeout [ 265.024319][ T8789] team0: Port device team_slave_0 added [ 265.130698][ T8789] team0: Port device team_slave_1 added [ 265.906894][ T8789] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 265.910501][ T8789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 265.968245][ T8789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 266.531582][ T1215] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 266.556908][ T8680] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 266.564849][ T8789] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 266.569181][ T8789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.601227][ T8789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 266.724284][ T5345] Bluetooth: hci7: command tx timeout [ 266.908423][ T1215] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.122190][ T8789] hsr_slave_0: entered promiscuous mode [ 267.164693][ T8789] hsr_slave_1: entered promiscuous mode [ 267.168816][ T8789] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 267.184293][ T8789] Cannot create hsr debugfs directory [ 267.202925][ T1215] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.397517][ T1215] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.525037][ T8680] veth0_vlan: entered promiscuous mode [ 267.533429][ T8680] veth1_vlan: entered promiscuous mode [ 267.766360][ T8680] veth0_macvtap: entered promiscuous mode [ 267.772908][ T1215] bridge_slave_1: left allmulticast mode [ 267.784032][ T1215] bridge_slave_1: left promiscuous mode [ 267.786830][ T1215] bridge0: port 2(bridge_slave_1) entered disabled state [ 267.796781][ T1215] bridge_slave_0: left allmulticast mode [ 267.799035][ T1215] bridge_slave_0: left promiscuous mode [ 267.801322][ T1215] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.246726][ T5345] Bluetooth: hci1: command 0x0406 tx timeout [ 268.653258][ T1215] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 268.697218][ T1215] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 268.721146][ T1215] bond0 (unregistering): Released all slaves [ 268.748808][ T8680] veth1_macvtap: entered promiscuous mode [ 268.804317][ T4771] Bluetooth: hci7: command tx timeout [ 269.181608][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 269.199266][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.214678][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 269.227993][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.238754][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 269.254555][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.266520][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 269.278302][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.288883][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 269.304110][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.308533][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 269.347869][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.366204][ T8680] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 269.659748][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 269.670378][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.710335][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 269.720338][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.730338][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 269.784164][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.792925][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 269.809843][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.824000][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 269.838787][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.849517][ T8680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 269.858288][ T8680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.875512][ T8680] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 269.883903][ T8680] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.892322][ T8680] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.899225][ T8680] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 269.907746][ T8680] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.058011][ T1215] hsr_slave_0: left promiscuous mode [ 270.070497][ T1215] hsr_slave_1: left promiscuous mode [ 270.082072][ T1215] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 270.088615][ T1215] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 270.110857][ T1215] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 270.120489][ T1215] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 270.246888][ T1215] veth1_macvtap: left promiscuous mode [ 270.249991][ T1215] veth0_macvtap: left promiscuous mode [ 270.253528][ T1215] veth1_vlan: left promiscuous mode [ 270.270453][ T1215] veth0_vlan: left promiscuous mode [ 270.894650][ T4771] Bluetooth: hci7: command tx timeout [ 272.943763][ T8872] netlink: zone id is out of range [ 272.949682][ T8872] netlink: zone id is out of range [ 273.048767][ T8872] netlink: set zone limit has 4 unknown bytes [ 273.233233][ T1215] team0 (unregistering): Port device team_slave_1 removed [ 273.514639][ T1215] team0 (unregistering): Port device team_slave_0 removed [ 276.560351][ T8880] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 276.608478][ T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 276.612884][ T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 276.683316][ T1112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 276.688479][ T1112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 277.025812][ T8789] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 277.066923][ T8789] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 277.115135][ T8890] netlink: 'syz.1.1083': attribute type 2 has an invalid length. [ 277.119572][ T8890] netlink: 'syz.1.1083': attribute type 1 has an invalid length. [ 277.119748][ T8789] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 277.144173][ T8789] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 277.412318][ T8789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 277.440366][ T8789] 8021q: adding VLAN 0 to HW filter on device team0 [ 277.443676][ T988] bridge0: port 1(bridge_slave_0) entered blocking state [ 277.443761][ T988] bridge0: port 1(bridge_slave_0) entered forwarding state [ 277.465839][ T988] bridge0: port 2(bridge_slave_1) entered blocking state [ 277.474760][ T988] bridge0: port 2(bridge_slave_1) entered forwarding state [ 277.909896][ T8789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 278.007969][ T8789] veth0_vlan: entered promiscuous mode [ 278.022193][ T8789] veth1_vlan: entered promiscuous mode [ 278.072771][ T8789] veth0_macvtap: entered promiscuous mode [ 278.080718][ T8789] veth1_macvtap: entered promiscuous mode [ 278.123297][ T8789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 278.128727][ T8789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 278.133437][ T8789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 278.140012][ T8789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 278.145724][ T8789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 278.150386][ T8789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 278.164574][ T8789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 278.169447][ T8789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 278.173745][ T8789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 278.178395][ T8789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 278.182735][ T8789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 278.188069][ T8789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 278.204762][ T8789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 278.225091][ T8789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 278.230234][ T8789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 278.235339][ T8789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 278.239758][ T8789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 278.252140][ T8789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 278.257185][ T8789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 278.261569][ T8789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 278.272489][ T8789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 278.277349][ T8789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 278.282003][ T8789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 278.292497][ T8789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 278.298111][ T8789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 278.304619][ T8789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 278.323745][ T8789] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.330019][ T8789] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.336264][ T8789] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.340218][ T8789] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.483112][ T1112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 278.487129][ T1112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 278.537259][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 278.540855][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 281.548214][ T8953] block nbd3: shutting down sockets [ 282.155181][ T8955] netlink: 'syz.3.1102': attribute type 21 has an invalid length. [ 284.563551][ T8976] tipc: Can't bind to reserved service type 1 [ 284.962591][ T8983] netlink: 248 bytes leftover after parsing attributes in process `syz.1.1110'. [ 284.967070][ T8983] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1110'. [ 286.192465][ T8991] overlayfs: failed to get index nlink (file1/file1, err=-61) [ 287.406869][ T8999] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1114'. [ 287.412314][ T8999] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1114'. [ 288.705810][ T9012] trusted_key: syz.0.1120 sent an empty control message without MSG_MORE. [ 289.284411][ T4771] Bluetooth: hci7: unexpected event 0x2f length: 763 > 260 [ 290.485214][ T4771] Bluetooth: hci4: SCO packet for unknown connection handle 200 [ 290.658969][ T9044] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.872737][ T9050] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1134'. [ 290.920135][ T9051] input: syz0 as /devices/virtual/input/input12 [ 291.368619][ T9055] cifs: Unknown parameter 'mode' [ 291.377593][ T9039] syz.0.1132: vmalloc error: size 791633920, failed to allocated page array size 1546160, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 291.388151][ T9039] CPU: 0 UID: 0 PID: 9039 Comm: syz.0.1132 Not tainted 6.11.0-rc2-syzkaller-00013-gd4560686726f #0 [ 291.392704][ T9039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 291.397431][ T9039] Call Trace: [ 291.398894][ T9039] [ 291.400482][ T9039] dump_stack_lvl+0x16c/0x1f0 [ 291.403163][ T9039] warn_alloc+0x24d/0x3a0 [ 291.405110][ T9039] ? __pfx_warn_alloc+0x10/0x10 [ 291.407258][ T9039] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 291.409579][ T9039] ? __get_vm_area_node+0x190/0x2d0 [ 291.411767][ T9039] ? __get_vm_area_node+0x1bc/0x2d0 [ 291.414802][ T9039] __vmalloc_node_range_noprof+0xff7/0x1520 [ 291.417791][ T9039] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 291.421929][ T9039] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 291.424624][ T9039] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 291.426570][ T9039] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 291.428627][ T9039] vmalloc_user_noprof+0x6b/0x90 [ 291.430489][ T9039] ? vb2_vmalloc_alloc+0x11e/0x3d0 [ 291.432404][ T9039] vb2_vmalloc_alloc+0x11e/0x3d0 [ 291.434295][ T9039] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 291.438835][ T9039] __vb2_queue_alloc+0x896/0x1220 [ 291.443033][ T9039] vb2_core_create_bufs+0x558/0xab0 [ 291.445022][ T9039] ? __pfx_sdr_cap_queue_setup+0x10/0x10 [ 291.447927][ T9039] ? __pfx_vb2_core_create_bufs+0x10/0x10 [ 291.449957][ T9039] vb2_create_bufs+0x566/0x780 [ 291.451596][ T9039] ? __pfx_vb2_create_bufs+0x10/0x10 [ 291.453842][ T9039] ? __mutex_lock+0x1a6/0x9c0 [ 291.455854][ T9039] vb2_ioctl_create_bufs+0x24a/0x3f0 [ 291.458295][ T9039] ? __pfx___mutex_lock+0x10/0x10 [ 291.460325][ T9039] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 291.462694][ T9039] vidioc_create_bufs+0x7d/0xf0 [ 291.464609][ T9039] v4l_create_bufs+0x198/0x270 [ 291.467022][ T9039] __video_do_ioctl+0xaf9/0xf00 [ 291.469492][ T9039] ? __pfx___video_do_ioctl+0x10/0x10 [ 291.472239][ T9039] ? trace_kmalloc+0x2d/0xe0 [ 291.474358][ T9039] ? __kmalloc_noprof+0x207/0x410 [ 291.476901][ T9039] ? __pfx___sanitizer_cov_trace_const_cmp8+0x1/0x10 [ 291.480076][ T9039] video_usercopy+0x426/0x1500 [ 291.482497][ T9039] ? __pfx___video_do_ioctl+0x10/0x10 [ 291.485314][ T9039] ? __pfx_video_usercopy+0x10/0x10 [ 291.487751][ T9039] v4l2_ioctl+0x1c0/0x260 [ 291.489772][ T9039] v4l2_compat_ioctl32+0x21d/0x2c0 [ 291.491731][ T9039] ? __pfx_v4l2_compat_ioctl32+0x10/0x10 [ 291.493982][ T9039] __do_compat_sys_ioctl+0x2c3/0x330 [ 291.496196][ T9039] __do_fast_syscall_32+0x73/0x120 [ 291.498534][ T9039] do_fast_syscall_32+0x32/0x80 [ 291.501043][ T9039] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 291.504161][ T9039] RIP: 0023:0xf7fa2579 [ 291.506237][ T9039] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 291.514118][ T9039] RSP: 002b:00000000f575656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 291.517267][ T9039] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0f8565c [ 291.520256][ T9039] RDX: 0000000020000600 RSI: 0000000000000000 RDI: 0000000000000000 [ 291.523620][ T9039] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 291.527243][ T9039] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 291.530495][ T9039] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 291.534366][ T9039] [ 291.554144][ T9039] Mem-Info: [ 291.555630][ T9039] active_anon:15803 inactive_anon:49 isolated_anon:0 [ 291.555630][ T9039] active_file:14134 inactive_file:27329 isolated_file:0 [ 291.555630][ T9039] unevictable:768 dirty:469 writeback:0 [ 291.555630][ T9039] slab_reclaimable:4883 slab_unreclaimable:61638 [ 291.555630][ T9039] mapped:29445 shmem:827 pagetables:758 [ 291.555630][ T9039] sec_pagetables:332 bounce:0 [ 291.555630][ T9039] kernel_misc_reclaimable:0 [ 291.555630][ T9039] free:40827 free_pcp:3951 free_cma:0 [ 291.582227][ T9039] Node 0 active_anon:0kB inactive_anon:192kB active_file:48kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:9156kB dirty:32kB writeback:0kB shmem:3400kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10456kB pagetables:1720kB sec_pagetables:1296kB all_unreclaimable? no [ 291.607447][ T9039] Node 1 active_anon:63564kB inactive_anon:4kB active_file:56488kB inactive_file:109184kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:108624kB dirty:1844kB writeback:0kB shmem:0kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1432kB pagetables:1312kB sec_pagetables:32kB all_unreclaimable? no [ 291.696241][ T9039] Node 0 DMA free:808kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:4kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:164kB local_pcp:152kB free_cma:0kB [ 291.706973][ T9039] lowmem_reserve[]: 0 369 0 0 0 [ 291.708912][ T9039] Node 0 DMA32 free:27388kB boost:0kB min:18816kB low:23520kB high:28224kB reserved_highatomic:4096KB active_anon:0kB inactive_anon:140kB active_file:0kB inactive_file:176kB unevictable:1536kB writepending:28kB present:1032192kB managed:405704kB mlocked:0kB bounce:0kB free_pcp:1512kB local_pcp:1052kB free_cma:0kB [ 291.757726][ T9039] lowmem_reserve[]: 0 0 0 0 0 [ 291.760087][ T9039] Node 1 DMA32 free:133324kB boost:0kB min:47052kB low:58812kB high:70572kB reserved_highatomic:0KB active_anon:65064kB inactive_anon:4kB active_file:56488kB inactive_file:109184kB unevictable:1536kB writepending:1844kB present:1048436kB managed:946208kB mlocked:0kB bounce:0kB free_pcp:14100kB local_pcp:10708kB free_cma:0kB [ 291.795709][ T9039] lowmem_reserve[]: 0 0 0 0 0 [ 291.797728][ T9039] Node 0 DMA: 0*4kB 1*8kB (U) 4*16kB (U) 23*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 808kB [ 291.803050][ T9039] Node 0 DMA32: 252*4kB (UMEH) 213*8kB (UMEH) 102*16kB (UMEH) 94*32kB (UMEH) 74*64kB (UMEH) 16*128kB (UMEH) 10*256kB (UME) 5*512kB (UME) 0*1024kB 2*2048kB (M) 1*4096kB (M) = 27448kB [ 291.810425][ T9039] Node 1 DMA32: 3*4kB (UE) 5*8kB (ME) 1*16kB (M) 38*32kB (UME) 56*64kB (ME) 33*128kB (UM) 16*256kB (ME) 14*512kB (UME) 8*1024kB (ME) 5*2048kB (M) 23*4096kB (M) = 132996kB [ 291.818723][ T9039] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 291.823226][ T9039] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 291.827536][ T9039] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 291.834497][ T9039] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 291.838566][ T9039] 43043 total pagecache pages [ 291.840666][ T9039] 753 pages in swap cache [ 291.842499][ T9039] Free swap = 108332kB [ 291.843923][ T9039] Total swap = 124996kB [ 291.846199][ T9039] 524155 pages RAM [ 291.848091][ T9039] 0 pages HighMem/MovableOnly [ 291.850201][ T9039] 182337 pages reserved [ 291.852030][ T9039] 0 pages cma reserved [ 292.652968][ T9076] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1141'. [ 293.131745][ T9083] sp0: Synchronizing with TNC [ 293.471365][ T9089] fuse: Unknown parameter 'ff' [ 293.480657][ T9084] random: crng reseeded on system resumption [ 294.456656][ T9123] syz.1.1162[9123] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 294.456810][ T9123] syz.1.1162[9123] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 295.001133][ T9148] syz.2.1170[9148] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 295.010658][ T9148] syz.2.1170[9148] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 295.199608][ T9156] netlink: 'syz.0.1173': attribute type 20 has an invalid length. [ 295.429366][ T9154] sd 0:0:0:0: PR command failed: 1026 [ 295.454146][ T9154] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 295.458699][ T9154] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 295.656636][ T9165] netlink: 830 bytes leftover after parsing attributes in process `syz.1.1176'. [ 296.003745][ T9173] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1179'. [ 296.025809][ T9173] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1179'. [ 296.262203][ T9179] trusted_key: encrypted_key: insufficient parameters specified [ 296.335739][ T9179] Bluetooth: MGMT ver 1.23 [ 296.410083][ T9182] veth1_to_hsr: entered promiscuous mode [ 296.411628][ T9180] syz.3.1180[9180] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 296.412699][ T9180] syz.3.1180[9180] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 296.448069][ T9182] veth1_to_hsr: left promiscuous mode [ 296.674397][ T4771] Bluetooth: hci0: unexpected event for opcode 0x000c [ 297.431394][ T4771] Bluetooth: hci0: unexpected cc 0x1407 length: 100 > 9 [ 297.436492][ T4771] Bluetooth: hci0: unexpected event for opcode 0x1407 [ 300.083978][ C3] vkms_vblank_simulate: vblank timer overrun [ 300.168080][ C3] vkms_vblank_simulate: vblank timer overrun [ 300.560127][ T9250] program syz.1.1206 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 300.670533][ T9249] syzkaller1: entered promiscuous mode [ 300.672888][ T9249] syzkaller1: entered allmulticast mode [ 300.902850][ T9252] [U] VÔ3¸ÂFÙ¾"WÇÁ/ÉÊ4:ÃXTZ“W¡T‘’LWµ«= [ 301.454146][ T4771] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 301.459523][ T4771] Bluetooth: hci0: Injecting HCI hardware error event [ 301.465622][ T4771] Bluetooth: hci0: hardware error 0x00 [ 301.882740][ T9218] [U] J"—E:ÀÆ" [ 302.684114][ T834] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 302.899977][ T834] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 302.904896][ T834] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 302.908720][ T834] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 302.924810][ T834] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 302.928862][ T834] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.935017][ T834] usb 6-1: config 0 descriptor?? [ 303.442735][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.456456][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.459701][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.463056][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.487293][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.491006][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.504091][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.508302][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.511947][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.524255][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.534864][ T4771] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 303.535259][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.545334][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.548674][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.562174][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.572325][ T834] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 303.576736][ T834] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving [ 303.594530][ T834] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 303.645926][ T9279] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1219'. [ 303.664060][ T57] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 303.857092][ T57] usb 5-1: Using ep0 maxpacket: 16 [ 303.862317][ T57] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 166, changing to 11 [ 303.870520][ T9263] usb 6-1: string descriptor 0 read error: -71 [ 303.874044][ T57] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 8383, setting to 1024 [ 303.879552][ T8843] usb 6-1: USB disconnect, device number 8 [ 303.907076][ T57] usb 5-1: New USB device found, idVendor=0eef, idProduct=0001, bcdDevice= 0.40 [ 303.910611][ T57] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.924919][ T57] usb 5-1: Product: ☜è断鯿⎎緱殘꧃å«×œáŸˆêšï´å›ºì£æ–ˆï²©ä“™æ•¥í‘ꇖ橨駳蓅᧡㮱䔎﷯㔛嚴惶浞ౚᎮ屫㳛ㄛ쓉åºé¯‰èŽ„éšá½‰ç µï ´Ú™áŽ¸ë«¸é¨¸á±šæ¢® [ 303.931786][ T57] usb 5-1: Manufacturer: Т [ 303.933865][ T57] usb 5-1: SerialNumber: syz [ 304.084220][ T4771] Bluetooth: hci3: command 0x0406 tx timeout [ 304.538038][ T57] usbhid 5-1:1.0: can't add hid device: -71 [ 304.541053][ T57] usbhid 5-1:1.0: probe with driver usbhid failed with error -71 [ 304.560425][ T57] usb 5-1: USB disconnect, device number 13 [ 304.789693][ T1289] IPVS: starting estimator thread 0... [ 304.964476][ T9294] IPVS: using max 21 ests per chain, 50400 per kthread [ 305.441318][ T57] kernel read not supported for file /input/event0 (pid: 57 comm: kworker/3:1) [ 305.529706][ T9308] wireguard: wg2: Could not create IPv4 socket [ 305.679281][ T9310] netlink: 84 bytes leftover after parsing attributes in process `syz.2.1229'. [ 305.960053][ T9318] i2c i2c-1: Invalid block write size 34 [ 307.577302][ T9352] vxfs: WRONG superblock magic 00000000 at 1 [ 307.580376][ T9352] vxfs: WRONG superblock magic 00000000 at 8 [ 307.583310][ T9352] vxfs: can't find superblock. [ 307.627581][ T39] audit: type=1326 audit(1723027705.674:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9351 comm="syz.0.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 307.659149][ T39] audit: type=1326 audit(1723027705.684:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9351 comm="syz.0.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 307.673737][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 307.696182][ T39] audit: type=1326 audit(1723027705.694:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9351 comm="syz.0.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 307.714239][ T39] audit: type=1326 audit(1723027705.694:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9351 comm="syz.0.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 307.745116][ T39] audit: type=1326 audit(1723027705.694:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9351 comm="syz.0.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 307.774155][ T39] audit: type=1326 audit(1723027705.694:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9351 comm="syz.0.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 307.800644][ T39] audit: type=1326 audit(1723027705.704:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9351 comm="syz.0.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 307.810710][ T39] audit: type=1326 audit(1723027705.704:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9351 comm="syz.0.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 307.824259][ T39] audit: type=1326 audit(1723027705.704:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9351 comm="syz.0.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 307.833740][ T39] audit: type=1326 audit(1723027705.704:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9351 comm="syz.0.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x7ffc0000 [ 309.571376][ T9370] netlink: 'syz.3.1238': attribute type 10 has an invalid length. [ 309.615725][ T9370] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 310.963823][ C3] vkms_vblank_simulate: vblank timer overrun [ 314.264023][ T39] kauditd_printk_skb: 32 callbacks suppressed [ 314.264044][ T39] audit: type=1800 audit(1723027712.304:327): pid=9382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1254" name="bus" dev="overlay" ino=1806 res=0 errno=0 [ 316.233390][ T4771] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 316.239190][ T4771] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 316.244351][ T4771] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 316.249366][ T4771] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 316.252940][ T4771] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 316.261500][ T4771] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 316.741922][ T9406] chnl_net:caif_netlink_parms(): no params data found [ 317.530271][ T9406] bridge0: port 1(bridge_slave_0) entered blocking state [ 317.535944][ T9406] bridge0: port 1(bridge_slave_0) entered disabled state [ 317.539648][ T9406] bridge_slave_0: entered allmulticast mode [ 317.554325][ T9406] bridge_slave_0: entered promiscuous mode [ 317.565476][ T9406] bridge0: port 2(bridge_slave_1) entered blocking state [ 317.569098][ T9406] bridge0: port 2(bridge_slave_1) entered disabled state [ 317.572269][ T9406] bridge_slave_1: entered allmulticast mode [ 317.585302][ T9406] bridge_slave_1: entered promiscuous mode [ 317.884293][ T9406] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 317.904497][ T9406] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 318.018148][ T83] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.244706][ T83] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.334428][ T4771] Bluetooth: hci6: command tx timeout [ 318.429925][ T9406] team0: Port device team_slave_0 added [ 318.459285][ T9406] team0: Port device team_slave_1 added [ 318.510081][ T83] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 318.751728][ T9406] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 318.758939][ T9406] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 318.779963][ T9406] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 318.787606][ T9406] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 318.811972][ T9406] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 318.822160][ T9406] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 318.962157][ T9406] hsr_slave_0: entered promiscuous mode [ 318.975313][ T9406] hsr_slave_1: entered promiscuous mode [ 318.986755][ T9406] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 318.990314][ T9406] Cannot create hsr debugfs directory [ 319.267940][ T9451] netlink: 23 bytes leftover after parsing attributes in process `syz.3.1268'. [ 319.271497][ T9451] netlink: 23 bytes leftover after parsing attributes in process `syz.3.1268'. [ 319.446599][ T83] bridge_slave_1: left allmulticast mode [ 319.449802][ T83] bridge_slave_1: left promiscuous mode [ 319.452220][ T83] bridge0: port 2(bridge_slave_1) entered disabled state [ 319.466541][ T83] bridge_slave_0: left allmulticast mode [ 319.469037][ T83] bridge_slave_0: left promiscuous mode [ 319.472386][ T83] bridge0: port 1(bridge_slave_0) entered disabled state [ 319.503313][ T9457] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1271'. [ 320.154556][ T83] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 320.170566][ T83] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 320.190712][ T83] bond0 (unregistering): (slave batadv0): Releasing backup interface [ 320.210905][ T83] bond0 (unregistering): Released all slaves [ 320.416287][ T4771] Bluetooth: hci6: command tx timeout [ 321.087799][ T9485] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 321.104024][ T9485] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 321.109137][ T9485] overlayfs: failed to get uuid (/file1, err=-95); falling back to uuid=null. [ 321.233697][ T9472] syz.3.1276: attempt to access beyond end of device [ 321.233697][ T9472] loop3: rw=2048, sector=2, nr_sectors = 1 limit=0 [ 321.264317][ T9472] hfsplus: unable to find HFS+ superblock [ 321.507433][ T9472] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1276'. [ 321.557697][ T83] hsr_slave_0: left promiscuous mode [ 321.562594][ T83] hsr_slave_1: left promiscuous mode [ 321.569355][ T83] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 321.577944][ T83] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 321.581586][ T83] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 321.584805][ T83] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 321.719836][ T83] veth0_macvtap: left promiscuous mode [ 321.722775][ T83] veth1_vlan: left promiscuous mode [ 321.725985][ T83] veth0_vlan: left promiscuous mode [ 321.765729][ T9505] syz.2.1286[9505] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 321.765872][ T9505] syz.2.1286[9505] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 321.925830][ T39] audit: type=1326 audit(1723027975.966:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.2.1286" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd7579 code=0x0 [ 322.034305][ T9505] syz.2.1286[9505] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 322.034452][ T9505] syz.2.1286[9505] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 322.493925][ T1381] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.496315][ T4771] Bluetooth: hci6: command tx timeout [ 322.498993][ T1381] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.874189][ T9523] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1294'. [ 324.047435][ T83] team0 (unregistering): Port device team_slave_1 removed [ 324.347927][ T83] team0 (unregistering): Port device team_slave_0 removed [ 324.574111][ T4771] Bluetooth: hci6: command tx timeout [ 325.225414][ T39] audit: type=1326 audit(1723027979.266:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9529 comm="syz.2.1297" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fd7579 code=0x0 [ 326.771347][ T9406] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 326.787538][ T9406] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 326.801734][ T9406] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 326.831165][ T9406] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 327.020100][ T9406] 8021q: adding VLAN 0 to HW filter on device bond0 [ 327.052059][ T9406] 8021q: adding VLAN 0 to HW filter on device team0 [ 327.073425][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 327.076889][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 327.105566][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 327.108588][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 327.593029][ T9406] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 327.690199][ T9406] veth0_vlan: entered promiscuous mode [ 327.709029][ T9406] veth1_vlan: entered promiscuous mode [ 327.760619][ T9406] veth0_macvtap: entered promiscuous mode [ 327.767958][ T9406] veth1_macvtap: entered promiscuous mode [ 327.783844][ T9406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 327.788411][ T9406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 327.800083][ T9406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 327.803818][ T9406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 327.808668][ T9406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 327.812877][ T9406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 327.831619][ T9406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 327.855044][ T9406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 327.859811][ T9406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 327.874182][ T9406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 327.879994][ T9406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 327.893220][ T9406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 327.901425][ T9406] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 327.908642][ T9406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 327.913287][ T9406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 327.934771][ T9406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 327.940621][ T9406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 327.946713][ T9406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 327.952631][ T9406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 327.964046][ T9406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 327.982677][ T9406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 327.987709][ T9406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 327.992149][ T9406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.005247][ T9406] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.009716][ T9406] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.029805][ T9406] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 328.042985][ T9406] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 328.048893][ T9406] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 328.052776][ T9406] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 328.065338][ T9406] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 328.218151][ T1215] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 328.227078][ T1215] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 328.278937][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 328.282339][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 328.557302][ T83] IPVS: stop unused estimator thread 0... [ 328.759619][ T9598] netlink: 268 bytes leftover after parsing attributes in process `syz.2.1315'. [ 328.764906][ T9598] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1315'. [ 328.870836][ T9602] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1316'. [ 328.909466][ T9602] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1316'. [ 329.637288][ T9614] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1321'. [ 329.759330][ T9607] input: syz0 as /devices/virtual/input/input14 [ 330.409921][ T9622] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1325'. [ 331.198616][ T9634] sctp: [Deprecated]: syz.3.1328 (pid 9634) Use of int in maxseg socket option. [ 331.198616][ T9634] Use struct sctp_assoc_value instead [ 331.574101][ T5344] usb 8-1: new high-speed USB device number 13 using dummy_hcd [ 331.795836][ T5344] usb 8-1: config 0 has an invalid interface number: 230 but max is 0 [ 331.800037][ T5344] usb 8-1: config 0 has an invalid interface number: 48 but max is 0 [ 331.805394][ T5344] usb 8-1: config 0 contains an unexpected descriptor of type 0x1, skipping [ 331.809278][ T5344] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 331.824233][ T5344] usb 8-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 331.829197][ T5344] usb 8-1: config 0 has no interface number 0 [ 331.832153][ T5344] usb 8-1: config 0 has no interface number 1 [ 331.835462][ T5344] usb 8-1: config 0 interface 230 altsetting 0 endpoint 0x4 has invalid maxpacket 1023, setting to 64 [ 331.841205][ T5344] usb 8-1: config 0 interface 230 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 14 [ 331.850341][ T5344] usb 8-1: too many endpoints for config 0 interface 48 altsetting 31: 64, using maximum allowed: 30 [ 331.860035][ T5344] usb 8-1: config 0 interface 48 altsetting 31 bulk endpoint 0xB has invalid maxpacket 1024 [ 331.864894][ T5344] usb 8-1: config 0 interface 48 altsetting 31 has a duplicate endpoint with address 0x4, skipping [ 331.870784][ T5344] usb 8-1: config 0 interface 48 altsetting 31 has an invalid descriptor for endpoint zero, skipping [ 331.884013][ T5344] usb 8-1: config 0 interface 48 altsetting 31 has a duplicate endpoint with address 0x6, skipping [ 331.889057][ T5344] usb 8-1: config 0 interface 48 altsetting 31 has 8 endpoint descriptors, different from the interface descriptor's value: 64 [ 331.896186][ T5344] usb 8-1: config 0 interface 48 has no altsetting 0 [ 331.902502][ T5344] usb 8-1: New USB device found, idVendor=0c52, idProduct=2832, bcdDevice=fb.70 [ 331.907122][ T5344] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 331.911148][ T5344] usb 8-1: Product: syz [ 331.913288][ T5344] usb 8-1: Manufacturer: syz [ 331.916346][ T5344] usb 8-1: SerialNumber: syz [ 331.925489][ T5344] usb 8-1: config 0 descriptor?? [ 331.930818][ T5344] ftdi_sio 8-1:0.230: FTDI USB Serial Device converter detected [ 331.936161][ T5344] ftdi_sio ttyUSB0: unknown device type: 0xfb70 [ 332.275913][ T5344] ftdi_sio 8-1:0.48: FTDI USB Serial Device converter detected [ 332.281527][ T5344] ftdi_sio ttyUSB1: unknown device type: 0xfb70 [ 332.300575][ T5344] usb 8-1: USB disconnect, device number 13 [ 332.318443][ T5344] ftdi_sio 8-1:0.230: device disconnected [ 332.327252][ T5344] ftdi_sio 8-1:0.48: device disconnected [ 333.809703][ T9660] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 333.967591][ T9654] loop0: detected capacity change from 0 to 524287999 [ 333.982132][ C2] blk_print_req_error: 40 callbacks suppressed [ 333.982146][ C2] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 333.988071][ C2] buffer_io_error: 40 callbacks suppressed [ 333.988080][ C2] Buffer I/O error on dev loop0, logical block 0, async page read [ 334.019825][ C2] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 334.023864][ C2] Buffer I/O error on dev loop0, logical block 0, async page read [ 334.030255][ C2] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 334.034378][ C2] Buffer I/O error on dev loop0, logical block 0, async page read [ 334.039600][ C2] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 334.043291][ C2] Buffer I/O error on dev loop0, logical block 0, async page read [ 334.047230][ C2] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 334.051077][ C2] Buffer I/O error on dev loop0, logical block 0, async page read [ 334.054865][ C2] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 334.058466][ C2] Buffer I/O error on dev loop0, logical block 0, async page read [ 334.061826][ C2] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 334.065687][ C2] Buffer I/O error on dev loop0, logical block 0, async page read [ 334.069559][ C2] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 334.073248][ C2] Buffer I/O error on dev loop0, logical block 0, async page read [ 334.082372][ T9654] ldm_validate_partition_table(): Disk read failed. [ 334.085641][ C2] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 334.089546][ C2] Buffer I/O error on dev loop0, logical block 0, async page read [ 334.093028][ C2] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 334.097223][ C2] Buffer I/O error on dev loop0, logical block 0, async page read [ 334.105618][ T9654] Dev loop0: unable to read RDB block 0 [ 334.116252][ T9654] loop0: unable to read partition table [ 334.123203][ T9654] loop_reread_partitions: partition scan of loop0 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 334.172179][ T9662] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 340.709651][ T9680] bridge0: port 2(bridge_slave_1) entered disabled state [ 340.713075][ T9680] bridge0: port 1(bridge_slave_0) entered disabled state [ 341.083482][ T9682] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1343'. [ 341.428907][ T5345] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 341.434823][ T5345] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 341.439113][ T5345] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 341.443275][ T5345] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 341.448919][ T5345] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 341.452384][ T5345] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 341.688327][ T9699] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1347'. [ 342.058486][ T9692] chnl_net:caif_netlink_parms(): no params data found [ 342.352317][ T9692] bridge0: port 1(bridge_slave_0) entered blocking state [ 342.355786][ T9692] bridge0: port 1(bridge_slave_0) entered disabled state [ 342.359108][ T9692] bridge_slave_0: entered allmulticast mode [ 342.366800][ T9692] bridge_slave_0: entered promiscuous mode [ 342.382832][ T9692] bridge0: port 2(bridge_slave_1) entered blocking state [ 342.386709][ T9692] bridge0: port 2(bridge_slave_1) entered disabled state [ 342.389815][ T9692] bridge_slave_1: entered allmulticast mode [ 342.393423][ T9692] bridge_slave_1: entered promiscuous mode [ 342.572924][ T9692] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 342.580933][ T9692] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 342.796582][ T9692] team0: Port device team_slave_0 added [ 342.819289][ T9692] team0: Port device team_slave_1 added [ 343.187058][ T9692] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 343.191139][ T9692] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.234023][ T9692] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 343.254436][ T9692] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 343.264052][ T9692] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.284430][ T9692] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 343.296449][ T9723] cgroup: Unexpected value for 'cpuset_v2_mode' [ 343.468265][ T9692] hsr_slave_0: entered promiscuous mode [ 343.476550][ T9692] hsr_slave_1: entered promiscuous mode [ 343.480218][ T9692] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 343.486647][ T9692] Cannot create hsr debugfs directory [ 343.524551][ T5345] Bluetooth: hci4: command tx timeout [ 343.849900][ T9692] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 343.985342][ T9692] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.107198][ T9692] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.238422][ T9692] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.493540][ T9692] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 344.509490][ T9692] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 344.546813][ T9692] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 344.567054][ T9692] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 344.718981][ T9692] 8021q: adding VLAN 0 to HW filter on device bond0 [ 344.761364][ T9692] 8021q: adding VLAN 0 to HW filter on device team0 [ 344.802046][ T58] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.805589][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state [ 344.817880][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 344.821169][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 344.881979][ T9692] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 345.190919][ T9692] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 345.310184][ T9692] veth0_vlan: entered promiscuous mode [ 345.335346][ T9692] veth1_vlan: entered promiscuous mode [ 345.378825][ T9692] veth0_macvtap: entered promiscuous mode [ 345.410567][ T9692] veth1_macvtap: entered promiscuous mode [ 345.496565][ T9746] input: syz0 as /devices/virtual/input/input15 [ 345.499346][ T9692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 345.526570][ T9692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.536936][ T9692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 345.541565][ T9692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.542111][ T9760] fuse: Unknown parameter 'úÿÿÿÿÿÿÿå00000000000000000000' [ 345.557935][ T9692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 345.576215][ T9692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.580184][ T9692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 345.584937][ T9692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.601770][ T9692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 345.606459][ T5345] Bluetooth: hci4: command 0x041b tx timeout [ 345.614109][ T9692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.629925][ T9692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 345.634432][ T9692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.640004][ T9692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 345.687728][ T9692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.691454][ T9692] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 345.709193][ T9692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 345.713487][ T9692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.717919][ T9692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 345.723731][ T9692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.729018][ T9692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 345.733595][ T9692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.738000][ T9692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 345.743151][ T9692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.752691][ T9692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 345.757932][ T9692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.762334][ T9692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 345.768130][ T9692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.772886][ T9692] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 345.778127][ T9692] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 345.789594][ T9692] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 345.801698][ T9692] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 345.805551][ T9692] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 345.809060][ T9692] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 345.812898][ T9692] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 345.961992][ T1199] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 345.968862][ T1199] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 346.017001][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 346.021257][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 346.315613][ T9766] affs: Unrecognized mount option "ß" or missing value [ 346.319007][ T9766] affs: Error parsing options [ 346.401316][ T9769] block nbd3: NBD_DISCONNECT [ 346.411458][ T9769] block nbd3: Disconnected due to user request. [ 346.420766][ T9769] block nbd3: shutting down sockets [ 346.504171][ T9768] syzkaller0: entered promiscuous mode [ 346.506573][ T9768] syzkaller0: entered allmulticast mode [ 346.657373][ T9771] VFS: could not find a valid V7 on nullb0. [ 346.960700][ T9776] netlink: 8280 bytes leftover after parsing attributes in process `syz.0.1371'. [ 346.974334][ T9776] netlink: 8280 bytes leftover after parsing attributes in process `syz.0.1371'. [ 347.080001][ T9781] syzkaller0: entered promiscuous mode [ 347.085590][ T9781] syzkaller0: entered allmulticast mode [ 347.684134][ T4771] Bluetooth: hci4: command 0x041b tx timeout [ 349.095042][ T9802] block nbd3: shutting down sockets [ 349.764181][ T4771] Bluetooth: hci4: command 0x041b tx timeout [ 351.844379][ T4771] Bluetooth: hci4: command 0x041b tx timeout [ 353.751882][ T9824] netlink: 'syz.0.1385': attribute type 5 has an invalid length. [ 354.505923][ T9835] ax25_connect(): syz.3.1384 uses autobind, please contact jreuter@yaina.de [ 354.987815][ T9846] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1391'. [ 357.564292][ T39] audit: type=1326 audit(1723028011.596:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9878 comm="syz.1.1402" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0 [ 357.669398][ T39] audit: type=1326 audit(1723028011.706:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9878 comm="syz.1.1402" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0 [ 358.362171][ T9884] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1400'. [ 359.544328][ T988] IPVS: starting estimator thread 0... [ 359.664661][ T9898] IPVS: using max 20 ests per chain, 48000 per kthread [ 362.080143][ T9905] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 362.285635][ T9912] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 362.330901][ T9912] kvm: pic: non byte read [ 364.374091][ T9932] IPVS: set_ctl: invalid protocol: 58 255.255.255.255:0 [ 364.950097][ T9942] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1418'. [ 367.042761][ T5405] libceph: connect (1)[c::]:6789 error -101 [ 367.048262][ T5405] libceph: mon0 (1)[c::]:6789 connect error [ 367.317405][ T5405] libceph: connect (1)[c::]:6789 error -101 [ 367.321519][ T5405] libceph: mon0 (1)[c::]:6789 connect error [ 367.836857][ T5384] libceph: connect (1)[c::]:6789 error -101 [ 367.840495][ T5384] libceph: mon0 (1)[c::]:6789 connect error [ 367.845355][ T9984] ceph: No mds server is up or the cluster is laggy [ 369.373205][T10029] xt_connbytes: Forcing CT accounting to be enabled [ 369.983578][ T39] audit: type=1804 audit(1723028024.016:332): pid=10033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1450" name="/newroot/92/bus/file0" dev="overlay" ino=512 res=1 errno=0 [ 370.590134][ T39] audit: type=1804 audit(1723028024.626:333): pid=10039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1453" name="/" dev="pidfs" ino=10338 res=1 errno=0 [ 372.156075][T10062] netlink: 'syz.1.1462': attribute type 21 has an invalid length. [ 372.169797][T10062] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1462'. [ 372.173730][T10062] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1462'. [ 372.414169][T10069] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1465'. [ 372.489323][T10071] trusted_key: encrypted_key: insufficient parameters specified [ 372.536333][T10068] Process accounting resumed [ 372.561413][T10073] misc userio: Begin command sent, but we're already running [ 372.904274][T10080] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1470'. [ 372.949582][T10078] trusted_key: encrypted_key: keyword 'wpdate' not recognized [ 373.228647][T10076] IPVS: Error connecting to the multicast addr [ 375.061503][T10126] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1485'. [ 375.251262][ T57] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 375.514719][ T57] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 375.518512][ T57] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 375.555181][ T57] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 375.559000][ T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 375.574022][ T57] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 375.616903][ T57] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 375.634122][ T57] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 375.644450][ T57] usb 6-1: Product: syz [ 375.646806][ T57] usb 6-1: Manufacturer: syz [ 375.656897][ T57] cdc_wdm 6-1:1.0: skipping garbage [ 375.659458][ T57] cdc_wdm 6-1:1.0: skipping garbage [ 375.663358][ T57] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 375.667072][ T57] cdc_wdm 6-1:1.0: Unknown control protocol [ 375.764063][ T5345] Bluetooth: hci5: command 0x0406 tx timeout [ 376.381111][ T58] usb 6-1: USB disconnect, device number 9 [ 377.518780][ T39] audit: type=1326 audit(1723028031.556:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.1.1504" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7fc00000 [ 377.544064][ T39] audit: type=1326 audit(1723028031.566:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.1.1504" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf744e579 code=0x7fc00000 [ 377.557193][ T39] audit: type=1326 audit(1723028031.596:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10179 comm="syz.1.1504" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7fc00000 [ 377.651607][T10199] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1513'. [ 378.122587][T10215] syz.3.1520 (10215): /proc/10214/oom_adj is deprecated, please use /proc/10214/oom_score_adj instead. [ 378.137786][ T9] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 378.327602][ T9] usb 6-1: config 0 has no interfaces? [ 378.333407][ T9] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 378.344053][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 378.349025][ T9] usb 6-1: Product: syz [ 378.351265][ T9] usb 6-1: Manufacturer: syz [ 378.353713][ T9] usb 6-1: SerialNumber: syz [ 378.376158][ T9] usb 6-1: config 0 descriptor?? [ 378.676502][ T1289] usb 6-1: USB disconnect, device number 10 [ 378.904424][T10230] 9pnet_fd: Insufficient options for proto=fd [ 379.595316][ T39] audit: type=1326 audit(1723028033.636:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10244 comm="syz.1.1530" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf744e579 code=0x0 [ 379.613073][T10247] ip6t_rpfilter: unknown options [ 380.494056][T10263] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1537'. [ 380.768643][T10273] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1542'. [ 381.377330][ C1] vxcan0: j1939_tp_rxtimer: 0xffff888015562c00: rx timeout, send abort [ 381.381868][ C1] vxcan0: j1939_xtp_rx_abort_one: 0xffff888015562c00: 0x20000: (3) A timeout occurred and this is the connection abort to close the session. [ 381.449355][T10285] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1545'. [ 382.565227][T10309] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1549'. [ 383.033739][ T39] audit: type=1400 audit(1723028037.066:338): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=10311 comm=5E282F5B25AF [ 383.937269][ T1381] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.940365][ T1381] ieee802154 phy1 wpan1: encryption failed: -22 [ 385.694593][T10354] overlayfs: failed to create directory ./bus/work (errno: 28); mounting read-only [ 385.702533][T10354] overlayfs: failed to set uuid (/file1, err=-28); falling back to uuid=null. [ 385.865459][T10356] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 386.017233][T10358] binder: 10357:10358 ioctl c06864a1 20000280 returned -22 [ 386.317058][T10369] netdevsim netdevsim0 @: renamed from netdevsim0 (while UP) [ 386.369999][T10371] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1575'. [ 387.194484][ T1289] usb 8-1: new high-speed USB device number 14 using dummy_hcd [ 387.394601][ T1289] usb 8-1: Using ep0 maxpacket: 8 [ 387.405107][ T1289] usb 8-1: config 179 has an invalid interface number: 65 but max is 0 [ 387.409703][ T1289] usb 8-1: config 179 has no interface number 0 [ 387.412706][ T1289] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 387.420742][ T1289] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 387.425315][T10385] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 387.434164][ T1289] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 255, changing to 11 [ 387.439312][ T1289] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 59391, setting to 1024 [ 387.443475][ T1289] usb 8-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 387.463563][ T1289] usb 8-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 387.489881][ T1289] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 387.510482][T10383] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 387.533632][T10383] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 387.631725][ T1289] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:179.65/input/input17 [ 387.684265][ T4818] input input17: unable to receive magic message: -110 [ 387.741439][ T4818] input input17: unable to receive magic message: -32 [ 387.752099][ T4818] input input17: unable to receive magic message: -32 [ 387.786791][ C1] xpad 8-1:179.65: xpad_irq_in - usb_submit_urb failed with result -1 [ 387.791536][ T4818] input input17: unable to receive magic message: -32 [ 387.865634][T10125] input input17: unable to receive magic message: -32 [ 387.897018][ T4818] input input17: unable to receive magic message: -32 [ 387.919808][ T4818] input input17: unable to receive magic message: -32 [ 387.941645][ T4818] input input17: unable to receive magic message: -32 [ 388.001379][ T4818] input input17: unable to receive magic message: -32 [ 390.020660][ C1] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 390.035329][ T1289] usb 8-1: USB disconnect, device number 14 [ 390.052522][ T1289] xpad 8-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 390.280425][T10391] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1579'. [ 390.497979][T10393] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1580'. [ 391.564391][T10400] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1581'. [ 393.799949][T10404] overlayfs: failed to create directory ./bus/work (errno: 28); mounting read-only [ 393.804339][T10405] netlink: 'syz.0.1590': attribute type 7 has an invalid length. [ 393.808520][T10405] netlink: 15 bytes leftover after parsing attributes in process `syz.0.1590'. [ 393.815124][T10404] overlayfs: failed to set uuid (/file1, err=-28); falling back to uuid=null. [ 393.817369][T10405] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1590'. [ 393.828451][T10405] netlink: 872 bytes leftover after parsing attributes in process `syz.0.1590'. [ 393.832652][T10405] netlink: 'syz.0.1590': attribute type 7 has an invalid length. [ 393.844233][T10405] netlink: 15 bytes leftover after parsing attributes in process `syz.0.1590'. [ 394.722316][T10416] netdevsim netdevsim1 @: renamed from netdevsim0 (while UP) [ 396.466478][T10435] input: syz0 as /devices/virtual/input/input18 [ 397.693692][T10454] netdevsim netdevsim3 @: renamed from netdevsim0 (while UP) [ 397.711227][T10452] syz.0.1605[10452] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 397.711310][T10452] syz.0.1605[10452] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 397.921055][ T39] audit: type=1326 audit(1723028051.956:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10451 comm="syz.0.1605" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fa2579 code=0x0 [ 398.061716][T10452] syz.0.1605[10452] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 398.061861][T10452] syz.0.1605[10452] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 398.597886][T10463] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1599'. [ 399.744084][ T5388] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 399.964108][ T5388] usb 5-1: Using ep0 maxpacket: 8 [ 399.968924][ T5388] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 399.973325][ T5388] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 400.018998][ T5388] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 400.024220][ T5388] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 400.030365][ T5388] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 400.035168][ T5388] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 400.226151][T10478] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 400.365947][T10476] loop0: detected capacity change from 0 to 524287999 [ 400.370103][ C2] blk_print_req_error: 7 callbacks suppressed [ 400.370117][ C2] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 400.376700][ C2] buffer_io_error: 7 callbacks suppressed [ 400.376710][ C2] Buffer I/O error on dev loop0, logical block 0, async page read [ 400.400078][ C3] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 400.404367][ C3] Buffer I/O error on dev loop0, logical block 0, async page read [ 400.409089][ C3] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 400.413222][ C3] Buffer I/O error on dev loop0, logical block 0, async page read [ 400.417475][ C0] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 400.421447][ C0] Buffer I/O error on dev loop0, logical block 0, async page read [ 400.435225][ T5388] usb 5-1: usb_control_msg returned -32 [ 400.435350][ C3] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 400.437669][ C3] Buffer I/O error on dev loop0, logical block 0, async page read [ 400.442010][ T5388] usbtmc 5-1:16.0: can't read capabilities [ 400.455345][ C3] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 400.459404][ C3] Buffer I/O error on dev loop0, logical block 0, async page read [ 400.469303][ C3] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 400.473439][ C3] Buffer I/O error on dev loop0, logical block 0, async page read [ 400.477516][ C3] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 400.481684][ C3] Buffer I/O error on dev loop0, logical block 0, async page read [ 400.485278][T10476] ldm_validate_partition_table(): Disk read failed. [ 400.489409][ C0] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 400.493321][ C0] Buffer I/O error on dev loop0, logical block 0, async page read [ 400.505334][ C3] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 400.509502][ C3] Buffer I/O error on dev loop0, logical block 0, async page read [ 400.524063][T10476] Dev loop0: unable to read RDB block 0 [ 400.556523][T10476] loop0: unable to read partition table [ 400.559134][T10476] loop_reread_partitions: partition scan of loop0 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 402.059273][T10487] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1604'. [ 402.433168][ T8843] usb 5-1: USB disconnect, device number 14 [ 404.003670][T10494] input: syz0 as /devices/virtual/input/input19 [ 404.474206][ T8843] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 404.666875][ T8843] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 404.712030][ T8843] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.720284][T10504] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1608'. [ 404.728295][ T8843] usb 7-1: config 0 descriptor?? [ 404.741823][ T8843] cp210x 7-1:0.0: cp210x converter detected [ 405.274108][ T8843] cp210x 7-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 405.343789][ T8843] cp210x 7-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 405.349612][ T8843] cp210x 7-1:0.0: GPIO initialisation failed: -71 [ 405.357626][ T8843] usb 7-1: cp210x converter now attached to ttyUSB0 [ 405.362348][ T8843] usb 7-1: USB disconnect, device number 10 [ 405.367720][ T8843] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 405.371456][ T8843] cp210x 7-1:0.0: device disconnected [ 406.411649][T10512] overlayfs: failed to get index nlink (file1/file1, err=-61) [ 407.716160][T10531] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1617'. [ 407.740968][T10531] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1617'. [ 407.745659][T10531] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1617'. [ 407.796602][ T5384] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 407.832908][ T39] audit: type=1400 audit(1723028061.866:340): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=10532 comm=5E282F5B25AF [ 407.994374][ T5384] usb 7-1: Using ep0 maxpacket: 32 [ 408.005612][ T5384] usb 7-1: config 0 has no interfaces? [ 408.008227][ T5384] usb 7-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 408.012115][ T5384] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 408.031144][ T5384] usb 7-1: config 0 descriptor?? [ 408.205522][T10521] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 409.475956][T10556] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 410.587235][ T5384] usb 7-1: USB disconnect, device number 11 [ 410.757375][T10561] futex_wake_op: syz.2.1625 tries to shift op by -1; fix this program [ 410.985461][T10563] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1626'. [ 410.990044][T10563] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1626'. [ 413.695301][ T5345] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 413.701304][ T5345] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 413.705740][ T5345] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 413.734490][ T5345] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 413.737890][ T5345] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 413.740717][ T5345] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 414.176383][T10572] chnl_net:caif_netlink_parms(): no params data found [ 414.464903][T10572] bridge0: port 1(bridge_slave_0) entered blocking state [ 414.468402][T10572] bridge0: port 1(bridge_slave_0) entered disabled state [ 414.472236][T10572] bridge_slave_0: entered allmulticast mode [ 414.477446][T10572] bridge_slave_0: entered promiscuous mode [ 414.484247][T10572] bridge0: port 2(bridge_slave_1) entered blocking state [ 414.497459][T10572] bridge0: port 2(bridge_slave_1) entered disabled state [ 414.501392][T10572] bridge_slave_1: entered allmulticast mode [ 414.513750][T10572] bridge_slave_1: entered promiscuous mode [ 414.614205][T10572] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 414.621752][T10572] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 414.728889][T10572] team0: Port device team_slave_0 added [ 414.736660][T10572] team0: Port device team_slave_1 added [ 414.834311][T10572] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 414.844307][T10572] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 414.859919][T10572] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 414.884998][T10572] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 414.888105][T10572] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 414.900857][T10572] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 415.043530][T10572] hsr_slave_0: entered promiscuous mode [ 415.066201][T10572] hsr_slave_1: entered promiscuous mode [ 415.071671][T10572] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 415.077032][T10572] Cannot create hsr debugfs directory [ 415.603319][T10572] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 415.778312][ T5345] Bluetooth: hci8: command tx timeout [ 415.790580][T10572] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 415.838925][ T1289] IPVS: starting estimator thread 0... [ 415.954194][T10590] IPVS: using max 20 ests per chain, 48000 per kthread [ 416.016002][T10572] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 416.298384][T10572] bond0: (slave @): Releasing backup interface [ 416.304654][T10572] netdevsim netdevsim0 @ (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 416.724198][ T5345] Bluetooth: hci7: command 0x0406 tx timeout [ 416.796927][T10572] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 416.864211][T10572] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 416.871368][T10572] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 416.920854][T10572] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 417.082308][T10572] 8021q: adding VLAN 0 to HW filter on device bond0 [ 417.116242][T10572] 8021q: adding VLAN 0 to HW filter on device team0 [ 417.133566][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 417.136637][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 417.157512][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 417.160857][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 417.399097][T10572] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 417.471582][T10572] veth0_vlan: entered promiscuous mode [ 417.491365][T10572] veth1_vlan: entered promiscuous mode [ 417.535808][ T5351] Bluetooth: hci6: command 0x0406 tx timeout [ 417.559886][T10572] veth0_macvtap: entered promiscuous mode [ 417.568615][T10572] veth1_macvtap: entered promiscuous mode [ 417.597799][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.602486][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.608185][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.613016][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.617844][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.622530][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.627451][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.631496][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.636404][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.641060][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.645878][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.650607][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.655490][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.660007][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.665193][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 417.669706][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.685972][T10572] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 417.700346][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.714024][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.718814][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.723633][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.740556][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.746870][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.790792][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.796665][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.801152][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.824029][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.828719][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.833260][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.838722][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.843699][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.861163][T10572] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 417.862800][ T4771] Bluetooth: hci8: command tx timeout [ 417.887723][T10572] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 417.896729][T10572] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 417.905671][T10572] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.909512][T10572] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.912677][T10572] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 417.916469][T10572] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 418.064113][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.068439][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 418.145548][ T1199] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.149027][ T1199] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 418.456676][ T39] audit: type=1400 audit(1723028072.496:341): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=10615 comm=5E282F5B25AF [ 419.936740][ T4771] Bluetooth: hci8: command tx timeout [ 422.004072][ T4771] Bluetooth: hci8: command tx timeout [ 422.310638][T10643] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1644'. [ 422.331855][T10643] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1644'. [ 424.846549][T10644] block nbd1: shutting down sockets [ 427.211261][T10684] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1657'. [ 427.233408][T10678] virtio-fs: tag <(null)> not found [ 427.621209][T10689] support for the xor transformation has been removed. [ 427.768068][T10691] netlink: 368 bytes leftover after parsing attributes in process `syz.3.1660'. [ 428.249170][T10652] ------------[ cut here ]------------ [ 428.253212][T10652] WARNING: CPU: 0 PID: 10652 at mm/page_table_check.c:207 __page_table_check_ptes_set+0x2fa/0x3e0 [ 428.258898][T10652] Modules linked in: [ 428.261488][T10652] CPU: 0 UID: 0 PID: 10652 Comm: syz.2.1648 Not tainted 6.11.0-rc2-syzkaller-00013-gd4560686726f #0 [ 428.268378][T10652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 428.272904][T10652] RIP: 0010:__page_table_check_ptes_set+0x2fa/0x3e0 [ 428.276254][T10652] Code: e9 91 fe ff ff e8 46 48 97 ff 48 8b 2c 24 31 ff 83 e5 02 48 89 ee e8 65 43 97 ff 48 85 ed 0f 84 85 00 00 00 e8 27 48 97 ff 90 <0f> 0b 90 e9 e9 fd ff ff e8 19 48 97 ff eb 69 cc cc cc e8 0f 48 97 [ 428.285205][T10652] RSP: 0000:ffffc90022dcfa28 EFLAGS: 00010293 [ 428.287824][T10652] RAX: 0000000000000000 RBX: ffff888072025000 RCX: ffffffff81f3dbab SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 428.290974][T10652] RDX: ffff88801fa94880 RSI: ffffffff81f3dbb9 RDI: 0000000000000007 [ 428.295171][T10652] RBP: 0000000000000002 R08: 0000000000000007 R09: 0000000000000000 [ 428.299278][T10652] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000001 [ 428.303481][T10652] R13: ffff88801cd97200 R14: 0000000000000001 R15: 1ffff920045b9f47 [ 428.307337][T10652] FS: 0000000000000000(0000) GS:ffff88802c000000(0063) knlGS:000000005666c440 [ 428.311819][T10652] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 428.314837][T10652] CR2: 00000000200002c0 CR3: 00000000723a8000 CR4: 0000000000350ef0 [ 428.317916][T10652] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 428.336970][T10652] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 428.341485][T10652] Call Trace: [ 428.343227][T10652] [ 428.344691][T10652] ? show_regs+0x8c/0xa0 [ 428.346499][T10652] ? __warn+0xe5/0x3c0 [ 428.348139][T10652] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 428.350697][T10652] ? report_bug+0x3c0/0x580 [ 428.352914][T10652] ? handle_bug+0x3d/0x70 [ 428.355009][T10652] ? exc_invalid_op+0x17/0x50 [ 428.357205][T10652] ? asm_exc_invalid_op+0x1a/0x20 [ 428.360542][T10652] ? __page_table_check_ptes_set+0x2eb/0x3e0 [ 428.363254][T10652] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 428.366227][T10652] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 428.368891][T10652] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 428.372242][T10652] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 428.375750][T10652] ? mark_held_locks+0x9f/0xe0 [ 428.387618][T10652] ? irqentry_exit+0x3b/0x90 [ 428.389772][T10652] set_ptes.constprop.0+0x193/0x1d0 [ 428.392410][T10652] ? __pfx_set_ptes.constprop.0+0x10/0x10 [ 428.395980][T10652] ? do_swap_page+0xf39/0x3dc0 [ 428.398159][T10652] do_swap_page+0x1214/0x3dc0 [ 428.400334][T10652] ? __pfx_do_swap_page+0x10/0x10 [ 428.415982][T10652] ? pte_offset_map_nolock+0xfe/0x1c0 [ 428.418504][T10652] ? __pfx_pte_offset_map_nolock+0x10/0x10 [ 428.421184][T10652] __handle_mm_fault+0x146b/0x5360 [ 428.427588][T10652] ? __pfx_mt_find+0x10/0x10 [ 428.429787][T10652] ? rwsem_read_trylock+0x6d/0x250 [ 428.446513][T10652] ? __pfx___handle_mm_fault+0x10/0x10 [ 428.449099][T10652] ? find_vma+0xc0/0x140 [ 428.451112][T10652] ? __pfx_find_vma+0x10/0x10 [ 428.453278][T10652] handle_mm_fault+0x44e/0x7b0 [ 428.455655][T10652] ? __pkru_allows_pkey+0x52/0xb0 [ 428.457998][T10652] do_user_addr_fault+0x7a3/0x13f0 [ 428.460318][T10652] exc_page_fault+0x5c/0xc0 [ 428.462394][T10652] asm_exc_page_fault+0x26/0x30 [ 428.464766][T10652] RIP: 0023:0xf726fd71 [ 428.466681][T10652] Code: 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 f3 a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1 e9 73 02 66 a5 a5 eb e8 66 90 66 90 66 90 66 90 66 90 90 8b 44 24 0c 39 44 24 [ 428.476112][T10652] RSP: 002b:00000000ffe5a2ac EFLAGS: 00010202 [ 428.478991][T10652] RAX: 0000000000000000 RBX: 00000000f73fcff4 RCX: 0000000000000002 [ 428.482776][T10652] RDX: 0000000000000008 RSI: 00000000f6d303ae RDI: 00000000200002c0 [ 428.486943][T10652] RBP: 00000000ffe5a528 R08: 0000000000000000 R09: 0000000000000000 [ 428.490885][T10652] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 428.495214][T10652] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 428.498817][T10652] [ 428.500301][T10652] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 428.503635][T10652] CPU: 0 UID: 0 PID: 10652 Comm: syz.2.1648 Not tainted 6.11.0-rc2-syzkaller-00013-gd4560686726f #0 [ 428.508321][T10652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 428.513037][T10652] Call Trace: [ 428.514530][T10652] [ 428.515791][T10652] dump_stack_lvl+0x3d/0x1f0 [ 428.517607][T10652] panic+0x6f5/0x7a0 [ 428.519307][T10652] ? __pfx_panic+0x10/0x10 [ 428.521289][T10652] ? show_trace_log_lvl+0x363/0x500 [ 428.523551][T10652] ? check_panic_on_warn+0x1f/0xb0 [ 428.525596][T10652] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 428.527953][T10652] check_panic_on_warn+0xab/0xb0 [ 428.529888][T10652] __warn+0xf1/0x3c0 [ 428.531452][T10652] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 428.533794][T10652] report_bug+0x3c0/0x580 [ 428.535874][T10652] handle_bug+0x3d/0x70 [ 428.537736][T10652] exc_invalid_op+0x17/0x50 [ 428.539782][T10652] asm_exc_invalid_op+0x1a/0x20 [ 428.541942][T10652] RIP: 0010:__page_table_check_ptes_set+0x2fa/0x3e0 [ 428.544876][T10652] Code: e9 91 fe ff ff e8 46 48 97 ff 48 8b 2c 24 31 ff 83 e5 02 48 89 ee e8 65 43 97 ff 48 85 ed 0f 84 85 00 00 00 e8 27 48 97 ff 90 <0f> 0b 90 e9 e9 fd ff ff e8 19 48 97 ff eb 69 cc cc cc e8 0f 48 97 [ 428.553531][T10652] RSP: 0000:ffffc90022dcfa28 EFLAGS: 00010293 [ 428.556319][T10652] RAX: 0000000000000000 RBX: ffff888072025000 RCX: ffffffff81f3dbab [ 428.559845][T10652] RDX: ffff88801fa94880 RSI: ffffffff81f3dbb9 RDI: 0000000000000007 [ 428.563318][T10652] RBP: 0000000000000002 R08: 0000000000000007 R09: 0000000000000000 [ 428.566808][T10652] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000001 [ 428.570292][T10652] R13: ffff88801cd97200 R14: 0000000000000001 R15: 1ffff920045b9f47 [ 428.573807][T10652] ? __page_table_check_ptes_set+0x2eb/0x3e0 [ 428.576448][T10652] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 428.579151][T10652] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 428.581788][T10652] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 428.584575][T10652] ? mark_held_locks+0x9f/0xe0 [ 428.586733][T10652] ? irqentry_exit+0x3b/0x90 [ 428.588613][T10652] set_ptes.constprop.0+0x193/0x1d0 [ 428.590656][T10652] ? __pfx_set_ptes.constprop.0+0x10/0x10 [ 428.593142][T10652] ? do_swap_page+0xf39/0x3dc0 [ 428.595273][T10652] do_swap_page+0x1214/0x3dc0 [ 428.597370][T10652] ? __pfx_do_swap_page+0x10/0x10 [ 428.599527][T10652] ? pte_offset_map_nolock+0xfe/0x1c0 [ 428.601604][T10652] ? __pfx_pte_offset_map_nolock+0x10/0x10 [ 428.603885][T10652] __handle_mm_fault+0x146b/0x5360 [ 428.605894][T10652] ? __pfx_mt_find+0x10/0x10 [ 428.607976][T10652] ? rwsem_read_trylock+0x6d/0x250 [ 428.610325][T10652] ? __pfx___handle_mm_fault+0x10/0x10 [ 428.612735][T10652] ? find_vma+0xc0/0x140 [ 428.614638][T10652] ? __pfx_find_vma+0x10/0x10 [ 428.616864][T10652] handle_mm_fault+0x44e/0x7b0 [ 428.619067][T10652] ? __pkru_allows_pkey+0x52/0xb0 [ 428.621255][T10652] do_user_addr_fault+0x7a3/0x13f0 [ 428.623472][T10652] exc_page_fault+0x5c/0xc0 [ 428.625458][T10652] asm_exc_page_fault+0x26/0x30 [ 428.627592][T10652] RIP: 0023:0xf726fd71 [ 428.629414][T10652] Code: 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 f3 a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1 e9 73 02 66 a5 a5 eb e8 66 90 66 90 66 90 66 90 66 90 90 8b 44 24 0c 39 44 24 [ 428.637874][T10652] RSP: 002b:00000000ffe5a2ac EFLAGS: 00010202 [ 428.640576][T10652] RAX: 0000000000000000 RBX: 00000000f73fcff4 RCX: 0000000000000002 [ 428.643851][T10652] RDX: 0000000000000008 RSI: 00000000f6d303ae RDI: 00000000200002c0 [ 428.647210][T10652] RBP: 00000000ffe5a528 R08: 0000000000000000 R09: 0000000000000000 [ 428.650455][T10652] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 428.653753][T10652] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 428.657165][T10652] [ 428.659145][T10652] Kernel Offset: disabled [ 428.661585][T10652] Rebooting in 86400 seconds.. VM DIAGNOSIS: 10:46:37 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff84fa5935 RDI=ffffffff9511c340 RBP=ffffffff9511c300 RSP=ffffc90022dcf3e0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000005 R14=ffffffff84fa58d0 R15=0000000000000000 RIP=ffffffff84fa595f RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000200002c0 CR3=00000000723a8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000002 RBX=0000000000000000 RCX=ffffffff84750c56 RDX=ffff888021f50000 RSI=0000000000000000 RDI=0000000000000005 RBP=1ffff92001d27f81 RSP=ffffc9000e93fc00 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=dffffc0000000000 R13=0000000000008002 R14=ffff88802b4ae000 R15=ffff88802b4ae2d0 RIP=ffffffff818b23e0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c100000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002003e000 CR3=0000000067582000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000003 RBX=ffff888076bea270 RCX=0000000000000001 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000007 RBP=000000009fda2882 RSP=ffffc90003c474a8 R8 =0000000000000007 R9 =0000000000000005 R10=0000000000000821 R11=ffff88801b8001a3 R12=382ff1ffffffff81 R13=ffff88801b8001a3 R14=ffff888076bea23b R15=ffff888076bea27b RIP=ffffffff848934ce RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fcc4f08ed00 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055a308bb2000 CR3=0000000025dd4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=7be175bd7be175bd 7be175bd7be175bd 7be175bd7be175bd 7be175bd7be175bd 7be175bd7be175bd 7be175bd7be175bd 7be175bd7be175bd 7be175bd7be175bd ZMM22=ce3844f9ce3844f9 ce3844f9ce3844f9 ce3844f9ce3844f9 ce3844f9ce3844f9 ce3844f9ce3844f9 ce3844f9ce3844f9 ce3844f9ce3844f9 ce3844f9ce3844f9 ZMM23=c885aa8ec885aa8e c885aa8ec885aa8e c885aa8ec885aa8e c885aa8ec885aa8e c885aa8ec885aa8e c885aa8ec885aa8e c885aa8ec885aa8e c885aa8ec885aa8e ZMM24=aaba24a6aaba24a6 aaba24a6aaba24a6 aaba24a6aaba24a6 aaba24a6aaba24a6 aaba24a6aaba24a6 aaba24a6aaba24a6 aaba24a6aaba24a6 aaba24a6aaba24a6 ZMM25=ce78d913ce78d913 ce78d913ce78d913 ce78d913ce78d913 ce78d913ce78d913 ce78d913ce78d913 ce78d913ce78d913 ce78d913ce78d913 ce78d913ce78d913 ZMM26=3d4bd9573d4bd957 3d4bd9573d4bd957 3d4bd9573d4bd957 3d4bd9573d4bd957 3d4bd9573d4bd957 3d4bd9573d4bd957 3d4bd9573d4bd957 3d4bd9573d4bd957 ZMM27=1a3cd0341a3cd034 1a3cd0341a3cd034 1a3cd0341a3cd034 1a3cd0341a3cd034 1a3cd0341a3cd034 1a3cd0341a3cd034 1a3cd0341a3cd034 1a3cd0341a3cd034 ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=a50f0000a50f0000 a50f0000a50f0000 a50f0000a50f0000 a50f0000a50f0000 a50f0000a50f0000 a50f0000a50f0000 a50f0000a50f0000 a50f0000a50f0000 info registers vcpu 3 CPU#3 RAX=0000000000000001 RBX=4875d9bd3131d153 RCX=ffffffff816914a8 RDX=1ffff11003512a6a RSI=0000000000000008 RDI=ffffffff945b56c8 RBP=0000000000000001 RSP=ffffc900005f0b90 R8 =0000000000000000 R9 =fffffbfff28b6ad9 R10=ffffffff945b56cf R11=0000000000000000 R12=0000000000000002 R13=ffff88801a895388 R14=0000000000000042 R15=ffff88801a894880 RIP=ffffffff81691629 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000571a04c0 CR3=00000000610f6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000