last executing test programs: 1.311121025s ago: executing program 1 (id=2611): r0 = socket$kcm(0x29, 0x2, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) dup3(r0, r1, 0x0) write$FUSE_STATFS(r1, 0x0, 0x0) 1.221616011s ago: executing program 1 (id=2612): r0 = socket$nl_generic(0x10, 0x3, 0x10) getpeername(r0, &(0x7f0000000d80)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, &(0x7f0000000080)=0x80) dup2(r0, r1) sendmsg$MPTCP_PM_CMD_GET_ADDR(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x14}, 0x14}}, 0x0) 1.161696209s ago: executing program 1 (id=2616): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) syz_usb_connect$printer(0x0, 0x36, 0x0, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$TCSBRK(r2, 0x5409, 0x0) 771.055153ms ago: executing program 3 (id=2629): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, 0x2, 0x2, 0x69e97df19eb07bb9}, 0x14}}, 0x0) 621.844576ms ago: executing program 0 (id=2631): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$VHOST_VDPA_GET_GROUP_NUM(r0, 0xaf01, 0x0) 621.72703ms ago: executing program 3 (id=2632): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) fstatfs(r0, &(0x7f00000007c0)=""/4096) 621.621057ms ago: executing program 2 (id=2633): r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020f4732e7eb702b161c1ded69e57fb002b1f00", 0x26) syz_genetlink_get_family_id$wireguard(&(0x7f0000000100), r0) 561.696666ms ago: executing program 1 (id=2634): r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) dup2(r1, r0) sendmsg$IPCTNL_MSG_EXP_GET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, 0x1, 0x2, 0x5}, 0x14}}, 0x0) recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0) 561.554014ms ago: executing program 0 (id=2635): pipe2(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) dup2(r1, r0) getsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000001040)=""/55, &(0x7f0000001080)=0x37) 464.607623ms ago: executing program 2 (id=2636): r0 = epoll_create1(0x0) close(r0) creat(&(0x7f0000003480)='./file0\x00', 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000003600), 0x0, 0x0, 0x0) 396.310903ms ago: executing program 1 (id=2637): lsetxattr$security_capability(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0x0) 396.139023ms ago: executing program 3 (id=2638): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @private2}, 0x1c) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x5411, &(0x7f00000006c0)) 394.397254ms ago: executing program 0 (id=2639): r0 = socket(0x2, 0x80805, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000500), 0xc) 308.458613ms ago: executing program 3 (id=2640): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{r0, 0xffffffffffffffff}, &(0x7f0000000380), &(0x7f00000003c0)='%+9llu \x00'}, 0x20) vmsplice(r2, 0x0, 0x0, 0x0) 308.292965ms ago: executing program 2 (id=2641): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$EXT4_IOC_GET_ES_CACHE(r1, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x49b}) write(r0, &(0x7f0000000080)="01", 0x1) 308.110665ms ago: executing program 1 (id=2642): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) syz_usb_connect(0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, "7e12ddc5a89047bf00"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x2) read(r1, 0x0, 0x2006) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) ioctl$TCSETA(r1, 0x5406, 0x0) 200.257087ms ago: executing program 3 (id=2643): socket$inet6_udp(0xa, 0x2, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f00000000c0)={0x109, 0x6, 0x7fff}) creat(&(0x7f0000001240)='./file0\x00', 0x102) socket$igmp(0x2, 0x3, 0x2) r1 = openat2(0xffffffffffffff9c, 0x0, &(0x7f0000000040)={0x42}, 0x18) setsockopt$inet_opts(r1, 0x0, 0xd, 0x0, 0x0) epoll_create(0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000040)='fd\x00') socket$l2tp6(0xa, 0x2, 0x73) ioctl$TIOCSETD(r2, 0x5452, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r3, 0x8983, &(0x7f0000000040)={0x0, 'macvlan1\x00'}) 200.156407ms ago: executing program 0 (id=2644): r0 = openat$sysfs(0xffffff9c, &(0x7f0000001580)='/sys/power/resume_offset', 0x42480, 0x3a) ioctl$SNDCTL_SEQ_NRSYNTHS(r0, 0x8004510a, 0x0) 200.089406ms ago: executing program 2 (id=2645): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = dup3(r0, r1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto(r3, 0x0, 0x0, 0x20000040, &(0x7f0000000280)=@in6={0xa, 0x0, 0x0, @local, 0x1}, 0x80) r4 = fcntl$dupfd(r3, 0x0, r3) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) futimesat(0xffffffffffffffff, 0x0, 0x0) r5 = fcntl$dupfd(r4, 0x0, r2) syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), r4) sendmsg$IPCTNL_MSG_EXP_GET(r5, &(0x7f0000003300)={0x0, 0x0, &(0x7f00000032c0)={0x0, 0x14}}, 0x0) 101.729907ms ago: executing program 2 (id=2646): r0 = openat$procfs(0xffffff9c, &(0x7f0000000080)='/proc/stat\x00', 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) socket$rds(0x15, 0x5, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x9c}}, 0x0) 101.582605ms ago: executing program 0 (id=2647): r0 = openat$procfs(0xffffff9c, &(0x7f0000000000)='/proc/consoles\x00', 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001d80)={0x14}, 0x14}}, 0x0) 77.565939ms ago: executing program 3 (id=2648): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100003764eb105548910023f1010203010902"], 0x0) syz_usb_disconnect(r0) pipe(&(0x7f00000000c0)) syz_usb_control_io$uac1(r0, 0x0, 0x0) 1.154733ms ago: executing program 2 (id=2649): r0 = io_uring_setup(0xb3e, &(0x7f00000002c0)) r1 = socket(0x2b, 0x1, 0x1) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c) setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}}}, 0x8c) close_range(r0, 0xffffffffffffffff, 0x0) 0s ago: executing program 0 (id=2650): openat$fb0(0xffffff9c, 0x0, 0x400000, 0x0) kernel console output (not intermixed with test programs): 8][T10602] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 411.955510][T10602] ____sys_sendmsg+0x9b4/0xb50 [ 411.957701][T10602] ? __pfx_____sys_sendmsg+0x10/0x10 [ 411.959962][T10602] ? get_compat_msghdr+0x11b/0x170 [ 411.961929][T10602] ? __pfx___lock_acquire+0x10/0x10 [ 411.964156][T10602] ___sys_sendmsg+0x135/0x1e0 [ 411.966169][T10602] ? __pfx____sys_sendmsg+0x10/0x10 [ 411.968403][T10602] ? ksys_write+0x21c/0x260 [ 411.970372][T10602] ? __fget_light+0x173/0x210 [ 411.972354][T10602] __sys_sendmsg+0x117/0x1f0 [ 411.974277][T10602] ? __pfx___sys_sendmsg+0x10/0x10 [ 411.976234][T10602] __do_fast_syscall_32+0x73/0x120 [ 411.978331][T10602] do_fast_syscall_32+0x32/0x80 [ 411.980426][T10602] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 411.982537][T10602] RIP: 0023:0xf73de579 [ 411.984050][T10602] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 411.991555][T10602] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 411.994485][T10602] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020000280 [ 411.997227][T10602] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 412.000246][T10602] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 412.003305][T10602] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 412.006263][T10602] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 412.009630][T10602] [ 412.722237][ T66] Bluetooth: hci5: command tx timeout [ 413.313431][T10624] netlink: 'syz.0.1395': attribute type 5 has an invalid length. [ 413.316807][T10624] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1395'. [ 414.373625][T10639] fuse: Unknown parameter 'fJ' [ 414.690619][T10655] netlink: 'syz.0.1403': attribute type 4 has an invalid length. [ 414.812059][ T66] Bluetooth: hci5: command tx timeout [ 414.832541][T10658] netlink: 'syz.0.1404': attribute type 2 has an invalid length. [ 414.841971][T10658] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1404'. [ 414.846367][T10658] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 415.014980][T10662] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1405'. [ 415.028559][T10662] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1405'. [ 415.037309][T10662] netlink: 'syz.1.1405': attribute type 1 has an invalid length. [ 415.040867][T10662] nbd: error processing sock list [ 416.034855][T10674] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1408'. [ 416.048495][ T66] Bluetooth: hci0: unexpected event 0x2f length: 763 > 260 [ 416.065493][ T66] Bluetooth: hci0: SCO packet for unknown connection handle 200 [ 416.192273][T10674] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1408'. [ 416.261265][T10684] xt_CT: No such helper "syz1" [ 416.269600][T10679] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 417.149097][T10690] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1413'. [ 418.313703][T10701] fuse: Unknown parameter '0x0000000000000003' [ 418.610558][T10703] netlink: 'syz.3.1417': attribute type 2 has an invalid length. [ 418.622748][T10703] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1417'. [ 418.626800][T10703] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 418.923440][T10715] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 419.972756][T10732] fuse: Unknown parameter '0x0000000000000003' [ 420.122380][T10734] bridge0: port 2(bridge_slave_1) entered disabled state [ 420.125987][T10734] bridge0: port 1(bridge_slave_0) entered disabled state [ 420.142018][T10734] bridge0: entered allmulticast mode [ 420.179259][T10734] bridge_slave_1: left allmulticast mode [ 420.182148][T10734] bridge_slave_1: left promiscuous mode [ 420.184856][T10734] bridge0: port 2(bridge_slave_1) entered disabled state [ 420.193196][T10734] bridge_slave_0: left allmulticast mode [ 420.195738][T10734] bridge_slave_0: left promiscuous mode [ 420.198441][T10734] bridge0: port 1(bridge_slave_0) entered disabled state [ 420.235782][T10735] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1427'. [ 420.523739][T10738] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 420.746297][ T3179] Bluetooth: hci6: Frame reassembly failed (-84) [ 420.817139][T10744] netlink: 'syz.2.1430': attribute type 2 has an invalid length. [ 420.820919][T10744] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1430'. [ 420.827108][T10744] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 421.680129][T10754] netlink: 'syz.1.1433': attribute type 2 has an invalid length. [ 421.683509][T10754] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1433'. [ 421.688729][T10754] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 422.050567][T10760] netlink: 'syz.1.1434': attribute type 5 has an invalid length. [ 422.054152][T10760] netlink: 7 bytes leftover after parsing attributes in process `syz.1.1434'. [ 422.460410][T10769] macvlan0: entered allmulticast mode [ 422.465044][T10769] veth1_vlan: entered allmulticast mode [ 422.482422][T10769] macvlan0: left allmulticast mode [ 422.484896][T10769] veth1_vlan: left allmulticast mode [ 422.802219][ T5350] Bluetooth: hci6: command 0x1003 tx timeout [ 422.807138][ T66] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 422.845429][T10773] netlink: 'syz.1.1438': attribute type 5 has an invalid length. [ 422.849104][T10773] netlink: 7 bytes leftover after parsing attributes in process `syz.1.1438'. [ 423.361888][ T1286] usb 8-1: new high-speed USB device number 19 using dummy_hcd [ 423.409533][T10782] netlink: 'syz.2.1442': attribute type 4 has an invalid length. [ 423.541819][ T1286] usb 8-1: Using ep0 maxpacket: 16 [ 423.548507][ T1286] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 423.561475][ T1286] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 423.571441][ T1286] usb 8-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 423.581826][ T1286] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.589626][ T1286] usb 8-1: config 0 descriptor?? [ 423.721902][ T1417] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 423.849183][ T1286] usbhid 8-1:0.0: can't add hid device: -71 [ 423.852923][ T1286] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 423.862146][ T1286] usb 8-1: USB disconnect, device number 19 [ 423.903654][ T1417] usb 7-1: Using ep0 maxpacket: 16 [ 423.909230][ T1417] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 423.916461][ T1417] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 423.931222][ T1417] usb 7-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 423.942173][ T1417] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.963094][ T1417] usb 7-1: config 0 descriptor?? [ 424.257835][ T1417] usbhid 7-1:0.0: can't add hid device: -71 [ 424.274166][ T1417] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 424.287839][ T1417] usb 7-1: USB disconnect, device number 17 [ 424.390387][T10788] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 424.511677][T10790] fuse: Unknown parameter '0x0000000000000003' [ 424.752453][T10799] netlink: 'syz.3.1448': attribute type 4 has an invalid length. [ 425.285262][T10809] netlink: 'syz.1.1451': attribute type 4 has an invalid length. [ 425.632086][ T57] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 425.831869][ T57] usb 7-1: Using ep0 maxpacket: 16 [ 425.838332][ T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 425.853841][ T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 425.865991][ T57] usb 7-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 425.871980][ T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 425.900916][ T57] usb 7-1: config 0 descriptor?? [ 426.213269][ T57] usbhid 7-1:0.0: can't add hid device: -71 [ 426.215964][ T57] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 426.233846][ T57] usb 7-1: USB disconnect, device number 18 [ 428.511168][T10843] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1461'. [ 428.640241][T10850] netlink: 'syz.2.1463': attribute type 4 has an invalid length. [ 428.958369][T10857] affs: No valid root block on device nbd2 [ 430.365947][T10874] fuse: Unknown parameter 'fd0x0000000000000003' [ 430.426185][ T66] Bluetooth: hci0: unexpected event 0x2f length: 763 > 260 [ 430.427020][ T66] Bluetooth: hci0: SCO packet for unknown connection handle 200 [ 430.487551][T10878] netlink: 'syz.0.1473': attribute type 4 has an invalid length. [ 430.535491][T10879] xt_CT: No such helper "syz1" [ 430.725223][T10887] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1474'. [ 431.314580][T10897] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1477'. [ 431.803074][T10909] ata1.00: invalid cdb length 6 [ 431.814376][ T66] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 431.837173][T10912] netlink: 'syz.3.1481': attribute type 5 has an invalid length. [ 431.840392][T10912] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1481'. [ 432.425467][T10922] macvlan0: entered allmulticast mode [ 432.435236][T10922] veth1_vlan: entered allmulticast mode [ 432.455225][T10922] macvlan0: left allmulticast mode [ 432.457415][T10922] veth1_vlan: left allmulticast mode [ 433.563662][ T66] Bluetooth: hci0: unexpected event 0x2f length: 763 > 260 [ 433.567424][ T66] Bluetooth: hci0: SCO packet for unknown connection handle 200 [ 433.726837][T10927] xt_CT: No such helper "syz1" [ 433.853516][T10931] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1488'. [ 434.296852][T10946] overlayfs: failed to resolve './file0': -2 [ 434.297077][T10941] kvm: pic: non byte write [ 434.328075][T10944] ata1.00: invalid cdb length 6 [ 434.331505][ T66] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 434.655994][T10965] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1497'. [ 435.374991][T10975] netlink: 'syz.1.1500': attribute type 4 has an invalid length. [ 435.845689][T10987] ata1.00: invalid cdb length 6 [ 435.861024][ T66] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 435.916588][T10993] overlayfs: failed to resolve './file0': -2 [ 435.920107][T10986] kvm: pic: non byte write [ 435.951020][T10991] netlink: 'syz.2.1505': attribute type 2 has an invalid length. [ 435.954330][T10991] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1505'. [ 435.958323][T10991] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 436.189518][T11003] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1507'. [ 436.210144][T11004] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 436.314665][ T1286] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 436.399232][T11006] ax25_connect(): syz.3.1508 uses autobind, please contact jreuter@yaina.de [ 436.491897][ T1286] usb 5-1: Using ep0 maxpacket: 8 [ 436.496249][ T1286] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 436.502050][ T1286] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 436.509288][ T1286] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 436.516283][ T1286] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 436.522706][ T1286] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 436.531926][ T1286] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 436.537871][ T1286] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 436.746827][ T1286] usb 5-1: GET_CAPABILITIES returned 0 [ 436.749482][ T1286] usbtmc 5-1:16.0: can't read capabilities [ 436.948947][ T1286] usb 5-1: USB disconnect, device number 22 [ 437.063285][T11022] macvlan0: entered allmulticast mode [ 437.065796][T11022] veth1_vlan: entered allmulticast mode [ 437.069223][T11022] macvlan0: left allmulticast mode [ 437.071578][T11022] veth1_vlan: left allmulticast mode [ 437.166146][T10995] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 437.399409][T11031] kvm: pic: non byte write [ 439.925888][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.928907][ T1377] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.088950][T11059] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 440.609428][T11070] ata1.00: invalid cdb length 6 [ 440.908629][T11085] netlink: 'syz.1.1535': attribute type 1 has an invalid length. [ 440.917312][T11085] netlink: 'syz.1.1535': attribute type 4 has an invalid length. [ 440.920005][T11085] netlink: 15334 bytes leftover after parsing attributes in process `syz.1.1535'. [ 440.983815][T11080] netlink: 'syz.3.1532': attribute type 2 has an invalid length. [ 440.988138][T11080] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1532'. [ 441.022303][T11080] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 441.119816][T11088] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 441.253630][T11095] netlink: 'syz.3.1538': attribute type 2 has an invalid length. [ 441.256966][T11095] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1538'. [ 441.271402][T11095] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 442.045002][ T66] Bluetooth: hci0: unexpected event 0x2f length: 763 > 260 [ 442.046867][ T66] Bluetooth: hci0: SCO packet for unknown connection handle 200 [ 442.062494][T11116] netlink: 'syz.2.1543': attribute type 1 has an invalid length. [ 442.068978][T11116] netlink: 'syz.2.1543': attribute type 4 has an invalid length. [ 442.072508][T11116] netlink: 15334 bytes leftover after parsing attributes in process `syz.2.1543'. [ 442.206511][T11117] xt_CT: No such helper "syz1" [ 442.598199][T11126] netlink: 'syz.3.1546': attribute type 4 has an invalid length. [ 442.923442][ T5237] usb 8-1: new high-speed USB device number 20 using dummy_hcd [ 443.103183][ T5237] usb 8-1: Using ep0 maxpacket: 16 [ 443.129460][ T5237] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 443.135644][ T5237] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 443.139963][ T5237] usb 8-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 443.145062][ T5237] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 443.149815][ T5237] usb 8-1: config 0 descriptor?? [ 443.364986][T11140] macvlan0: entered allmulticast mode [ 443.367505][T11140] veth1_vlan: entered allmulticast mode [ 443.375575][T11140] macvlan0: left allmulticast mode [ 443.377811][T11140] veth1_vlan: left allmulticast mode [ 443.414355][T11129] binder: BINDER_SET_CONTEXT_MGR already set [ 443.418781][T11129] binder: 11127:11129 ioctl 4018620d 20000100 returned -16 [ 443.428891][T11129] binder: 11127:11129 ioctl c018620c 20000000 returned -1 [ 443.471499][ T5237] usbhid 8-1:0.0: can't add hid device: -71 [ 443.475349][ T5237] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 443.489050][ T5237] usb 8-1: USB disconnect, device number 20 [ 444.203584][T11152] ata1.00: invalid cdb length 6 [ 444.451717][T11155] netlink: 'syz.3.1557': attribute type 4 has an invalid length. [ 444.735524][T11160] ata1.00: invalid cdb length 6 [ 444.797771][T11161] kvm: pic: non byte write [ 446.650245][T11192] netlink: 'syz.0.1567': attribute type 4 has an invalid length. [ 446.780488][ T66] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 447.934101][ T66] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 448.227422][T11206] ax25_connect(): syz.1.1571 uses autobind, please contact jreuter@yaina.de [ 449.315467][T11216] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 449.365999][T11216] infiniband sy÷Ý: RDMA CMA: cma_listen_on_dev, error -98 [ 449.589496][T11219] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1575'. [ 449.600976][T11219] netlink: 540 bytes leftover after parsing attributes in process `syz.2.1575'. [ 449.605938][T11219] netlink: 540 bytes leftover after parsing attributes in process `syz.2.1575'. [ 449.739072][T11225] affs: No valid root block on device nbd0 [ 450.421222][ T5408] usb 8-1: new high-speed USB device number 21 using dummy_hcd [ 450.611840][ T5408] usb 8-1: Using ep0 maxpacket: 16 [ 450.623006][ T5408] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 450.628038][ T5408] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 450.632714][ T5408] usb 8-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 450.646090][ T5408] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 450.662681][ T5408] usb 8-1: config 0 descriptor?? [ 450.930324][ T5408] usbhid 8-1:0.0: can't add hid device: -71 [ 450.933403][ T5408] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 450.968880][ T5408] usb 8-1: USB disconnect, device number 21 [ 451.663465][ T66] Bluetooth: hci5: unexpected event 0x09 length: 4 > 3 [ 451.955827][T11241] macvlan0: entered allmulticast mode [ 451.961238][T11241] veth1_vlan: entered allmulticast mode [ 451.969077][T11241] macvlan0: left allmulticast mode [ 451.971363][T11241] veth1_vlan: left allmulticast mode [ 452.524383][T11249] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 452.689782][T11254] macvlan0: entered allmulticast mode [ 452.700548][T11254] veth1_vlan: entered allmulticast mode [ 452.724707][T11254] macvlan0: left allmulticast mode [ 452.730103][T11254] veth1_vlan: left allmulticast mode [ 452.825046][T11256] netlink: 'syz.0.1586': attribute type 5 has an invalid length. [ 452.831858][T11256] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1586'. [ 453.466079][ T66] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 453.745895][T11267] FAULT_INJECTION: forcing a failure. [ 453.745895][T11267] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 453.760465][T11267] CPU: 2 UID: 0 PID: 11267 Comm: syz.1.1590 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0 [ 453.765392][T11267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 453.770009][T11267] Call Trace: [ 453.771446][T11267] [ 453.772640][T11267] dump_stack_lvl+0x16c/0x1f0 [ 453.774469][T11267] should_fail_ex+0x497/0x5b0 [ 453.776257][T11267] _copy_from_user+0x30/0xf0 [ 453.778006][T11267] compat_do_replace+0x2a0/0x500 [ 453.779856][T11267] ? __pfx_compat_do_replace+0x10/0x10 [ 453.782289][T11267] ? __pfx_aa_get_newest_label+0x10/0x10 [ 453.784738][T11267] ? lock_acquire+0x1b1/0x560 [ 453.786815][T11267] ? bpf_lsm_capable+0x9/0x10 [ 453.788839][T11267] ? security_capable+0x98/0xd0 [ 453.790874][T11267] do_ipt_set_ctl+0x686/0xc10 [ 453.792931][T11267] ? trace_contention_end+0xea/0x140 [ 453.795322][T11267] ? __mutex_lock+0x1a6/0x9c0 [ 453.797358][T11267] ? __pfx_do_ipt_set_ctl+0x10/0x10 [ 453.799611][T11267] ? __pfx___mutex_lock+0x10/0x10 [ 453.801776][T11267] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 453.804361][T11267] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 453.806810][T11267] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 453.809303][T11267] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 453.811949][T11267] nf_setsockopt+0x8a/0xf0 [ 453.814213][T11267] ip_setsockopt+0xcb/0xf0 [ 453.816419][T11267] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 453.819073][T11267] do_sock_setsockopt+0x222/0x480 [ 453.822242][T11267] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 453.824798][T11267] ? __fget_light+0x173/0x210 [ 453.826930][T11267] __sys_setsockopt+0x1a4/0x270 [ 453.829535][T11267] ? __pfx___sys_setsockopt+0x10/0x10 [ 453.831819][T11267] ? fput+0x32/0x390 [ 453.833507][T11267] ? ksys_write+0x1ab/0x260 [ 453.835502][T11267] ? __pfx_ksys_write+0x10/0x10 [ 453.837600][T11267] __ia32_sys_setsockopt+0xbc/0x160 [ 453.839801][T11267] ? lockdep_hardirqs_on+0x7c/0x110 [ 453.842025][T11267] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 453.844764][T11267] __do_fast_syscall_32+0x73/0x120 [ 453.846988][T11267] do_fast_syscall_32+0x32/0x80 [ 453.849061][T11267] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 453.851495][T11267] RIP: 0023:0xf7f00579 [ 453.853019][T11267] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 453.860298][T11267] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 453.863970][T11267] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 453.867036][T11267] RDX: 0000000000000040 RSI: 0000000020000000 RDI: 00000000000002e0 [ 453.870629][T11267] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 453.874038][T11267] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 453.877202][T11267] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 453.880431][T11267] [ 454.012616][ T66] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 454.243486][T11272] REISERFS warning (device nullb0): sh-2021 reiserfs_fill_super: can not find reiserfs on nullb0 [ 454.347680][T11275] ax25_connect(): syz.1.1592 uses autobind, please contact jreuter@yaina.de [ 455.331134][T11280] netlink: 'syz.1.1593': attribute type 5 has an invalid length. [ 455.341925][T11280] netlink: 7 bytes leftover after parsing attributes in process `syz.1.1593'. [ 456.381843][T11287] netlink: 'syz.2.1596': attribute type 2 has an invalid length. [ 456.391541][T11287] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1596'. [ 456.403065][T11287] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 456.530573][ T66] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 456.930279][T11294] ax25_connect(): syz.1.1597 uses autobind, please contact jreuter@yaina.de [ 457.779658][ T66] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 459.873678][T11335] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 459.986388][T11337] affs: No valid root block on device nbd3 [ 460.355028][T11343] affs: No valid root block on device nbd2 [ 460.967097][T11352] netlink: 'syz.0.1614': attribute type 5 has an invalid length. [ 460.970357][T11352] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1614'. [ 461.089961][T11348] kvm: pic: non byte write [ 461.641989][T11355] kvm: pic: non byte write [ 461.668087][T11359] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1616'. [ 461.826509][T11363] netlink: 540 bytes leftover after parsing attributes in process `syz.1.1618'. [ 461.830541][T11363] netlink: 540 bytes leftover after parsing attributes in process `syz.1.1618'. [ 462.001942][T11372] netlink: 540 bytes leftover after parsing attributes in process `syz.0.1621'. [ 462.006019][T11372] netlink: 540 bytes leftover after parsing attributes in process `syz.0.1621'. [ 462.026993][T11370] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 462.076498][T11374] netlink: 'syz.0.1622': attribute type 4 has an invalid length. [ 462.389733][T11377] kvm: pic: non byte write [ 462.720918][T11382] affs: No valid root block on device nbd0 [ 463.211840][ T5345] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 463.402453][ T5345] usb 6-1: Using ep0 maxpacket: 32 [ 463.410756][ T5345] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 463.418983][ T5345] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 463.429506][ T5345] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 463.439237][ T5345] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 463.449865][ T5345] usb 6-1: config 0 interface 0 has no altsetting 0 [ 463.462234][ T5345] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 463.466125][ T5345] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 463.480023][ T5345] usb 6-1: Product: syz [ 463.482205][ T5345] usb 6-1: Manufacturer: syz [ 463.485683][ T5345] usb 6-1: SerialNumber: syz [ 463.492910][ T5345] usb 6-1: config 0 descriptor?? [ 463.503167][ T5345] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 463.512316][ T5345] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 463.563289][T11386] kvm: pic: non byte write [ 463.738012][T11384] ldusb 6-1:0.0: Write buffer overflow, 2147479232 bytes dropped [ 463.784533][T11384] vxcan1: tx address claim with different name [ 463.828621][ T25] usb 6-1: USB disconnect, device number 19 [ 463.833522][ T25] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 464.399636][T11397] FAULT_INJECTION: forcing a failure. [ 464.399636][T11397] name failslab, interval 1, probability 0, space 0, times 0 [ 464.411815][T11397] CPU: 2 UID: 0 PID: 11397 Comm: syz.3.1629 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0 [ 464.416480][T11397] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 464.421158][T11397] Call Trace: [ 464.422678][T11397] [ 464.423911][T11397] dump_stack_lvl+0x16c/0x1f0 [ 464.425688][T11397] should_fail_ex+0x497/0x5b0 [ 464.427742][T11397] ? fs_reclaim_acquire+0xae/0x160 [ 464.429997][T11397] should_failslab+0xc2/0x120 [ 464.432093][T11397] __kmalloc_cache_noprof+0x6b/0x310 [ 464.434075][T11397] ? bcm_sendmsg+0x2509/0x4390 [ 464.436126][T11397] bcm_sendmsg+0x2509/0x4390 [ 464.438079][T11397] ? __pfx_bcm_sendmsg+0x10/0x10 [ 464.440268][T11397] ? __import_iovec+0x1fd/0x6e0 [ 464.442382][T11397] ____sys_sendmsg+0x9b4/0xb50 [ 464.444536][T11397] ? __pfx_____sys_sendmsg+0x10/0x10 [ 464.446936][T11397] ? get_compat_msghdr+0x11b/0x170 [ 464.449206][T11397] ? __pfx___lock_acquire+0x10/0x10 [ 464.451226][T11397] ___sys_sendmsg+0x135/0x1e0 [ 464.453097][T11397] ? __pfx____sys_sendmsg+0x10/0x10 [ 464.455334][T11397] ? ksys_write+0x21c/0x260 [ 464.457270][T11397] ? __fget_light+0x173/0x210 [ 464.459004][T11397] __sys_sendmsg+0x117/0x1f0 [ 464.461098][T11397] ? __pfx___sys_sendmsg+0x10/0x10 [ 464.463367][T11397] __do_fast_syscall_32+0x73/0x120 [ 464.465627][T11397] do_fast_syscall_32+0x32/0x80 [ 464.467806][T11397] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 464.470677][T11397] RIP: 0023:0xf7faf579 [ 464.472467][T11397] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 464.480718][T11397] RSP: 002b:00000000f576656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 464.483976][T11397] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200 [ 464.487026][T11397] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 464.490555][T11397] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 464.494112][T11397] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 464.497718][T11397] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 464.501219][T11397] [ 464.650604][T11404] misc userio: Invalid payload size [ 464.661215][T11404] misc userio: Invalid payload size [ 465.078986][T11414] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1632'. [ 465.243079][T11417] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 466.051307][T11428] kvm: pic: non byte write [ 466.437530][T11437] misc userio: Invalid payload size [ 466.440188][T11437] misc userio: No port type given on /dev/userio [ 466.952579][T11454] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1642'. [ 466.965919][T11454] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1642'. [ 466.970024][T11454] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1642'. [ 467.128128][T11456] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1643'. [ 467.131629][T11456] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1643'. [ 467.136986][T11456] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1643'. [ 467.397657][T11463] netlink: 'syz.0.1646': attribute type 4 has an invalid length. [ 467.481871][ T5237] usb 8-1: new high-speed USB device number 22 using dummy_hcd [ 467.672003][ T5237] usb 8-1: Using ep0 maxpacket: 16 [ 467.681162][ T5237] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 467.688937][ T5237] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 467.699168][ T5237] usb 8-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 467.702452][ T5237] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.712446][ T5237] usb 8-1: config 0 descriptor?? [ 468.180652][ T5237] usbhid 8-1:0.0: can't add hid device: -71 [ 468.187926][ T5237] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 468.199200][ T5237] usb 8-1: USB disconnect, device number 22 [ 468.950397][T11475] netlink: 540 bytes leftover after parsing attributes in process `syz.3.1650'. [ 468.966160][T11475] netlink: 540 bytes leftover after parsing attributes in process `syz.3.1650'. [ 469.152794][T11477] xt_CT: You must specify a L4 protocol and not use inversions on it [ 469.185778][T11476] block nbd1: shutting down sockets [ 469.320559][T11481] 9pnet_fd: Insufficient options for proto=fd [ 470.647494][T11487] misc userio: Invalid payload size [ 470.650004][T11487] misc userio: Invalid payload size [ 471.759473][ T5350] Bluetooth: hci0: unexpected event 0x2f length: 763 > 260 [ 471.760480][ T5350] Bluetooth: hci0: SCO packet for unknown connection handle 200 [ 471.893509][T11503] xt_CT: No such helper "syz1" [ 472.877399][T11512] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1658'. [ 472.885081][T11512] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1658'. [ 472.888576][T11512] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1658'. [ 472.972897][T11516] FAULT_INJECTION: forcing a failure. [ 472.972897][T11516] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 472.978482][T11516] CPU: 3 UID: 0 PID: 11516 Comm: syz.1.1660 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0 [ 472.982926][T11516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 472.987743][T11516] Call Trace: [ 472.989122][T11516] [ 472.990578][T11516] dump_stack_lvl+0x16c/0x1f0 [ 472.992693][T11516] should_fail_ex+0x497/0x5b0 [ 472.994486][T11516] _copy_from_user+0x30/0xf0 [ 472.996394][T11516] bpf_test_init.isra.0+0xf1/0x150 [ 472.998595][T11516] bpf_prog_test_run_xdp+0x4f6/0x1530 [ 473.000895][T11516] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 473.003270][T11516] ? fput+0x32/0x390 [ 473.005028][T11516] ? __bpf_prog_get+0xa0/0x2f0 [ 473.007079][T11516] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 473.009577][T11516] __sys_bpf+0x141f/0x5600 [ 473.011402][T11516] ? __pfx___sys_bpf+0x10/0x10 [ 473.013236][T11516] ? ksys_write+0x12f/0x260 [ 473.014963][T11516] ? find_held_lock+0x2d/0x110 [ 473.017069][T11516] ? ksys_write+0x21c/0x260 [ 473.019022][T11516] ? __pfx_lock_release+0x10/0x10 [ 473.021223][T11516] ? vfs_write+0x14d/0x1140 [ 473.023450][T11516] ? __mutex_unlock_slowpath+0x164/0x650 [ 473.025899][T11516] ? fput+0x32/0x390 [ 473.027978][T11516] ? ksys_write+0x1ab/0x260 [ 473.030242][T11516] ? __pfx_ksys_write+0x10/0x10 [ 473.032383][T11516] __ia32_sys_bpf+0x76/0xe0 [ 473.034372][T11516] __do_fast_syscall_32+0x73/0x120 [ 473.036966][T11516] do_fast_syscall_32+0x32/0x80 [ 473.040172][T11516] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 473.043480][T11516] RIP: 0023:0xf7f00579 [ 473.045544][T11516] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 473.054113][T11516] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 473.057602][T11516] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000340 [ 473.060587][T11516] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 473.063716][T11516] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 473.067077][T11516] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 473.070414][T11516] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 473.073821][T11516] [ 473.075271][ C3] vkms_vblank_simulate: vblank timer overrun [ 473.091835][ T1417] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 473.322060][ T1417] usb 5-1: Using ep0 maxpacket: 16 [ 473.328224][ T1417] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 473.346199][ T1417] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 473.362870][ T1417] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 473.381952][ T1417] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 473.397502][ T1417] usb 5-1: config 0 descriptor?? [ 473.691384][ T1417] usbhid 5-1:0.0: can't add hid device: -71 [ 473.698574][ T1417] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 473.710287][ T1417] usb 5-1: USB disconnect, device number 23 [ 474.383016][T11526] misc userio: Invalid payload size [ 474.391999][T11526] misc userio: Invalid payload size [ 474.536930][ T5350] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 475.574416][T11537] overlayfs: failed to resolve './file1': -2 [ 476.352633][T11541] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1667'. [ 476.357017][T11541] netlink: 'syz.1.1667': attribute type 2 has an invalid length. [ 476.360197][T11541] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1667'. [ 476.449400][T11544] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1668'. [ 476.454461][T11544] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1668'. [ 476.458687][T11544] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1668'. [ 477.541308][ T39] audit: type=1400 audit(1723425637.183:119): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=11555 comm=5E282F5B25AF [ 477.644039][ T5350] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 477.709492][T11563] netlink: 'syz.0.1674': attribute type 5 has an invalid length. [ 477.719549][T11563] netlink: 7 bytes leftover after parsing attributes in process `syz.0.1674'. [ 477.979516][T11564] ax25_connect(): syz.1.1673 uses autobind, please contact jreuter@yaina.de [ 479.262066][T11591] overlayfs: missing 'lowerdir' [ 479.510990][T11596] input: syz1 as /devices/virtual/input/input85 [ 479.852153][T11599] netlink: 'syz.2.1683': attribute type 5 has an invalid length. [ 479.862045][T11599] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1683'. [ 480.820562][ T66] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 480.828293][ T66] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 480.832833][ T66] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 480.843257][ T66] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 480.852553][ T66] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 480.856290][ T66] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 481.183748][T11612] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1686'. [ 481.368321][T11605] chnl_net:caif_netlink_parms(): no params data found [ 481.659539][T11605] bridge0: port 1(bridge_slave_0) entered blocking state [ 481.671984][T11605] bridge0: port 1(bridge_slave_0) entered disabled state [ 481.676696][T11605] bridge_slave_0: entered allmulticast mode [ 481.680641][T11605] bridge_slave_0: entered promiscuous mode [ 481.695251][T11621] misc userio: Invalid payload size [ 481.714293][T11605] bridge0: port 2(bridge_slave_1) entered blocking state [ 481.717144][T11605] bridge0: port 2(bridge_slave_1) entered disabled state [ 481.719946][T11605] bridge_slave_1: entered allmulticast mode [ 481.730386][T11621] misc userio: Invalid payload size [ 481.735178][T11605] bridge_slave_1: entered promiscuous mode [ 481.746464][T11628] affs: No valid root block on device nbd2 [ 481.907206][T11605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 481.925786][T11605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 482.069320][T11605] team0: Port device team_slave_0 added [ 482.076886][T11605] team0: Port device team_slave_1 added [ 482.145641][T11630] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 482.188845][T11605] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 482.192120][T11605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 482.206603][T11605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 482.213689][T11605] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 482.216821][T11605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 482.230738][T11605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 482.381589][T11605] hsr_slave_0: entered promiscuous mode [ 482.388365][T11605] hsr_slave_1: entered promiscuous mode [ 482.393932][T11605] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 482.396735][T11605] Cannot create hsr debugfs directory [ 482.741395][T11605] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 482.876435][T11605] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 482.882090][ T5350] Bluetooth: hci6: command tx timeout [ 483.053915][T11605] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 483.191157][T11605] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 483.279593][T11635] netlink: 'syz.0.1692': attribute type 6 has an invalid length. [ 483.287378][T11635] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1692'. [ 483.298178][T11637] tmpfs: Bad value for 'mpol' [ 483.423003][ T39] audit: type=1800 audit(1723425643.063:120): pid=11635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1692" name="file1" dev="overlay" ino=2643 res=0 errno=0 [ 483.508067][T11605] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 483.531100][T11605] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 483.549817][T11605] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 483.566763][T11605] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 483.619739][ T5350] Bluetooth: hci1: unexpected event 0x2f length: 763 > 260 [ 483.620673][ T5350] Bluetooth: hci1: SCO packet for unknown connection handle 200 [ 483.707876][T11605] 8021q: adding VLAN 0 to HW filter on device bond0 [ 483.748933][T11605] 8021q: adding VLAN 0 to HW filter on device team0 [ 483.766728][ T1098] bridge0: port 1(bridge_slave_0) entered blocking state [ 483.767677][T11644] xt_CT: No such helper "syz1" [ 483.770048][ T1098] bridge0: port 1(bridge_slave_0) entered forwarding state [ 483.796057][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state [ 483.799410][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state [ 483.910749][T11605] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 484.074815][ T5350] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 484.200972][T11605] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 484.288003][T11605] veth0_vlan: entered promiscuous mode [ 484.301064][T11605] veth1_vlan: entered promiscuous mode [ 484.335668][T11605] veth0_macvtap: entered promiscuous mode [ 484.347450][T11605] veth1_macvtap: entered promiscuous mode [ 484.388371][T11605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 484.406885][T11605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.426086][T11605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 484.435162][T11605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.439849][T11605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 484.449173][T11605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.454694][T11605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 484.461691][T11605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.479819][T11605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 484.490724][T11605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.495368][T11605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 484.497136][T11658] ax25_connect(): syz.1.1697 uses autobind, please contact jreuter@yaina.de [ 484.499743][T11605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.516427][T11605] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 484.537129][T11605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 484.541100][T11605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.547379][T11605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 484.556464][T11605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.561053][T11605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 484.565834][T11605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.570761][T11605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 484.591028][T11605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.603043][T11605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 484.612292][T11605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.616664][T11605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 484.631345][T11605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.644663][T11605] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 484.664677][T11605] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 484.672124][T11605] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 484.678504][T11605] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 484.683910][T11605] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 484.905238][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 484.908602][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 484.972005][ T5350] Bluetooth: hci6: command tx timeout [ 485.082014][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 485.085399][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 485.551812][T11676] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 485.585152][T11680] overlayfs: missing 'lowerdir' [ 485.589096][T11670] kvm: pic: non byte write [ 485.624915][T11681] capability: warning: `syz.2.1701' uses 32-bit capabilities (legacy support in use) [ 486.121364][T11665] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1699'. [ 486.209359][T11692] FAULT_INJECTION: forcing a failure. [ 486.209359][T11692] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 486.231339][T11692] CPU: 0 UID: 0 PID: 11692 Comm: syz.3.1702 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0 [ 486.236417][T11692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 486.240556][T11692] Call Trace: [ 486.242076][T11692] [ 486.243485][T11692] dump_stack_lvl+0x16c/0x1f0 [ 486.245783][T11692] should_fail_ex+0x497/0x5b0 [ 486.247896][T11692] ? fs_reclaim_acquire+0xae/0x160 [ 486.249837][T11692] should_fail_alloc_page+0xe7/0x130 [ 486.251902][T11692] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 486.254371][T11692] ? __pfx_mark_lock+0x10/0x10 [ 486.256579][T11692] __alloc_pages_noprof+0x194/0x2460 [ 486.259202][T11692] ? __pfx_register_lock_class+0x10/0x10 [ 486.261429][T11692] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 486.263578][T11692] ? __pfx___lock_acquire+0x10/0x10 [ 486.265643][T11692] ? find_held_lock+0x59/0x110 [ 486.267456][T11692] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 486.269835][T11692] ? policy_nodemask+0xea/0x4e0 [ 486.271854][T11692] alloc_pages_mpol_noprof+0x275/0x610 [ 486.274133][T11692] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 486.276412][T11692] ? rwsem_read_trylock+0x12d/0x250 [ 486.278466][T11692] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 486.280840][T11692] ? __pfx___might_resched+0x10/0x10 [ 486.283154][T11692] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 486.285426][T11692] pte_alloc_one+0x20/0x370 [ 486.287162][T11692] __pte_alloc+0x6e/0x3a0 [ 486.288916][T11692] ? __pfx___pte_alloc+0x10/0x10 [ 486.290764][T11692] ? mm_alloc_pmd+0x15c/0x240 [ 486.292579][T11692] move_pages+0xefa/0x4b00 [ 486.294696][T11692] ? __pfx_move_pages+0x10/0x10 [ 486.297919][T11692] ? __pfx_lock_release+0x10/0x10 [ 486.300245][T11692] ? __pfx___might_resched+0x10/0x10 [ 486.302507][T11692] ? __might_fault+0xe3/0x190 [ 486.304343][T11692] userfaultfd_ioctl+0x5e1/0x5f10 [ 486.306382][T11692] ? tomoyo_path_number_perm+0x190/0x5b0 [ 486.308906][T11692] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 486.311548][T11692] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 486.314661][T11692] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 486.316792][T11692] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 486.318633][T11692] ? __pfx_lock_release+0x10/0x10 [ 486.320566][T11692] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 486.322946][T11692] ? __fget_files+0x256/0x400 [ 486.324786][T11692] ? __pfx_userfaultfd_ioctl+0x10/0x10 [ 486.326836][T11692] ? compat_ptr_ioctl+0x71/0xb0 [ 486.328701][T11692] compat_ptr_ioctl+0x71/0xb0 [ 486.330495][T11692] ? __pfx_compat_ptr_ioctl+0x10/0x10 [ 486.332427][T11692] __do_compat_sys_ioctl+0x2c3/0x330 [ 486.334155][T11692] __do_fast_syscall_32+0x73/0x120 [ 486.335835][T11692] do_fast_syscall_32+0x32/0x80 [ 486.337450][T11692] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 486.339519][T11692] RIP: 0023:0xf7f44579 [ 486.341089][T11692] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 486.348658][T11692] RSP: 002b:00000000f56b456c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 486.351753][T11692] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000c028aa05 [ 486.354900][T11692] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 486.357468][T11692] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 486.360033][T11692] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 486.363105][T11692] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 486.366416][T11692] [ 486.817967][T11697] misc userio: Invalid payload size [ 486.838238][T11697] misc userio: Invalid payload size [ 487.042048][ T5350] Bluetooth: hci6: command tx timeout [ 487.085387][ T9760] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 487.099915][ T9760] hid-generic 0000:0000:0000.0009: hidraw1: HID v0.00 Device [syz0] on syz0 [ 487.648891][T11719] ax25_connect(): syz.2.1709 uses autobind, please contact jreuter@yaina.de [ 488.661143][T11728] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 488.734067][T11734] affs: No valid root block on device nbd2 [ 488.769403][T11734] ptrace attach of "/syz-executor exec"[8342] was attempted by "/syz-executor exec"[11734] [ 489.121895][ T5350] Bluetooth: hci6: command tx timeout [ 489.717418][T11738] misc userio: Invalid payload size [ 489.731797][T11738] misc userio: Invalid payload size [ 489.795945][T11741] netlink: 'syz.3.1716': attribute type 4 has an invalid length. [ 489.913267][T11743] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1717'. [ 489.932067][ T5345] IPVS: starting estimator thread 0... [ 489.946671][T11745] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 490.021936][T11746] IPVS: using max 19 ests per chain, 45600 per kthread [ 490.212551][T11750] macvlan0: entered allmulticast mode [ 490.219578][T11750] veth1_vlan: entered allmulticast mode [ 490.225299][T11750] macvlan0: left allmulticast mode [ 490.227513][T11750] veth1_vlan: left allmulticast mode [ 490.987896][T11757] bridge0: port 2(bridge_slave_1) entered disabled state [ 490.991170][T11757] bridge0: port 1(bridge_slave_0) entered disabled state [ 491.001121][T11757] bridge0: entered allmulticast mode [ 491.029435][T11757] bridge_slave_1: left allmulticast mode [ 491.037753][T11757] bridge_slave_1: left promiscuous mode [ 491.040493][T11757] bridge0: port 2(bridge_slave_1) entered disabled state [ 491.056579][T11757] bridge_slave_0: left allmulticast mode [ 491.059403][T11757] bridge_slave_0: left promiscuous mode [ 491.063458][T11757] bridge0: port 1(bridge_slave_0) entered disabled state [ 491.131338][T11761] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1721'. [ 492.269449][T11772] misc userio: Invalid payload size [ 492.278570][T11772] misc userio: Invalid payload size [ 492.309221][T11769] pim6reg: entered allmulticast mode [ 492.342717][T11769] pim6reg: left allmulticast mode [ 492.413928][T11776] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1726'. [ 492.431907][T11776] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1726'. [ 492.676135][T11778] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1727'. [ 492.689024][T11778] netlink: 540 bytes leftover after parsing attributes in process `syz.2.1727'. [ 492.696302][T11778] netlink: 540 bytes leftover after parsing attributes in process `syz.2.1727'. [ 492.776276][T11780] tmpfs: Bad value for 'mpol' [ 492.883825][ T5350] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 492.962055][T11790] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1731'. [ 493.268612][T11791] ax25_connect(): syz.0.1730 uses autobind, please contact jreuter@yaina.de [ 493.371930][ T1286] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 493.551830][ T1286] usb 7-1: Using ep0 maxpacket: 16 [ 493.565075][ T1286] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 493.569658][ T1286] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 493.612785][ T1286] usb 7-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 493.624243][ T1286] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 493.638381][ T1286] usb 7-1: config 0 descriptor?? [ 494.026753][ T1286] usbhid 7-1:0.0: can't add hid device: -71 [ 494.029182][ T1286] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 494.046772][ T1286] usb 7-1: USB disconnect, device number 19 [ 494.329411][T11801] misc userio: Invalid payload size [ 494.339087][T11801] misc userio: Invalid payload size [ 494.576562][ T39] audit: type=1326 audit(1723425654.223:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11803 comm="syz.0.1735" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7fc00000 [ 494.596059][ T39] audit: type=1326 audit(1723425654.233:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11803 comm="syz.0.1735" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73de579 code=0x7fc00000 [ 494.641284][ T39] audit: type=1400 audit(1723425654.283:123): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=11806 comm=5E282F5B25AF [ 494.653761][T11805] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1735'. [ 494.681948][T11805] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1735'. [ 495.256419][ T39] audit: type=1326 audit(1723425654.903:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11803 comm="syz.0.1735" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7fc00000 [ 495.553430][T11818] netlink: 'syz.2.1739': attribute type 5 has an invalid length. [ 495.558029][T11818] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1739'. [ 496.654443][T11835] overlayfs: missing 'workdir' [ 496.664492][T11833] kvm: pic: non byte write [ 496.893501][ T66] Bluetooth: hci0: unexpected event 0x2f length: 763 > 260 [ 496.903436][ T66] Bluetooth: hci0: SCO packet for unknown connection handle 200 [ 497.033270][T11843] xt_CT: No such helper "syz1" [ 497.112891][T11840] overlayfs: missing 'lowerdir' [ 497.122772][T11838] kvm: pic: non byte write [ 498.327130][ T66] Bluetooth: hci4: command 0x0406 tx timeout [ 498.400073][ T5350] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 498.634790][T11867] ax25_connect(): syz.0.1753 uses autobind, please contact jreuter@yaina.de [ 499.001040][T11870] kvm: pic: non byte write [ 499.003980][T11872] overlayfs: missing 'workdir' [ 499.318015][T11874] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1755'. [ 499.328252][T11874] netlink: 540 bytes leftover after parsing attributes in process `syz.2.1755'. [ 499.347763][T11874] netlink: 540 bytes leftover after parsing attributes in process `syz.2.1755'. [ 499.404430][T11876] netlink: 'syz.0.1756': attribute type 4 has an invalid length. [ 499.484971][ T5350] Bluetooth: hci1: unexpected event 0x2f length: 763 > 260 [ 499.492103][ T5350] Bluetooth: hci1: SCO packet for unknown connection handle 200 [ 499.608814][T11880] netlink: 'syz.2.1758': attribute type 2 has an invalid length. [ 499.615153][T11880] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1758'. [ 499.652208][T11881] xt_CT: No such helper "syz1" [ 499.965558][T11887] affs: No valid root block on device nbd2 [ 500.233827][T11887] ptrace attach of "/syz-executor exec"[8342] was attempted by "/syz-executor exec"[11887] [ 500.474218][T11892] netlink: 176 bytes leftover after parsing attributes in process `syz.0.1761'. [ 500.508283][T11892] netlink: 540 bytes leftover after parsing attributes in process `syz.0.1761'. [ 500.515016][T11892] netlink: 540 bytes leftover after parsing attributes in process `syz.0.1761'. [ 500.647643][T11895] 9pnet: p9_errstr2errno: server reported unknown error ÿ0xffffffffffffffff [ 500.956186][T11903] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1765'. [ 501.364628][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.366992][ T1377] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.633003][ T5350] Bluetooth: hci0: unexpected event 0x2f length: 763 > 260 [ 501.635761][ T5350] Bluetooth: hci0: SCO packet for unknown connection handle 200 [ 501.734411][T11920] netlink: 'syz.3.1768': attribute type 5 has an invalid length. [ 501.747105][T11920] netlink: 7 bytes leftover after parsing attributes in process `syz.3.1768'. [ 501.769241][T11918] xt_CT: No such helper "syz1" [ 502.486514][T11930] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1772'. [ 502.681435][T11936] overlayfs: missing 'lowerdir' [ 502.688914][T11931] kvm: pic: non byte write [ 502.839737][T11939] overlayfs: missing 'lowerdir' [ 502.842393][T11934] kvm: pic: non byte write [ 502.920499][T11942] netlink: 'syz.3.1776': attribute type 4 has an invalid length. [ 502.930660][T11942] netlink: 'syz.3.1776': attribute type 4 has an invalid length. [ 503.697589][T11957] tmpfs: Bad value for 'mpol' [ 504.261522][T11964] overlayfs: missing 'lowerdir' [ 504.261692][T11962] kvm: pic: non byte write [ 504.388758][T11966] netlink: 'syz.0.1785': attribute type 4 has an invalid length. [ 504.395600][T11966] netlink: 'syz.0.1785': attribute type 4 has an invalid length. [ 504.968082][T11976] __nla_validate_parse: 6 callbacks suppressed [ 504.968100][T11976] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1788'. [ 505.591636][T11995] misc userio: Invalid payload size [ 505.599440][T11995] misc userio: Invalid payload size [ 505.668833][T11988] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 505.953574][T12000] kvm: pic: non byte write [ 505.956536][T12005] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 505.967842][T12005] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 506.552173][ T5388] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 506.771885][ T5388] usb 5-1: Using ep0 maxpacket: 8 [ 506.780848][ T5388] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 506.785143][ T5388] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 506.796953][ T5388] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 506.812540][ T5388] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 506.818260][ T5388] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 506.828492][ T5388] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 507.070042][ T5388] usb 5-1: usb_control_msg returned -32 [ 507.076102][ T5388] usbtmc 5-1:16.0: can't read capabilities [ 507.181696][T12015] FAULT_INJECTION: forcing a failure. [ 507.181696][T12015] name failslab, interval 1, probability 0, space 0, times 0 [ 507.187994][T12015] CPU: 1 UID: 0 PID: 12015 Comm: syz.2.1799 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0 [ 507.192559][T12015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 507.196743][T12015] Call Trace: [ 507.198082][T12015] [ 507.199069][T12015] dump_stack_lvl+0x16c/0x1f0 [ 507.201065][T12015] should_fail_ex+0x497/0x5b0 [ 507.203152][T12015] ? fs_reclaim_acquire+0xae/0x160 [ 507.205386][T12015] should_failslab+0xc2/0x120 [ 507.207410][T12015] __kmalloc_noprof+0xcb/0x410 [ 507.209505][T12015] ? af_alg_accept+0x2a/0x600 [ 507.211555][T12015] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 507.213751][T12015] sk_prot_alloc+0x1a8/0x2a0 [ 507.215765][T12015] sk_alloc+0x36/0xb90 [ 507.217383][T12015] af_alg_accept+0xd1/0x600 [ 507.219173][T12015] ? bpf_lsm_socket_accept+0x9/0x10 [ 507.221174][T12015] do_accept+0x3c8/0x540 [ 507.222821][T12015] ? __pfx_do_accept+0x10/0x10 [ 507.224695][T12015] __sys_accept4+0x102/0x1c0 [ 507.226492][T12015] ? __pfx___sys_accept4+0x10/0x10 [ 507.230880][T12015] ? __pfx_ksys_write+0x10/0x10 [ 507.233039][T12015] __ia32_sys_accept4+0x94/0x100 [ 507.235210][T12015] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 507.238106][T12015] __do_fast_syscall_32+0x73/0x120 [ 507.240726][T12015] do_fast_syscall_32+0x32/0x80 [ 507.243235][T12015] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 507.246012][T12015] RIP: 0023:0xf739e579 [ 507.247862][T12015] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 507.256266][T12015] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 000000000000016c [ 507.260158][T12015] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 507.264942][T12015] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 507.269050][T12015] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 507.272407][T12015] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 507.275778][T12015] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 507.279211][T12015] [ 507.280701][ C1] vkms_vblank_simulate: vblank timer overrun [ 507.442068][T12016] usbtmc 5-1:16.0: usbtmc_ioctl_request failed -32 [ 507.560992][T12016] warning: `syz.0.1797' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 508.698341][T12029] syz.3.1803[12029] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 508.698487][T12029] syz.3.1803[12029] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 508.775933][T12034] misc userio: Invalid payload size [ 508.783539][T12034] misc userio: Invalid payload size [ 508.909455][T12038] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 508.913546][T12038] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 509.184270][T12043] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1807'. [ 509.188483][T12043] nbd: must specify at least one socket [ 509.866700][T12061] misc userio: Invalid payload size [ 509.869461][T12061] misc userio: Invalid payload size [ 509.893634][T12064] tmpfs: Bad value for 'mpol' [ 509.992790][T12068] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1815'. [ 509.998787][T12068] netlink: 540 bytes leftover after parsing attributes in process `syz.1.1815'. [ 510.008545][T12068] netlink: 540 bytes leftover after parsing attributes in process `syz.1.1815'. [ 510.338368][ T57] usb 5-1: USB disconnect, device number 24 [ 510.437900][ T5350] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 510.549629][T12087] misc userio: Invalid payload size [ 510.565772][T12087] misc userio: Invalid payload size [ 510.680011][T12090] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1824'. [ 510.684463][T12090] netlink: 'syz.1.1824': attribute type 2 has an invalid length. [ 510.688602][T12090] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1824'. [ 510.893713][T12096] affs: No valid root block on device nbd0 [ 511.492472][T12096] ptrace attach of "/syz-executor exec"[5341] was attempted by "/syz-executor exec"[12096] [ 511.564975][T12104] syz.2.1828: attempt to access beyond end of device [ 511.564975][T12104] nbd2: rw=0, sector=6, nr_sectors = 2 limit=0 [ 511.581833][T12104] ADFS-fs (nbd2): error: unable to read block 3, try 0 [ 512.008269][T12110] xt_CT: No such helper "syz1" [ 513.363292][T12121] syz.2.1833 (12121): drop_caches: 2 [ 513.368949][T12121] syz.2.1833 (12121): drop_caches: 2 [ 513.459064][T12121] syz.2.1833 (12121): drop_caches: 2 [ 513.479909][T12121] syz.2.1833 (12121): drop_caches: 2 [ 513.575688][T12127] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1835'. [ 513.579534][T12127] netlink: 'syz.1.1835': attribute type 2 has an invalid length. [ 513.587144][T12127] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1835'. [ 513.763140][T12140] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1838'. [ 513.804525][T12135] kvm: pic: non byte write [ 513.924196][ T5350] Bluetooth: hci0: unexpected event 0x2f length: 763 > 260 [ 513.925123][ T5350] Bluetooth: hci0: SCO packet for unknown connection handle 200 [ 514.062034][T12145] xt_CT: No such helper "syz1" [ 514.108010][ T39] audit: type=1400 audit(1723425673.753:125): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=12148 comm=5E282F5B25AF [ 514.678576][ T5350] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 514.886840][T12165] usb usb8: usbfs: interface 0 claimed by hub while 'syz.1.1845' sets config #0 [ 515.040930][T12167] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1846'. [ 515.045602][T12167] netlink: 'syz.1.1846': attribute type 2 has an invalid length. [ 515.049517][T12167] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1846'. [ 515.857650][T12178] kvm: pic: non byte write [ 516.438531][ T5350] Bluetooth: hci0: unexpected event 0x2f length: 763 > 260 [ 516.439417][ T5350] Bluetooth: hci0: SCO packet for unknown connection handle 200 [ 516.562639][T12194] xt_CT: No such helper "syz1" [ 517.415419][T12200] overlayfs: missing 'lowerdir' [ 517.543772][T12203] affs: No valid root block on device nbd1 [ 517.657489][T12203] ptrace attach of "/syz-executor exec"[6916] was attempted by "/syz-executor exec"[12203] [ 517.984740][T12213] tmpfs: Bad value for 'mpol' [ 518.031227][T12209] kvm: pic: non byte write [ 518.122277][T12216] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1861'. [ 518.402726][ T5350] Bluetooth: hci0: command 0x0c1a tx timeout [ 518.675361][T12228] xt_CT: No such helper "syz1" [ 518.952734][T12235] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 518.956442][T12236] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 519.182042][T12241] affs: No valid root block on device nbd0 [ 519.428504][T12241] ptrace attach of "/syz-executor exec"[5341] was attempted by "/syz-executor exec"[12241] [ 519.549839][T12243] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1869'. [ 519.558227][T12243] nbd: illegal input index -1 [ 521.077031][T12261] netlink: 84 bytes leftover after parsing attributes in process `syz.3.1874'. [ 521.302052][T12263] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1875'. [ 521.306710][T12263] netlink: 'syz.3.1875': attribute type 2 has an invalid length. [ 521.309840][T12263] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1875'. [ 521.922999][T12275] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1879'. [ 522.359386][ T39] audit: type=1400 audit(1723425682.003:126): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=12277 comm=5E282F5B25AF [ 523.792041][T12283] kvm: pic: non byte write [ 524.018909][T12298] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1885'. [ 524.023272][T12298] netlink: 'syz.2.1885': attribute type 2 has an invalid length. [ 524.026602][T12298] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1885'. [ 524.659153][T12309] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1888'. [ 524.665221][T12309] netlink: 540 bytes leftover after parsing attributes in process `syz.1.1888'. [ 524.669309][T12309] netlink: 540 bytes leftover after parsing attributes in process `syz.1.1888'. [ 525.085363][T12318] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1890'. [ 525.661661][T12321] nbd: illegal input index -16777216 [ 525.882024][ T5350] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 526.400151][T12338] tmpfs: Bad value for 'mpol' [ 526.458920][T12330] kvm: pic: non byte write [ 526.878833][T12344] __nla_validate_parse: 1 callbacks suppressed [ 526.878849][T12344] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1901'. [ 526.887985][T12344] nbd: illegal input index -16777216 [ 528.497465][ T5350] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 528.871951][ T5388] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 529.062176][ T5388] usb 5-1: Using ep0 maxpacket: 32 [ 529.068688][ T5388] usb 5-1: config 0 has no interfaces? [ 529.132410][ T5388] usb 5-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 529.136147][ T5388] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 529.138906][ T5388] usb 5-1: Product: syz [ 529.140591][ T5388] usb 5-1: Manufacturer: syz [ 529.151833][ T5388] usb 5-1: SerialNumber: syz [ 529.163405][ T5388] usb 5-1: config 0 descriptor?? [ 529.526772][ T10] usb 5-1: USB disconnect, device number 25 [ 529.954567][T12373] hfsplus: unable to find HFS+ superblock [ 530.155475][ T5350] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 530.321396][T12385] affs: No valid root block on device nbd0 [ 530.444595][T12389] tmpfs: Bad value for 'mpol' [ 530.688624][T12393] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1918'. [ 530.694030][T12393] netlink: 'syz.1.1918': attribute type 2 has an invalid length. [ 530.701849][T12393] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1918'. [ 531.696965][T12410] 9pnet_fd: Insufficient options for proto=fd [ 532.350397][T12416] tmpfs: Bad value for 'mpol' [ 532.748588][T12424] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1927'. [ 532.756798][T12424] netlink: 'syz.2.1927': attribute type 2 has an invalid length. [ 532.760389][T12424] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1927'. [ 534.146506][T12464] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1937'. [ 534.150667][T12464] netlink: 'syz.2.1937': attribute type 2 has an invalid length. [ 534.154393][T12464] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1937'. [ 534.343135][ T5345] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 534.527441][ T5345] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 534.532514][ T5345] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 534.536675][ T5345] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 534.557191][ T5345] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 534.560981][ T5345] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 534.577133][ T5345] usb 6-1: config 0 descriptor?? [ 535.001126][ T5345] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0 [ 535.008157][ T5345] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving [ 535.022416][ T5345] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 535.496763][T12484] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1942'. [ 535.511253][T12484] macvlan0: entered promiscuous mode [ 535.853682][T12490] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1944'. [ 535.862325][T12490] netlink: 540 bytes leftover after parsing attributes in process `syz.2.1944'. [ 535.866341][T12490] netlink: 540 bytes leftover after parsing attributes in process `syz.2.1944'. [ 536.260211][T12492] misc userio: Invalid payload size [ 536.264808][T12492] misc userio: Invalid payload size [ 536.477766][T12495] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1946'. [ 536.482404][T12495] netlink: 'syz.2.1946': attribute type 2 has an invalid length. [ 536.486317][T12495] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1946'. [ 537.124905][ T10] usb 6-1: USB disconnect, device number 20 [ 537.760751][T12506] kvm: pic: non byte write [ 538.488379][T12525] binder: BINDER_SET_CONTEXT_MGR already set [ 538.490724][T12525] binder: 12523:12525 ioctl 4018620d 200001c0 returned -16 [ 539.282123][ T66] Bluetooth: hci5: command 0x0406 tx timeout [ 539.935697][T12539] 9pnet_fd: Insufficient options for proto=fd [ 540.638120][T12555] __nla_validate_parse: 1 callbacks suppressed [ 540.638138][T12555] netlink: 176 bytes leftover after parsing attributes in process `syz.0.1965'. [ 540.646271][T12555] netlink: 540 bytes leftover after parsing attributes in process `syz.0.1965'. [ 540.650487][T12555] netlink: 540 bytes leftover after parsing attributes in process `syz.0.1965'. [ 540.867856][ T5350] Bluetooth: hci0: ACL packet for unknown connection handle 200 [ 541.317759][T12560] ax25_connect(): syz.1.1966 uses autobind, please contact jreuter@yaina.de [ 541.938699][T12566] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1968'. [ 541.955567][T12566] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1968'. [ 542.421941][ T5388] usb 8-1: new high-speed USB device number 23 using dummy_hcd [ 542.460174][T12570] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1970'. [ 542.467756][T12570] netlink: 'syz.1.1970': attribute type 2 has an invalid length. [ 542.471164][T12570] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1970'. [ 542.552250][T12573] tmpfs: Bad value for 'mpol' [ 542.701824][ T5388] usb 8-1: Using ep0 maxpacket: 8 [ 542.711403][ T5388] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 542.732290][ T5388] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 542.736917][ T5388] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 542.741392][ T5388] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 542.761928][ T5388] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 542.767712][ T5388] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 542.781970][ T5388] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 542.861530][ T5350] Bluetooth: hci1: unexpected event 0x2f length: 763 > 260 [ 542.883856][ T5350] Bluetooth: hci1: SCO packet for unknown connection handle 200 [ 543.052598][ T5388] usb 8-1: usb_control_msg returned -32 [ 543.059910][ T5388] usbtmc 8-1:16.0: can't read capabilities [ 543.061050][T12581] xt_CT: No such helper "syz1" [ 543.443298][T12585] 9pnet: Could not find request transport: }A [ 543.460197][T12587] netlink: 176 bytes leftover after parsing attributes in process `syz.2.1975'. [ 543.461524][T12585] bond0: entered promiscuous mode [ 543.465297][T12587] netlink: 540 bytes leftover after parsing attributes in process `syz.2.1975'. [ 543.466621][T12585] bond_slave_0: entered promiscuous mode [ 543.471142][T12587] netlink: 540 bytes leftover after parsing attributes in process `syz.2.1975'. [ 543.476078][T12585] bond_slave_1: entered promiscuous mode [ 543.712477][ T1417] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 543.755442][T12608] xt_NFQUEUE: number of queues (257) out of range (got 65786) [ 543.901872][ T1417] usb 6-1: Using ep0 maxpacket: 8 [ 543.904974][ T1417] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 543.909835][ T1417] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 543.920294][ T1417] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 543.940535][ T1417] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 543.948392][ T1417] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 543.961803][ T1417] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 544.023575][T12615] netlink: 'syz.0.1981': attribute type 2 has an invalid length. [ 544.228050][ T1417] usb 6-1: usb_control_msg returned -32 [ 544.230566][ T1417] usbtmc 6-1:16.0: can't read capabilities [ 544.594187][T12627] usbtmc 8-1:16.0: usbtmc_ioctl_request failed -32 [ 544.598787][ T1286] usb 8-1: USB disconnect, device number 23 [ 545.293215][ T5350] Bluetooth: hci6: unexpected event 0x2f length: 763 > 260 [ 545.462032][T12633] xt_CT: No such helper "syz1" [ 546.617559][T12642] nbd2: detected capacity change from 0 to 12 [ 546.628414][T11508] block nbd2: Send control failed (result -89) [ 546.632126][T12642] block nbd2: NBD_DISCONNECT [ 546.634714][T11508] block nbd2: Request send failed, requeueing [ 546.639024][T11508] block nbd2: Disconnected due to user request. [ 546.666279][ T50] blk_print_req_error: 40 callbacks suppressed [ 546.666295][ T50] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 546.673618][ T50] buffer_io_error: 40 callbacks suppressed [ 546.673628][ T50] Buffer I/O error on dev nbd2, logical block 0, async page read [ 546.680164][T11508] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 546.690569][T11508] Buffer I/O error on dev nbd2, logical block 0, async page read [ 546.701912][T11508] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 546.705813][T11508] Buffer I/O error on dev nbd2, logical block 0, async page read [ 546.709174][T11508] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 546.714105][T12642] block nbd2: Send disconnect failed -89 [ 546.733302][T11508] Buffer I/O error on dev nbd2, logical block 0, async page read [ 546.741957][T11508] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 546.750359][T11508] Buffer I/O error on dev nbd2, logical block 0, async page read [ 546.758835][T11508] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 546.772365][T11508] Buffer I/O error on dev nbd2, logical block 0, async page read [ 546.777729][T11508] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 546.801246][T11508] Buffer I/O error on dev nbd2, logical block 0, async page read [ 546.809745][T11508] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 546.814792][T11508] Buffer I/O error on dev nbd2, logical block 0, async page read [ 546.818400][T11508] ldm_validate_partition_table(): Disk read failed. [ 546.830320][T11508] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 546.835112][T11508] Buffer I/O error on dev nbd2, logical block 0, async page read [ 546.839030][T11508] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 546.860218][T11508] Buffer I/O error on dev nbd2, logical block 0, async page read [ 546.864368][T11508] Dev nbd2: unable to read RDB block 0 [ 546.867637][T11508] nbd2: unable to read partition table [ 546.870223][T11508] nbd2: partition table beyond EOD, truncated [ 546.886429][T11508] ldm_validate_partition_table(): Disk read failed. [ 546.890062][T11508] Dev nbd2: unable to read RDB block 0 [ 546.893150][T11508] nbd2: unable to read partition table [ 546.896791][T11508] nbd2: partition table beyond EOD, truncated [ 547.090748][ T57] usb 6-1: USB disconnect, device number 21 [ 547.236168][T12655] FAULT_INJECTION: forcing a failure. [ 547.236168][T12655] name failslab, interval 1, probability 0, space 0, times 0 [ 547.245362][T12655] CPU: 1 UID: 0 PID: 12655 Comm: syz.2.1994 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0 [ 547.250435][T12655] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 547.255316][T12655] Call Trace: [ 547.256850][T12655] [ 547.258218][T12655] dump_stack_lvl+0x16c/0x1f0 [ 547.260404][T12655] should_fail_ex+0x497/0x5b0 [ 547.262572][T12655] ? fs_reclaim_acquire+0xae/0x160 [ 547.264918][T12655] should_failslab+0xc2/0x120 [ 547.267073][T12655] __kmalloc_cache_noprof+0x6b/0x310 [ 547.269490][T12655] ? init_pseudo+0x48/0x180 [ 547.271582][T12655] ? __pfx_pipefs_init_fs_context+0x10/0x10 [ 547.274285][T12655] init_pseudo+0x48/0x180 [ 547.276352][T12655] ? __pfx_pipefs_init_fs_context+0x10/0x10 [ 547.278786][T12655] pipefs_init_fs_context+0x1a/0x90 [ 547.280901][T12655] alloc_fs_context+0x54a/0x9c0 [ 547.282925][T12655] path_mount+0xbfb/0x1f10 [ 547.285249][T12655] ? __pfx_path_mount+0x10/0x10 [ 547.287638][T12655] ? putname+0x12e/0x170 [ 547.289881][T12655] ? putname+0x12e/0x170 [ 547.291937][T12655] __ia32_sys_mount+0x292/0x310 [ 547.294194][T12655] ? __pfx___ia32_sys_mount+0x10/0x10 [ 547.296685][T12655] __do_fast_syscall_32+0x73/0x120 [ 547.299054][T12655] do_fast_syscall_32+0x32/0x80 [ 547.301310][T12655] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 547.304514][T12655] RIP: 0023:0xf739e579 [ 547.306563][T12655] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 547.315088][T12655] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 547.318831][T12655] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020000680 [ 547.322928][T12655] RDX: 0000000020000040 RSI: 0000000004204040 RDI: 0000000000000000 [ 547.327251][T12655] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 547.331043][T12655] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 547.334152][T12655] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 547.337230][T12655] [ 547.583818][T12657] __nla_validate_parse: 3 callbacks suppressed [ 547.583836][T12657] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1996'. [ 547.590550][T12657] netlink: 'syz.1.1996': attribute type 2 has an invalid length. [ 547.601516][T12657] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1996'. [ 547.609129][T12662] xt_CT: No such helper "syz1" [ 548.435314][T12675] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2000'. [ 548.556131][T12675] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2000'. [ 548.901968][ T35] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 548.961015][T12690] affs: No valid root block on device nbd3 [ 549.092024][ T35] usb 6-1: Using ep0 maxpacket: 8 [ 549.104074][ T35] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 549.108595][ T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 549.119827][ T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 549.127461][ T35] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 549.141936][ T35] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 549.151906][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 549.343076][T12692] tmpfs: Bad value for 'mpol' [ 549.387090][ T5350] Bluetooth: hci1: unexpected event 0x2f length: 763 > 260 [ 549.390342][ T5350] Bluetooth: hci1: SCO packet for unknown connection handle 200 [ 549.393369][ T35] usb 6-1: usb_control_msg returned -32 [ 549.393407][ T35] usbtmc 6-1:16.0: can't read capabilities [ 549.519577][T12697] xt_CT: No such helper "syz1" [ 549.746700][T12701] usbtmc 6-1:16.0: usbtmc_ioctl_request failed -32 [ 549.753249][ T5388] usb 6-1: USB disconnect, device number 22 [ 550.741588][T12717] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2014'. [ 550.751898][T12717] netlink: 'syz.0.2014': attribute type 2 has an invalid length. [ 550.755276][T12717] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2014'. [ 551.072020][T12722] ptrace attach of "/syz-executor exec"[5341] was attempted by "/syz-executor exec"[12722] [ 552.264293][T12733] tmpfs: Bad value for 'mpol' [ 552.352161][ T39] audit: type=1400 audit(1723425711.993:127): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=12734 comm=5E282F5B25AF [ 554.547163][T12753] FAULT_INJECTION: forcing a failure. [ 554.547163][T12753] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 554.564647][T12753] CPU: 1 UID: 0 PID: 12753 Comm: syz.1.2024 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0 [ 554.569312][T12753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 554.573894][T12753] Call Trace: [ 554.575227][T12753] [ 554.576393][T12753] dump_stack_lvl+0x16c/0x1f0 [ 554.578325][T12753] should_fail_ex+0x497/0x5b0 [ 554.580389][T12753] strncpy_from_user+0x38/0x320 [ 554.582547][T12753] getname_flags.part.0+0x8f/0x550 [ 554.584808][T12753] getname_flags+0x93/0xf0 [ 554.586847][T12753] user_path_at+0x24/0x60 [ 554.588770][T12753] __ia32_sys_mount+0x1fb/0x310 [ 554.590958][T12753] ? __pfx___ia32_sys_mount+0x10/0x10 [ 554.593408][T12753] __do_fast_syscall_32+0x73/0x120 [ 554.595685][T12753] do_fast_syscall_32+0x32/0x80 [ 554.597856][T12753] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 554.600648][T12753] RIP: 0023:0xf7f00579 [ 554.602430][T12753] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 554.610979][T12753] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 554.615290][T12753] RAX: ffffffffffffffda RBX: 00000000200000c0 RCX: 0000000020000040 [ 554.624684][T12753] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 554.627726][T12753] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 554.630715][T12753] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 554.633736][T12753] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 554.641128][T12753] [ 554.769133][T12762] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2028'. [ 554.774076][T12762] netlink: 'syz.1.2028': attribute type 2 has an invalid length. [ 554.777612][T12762] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2028'. [ 554.876359][ T5350] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 555.207827][T12774] ax25_connect(): syz.0.2029 uses autobind, please contact jreuter@yaina.de [ 556.521010][T12782] ptrace attach of "/syz-executor exec"[5341] was attempted by "/syz-executor exec"[12782] [ 558.733141][T12799] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2038'. [ 558.971149][T12803] block device autoloading is deprecated and will be removed. [ 559.127457][T12807] FAULT_INJECTION: forcing a failure. [ 559.127457][T12807] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 559.133469][T12807] CPU: 0 UID: 0 PID: 12807 Comm: syz.2.2041 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0 [ 559.137265][T12807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 559.141005][T12807] Call Trace: [ 559.142311][T12807] [ 559.143450][T12807] dump_stack_lvl+0x16c/0x1f0 [ 559.145237][T12807] should_fail_ex+0x497/0x5b0 [ 559.147010][T12807] _copy_from_user+0x30/0xf0 [ 559.148825][T12807] binder_ioctl+0x56c/0x6b10 [ 559.150662][T12807] ? kfree+0x12a/0x3b0 [ 559.152133][T12807] ? tomoyo_path_number_perm+0x467/0x5b0 [ 559.154331][T12807] ? tomoyo_path_number_perm+0x190/0x5b0 [ 559.156549][T12807] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 559.158900][T12807] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 559.161104][T12807] ? __pfx_binder_ioctl+0x10/0x10 [ 559.162839][T12807] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 559.164554][T12807] ? __pfx_lock_release+0x10/0x10 [ 559.166418][T12807] ? __fget_files+0x256/0x400 [ 559.168431][T12807] ? __pfx_binder_ioctl+0x10/0x10 [ 559.170402][T12807] compat_ptr_ioctl+0x71/0xb0 [ 559.172444][T12807] ? __pfx_compat_ptr_ioctl+0x10/0x10 [ 559.174544][T12807] __do_compat_sys_ioctl+0x2c3/0x330 [ 559.176531][T12807] __do_fast_syscall_32+0x73/0x120 [ 559.178262][T12807] do_fast_syscall_32+0x32/0x80 [ 559.179937][T12807] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 559.182083][T12807] RIP: 0023:0xf739e579 [ 559.183494][T12807] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 559.189919][T12807] RSP: 002b:00000000f56b656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 559.192910][T12807] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0306201 [ 559.195814][T12807] RDX: 00000000200003c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 559.198740][T12807] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 559.201726][T12807] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 559.204557][T12807] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 559.207290][T12807] [ 559.211866][ T9760] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 559.212552][T12807] binder: 12806:12807 ioctl c0306201 200003c0 returned -14 [ 559.394256][ T9760] usb 6-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=74.01 [ 559.397993][ T9760] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 559.413602][ T9760] usb 6-1: config 0 descriptor?? [ 559.418438][ T9760] ttusbir 6-1:0.0: cannot find expected altsetting [ 559.925186][T12814] ptrace attach of "/syz-executor exec"[5341] was attempted by "/syz-executor exec"[12814] [ 560.612839][T12819] trusted_key: encrypted_key: insufficient parameters specified [ 561.701035][T12823] ptrace attach of "/syz-executor exec"[8342] was attempted by "/syz-executor exec"[12823] [ 562.278854][ T9760] usb 6-1: USB disconnect, device number 23 [ 562.410583][T12826] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2047'. [ 562.831675][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 562.834782][ T1377] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.064009][ T66] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 563.070336][ T66] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 563.076787][ T66] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 563.082823][ T66] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 563.089446][ T66] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 563.095551][ T66] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 563.228310][T12834] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2049'. [ 563.607335][T12835] chnl_net:caif_netlink_parms(): no params data found [ 563.955910][T12848] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2054'. [ 563.967020][T12848] netlink: 540 bytes leftover after parsing attributes in process `syz.0.2054'. [ 563.971091][T12848] netlink: 540 bytes leftover after parsing attributes in process `syz.0.2054'. [ 564.126552][T12835] bridge0: port 1(bridge_slave_0) entered blocking state [ 564.130125][T12835] bridge0: port 1(bridge_slave_0) entered disabled state [ 564.142334][T12835] bridge_slave_0: entered allmulticast mode [ 564.146481][T12835] bridge_slave_0: entered promiscuous mode [ 564.164310][T12835] bridge0: port 2(bridge_slave_1) entered blocking state [ 564.169856][T12835] bridge0: port 2(bridge_slave_1) entered disabled state [ 564.181963][T12835] bridge_slave_1: entered allmulticast mode [ 564.186265][T12835] bridge_slave_1: entered promiscuous mode [ 564.343899][T12854] ptrace attach of "/syz-executor exec"[5341] was attempted by "/syz-executor exec"[12854] [ 564.350381][T12835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 564.365382][T12835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 564.523574][T12835] team0: Port device team_slave_0 added [ 564.531260][T12835] team0: Port device team_slave_1 added [ 564.606195][T12835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 564.609362][T12835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 564.631823][T12835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 564.643188][T12835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 564.643247][ T9760] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 564.646101][T12835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 564.646121][T12835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 564.834433][T12835] hsr_slave_0: entered promiscuous mode [ 564.847746][T12835] hsr_slave_1: entered promiscuous mode [ 564.850911][T12835] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 564.857019][T12835] Cannot create hsr debugfs directory [ 564.901823][ T9760] usb 7-1: Using ep0 maxpacket: 8 [ 564.906531][ T9760] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 564.929409][ T9760] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 564.934865][ T9760] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 564.939376][ T9760] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 564.953195][ T9760] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 564.957327][ T9760] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 565.166418][T12835] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 565.188058][ T9760] usb 7-1: usb_control_msg returned -32 [ 565.191410][ T9760] usbtmc 7-1:16.0: can't read capabilities [ 565.202224][ T5350] Bluetooth: hci7: command tx timeout [ 565.288411][T12835] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 565.425533][T12835] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 565.546754][T12835] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 565.573769][T12862] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2057'. [ 565.622168][T12862] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2057'. [ 565.734275][T12862] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 565.736253][T12835] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 565.746952][T12835] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 565.754967][T12835] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 565.769661][T12835] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 565.893892][T12835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 565.911400][T12835] 8021q: adding VLAN 0 to HW filter on device team0 [ 565.924945][T12599] bridge0: port 1(bridge_slave_0) entered blocking state [ 565.928460][T12599] bridge0: port 1(bridge_slave_0) entered forwarding state [ 565.979416][T12598] bridge0: port 2(bridge_slave_1) entered blocking state [ 565.983474][T12598] bridge0: port 2(bridge_slave_1) entered forwarding state [ 566.047462][T12835] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 566.053538][T12835] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 566.299129][T12835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 566.355446][T12835] veth0_vlan: entered promiscuous mode [ 566.381034][T12835] veth1_vlan: entered promiscuous mode [ 566.439331][T12835] veth0_macvtap: entered promiscuous mode [ 566.446616][T12835] veth1_macvtap: entered promiscuous mode [ 566.467087][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 566.477791][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.481582][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 566.486400][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.490742][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 566.495552][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.499478][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 566.504616][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.508945][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 566.515843][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.520236][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 566.525139][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.529392][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 566.534845][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.543860][T12835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 566.555779][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 566.561510][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.567737][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 566.572318][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.577563][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 566.584831][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.589468][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 566.594604][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.599488][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 566.605630][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.610989][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 566.615963][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.620701][T12835] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 566.630220][T12835] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.636823][T12835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 566.647168][T12835] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.659098][T12835] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.665521][T12835] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.670017][T12835] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 566.778364][T12606] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 566.784563][T12606] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 566.818243][T12598] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 566.826529][T12598] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 567.281849][ T5350] Bluetooth: hci7: command tx timeout [ 567.389042][ T35] usb 7-1: USB disconnect, device number 20 [ 568.744781][ T5350] Bluetooth: hci1: unexpected event 0x2f length: 763 > 260 [ 568.877366][T12884] xt_CT: No such helper "syz1" [ 569.361963][ T5350] Bluetooth: hci7: command tx timeout [ 570.011834][ T5408] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 570.221844][ T5408] usb 5-1: Using ep0 maxpacket: 8 [ 570.226334][ T5408] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 570.230866][ T5408] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 570.237612][ T5408] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 570.251814][ T5408] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 570.258650][ T5408] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 570.267207][ T5408] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 570.577070][ T5408] usb 5-1: usb_control_msg returned -32 [ 570.579508][ T5408] usbtmc 5-1:16.0: can't read capabilities [ 570.585734][T12902] kvm: pic: non byte write [ 570.940975][T12909] usbtmc 5-1:16.0: usbtmc_ioctl_request failed -32 [ 571.442073][ T5350] Bluetooth: hci7: command tx timeout [ 572.040077][T12917] ptrace attach of "/syz-executor exec"[8342] was attempted by "/syz-executor exec"[12917] [ 572.783887][T12921] netlink: 'syz.3.2069': attribute type 5 has an invalid length. [ 572.787218][T12921] netlink: 7 bytes leftover after parsing attributes in process `syz.3.2069'. [ 573.507380][ T9760] usb 5-1: USB disconnect, device number 26 [ 573.654748][ T5350] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 574.051423][T12940] ax25_connect(): syz.0.2074 uses autobind, please contact jreuter@yaina.de [ 574.299117][T12950] ax25_connect(): syz.2.2076 uses autobind, please contact jreuter@yaina.de [ 575.175412][T12956] ax25_connect(): syz.3.2078 uses autobind, please contact jreuter@yaina.de [ 575.471495][T12959] kvm: pic: non byte write [ 576.005743][T12974] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2083'. [ 576.007005][ T9760] usb 8-1: new high-speed USB device number 24 using dummy_hcd [ 576.011593][T12974] netlink: 540 bytes leftover after parsing attributes in process `syz.0.2083'. [ 576.036414][T12974] netlink: 540 bytes leftover after parsing attributes in process `syz.0.2083'. [ 576.115343][T12979] FAULT_INJECTION: forcing a failure. [ 576.115343][T12979] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 576.123696][T12979] CPU: 3 UID: 0 PID: 12979 Comm: syz.0.2084 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0 [ 576.128502][T12979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 576.134228][T12979] Call Trace: [ 576.135785][T12979] [ 576.137110][T12979] dump_stack_lvl+0x16c/0x1f0 [ 576.139247][T12979] should_fail_ex+0x497/0x5b0 [ 576.141309][T12979] _copy_from_user+0x30/0xf0 [ 576.143500][T12979] dev_ifconf+0x28a/0x390 [ 576.145439][T12979] ? kfree+0x12a/0x3b0 [ 576.147282][T12979] ? __pfx_dev_ifconf+0x10/0x10 [ 576.149573][T12979] ? tomoyo_path_number_perm+0x190/0x5b0 [ 576.152374][T12979] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 576.155208][T12979] sock_ioctl+0x393/0x6c0 [ 576.157133][T12979] ? __pfx_sock_ioctl+0x10/0x10 [ 576.159337][T12979] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 576.161590][T12979] ? __pfx_lock_release+0x10/0x10 [ 576.164190][T12979] compat_sock_ioctl+0x50b/0x7f0 [ 576.166828][T12979] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 576.169792][T12979] ? __fget_files+0x256/0x400 [ 576.172183][T12979] ? bpf_lsm_file_ioctl_compat+0x9/0x10 [ 576.174594][T12979] ? __pfx_compat_sock_ioctl+0x10/0x10 [ 576.176954][T12979] __do_compat_sys_ioctl+0x2c3/0x330 [ 576.179936][T12979] __do_fast_syscall_32+0x73/0x120 [ 576.182256][T12979] do_fast_syscall_32+0x32/0x80 [ 576.184453][T12979] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 576.187352][T12979] RIP: 0023:0xf73de579 [ 576.189187][T12979] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 576.197789][T12979] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 576.201558][T12979] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008912 [ 576.205070][T12979] RDX: 00000000200003c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 576.208983][T12979] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 576.212909][T12979] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 576.216428][T12979] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 576.220238][T12979] [ 576.222787][ T9760] usb 8-1: Using ep0 maxpacket: 8 [ 576.269238][ T9760] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 576.308789][ T9760] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 576.314184][ T9760] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 576.319487][ T9760] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 576.325596][ T9760] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 576.330704][ T9760] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 576.583691][ T9760] usb 8-1: usb_control_msg returned -32 [ 576.587258][ T9760] usbtmc 8-1:16.0: can't read capabilities [ 576.831818][T12985] ax25_connect(): syz.2.2085 uses autobind, please contact jreuter@yaina.de [ 577.161816][ T9760] usb 8-1: USB disconnect, device number 24 [ 578.638627][T13010] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2091'. [ 579.924317][ T5350] Bluetooth: hci1: ACL packet for unknown connection handle 200 [ 580.279897][T13027] ax25_connect(): syz.0.2095 uses autobind, please contact jreuter@yaina.de [ 580.832950][T13039] netlink: 176 bytes leftover after parsing attributes in process `syz.3.2098'. [ 580.876376][T13039] netlink: 540 bytes leftover after parsing attributes in process `syz.3.2098'. [ 580.880664][T13039] netlink: 540 bytes leftover after parsing attributes in process `syz.3.2098'. [ 581.242410][T13044] evm: overlay not supported [ 581.259846][T13046] fuse: Bad value for 'fd' [ 581.488562][T13050] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2101'. [ 582.323912][ T39] audit: type=1400 audit(1723425741.973:128): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=13054 comm=5E282F5B25AF [ 583.677075][T13068] tipc: Enabling of bearer rejected, failed to enable media [ 584.102345][T13072] fuse: Unknown parameter 'Fd' [ 584.705127][T13079] FAULT_INJECTION: forcing a failure. [ 584.705127][T13079] name failslab, interval 1, probability 0, space 0, times 0 [ 584.711044][T13079] CPU: 2 UID: 0 PID: 13079 Comm: syz.0.2108 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0 [ 584.715634][T13079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 584.720112][T13079] Call Trace: [ 584.721665][T13079] [ 584.723222][T13079] dump_stack_lvl+0x16c/0x1f0 [ 584.725176][T13079] should_fail_ex+0x497/0x5b0 [ 584.727880][T13079] ? fs_reclaim_acquire+0xae/0x160 [ 584.730051][T13079] should_failslab+0xc2/0x120 [ 584.731600][T13079] __kmalloc_node_track_caller_noprof+0xcf/0x440 [ 584.733581][T13079] ? simple_xattr_set+0xb8/0x450 [ 584.735460][T13079] kstrdup+0x3c/0x80 [ 584.736972][T13079] simple_xattr_set+0xb8/0x450 [ 584.738972][T13079] shmem_xattr_handler_set+0x31b/0x3b0 [ 584.741269][T13079] ? __pfx_shmem_xattr_handler_set+0x10/0x10 [ 584.743858][T13079] __vfs_setxattr+0x173/0x1e0 [ 584.745949][T13079] ? __pfx___vfs_setxattr+0x10/0x10 [ 584.748069][T13079] ? apparmor_capable+0x126/0x1e0 [ 584.750180][T13079] __vfs_setxattr_noperm+0x127/0x660 [ 584.752483][T13079] __vfs_setxattr_locked+0x182/0x260 [ 584.754863][T13079] vfs_setxattr+0x146/0x350 [ 584.756899][T13079] ? __pfx_lock_release+0x10/0x10 [ 584.759275][T13079] ? __pfx_vfs_setxattr+0x10/0x10 [ 584.761499][T13079] ? mnt_get_write_access+0x6a/0x300 [ 584.763890][T13079] do_setxattr+0x146/0x170 [ 584.765982][T13079] __do_sys_fsetxattr+0x2e5/0x350 [ 584.768443][T13079] ? __pfx___do_sys_fsetxattr+0x10/0x10 [ 584.770872][T13079] ? __mutex_unlock_slowpath+0x164/0x650 [ 584.773827][T13079] ? __pfx_ksys_write+0x10/0x10 [ 584.775990][T13079] __do_fast_syscall_32+0x73/0x120 [ 584.779501][T13079] do_fast_syscall_32+0x32/0x80 [ 584.781965][T13079] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 584.784401][T13079] RIP: 0023:0xf73de579 [ 584.785955][T13079] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 584.793758][T13079] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 00000000000000e4 [ 584.797253][T13079] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000200 [ 584.800303][T13079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 584.803001][T13079] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 584.805688][T13079] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 584.811020][T13079] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 584.814422][T13079] [ 585.025915][T13084] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2110'. [ 585.244168][T13087] ax25_connect(): syz.2.2109 uses autobind, please contact jreuter@yaina.de [ 585.514654][T13090] FAULT_INJECTION: forcing a failure. [ 585.514654][T13090] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 585.521350][T13091] syz.1.2111 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 585.528425][T13090] CPU: 0 UID: 0 PID: 13090 Comm: syz.1.2111 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0 [ 585.532802][T13090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 585.537321][T13090] Call Trace: [ 585.538812][T13090] [ 585.540117][T13090] dump_stack_lvl+0x16c/0x1f0 [ 585.542198][T13090] should_fail_ex+0x497/0x5b0 [ 585.544361][T13090] _copy_to_user+0x30/0xc0 [ 585.546317][T13090] simple_read_from_buffer+0xd0/0x160 [ 585.548701][T13090] proc_fail_nth_read+0x1b0/0x290 [ 585.550966][T13090] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 585.553418][T13090] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 585.555856][T13090] vfs_read+0x1d4/0xbd0 [ 585.557791][T13090] ? __fdget_pos+0xeb/0x180 [ 585.559898][T13090] ? __pfx_vfs_read+0x10/0x10 [ 585.562029][T13090] ? __pfx___mutex_lock+0x10/0x10 [ 585.564426][T13090] ? __fget_files+0x256/0x400 [ 585.566533][T13090] ksys_read+0x12f/0x260 [ 585.568439][T13090] ? __pfx_ksys_read+0x10/0x10 [ 585.570566][T13090] __do_fast_syscall_32+0x73/0x120 [ 585.572838][T13090] do_fast_syscall_32+0x32/0x80 [ 585.574920][T13090] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 585.577408][T13090] RIP: 0023:0xf7f00579 [ 585.579134][T13090] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 585.587109][T13090] RSP: 002b:00000000f56b65a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 585.590731][T13090] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f56b6620 [ 585.594093][T13090] RDX: 000000000000000f RSI: 00000000f738cff4 RDI: 0000000000000000 [ 585.597159][T13090] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 585.600449][T13090] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 585.603601][T13090] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 585.606683][T13090] [ 586.066210][T13097] netlink: 176 bytes leftover after parsing attributes in process `syz.2.2113'. [ 586.082298][T13097] netlink: 540 bytes leftover after parsing attributes in process `syz.2.2113'. [ 586.086751][T13097] netlink: 540 bytes leftover after parsing attributes in process `syz.2.2113'. [ 586.242484][ T39] audit: type=1326 audit(1723425745.883:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13098 comm="syz.0.2115" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x0 [ 586.361261][T13113] ptrace attach of "/syz-executor exec"[8342] was attempted by "/syz-executor exec"[13113] [ 587.946704][ T5408] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 588.131908][ T5408] usb 6-1: Using ep0 maxpacket: 8 [ 588.155701][ T5408] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 588.156687][ T5350] Bluetooth: hci1: unexpected event 0x2f length: 763 > 260 [ 588.159859][ T5408] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 588.162821][ T5350] Bluetooth: hci1: SCO packet for unknown connection handle 200 [ 588.163151][ T5408] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 588.177440][ T5408] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 588.183564][ T5408] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 588.187603][ T5408] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 588.289911][T13127] xt_CT: No such helper "syz1" [ 588.445043][ T5408] usb 6-1: usb_control_msg returned -32 [ 588.447436][ T5408] usbtmc 6-1:16.0: can't read capabilities [ 588.801226][T13130] usbtmc 6-1:16.0: usbtmc_ioctl_request failed -32 [ 588.944524][ T5350] Bluetooth: hci7: unexpected event 0x2f length: 763 > 260 [ 589.109740][T13133] xt_CT: No such helper "syz1" [ 589.157071][ T39] audit: type=1400 audit(1723425748.803:130): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=13138 comm=5E282F5B25AF [ 589.491924][T13143] vivid-000: ================= START STATUS ================= [ 589.508014][T13143] vivid-000: Radio HW Seek Mode: Bounded [ 589.511261][T13143] vivid-000: Radio Programmable HW Seek: false [ 589.522786][T13143] vivid-000: RDS Rx I/O Mode: Block I/O [ 589.527628][T13143] vivid-000: Generate RBDS Instead of RDS: false [ 589.568918][T13143] vivid-000: RDS Reception: true [ 589.586289][T13143] vivid-000: RDS Program Type: 0 inactive [ 589.606257][T13143] vivid-000: RDS PS Name: inactive [ 589.619453][T13143] vivid-000: RDS Radio Text: inactive [ 589.631680][T13143] vivid-000: RDS Traffic Announcement: false inactive [ 589.636966][T13143] vivid-000: RDS Traffic Program: false inactive [ 589.646564][T13143] vivid-000: RDS Music: false inactive [ 589.650803][T13143] vivid-000: ================== END STATUS ================== [ 590.189201][T13153] netlink: 'syz.3.2125': attribute type 5 has an invalid length. [ 590.196259][T13153] netlink: 7 bytes leftover after parsing attributes in process `syz.3.2125'. [ 591.365902][ T4590] usb 6-1: USB disconnect, device number 24 [ 593.244326][T13232] serio: Serial port pts0 [ 596.800602][T13330] serio: Serial port pts0 [ 596.838975][T13335] serio: Serial port pts1 [ 597.645606][T13378] serio: Serial port pts2 [ 602.442596][T13664] serio: Serial port pts0 [ 604.723465][ T5344] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 604.728905][ T5344] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 604.735316][ T5344] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 604.739613][ T5344] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 604.744834][ T5344] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 604.752014][ T5344] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 604.958150][T12601] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 604.997466][T13713] chnl_net:caif_netlink_parms(): no params data found [ 605.085076][T12601] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 605.179975][T13728] serio: Serial port pts1 [ 605.234097][T13713] bridge0: port 1(bridge_slave_0) entered blocking state [ 605.237590][T13713] bridge0: port 1(bridge_slave_0) entered disabled state [ 605.240590][T13713] bridge_slave_0: entered allmulticast mode [ 605.244515][T13713] bridge_slave_0: entered promiscuous mode [ 605.271212][T12601] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 605.281811][T13713] bridge0: port 2(bridge_slave_1) entered blocking state [ 605.285542][T13713] bridge0: port 2(bridge_slave_1) entered disabled state [ 605.288745][T13713] bridge_slave_1: entered allmulticast mode [ 605.297576][T13713] bridge_slave_1: entered promiscuous mode [ 605.370070][T12601] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 605.408067][T13713] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 605.415169][T13713] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 605.556387][T13713] team0: Port device team_slave_0 added [ 605.561521][T13713] team0: Port device team_slave_1 added [ 605.664711][T13713] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 605.668048][T13713] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 605.685267][T13713] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 605.692273][T13713] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 605.695062][T13713] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 605.705559][T13713] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 605.842129][ T66] Bluetooth: hci6: command 0x0406 tx timeout [ 605.905607][T13713] hsr_slave_0: entered promiscuous mode [ 605.913143][T13713] hsr_slave_1: entered promiscuous mode [ 605.926009][T13713] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 605.933148][T13713] Cannot create hsr debugfs directory [ 606.695847][T12601] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 606.709528][T12601] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 606.719398][T12601] bond0 (unregistering): Released all slaves [ 606.730112][T12601] bond1 (unregistering): Released all slaves [ 606.811983][ T5350] Bluetooth: hci1: command tx timeout [ 606.901474][T12601] : left promiscuous mode [ 607.011068][T12601] tipc: Left network mode [ 607.492372][T12601] hsr_slave_0: left promiscuous mode [ 607.502198][T12601] hsr_slave_1: left promiscuous mode [ 607.505759][T12601] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 607.508982][T12601] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 607.513143][T12601] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 607.516302][T12601] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 607.596195][T12601] veth1_macvtap: left promiscuous mode [ 607.598598][T12601] veth0_macvtap: left promiscuous mode [ 607.600984][T12601] veth1_vlan: left promiscuous mode [ 607.603972][T12601] veth0_vlan: left promiscuous mode [ 608.894596][ T5350] Bluetooth: hci1: command tx timeout [ 609.192931][T12601] team0 (unregistering): Port device team_slave_1 removed [ 609.360610][T13850] serio: Serial port pts0 [ 609.369058][T12601] team0 (unregistering): Port device team_slave_0 removed [ 610.578110][T13713] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 610.586171][T13713] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 610.601503][T13713] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 610.621697][T13713] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 610.696700][T12601] IPVS: stop unused estimator thread 0... [ 610.739434][T13713] 8021q: adding VLAN 0 to HW filter on device bond0 [ 610.776827][T13713] 8021q: adding VLAN 0 to HW filter on device team0 [ 610.798878][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 610.802034][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 610.840101][T12605] bridge0: port 2(bridge_slave_1) entered blocking state [ 610.843158][T12605] bridge0: port 2(bridge_slave_1) entered forwarding state [ 610.943586][T13713] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 610.962078][ T5350] Bluetooth: hci1: command tx timeout [ 611.175697][T13713] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 611.265810][T13713] veth0_vlan: entered promiscuous mode [ 611.294359][T13713] veth1_vlan: entered promiscuous mode [ 611.318353][T13713] veth0_macvtap: entered promiscuous mode [ 611.323112][T13713] veth1_macvtap: entered promiscuous mode [ 611.342446][T13713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.347920][T13713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.354077][T13713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.358746][T13713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.363590][T13713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.368235][T13713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.374495][T13713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.379362][T13713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.385110][T13713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.390801][T13713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.395644][T13713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.400341][T13713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.405022][T13713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 611.409656][T13713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.416158][T13713] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 611.425231][T13713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.430986][T13713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.436041][T13713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.440226][T13713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.444563][T13713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.448634][T13713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.453893][T13713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.458068][T13713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.462464][T13713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.467203][T13713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.471539][T13713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.476617][T13713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.481081][T13713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.485742][T13713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.490602][T13713] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 611.499557][T13713] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 611.503862][T13713] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 611.507188][T13713] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 611.510716][T13713] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 611.568130][T12601] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 611.576279][T12601] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 611.593792][T12601] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 611.597756][T12601] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 613.042198][ T5350] Bluetooth: hci1: command tx timeout [ 616.115331][T14248] serio: Serial port pts0 [ 617.352454][T14326] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2633'. [ 617.676391][T14345] serio: Serial port pts0 [ 617.974334][T14366] [ 617.975556][T14366] ====================================================== [ 617.978827][T14366] WARNING: possible circular locking dependency detected [ 617.981857][T14366] 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0 Not tainted [ 617.988911][T14366] ------------------------------------------------------ [ 617.992008][T14366] syz.2.2649/14366 is trying to acquire lock: [ 617.994685][T14366] ffffffff8fa0cf68 (rtnl_mutex){+.+.}-{3:3}, at: do_ipv6_setsockopt+0x1f4d/0x4820 [ 617.998720][T14366] [ 617.998720][T14366] but task is already holding lock: [ 618.003900][T14366] ffff88804fc11550 (&smc->clcsock_release_lock){+.+.}-{3:3}, at: smc_setsockopt+0x101/0xc00 [ 618.008797][T14366] [ 618.008797][T14366] which lock already depends on the new lock. [ 618.008797][T14366] [ 618.014003][T14366] [ 618.014003][T14366] the existing dependency chain (in reverse order) is: [ 618.018188][T14366] [ 618.018188][T14366] -> #2 (&smc->clcsock_release_lock){+.+.}-{3:3}: [ 618.022566][T14366] __mutex_lock+0x175/0x9c0 [ 618.024841][T14366] smc_switch_to_fallback+0x2d/0xa00 [ 618.027676][T14366] smc_sendmsg+0x13d/0x520 [ 618.029858][T14366] __sys_sendto+0x47f/0x4e0 [ 618.032185][T14366] __ia32_sys_sendto+0xdd/0x1b0 [ 618.034564][T14366] __do_fast_syscall_32+0x73/0x120 [ 618.037017][T14366] do_fast_syscall_32+0x32/0x80 [ 618.039386][T14366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 618.042358][T14366] [ 618.042358][T14366] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 618.045759][T14366] lock_sock_nested+0x3a/0xf0 [ 618.048093][T14366] sockopt_lock_sock+0x54/0x70 [ 618.050441][T14366] do_ip_setsockopt+0x101/0x38c0 [ 618.052663][T14366] ip_setsockopt+0x59/0xf0 [ 618.054733][T14366] raw_setsockopt+0xb8/0x290 [ 618.057410][T14366] do_sock_setsockopt+0x222/0x480 [ 618.059957][T14366] __sys_setsockopt+0x1a4/0x270 [ 618.062341][T14366] __ia32_sys_setsockopt+0xbc/0x160 [ 618.064853][T14366] __do_fast_syscall_32+0x73/0x120 [ 618.067388][T14366] do_fast_syscall_32+0x32/0x80 [ 618.069818][T14366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 618.072763][T14366] [ 618.072763][T14366] -> #0 (rtnl_mutex){+.+.}-{3:3}: [ 618.076000][T14366] __lock_acquire+0x24ed/0x3cb0 [ 618.078383][T14366] lock_acquire+0x1b1/0x560 [ 618.080619][T14366] __mutex_lock+0x175/0x9c0 [ 618.082899][T14366] do_ipv6_setsockopt+0x1f4d/0x4820 [ 618.085382][T14366] ipv6_setsockopt+0xe3/0x1a0 [ 618.087437][T14366] tcp_setsockopt+0xa4/0x100 [ 618.089400][T14366] smc_setsockopt+0x1b4/0xc00 [ 618.091446][T14366] do_sock_setsockopt+0x222/0x480 [ 618.093679][T14366] __sys_setsockopt+0x1a4/0x270 [ 618.096497][T14366] __ia32_sys_setsockopt+0xbc/0x160 [ 618.099330][T14366] __do_fast_syscall_32+0x73/0x120 [ 618.101894][T14366] do_fast_syscall_32+0x32/0x80 [ 618.104559][T14366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 618.107772][T14366] [ 618.107772][T14366] other info that might help us debug this: [ 618.107772][T14366] [ 618.112372][T14366] Chain exists of: [ 618.112372][T14366] rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock [ 618.112372][T14366] [ 618.118464][T14366] Possible unsafe locking scenario: [ 618.118464][T14366] [ 618.121709][T14366] CPU0 CPU1 [ 618.124094][T14366] ---- ---- [ 618.126623][T14366] lock(&smc->clcsock_release_lock); [ 618.128973][T14366] lock(sk_lock-AF_INET); [ 618.131626][T14366] lock(&smc->clcsock_release_lock); [ 618.134623][T14366] lock(rtnl_mutex); [ 618.136185][T14366] [ 618.136185][T14366] *** DEADLOCK *** [ 618.136185][T14366] [ 618.139462][T14366] 1 lock held by syz.2.2649/14366: [ 618.141766][T14366] #0: ffff88804fc11550 (&smc->clcsock_release_lock){+.+.}-{3:3}, at: smc_setsockopt+0x101/0xc00 [ 618.146206][T14366] [ 618.146206][T14366] stack backtrace: [ 618.148581][T14366] CPU: 2 UID: 0 PID: 14366 Comm: syz.2.2649 Not tainted 6.11.0-rc2-syzkaller-00302-gcb2e5ee8e7a0 #0 [ 618.152546][T14366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 618.156394][T14366] Call Trace: [ 618.157633][T14366] [ 618.159151][T14366] dump_stack_lvl+0x116/0x1f0 [ 618.161095][T14366] check_noncircular+0x31a/0x400 [ 618.163035][T14366] ? __pfx_check_noncircular+0x10/0x10 [ 618.165330][T14366] ? lockdep_lock+0xc6/0x200 [ 618.167328][T14366] ? __pfx_lockdep_lock+0x10/0x10 [ 618.169511][T14366] __lock_acquire+0x24ed/0x3cb0 [ 618.171640][T14366] ? __pfx___lock_acquire+0x10/0x10 [ 618.173933][T14366] ? hlock_class+0x4e/0x130 [ 618.175936][T14366] ? __lock_acquire+0x1620/0x3cb0 [ 618.178147][T14366] lock_acquire+0x1b1/0x560 [ 618.180145][T14366] ? do_ipv6_setsockopt+0x1f4d/0x4820 [ 618.182492][T14366] ? __pfx_lock_acquire+0x10/0x10 [ 618.184657][T14366] ? __pfx___might_resched+0x10/0x10 [ 618.186989][T14366] __mutex_lock+0x175/0x9c0 [ 618.189015][T14366] ? do_ipv6_setsockopt+0x1f4d/0x4820 [ 618.191334][T14366] ? __might_fault+0x13b/0x190 [ 618.193460][T14366] ? do_ipv6_setsockopt+0x1f4d/0x4820 [ 618.195828][T14366] ? __pfx_lock_release+0x10/0x10 [ 618.198041][T14366] ? __pfx___mutex_lock+0x10/0x10 [ 618.200245][T14366] ? __pfx_register_lock_class+0x10/0x10 [ 618.202519][T14366] ? __might_fault+0xe3/0x190 [ 618.204571][T14366] ? do_ipv6_setsockopt+0x1f4d/0x4820 [ 618.206952][T14366] ? rtnl_lock+0x9/0x20 [ 618.208874][T14366] do_ipv6_setsockopt+0x1f4d/0x4820 [ 618.211332][T14366] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 618.213805][T14366] ? kfree+0x12a/0x3b0 [ 618.215475][T14366] ? security_file_ioctl_compat+0x75/0xc0 [ 618.217937][T14366] ? lock_acquire+0x1b1/0x560 [ 618.220066][T14366] ? __mutex_trylock_common+0xea/0x250 [ 618.222726][T14366] ? __pfx___mutex_trylock_common+0x10/0x10 [ 618.225307][T14366] ? rcu_is_watching+0x12/0xc0 [ 618.227195][T14366] ? trace_contention_end+0xea/0x140 [ 618.229204][T14366] ? __mutex_lock+0x1a6/0x9c0 [ 618.231153][T14366] ? hlock_class+0x4e/0x130 [ 618.233126][T14366] ? __lock_acquire+0xbdd/0x3cb0 [ 618.235513][T14366] ? smc_setsockopt+0x101/0xc00 [ 618.237661][T14366] ? ipv6_setsockopt+0xe3/0x1a0 [ 618.239801][T14366] ipv6_setsockopt+0xe3/0x1a0 [ 618.241864][T14366] tcp_setsockopt+0xa4/0x100 [ 618.243869][T14366] smc_setsockopt+0x1b4/0xc00 [ 618.245888][T14366] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 618.248435][T14366] ? __pfx_smc_setsockopt+0x10/0x10 [ 618.250734][T14366] ? bpf_lsm_socket_setsockopt+0x9/0x10 [ 618.253101][T14366] ? __pfx_smc_setsockopt+0x10/0x10 [ 618.255329][T14366] do_sock_setsockopt+0x222/0x480 [ 618.257780][T14366] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 618.260134][T14366] ? __fget_light+0x173/0x210 [ 618.262177][T14366] __sys_setsockopt+0x1a4/0x270 [ 618.264272][T14366] ? __pfx___sys_setsockopt+0x10/0x10 [ 618.266653][T14366] ? kcov_ioctl+0x268/0x730 [ 618.268840][T14366] __ia32_sys_setsockopt+0xbc/0x160 [ 618.271227][T14366] ? lockdep_hardirqs_on+0x7c/0x110 [ 618.273544][T14366] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 618.276431][T14366] __do_fast_syscall_32+0x73/0x120 [ 618.278658][T14366] do_fast_syscall_32+0x32/0x80 [ 618.280796][T14366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 618.283597][T14366] RIP: 0023:0xf739e579 [ 618.285448][T14366] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 618.293661][T14366] RSP: 002b:00000000f569556c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 618.297385][T14366] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000029 [ 618.300874][T14366] RDX: 0000000000000030 RSI: 0000000020000200 RDI: 000000000000008c [ 618.304213][T14366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 618.307114][T14366] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 618.310687][T14366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 618.313973][T14366] [ 618.381815][ T1417] usb 8-1: new high-speed USB device number 25 using dummy_hcd SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 618.572999][ T1417] usb 8-1: Using ep0 maxpacket: 16 [ 618.984327][ T45] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.005897][ T1417] usb 8-1: device descriptor read/all, error -71 [ 619.140540][ T45] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.210478][ T45] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.302590][ T45] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.614440][ T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 619.622147][ T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 619.628357][ T45] bond0 (unregistering): Released all slaves [ 619.636635][ T45] bond1 (unregistering): Released all slaves [ 619.706359][ T45] : left promiscuous mode [ 620.132268][ T45] hsr_slave_0: left promiscuous mode [ 620.135176][ T45] hsr_slave_1: left promiscuous mode [ 620.137565][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 620.146397][ T45] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 620.150891][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 620.155320][ T45] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 620.160628][ T45] veth1_macvtap: left promiscuous mode [ 620.165856][ T45] veth0_macvtap: left promiscuous mode [ 620.168360][ T45] veth1_vlan: left promiscuous mode [ 620.170719][ T45] veth0_vlan: left promiscuous mode [ 620.527830][ T45] team0 (unregistering): Port device team_slave_1 removed [ 620.579163][ T45] team0 (unregistering): Port device team_slave_0 removed [ 621.349978][ T45] IPVS: stop unused estimator thread 0... [ 621.439607][ T45] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 621.563879][ T45] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 621.651423][ T45] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 621.758859][ T45] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 621.942125][ T45] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 622.037708][ T45] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 622.128800][ T45] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 622.222580][ T45] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 622.333062][ T45] bridge_slave_1: left allmulticast mode [ 622.335460][ T45] bridge_slave_1: left promiscuous mode [ 622.337503][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 622.344201][ T45] bridge_slave_0: left allmulticast mode [ 622.346660][ T45] bridge_slave_0: left promiscuous mode [ 622.349201][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 622.356476][ T45] bridge_slave_1: left allmulticast mode [ 622.358980][ T45] bridge_slave_1: left promiscuous mode [ 622.361519][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 622.369550][ T45] bridge_slave_0: left allmulticast mode [ 622.372308][ T45] bridge_slave_0: left promiscuous mode [ 622.374779][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 622.660243][ T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 622.672448][ T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 622.676609][ T45] bond0 (unregistering): Released all slaves [ 622.696695][ T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 622.703925][ T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 622.709231][ T45] bond0 (unregistering): Released all slaves [ 623.389356][ T45] hsr_slave_0: left promiscuous mode [ 623.394440][ T45] hsr_slave_1: left promiscuous mode [ 623.397753][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 623.401023][ T45] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 623.408630][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 623.414141][ T45] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 623.424876][ T45] hsr_slave_0: left promiscuous mode [ 623.427983][ T45] hsr_slave_1: left promiscuous mode [ 623.431043][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 623.434435][ T45] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 623.438288][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 623.441576][ T45] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 623.450933][ T45] veth1_macvtap: left promiscuous mode [ 623.453925][ T45] veth0_macvtap: left promiscuous mode [ 623.456560][ T45] veth1_vlan: left promiscuous mode [ 623.458960][ T45] veth0_vlan: left promiscuous mode [ 623.463370][ T45] veth1_macvtap: left promiscuous mode [ 623.465858][ T45] veth0_macvtap: left promiscuous mode [ 623.468423][ T45] veth1_vlan: left promiscuous mode [ 623.470850][ T45] veth0_vlan: left promiscuous mode [ 623.905177][ T45] team0 (unregistering): Port device team_slave_1 removed [ 623.918389][ T45] team0 (unregistering): Port device team_slave_0 removed [ 624.258159][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.415352][ T45] team0 (unregistering): Port device team_slave_1 removed [ 624.480972][ T45] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 00:39:59 Registers: info registers vcpu 0 CPU#0 RAX=0000000080000000 RBX=000001776175d5e0 RCX=0000000000000000 RDX=0000000000000001 RSI=ffffffff8bb04c20 RDI=0000000000000001 RBP=000001776175b6ca RSP=ffffc900003c7b48 R8 =0000000000000000 R9 =ffffed100fda8cd0 R10=ffff88807ed46687 R11=ffffffff8b4be7e0 R12=0000000000000000 R13=00000000000032c9 R14=ffffffff94ec7080 R15=ffffffff94ec7080 RIP=ffffffff8afa27c2 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000057e614c0 CR3=000000006b26e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=ffffc90000f2f358 RBX=00fff60000040038 RCX=ffffffff81c516fd RDX=0000000000000001 RSI=0000000000000008 RDI=ffffc90000f2f350 RBP=ffffea0000bb8380 RSP=ffffc90000f2f2f8 R8 =0000000000000001 R9 =fffff94000177070 R10=ffffea0000bb8387 R11=0000000000000000 R12=00fff80000040038 R13=0000000000000002 R14=ffff88802bfba040 R15=0000000000000000 RIP=ffffffff81e9b4fb RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7465008 CR3=0000000044a30000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000063 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fa7685 RDI=ffffffff9511e340 RBP=ffffffff9511e300 RSP=ffffc9000ee76fb8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e31312e36 R12=0000000000000000 R13=0000000000000063 R14=ffffffff84fa7620 R15=0000000000000000 RIP=ffffffff84fa76af RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c200000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5695da4 CR3=00000000672c6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000000 RBX=ffffc90004ce7d40 RCX=1ffffffff2022b67 RDX=1ffff11005013463 RSI=0000000000000003 RDI=ffff88802809a2d8 RBP=0000000000000000 RSP=ffffc90004ce7b90 R8 =0000000008000001 R9 =fffff5200099cf69 R10=0000000000000003 R11=0000000000000000 R12=0000000000000003 R13=0000000000000246 R14=0000000008000001 R15=ffff88802809a318 RIP=ffffffff81655d5c RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c300000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002d01fffc CR3=00000000504cc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000