last executing test programs: 7.178821992s ago: executing program 3 (id=685): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) io_setup(0x5, &(0x7f0000000740)=0x0) io_submit(r1, 0x1, &(0x7f0000000280)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000000000000000000000000fe840000002300000085000000a000000095"], &(0x7f0000000080)='GPL\x00'}, 0x90) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) mknodat$loop(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r3 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000080)={r3, r3}, &(0x7f00000000c0)=""/28, 0x1c, &(0x7f00000001c0)={&(0x7f0000000140)={'poly1305\x00'}}) keyctl$negate(0xd, r3, 0x5, 0xfffffffffffffffc) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) pipe2$9p(0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r4 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r4, &(0x7f0000000080), 0xc) r5 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r5, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc) write$binfmt_script(r5, &(0x7f0000002180), 0xb) recvmmsg(r4, &(0x7f0000004580)=[{{0x0, 0x0, 0x0}}], 0x300, 0x10062, 0x0) link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) 5.108405366s ago: executing program 0 (id=701): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x4000001, 0x13, r0, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) openat$vnet(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) 4.748473551s ago: executing program 0 (id=705): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) poll(0x0, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) close(0xffffffffffffffff) getsockname$l2tp(r1, &(0x7f0000000100)={0x2, 0x0, @multicast1}, &(0x7f0000000280)=0x10) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x0, 0x2b8, 0x0, 0x244, 0xff000000, 0x330, 0x3a8, 0x3a8, 0x330, 0x3a8, 0x3, 0x0, {[{{@ipv6={@dev, @ipv4={'\x00', '\xff\xff', @multicast1}, [], [], 'veth0_vlan\x00', 'wlan0\x00'}, 0x0, 0x220, 0x244, 0x0, {}, [@inet=@rpfilter={{0x24}}, @common=@inet=@hashlimit3={{0x158}, {'wlan1\x00', {0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xf12, 0xffff}}}]}, @common=@inet=@SYNPROXY={0x24}}, {{@ipv6={@private2, @private1, [], [], 'veth1_to_batadv\x00', 'pim6reg1\x00'}, 0x0, 0xa4, 0xec}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x454) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) bind$inet6(0xffffffffffffffff, 0x0, 0x0) r5 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INIT_ENTRIES(r5, 0x0, 0x83, &(0x7f00000001c0)={'nat\x00', 0x0, 0x0, 0x49, [], 0x0, 0x0, 0x0}, &(0x7f0000000240)=0xe0) r6 = socket$packet(0x11, 0x3, 0x300) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r7, 0x800448d4, 0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) setsockopt$packet_fanout_data(r6, 0x107, 0x16, 0x0, 0x0) syz_emit_ethernet(0xfdef, &(0x7f00000003c0)=ANY=[@ANYBLOB="5b1a033f2511aaaaaaaaaabb080046004578000000000011907800000000000000000000000000649078100000000000000000000000fdcdae25a7a296872a8a5290e48e30acf8afc7e67d70a62c979cefa10a00b840539c8fe728bdae0000000000000000e400000000000035f3c07eeca4a20a9858ac150000000063081fe8fe001a08ed082ad7121d696fad08422669b3fbd1e8c0be66125f15a8aac15d30c5d11717bf76d727796ad071ff418abbac0c081c18f0d9d2aa38d7dd357a8e1a8b3b13fce46138b00dc4715657c4e1736d67729763434080c6feadff29df015dd9d53be7e7ee94f40c455d23e3e6bdae6521749c18000db36f4901652859a223f10acbe859d0c6cea3734e9dd92789ec8c2fd17dc1f89319bfa104edf78001b64da96c5fe3"], 0x0) setsockopt$packet_int(r6, 0x107, 0xc, &(0x7f0000000000), 0x4) r8 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000040)="d8000000190081054e81f782db4cb9040a1d080015000900142603600e1208000f4f1b000401a8001600200005400400027c0380adf0249073ad1bb143ee188ed79f5c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970392", 0xd8}], 0x1}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_NF_CALL_ARPTABLES={0x5}]}}}]}, 0x3c}}, 0x0) openat$audio(0xffffff9c, &(0x7f0000000080), 0xea900, 0x0) 4.340796875s ago: executing program 3 (id=707): r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_mptcp(0xa, 0x1, 0x106) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x2b, &(0x7f0000000040)=0x200000000005) syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="0400b100"/19], 0x13) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x1c9100, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x5) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x11) socket$nl_rdma(0x10, 0x3, 0x14) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10) r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x1a9a81) ioctl$USBDEVFS_FREE_STREAMS(r4, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"]) syz_emit_vhci(&(0x7f0000000600)=ANY=[@ANYBLOB="02c82041003d0001000cfb05000600feff080d7f080002000800000000010df8080009000f000a0008000f01040005007b00110c0200050002f1040002000100015b02000000313956d89cfe77e8ebedf18c52dbd2eac1c836a1bd9ef3b829e83a81e0efeb5ace9c1ab6485c00bfee590b5a72d6629efb2fc8325d087bec1c005e7eb4884088e76a97c8078d2cc08e73c75eefbfa1ef09ff7c65b48fc95f1ef65cb9864d62e7c3aaed61df52f6298dcd34eba6dad347c8231b3b00fd2c40272887641340429a8ffe2c13b767aabed07e58c26660b8a2d96fdd3478a13d71f884aada6e65"], 0x46) ioctl$USBDEVFS_CONTROL(r4, 0x4008550d, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$UI_SET_LEDBIT(r3, 0x40045569, 0x1) ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000100)={{}, 'syz0\x00'}) ioctl$UI_DEV_CREATE(r3, 0x5501) ioctl$UI_DEV_DESTROY(r3, 0x5502) r5 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYRES16=r5, @ANYBLOB="010000000000000000000b00000008000300b855954aff2c2dc08a911d3413d169466806a8c4085bb6cce64dd63a5c4f25f4290f60069147657551acd9fee7e0571a943e147bd5419fa1fe54bab5676a84f159e6639728bdf1b5b08ea46c5395deb5bbbb66cb5fab3b188c2e414f4d25ee0286071b6bcba79d1092a2c195229790d96b8f037cd45b937f4c2bbb6b4c9922995c4c207c47c1aac65e"], 0x44}}, 0x0) userfaultfd(0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)) bind$rds(0xffffffffffffffff, 0x0, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000000408010100000000000000000000000005000300ff0000000600024000000000409003d3e1025f07eee9e08d73a2d2521b12a3f6e01206fd1571a5610e1af91706c8bc1da94cc118aacaf9b47a516f6383581f3436ba9e6d73845a0cb2543617ab98606c549b897629a1eb5235f046d57e03a44cdc267b91bc61875c7a336e4018d91dc68af2aa844254f32fd548465cf54a571ec2faf3df0a0a932a7c515f5530e9bffc43b3d64ffe4b38e742"], 0x24}}, 0x0) ioctl$SNDCTL_SEQ_PANIC(0xffffffffffffffff, 0x5111) 3.357786437s ago: executing program 3 (id=709): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000600)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', r1}, 0x90) 3.273162066s ago: executing program 3 (id=710): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect$hid(0x0, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb05, 0x1807, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, {0x9}, {{{0x9, 0x5, 0x81, 0x3, 0x40}}}}}]}}]}}, 0x0) ioctl$EVIOCRMFF(r0, 0x4004550f, 0x0) 2.586494776s ago: executing program 1 (id=715): r0 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000180)=0x10000, 0x4) sendto$inet6(r0, &(0x7f0000000040)="800037bbd79ba1ce", 0x8, 0x0, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000000880)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) rt_sigprocmask(0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfffffffffffffcb3) socket(0x0, 0x0, 0x0) 2.508260956s ago: executing program 1 (id=716): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000000)=@newtaction={0x94, 0x30, 0x1, 0x0, 0x0, {}, [{0x80, 0x1, [@m_bpf={0x2c, 0x2, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}, @TCA_SKBEDIT_PRIORITY={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x94}}, 0x0) 2.448797818s ago: executing program 1 (id=717): mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x21, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, r0, 0x3, 0x3, 0x1}, 0x48) r2 = openat$sr(0xffffff9c, &(0x7f00000001c0), 0x481382, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001300)={0x1b, 0x0, 0x0, 0x6, 0x0, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x1}, 0x48) r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r5 = dup(r4) ioctl$PTP_EXTTS_REQUEST2(r5, 0x40043d14, &(0x7f0000000400)={0xfffffffe}) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x2f, &(0x7f0000001380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0xf7}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4e}}, @generic={0x33, 0x7, 0x6, 0x5, 0x1295863e}, @printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @map_fd={0x18, 0x6, 0x1, 0x0, r3}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r6, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x5f, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000003240)=ANY=[@ANYBLOB="18020000e2ffffff00000000000000c685000000360000009500001800000000922ae83713ab9600010000801b10fb54a8cb72d232ad558c46fff4208d4990ec11ce9413ac30e00bd0081f8504e19a5183d769676520e98a263345e44d5ad12bca35510100c4d86abeb12303ff1c9fe0d0020000d60400000007d3670000008aff66d6b3181ffc1d62a3954c1198bbc4fa13aee48ca9e8969faebf3183fe803ab3f5024b52dc265b36fc9dae00a09404f01f9504d0976d252bd8d24538556e5e57bee3b8cf464ef3c6a7def8bad3ca6e3abdb21696e340bb8e2a093add57196b40def3858ef569147fa4108328392d322ab5df10a2f69a6bdf72ee7944e810d0223917c3d042410f57466f59544047d6d8ac44060000000000ee16c729300d2301800000000000002b5a8b05fcc154ad5290a8cdb97c343f454ff69dd6cbde49b28a6cb5f4fc0001745cff6e00e7ffffff0000acf3209a08439f1ff01779b6f6df7e02aa6d7760525b595fe1f697bc114ed1770200a3f0395f946974cfb458be2a34cf924dc37b5592bf17956f3547497aba814382ff67b345b677a9d6523d87008000000000000000003fe8613ca29ff92be0d8deffff7b68136b0046d535dd39c0f35408869e9b342b953f91447e6b9eab304f134306320600a44095254b45a6c1312a13696c7202df5f764713504facc532c5a6d44d99ec7530ed7b0311000000000000e54e9072a22d911f4a2c2e2fa806e63c5cd98a8569a6d6bcfb000064885117e2ad910eae67e0ebe380d0f648713e68153579e02d71c58d147b00821ab9a6475b31e1ebf1369a04000000fbf3983f283f2f00000000992774814d63c933912d000006000000a66acb0a38856929e7d8b1b06c9bd5d7e5490f3b8596b694ea9483bd4bd287c83dd998a74694d18bdd8ad0983bc90770bbd26a82b9d99d5fc04563b523c47ef8c33400e90d02000000000000000edf1147a7afe772cd45af8aeffe2753088e02ca6bb2feec446ce7dbce66f0a93a03371320980865c7c62ea4d8f8a864dce9fa85aeb0454349100296ee2dba39c3f6fd6cf96714e11fe03b50f6499a7418b165dd0336d226bac1e1223be1c97b15175d0e664beb126000e96549e1a1228c686edb475b705eaa9515c96f4fc6b3c925ea404e0f1de61026dc6c6618580fd6ce9eac602c1756f6d1056712412131ed9925989e01eae489ec7052e0ed72c326c7a8aa63999e2297c54ce1822d14b7c7699a9d0600f11f2e7f474cffbc35bc8623cd5eb68af82275a940be0400000000000000bcc3fbe7d90de96d6a8e9f32f18d1f606b381e4903b500000000000000000000004a2357ba5f6000de1cfa88b7165dcf4f2aaee86d4802000000000000008fdb686d5da2a42e4b5024b6535811f362201d4f82012e6af704973d04ea923c19e6cb723c1923b3eea2d73e176dff383c9fbbac53dfdcb1a68c98e96fe39eec23963faf3ebed3409144c7c53d6318ced678a621450a9b01e9f2772e5f2999d3435da02556e36c3215d2bd4e96c93bff3ad04a82ff3cfadcf65eb92adc6c68d66b11cb2d7556414a86dfa94bb7aa52c7febb1e9b2efcbbc5bccf9d39bed802f4f056976a9a362ee9cc624ec40000000000000000000000000044d917c62b27679913075731e8fddb07c10c82002d60181588ae63a440454287de9e340f611267f37bdd0f2d21cb06fcaf45a0a297e396f428d43371424b307eef82c5d6d19f3ef0d3b8f7fa51957e3099caab31133b34a1d3eebc0f0c9056df2e9667ba0b55695c7894010079b07e7aef7785e2486472b5cba1f3346c1e8e23deb8c82bb6eb2c72c484241dc3b66da78260f800fffd39368b952f6f4a10295c50c887a31d8b543c5d10f2dbd4d0b84eaad43feb6e169a9f2fcff7000000000000000000e011bc6366f56fa787f212c1f8c0f47f50b1e9b5d841ea55fe569bb7bf1e78191c8a02ad436725771738a2a98891971e3b932352896e1ea10f62e8ef7a87e16151b39d6c27575714540d8c293a3fa4b5a825360423c1cbc8b5d19167152823ed853140edda002c16c842b168bb55f6bb713deb57d0aa78d6d4e5fc5be2c402bd246128f41bcb02000000892b135a92e8c844938aa98ba4839a1408a696454d40e5eed4d4dce481ca86bfac54c330331b7f2cde17cbaeb0377696faf546ecbe742d73d47d726a50f6e752f3325255bd7e8b5923aa3cfb6f7e06494f21ca450139c558000000000000000000000800000000000000000075aa0000000000000000000000005560bd9eb81e839e4992e64b074a66cccccf00334fa94da8477be7d99b558ec6a5b1596ac1e7617c6b32eed0cc70286caf2c5189a103f4b0b04aff171c4d388ccf67fea37e782f025c94c853cde330a193a967d907a8c88fcb033e680f559a72150cb900bafcd536f48797915a2fe9922ce27300009e1b36aa4730117d9b00000000003c630000000000008fbbd11b015c415ca04192fbfb1a8b0e3460af35771dbac10062835c9bab3ad09f7a022c52d8000000000000000000004000000000000000000000000000000000000000000400000000000000000000000000006ec473c54399b7b8aa1ee46132fc45da8292631178cecf19550108b8b8423de42957ffe9bb6d752e68d2bc2ce777a17bf4dfdfee5de0f3e4dadf51ab03d2165ccc9562827b762fa611ba5f32861c19dffe1dc9fd5c41cd46cf131fd6b0c2ddad90ac33f768f9ecc70327c59918fa5a249befe98262f53c8182d95f6da3698a6a88c2c31d801a8f1f5e0ce05138d5422da0a6a62b9dfe1f39775d1d0c9186096415f544aaf76b0a1c877a6c826a5adcfb22c4a0e5a46271caa3eaf4f389dd5f3c20dbddc0377a4266d7b9fd61b9287e9b4be0a413ee31be0ddecab0ef7b25cba1fb3654ddf291ecb7768ac1e177042cb4c452fa6b3966955e05e9bcade0638ac187da23d6855500fe8510b51e13a890e394b84a6ea2cc8d42b97c697c29122298d55e2e1dca8e07abda2606a3f381c64b9fec0000000a7965e4854e8e3572ad5149b3872342dea9252132860c9af1bd5fe263c0313dea5d6e02000000000000005f34667dd79b07b5cbdd8aa7dd561a26b5562d4861a7e1b0f48930e0b696ea3bee7eb72794e163d7aeac9a0fa5403ac9cb421eae283b0550f1d0d339cd7b96e71d3ab48ad9d7975e0c9b117f71d3ab80a0c9b0284ecc469fa6181c9c71fce07a6ffb23296a107763138e8d9876291af2076890c47925ac773d95c5f12e15683513e0d87d31e372d2ca42acb3e5f3a1550665b898462c139ffd0106bc8a61b6117d252efcab7106b4c3a3c13a70ff452e9d2096142c517b0e91b5cf88332faca5b3ee96363065c3ce32d3d39ec36e20d597e05664f2526bd918090649da11f7299789d00f50e4f81e99d3efecb9b457642fe810370ba4fbe00fa60a28af966a27a1659e448b41ef2051a7b703d55c0602540663016e20d50385766da704fc5d01a1459134d1b9edfde3be9e25a110228c64253588ff420644dbc0854e69a7bdda72f93ceaccf92cfe7dd6296c950db10f6dd8a5ef9b73cf6a12a1ba16fdc7e35b805f4fd2b21b0a623722149c1465e4de2d53f0f10b14c21865027abc71a12cb1e9f8029c7a20000000eeb0d53a83e518c8d2052c08b515d9d0bde24ac4e798040c7db0bb03c019507d6377f3d5dd94a27abc6d6b120d61f772407e0d2cb50d29168b68aef9f176b4c3aa8b21279d4ea9c1f669aa8c2c17d5b3a8d1dda58d26f1019af04b7774c85d5bce8be010f27c5211938031c3404680b01279c778bd1fe1b48c4b5b8e0fe756e54a8d76b7cec5e3407d93b4ea2bb62cb681bcdc446440607de844acf5524a4657e33ef2115547b735b57b5092d0bc8fa6acb832509abe0882d570ce400aaebd7baff88526608d6991aac95751671174129457e4a03aca69d82b64b89e6ad6ed1e275ec5002e48170e4c7b4f3971481098dedb88fba90770e44bf404d5a97fefe2fe8e459fe45933b78c7ab5fe985a480193a00fb07da1455cb283df68af569ac82aa6dc703e29bf158931fb79f2abfa6ff7eb8c4f381c9da58bea460e2ead969933e5391970ca4fddd64da2e5df9c4d82044068caaaab771b37bb06bbe673056d849825525f1120b2250f6b8520381f7a74b1c687781cb6b23e67b918844b83dbaeeb559ec8520d710dd6d6b4e64838bd434a36ed03fc0c488b24571032ffbc9f8ce97041e1bc4729d539358dc9599c1266b9ce2cb6dd0ad57a6e9d3d4a11a27f70b2934c96237e2ba09c58eeda678d4d08b6da99b7a86e946215afb1b48792fde54492e306cb5342e2589874b603a1de972b1f09cc350096f5c3e814118af9ba0793cfdf20c77b34eacfdf63ce59ec4d2f867bf884e941559b068d908325667672b5e1cf71f4829c0493e8b141489ed926b822becead7a0a2b4a4c008ab16b616d60f347e4da54f06443507efe57ea62399ef4eb11b2f559e1b056456a53998bf1c6d13c92e75136147f91ae3a75ca15eb1b51bf700b3c0bf54bc3745ff313c5e75dc66386897f6ee4542937695d0878c442ad2fe9baf85c1390da13efc353ccbef950c29f39ddf436f0d9bf1be1515ed251d8b6f11ecb16b1e8d1ed04196e9b6c2f9e068b7749bb6c1f533e4923e80100000000000000af7b3f22c901662c65cb761dc2eeff2f698bd4dbae83e2dfdc4f1c7f918a00515c1bc189d10ec22b35fd81aed2f0ba244fd029c4f0d4f9331a31572326f68e000000000000ab0476c3fd7f7c1e5c000000000000000000000011e43e39d3f4394fbfa13c416b1c443c5e52eea726491ad75100ebad7c6d5a665c59a3fb158e43da904f19e7e8daa4e90390b8da945f6cd78536c0d2be07221f85ad46b180f256d4d84592691d15d65896b66b63a46705338b67b72dc1c3075fcdc5cbffb036619df4edf4facf90e33d8c96976341e4cd7f5c44c31a19d85db87e0240d817784e569931b4d0e1a8ea6d3f4918396c7f7e4061abf9f30f53a3b9bb288ca458e21eed818dd484abcc6aa5ca83772b03fe48be1aa5930a0e1daefca800000000000000000000000000001f5e7a09fd2ba55bbfdec87793e024c0665d0127c56a0d1c7eee1a36b2a3c3e900e03b75203c9a6c79753e24994864527df6d14725a56e506a20bb1615d54064e4365aa79d8e4a6670673820431eaa7e255fc3aef1459948e221257e9f5b485b8ef30d6a6bcb587454c1df802c239318aef8800f0c7fe1bbc422f558640671bf7dbf49c61c7819c7543642f68223b624c2b5fb97cd4d8fb01891510a219751beae67b900f99d6e662ebcd286c9e1f5332db171b03dcc20782bfd01031fae3deb2968e8d35dc1fb24375c09f2628a4769a3eebbdd1ce124a7bd774a764879596c63a54c7cd3bd7acef0685603d39c4817df132a2fa57d5fd900d658102016b6dcf27ba3d4eec64e42d640c636da7ef5ee99ba9f3e47e67281496e71542bcd1349ccad36d9f2cdeee8ee6d670d589acfa177b06332a9574459bb167ec954765ab8a211e4f7628109df08a525d2c906bd60b27a0743595b1c0f7cfe7abb7f42cd9c8d2c4dfd2b5027a1ca3756e2c20ff1759783b3d10a7fc209b0cead1b39"], &(0x7f0000000040)='GPL\x00', 0x4, 0x1076, &(0x7f0000000300)=""/4096}, 0x70) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000018c0)={r7, 0x34, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffd9, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r8}, 0x80) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r9 = socket$kcm(0x2, 0xa, 0x2) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) ioctl$IOMMU_IOAS_MAP(0xffffffffffffffff, 0x3b85, 0x0) r10 = socket$qrtr(0x2a, 0x2, 0x0) r11 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/oss_mixer\x00', 0x121401, 0x0) write$proc_mixer(r11, &(0x7f0000000240)=ANY=[@ANYBLOB='VOLUME \'Line\' 1'], 0x73) close_range(r10, 0xffffffffffffffff, 0x0) ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000280)={@val={0x0, 0x800}, @val={0x1}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0x5}}}}}, 0x36) mount$9p_virtio(&(0x7f0000000440), &(0x7f0000000480)='./bus\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=virtio,mmap,cache=none,cache=loose,posixacl']) 2.135186748s ago: executing program 1 (id=718): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) brk(0x55555ede6001) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x8}, 0x48) r5 = getpgrp(r2) syz_pidfd_open(r5, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8001}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x2805011, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x1001402, 0x0) 1.910091994s ago: executing program 0 (id=719): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x3c, 0x0, 0x8, 0x401, 0x0, 0x0, {}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_PARTOPEN={0x8}]}, @CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x3c}}, 0x0) 1.757198294s ago: executing program 0 (id=720): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) ioctl$TIOCSLCKTRMIOS(r1, 0x5457, 0x0) 1.756693298s ago: executing program 0 (id=721): r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x30, r0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0x6}]}]}, 0x30}}, 0x0) 1.639243476s ago: executing program 0 (id=722): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x1, 0x2, 0x2, 0x1901, 0x1, 0x1adf, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x2, 0x3}, 0x48) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x324) r2 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'}) sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) r3 = userfaultfd(0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000040)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_WRITEPROTECT(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2}) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000400)={&(0x7f0000b36000/0x12000)=nil, &(0x7f0000841000/0x4000)=nil, 0x12000}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$UFFDIO_CONTINUE(r4, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1}) syz_io_uring_setup(0x6866, &(0x7f00000003c0)={0x0, 0x0, 0x2000}, &(0x7f0000000080), &(0x7f0000000140)) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) syz_open_procfs$userns(0x0, &(0x7f00000002c0)) userfaultfd(0x80001) 1.583989653s ago: executing program 2 (id=723): pipe2$watch_queue(0x0, 0x80) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_emit_ethernet(0x66, &(0x7f00000003c0)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x30, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}, @loopback={0x0, 0xffffac1414aa}}}}}}}}, 0x0) r0 = syz_io_uring_setup(0x16c2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x3}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 1.552285253s ago: executing program 2 (id=724): socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'}) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0}) socket$packet(0x11, 0x3, 0x300) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000940)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3) 822.590331ms ago: executing program 1 (id=725): syz_emit_vhci(&(0x7f00000009c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x405}}}, 0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) 651.413706ms ago: executing program 2 (id=726): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) fremovexattr(r1, &(0x7f0000000040)=@known='system.posix_acl_access\x00') r2 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r2) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r2}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001080)) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) socketpair$unix(0x1, 0x0, 0x0, 0x0) r3 = syz_io_uring_setup(0x2ddd, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x5e2, &(0x7f0000000080), &(0x7f0000000180)=0x0, &(0x7f0000000380)) syz_io_uring_submit(r5, r4, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r3, 0x381b, 0x0, 0x0, 0x0, 0x0) 507.617908ms ago: executing program 2 (id=727): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="db00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) listen(r2, 0x0) ioctl$BTRFS_IOC_LOGICAL_INO(r0, 0xc0389424, &(0x7f0000000100)={0x10001, 0x38, '\x00', 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r3 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r3, &(0x7f0000002300)={&(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{}, 0x4}}, 0x10, 0x0}, 0x0) sendmsg$tipc(r3, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x0) r4 = syz_open_dev$vcsa(&(0x7f0000000180), 0x2, 0x420080) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) r6 = dup(r5) mount$9p_fd(0x20100000, &(0x7f0000000080)='.\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX]) linkat(r4, &(0x7f00000001c0)='./file1/file4/file7\x00', r6, &(0x7f0000000240)='./file1/file0\x00', 0x2400) mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1/file4/file5\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x0) r7 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x10, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x0, 0x0) r8 = syz_open_dev$mouse(&(0x7f0000000080), 0x0, 0x60002) write$FUSE_WRITE(r8, &(0x7f0000002040)={0x18}, 0x18) read$rfkill(r8, 0x0, 0x0) landlock_restrict_self(r7, 0x0) landlock_restrict_self(r7, 0x0) linkat(0xffffffffffffff9c, &(0x7f0000000500)='./file1/file4/file5\x00', 0xffffffffffffff9c, &(0x7f0000000540)='./file1/file4/file7/file5\x00', 0x0) accept4(r2, 0x0, 0x0, 0x0) 409.210166ms ago: executing program 1 (id=728): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x2000002}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000580)={{}, &(0x7f0000000500), &(0x7f0000000540)='%+9llu \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x2, &(0x7f0000000a40)=ANY=[@ANYBLOB="95000000000000009500000000e1ff00"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000005c0)={'syztnl2\x00', &(0x7f0000000480)={'syztnl1\x00', 0x0, 0x2f, 0xf, 0x4, 0x1, 0x0, @mcast2, @local, 0x20, 0x40, 0xd, 0x1c6}}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'vlan0\x00'}) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0) ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x13) ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000040)={{}, 'syz1\x00'}) ioctl$UI_DEV_CREATE(r2, 0x5501) write$input_event(r2, &(0x7f0000000140)={{0x77359400}, 0x13}, 0x18) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000006c0)={'ip6tnl0\x00', &(0x7f0000000640)={'syztnl1\x00', 0x0, 0x2f, 0xf, 0x6, 0xb2b5, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, 0x870e, 0x7800, 0x9, 0x12f}}) epoll_create1(0x0) ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000f00)={{0xfff, 0xffff, 0x2}, 'syz1\x00', 0xd}) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/slabinfo\x00', 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c) listen(r3, 0x0) r4 = io_uring_setup(0x1694, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_BUFFERS2(r4, 0xf, &(0x7f0000002700)={0x2, 0x0, 0x0, &(0x7f0000002680)=[{&(0x7f0000000100)=""/249, 0xf9}, {&(0x7f00000015c0)=""/4096, 0x400400}], 0x0}, 0x20) 185.498207ms ago: executing program 2 (id=730): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto$inet6(r1, &(0x7f0000000000)="d8badc22c28a97764e2fa6c30d070e30c78d9dde8309e737c2e38af61b64bc9483f471f0841626096a91ddb7494ca6381e9ac3a51e7d3deb467a3dded2731b8be24446b4d4b8ac55", 0x48, 0x0, 0x0, 0x0) 185.327417ms ago: executing program 3 (id=731): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a5c000000060a09040000000000000000020000000900020073797a32000000000900010073797a3000000000300004802c"], 0x84}}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b) r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001900599c6d0eab070004000523"], 0xfe33) 83.677054ms ago: executing program 2 (id=732): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) r1 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x4) fcntl$addseals(r1, 0x409, 0x7) ioctl$FS_IOC_RESVSP(r1, 0x402c5828, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x6}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0) r2 = io_uring_setup(0x4d63, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1}) r3 = socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, r3, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) munlock(&(0x7f000099f000/0x2000)=nil, 0x2000) r4 = syz_init_net_socket$ax25(0x3, 0x5, 0x0) ioctl$SIOCAX25CTLCON(r4, 0x541b, &(0x7f00000000c0)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, 0x0, 0x0, 0x0, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}) close(0xffffffffffffffff) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = openat$nvram(0xffffff9c, &(0x7f0000000000), 0x14001, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r3) sendmsg$ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, 0x0}, 0x80) socket$igmp(0x2, 0x3, 0x2) syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000700)={'wlan1\x00'}) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) 0s ago: executing program 3 (id=733): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@bridge_getlink={0x28, 0x12, 0x1, 0x0, 0x0, {}, [@IFLA_EXT_MASK={0x8}]}, 0x28}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:46213' (ED25519) to the list of known hosts. [ 50.591901][ T5295] cgroup: Unknown subsys name 'net' [ 50.735377][ T5295] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 52.111636][ T5295] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 57.438366][ T5342] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 57.448063][ T5342] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 57.454844][ T5347] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 57.458196][ T5342] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 57.460540][ T5347] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 57.462672][ T5342] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 57.464286][ T5347] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 57.467515][ T5342] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 57.471041][ T5347] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 57.476481][ T5347] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 57.479514][ T5347] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 57.482483][ T5347] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 57.498147][ T5342] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 57.507961][ T5342] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 57.512472][ T5342] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 57.517353][ T5342] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 57.521620][ T5342] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 57.528391][ T5342] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 57.555956][ T5342] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 57.559666][ T5342] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 57.563353][ T5342] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 57.569076][ T5342] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 57.572857][ T5342] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 57.576506][ T5342] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 57.935209][ T5340] chnl_net:caif_netlink_parms(): no params data found [ 57.957304][ T5341] chnl_net:caif_netlink_parms(): no params data found [ 58.054270][ T5349] chnl_net:caif_netlink_parms(): no params data found [ 58.132947][ T5351] chnl_net:caif_netlink_parms(): no params data found [ 58.174851][ T5340] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.180191][ T5340] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.183365][ T5340] bridge_slave_0: entered allmulticast mode [ 58.186476][ T5340] bridge_slave_0: entered promiscuous mode [ 58.255235][ T5340] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.257915][ T5340] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.260940][ T5340] bridge_slave_1: entered allmulticast mode [ 58.264773][ T5340] bridge_slave_1: entered promiscuous mode [ 58.311134][ T5341] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.314137][ T5341] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.317164][ T5341] bridge_slave_0: entered allmulticast mode [ 58.320263][ T5341] bridge_slave_0: entered promiscuous mode [ 58.382652][ T5341] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.385878][ T5341] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.389547][ T5341] bridge_slave_1: entered allmulticast mode [ 58.393786][ T5341] bridge_slave_1: entered promiscuous mode [ 58.450984][ T5340] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.532826][ T5340] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.656510][ T5351] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.659399][ T5351] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.662420][ T5351] bridge_slave_0: entered allmulticast mode [ 58.665255][ T5351] bridge_slave_0: entered promiscuous mode [ 58.668788][ T5349] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.671445][ T5349] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.673677][ T5349] bridge_slave_0: entered allmulticast mode [ 58.677397][ T5349] bridge_slave_0: entered promiscuous mode [ 58.684023][ T5341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.718245][ T5351] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.720772][ T5351] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.723240][ T5351] bridge_slave_1: entered allmulticast mode [ 58.726372][ T5351] bridge_slave_1: entered promiscuous mode [ 58.729557][ T5349] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.732248][ T5349] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.735207][ T5349] bridge_slave_1: entered allmulticast mode [ 58.738738][ T5349] bridge_slave_1: entered promiscuous mode [ 58.761816][ T5341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.771368][ T5340] team0: Port device team_slave_0 added [ 58.910179][ T5340] team0: Port device team_slave_1 added [ 58.915783][ T5351] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.925729][ T5351] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.932560][ T5349] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.939644][ T5341] team0: Port device team_slave_0 added [ 59.002249][ T5349] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.009661][ T5341] team0: Port device team_slave_1 added [ 59.143191][ T5340] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.145971][ T5340] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.157441][ T5340] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.169802][ T5351] team0: Port device team_slave_0 added [ 59.193045][ T5341] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.195155][ T5341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.206151][ T5341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.211541][ T5340] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.214597][ T5340] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.231215][ T5340] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.240156][ T5351] team0: Port device team_slave_1 added [ 59.246391][ T5349] team0: Port device team_slave_0 added [ 59.249680][ T5341] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.252836][ T5341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.264103][ T5341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.305885][ T5349] team0: Port device team_slave_1 added [ 59.363295][ T5349] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.366262][ T5349] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.376673][ T5349] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.409100][ T5351] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.412271][ T5351] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.422826][ T5351] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.430225][ T5349] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.433216][ T5349] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.443505][ T5349] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.472934][ T5351] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.475859][ T5351] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.486508][ T5351] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.558814][ T5342] Bluetooth: hci1: command tx timeout [ 59.569836][ T5347] Bluetooth: hci0: command tx timeout [ 59.569920][ T5342] Bluetooth: hci2: command tx timeout [ 59.602525][ T5340] hsr_slave_0: entered promiscuous mode [ 59.606258][ T5340] hsr_slave_1: entered promiscuous mode [ 59.614476][ T5341] hsr_slave_0: entered promiscuous mode [ 59.617659][ T5341] hsr_slave_1: entered promiscuous mode [ 59.620733][ T5341] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.624167][ T5341] Cannot create hsr debugfs directory [ 59.638027][ T5342] Bluetooth: hci3: command tx timeout [ 59.668376][ T5351] hsr_slave_0: entered promiscuous mode [ 59.671641][ T5351] hsr_slave_1: entered promiscuous mode [ 59.674810][ T5351] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.677869][ T5351] Cannot create hsr debugfs directory [ 59.815366][ T5349] hsr_slave_0: entered promiscuous mode [ 59.818911][ T5349] hsr_slave_1: entered promiscuous mode [ 59.821811][ T5349] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.824595][ T5349] Cannot create hsr debugfs directory [ 60.366363][ T5351] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 60.381511][ T5351] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 60.388424][ T5351] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 60.395358][ T5351] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 60.439328][ T5341] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 60.449564][ T5341] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 60.457400][ T5341] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 60.464928][ T5341] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 60.522787][ T5349] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 60.533939][ T5349] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 60.550045][ T5349] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 60.556081][ T5349] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 60.603785][ T5340] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 60.610245][ T5340] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 60.625822][ T5340] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 60.635622][ T5340] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 60.725296][ T5351] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.740497][ T5341] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.769386][ T5351] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.780428][ T5341] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.810673][ T1416] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.814098][ T1416] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.840749][ T5380] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.850218][ T5380] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.856619][ T5380] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.860029][ T5380] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.864931][ T5380] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.868070][ T5380] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.985069][ T5340] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.010965][ T5349] 8021q: adding VLAN 0 to HW filter on device bond0 [ 61.018577][ T5351] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 61.050409][ T5340] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.075305][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.078085][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.094296][ T5349] 8021q: adding VLAN 0 to HW filter on device team0 [ 61.102757][ T5378] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.105891][ T5378] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.125519][ T5378] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.128794][ T5378] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.149309][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.156728][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.213738][ T5351] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.276876][ T5341] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.286187][ T5349] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 61.371642][ T5351] veth0_vlan: entered promiscuous mode [ 61.387072][ T5351] veth1_vlan: entered promiscuous mode [ 61.426643][ T5341] veth0_vlan: entered promiscuous mode [ 61.440725][ T5351] veth0_macvtap: entered promiscuous mode [ 61.446808][ T5341] veth1_vlan: entered promiscuous mode [ 61.475051][ T5351] veth1_macvtap: entered promiscuous mode [ 61.484628][ T5340] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.529579][ T5351] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.542025][ T5341] veth0_macvtap: entered promiscuous mode [ 61.554874][ T5349] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 61.561811][ T5341] veth1_macvtap: entered promiscuous mode [ 61.570271][ T5351] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.589416][ T5351] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.593522][ T5351] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.597393][ T5351] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.602227][ T5351] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.622039][ T5341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.627495][ T5341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.635493][ T5341] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.644167][ T5342] Bluetooth: hci1: command tx timeout [ 61.648186][ T5347] Bluetooth: hci2: command tx timeout [ 61.650741][ T66] Bluetooth: hci0: command tx timeout [ 61.678523][ T5340] veth0_vlan: entered promiscuous mode [ 61.687145][ T5340] veth1_vlan: entered promiscuous mode [ 61.709308][ T5341] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.722085][ T66] Bluetooth: hci3: command tx timeout [ 61.724555][ T5341] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.730393][ T5341] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.770412][ T5341] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.774276][ T5341] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.777983][ T5341] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.781590][ T5341] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.800763][ T5349] veth0_vlan: entered promiscuous mode [ 61.823431][ T5349] veth1_vlan: entered promiscuous mode [ 61.842537][ T5340] veth0_macvtap: entered promiscuous mode [ 61.862340][ T5340] veth1_macvtap: entered promiscuous mode [ 61.868078][ T95] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.872411][ T95] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.933565][ T5349] veth0_macvtap: entered promiscuous mode [ 61.934185][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 61.939623][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.942381][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.947079][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.953308][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.957878][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.963731][ T5340] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.969885][ T5349] veth1_macvtap: entered promiscuous mode [ 61.981961][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.986619][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.990871][ T5340] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.995421][ T5340] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.004595][ T5340] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.009731][ T95] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.014208][ T95] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.032665][ T5340] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.036220][ T5340] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.039879][ T5340] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.043862][ T5340] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.062090][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.062646][ T5349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.065603][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.071266][ T5349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.079834][ T5349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.084561][ T5349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.089348][ T5349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 62.093956][ T5349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.100647][ T5349] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 62.162947][ T5349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.170871][ T5349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.179394][ T5349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.185709][ T5349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.189808][ T5349] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 62.194048][ T5349] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 62.201124][ T5349] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 62.231205][ T5349] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.235224][ T5349] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.239583][ T5349] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.243355][ T5349] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 62.271526][ T95] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.276616][ T95] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.333391][ T5405] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 62.363428][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.369902][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.389009][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.392588][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 62.430506][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 62.433799][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.251269][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 63.260660][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 63.720678][ T66] Bluetooth: hci1: command tx timeout [ 63.722937][ T66] Bluetooth: hci0: command tx timeout [ 63.738211][ T66] Bluetooth: hci2: command tx timeout [ 63.819759][ T66] Bluetooth: hci3: command tx timeout [ 63.945356][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 63.998355][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 64.180251][ T5426] ipvlan0: entered promiscuous mode [ 64.536168][ T5424] ipvlan0: left promiscuous mode [ 64.638697][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 64.902399][ T39] audit: type=1800 audit(1722651544.651:2): pid=5440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.14" name="/" dev="fuse" ino=1 res=0 errno=0 [ 65.797935][ T66] Bluetooth: hci2: command tx timeout [ 65.798122][ T5342] Bluetooth: hci1: command tx timeout [ 65.798143][ T5347] Bluetooth: hci0: command tx timeout [ 65.879083][ T5342] Bluetooth: hci3: command tx timeout [ 65.934761][ T5448] process 'syz.1.19' launched './file1' with NULL argv: empty string added [ 66.281639][ T5459] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 66.397645][ T5465] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 67.480720][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 67.558051][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 67.580701][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 67.668561][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 67.676387][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 67.856059][ T5485] netlink: 12 bytes leftover after parsing attributes in process `syz.3.31'. [ 68.179352][ T5492] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 68.891964][ T5505] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 68.895794][ T5505] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 68.904160][ T5505] vhci_hcd vhci_hcd.0: Device attached [ 69.025963][ T5506] vhci_hcd: cannot find a urb of seqnum 3 max seqnum 0 [ 69.036737][ T75] vhci_hcd: stop threads [ 69.038777][ T75] vhci_hcd: release socket [ 69.041040][ T75] vhci_hcd: disconnect device [ 69.778204][ T5516] netlink: 4 bytes leftover after parsing attributes in process `syz.1.41'. [ 69.811670][ T5516] netlink: 64 bytes leftover after parsing attributes in process `syz.1.41'. [ 69.872562][ T5518] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 70.690448][ T5543] binder: 5542:5543 ioctl c00c620f 20000340 returned -22 [ 70.709247][ T5543] veth0_vlan: entered allmulticast mode [ 70.765923][ T5543] veth0_vlan: left promiscuous mode [ 70.770160][ T5543] veth0_vlan: entered promiscuous mode [ 70.919299][ T5546] netlink: 'syz.0.54': attribute type 10 has an invalid length. [ 70.922626][ T5546] ipvlan1: entered promiscuous mode [ 70.930845][ T5546] team0: Device ipvlan1 failed to register rx_handler [ 71.039966][ T5552] netlink: 'syz.3.57': attribute type 2 has an invalid length. [ 71.053352][ T5548] netlink: 'syz.1.55': attribute type 29 has an invalid length. [ 71.072500][ T5550] tipc: Failed to remove unknown binding: 66,1,1/0:559034755/559034757 [ 71.078593][ T5550] tipc: Failed to remove unknown binding: 66,1,1/0:559034755/559034757 [ 71.311870][ T5556] input: syz0 as /devices/virtual/input/input5 [ 71.317274][ T5558] netlink: 4 bytes leftover after parsing attributes in process `syz.0.59'. [ 71.519611][ T5568] warning: `syz.3.61' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 71.707870][ T1657] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 71.817038][ T5574] tc_dump_action: action bad kind [ 71.903137][ T1657] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 71.909994][ T1657] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 71.915131][ T1657] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 71.919187][ T1657] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.935815][ T5564] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 71.946730][ T1657] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 72.104078][ T5581] netlink: 24 bytes leftover after parsing attributes in process `syz.1.68'. [ 72.204801][ T25] usb 5-1: USB disconnect, device number 2 [ 73.460700][ T5610] capability: warning: `syz.0.75' uses 32-bit capabilities (legacy support in use) [ 73.605280][ T5610] netlink: 4 bytes leftover after parsing attributes in process `syz.0.75'. [ 73.691830][ T5613] netlink: 40 bytes leftover after parsing attributes in process `syz.1.76'. [ 73.902067][ T5614] evm: overlay not supported [ 73.921000][ T39] audit: type=1804 audit(1722652065.671:3): pid=5614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.76" name="/newroot/29/bus/file0" dev="overlay" ino=183 res=1 errno=0 [ 74.279166][ T5617] syz.3.77 (5617): drop_caches: 2 [ 74.281947][ T5617] syz.3.77 (5617): drop_caches: 2 [ 74.376976][ T5620] syz.3.77 (5620): drop_caches: 2 [ 74.380376][ T5620] syz.3.77 (5620): drop_caches: 2 [ 75.078975][ T5631] netlink: 8 bytes leftover after parsing attributes in process `syz.3.80'. [ 75.133571][ T5631] netlink: 8 bytes leftover after parsing attributes in process `syz.3.80'. [ 75.302194][ T66] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 75.307515][ T66] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 75.336961][ T66] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 75.345555][ T66] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 75.369232][ T66] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 75.393970][ T66] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 75.582426][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.598067][ T39] audit: type=1326 audit(1722652067.341:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5635 comm="syz.3.82" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x0 [ 75.774231][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.869880][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.971016][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.987582][ T5634] chnl_net:caif_netlink_parms(): no params data found [ 76.123347][ T5634] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.127055][ T5634] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.130555][ T5634] bridge_slave_0: entered allmulticast mode [ 76.134388][ T5634] bridge_slave_0: entered promiscuous mode [ 76.171201][ T5634] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.174490][ T5634] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.179700][ T5634] bridge_slave_1: entered allmulticast mode [ 76.185761][ T5634] bridge_slave_1: entered promiscuous mode [ 76.319493][ T5638] usb usb8: usbfs: process 5638 (syz.3.82) did not claim interface 0 before use [ 76.326175][ T5634] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 76.360284][ T5634] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 76.483033][ T11] bridge_slave_1: left allmulticast mode [ 76.485806][ T11] bridge_slave_1: left promiscuous mode [ 76.490998][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.513069][ T11] bridge_slave_0: left allmulticast mode [ 76.517897][ T11] bridge_slave_0: left promiscuous mode [ 76.523258][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.562762][ T5654] netlink: zone id is out of range [ 76.565481][ T5654] netlink: zone id is out of range [ 76.592818][ T5654] netlink: set zone limit has 4 unknown bytes [ 76.609214][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.617927][ T1377] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.943713][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 76.954865][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 76.961730][ T11] bond0 (unregistering): Released all slaves [ 76.988514][ T5634] team0: Port device team_slave_0 added [ 77.003670][ T5634] team0: Port device team_slave_1 added [ 77.070718][ T5634] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.073791][ T5634] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.086049][ T5634] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.093292][ T5634] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.096314][ T5634] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.111759][ T5634] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.310079][ T5634] hsr_slave_0: entered promiscuous mode [ 77.313683][ T5634] hsr_slave_1: entered promiscuous mode [ 77.316835][ T5634] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 77.322291][ T5634] Cannot create hsr debugfs directory [ 77.415186][ T5342] Bluetooth: Unknown BR/EDR signaling command 0x0c [ 77.418533][ T5342] Bluetooth: Wrong link type (-22) [ 77.477901][ T5342] Bluetooth: hci0: command tx timeout [ 77.647863][ T11] hsr_slave_0: left promiscuous mode [ 77.663187][ T11] hsr_slave_1: left promiscuous mode [ 77.666830][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 77.670210][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 77.674443][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 77.677572][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 77.709057][ T11] veth1_macvtap: left promiscuous mode [ 77.711994][ T11] veth0_macvtap: left promiscuous mode [ 77.714342][ T11] veth1_vlan: left promiscuous mode [ 77.717113][ T11] veth0_vlan: left promiscuous mode [ 78.442452][ T5670] netfs: Couldn't get user pages (rc=-14) [ 78.628743][ T11] team0 (unregistering): Port device team_slave_1 removed [ 78.693644][ T11] team0 (unregistering): Port device team_slave_0 removed [ 79.533558][ T5685] netlink: 8 bytes leftover after parsing attributes in process `syz.0.93'. [ 79.571979][ T5342] Bluetooth: hci0: command tx timeout [ 79.952869][ T5634] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 79.963705][ T5634] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 79.974906][ T5634] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 79.989831][ T5634] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 80.116044][ T5634] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.136398][ T5634] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.145543][ T1657] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.149243][ T1657] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.159816][ T1657] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.162815][ T1657] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.297999][ T57] cfg80211: failed to load regulatory.db [ 80.333745][ T5634] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.389719][ T5634] veth0_vlan: entered promiscuous mode [ 80.400607][ T5634] veth1_vlan: entered promiscuous mode [ 80.476478][ T5634] veth0_macvtap: entered promiscuous mode [ 80.486877][ T5634] veth1_macvtap: entered promiscuous mode [ 80.506825][ T5634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.520499][ T5634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.524997][ T5634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.529362][ T5634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.533696][ T5634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 80.538807][ T5634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.546001][ T5634] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 80.581939][ T5634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.598193][ T5634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.602431][ T5634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.618238][ T5634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.622533][ T5634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 80.626984][ T5634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 80.637055][ T5634] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 80.649612][ T5634] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.653629][ T5634] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.657201][ T5634] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.670902][ T5634] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 80.849256][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.852930][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 80.884316][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 80.893725][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 81.293184][ T5729] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 81.388300][ T5729] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 81.637929][ T5342] Bluetooth: hci0: command tx timeout [ 82.175398][ T5741] ufs: You didn't specify the type of your ufs filesystem [ 82.175398][ T5741] [ 82.175398][ T5741] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 82.175398][ T5741] [ 82.175398][ T5741] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 82.191241][ T5741] ufs: ufstype=old is supported read-only [ 82.200651][ T5741] ufs: ufs_fill_super(): bad magic number [ 83.414267][ T5757] Bluetooth: MGMT ver 1.23 [ 83.548420][ T5377] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 83.717855][ T5342] Bluetooth: hci0: command tx timeout [ 83.757988][ T5377] usb 8-1: Using ep0 maxpacket: 16 [ 83.775480][ T5377] usb 8-1: New USB device found, idVendor=0b05, idProduct=1736, bcdDevice= d.b1 [ 83.780620][ T5377] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.788765][ T5377] usb 8-1: Product: syz [ 83.793979][ T5377] usb 8-1: Manufacturer: syz [ 83.808064][ T5377] usb 8-1: SerialNumber: syz [ 83.820335][ T5377] usb 8-1: config 0 descriptor?? [ 84.071489][ T5377] dvb-usb: found a 'Asus My Cinema-U3000Hybrid' in cold state, will try to load a firmware [ 84.090659][ T5377] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw' [ 84.094164][ T5377] dib0700: firmware download failed at 7 with -22 [ 84.354619][ T5773] netlink: 4 bytes leftover after parsing attributes in process `syz.2.117'. [ 86.212593][ T5342] Bluetooth: Unexpected start frame (len 18) [ 86.246593][ T5794] syz.0.122 (5794): drop_caches: 2 [ 86.250323][ T5794] syz.0.122 (5794): drop_caches: 2 [ 86.310569][ T1416] usb 8-1: USB disconnect, device number 2 [ 86.525563][ T5798] syz.0.122 (5798): drop_caches: 2 [ 86.529440][ T5798] syz.0.122 (5798): drop_caches: 2 [ 86.539999][ T5793] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 86.859794][ T5342] Bluetooth: hci0: unexpected event 0x30 length: 32 > 3 [ 86.998410][ T5342] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 87.240373][ T5811] netlink: 'syz.0.125': attribute type 20 has an invalid length. [ 87.557769][ T1416] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 87.759582][ T1416] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 88, changing to 10 [ 87.760515][ T5816] netlink: 12 bytes leftover after parsing attributes in process `syz.2.127'. [ 87.765862][ T1416] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49868, setting to 1024 [ 87.774168][ T1416] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 87.777377][ T1416] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.787522][ T1416] usb 5-1: config 0 descriptor?? [ 87.911051][ T5822] netlink: 32 bytes leftover after parsing attributes in process `syz.3.129'. [ 88.062524][ T1416] usbhid 5-1:0.0: can't add hid device: -71 [ 88.065296][ T1416] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 88.082347][ T1416] usb 5-1: USB disconnect, device number 3 [ 88.827943][ T5342] Bluetooth: hci3: unexpected event 0x09 length: 17 > 3 [ 88.967680][ T5835] netdevsim netdevsim0: Direct firmware load for ng failed with error -2 [ 88.984388][ T5835] netdevsim netdevsim0: Falling back to sysfs fallback for: ng [ 89.396356][ T5342] Bluetooth: Frame is too long (len 12, expected len 10) [ 89.463157][ T5342] Bluetooth: Unexpected continuation frame (len 18) [ 89.784028][ T5851] ufs: You didn't specify the type of your ufs filesystem [ 89.784028][ T5851] [ 89.784028][ T5851] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 89.784028][ T5851] [ 89.784028][ T5851] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 89.798839][ T5851] ufs: ufstype=old is supported read-only [ 89.803661][ T5851] ufs: ufs_fill_super(): bad magic number [ 89.995701][ T5857] netlink: 12 bytes leftover after parsing attributes in process `syz.3.138'. [ 90.051938][ C3] Illegal XDP return value 16128 on prog (id 31) dev bond_slave_1, expect packet loss! [ 90.838758][ T5342] Bluetooth: hci3: command tx timeout [ 91.076390][ T5866] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 91.315551][ T5875] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 91.360268][ T5875] Bluetooth: MGMT ver 1.23 [ 91.481245][ T5342] Bluetooth: hci0: command tx timeout [ 91.537300][ T5881] netlink: 4 bytes leftover after parsing attributes in process `syz.1.147'. [ 91.642108][ T5888] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.647032][ T5888] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.756267][ T5342] Bluetooth: hci2: Malformed Event: 0x2f [ 92.699687][ T5903] netlink: 'syz.1.153': attribute type 15 has an invalid length. [ 92.703431][ T5903] netlink: 28 bytes leftover after parsing attributes in process `syz.1.153'. [ 94.925722][ T5342] Bluetooth: hci1: connection err: -111 [ 94.932226][ T5342] Bluetooth: Frame is too long (len 12, expected len 10) [ 95.121712][ T5342] Bluetooth: Unexpected continuation frame (len 18) [ 95.674132][ T5932] netlink: 'syz.2.160': attribute type 20 has an invalid length. [ 95.764846][ T5342] Bluetooth: hci2: unexpected event 0x30 length: 32 > 3 [ 95.882013][ T5342] Bluetooth: hci2: Received unexpected HCI Event 0x00 [ 95.987867][ T57] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 96.095053][ T5937] syz.1.159 (5937): drop_caches: 2 [ 96.098968][ T5937] syz.1.159 (5937): drop_caches: 2 [ 96.180363][ T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 88, changing to 10 [ 96.185761][ T57] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49868, setting to 1024 [ 96.205579][ T5941] syz.1.159 (5941): drop_caches: 2 [ 96.208227][ T57] usb 7-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 96.208958][ T5941] syz.1.159 (5941): drop_caches: 2 [ 96.219911][ T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.238456][ T57] usb 7-1: config 0 descriptor?? [ 96.470994][ T57] usbhid 7-1:0.0: can't add hid device: -71 [ 96.473644][ T57] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 96.493634][ T57] usb 7-1: USB disconnect, device number 2 [ 96.891660][ T5948] syz.1.164 uses obsolete (PF_INET,SOCK_PACKET) [ 97.177127][ T5952] netlink: 8 bytes leftover after parsing attributes in process `syz.2.166'. [ 97.208413][ T5952] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 97.238266][ T5952] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 97.928592][ T5952] syz.2.166 (5952) used greatest stack depth: 21040 bytes left [ 98.380022][ T5342] Bluetooth: Frame is too long (len 12, expected len 10) [ 98.391271][ T5977] capability: warning: `syz.0.171' uses deprecated v2 capabilities in a way that may be insecure [ 98.591898][ T5342] Bluetooth: Unexpected continuation frame (len 18) [ 99.104895][ T5987] netlink: zone id is out of range [ 99.109542][ T5987] netlink: zone id is out of range [ 99.137252][ T5987] netlink: set zone limit has 4 unknown bytes [ 99.141639][ T1416] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 99.323373][ T1416] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 99.330377][ T1416] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 99.334799][ T1416] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 99.340139][ T1416] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.346137][ T5986] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 99.351701][ T1416] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 99.573138][ T1416] usb 7-1: USB disconnect, device number 3 [ 100.447816][ T5342] Bluetooth: hci2: command tx timeout [ 101.060151][ T6010] syz.2.174 (6010): drop_caches: 2 [ 101.071914][ T6010] syz.2.174 (6010): drop_caches: 2 [ 101.076324][ T6017] netlink: 8 bytes leftover after parsing attributes in process `syz.1.177'. [ 101.088495][ T6017] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 101.092960][ T6017] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 101.246752][ T6012] syz.2.174 (6012): drop_caches: 2 [ 101.252584][ T6012] syz.2.174 (6012): drop_caches: 2 [ 103.867620][ T5381] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 104.072082][ T5381] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 104.076536][ T5381] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 104.080856][ T5381] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 104.084723][ T5381] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.090250][ T6052] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 104.096232][ T5381] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 104.321841][ T5379] usb 8-1: USB disconnect, device number 3 [ 105.326655][ T5342] Bluetooth: hci3: link tx timeout [ 105.330457][ T5342] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa [ 105.336572][ T5342] Bluetooth: hci3: link tx timeout [ 105.339574][ T5342] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 105.544422][ T6079] netlink: 32 bytes leftover after parsing attributes in process `syz.0.198'. [ 105.723860][ T6074] syz.1.189 (6074): drop_caches: 2 [ 105.727544][ T6074] syz.1.189 (6074): drop_caches: 2 [ 105.729397][ T6072] netlink: 4 bytes leftover after parsing attributes in process `syz.2.190'. [ 105.853297][ T6080] syz.1.189 (6080): drop_caches: 2 [ 105.856736][ T6080] syz.1.189 (6080): drop_caches: 2 [ 106.511764][ T39] audit: type=1326 audit(1722652098.261:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6089 comm="syz.3.197" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x0 [ 106.580396][ T6097] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.584932][ T6097] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.586881][ T39] audit: type=1804 audit(1722652098.331:6): pid=6098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.196" name="/newroot/23/file0" dev="fuse" ino=1 res=1 errno=0 [ 106.812322][ T6103] input: syz0 as /devices/virtual/input/input6 [ 106.987857][ T57] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 107.199747][ T57] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 107.207397][ T57] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 107.227779][ T57] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 107.231710][ T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.258184][ T6101] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 107.269930][ T57] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 107.397889][ T5342] Bluetooth: hci3: command 0x0406 tx timeout [ 107.509010][ T5379] usb 6-1: USB disconnect, device number 2 [ 107.958197][ T5378] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 108.168919][ T5378] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 108.177488][ T5378] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 108.183888][ T5378] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 108.188889][ T5378] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 108.193621][ T5378] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 108.197263][ T5378] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 108.208582][ T5378] usb 5-1: config 0 descriptor?? [ 108.212420][ T6124] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 108.477225][ T5342] Bluetooth: Frame is too long (len 12, expected len 10) [ 108.522804][ T5342] Bluetooth: Unexpected continuation frame (len 18) [ 108.687886][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.691194][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.694831][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.698063][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.701397][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.704696][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.708135][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.711314][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.714670][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.718644][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.722074][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.725269][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.731292][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.734593][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.739062][ T5378] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 108.745780][ T5378] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 108.776878][ T5378] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 109.046965][ T6149] netlink: 4 bytes leftover after parsing attributes in process `syz.3.213'. [ 109.083971][ T6124] netlink: 16 bytes leftover after parsing attributes in process `syz.0.208'. [ 109.107620][ T6124] netlink: 4 bytes leftover after parsing attributes in process `syz.0.208'. [ 109.477994][ T5342] Bluetooth: hci3: command 0x0406 tx timeout [ 109.603587][ T57] usb 5-1: USB disconnect, device number 4 [ 109.839379][ T6163] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.842603][ T6163] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.113354][ T6170] input: syz0 as /devices/virtual/input/input7 [ 110.528246][ T66] Bluetooth: hci0: command tx timeout [ 110.987309][ T6180] binder: 6174:6180 ioctl 540f 20000000 returned -22 [ 111.512748][ T6188] netlink: 24 bytes leftover after parsing attributes in process `syz.1.220'. [ 112.965128][ T6194] tipc: Failed to remove unknown binding: 66,1,1/0:879736080/879736082 [ 112.969371][ T6194] tipc: Failed to remove unknown binding: 66,1,1/0:879736080/879736082 [ 113.410664][ T6201] tipc: Failed to remove unknown binding: 66,1,1/0:3380492605/3380492607 [ 113.414548][ T6201] tipc: Failed to remove unknown binding: 66,1,1/0:3380492605/3380492607 [ 113.502178][ T6203] netlink: 4 bytes leftover after parsing attributes in process `syz.1.224'. [ 113.639081][ T6208] overlayfs: missing 'lowerdir' [ 114.652912][ T6216] input: syz0 as /devices/virtual/input/input8 [ 114.891145][ T6219] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 114.894203][ T6219] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 114.897105][ T6219] vhci_hcd vhci_hcd.0: Device attached [ 114.907494][ T66] Bluetooth: hci2: unexpected event 0x09 length: 17 > 3 [ 114.955446][ T6222] netdevsim netdevsim3: Direct firmware load for ng failed with error -2 [ 114.962512][ T6222] netdevsim netdevsim3: Falling back to sysfs fallback for: ng [ 115.098652][ T1416] vhci_hcd: vhci_device speed not set [ 115.167862][ T1416] usb 13-1: new full-speed USB device number 2 using vhci_hcd [ 115.218539][ T6224] afs: Unknown parameter 'obj_user' [ 115.837778][ T6221] vhci_hcd: connection reset by peer [ 115.868271][ C1] vkms_vblank_simulate: vblank timer overrun [ 115.877245][ T40] vhci_hcd: stop threads [ 115.879946][ T40] vhci_hcd: release socket [ 115.882914][ T40] vhci_hcd: disconnect device [ 116.519783][ C1] vkms_vblank_simulate: vblank timer overrun [ 116.645904][ T6234] fuse: Unknown parameter 'ad' [ 116.735626][ T6236] random: crng reseeded on system resumption [ 116.928311][ T66] Bluetooth: hci2: command tx timeout [ 117.564448][ T6247] binder: 6243:6247 ioctl 540f 20000000 returned -22 [ 117.836266][ T6251] netlink: 24 bytes leftover after parsing attributes in process `syz.2.235'. [ 117.971266][ T6242] netfs: Couldn't get user pages (rc=-14) [ 119.847103][ T6265] tipc: Failed to remove unknown binding: 66,1,1/0:3802156515/3802156517 [ 119.851496][ T6265] tipc: Failed to remove unknown binding: 66,1,1/0:3802156515/3802156517 [ 119.916007][ T6263] input: syz0 as /devices/virtual/input/input9 [ 120.045251][ T39] audit: type=1326 audit(1722652111.791:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6267 comm="syz.3.243" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x0 [ 120.070105][ T66] Bluetooth: hci1: connection err: -111 [ 120.072849][ T66] Bluetooth: hci1: unexpected event 0x09 length: 17 > 3 [ 120.250323][ T6274] netdevsim netdevsim1: Direct firmware load for ng failed with error -2 [ 120.257207][ T6274] netdevsim netdevsim1: Falling back to sysfs fallback for: ng [ 120.289011][ T1416] vhci_hcd: vhci_device speed not set [ 120.395228][ T6273] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 120.552947][ T6281] random: crng reseeded on system resumption [ 120.976083][ T5379] libceph: connect (1)[c::]:6789 error -101 [ 120.979573][ T5379] libceph: mon0 (1)[c::]:6789 connect error [ 121.115180][ T6289] ceph: No mds server is up or the cluster is laggy [ 123.054783][ T6311] input: syz0 as /devices/virtual/input/input10 [ 123.371827][ T6319] binder: 6315:6319 ioctl 540f 20000000 returned -22 [ 124.704131][ T6328] netlink: 40 bytes leftover after parsing attributes in process `syz.3.259'. [ 124.803573][ T6333] netlink: 4 bytes leftover after parsing attributes in process `syz.2.260'. [ 124.935025][ T6333] netlink: 64 bytes leftover after parsing attributes in process `syz.2.260'. [ 124.941001][ T6333] team1: Mode changed to "roundrobin" [ 124.946056][ T6333] team1: Mode changed to "activebackup" [ 125.079147][ T66] Bluetooth: hci0: unexpected event 0x09 length: 17 > 3 [ 125.192833][ T6337] netdevsim netdevsim2: Direct firmware load for ng failed with error -2 [ 125.206477][ T39] audit: type=1804 audit(1722652116.951:8): pid=6332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.259" name="/newroot/68/bus/file0" dev="overlay" ino=385 res=1 errno=0 [ 125.218801][ T6337] netdevsim netdevsim2: Falling back to sysfs fallback for: ng [ 125.249053][ T6339] netlink: 'syz.1.263': attribute type 10 has an invalid length. [ 125.254187][ T6339] ipvlan1: entered promiscuous mode [ 125.266652][ T6339] team0: Device ipvlan1 failed to register rx_handler [ 126.434474][ T10] libceph: connect (1)[c::]:6789 error -101 [ 126.437420][ T10] libceph: mon0 (1)[c::]:6789 connect error [ 126.539726][ T6346] input: syz0 as /devices/virtual/input/input11 [ 126.585744][ T6347] ceph: No mds server is up or the cluster is laggy [ 127.078905][ T66] Bluetooth: hci0: command tx timeout [ 127.171825][ T66] Bluetooth: hci0: link tx timeout [ 127.175365][ T66] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa [ 127.294899][ T5342] Bluetooth: Unexpected start frame (len 18) [ 127.323155][ T6369] syz.1.270 (6369): drop_caches: 2 [ 127.332767][ T6369] syz.1.270 (6369): drop_caches: 2 [ 127.443879][ T6372] syz.1.270 (6372): drop_caches: 2 [ 127.457955][ T6372] syz.1.270 (6372): drop_caches: 2 [ 128.738059][ T6389] netlink: 40 bytes leftover after parsing attributes in process `syz.0.274'. [ 128.833716][ T5342] Bluetooth: hci2: link tx timeout [ 128.836207][ T5342] Bluetooth: hci2: killing stalled connection 10:aa:aa:aa:aa:aa [ 128.843271][ T5342] Bluetooth: hci2: link tx timeout [ 128.845596][ T5342] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 129.239783][ T5342] Bluetooth: hci0: command 0x0406 tx timeout [ 129.871073][ T6404] input: syz0 as /devices/virtual/input/input12 [ 130.928177][ T66] Bluetooth: hci2: command 0x0406 tx timeout [ 131.241706][ T6417] sp0: Synchronizing with TNC [ 131.271548][ T6416] [U] ` [ 131.874799][ T6430] netlink: 4 bytes leftover after parsing attributes in process `syz.0.284'. [ 133.008784][ T5347] Bluetooth: hci2: command 0x0406 tx timeout [ 133.157626][ T5347] Bluetooth: hci0: unexpected event 0x09 length: 17 > 3 [ 133.222705][ T6444] netdevsim netdevsim2: Direct firmware load for ng failed with error -2 [ 133.232405][ T6444] netdevsim netdevsim2: Falling back to sysfs fallback for: ng [ 133.804529][ T6455] netlink: 24 bytes leftover after parsing attributes in process `syz.0.293'. [ 134.762184][ T5347] Bluetooth: hci0: unexpected event 0x09 length: 17 > 3 [ 134.879940][ T6468] netdevsim netdevsim2: Direct firmware load for ng failed with error -2 [ 134.899032][ T6468] netdevsim netdevsim2: Falling back to sysfs fallback for: ng [ 134.902294][ T6466] netlink: 'syz.3.298': attribute type 20 has an invalid length. [ 134.936597][ T5347] Bluetooth: hci2: unexpected event for opcode 0x0c22 [ 135.158026][ T5347] Bluetooth: hci0: command 0x0406 tx timeout [ 136.413845][ T6482] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 137.237877][ T5347] Bluetooth: hci0: command 0x0406 tx timeout [ 138.050109][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.208425][ T6494] netlink: 40 bytes leftover after parsing attributes in process `syz.2.305'. [ 138.557825][ T39] audit: type=1804 audit(1722652130.291:9): pid=6505 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.305" name="/newroot/50/bus/file0" dev="overlay" ino=296 res=1 errno=0 [ 138.653267][ T39] audit: type=1326 audit(1722652130.401:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6517 comm="syz.1.314" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f10579 code=0x0 [ 138.965716][ T6526] netlink: 4 bytes leftover after parsing attributes in process `syz.3.315'. [ 139.042990][ T6523] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 140.241818][ T6543] netlink: 20 bytes leftover after parsing attributes in process `syz.0.321'. [ 140.346244][ T6543] netlink: 20 bytes leftover after parsing attributes in process `syz.0.321'. [ 142.008756][ T6568] bond0: Error: Cannot enslave bond to itself. [ 142.069202][ T39] audit: type=1326 audit(1722652133.821:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6569 comm="syz.0.327" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb0579 code=0x0 [ 142.483477][ T6574] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 143.356250][ T6594] netlink: 4 bytes leftover after parsing attributes in process `syz.1.331'. [ 144.591804][ T6618] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 145.385349][ T39] audit: type=1326 audit(1722652137.131:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6629 comm="syz.2.343" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f16579 code=0x0 [ 145.914987][ T6643] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 146.769672][ T6655] netlink: 4 bytes leftover after parsing attributes in process `syz.2.349'. [ 147.104076][ T6659] RDS: rds_bind could not find a transport for 2001::1, load rds_tcp or rds_rdma? [ 147.883330][ T6663] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000) [ 148.745161][ T6673] netlink: 24 bytes leftover after parsing attributes in process `syz.3.357'. [ 149.531828][ T6691] random: crng reseeded on system resumption [ 150.215923][ T6694] netlink: 4 bytes leftover after parsing attributes in process `syz.0.363'. [ 150.611350][ T6698] block device autoloading is deprecated and will be removed. [ 152.693047][ T6739] dvmrp0: entered allmulticast mode [ 153.748141][ T5347] Bluetooth: hci2: unexpected event for opcode 0x2016 [ 153.789846][ T6756] netlink: 'syz.2.387': attribute type 3 has an invalid length. [ 153.792578][ T6756] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.387'. [ 154.950375][ T39] audit: type=1326 audit(1722652146.691:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6778 comm="syz.1.393" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f10579 code=0x0 [ 155.481982][ T6785] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 155.485549][ T6799] tipc: Started in network mode [ 155.488412][ T6799] tipc: Node identity 1, cluster identity 4711 [ 155.491163][ T6799] tipc: Node number set to 1 [ 156.373522][ T5347] Bluetooth: hci2: unexpected event for opcode 0x0404 [ 156.872398][ T39] audit: type=1326 audit(1722652148.621:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6839 comm="syz.0.416" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb0579 code=0x0 [ 157.045615][ T6848] vivid-003: disconnect [ 157.114271][ T5347] Bluetooth: hci1: connection err: -111 [ 157.231017][ T6847] vivid-003: reconnect [ 157.454565][ T6858] netlink: 'syz.1.420': attribute type 10 has an invalid length. [ 157.460640][ T6858] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.420'. [ 157.472167][ T6858] openvswitch: netlink: Key type 29 is not supported [ 157.597003][ T6846] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 157.811853][ T5347] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 157.816257][ T5347] Bluetooth: hci2: Injecting HCI hardware error event [ 157.820942][ T5347] Bluetooth: hci2: hardware error 0x00 [ 158.309378][ T6866] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 159.675015][ T6881] random: crng reseeded on system resumption [ 159.740717][ T6885] netlink: 48 bytes leftover after parsing attributes in process `syz.1.426'. [ 159.878924][ T5347] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 160.567264][ T39] audit: type=1326 audit(1722652152.311:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6889 comm="syz.3.431" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x0 [ 161.049284][ T6904] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 161.671850][ T5347] Bluetooth: hci3: unexpected event for opcode 0x2016 [ 162.025423][ T39] audit: type=1326 audit(1722652153.771:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6928 comm="syz.1.440" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f10579 code=0x0 [ 162.096893][ T6937] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 163.151257][ T57] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 163.410713][ T57] usb 5-1: too many configurations: 9, using maximum allowed: 8 [ 163.419335][ T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.423224][ T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.444605][ T57] usb 5-1: config 0 interface 0 has no altsetting 0 [ 163.449535][ T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.455401][ T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.462012][ T57] usb 5-1: config 0 interface 0 has no altsetting 0 [ 163.466695][ T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.472666][ T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.481508][ T57] usb 5-1: config 0 interface 0 has no altsetting 0 [ 163.486182][ T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.491930][ T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.497904][ T57] usb 5-1: config 0 interface 0 has no altsetting 0 [ 163.509991][ T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.534597][ T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.545483][ T57] usb 5-1: config 0 interface 0 has no altsetting 0 [ 163.557433][ T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.562863][ T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.568292][ T57] usb 5-1: config 0 interface 0 has no altsetting 0 [ 163.577608][ T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.584202][ T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.600103][ T57] usb 5-1: config 0 interface 0 has no altsetting 0 [ 163.604841][ T57] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.618014][ T57] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.657809][ T57] usb 5-1: config 0 interface 0 has no altsetting 0 [ 163.671447][ T57] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 163.676075][ T57] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 163.706262][ T57] usb 5-1: Product: syz [ 163.713733][ T57] usb 5-1: Manufacturer: syz [ 163.715659][ T57] usb 5-1: SerialNumber: syz [ 163.758665][ T57] usb 5-1: config 0 descriptor?? [ 163.934875][ T39] audit: type=1326 audit(1722652155.681:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.1.447" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f10579 code=0x0 [ 163.993498][ T57] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0 [ 164.072761][ T6940] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 164.077421][ T6940] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 164.080647][ T6951] dvmrp0: entered allmulticast mode [ 164.092850][ T6940] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 164.100019][ T6940] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 164.127218][ T57] usb 5-1: USB disconnect, device number 5 [ 164.138278][ T57] yurex 5-1:0.0: USB YUREX #0 now disconnected [ 164.613466][ T6977] netlink: 'syz.3.456': attribute type 9 has an invalid length. [ 164.616744][ T6977] netlink: 8 bytes leftover after parsing attributes in process `syz.3.456'. [ 165.721473][ T5347] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 165.728105][ T5347] Bluetooth: hci3: Injecting HCI hardware error event [ 165.734067][ T66] Bluetooth: hci3: hardware error 0x00 [ 166.189928][ T7003] random: crng reseeded on system resumption [ 167.265784][ T7018] openvswitch: netlink: Missing key (keys=20040, expected=200000) [ 167.384789][ T39] audit: type=1326 audit(1722652159.131:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7020 comm="syz.0.470" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb0579 code=0x0 [ 167.808368][ T66] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 169.567267][ T39] audit: type=1326 audit(1722652161.311:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 169.580964][ T39] audit: type=1326 audit(1722652161.311:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 169.599088][ T39] audit: type=1326 audit(1722652161.321:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 169.607581][ T39] audit: type=1326 audit(1722652161.321:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 169.618260][ T39] audit: type=1326 audit(1722652161.321:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 169.626380][ T39] audit: type=1326 audit(1722652161.321:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=238 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 169.635129][ T39] audit: type=1326 audit(1722652161.321:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 169.649892][ T39] audit: type=1326 audit(1722652161.321:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 169.661355][ T39] audit: type=1326 audit(1722652161.321:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7078 comm="syz.3.493" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7fe8579 code=0x7ffc0000 [ 170.705664][ T7114] netlink: 4 bytes leftover after parsing attributes in process `syz.2.509'. [ 170.732521][ T7114] netlink: 4 bytes leftover after parsing attributes in process `syz.2.509'. [ 171.131548][ T7124] netlink: 'syz.2.512': attribute type 1 has an invalid length. [ 171.134891][ T7124] netlink: 'syz.2.512': attribute type 2 has an invalid length. [ 171.575954][ T7147] xt_hashlimit: max too large, truncated to 1048576 [ 171.579912][ T7147] xt_hashlimit: overflow, try lower: 0/0 [ 171.677928][ T7150] netlink: 188 bytes leftover after parsing attributes in process `syz.2.522'. [ 172.050202][ T25] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 172.252789][ T25] usb 6-1: config 0 has an invalid interface number: 156 but max is 0 [ 172.256168][ T25] usb 6-1: config 0 has no interface number 0 [ 172.267854][ T25] usb 6-1: config 0 interface 156 has no altsetting 0 [ 172.271447][ T25] usb 6-1: New USB device found, idVendor=257a, idProduct=2609, bcdDevice=7e.22 [ 172.275721][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.291903][ T25] usb 6-1: config 0 descriptor?? [ 172.297144][ T25] hub 6-1:0.156: bad descriptor, ignoring hub [ 172.307786][ T25] hub 6-1:0.156: probe with driver hub failed with error -5 [ 172.312004][ T25] option 6-1:0.156: GSM modem (1-port) converter detected [ 172.689198][ T25] usb 6-1: USB disconnect, device number 3 [ 172.699422][ T25] option 6-1:0.156: device disconnected [ 173.446050][ T7170] overlayfs: missing 'lowerdir' [ 173.639629][ T5347] Bluetooth: hci0: command 0x0406 tx timeout [ 173.681437][ T7177] netlink: 8 bytes leftover after parsing attributes in process `syz.1.540'. [ 174.721058][ T7198] __vm_enough_memory: pid: 7198, comm: syz.2.541, bytes: 4294963200 not enough memory for the allocation [ 174.839629][ T7204] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.843497][ T7204] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.907772][ T7207] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.910844][ T7207] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.914897][ T7207] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.918825][ T7207] bridge0: port 1(bridge_slave_0) entered forwarding state [ 174.923829][ T7207] bridge0: entered promiscuous mode [ 174.926004][ T7207] bridge0: entered allmulticast mode [ 174.945215][ T7210] netlink: 232 bytes leftover after parsing attributes in process `syz.1.546'. [ 174.949119][ T7210] netlink: 72 bytes leftover after parsing attributes in process `syz.1.546'. [ 175.293029][ T7223] netlink: 25 bytes leftover after parsing attributes in process `syz.1.550'. [ 175.307307][ T7223] netlink: 'syz.1.550': attribute type 17 has an invalid length. [ 175.310806][ T7223] lo: entered promiscuous mode [ 175.755659][ T7217] lo: left promiscuous mode [ 175.860760][ T5381] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 175.880914][ T7237] netlink: 8 bytes leftover after parsing attributes in process `syz.1.558'. [ 175.884875][ T7237] netlink: 20 bytes leftover after parsing attributes in process `syz.1.558'. [ 175.966175][ T7239] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 175.972118][ T7239] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 176.039385][ T5381] usb 5-1: Using ep0 maxpacket: 32 [ 176.046092][ T5381] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 176.050634][ T5381] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 176.054690][ T5381] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 176.059385][ T5381] usb 5-1: config 1 has no interface number 0 [ 176.062114][ T5381] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 176.063291][ T7239] loop0: detected capacity change from 0 to 7 [ 176.066733][ T5381] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 176.066777][ T5381] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 176.066797][ T5381] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.074329][ T5381] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 176.077190][ T7239] Buffer I/O error on dev loop0, logical block 0, async page read [ 176.088645][ T7239] Buffer I/O error on dev loop0, logical block 0, async page read [ 176.091736][ T7239] Buffer I/O error on dev loop0, logical block 0, async page read [ 176.094603][ T7239] Buffer I/O error on dev loop0, logical block 0, async page read [ 176.098308][ T7239] Buffer I/O error on dev loop0, logical block 0, async page read [ 176.102158][ T7239] Buffer I/O error on dev loop0, logical block 0, async page read [ 176.105572][ T7239] Buffer I/O error on dev loop0, logical block 0, async page read [ 176.109403][ T7239] ldm_validate_partition_table(): Disk read failed. [ 176.112402][ T7239] Buffer I/O error on dev loop0, logical block 0, async page read [ 176.115077][ T7239] Buffer I/O error on dev loop0, logical block 0, async page read [ 176.118005][ T7239] Buffer I/O error on dev loop0, logical block 0, async page read [ 176.120839][ T7239] Dev loop0: unable to read RDB block 0 [ 176.122857][ T7239] loop0: unable to read partition table [ 176.124921][ T7239] loop0: partition table beyond EOD, truncated [ 176.127220][ T7239] loop_reread_partitions: partition scan of loop0 (被xڬdƤݡ [ 176.127220][ T7239] ) failed (rc=-5) [ 176.310641][ T5381] snd_usb_pod 5-1:1.1: invalid control EP [ 176.313341][ T5381] snd_usb_pod 5-1:1.1: cannot start listening: -22 [ 176.318829][ T5381] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 176.322500][ T5381] snd_usb_pod 5-1:1.1: probe with driver snd_usb_pod failed with error -22 [ 176.521096][ T39] kauditd_printk_skb: 10 callbacks suppressed [ 176.521114][ T39] audit: type=1326 audit(1722652397.270:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7226 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb0579 code=0x7ffc0000 [ 176.533363][ T39] audit: type=1326 audit(1722652397.270:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7226 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb0579 code=0x7ffc0000 [ 176.541957][ T25] usb 5-1: USB disconnect, device number 6 [ 176.542889][ T39] audit: type=1326 audit(1722652397.270:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7226 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fb0579 code=0x7ffc0000 [ 176.554475][ T39] audit: type=1326 audit(1722652397.270:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7226 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb0579 code=0x7ffc0000 [ 176.564887][ T39] audit: type=1326 audit(1722652397.270:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7226 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb0579 code=0x7ffc0000 [ 176.573955][ T39] audit: type=1326 audit(1722652397.270:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7226 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb0579 code=0x7ffc0000 [ 176.583113][ T39] audit: type=1326 audit(1722652397.270:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7226 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb0579 code=0x7ffc0000 [ 176.592378][ T39] audit: type=1326 audit(1722652397.280:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7226 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=369 compat=1 ip=0xf7fb0579 code=0x7ffc0000 [ 176.601985][ T39] audit: type=1326 audit(1722652397.280:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7226 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb0579 code=0x7ffc0000 [ 176.611873][ T39] audit: type=1326 audit(1722652397.280:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7226 comm="syz.0.554" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb0579 code=0x7ffc0000 [ 176.680834][ T1100] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.794658][ T1100] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 176.930612][ T1100] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.027602][ T1100] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.084126][ T5347] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 177.095224][ T5347] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 177.100720][ T5347] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 177.105263][ T5347] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 177.109452][ T5347] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 177.112929][ T5347] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 177.198719][ C3] vxcan0: j1939_tp_rxtimer: 0xffff888025c3d400: rx timeout, send abort [ 177.205634][ C3] vxcan0: j1939_xtp_rx_abort_one: 0xffff888025c3d400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 177.288901][ T1100] bridge_slave_1: left allmulticast mode [ 177.292205][ T1100] bridge_slave_1: left promiscuous mode [ 177.294938][ T1100] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.325663][ T1100] bridge_slave_0: left allmulticast mode [ 177.333793][ T1100] bridge_slave_0: left promiscuous mode [ 177.337505][ T1100] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.860642][ T1100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 177.867321][ T1100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 177.873478][ T1100] bond0 (unregistering): Released all slaves [ 177.929497][ T5378] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 177.958603][ T7268] netlink: 188 bytes leftover after parsing attributes in process `syz.2.570'. [ 177.961878][ T7268] netlink: 'syz.2.570': attribute type 1 has an invalid length. [ 177.961982][ T7269] netlink: 28 bytes leftover after parsing attributes in process `syz.3.569'. [ 178.135658][ T7243] chnl_net:caif_netlink_parms(): no params data found [ 178.140849][ T5378] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 178.145255][ T5378] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 178.154631][ T5378] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 178.158401][ T5378] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 178.162525][ T5378] usb 5-1: SerialNumber: syz [ 178.213697][ T7284] netlink: 4 bytes leftover after parsing attributes in process `syz.3.574'. [ 178.400936][ T5378] usb 5-1: 0:2 : does not exist [ 178.415059][ T5378] usb 5-1: USB disconnect, device number 7 [ 178.447619][ T7284] syzkaller0: entered promiscuous mode [ 178.469925][ T7243] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.473297][ T7243] bridge0: port 1(bridge_slave_0) entered disabled state [ 178.476408][ T7243] bridge_slave_0: entered allmulticast mode [ 178.481019][ T7243] bridge_slave_0: entered promiscuous mode [ 178.484983][ T7243] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.487659][ T7243] bridge0: port 2(bridge_slave_1) entered disabled state [ 178.490737][ T7243] bridge_slave_1: entered allmulticast mode [ 178.493552][ T7243] bridge_slave_1: entered promiscuous mode [ 178.497077][ T7283] syzkaller0: left promiscuous mode [ 178.627552][ T7243] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 178.638418][ T5583] udevd[5583]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 178.665126][ T7243] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 178.729529][ T1100] hsr_slave_0: left promiscuous mode [ 178.732420][ T1100] hsr_slave_1: left promiscuous mode [ 178.735815][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 178.739028][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 178.744106][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 178.747406][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 178.792365][ T1100] veth1_macvtap: left promiscuous mode [ 178.794874][ T1100] veth0_macvtap: left promiscuous mode [ 178.797417][ T1100] veth1_vlan: left promiscuous mode [ 178.799913][ T1100] veth0_vlan: left promiscuous mode [ 179.158868][ T5347] Bluetooth: hci1: command tx timeout [ 179.740830][ T5379] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 179.959856][ T5379] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 179.964077][ T5379] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 179.968180][ T5379] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 179.971354][ T5379] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.978307][ T5379] usb 5-1: config 0 descriptor?? [ 179.991451][ T1100] team0 (unregistering): Port device team_slave_1 removed [ 180.110134][ T1100] team0 (unregistering): Port device team_slave_0 removed [ 180.403808][ T5379] keytouch 0003:0926:3333.0003: fixing up Keytouch IEC report descriptor [ 180.415088][ T5379] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0926:3333.0003/input/input14 [ 180.552937][ T5379] keytouch 0003:0926:3333.0003: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 180.631359][ T5379] usb 5-1: USB disconnect, device number 8 [ 180.898401][ T7299] netlink: 25 bytes leftover after parsing attributes in process `syz.3.576'. [ 180.906951][ T7303] netlink: 'syz.3.576': attribute type 17 has an invalid length. [ 180.998803][ T7243] team0: Port device team_slave_0 added [ 181.012684][ T7243] team0: Port device team_slave_1 added [ 181.101073][ T7243] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 181.103935][ T7243] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 181.115243][ T7243] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 181.121160][ T7243] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 181.124965][ T7243] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 181.144183][ T7243] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 181.248149][ T5347] Bluetooth: hci1: command tx timeout [ 181.296082][ T7243] hsr_slave_0: entered promiscuous mode [ 181.302258][ T7243] hsr_slave_1: entered promiscuous mode [ 182.209529][ T7243] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 182.220132][ T7243] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 182.226982][ T7243] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 182.241149][ T7243] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 182.365703][ T7243] 8021q: adding VLAN 0 to HW filter on device bond0 [ 182.380683][ T7243] 8021q: adding VLAN 0 to HW filter on device team0 [ 182.388991][ T1416] bridge0: port 1(bridge_slave_0) entered blocking state [ 182.392003][ T1416] bridge0: port 1(bridge_slave_0) entered forwarding state [ 182.410514][ T1416] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.413094][ T1416] bridge0: port 2(bridge_slave_1) entered forwarding state [ 182.465575][ T7243] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 182.655465][ T7243] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 182.725646][ T7243] veth0_vlan: entered promiscuous mode [ 182.736102][ T7243] veth1_vlan: entered promiscuous mode [ 182.776482][ T7243] veth0_macvtap: entered promiscuous mode [ 182.792184][ T7243] veth1_macvtap: entered promiscuous mode [ 182.808675][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 182.812992][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.817200][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 182.821775][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.825885][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 182.830173][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.836777][ T7243] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 182.875732][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 182.887460][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.891361][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 182.896305][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.902054][ T7243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 182.906722][ T7243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 182.914704][ T7243] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 182.938797][ T7243] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.941954][ T7243] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.945256][ T7243] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 182.951204][ T7243] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 183.054159][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.060098][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.113997][ T95] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 183.117455][ T95] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 183.317819][ T5347] Bluetooth: hci1: command tx timeout [ 183.448573][ T7412] tipc: Started in network mode [ 183.456557][ T7412] tipc: Node identity deefa75d35df, cluster identity 4711 [ 183.461545][ T7412] tipc: Enabled bearer , priority 0 [ 184.162238][ T7440] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 184.588041][ T5380] tipc: Node number set to 3945834333 [ 185.084733][ T39] kauditd_printk_skb: 21 callbacks suppressed [ 185.084749][ T39] audit: type=1400 audit(1722652634.833:69): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A090EA3680EB06A1A5FD3F7614EFCD31267A0590DD509A5EFFE069ABB05AD3352B3AC017439E1DBC66F4DF20C0741B02DB717F35BBBCD4A734DE1F70C73C07EDA77D9616BE3DD1E63E92055FE373A94F022B1F018E4B2A80C8DE7F63E446A7147 pid=7473 comm="syz.3.613" [ 185.126565][ T7475] sp0: Synchronizing with TNC [ 185.162340][ T7475] syz.3.613: attempt to access beyond end of device [ 185.162340][ T7475] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 185.168544][ T7475] (syz.3.613,7475,3):ocfs2_get_sector:1771 ERROR: status = -5 [ 185.172189][ T7475] (syz.3.613,7475,3):ocfs2_sb_probe:749 ERROR: status = -5 [ 185.175360][ T7475] (syz.3.613,7475,3):ocfs2_fill_super:990 ERROR: superblock probe failed! [ 185.178680][ T7475] (syz.3.613,7475,3):ocfs2_fill_super:1178 ERROR: status = -5 [ 185.397931][ T5347] Bluetooth: hci1: command tx timeout [ 185.492949][ T39] audit: type=1326 audit(1722652635.243:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7484 comm="syz.2.616" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f16579 code=0x0 [ 187.364877][ T5347] Bluetooth: hci0: unexpected event for opcode 0x0c7b [ 187.386427][ T7530] netlink: 4 bytes leftover after parsing attributes in process `syz.2.633'. [ 187.407662][ T7530] netlink: 4 bytes leftover after parsing attributes in process `syz.2.633'. [ 188.242200][ T39] audit: type=1326 audit(1722652637.973:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7551 comm="syz.0.641" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb0579 code=0x0 [ 189.014502][ T7555] netlink: 12 bytes leftover after parsing attributes in process `syz.3.643'. [ 189.512292][ T7570] mmap: syz.0.648 (7570) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 191.409277][ T5347] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 191.414145][ T5347] Bluetooth: hci0: Injecting HCI hardware error event [ 191.422076][ T5347] Bluetooth: hci0: hardware error 0x00 [ 191.504734][ T7605] ======================================================= [ 191.504734][ T7605] WARNING: The mand mount option has been deprecated and [ 191.504734][ T7605] and is ignored by this kernel. Remove the mand [ 191.504734][ T7605] option from the mount to silence this warning. [ 191.504734][ T7605] ======================================================= [ 192.142220][ T7613] random: crng reseeded on system resumption [ 192.155217][ T7613] Restarting kernel threads ... done. [ 192.249980][ T1100] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.313915][ T1100] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.395466][ T1100] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.475013][ T1100] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.538355][ T5342] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 192.543580][ T5342] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 192.547646][ T5342] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 192.552575][ T5342] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 192.556800][ T5342] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 192.560606][ T5342] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 192.696042][ T1100] bridge_slave_1: left allmulticast mode [ 192.698967][ T1100] bridge_slave_1: left promiscuous mode [ 192.701533][ T1100] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.707028][ T1100] bridge_slave_0: left allmulticast mode [ 192.710121][ T1100] bridge_slave_0: left promiscuous mode [ 192.712833][ T1100] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.813980][ T5342] Bluetooth: hci1: unexpected event 0x09 length: 10 > 3 [ 192.814726][ T5342] Bluetooth: hci1: SCO packet for unknown connection handle 1039 [ 193.167998][ T1100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 193.184698][ T1100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 193.193759][ T1100] bond0 (unregistering): Released all slaves [ 193.478062][ T5347] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 193.480027][ T7624] e1000e 0000:00:02.0 eth1: NIC Link is Down [ 193.923642][ T7617] chnl_net:caif_netlink_parms(): no params data found [ 194.194277][ T7617] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.197201][ T7617] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.205142][ T7617] bridge_slave_0: entered allmulticast mode [ 194.212202][ T7617] bridge_slave_0: entered promiscuous mode [ 194.262661][ T7617] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.265945][ T7617] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.270719][ T7617] bridge_slave_1: entered allmulticast mode [ 194.274730][ T7617] bridge_slave_1: entered promiscuous mode [ 194.366982][ T7617] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 194.385560][ T7617] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 194.397183][ T1100] hsr_slave_0: left promiscuous mode [ 194.408809][ T1100] hsr_slave_1: left promiscuous mode [ 194.413701][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 194.416915][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 194.428092][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 194.431306][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 194.462207][ T1100] veth1_macvtap: left promiscuous mode [ 194.464603][ T1100] veth0_macvtap: left promiscuous mode [ 194.466983][ T1100] veth1_vlan: left promiscuous mode [ 194.469686][ T1100] veth0_vlan: left promiscuous mode [ 194.598917][ T5347] Bluetooth: hci3: command tx timeout [ 195.439729][ T1100] team0 (unregistering): Port device team_slave_1 removed [ 195.518178][ T1100] team0 (unregistering): Port device team_slave_0 removed [ 196.285991][ T7617] team0: Port device team_slave_0 added [ 196.306091][ T7617] team0: Port device team_slave_1 added [ 196.353826][ T7617] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 196.356556][ T7617] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.368187][ T7617] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 196.374636][ T7617] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 196.381651][ T7617] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.394003][ T7617] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 196.482656][ T7617] hsr_slave_0: entered promiscuous mode [ 196.493990][ T7617] hsr_slave_1: entered promiscuous mode [ 196.498082][ T7617] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 196.501230][ T7617] Cannot create hsr debugfs directory [ 196.688693][ T5347] Bluetooth: hci3: command tx timeout [ 197.138233][ T7689] netlink: 12 bytes leftover after parsing attributes in process `syz.2.676'. [ 197.295347][ T7617] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 197.305577][ T7617] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 197.313386][ T7617] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 197.323240][ T7617] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 197.423005][ T7617] 8021q: adding VLAN 0 to HW filter on device bond0 [ 197.443905][ T7617] 8021q: adding VLAN 0 to HW filter on device team0 [ 197.454466][ T832] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.457742][ T832] bridge0: port 1(bridge_slave_0) entered forwarding state [ 197.480640][ T832] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.483907][ T832] bridge0: port 2(bridge_slave_1) entered forwarding state [ 197.684442][ T7617] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 197.695967][ T7719] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 197.739709][ T7617] veth0_vlan: entered promiscuous mode [ 197.760762][ T7617] veth1_vlan: entered promiscuous mode [ 197.798410][ T7617] veth0_macvtap: entered promiscuous mode [ 197.805167][ T7617] veth1_macvtap: entered promiscuous mode [ 197.832563][ T7617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.836788][ T7617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.841774][ T7617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.846211][ T7617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.850533][ T7617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.855094][ T7617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.861299][ T7617] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 197.874529][ T7617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.882746][ T7617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.887030][ T7617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.892376][ T7617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.896488][ T7617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.901813][ T7617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.909075][ T7617] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 197.918846][ T7617] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.922647][ T7617] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.926326][ T7617] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.930607][ T7617] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.987284][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 197.994671][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 198.061066][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 198.063943][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 198.169945][ T7735] netlink: 4 bytes leftover after parsing attributes in process `syz.3.682'. [ 198.201049][ T7743] tmpfs: Bad value for 'nr_inodes' [ 198.281501][ T7735] netlink: 4 bytes leftover after parsing attributes in process `syz.3.682'. [ 198.758820][ T5347] Bluetooth: hci3: command tx timeout [ 199.479943][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.710030][ T7795] xt_TCPMSS: Only works on TCP SYN packets [ 199.716661][ T7796] ubi0: attaching mtd0 [ 199.736058][ T7796] ubi0: scanning is finished [ 199.738097][ T7796] ubi0: empty MTD device detected [ 199.797047][ T7796] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 199.801062][ T7796] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 199.803534][ T7796] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 199.806053][ T7796] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 199.809269][ T7796] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 199.811693][ T7796] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 199.816576][ T7796] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 836240338 [ 199.822331][ T7796] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 199.826966][ T7799] ubi0: background thread "ubi_bgt0d" started, PID 7799 [ 200.623445][ T7803] netlink: 40 bytes leftover after parsing attributes in process `syz.1.697'. [ 200.848049][ T5347] Bluetooth: hci3: command tx timeout [ 201.145708][ T7820] xt_hashlimit: max too large, truncated to 1048576 [ 201.148501][ T7820] xt_hashlimit: overflow, try lower: 0/0 [ 201.170837][ T7822] cgroup: noprefix used incorrectly [ 201.463006][ T7823] netlink: 188 bytes leftover after parsing attributes in process `syz.0.705'. [ 201.809832][ T7831] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 201.932420][ T7827] input: syz0 as /devices/virtual/input/input15 [ 202.917289][ T7845] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 202.921680][ T7845] overlayfs: failed to set xattr on upper [ 202.924161][ T7845] overlayfs: ...falling back to redirect_dir=nofollow. [ 202.927239][ T7845] overlayfs: ...falling back to index=off. [ 202.930944][ T7845] overlayfs: ...falling back to uuid=null. [ 202.991195][ T7847] netlink: 4 bytes leftover after parsing attributes in process `syz.1.712'. [ 203.043352][ T7847] netlink: 4 bytes leftover after parsing attributes in process `syz.1.712'. [ 203.143922][ T7849] netlink: 12 bytes leftover after parsing attributes in process `syz.2.713'. [ 203.427898][ T7856] netlink: 4 bytes leftover after parsing attributes in process `syz.2.714'. [ 205.534597][ T7884] 9pnet_fd: Insufficient options for proto=fd [ 205.536096][ T1100] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.711680][ T1100] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.771546][ T7890] netlink: 'syz.3.731': attribute type 1 has an invalid length. [ 205.775565][ T7890] netlink: 'syz.3.731': attribute type 4 has an invalid length. [ 205.808170][ T7890] netlink: 15334 bytes leftover after parsing attributes in process `syz.3.731'. [ 205.896962][ T1100] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 205.937590][ T7871] ------------[ cut here ]------------ [ 205.940665][ T7871] WARNING: CPU: 0 PID: 7871 at mm/page_table_check.c:207 __page_table_check_ptes_set+0x2fa/0x3e0 [ 205.945055][ T7871] Modules linked in: [ 205.946924][ T7871] CPU: 0 UID: 0 PID: 7871 Comm: syz.0.722 Not tainted 6.11.0-rc1-syzkaller-00272-g17712b7ea075 #0 [ 205.959390][ T7871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 205.964050][ T7871] RIP: 0010:__page_table_check_ptes_set+0x2fa/0x3e0 [ 205.967122][ T7871] Code: e9 91 fe ff ff e8 66 48 97 ff 48 8b 2c 24 31 ff 83 e5 02 48 89 ee e8 85 43 97 ff 48 85 ed 0f 84 85 00 00 00 e8 47 48 97 ff 90 <0f> 0b 90 e9 e9 fd ff ff e8 39 48 97 ff eb 69 cc cc cc e8 2f 48 97 [ 205.976535][ T7871] RSP: 0018:ffffc9000e657a28 EFLAGS: 00010293 [ 205.979249][ T7871] RAX: 0000000000000000 RBX: ffff88805725c000 RCX: ffffffff81f3d95b [ 205.982292][ T7871] RDX: ffff888023b34880 RSI: ffffffff81f3d969 RDI: 0000000000000007 [ 205.985398][ T7871] RBP: 0000000000000002 R08: 0000000000000007 R09: 0000000000000000 [ 205.988890][ T7871] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000001 [ 205.992189][ T7871] R13: ffff88801d5cc280 R14: 0000000000000001 R15: 1ffff92001ccaf47 [ 205.995229][ T7871] FS: 0000000000000000(0000) GS:ffff88802c000000(0063) knlGS:00000000573af440 [ 205.998521][ T7871] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 206.000996][ T7871] CR2: 00000000f74750f4 CR3: 0000000028500000 CR4: 0000000000350ef0 [ 206.003738][ T7871] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 206.006784][ T7871] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 206.010558][ T7871] Call Trace: [ 206.012082][ T7871] [ 206.013397][ T7871] ? show_regs+0x8c/0xa0 [ 206.015370][ T7871] ? __warn+0xe5/0x3c0 [ 206.017238][ T7871] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 206.020148][ T7871] ? report_bug+0x3c0/0x580 [ 206.022784][ T7871] ? handle_bug+0x3d/0x70 [ 206.024687][ T7871] ? exc_invalid_op+0x17/0x50 [ 206.026739][ T7871] ? asm_exc_invalid_op+0x1a/0x20 [ 206.028945][ T7871] ? __page_table_check_ptes_set+0x2eb/0x3e0 [ 206.031482][ T7871] ? __page_table_check_ptes_set+0x2f9/0x3e0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 206.034102][ T7871] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 206.036920][ T7871] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 206.039108][ T7871] ? find_held_lock+0x2d/0x110 [ 206.041130][ T7871] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 206.043858][ T7871] ? rcu_read_unlock+0x17/0x60 [ 206.045866][ T7871] set_ptes.constprop.0+0x193/0x1d0 [ 206.052450][ T7871] ? __pfx_set_ptes.constprop.0+0x10/0x10 [ 206.055002][ T7871] do_swap_page+0x1214/0x3dc0 [ 206.056896][ T7871] ? __pfx_do_swap_page+0x10/0x10 [ 206.059430][ T7871] ? pte_offset_map_nolock+0xfe/0x1c0 [ 206.062297][ T7871] ? __pfx_pte_offset_map_nolock+0x10/0x10 [ 206.064607][ T7871] __handle_mm_fault+0x146b/0x5360 [ 206.066620][ T7871] ? __pfx_mt_find+0x10/0x10 [ 206.068816][ T7871] ? rwsem_read_trylock+0x6d/0x250 [ 206.071041][ T7871] ? __pfx___handle_mm_fault+0x10/0x10 [ 206.073530][ T7871] ? find_vma+0xc0/0x140 [ 206.075457][ T7871] ? __pfx_find_vma+0x10/0x10 [ 206.077605][ T7871] handle_mm_fault+0x44e/0x7b0 [ 206.080799][ T7871] ? __pkru_allows_pkey+0x52/0xb0 [ 206.083454][ T7871] do_user_addr_fault+0x7a3/0x13f0 [ 206.085753][ T7871] exc_page_fault+0x5c/0xc0 [ 206.088128][ T7871] asm_exc_page_fault+0x26/0x30 [ 206.090161][ T7871] RIP: 0023:0xf72afd51 [ 206.091874][ T7871] Code: 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 f3 a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1 e9 73 02 66 a5 a5 eb e8 66 90 66 90 66 90 66 90 66 90 90 8b 44 24 0c 39 44 24 [ 206.099542][ T7871] RSP: 002b:00000000ffb652ac EFLAGS: 00010202 [ 206.102052][ T7871] RAX: 0000000000000000 RBX: 00000000f743cff4 RCX: 0000000000000002 [ 206.105516][ T7871] RDX: 0000000000000008 RSI: 00000000f6d703ae RDI: 00000000200002c0 [ 206.109431][ T7871] RBP: 00000000ffb65528 R08: 0000000000000000 R09: 0000000000000000 [ 206.112941][ T7871] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 206.116397][ T7871] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 206.120203][ T7871] [ 206.121522][ T7871] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 206.124730][ T7871] CPU: 0 UID: 0 PID: 7871 Comm: syz.0.722 Not tainted 6.11.0-rc1-syzkaller-00272-g17712b7ea075 #0 [ 206.128912][ T7871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 206.133368][ T7871] Call Trace: [ 206.134905][ T7871] [ 206.136169][ T7871] dump_stack_lvl+0x3d/0x1f0 [ 206.138024][ T7871] panic+0x6f5/0x7a0 [ 206.139840][ T7871] ? __pfx_panic+0x10/0x10 [ 206.141942][ T7871] ? show_trace_log_lvl+0x363/0x500 [ 206.144252][ T7871] ? check_panic_on_warn+0x1f/0xb0 [ 206.146484][ T7871] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 206.148924][ T7871] check_panic_on_warn+0xab/0xb0 [ 206.150793][ T7871] __warn+0xf1/0x3c0 [ 206.152312][ T7871] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 206.154847][ T7871] report_bug+0x3c0/0x580 [ 206.156858][ T7871] handle_bug+0x3d/0x70 [ 206.158857][ T7871] exc_invalid_op+0x17/0x50 [ 206.160953][ T7871] asm_exc_invalid_op+0x1a/0x20 [ 206.163155][ T7871] RIP: 0010:__page_table_check_ptes_set+0x2fa/0x3e0 [ 206.165544][ T7871] Code: e9 91 fe ff ff e8 66 48 97 ff 48 8b 2c 24 31 ff 83 e5 02 48 89 ee e8 85 43 97 ff 48 85 ed 0f 84 85 00 00 00 e8 47 48 97 ff 90 <0f> 0b 90 e9 e9 fd ff ff e8 39 48 97 ff eb 69 cc cc cc e8 2f 48 97 [ 206.173221][ T7871] RSP: 0018:ffffc9000e657a28 EFLAGS: 00010293 [ 206.175442][ T7871] RAX: 0000000000000000 RBX: ffff88805725c000 RCX: ffffffff81f3d95b [ 206.178457][ T7871] RDX: ffff888023b34880 RSI: ffffffff81f3d969 RDI: 0000000000000007 [ 206.181553][ T7871] RBP: 0000000000000002 R08: 0000000000000007 R09: 0000000000000000 [ 206.184582][ T7871] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000001 [ 206.187301][ T7871] R13: ffff88801d5cc280 R14: 0000000000000001 R15: 1ffff92001ccaf47 [ 206.190120][ T7871] ? __page_table_check_ptes_set+0x2eb/0x3e0 [ 206.192571][ T7871] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 206.194915][ T7871] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 206.197396][ T7871] ? find_held_lock+0x2d/0x110 [ 206.199331][ T7871] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 206.202127][ T7871] ? rcu_read_unlock+0x17/0x60 [ 206.204001][ T7871] set_ptes.constprop.0+0x193/0x1d0 [ 206.206037][ T7871] ? __pfx_set_ptes.constprop.0+0x10/0x10 [ 206.208569][ T7871] do_swap_page+0x1214/0x3dc0 [ 206.210748][ T7871] ? __pfx_do_swap_page+0x10/0x10 [ 206.213110][ T7871] ? pte_offset_map_nolock+0xfe/0x1c0 [ 206.215575][ T7871] ? __pfx_pte_offset_map_nolock+0x10/0x10 [ 206.218086][ T7871] __handle_mm_fault+0x146b/0x5360 [ 206.220544][ T7871] ? __pfx_mt_find+0x10/0x10 [ 206.222299][ T7871] ? rwsem_read_trylock+0x6d/0x250 [ 206.224464][ T7871] ? __pfx___handle_mm_fault+0x10/0x10 [ 206.226621][ T7871] ? find_vma+0xc0/0x140 [ 206.228431][ T7871] ? __pfx_find_vma+0x10/0x10 [ 206.230346][ T7871] handle_mm_fault+0x44e/0x7b0 [ 206.232379][ T7871] ? __pkru_allows_pkey+0x52/0xb0 [ 206.234492][ T7871] do_user_addr_fault+0x7a3/0x13f0 [ 206.236685][ T7871] exc_page_fault+0x5c/0xc0 [ 206.238615][ T7871] asm_exc_page_fault+0x26/0x30 [ 206.240731][ T7871] RIP: 0023:0xf72afd51 [ 206.242333][ T7871] Code: 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 f3 a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1 e9 73 02 66 a5 a5 eb e8 66 90 66 90 66 90 66 90 66 90 90 8b 44 24 0c 39 44 24 [ 206.249350][ T7871] RSP: 002b:00000000ffb652ac EFLAGS: 00010202 [ 206.251369][ T7871] RAX: 0000000000000000 RBX: 00000000f743cff4 RCX: 0000000000000002 [ 206.253747][ T7871] RDX: 0000000000000008 RSI: 00000000f6d703ae RDI: 00000000200002c0 [ 206.256883][ T7871] RBP: 00000000ffb65528 R08: 0000000000000000 R09: 0000000000000000 [ 206.259918][ T7871] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 206.262712][ T7871] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 206.265852][ T7871] [ 206.267474][ T7871] Kernel Offset: disabled [ 206.269387][ T7871] Rebooting in 86400 seconds.. VM DIAGNOSIS: 02:21:25 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fa3ef5 RDI=ffffffff9511a3c0 RBP=ffffffff9511a380 RSP=ffffc9000e657400 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000034 R14=ffffffff84fa3e90 R15=0000000000000000 RIP=ffffffff84fa3f1f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f74750f4 CR3=0000000028500000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003800000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=dffffc0000000000 RBX=ffffc90002a9f538 RCX=1ffff92000553eb0 RDX=ffffc90002a9f590 RSI=ffffffff813c8249 RDI=ffffc90002a9f590 RBP=0000000000000001 RSP=ffffc90002a9f460 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=dffffc0000000000 R12=ffffffff909eaa1a R13=ffffc90002a9f5d8 R14=ffffffff909eaa1e R15=0000000000000001 RIP=ffffffff813c9c4a RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c100000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f737b470 CR3=000000005a408000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000040 RBX=ffff888020530720 RCX=0000000000000006 RDX=ffff888021018000 RSI=ffffc9000042d134 RDI=0000000000000005 RBP=ffff88801965d028 RSP=ffffc9000291f220 R8 =0000000000000005 R9 =000000000000001f R10=0000000000000006 R11=0000000000000000 R12=ffffc9000042d100 R13=ffff88802053077c R14=ffff888020530728 R15=0000000000000006 RIP=ffffffff85f3828f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fdc0e914d00 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055a1737ad030 CR3=000000002928c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 ZMM17=9447823150a8b363 3009cee6708194cc 9447823150a8b363 3009cee6708194cc 9447823150a8b363 3009cee6708194cc 9447823150a8b363 3009cee6708194cc ZMM18=8bc2c37e24d1e16f 5ba013ce46104801 8bc2c37e24d1e16f 5ba013ce46104801 8bc2c37e24d1e16f 5ba013ce46104801 8bc2c37e24d1e16f 5ba013ce46104801 ZMM19=3908000000000000 0000000000000009 3908000000000000 0000000000000008 3908000000000000 0000000000000007 3908000000000000 0000000000000006 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=3009cee63009cee6 3009cee63009cee6 3009cee63009cee6 3009cee63009cee6 3009cee63009cee6 3009cee63009cee6 3009cee63009cee6 3009cee63009cee6 ZMM22=50a8b36350a8b363 50a8b36350a8b363 50a8b36350a8b363 50a8b36350a8b363 50a8b36350a8b363 50a8b36350a8b363 50a8b36350a8b363 50a8b36350a8b363 ZMM23=9447823194478231 9447823194478231 9447823194478231 9447823194478231 9447823194478231 9447823194478231 9447823194478231 9447823194478231 ZMM24=4610480146104801 4610480146104801 4610480146104801 4610480146104801 4610480146104801 4610480146104801 4610480146104801 4610480146104801 ZMM25=5ba013ce5ba013ce 5ba013ce5ba013ce 5ba013ce5ba013ce 5ba013ce5ba013ce 5ba013ce5ba013ce 5ba013ce5ba013ce 5ba013ce5ba013ce 5ba013ce5ba013ce ZMM26=24d1e16f24d1e16f 24d1e16f24d1e16f 24d1e16f24d1e16f 24d1e16f24d1e16f 24d1e16f24d1e16f 24d1e16f24d1e16f 24d1e16f24d1e16f 24d1e16f24d1e16f ZMM27=8bc2c37e8bc2c37e 8bc2c37e8bc2c37e 8bc2c37e8bc2c37e 8bc2c37e8bc2c37e 8bc2c37e8bc2c37e 8bc2c37e8bc2c37e 8bc2c37e8bc2c37e 8bc2c37e8bc2c37e ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=3808000038080000 3808000038080000 3808000038080000 3808000038080000 3808000038080000 3808000038080000 3808000038080000 3808000038080000 info registers vcpu 3 CPU#3 RAX=0000000000000001 RBX=ffff8880173b6000 RCX=ffffffff85f40317 RDX=ffff888016332440 RSI=ffffffff85f403ee RDI=0000000000000004 RBP=0000000000000001 RSP=ffffc900005f0ea8 R8 =0000000000000004 R9 =0000000000000006 R10=0000000000000006 R11=0000000000000000 R12=ffffc9000042d008 R13=0000000000000001 R14=0000000000000001 R15=0000000000000000 RIP=ffffffff85f40559 RFL=00000092 [--S-A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f735fbe0 CR3=000000001dfd6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000