last executing test programs: 1.359801164s ago: executing program 1 (id=6015): setrlimit(0x7, &(0x7f0000000000)={0x4, 0x6}) syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) 1.213720279s ago: executing program 1 (id=6023): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@newlink={0x54, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x37c13, 0x71e12}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @loopback={0x0, 0xfffffffffffffffe}}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e23}]}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x0) 721.876455ms ago: executing program 2 (id=6044): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x5c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x60, 0x4000}, [@IFLA_MASTER={0x8, 0x3}, @IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20010, 0x284a0}}}}}}, @IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}}]}, 0x5c}, 0x1, 0xd, 0x0, 0x480c5}, 0x0) 427.251868ms ago: executing program 3 (id=6049): r0 = socket(0x1e, 0x5, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f00000001c0)) 412.819875ms ago: executing program 1 (id=6051): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001500010000000000000000000a000000080001"], 0x1c}}, 0x0) 401.877383ms ago: executing program 3 (id=6052): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f0000000040)={0x2c, 0x4, 0x9, 0xd, 0x80, 0x40}) 372.022911ms ago: executing program 2 (id=6053): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x20, 0x52, 0x1, 0x0, 0x0, {0xa}, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0xfffffffe}]}, 0x20}}, 0x0) 350.31407ms ago: executing program 3 (id=6054): r0 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0) ioctl$DRM_IOCTL_SYNCOBJ_CREATE(r0, 0xc00864bf, &(0x7f00000004c0)={0x0, 0x1}) 327.091743ms ago: executing program 1 (id=6056): r0 = syz_open_dev$media(&(0x7f0000000000), 0x8000009, 0x8800) ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 326.644675ms ago: executing program 2 (id=6058): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xcf, &(0x7f0000000000)=0x42c8, 0x4) 326.456058ms ago: executing program 0 (id=6057): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) getpriority(0x2, 0x0) 242.22563ms ago: executing program 3 (id=6059): r0 = openat$comedi(0xffffff9c, &(0x7f00000001c0)='/dev/comedi1\x00', 0x80000, 0x0) ioctl$COMEDI_INSN(r0, 0x8020640c, &(0x7f0000000240)={0xe000003, 0x20, &(0x7f00000016c0)=[0x7, 0x5, 0x81, 0x8, 0x80, 0xf, 0x11, 0xccf, 0x4, 0x7, 0x7, 0x7, 0x9, 0x0, 0x7, 0x0, 0x3, 0x6, 0xd2, 0x4, 0x3, 0x7, 0x4, 0x7, 0x40, 0x8001, 0xd8b, 0x8, 0x8, 0x7, 0x0, 0x6], 0x33f2, 0x241d}) 241.971687ms ago: executing program 0 (id=6060): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@mcast2={0xff, 0x5}, 0x200, 0x0, 0xff, 0x3}, 0x7b) 236.162141ms ago: executing program 1 (id=6067): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000014c0)=@newsa={0x138, 0x10, 0x109, 0x0, 0x0, {{@in6=@private0, @in6=@loopback}, {@in, 0x0, 0x32}, @in=@loopback, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0xaf}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}]}, 0x138}}, 0x0) 214.381887ms ago: executing program 2 (id=6061): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x54, 0x2, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x0, 0x0, 0x56074974}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x4000) 206.314002ms ago: executing program 0 (id=6069): r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, 0x0, &(0x7f0000000480)) 190.267514ms ago: executing program 3 (id=6062): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000040)={0x2, 0x1, 0xc, 0x1, 0x5c, 0x0}) 127.328516ms ago: executing program 0 (id=6063): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x1c, 0x15, 0x301, 0x0, 0x1000000, {0xc}, [@typed={0x8, 0x1, 0x0, 0x0, @ipv4=@multicast1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4041}, 0x4000000) 127.116343ms ago: executing program 3 (id=6064): futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0xd, 0x801, 0x0, 0x0, 0x0) 57.939882ms ago: executing program 0 (id=6065): r0 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$USBDEVFS_SUBMITURB(r0, 0x802c550a, &(0x7f00000000c0)=@urb_type_bulk={0x3, {0x1}, 0x1, 0x1c576fbe89bdbd1c, 0x0, 0x0, 0x2, 0xffff, 0x3, 0x200, 0xf6b, 0x0}) 57.773504ms ago: executing program 2 (id=6066): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00') open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="20000000f10000000b"], 0x0) 57.60812ms ago: executing program 1 (id=6068): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x1000f0000) 165.664µs ago: executing program 2 (id=6070): r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000002c0)={{}, {0x4}}, 0xfe44, 0x0) 0s ago: executing program 0 (id=6071): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/image_size', 0x141a82, 0x4) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100)="0e", 0x1}], 0x1) 0s ago: executing program 1 (id=6078): r0 = mq_open(&(0x7f00000001c0)='batadv_slave_1\xbb', 0x8c2, 0x30, &(0x7f0000000080)={0x3, 0x8, 0x6, 0xc07}) mq_getsetattr(r0, &(0x7f0000000040)={0x0, 0x40, 0x4, 0xffff}, 0x0) kernel console output (not intermixed with test programs): 68.024659][ T6243] veth0_macvtap: entered promiscuous mode [ 68.065044][ T6243] veth1_macvtap: entered promiscuous mode [ 68.074465][ T6250] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 68.104951][ T6250] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 68.113619][ T6243] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 68.129014][ T6243] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 68.136101][ T1154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.138781][ T1154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.138780][ T1238] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.159439][ T1238] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.166216][ T1238] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.178339][ T1238] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.181265][ T1238] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.192751][ T1238] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.196375][ T1238] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.200934][ T1238] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.204998][ T1238] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.214813][ T1238] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.245080][ T1225] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.251343][ T1225] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.301013][ T3773] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.303634][ T3773] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.330401][ T3773] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.333015][ T3773] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.376473][ T1225] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.380025][ T1225] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.505698][ T6355] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 68.529136][ T6355] VFS: Can't find a romfs filesystem on dev nullb0. [ 68.529136][ T6355] [ 68.789999][ T40] audit: type=1326 audit(1764727290.976:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6392 comm="syz.3.291" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x0 [ 68.850298][ T6403] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 68.854420][ T6403] cramfs: wrong magic [ 69.401827][ T6470] IPv6: addrconf: prefix option has invalid lifetime [ 69.589570][ T6491] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 69.592748][ T6491] cramfs: wrong magic [ 69.715995][ T64] Bluetooth: hci2: command tx timeout [ 69.716009][ T6247] Bluetooth: hci0: command tx timeout [ 69.771588][ T6519] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 69.774502][ T6519] cramfs: wrong magic [ 69.796804][ T6247] Bluetooth: hci3: command tx timeout [ 69.824443][ T6522] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 69.827534][ T6522] VFS: Can't find a romfs filesystem on dev nullb0. [ 69.827534][ T6522] [ 70.012814][ T6546] Option 'TXƮ' to dns_resolver key: bad/missing value [ 70.065516][ T6551] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 70.069079][ T6551] cramfs: wrong magic [ 70.232338][ T6567] tmpfs: Bad value for 'mpol' [ 70.640499][ T6619] futex_wake_op: syz.1.401 tries to shift op by -1; fix this program [ 70.709680][ T6628] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 70.757968][ T6638] befs: (nullb0): No write support. Marking filesystem read-only [ 70.761715][ T6638] befs: (nullb0): invalid magic header [ 70.826715][ T6628] /dev/sr0: Can't open blockdev [ 70.849741][ T6247] Bluetooth: hci1: unexpected event 0x32 length: 29 > 9 [ 71.043677][ T6676] ======================================================= [ 71.043677][ T6676] WARNING: The mand mount option has been deprecated and [ 71.043677][ T6676] and is ignored by this kernel. Remove the mand [ 71.043677][ T6676] option from the mount to silence this warning. [ 71.043677][ T6676] ======================================================= [ 71.074181][ T6676] qnx4: unable to read the superblock [ 71.100691][ T6680] TCP: tcp_parse_options: Illegal window scaling value 253 > 14 received [ 71.268187][ T6686] /dev/sr0: Can't open blockdev [ 71.559612][ T6731] ptrace attach of "/syz-executor exec"[6248] was attempted by "/syz-executor exec"[6731] [ 71.715399][ T6247] Bluetooth: hci1: command tx timeout [ 71.795585][ T6247] Bluetooth: hci0: command tx timeout [ 71.875361][ T6247] Bluetooth: hci3: command tx timeout [ 71.924145][ T6781] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 71.945740][ T6785] TCP: tcp_parse_options: Illegal window scaling value 253 > 14 received [ 72.207954][ T6826] vxfs: unable to read disk superblock at 1 [ 72.211844][ T6826] vxfs: unable to read disk superblock at 8 [ 72.214740][ T6826] vxfs: can't find superblock. [ 72.564984][ T6876] Mount JFS Failure: -5 [ 72.757087][ T6247] Bluetooth: hci2: command tx timeout [ 73.265343][ T6966] tmpfs: Unknown parameter 'hash' [ 73.313896][ T40] audit: type=1400 audit(1764727295.496:3): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=6973 comm="syz.1.577" [ 73.429543][ T6989] affs: No valid root block on device sr0 [ 73.649470][ T7018] tmpfs: Bad value for 'mpol' [ 73.666769][ T7020] SQUASHFS error: Failed to read block 0x0: -5 [ 73.668899][ T7020] unable to read squashfs_super_block [ 73.885511][ T6247] Bluetooth: hci0: command tx timeout [ 73.949937][ T7071] exFAT-fs (nullb0): invalid boot record signature [ 73.952740][ T7071] exFAT-fs (nullb0): failed to read boot sector [ 73.955210][ T7071] exFAT-fs (nullb0): failed to recognize exfat type [ 73.956565][ T6247] Bluetooth: hci3: command tx timeout [ 74.219614][ T7120] affs: No valid root block on device sr0 [ 74.413321][ T7153] hfsplus: unable to find HFS+ superblock [ 74.642986][ T7198] Device name cannot be null; rc = [-22] [ 74.837289][ T6247] Bluetooth: hci2: command tx timeout [ 74.861941][ T7237] exFAT-fs (nullb0): invalid boot record signature [ 74.864219][ T7237] exFAT-fs (nullb0): failed to read boot sector [ 74.867734][ T7237] exFAT-fs (nullb0): failed to recognize exfat type [ 74.900851][ T6247] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 75.009607][ T7259] kAFS: unparsable volume name [ 75.074012][ T7270] exFAT-fs (nullb0): invalid boot record signature [ 75.078647][ T7270] exFAT-fs (nullb0): failed to read boot sector [ 75.081547][ T7270] exFAT-fs (nullb0): failed to recognize exfat type [ 75.919129][ T7400] hpfs: hpfs_map_sector(): read error [ 76.268043][ T7447] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc. [ 76.290812][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.294087][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 77.231011][ T7612] PKCS7: Unknown OID: [4] 2.19.13055.1334505.0.0.0.0 [ 77.235339][ T7612] PKCS7: Only support pkcs7_signedData type [ 77.267114][ T10] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 77.439690][ T10] usb 6-1: config 0 has an invalid interface number: 132 but max is 0 [ 77.445329][ T10] usb 6-1: config 0 has no interface number 0 [ 77.451332][ T10] usb 6-1: New USB device found, idVendor=0421, idProduct=0492, bcdDevice=49.fc [ 77.456505][ T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.460068][ T10] usb 6-1: Product: syz [ 77.461951][ T10] usb 6-1: Manufacturer: syz [ 77.464052][ T10] usb 6-1: SerialNumber: syz [ 77.473163][ T10] usb 6-1: config 0 descriptor?? [ 77.478874][ T10] usb-storage 6-1:0.132: USB Mass Storage device detected [ 77.485036][ T10] usb-storage 6-1:0.132: Quirks match for vid 0421 pid 0492: 400 [ 77.691332][ T10] usb 6-1: USB disconnect, device number 2 [ 78.036624][ T55] usb 5-1: new low-speed USB device number 2 using dummy_hcd [ 78.221067][ T55] usb 5-1: config 0 has an invalid interface number: 198 but max is 0 [ 78.224486][ T55] usb 5-1: config 0 has no interface number 0 [ 78.234849][ T55] usb 5-1: config 0 interface 198 altsetting 8 endpoint 0x4 has invalid maxpacket 64, setting to 8 [ 78.241453][ T55] usb 5-1: config 0 interface 198 altsetting 8 endpoint 0x86 is Bulk; changing to Interrupt [ 78.245957][ T55] usb 5-1: config 0 interface 198 has no altsetting 0 [ 78.248831][ T55] usb 5-1: New USB device found, idVendor=1b3d, idProduct=0138, bcdDevice=74.e6 [ 78.252765][ T55] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.261834][ T55] usb 5-1: config 0 descriptor?? [ 78.267338][ T7688] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 78.270890][ T7688] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 78.484960][ T55] usb 5-1: string descriptor 0 read error: -71 [ 78.488703][ T55] ftdi_sio 5-1:0.198: FTDI USB Serial Device converter detected [ 78.492121][ T55] ftdi_sio ttyUSB0: unknown device type: 0x74e6 [ 78.520125][ T55] usb 5-1: USB disconnect, device number 2 [ 78.526559][ T55] ftdi_sio 5-1:0.198: device disconnected [ 78.550649][ T7768] tmpfs: Bad value for 'mpol' [ 78.701083][ T7786] hfs: can't find a HFS filesystem on dev loop2 [ 78.771321][ T7798] EXT4-fs (sr0): VFS: Can't find ext4 filesystem [ 78.963864][ T7824] EXT4-fs (sr0): VFS: Can't find ext4 filesystem [ 79.395455][ T6302] usb 8-1: new low-speed USB device number 2 using dummy_hcd [ 79.428585][ T7876] capability: warning: `syz.0.1024' uses 32-bit capabilities (legacy support in use) [ 79.550290][ T7891] cgroup: release_agent respecified [ 79.562741][ T6302] usb 8-1: config 0 has an invalid interface number: 198 but max is 0 [ 79.566406][ T6302] usb 8-1: config 0 has no interface number 0 [ 79.569498][ T6302] usb 8-1: config 0 interface 198 altsetting 8 endpoint 0x4 has invalid maxpacket 64, setting to 8 [ 79.577222][ T6302] usb 8-1: config 0 interface 198 altsetting 8 endpoint 0x86 is Bulk; changing to Interrupt [ 79.581692][ T6302] usb 8-1: config 0 interface 198 has no altsetting 0 [ 79.584662][ T6302] usb 8-1: New USB device found, idVendor=1b3d, idProduct=0138, bcdDevice=74.e6 [ 79.589024][ T6302] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.596134][ T6302] usb 8-1: config 0 descriptor?? [ 79.599938][ T7850] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 79.602883][ T7850] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 79.607220][ T40] audit: type=1326 audit(1764727301.796:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7895 comm="syz.2.1034" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0 [ 79.608778][ T7894] syz.1.1033: attempt to access beyond end of device [ 79.608778][ T7894] sr0: rw=6144, sector=128, nr_sectors = 8 limit=128 [ 79.622457][ T7894] gfs2: error -5 reading superblock [ 79.733466][ T7905] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 79.737591][ T7905] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 79.740497][ T7905] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 79.743222][ T7905] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 79.813493][ T6302] usb 8-1: string descriptor 0 read error: -71 [ 79.817806][ T6302] ftdi_sio 8-1:0.198: FTDI USB Serial Device converter detected [ 79.823347][ T6302] ftdi_sio ttyUSB0: unknown device type: 0x74e6 [ 79.843523][ T6302] usb 8-1: USB disconnect, device number 2 [ 79.854166][ T6302] ftdi_sio 8-1:0.198: device disconnected [ 79.971842][ T7935] ISOFS: Unable to identify CD-ROM format. [ 80.066478][ T7934] /dev/sr0: Can't open blockdev [ 80.548079][ T8026] syz.3.1097: attempt to access beyond end of device [ 80.548079][ T8026] sr0: rw=6144, sector=128, nr_sectors = 8 limit=128 [ 80.552438][ T8026] gfs2: error -5 reading superblock [ 80.697661][ T8051] syz.0.1108: attempt to access beyond end of device [ 80.697661][ T8051] sr0: rw=6144, sector=128, nr_sectors = 8 limit=128 [ 80.703082][ T8051] gfs2: error -5 reading superblock [ 80.860816][ T8081] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 81.118084][ T40] audit: type=1326 audit(1764727303.306:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8113 comm="syz.2.1139" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f47579 code=0x0 [ 82.387830][ T8298] virtio-fs: tag not found [ 82.728673][ T8357] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 82.860266][ T40] audit: type=1326 audit(1764727305.041:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8374 comm="syz.0.1269" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x0 [ 83.445510][ T69] usb 6-1: new low-speed USB device number 3 using dummy_hcd [ 83.467463][ T8453] (syz.3.1308,8453,3):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 83.470561][ T8453] (syz.3.1308,8453,3):ocfs2_fill_super:1177 ERROR: status = -22 [ 83.606935][ T69] usb 6-1: config 0 has an invalid interface number: 198 but max is 0 [ 83.610565][ T69] usb 6-1: config 0 has no interface number 0 [ 83.613480][ T69] usb 6-1: config 0 interface 198 altsetting 8 endpoint 0x4 has invalid maxpacket 64, setting to 8 [ 83.618989][ T69] usb 6-1: config 0 interface 198 altsetting 8 endpoint 0x86 is Bulk; changing to Interrupt [ 83.619917][ T8469] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 83.623159][ T69] usb 6-1: config 0 interface 198 has no altsetting 0 [ 83.632657][ T8469] CIFS mount error: No usable UNC path provided in device string! [ 83.632657][ T8469] [ 83.636579][ T69] usb 6-1: New USB device found, idVendor=1b3d, idProduct=0138, bcdDevice=74.e6 [ 83.642494][ T8469] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 83.644633][ T69] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.651681][ T69] usb 6-1: config 0 descriptor?? [ 83.655645][ T8419] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 83.658663][ T8419] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 83.846720][ T8489] syz.0.1326(8489): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 83.869425][ T69] usb 6-1: string descriptor 0 read error: -71 [ 83.874544][ T69] ftdi_sio 6-1:0.198: FTDI USB Serial Device converter detected [ 83.878180][ T69] ftdi_sio ttyUSB0: unknown device type: 0x74e6 [ 83.885994][ T69] usb 6-1: USB disconnect, device number 3 [ 83.896755][ T69] ftdi_sio 6-1:0.198: device disconnected [ 84.224897][ T40] audit: type=1326 audit(1764727306.401:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8524 comm="syz.0.1345" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x0 [ 84.351643][ T8541] erofs (device loop3): cannot find valid erofs superblock [ 84.642347][ T8583] ntfs3(sr0): Primary boot signature is not NTFS. [ 84.645062][ T8583] ntfs3(sr0): try to read out of volume at offset 0xf800 [ 84.688290][ T8590] MINIX-fs: unable to read superblock [ 84.773130][ T8611] binder: Bad value for 'max' [ 84.995544][ T6247] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260 [ 85.075801][ T8666] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb [ 85.397703][ T40] audit: type=1326 audit(1764727307.581:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8714 comm="syz.1.1439" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x0 [ 85.883260][ T8661] orangefs_mount: mount request failed with -4 [ 85.979876][ T8797] /dev/sr0: Can't open blockdev [ 85.986317][ T8807] omfs: Invalid superblock (0) [ 86.521899][ T34] cfg80211: failed to load regulatory.db [ 86.543281][ T8889] No source specified [ 86.690217][ T8912] dns_resolver: Unsupported server list version (0) [ 87.012336][ T8964] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 87.017855][ T8964] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512 [ 87.021009][ T8964] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 87.023658][ T8964] UDF-fs: Scanning with blocksize 512 failed [ 87.028442][ T8964] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 87.031682][ T8964] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512 [ 87.034703][ T8964] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 87.037068][ T8964] UDF-fs: Scanning with blocksize 1024 failed [ 87.039343][ T8964] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 87.042716][ T8964] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512 [ 87.048005][ T8964] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 87.051467][ T8964] UDF-fs: Scanning with blocksize 2048 failed [ 87.054742][ T8964] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 87.062386][ T8964] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512 [ 87.066852][ T8964] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 87.070214][ T8964] UDF-fs: Scanning with blocksize 4096 failed [ 87.072821][ T8964] UDF-fs: warning (device loop1): udf_fill_super: No partition found (1) [ 87.256732][ T8998] tmpfs: Bad value for 'mpol' [ 87.324909][ T9010] overlayfs: missing 'lowerdir' [ 87.464182][ T9035] qnx6: unable to read the first superblock [ 87.467499][ T9035] qnx6: unable to read the first superblock [ 87.469553][ T9035] qnx6: unable to read the first superblock [ 87.485018][ T9039] ICMPv6: NA: fd:f9:a6:84:a5:1b advertised our address fe80::aa on syz_tun! [ 87.549657][ T9047] isofs_fill_super: bread failed, dev=sr0, iso_blknum=32, block=32 [ 87.646524][ T9063] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 88.109298][ T9114] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000) [ 88.319785][ T40] audit: type=1326 audit(2000000000.650:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9141 comm="syz.2.1646" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0 [ 88.660651][ T9196] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 88.672898][ T9196] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 88.678104][ T9196] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 88.681091][ T9196] UDF-fs: Scanning with blocksize 512 failed [ 88.684954][ T9196] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 88.695536][ T9196] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 88.699116][ T9196] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 88.702256][ T9196] UDF-fs: Scanning with blocksize 1024 failed [ 88.711741][ T9196] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 88.716220][ T9196] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 88.720283][ T9196] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 88.723559][ T9196] UDF-fs: Scanning with blocksize 2048 failed [ 88.729516][ T9196] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 88.733663][ T9196] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 88.737456][ T9196] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 88.739867][ T9196] UDF-fs: Scanning with blocksize 4096 failed [ 88.741907][ T9196] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1) [ 90.325730][ T49] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 90.348699][ T9466] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 90.478197][ T49] usb 5-1: unable to get BOS descriptor or descriptor too short [ 90.481671][ T49] usb 5-1: not running at top speed; connect to a high speed hub [ 90.485785][ T49] usb 5-1: config 13 has an invalid interface number: 90 but max is 0 [ 90.488453][ T49] usb 5-1: config 13 has no interface number 0 [ 90.490587][ T49] usb 5-1: config 13 interface 90 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F [ 90.497391][ T49] usb 5-1: New USB device found, idVendor=0499, idProduct=100d, bcdDevice=81.b7 [ 90.500692][ T49] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 90.503348][ T49] usb 5-1: Product: syz [ 90.504873][ T49] usb 5-1: Manufacturer: syz [ 90.506937][ T49] usb 5-1: SerialNumber: syz [ 90.720262][ T49] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 90.736493][ T49] snd-usb-audio 5-1:13.90: probe with driver snd-usb-audio failed with error -2 [ 90.741133][ T49] usb 5-1: USB disconnect, device number 3 [ 90.757100][ T9487] udevd[9487]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:13.90/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 91.148381][ T9512] tmpfs: Bad value for 'mpol' [ 91.295559][ T844] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 91.414871][ T9529] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 91.417966][ T9529] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 91.427757][ T9529] vhci_hcd vhci_hcd.0: Device attached [ 91.432396][ T9530] vhci_hcd: connection closed [ 91.433653][ T3773] vhci_hcd: stop threads [ 91.441429][ T3773] vhci_hcd: release socket [ 91.443642][ T3773] vhci_hcd: disconnect device [ 91.456338][ T844] usb 6-1: Using ep0 maxpacket: 16 [ 91.489654][ T844] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 91.493118][ T844] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 91.496719][ T844] usb 6-1: Product: syz [ 91.498176][ T844] usb 6-1: Manufacturer: syz [ 91.499780][ T844] usb 6-1: SerialNumber: syz [ 91.507524][ T844] r8152-cfgselector 6-1: Unknown version 0x0000 [ 91.510218][ T844] r8152-cfgselector 6-1: config 0 descriptor?? [ 91.728838][ T844] r8152-cfgselector 6-1: Unknown version 0x0000 [ 91.732304][ T844] r8152-cfgselector 6-1: bad CDC descriptors [ 91.742731][ T844] r8152-cfgselector 6-1: USB disconnect, device number 4 [ 91.751746][ T9550] hfsplus: unable to find HFS+ superblock [ 91.794638][ T9554] NILFS (loop0): device size too small [ 92.470503][ T9638] futex_wake_op: syz.1.1883 tries to shift op by -1; fix this program [ 92.741251][ T9683] trusted_key: encrypted_key: insufficient parameters specified [ 92.776840][ T40] audit: type=1326 audit(2000000005.110:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9687 comm="syz.0.1908" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x0 [ 92.888261][ T40] audit: type=1800 audit(2000000005.220:11): pid=9696 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.3.1911" name="/newroot/475" dev="tmpfs" ino=2389 res=0 errno=0 [ 93.098681][ T9738] autofs: Unknown parameter 'no9 PG!8E8- ŖEeլ( Ir\u}ibT0;my[Gc#>QkbY&#w@/VVL~12lhOh'rK1\kU{!eܚ7 [ 93.098681][ T9738] Ue[%#s' [ 93.265757][ T34] usb 8-1: new full-speed USB device number 3 using dummy_hcd [ 93.428140][ T34] usb 8-1: not running at top speed; connect to a high speed hub [ 93.434251][ T34] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 1023, setting to 64 [ 93.442690][ T34] usb 8-1: New USB device found, idVendor=056a, idProduct=00de, bcdDevice= 0.40 [ 93.446879][ T34] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.450388][ T34] usb 8-1: Product: syz [ 93.452246][ T34] usb 8-1: Manufacturer: syz [ 93.454320][ T34] usb 8-1: SerialNumber: syz [ 93.465834][ T9724] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 93.577409][ T9802] Invalid ELF header type: 3 != 1 [ 93.683911][ T34] usbhid 8-1:1.0: can't add hid device: -71 [ 93.687178][ T34] usbhid 8-1:1.0: probe with driver usbhid failed with error -71 [ 93.696361][ T34] usb 8-1: USB disconnect, device number 3 [ 93.781905][ T9828] qnx6: unable to set blocksize [ 94.190839][ T9886] tmpfs: Bad value for 'grpquota_block_hardlimit' [ 94.339152][ T9912] futex_wake_op: syz.1.2018 tries to shift op by 32; fix this program [ 95.035310][T10043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 95.151243][ T40] audit: type=1326 audit(2000000007.396:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10060 comm="syz.3.2092" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x0 [ 95.242301][T10070] trusted_key: encrypted_key: master key parameter '' is invalid [ 96.440011][T10222] hpfs: hpfs_map_sector(): read error [ 96.460804][ T40] audit: type=1326 audit(2000000008.612:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10223 comm="syz.0.2173" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x0 [ 96.488443][ T64] Bluetooth: hci0: unexpected event for opcode 0x0c25 [ 96.679877][T10258] tmpfs: Bad value for 'mpol' [ 96.927065][T10290] qnx4: no qnx4 filesystem (no root dir). [ 97.212518][T10242] syz.3.2183: page allocation failure: order:0, mode:0x10cc0(GFP_KERNEL|__GFP_NORETRY), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 97.217280][T10242] CPU: 2 UID: 0 PID: 10242 Comm: syz.3.2183 Not tainted syzkaller #0 PREEMPT(full) [ 97.217295][T10242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.217301][T10242] Call Trace: [ 97.217305][T10242] [ 97.217310][T10242] dump_stack_lvl+0x16c/0x1f0 [ 97.217327][T10242] warn_alloc+0x248/0x3a0 [ 97.217339][T10242] ? __pfx_warn_alloc+0x10/0x10 [ 97.217351][T10242] ? psi_memstall_leave+0x19f/0x2d0 [ 97.217369][T10242] ? __pfx___alloc_pages_direct_compact+0x10/0x10 [ 97.217380][T10242] ? psi_memstall_leave+0x1e1/0x2d0 [ 97.217397][T10242] ? psi_memstall_leave+0x1e6/0x2d0 [ 97.217416][T10242] __alloc_frozen_pages_noprof+0xe9b/0x2440 [ 97.217433][T10242] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 97.217449][T10242] ? rcu_is_watching+0x12/0xc0 [ 97.217470][T10242] ? irqentry_exit+0x1dd/0x8c0 [ 97.217486][T10242] ? lockdep_hardirqs_on+0x7c/0x110 [ 97.217508][T10242] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 97.217525][T10242] ? policy_nodemask+0xea/0x4e0 [ 97.217541][T10242] alloc_pages_mpol+0x1fb/0x550 [ 97.217556][T10242] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 97.217570][T10242] ? alloc_pages_noprof+0x13a/0x180 [ 97.217584][T10242] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 97.217602][T10242] alloc_pages_noprof+0x12d/0x180 [ 97.217617][T10242] kimage_alloc_pages+0x74/0x350 [ 97.217634][T10242] kimage_alloc_control_pages+0x153/0xa00 [ 97.217654][T10242] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 97.217674][T10242] do_kexec_load+0x439/0x860 [ 97.217685][T10242] ? __pfx_do_kexec_load+0x10/0x10 [ 97.217724][T10242] __ia32_compat_sys_kexec_load+0x37f/0x400 [ 97.217737][T10242] ? __pfx___ia32_compat_sys_kexec_load+0x10/0x10 [ 97.217748][T10242] ? fput+0x70/0xf0 [ 97.217771][T10242] __do_fast_syscall_32+0xe8/0x680 [ 97.217789][T10242] do_fast_syscall_32+0x32/0x80 [ 97.217802][T10242] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 97.217815][T10242] RIP: 0023:0xf7f74579 [ 97.217825][T10242] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 97.217834][T10242] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 000000000000011b [ 97.217844][T10242] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003 [ 97.217851][T10242] RDX: 0000000080001080 RSI: 00000000003e0000 RDI: 0000000000000000 [ 97.217857][T10242] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 97.217862][T10242] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 97.217868][T10242] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 97.217881][T10242] [ 97.217896][T10242] Mem-Info: [ 97.321462][T10242] active_anon:5030 inactive_anon:40 isolated_anon:0 [ 97.321462][T10242] active_file:12236 inactive_file:25523 isolated_file:0 [ 97.321462][T10242] unevictable:1778 dirty:96 writeback:25 [ 97.321462][T10242] slab_reclaimable:7302 slab_unreclaimable:50956 [ 97.321462][T10242] mapped:23531 shmem:2319 pagetables:1111 [ 97.321462][T10242] sec_pagetables:313 bounce:0 [ 97.321462][T10242] kernel_misc_reclaimable:0 [ 97.321462][T10242] free:23670 free_pcp:420 free_cma:0 [ 97.340097][T10242] Node 0 active_anon:44kB inactive_anon:124kB active_file:0kB inactive_file:232kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:148kB dirty:76kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9364kB pagetables:1540kB sec_pagetables:1176kB all_unreclaimable? no Balloon:0kB [ 97.353602][T10242] Node 1 active_anon:20276kB inactive_anon:36kB active_file:48760kB inactive_file:90572kB unevictable:3576kB isolated(anon):0kB isolated(file):0kB mapped:93976kB dirty:308kB writeback:100kB shmem:5740kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:3380kB pagetables:2804kB sec_pagetables:76kB all_unreclaimable? no Balloon:0kB [ 97.367064][T10242] Node 0 DMA free:1892kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 97.379832][T10242] lowmem_reserve[]: 0 291 291 291 291 [ 97.382423][T10242] Node 0 DMA32 free:15544kB boost:0kB min:13448kB low:16808kB high:20168kB reserved_highatomic:2048KB free_highatomic:16KB active_anon:236kB inactive_anon:384kB active_file:0kB inactive_file:0kB unevictable:3536kB writepending:76kB zspages:0kB present:1032196kB managed:298560kB mlocked:0kB bounce:0kB free_pcp:464kB local_pcp:64kB free_cma:0kB [ 97.396469][T10242] lowmem_reserve[]: 0 0 0 0 0 [ 97.398621][T10242] Node 1 DMA32 free:87712kB boost:14336kB min:61480kB low:73264kB high:85048kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20176kB inactive_anon:36kB active_file:48960kB inactive_file:90572kB unevictable:3576kB writepending:308kB zspages:1980kB present:1048432kB managed:948220kB mlocked:32kB bounce:0kB free_pcp:2128kB local_pcp:0kB free_cma:0kB [ 97.410360][T10242] lowmem_reserve[]: 0 0 0 0 0 [ 97.411984][T10242] Node 0 DMA: 0*4kB 0*8kB 4*16kB (U) 10*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 0*2048kB 0*4096kB = 1920kB [ 97.418768][T10242] Node 0 DMA32: 47*4kB (UME) 68*8kB (UME) 44*16kB (UMEH) 80*32kB (UME) 33*64kB (UME) 24*128kB (UME) 10*256kB (ME) 5*512kB (M) 0*1024kB 1*2048kB (U) 0*4096kB = 16348kB [ 97.424228][T10242] Node 1 DMA32: 768*4kB (UME) 443*8kB (UME) 237*16kB (UME) 209*32kB (ME) 154*64kB (UME) 159*128kB (UME) 14*256kB (UME) 13*512kB (UM) 3*1024kB (UM) 3*2048kB (M) 5*4096kB (M) = 87240kB [ 97.430230][T10242] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 97.433686][T10242] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 97.438097][T10242] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 97.448895][T10242] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 97.452067][T10242] 37370 total pagecache pages [ 97.453678][T10242] 88 pages in swap cache [ 97.455256][T10242] Free swap = 121908kB [ 97.456887][T10242] Total swap = 124996kB [ 97.458597][T10242] 524155 pages RAM [ 97.460105][T10242] 0 pages HighMem/MovableOnly [ 97.462220][T10242] 208620 pages reserved [ 97.464109][T10242] 0 pages cma reserved [ 97.885199][T10242] kexec: Could not allocate control_code_buffer [ 98.260908][ T40] audit: type=1326 audit(2000000010.305:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10448 comm="syz.2.2286" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0 [ 98.995738][T10550] random: crng reseeded on system resumption [ 98.999271][ T40] audit: type=1326 audit(2000000266.990:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10549 comm="syz.2.2334" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0 [ 99.355783][T10604] Invalid source name [ 99.357284][T10604] UBIFS error (pid: 10604): cannot open "ubifs", error -22 [ 99.708315][ T40] audit: type=1326 audit(2000000266.656:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10637 comm="syz.1.2379" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x0 [ 100.099524][ T1026] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 100.130848][ T64] Bluetooth: hci1: command 0x0406 tx timeout [ 100.270752][ T1026] usb 5-1: unable to get BOS descriptor or descriptor too short [ 100.274833][ T1026] usb 5-1: config 12 has an invalid interface number: 40 but max is 0 [ 100.278033][ T1026] usb 5-1: config 12 has no interface number 0 [ 100.283061][ T1026] usb 5-1: config 12 interface 40 altsetting 1 endpoint 0xC has invalid maxpacket 1023, setting to 64 [ 100.287900][ T1026] usb 5-1: config 12 interface 40 has no altsetting 0 [ 100.292515][ T1026] usb 5-1: New USB device found, idVendor=0bb4, idProduct=0a9b, bcdDevice=bd.2b [ 100.295869][ T1026] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 100.298567][ T1026] usb 5-1: Product: syz [ 100.299979][ T1026] usb 5-1: Manufacturer: syz [ 100.303008][ T1026] usb 5-1: SerialNumber: syz [ 100.388640][ T6247] Bluetooth: hci3: command tx timeout [ 100.406440][T10746] futex_wake_op: syz.2.2431 tries to shift op by 144; fix this program [ 100.449352][T10752] syz.3.2434 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 100.538664][ T1026] usb 5-1: USB disconnect, device number 4 [ 100.718648][ T49] usb 7-1: new full-speed USB device number 2 using dummy_hcd [ 100.772067][ T34] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 100.913406][ T49] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 100.918744][ T49] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 1600, setting to 64 [ 100.923904][ T49] usb 7-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 100.931449][ T49] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 100.935936][ T49] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 100.940067][ T49] usb 7-1: SerialNumber: syz [ 100.944035][ T34] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 100.949169][ T34] usb 8-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94 [ 100.955172][ T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.960359][T10753] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 100.963600][T10753] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 100.971503][ T34] usb 8-1: config 0 descriptor?? [ 101.082155][ T844] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 101.201072][ T34] usb 8-1: USB disconnect, device number 4 [ 101.206861][ T49] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -71 [ 101.218997][ T49] usb 7-1: USB disconnect, device number 2 [ 101.253259][ T844] usb 6-1: Using ep0 maxpacket: 32 [ 101.257126][ T844] usb 6-1: config 1 interface 0 altsetting 6 bulk endpoint 0x82 has invalid maxpacket 64 [ 101.261184][ T844] usb 6-1: config 1 interface 0 altsetting 6 endpoint 0x3 has invalid maxpacket 2056, setting to 1024 [ 101.266050][ T844] usb 6-1: config 1 interface 0 altsetting 6 bulk endpoint 0x3 has invalid maxpacket 1024 [ 101.270362][ T844] usb 6-1: config 1 interface 0 has no altsetting 0 [ 101.275530][ T844] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 101.279335][ T844] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 101.282954][ T844] usb 6-1: Product: syz [ 101.284757][ T844] usb 6-1: Manufacturer: syz [ 101.286862][ T844] usb 6-1: SerialNumber: syz [ 101.292567][T10773] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 101.295940][T10773] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 101.488528][ T6247] Bluetooth: hci1: unexpected event for opcode 0x0c05 [ 101.527071][ T844] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71 [ 101.536788][ T844] usb 6-1: USB disconnect, device number 5 [ 101.924495][T10830] 9pnet_fd: Insufficient options for proto=fd [ 101.930248][T10831] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 101.932920][T10831] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 101.936278][T10831] vhci_hcd vhci_hcd.0: Device attached [ 101.948517][T10832] vhci_hcd: connection closed [ 101.950457][ T1225] vhci_hcd: stop threads [ 101.953670][ T1225] vhci_hcd: release socket [ 101.955255][ T1225] vhci_hcd: disconnect device [ 102.010087][T10846] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6 [ 102.225759][T10871] gfs2: not a GFS2 filesystem [ 102.321506][T10887] Can't find a SQUASHFS superblock on nullb0 [ 102.368831][T10893] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0. [ 102.582211][ T6247] Bluetooth: hci1: unexpected event for opcode 0x202a [ 102.654339][T10936] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 102.656971][T10936] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 102.662216][T10936] vhci_hcd vhci_hcd.0: Device attached [ 102.668854][T10939] vhci_hcd: connection closed [ 102.669167][ T4149] vhci_hcd: stop threads [ 102.673417][ T4149] vhci_hcd: release socket [ 102.679776][ T4149] vhci_hcd: disconnect device [ 102.762257][T10944] /dev/sr0: Can't open blockdev [ 102.830145][T10963] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0. [ 102.938470][T10981] exFAT-fs (nbd0): unable to read boot sector [ 102.941186][T10981] exFAT-fs (nbd0): failed to read boot sector [ 102.944109][T10981] exFAT-fs (nbd0): failed to recognize exfat type [ 103.037295][T10993] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000). [ 103.042149][T10993] qnx6: wrong signature (magic) in superblock #1. [ 103.045021][T10993] qnx6: unable to read the first superblock [ 103.119375][T11005] tmpfs: Bad value for 'mpol' [ 103.149193][ T6247] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260 [ 103.239196][T11021] tmpfs: Bad value for 'mpol' [ 103.292208][T11030] zonefs (nullb0) ERROR: Not a zoned block device [ 103.306775][T11026] 9pnet: Could not find request transport: xen [ 103.385008][T11046] tmpfs: Bad value for 'mpol' [ 103.405447][T11048] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 103.407851][T11048] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 103.411609][T11048] vhci_hcd vhci_hcd.0: Device attached [ 103.424698][T11049] vhci_hcd: connection closed [ 103.430721][ T3773] vhci_hcd: stop threads [ 103.435904][ T3773] vhci_hcd: release socket [ 103.438082][ T3773] vhci_hcd: disconnect device [ 103.564353][T11058] /dev/sr0: Can't open blockdev [ 103.780059][T11102] tmpfs: Unknown parameter 'noinode32' [ 104.072490][T11139] hpfs: Bad magic ... probably not HPFS [ 104.118307][ T34] usb 6-1: new low-speed USB device number 6 using dummy_hcd [ 104.282738][ T34] usb 6-1: unable to get BOS descriptor or descriptor too short [ 104.290736][ T34] usb 6-1: config 4 has an invalid interface number: 68 but max is 0 [ 104.294319][ T34] usb 6-1: config 4 has no interface number 0 [ 104.300007][ T34] usb 6-1: config 4 interface 68 altsetting 11 has an invalid descriptor for endpoint zero, skipping [ 104.304521][ T34] usb 6-1: config 4 interface 68 has no altsetting 0 [ 104.319524][ T34] usb 6-1: string descriptor 0 read error: -22 [ 104.323889][ T34] usb 6-1: New USB device found, idVendor=0499, idProduct=105c, bcdDevice=2d.6f [ 104.326971][ T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.336327][ T34] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 104.353551][ T34] snd-usb-audio 6-1:4.68: probe with driver snd-usb-audio failed with error -2 [ 104.362656][ T9487] udevd[9487]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:4.68/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 104.422317][T11183] can: request_module (can-proto-3) failed. [ 104.554368][ T844] usb 6-1: USB disconnect, device number 6 [ 104.663478][ T69] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 104.835269][ T69] usb 5-1: too many configurations: 178, using maximum allowed: 8 [ 104.851469][ T69] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 104.855332][ T69] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.858645][ T69] usb 5-1: Product: syz [ 104.860503][ T69] usb 5-1: Manufacturer: syz [ 104.862684][ T69] usb 5-1: SerialNumber: syz [ 104.870719][ T69] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 104.901558][ T6330] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 105.134228][ T29] usb 5-1: USB disconnect, device number 5 [ 105.328996][T11282] 9pnet: Unknown protocol version 9p20\++} [ 105.465059][T11300] FAT-fs (nullb0): bogus number of reserved sectors [ 105.467750][T11300] FAT-fs (nullb0): Can't find a valid FAT filesystem [ 105.601011][T11321] [syz.3.] <== rxrpc_preparse_xdr_yfs_rxgk() = -EKEYREJECTED [d9c19884!=bc, 2c,d9c19820] [ 106.032843][ T6330] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 106.036191][ T6330] ath9k_htc: Failed to initialize the device [ 106.040696][ T29] usb 5-1: ath9k_htc: USB layer deinitialized [ 106.159299][T11411] capability: warning: `syz.2.2755' uses deprecated v2 capabilities in a way that may be insecure [ 106.342490][T11442] tmpfs: Bad value for 'nr_inodes' [ 106.366383][T11444] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 106.368814][T11444] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 106.371588][T11444] vhci_hcd vhci_hcd.0: Device attached [ 106.375330][T11445] vhci_hcd: connection closed [ 106.376131][ T81] vhci_hcd: stop threads [ 106.380012][ T81] vhci_hcd: release socket [ 106.381950][ T81] vhci_hcd: disconnect device [ 107.784431][ T40] audit: type=1326 audit(2000524791.217:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11663 comm="syz.1.2880" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x0 [ 107.865364][ T40] audit: type=1326 audit(2000524791.293:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11675 comm="syz.2.2886" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x0 [ 108.040172][T11700] FAT-fs (loop1): unable to read boot sector [ 108.313794][T11746] PKCS7: Unknown OID: [4] 2.19.50.2018883.1651(bad) [ 108.317147][T11746] PKCS7: Only support pkcs7_signedData type [ 108.453409][T11771] tmpfs: Bad value for 'mpol' [ 108.623799][T11796] CIFS mount error: No usable UNC path provided in device string! [ 108.623799][T11796] [ 108.628947][T11796] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 108.718188][T11814] netlink: 'syz.2.2951': attribute type 12 has an invalid length. [ 108.743662][ T40] audit: type=1326 audit(2000524792.123:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11815 comm="syz.0.2956" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000 [ 108.760875][ T40] audit: type=1326 audit(2000524792.141:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11815 comm="syz.0.2956" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf70dd579 code=0x7ffc0000 [ 108.768529][ T40] audit: type=1326 audit(2000524792.141:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11815 comm="syz.0.2956" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000 [ 108.777375][ T40] audit: type=1326 audit(2000524792.141:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11815 comm="syz.0.2956" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000 [ 108.877205][T11838] Illegal XDP return value 603212160 on prog (id 243) dev N/A, expect packet loss! [ 108.911728][T11842] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 109.089355][ T24] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 109.128077][T11864] xt_ecn: cannot match TCP bits for non-tcp packets [ 109.178226][T11867] netlink: 'syz.0.2980': attribute type 3 has an invalid length. [ 109.180568][T11868] netlink: 'syz.1.2981': attribute type 3 has an invalid length. [ 109.185316][T11868] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2981'. [ 109.259032][ T24] usb 7-1: Using ep0 maxpacket: 16 [ 109.262787][ T24] usb 7-1: config index 0 descriptor too short (expected 65, got 36) [ 109.266156][ T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 109.274083][ T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 109.280293][ T24] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 109.287674][ T24] usb 7-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 109.291867][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.296747][ T24] usb 7-1: config 0 descriptor?? [ 109.310638][ T24] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input5 [ 109.336715][ T5343] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 109.348310][ T5343] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 109.362053][ T5343] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 109.373829][ T5343] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 109.383729][ T7579] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 109.389720][ T5343] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 109.396057][ T5343] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 109.400950][ T5343] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 109.405738][ T5343] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 109.506172][T11888] warning: `syz.1.2991' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 109.519760][T11832] pxrc 7-1:0.0: pxrc_open - usb_submit_urb failed, error: -90 [ 109.531063][ T1026] usb 7-1: USB disconnect, device number 3 [ 109.664067][T11894] netlink: 'syz.1.2994': attribute type 1 has an invalid length. [ 109.731374][ T40] audit: type=1326 audit(2000524793.056:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11897 comm="syz.1.2996" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000 [ 109.748098][ T40] audit: type=1326 audit(2000524793.056:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11897 comm="syz.1.2996" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000 [ 109.758857][ T40] audit: type=1326 audit(2000524793.075:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11897 comm="syz.1.2996" exe="/syz-executor" sig=0 arch=40000003 syscall=290 compat=1 ip=0xf705d579 code=0x7ffc0000 [ 109.788219][ T40] audit: type=1326 audit(2000524793.075:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11897 comm="syz.1.2996" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000 [ 109.852773][ T6247] Bluetooth: hci1: command 0x0406 tx timeout [ 110.585541][T11944] netlink: 'syz.0.3019': attribute type 1 has an invalid length. [ 111.009629][T11986] netlink: 'syz.3.3040': attribute type 7 has an invalid length. [ 111.293938][T12010] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 111.332091][T12015] tipc: Can't bind to reserved service type 1 [ 111.605305][T12045] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3070'. [ 111.617285][T12046] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode [ 111.681166][T12053] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 111.774731][T12068] netlink: 'syz.1.3081': attribute type 1 has an invalid length. [ 111.778614][T12068] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3081'. [ 111.913671][T12075] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3084'. [ 112.038855][T12092] sit1: entered promiscuous mode [ 112.041001][T12092] sit1: entered allmulticast mode [ 112.083846][T12098] binder: BC_ATTEMPT_ACQUIRE not supported [ 112.086587][T12098] binder: 12097:12098 ioctl c0306201 800001c0 returned -22 [ 112.104981][T12100] mac80211_hwsim hwsim4 wlan0: entered promiscuous mode [ 112.262031][T12122] netlink: 'syz.3.3108': attribute type 11 has an invalid length. [ 112.265324][T12122] netlink: 199828 bytes leftover after parsing attributes in process `syz.3.3108'. [ 112.363903][T12140] xt_CT: You must specify a L4 protocol and not use inversions on it [ 112.439899][T12151] : renamed from bridge_slave_0 (while UP) [ 112.482772][T12155] Invalid source name [ 112.602878][T12168] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode [ 112.686227][T12182] netlink: 'syz.1.3136': attribute type 21 has an invalid length. [ 112.689593][T12182] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3136'. [ 112.735671][T12190] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3138'. [ 112.743238][T12190] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3138'. [ 112.863095][T12204] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode [ 112.870432][T12208] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3145'. [ 113.096966][T12240] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 113.101125][T12240] batadv_slave_0: entered promiscuous mode [ 113.174115][T12251] bridge0: port 3(veth0_to_bridge) entered blocking state [ 113.178055][T12251] bridge0: port 3(veth0_to_bridge) entered disabled state [ 113.181526][T12251] veth0_to_bridge: entered allmulticast mode [ 113.188395][T12251] veth0_to_bridge: entered promiscuous mode [ 113.191246][T12251] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 113.197869][T12251] bridge0: port 3(veth0_to_bridge) entered blocking state [ 113.201285][T12251] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 113.282615][T12262] geneve2: entered promiscuous mode [ 113.284395][T12262] geneve2: entered allmulticast mode [ 113.286618][ T1225] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 113.290346][ T1225] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 113.301933][ T1225] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 113.301969][ T1225] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 113.497129][T12285] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3181'. [ 113.562914][T12291] netlink: 'syz.1.3184': attribute type 16 has an invalid length. [ 113.722479][ T40] kauditd_printk_skb: 6 callbacks suppressed [ 113.722490][ T40] audit: type=1400 audit(2000524796.817:33): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3A9D pid=12308 comm="syz.3.3192" [ 113.760007][T12315] netlink: 'syz.0.3195': attribute type 21 has an invalid length. [ 113.763592][T12316] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 113.766130][T12316] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 113.779822][T12316] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 113.782421][T12316] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 114.094148][T12353] bond1: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 114.106558][T12353] bond1 (unregistering): Released all slaves [ 114.202432][T12366] random: crng reseeded on system resumption [ 114.437856][T12401] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 114.440961][T12401] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 114.444693][T12401] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 114.448101][T12401] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 114.460104][ T40] audit: type=1326 audit(2000524797.515:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12406 comm="syz.2.3239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x7ffc0000 [ 114.480574][ T40] audit: type=1326 audit(2000524797.524:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12406 comm="syz.2.3239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x7ffc0000 [ 114.490359][ T40] audit: type=1326 audit(2000524797.524:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12406 comm="syz.2.3239" exe="/syz-executor" sig=0 arch=40000003 syscall=424 compat=1 ip=0xf7f47579 code=0x7ffc0000 [ 114.499879][ T40] audit: type=1326 audit(2000524797.524:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12406 comm="syz.2.3239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x7ffc0000 [ 114.510471][ T40] audit: type=1326 audit(2000524797.524:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12406 comm="syz.2.3239" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x7ffc0000 [ 114.583951][T12421] validate_nla: 1 callbacks suppressed [ 114.583968][T12421] netlink: 'syz.1.3246': attribute type 1 has an invalid length. [ 114.673052][T12431] __nla_validate_parse: 3 callbacks suppressed [ 114.673070][T12431] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3251'. [ 114.682580][T12431] netlink: 260 bytes leftover after parsing attributes in process `syz.3.3251'. [ 114.898993][T12450] random: crng reseeded on system resumption [ 114.926487][T12452] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3261'. [ 114.996365][T12456] bond1: option arp_validate: mode dependency failed, not supported in mode balance-tlb(5) [ 115.044279][T12456] bond1 (unregistering): Released all slaves [ 115.071672][T12465] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3267'. [ 115.098705][T12461] netlink: 288 bytes leftover after parsing attributes in process `syz.1.3265'. [ 115.204297][T12475] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3272'. [ 115.278205][T12481] netlink: 'syz.1.3275': attribute type 2 has an invalid length. [ 115.282480][T12481] netlink: 'syz.1.3275': attribute type 1 has an invalid length. [ 115.286491][T12481] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3275'. [ 115.426712][T12497] netlink: 'syz.1.3282': attribute type 11 has an invalid length. [ 115.433169][T12497] netlink: 228 bytes leftover after parsing attributes in process `syz.1.3282'. [ 115.580486][ T40] audit: type=1326 audit(2000524798.570:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12512 comm="syz.0.3290" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000 [ 115.596658][ T40] audit: type=1326 audit(2000524798.580:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12512 comm="syz.0.3290" exe="/syz-executor" sig=0 arch=40000003 syscall=138 compat=1 ip=0xf70dd579 code=0x7ffc0000 [ 115.613587][ T40] audit: type=1326 audit(2000524798.580:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12512 comm="syz.0.3290" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000 [ 115.621747][ T40] audit: type=1326 audit(2000524798.580:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12512 comm="syz.0.3290" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000 [ 115.629265][T12515] trusted_key: encrypted_key: keylen parameter is missing [ 115.655650][T12521] netlink: 84 bytes leftover after parsing attributes in process `syz.0.3294'. [ 115.792473][T12544] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 115.799467][T12544] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 115.802728][T12544] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 116.102194][T12580] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 116.112573][T12584] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3322'. [ 116.375075][T12624] netlink: 'syz.0.3344': attribute type 63 has an invalid length. [ 116.432024][T12634] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 116.434902][T12634] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 116.461283][T12634] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 116.464908][T12634] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 116.605060][T12661] netlink: 'syz.1.3363': attribute type 21 has an invalid length. [ 116.737983][T12678] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 116.919909][T12701] program syz.0.3381 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 117.169165][T12722] netlink: 'syz.0.3393': attribute type 21 has an invalid length. [ 117.171014][T12723] netlink: 'syz.2.3394': attribute type 2 has an invalid length. [ 117.171803][T12722] netlink: 'syz.0.3393': attribute type 1 has an invalid length. [ 117.175376][T12723] netlink: 'syz.2.3394': attribute type 8 has an invalid length. [ 117.248311][T12730] sctp: [Deprecated]: syz.2.3398 (pid 12730) Use of int in maxseg socket option. [ 117.248311][T12730] Use struct sctp_assoc_value instead [ 117.818865][T12785] openvswitch: netlink: Key type 31 is not supported [ 117.823782][T12786] netlink: 'syz.1.3424': attribute type 4 has an invalid length. [ 117.833361][T12786] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check. [ 118.107617][T12818] gretap0: refused to change device tx_queue_len [ 118.112423][T12818] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 118.160243][T12824] macvtap0: entered allmulticast mode [ 118.164385][T12824] veth0_macvtap: entered allmulticast mode [ 118.167809][T12824] A link change request failed with some changes committed already. Interface macvtap0 may have been left with an inconsistent configuration, please check. [ 118.782308][T12903] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 118.855974][T12913] sock: sock_timestamping_bind_phc: sock not bind to device [ 118.908938][T12917] gretap0: refused to change device tx_queue_len [ 118.911772][T12917] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 119.092395][T12939] binder: 12938:12939 ioctl c0306201 80000040 returned -22 [ 119.098083][T12944] nvme_fabrics: unknown parameter or missing value 'V' in ctrl creation request [ 119.176208][T12957] openvswitch: netlink: Unexpected mask (mask=840, allowed=10048) [ 119.291488][T12971] ubi31: attaching mtd0 [ 119.298919][T12971] ubi31: scanning is finished [ 119.300560][T12971] ubi31: empty MTD device detected [ 119.357674][T12981] SET target dimension over the limit! [ 119.504281][T12971] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 119.507004][T12971] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 119.511873][T12971] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 119.514606][T12971] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 119.517621][T12971] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 119.520067][T12971] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 119.522760][T12971] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1554048331 [ 119.526204][T12971] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 119.530105][T12997] ubi31: background thread "ubi_bgt31d" started, PID 12997 [ 119.788822][T13033] tmpfs: Bad value for 'mpol' [ 119.917931][T13054] validate_nla: 6 callbacks suppressed [ 119.917948][T13054] netlink: 'syz.1.3544': attribute type 1 has an invalid length. [ 120.468871][T13115] netlink: 'syz.3.3571': attribute type 8 has an invalid length. [ 120.597331][ T6247] Bluetooth: hci2: ACL packet too small [ 121.014864][T13172] xt_hashlimit: overflow, rate too high: 0 [ 121.204306][T13196] __nla_validate_parse: 11 callbacks suppressed [ 121.204323][T13196] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3612'. [ 121.290385][T13211] netlink: 'syz.2.3618': attribute type 10 has an invalid length. [ 121.306133][T13211] team0: Port device dummy0 added [ 121.377461][T13222] binder: 13220:13222 ioctl c018620c 80000040 returned -1 [ 121.389700][T13225] comedi comedi1: ni_at_a2150: a I/O base address must be specified [ 121.428437][T13232] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3627'. [ 121.490438][T13241] random: crng reseeded on system resumption [ 121.536431][T13249] Cannot find set identified by id 0 to match [ 121.552789][T13251] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3638'. [ 121.731523][ T40] audit: type=1326 audit(2000524804.363:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13283 comm="syz.3.3650" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000 [ 121.741162][ T40] audit: type=1326 audit(2000524804.363:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13283 comm="syz.3.3650" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000 [ 121.754756][ T40] audit: type=1326 audit(2000524804.373:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13283 comm="syz.3.3650" exe="/syz-executor" sig=0 arch=40000003 syscall=144 compat=1 ip=0xf7f74579 code=0x7ffc0000 [ 121.764392][ T40] audit: type=1326 audit(2000524804.373:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13283 comm="syz.3.3650" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000 [ 121.774655][ T40] audit: type=1326 audit(2000524804.373:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13283 comm="syz.3.3650" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000 [ 122.102475][T13329] netlink: 'syz.0.3671': attribute type 5 has an invalid length. [ 122.107269][T13329] ip6erspan0: entered promiscuous mode [ 122.163018][T13334] xt_ecn: cannot match TCP bits for non-tcp packets [ 122.200460][T13339] netlink: 'syz.3.3677': attribute type 10 has an invalid length. [ 122.206914][T13339] team0: Port device dummy0 added [ 122.242164][T13344] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 122.499780][T13366] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3688'. [ 122.719854][T13396] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3701'. [ 123.051154][T13441] syz.0.3723: calling unsupported SCSI_IOCTL_SEND_COMMAND [ 123.113717][ T40] audit: type=1400 audit(2000524805.663:48): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=13450 comm="syz.3.3729" [ 123.265408][T13469] binder: 13468:13469 ioctl c00c6211 0 returned -14 [ 123.525098][T13508] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3756'. [ 123.525312][T13509] /dev/sg0: Can't lookup blockdev [ 123.731392][T13540] program syz.1.3772 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 123.916304][ T34] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 123.943562][T13570] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay' [ 124.018841][T13580] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 124.080495][T13588] netlink: 'syz.0.3795': attribute type 4 has an invalid length. [ 124.086227][ T34] usb 8-1: Using ep0 maxpacket: 32 [ 124.091830][ T34] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 124.096476][ T34] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 124.102461][ T34] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 124.103961][T13590] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3797'. [ 124.110304][ T34] usb 8-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 124.114799][ T34] usb 8-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 124.117708][ T34] usb 8-1: Product: syz [ 124.121358][ T34] usb 8-1: Manufacturer: syz [ 124.122969][ T34] usb 8-1: SerialNumber: syz [ 124.134174][ T34] input: appletouch as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/input/input8 [ 124.141590][T13595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3799'. [ 124.328127][T13618] ieee802154 phy1 wpan1: encryption failed: -22 [ 124.352043][ T34] usb 8-1: USB disconnect, device number 6 [ 124.368735][ T34] appletouch 8-1:1.0: input: appletouch disconnected [ 124.523893][T13642] random: crng reseeded on system resumption [ 124.732254][T13669] tc_dump_action: action bad kind [ 124.740751][T13673] mmap: syz.2.3835 (13673): VmData 45764608 exceed data ulimit 32768. Update limits or use boot option ignore_rlimit_data. [ 124.794907][T13680] netlink: 'syz.2.3838': attribute type 2 has an invalid length. [ 124.799458][T13680] netlink: 'syz.2.3838': attribute type 1 has an invalid length. [ 124.824025][T13684] usb usb8: usbfs: process 13684 (syz.0.3840) did not claim interface 0 before use [ 125.057408][T13720] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic [ 125.289633][T13763] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3877'. [ 125.335652][T13770] netlink: 'syz.1.3882': attribute type 30 has an invalid length. [ 125.395411][T13779] : entered promiscuous mode [ 125.501668][T13797] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 125.503844][T13797] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 125.506950][T13797] vhci_hcd vhci_hcd.0: Device attached [ 125.510817][T13798] vhci_hcd: connection closed [ 125.511005][ T1225] vhci_hcd: stop threads [ 125.515198][ T1225] vhci_hcd: release socket [ 125.517105][ T1225] vhci_hcd: disconnect device [ 125.683938][T13825] AppArmor: change_hat: Invalid input '' [ 125.822454][T13848] sctp: [Deprecated]: syz.1.3921 (pid 13848) Use of int in max_burst socket option deprecated. [ 125.822454][T13848] Use struct sctp_assoc_value instead [ 126.002101][T13873] netlink: 'syz.1.3933': attribute type 21 has an invalid length. [ 126.176549][T13896] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 126.214838][T13901] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3946'. [ 126.406391][T13928] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 126.429722][T13931] --map-set only usable from mangle table [ 126.608234][T13951] netlink: 'syz.3.3972': attribute type 1 has an invalid length. [ 126.611092][T13951] __nla_validate_parse: 1 callbacks suppressed [ 126.611102][T13951] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3972'. [ 126.618459][T13953] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 126.968283][T14013] usb usb8: usbfs: process 14013 (syz.0.4002) did not claim interface 0 before use [ 126.992287][T14017] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4004'. [ 127.049234][T14026] cgroup: Unknown subsys name 'cpuset' [ 127.605156][T14109] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4051'. [ 127.622939][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 127.627955][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 127.632740][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 127.637571][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 127.642264][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 127.647113][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 127.651891][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 127.657040][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 127.662030][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 127.667126][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 127.845617][ T40] audit: type=1326 audit(2000524810.111:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14131 comm="syz.2.4061" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x7ffc0000 [ 127.864885][ T40] audit: type=1326 audit(2000524810.111:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14131 comm="syz.2.4061" exe="/syz-executor" sig=0 arch=40000003 syscall=10 compat=1 ip=0xf7f47579 code=0x7ffc0000 [ 127.891990][ T40] audit: type=1326 audit(2000524810.111:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14131 comm="syz.2.4061" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x7ffc0000 [ 127.922170][ T40] audit: type=1326 audit(2000524810.111:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14131 comm="syz.2.4061" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x7ffc0000 [ 127.954249][T14144] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4069'. [ 128.088279][T14160] netlink: 'syz.1.4074': attribute type 2 has an invalid length. [ 128.196827][T14178] program syz.0.4084 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 128.263481][T14182] netlink: 64 bytes leftover after parsing attributes in process `syz.3.4086'. [ 129.000603][T14269] tmpfs: Bad value for 'mpol' [ 129.211736][T14289] usb usb8: usbfs: process 14289 (syz.0.4139) did not claim interface 0 before use [ 129.382960][T14308] PKCS8: Unsupported PKCS#8 version [ 129.630716][T14329] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4158'. [ 129.645855][T14338] kAFS: unable to lookup cell '' [ 130.092183][T14398] can0: slcan on ttyS3. [ 130.184653][T14413] program syz.2.4198 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 130.222589][T14396] can0 (unregistered): slcan off ttyS3. [ 130.689825][T14474] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4223'. [ 130.703089][ T40] audit: type=1400 audit(2000524812.786:53): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=14475 comm="syz.1.4225" [ 130.757913][T14486] netlink: 'syz.1.4229': attribute type 2 has an invalid length. [ 130.827705][ T40] audit: type=1326 audit(2000524812.898:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14495 comm="syz.0.4234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000 [ 130.844142][ T40] audit: type=1326 audit(2000524812.898:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14495 comm="syz.0.4234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000 [ 130.853660][ T40] audit: type=1326 audit(2000524812.898:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14495 comm="syz.0.4234" exe="/syz-executor" sig=0 arch=40000003 syscall=45 compat=1 ip=0xf70dd579 code=0x7ffc0000 [ 130.862785][ T40] audit: type=1326 audit(2000524812.898:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14495 comm="syz.0.4234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000 [ 130.871847][ T40] audit: type=1326 audit(2000524812.898:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14495 comm="syz.0.4234" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70dd579 code=0x7ffc0000 [ 131.060057][T14523] No source specified [ 131.099960][T14528] befs: (nbd0): No write support. Marking filesystem read-only [ 131.103433][T14528] befs: (nbd0): unable to read superblock [ 131.171457][T14537] dvmrp9: entered allmulticast mode [ 131.252881][T14547] can0: slcan on ttyS3. [ 131.354969][T14546] can0 (unregistered): slcan off ttyS3. [ 131.357818][T14558] block nbd3: NBD_DISCONNECT [ 131.938047][T14624] [U]  [ 131.939537][T14624] [U] K{ [ 131.940981][T14624] [U] t 1ŠFfˊ`GJgo/mC [ 131.945457][T14624] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!" (5Ob̓J [ 131.952122][T14624] [U] k\&}66XHX .`a$40|϶9ި U4Vbz}wMTQΦr 4 [ 131.956958][T14624] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_< ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq [ 131.972033][T14624] [U] +wG?]'a: )' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj ;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿B ٜNy"vI2 [ 131.985504][T14624] [U] T_K5tYJ9c$brLNul 9w|G"ʃ%C؝q 3qN^HP*$ .7yӱ2 [ 131.990223][T14624] [U] ? h*37鍾^#Q"0~ (oX Lb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ [ 131.995860][T14624] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<>{q_՝LX8U{Z)7?rR;crhײڣ1>)Măt(aϝ}9ڥJ*Mќġ'Lq DW=|q ÆW;5Ž!dBx`/E`ƦMX"\ [ 132.044636][T14624] [U] {; ٘_o2)o.2W2yx_ HPϱSD:]{ [ 132.050334][T14624] [U] I,> 51^1N4oǶ'0?֒i9w._.WaV`)Zc6GiӹaXL[F*OW)+'\n[K@2Ǭp"^` [ 132.056251][T14624] [U] 22Ʃx?0;3u [ 132.059790][T14624] [U] ޜsObx8W4(~/KUԖoQe+G-ygY_>v3.hә]̈́2)D, D~d+w; A\FPȘ|$)KؐIɿkYT^R癵A=#ܜ aet1ݯ4K.e"RS|s:>p r"z#P!KY"}FN84hޱosߙ̫%Dlwm [ 132.070212][T14624] [U] [['xn' ,mr/1D=!Dx91BwRlfKZ#` l؛˜b~m [ 132.075932][T14624] [U] L>d+d"5h3<iR=F^fnvDOIO:U>Y [ 132.079550][T14624] [U] 'B6v20瞥׌"t8{9FW]쩍 [ 132.083198][T14624] [U] 72uC6τI]8ctۨQSkYI |V'TV/g$[ 9kh`"}[^=0]%̂TF_v4C [ 132.088388][T14624] [U] ec [ 132.089803][T14624] [U] |<:^3$7nK~-@?/mtl۾Iw@g~t{P+$jp| IRipm Y 8tV,l, [ 132.105926][T14623] [U] K)0~ʪiP'fzr @B]5{ʼ'8ƥFUTqUdǩK;70c[yYCذmL8T͚5rxW xoQhVi'8L [ 132.436438][T14678] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4322'. [ 132.557459][T14692] xt_hashlimit: size too large, truncated to 1048576 [ 132.572409][T14692] xt_hashlimit: Unknown mode mask FFFFFFE, kernel too old? [ 132.655733][T14705] Cannot find del_set index 2 as target [ 132.858301][T14735] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4348'. [ 132.861210][T14735] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4348'. [ 132.978651][ C0] net_ratelimit: 22615 callbacks suppressed [ 132.978668][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 132.986627][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 132.991905][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 132.996872][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 133.001894][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 133.007077][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 133.012367][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 133.017332][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 133.022503][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 133.027387][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 133.463086][T14816] syz.3.4377: vmalloc error: size 1379004416, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 133.473723][T14816] CPU: 2 UID: 0 PID: 14816 Comm: syz.3.4377 Not tainted syzkaller #0 PREEMPT(full) [ 133.473740][T14816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 133.473746][T14816] Call Trace: [ 133.473750][T14816] [ 133.473755][T14816] dump_stack_lvl+0x16c/0x1f0 [ 133.473773][T14816] warn_alloc+0x248/0x3a0 [ 133.473786][T14816] ? __pfx_warn_alloc+0x10/0x10 [ 133.473796][T14816] ? lockdep_hardirqs_on+0x7c/0x110 [ 133.473814][T14816] ? kasan_save_stack+0x42/0x60 [ 133.473828][T14816] ? kasan_save_stack+0x33/0x60 [ 133.473841][T14816] ? kasan_save_track+0x14/0x30 [ 133.473854][T14816] ? vb2_vmalloc_alloc+0xf9/0x3f0 [ 133.473867][T14816] ? __vb2_queue_alloc+0x8c9/0x1280 [ 133.473877][T14816] ? vb2_core_create_bufs+0x559/0xab0 [ 133.473890][T14816] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 133.473902][T14816] __vmalloc_node_range_noprof+0xfbc/0x1480 [ 133.473922][T14816] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 133.473937][T14816] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 133.473957][T14816] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 133.473968][T14816] vmalloc_user_noprof+0x9e/0xe0 [ 133.473983][T14816] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 133.473994][T14816] vb2_vmalloc_alloc+0x135/0x3f0 [ 133.474007][T14816] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 133.474018][T14816] __vb2_queue_alloc+0x8c9/0x1280 [ 133.474035][T14816] vb2_core_create_bufs+0x559/0xab0 [ 133.474064][T14816] ? __pfx_vb2_core_create_bufs+0x10/0x10 [ 133.474074][T14816] ? __pfx___might_resched+0x10/0x10 [ 133.474094][T14816] ? __mutex_lock+0x27b/0x1b10 [ 133.474110][T14816] ? __pfx_get_v4l2_format32+0x10/0x10 [ 133.474125][T14816] vb2_create_bufs+0x5e8/0x840 [ 133.474145][T14816] ? __pfx_vb2_create_bufs+0x10/0x10 [ 133.474162][T14816] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 133.474180][T14816] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 133.474198][T14816] v4l_create_bufs+0x151/0x260 [ 133.474212][T14816] __video_do_ioctl+0xb77/0xf00 [ 133.474229][T14816] ? __pfx___video_do_ioctl+0x10/0x10 [ 133.474245][T14816] ? video_usercopy+0x139/0x13e0 [ 133.474262][T14816] video_usercopy+0x47f/0x13e0 [ 133.474277][T14816] ? __pfx___video_do_ioctl+0x10/0x10 [ 133.474292][T14816] ? __pfx_video_usercopy+0x10/0x10 [ 133.474311][T14816] ? hook_file_ioctl_common+0x145/0x410 [ 133.474330][T14816] v4l2_ioctl+0x1bd/0x250 [ 133.474343][T14816] ? __ia32_compat_sys_openat+0xb1/0x210 [ 133.474356][T14816] v4l2_compat_ioctl32+0x217/0x2c0 [ 133.474382][T14816] ? __pfx_v4l2_compat_ioctl32+0x10/0x10 [ 133.474396][T14816] __ia32_compat_sys_ioctl+0x242/0x370 [ 133.474411][T14816] __do_fast_syscall_32+0xe8/0x680 [ 133.474438][T14816] do_fast_syscall_32+0x32/0x80 [ 133.474457][T14816] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 133.474475][T14816] RIP: 0023:0xf7f74579 [ 133.474484][T14816] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 133.474493][T14816] RSP: 002b:00000000f546655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 133.474503][T14816] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0f8565c [ 133.474509][T14816] RDX: 0000000080000440 RSI: 0000000000000000 RDI: 0000000000000000 [ 133.474515][T14816] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 133.474521][T14816] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 133.474526][T14816] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 133.474539][T14816] [ 133.483203][T14816] Mem-Info: [ 133.627269][T14816] active_anon:771 inactive_anon:4665 isolated_anon:0 [ 133.627269][T14816] active_file:843 inactive_file:11374 isolated_file:0 [ 133.627269][T14816] unevictable:1768 dirty:487 writeback:0 [ 133.627269][T14816] slab_reclaimable:6031 slab_unreclaimable:52135 [ 133.627269][T14816] mapped:23917 shmem:2315 pagetables:1327 [ 133.627269][T14816] sec_pagetables:316 bounce:0 [ 133.627269][T14816] kernel_misc_reclaimable:0 [ 133.627269][T14816] free:90151 free_pcp:14812 free_cma:0 [ 133.647505][T14816] Node 0 active_anon:132kB inactive_anon:0kB active_file:408kB inactive_file:52kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:84kB dirty:80kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9232kB pagetables:1280kB sec_pagetables:1180kB all_unreclaimable? yes Balloon:0kB [ 133.663406][T14816] Node 1 active_anon:2752kB inactive_anon:18660kB active_file:2964kB inactive_file:45444kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:95584kB dirty:1868kB writeback:0kB shmem:5724kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:3660kB pagetables:4028kB sec_pagetables:84kB all_unreclaimable? no Balloon:0kB [ 133.676962][T14816] Node 0 DMA free:2064kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:460kB local_pcp:128kB free_cma:0kB [ 133.689439][T14816] lowmem_reserve[]: 0 291 291 291 291 [ 133.691317][T14816] Node 0 DMA32 free:17040kB boost:0kB min:13448kB low:16808kB high:20168kB reserved_highatomic:2048KB free_highatomic:352KB active_anon:132kB inactive_anon:0kB active_file:408kB inactive_file:52kB unevictable:3536kB writepending:80kB zspages:0kB present:1032196kB managed:298560kB mlocked:0kB bounce:0kB free_pcp:14576kB local_pcp:3812kB free_cma:0kB [ 133.709842][T14816] lowmem_reserve[]: 0 0 0 0 0 [ 133.714762][T14816] Node 1 DMA32 free:341188kB boost:8192kB min:55336kB low:67120kB high:78904kB reserved_highatomic:0KB free_highatomic:0KB active_anon:2852kB inactive_anon:18660kB active_file:2964kB inactive_file:45444kB unevictable:3536kB writepending:1868kB zspages:1784kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:43984kB local_pcp:13128kB free_cma:0kB [ 133.729754][T14816] lowmem_reserve[]: 0 0 0 0 0 [ 133.731883][T14816] Node 0 DMA: 22*4kB (UM) 19*8kB (U) 14*16kB (UM) 6*32kB (UM) 0*64kB 1*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2064kB [ 133.739440][T14816] Node 0 DMA32: 22*4kB (UMEH) 13*8kB (UEH) 19*16kB (MEH) 101*32kB (UMEH) 52*64kB (UMEH) 24*128kB (UME) 11*256kB (UME) 6*512kB (UM) 1*1024kB (U) 0*2048kB 0*4096kB = 17040kB [ 133.746768][T14816] Node 1 DMA32: 306*4kB (UM) 249*8kB (UME) 492*16kB (UE) 458*32kB (UE) 501*64kB (UME) 321*128kB (UME) 115*256kB (UME) 72*512kB (UME) 44*1024kB (UM) 24*2048kB (UM) 20*4096kB (UM) = 341328kB [ 133.753566][T14841] SET target dimension over the limit! [ 133.755762][T14816] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 133.762315][T14816] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 133.766382][T14816] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 133.771798][T14816] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 133.776012][T14816] 14770 total pagecache pages [ 133.778398][T14816] 243 pages in swap cache [ 133.781532][T14816] Free swap = 122064kB [ 133.783620][T14816] Total swap = 124996kB [ 133.785680][T14816] 524155 pages RAM [ 133.787479][T14816] 0 pages HighMem/MovableOnly [ 133.789732][T14816] 208620 pages reserved [ 133.792206][T14816] 0 pages cma reserved [ 134.173762][T14876] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4408'. [ 134.237129][T14885] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 134.270432][T14887] netlink: 1120 bytes leftover after parsing attributes in process `syz.2.4413'. [ 134.276183][T14887] netlink: 1120 bytes leftover after parsing attributes in process `syz.2.4413'. [ 134.407760][T14904] nfs: Deprecated parameter 'nointr' [ 134.478119][T14907] netlink: 'syz.0.4424': attribute type 1 has an invalid length. [ 134.573612][T14916] netlink: 'syz.0.4427': attribute type 2 has an invalid length. [ 135.054917][T14958] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4448'. [ 135.339295][T14984] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4460'. [ 136.175221][T15057] netlink: 'syz.0.4496': attribute type 1 has an invalid length. [ 136.178634][T15057] netlink: 224 bytes leftover after parsing attributes in process `syz.0.4496'. [ 136.748864][T15106] ip6erspan0: entered promiscuous mode [ 137.040390][ T40] audit: type=1326 audit(2000524818.707:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15132 comm="syz.1.4533" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000 [ 137.056998][ T40] audit: type=1326 audit(2000524818.717:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15132 comm="syz.1.4533" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000 [ 137.082058][ T40] audit: type=1326 audit(2000524818.726:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15132 comm="syz.1.4533" exe="/syz-executor" sig=0 arch=40000003 syscall=131 compat=1 ip=0xf705d579 code=0x7ffc0000 [ 137.113308][ T40] audit: type=1326 audit(2000524818.735:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15132 comm="syz.1.4533" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705d579 code=0x7ffc0000 [ 137.234973][T15149] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 137.266835][T15147] xt_addrtype: input interface limitation not valid in POSTROUTING and OUTPUT [ 137.421786][T15166] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4548'. [ 137.503920][T15149] /dev/sr0: Can't open blockdev [ 137.665687][ T40] audit: type=1400 audit(2000524819.297:63): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=15184 comm="syz.2.4557" [ 138.137422][T15225] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4577'. [ 138.299944][T15235] trusted_key: encrypted_key: master key parameter 'trusted:' is invalid [ 138.334584][ C2] net_ratelimit: 37755 callbacks suppressed [ 138.334599][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 138.334749][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 138.337078][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 138.344531][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 138.347597][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 138.353364][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 138.357278][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 138.362371][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 138.366177][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 138.371280][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 138.555124][ T40] audit: type=1326 audit(2000524820.129:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15260 comm="syz.3.4596" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000 [ 138.564690][ T40] audit: type=1326 audit(2000524820.129:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15260 comm="syz.3.4596" exe="/syz-executor" sig=0 arch=40000003 syscall=433 compat=1 ip=0xf7f74579 code=0x7ffc0000 [ 138.584318][ T40] audit: type=1326 audit(2000524820.129:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15260 comm="syz.3.4596" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000 [ 138.612494][ T40] audit: type=1326 audit(2000524820.129:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15260 comm="syz.3.4596" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f74579 code=0x7ffc0000 [ 138.725007][T15273] syz.3.4604 uses obsolete (PF_INET,SOCK_PACKET) [ 139.093674][T15301] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4615'. [ 139.603146][T15339] netlink: 'syz.1.4633': attribute type 1 has an invalid length. [ 140.144180][T15378] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4652'. [ 140.430780][T15401] /dev/nullb0: Can't open blockdev [ 140.624805][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 140.718555][ T40] audit: type=1326 audit(2000524822.150:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15415 comm="syz.2.4670" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x7ffc0000 [ 140.746477][T15414] netlink: 'syz.3.4671': attribute type 2 has an invalid length. [ 140.798639][T15418] /dev/sg0: Can't lookup blockdev [ 140.904950][T15420] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4672'. [ 141.205217][T15441] netlink: 'syz.1.4683': attribute type 4 has an invalid length. [ 141.207831][T15441] netlink: 152 bytes leftover after parsing attributes in process `syz.1.4683'. [ 141.260727][T15441] .`: renamed from bond0 (while UP) [ 141.680461][T15470] netlink: 'syz.1.4697': attribute type 11 has an invalid length. [ 141.691391][T15470] netlink: 'syz.1.4697': attribute type 11 has an invalid length. [ 141.694825][T15470] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4697'. [ 142.429158][T15533] netlink: 260 bytes leftover after parsing attributes in process `syz.2.4724'. [ 143.417182][T15608] cgroup: Need name or subsystem set [ 143.463758][T15612] bridge1: entered promiscuous mode [ 143.474347][T15612] bridge1: entered allmulticast mode [ 143.561430][T15623] netlink: 'syz.0.4762': attribute type 21 has an invalid length. [ 143.690567][ C2] net_ratelimit: 35371 callbacks suppressed [ 143.690581][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 143.690599][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 143.693468][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 143.699639][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 143.702114][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 143.707771][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 143.711420][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 143.716787][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 143.722033][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 143.727485][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 143.947123][ T1026] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 144.118279][ T1026] usb 5-1: Using ep0 maxpacket: 8 [ 144.122680][ T1026] usb 5-1: config 0 has an invalid interface number: 55 but max is 0 [ 144.125578][ T1026] usb 5-1: config 0 has no interface number 0 [ 144.128098][ T1026] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 144.143991][ T1026] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 144.154336][ T1026] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 144.170116][ T1026] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 144.182688][ T1026] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 144.188370][ T1026] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.195570][ T1026] usb 5-1: config 0 descriptor?? [ 144.220492][ T1026] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 144.443694][ T1026] usb 5-1: USB disconnect, device number 6 [ 144.462899][ T1026] ldusb 5-1:0.55: LD USB Device #0 now disconnected [ 144.877146][ C2] sched: DL replenish lagged too much [ 145.827770][T15768] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 145.850620][T15768] overlayfs: overlapping lowerdir path [ 146.354627][T15810] libceph: resolve '0.' (ret=-3): failed [ 146.509961][T15826] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4860'. [ 146.743273][T15834] netlink: 'syz.2.4866': attribute type 11 has an invalid length. [ 146.759768][T15834] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4866'. [ 146.826589][T15840] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 146.832645][T15843] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4871'. [ 147.285394][T15885] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4890'. [ 147.318228][T15885] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 147.337454][T15887] program syz.3.4889 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 147.430149][T15897] ufs: failed to set blocksize [ 147.437455][T15899] : entered promiscuous mode [ 147.687451][T15921] efs: cannot read volume header [ 148.143178][T15965] /dev/nullb0: Can't open blockdev [ 148.571740][T15997] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4944'. [ 148.716759][T16010] program syz.3.4951 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 148.913455][T16027] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4959'. [ 149.046492][ C2] net_ratelimit: 43323 callbacks suppressed [ 149.046511][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 149.046567][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 149.049639][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 149.053962][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 149.059164][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 149.065845][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 149.067108][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 149.071859][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 149.075797][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 149.081078][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 149.739924][T16090] QAT: Device 253 not found [ 149.996660][T16101] tmpfs: Bad value for 'mpol' [ 150.014795][T16103] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4995'. [ 150.403049][T16133] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 150.417079][T16133] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 150.420708][T16133] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 150.444935][T16137] ieee802154 phy1 wpan1: encryption failed: -90 [ 150.677126][T16152] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5019'. [ 150.697610][T16156] netlink: 180 bytes leftover after parsing attributes in process `syz.3.5021'. [ 150.706293][T16154] process 'syz.2.5020' launched '/dev/fd/3' with NULL argv: empty string added [ 150.743695][T16159] netlink: 17 bytes leftover after parsing attributes in process `syz.3.5022'. [ 150.927368][T16174] netlink: 'syz.3.5028': attribute type 3 has an invalid length. [ 151.149786][T16190] x_tables: ip6_tables: SNPT target: used from hooks FORWARD, but only usable from INPUT/POSTROUTING [ 151.541724][T16221] netlink: 'syz.3.5031': attribute type 3 has an invalid length. [ 151.544999][T16221] netlink: 'syz.3.5031': attribute type 1 has an invalid length. [ 151.559077][T16221] NCSI netlink: No device for ifindex 0 [ 151.665400][T16232] bond2: option arp_validate: invalid value (18446744073709551615) [ 151.698961][T16232] bond2 (unregistering): Released all slaves [ 151.988351][T16260] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 152.043682][T16268] xt_addrtype: ipv6 BLACKHOLE matching not supported [ 152.212517][T16285] sctp: [Deprecated]: syz.1.5081 (pid 16285) Use of struct sctp_assoc_value in delayed_ack socket option. [ 152.212517][T16285] Use struct sctp_sack_info instead [ 152.241970][T16288] __nla_validate_parse: 3 callbacks suppressed [ 152.241981][T16288] netlink: 772 bytes leftover after parsing attributes in process `syz.3.5080'. [ 152.342621][T16297] netlink: 'syz.1.5085': attribute type 1 has an invalid length. [ 152.484218][T16313] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5092'. [ 152.575431][T16320] CIFS mount error: No usable UNC path provided in device string! [ 152.575431][T16320] [ 152.580433][T16320] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 152.949364][T16355] ceph: No source [ 152.978341][T16356] netlink: 'syz.3.5113': attribute type 12 has an invalid length. [ 152.983116][T16356] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5113'. [ 153.062655][T16367] netlink: 'syz.3.5118': attribute type 9 has an invalid length. [ 154.111095][T16457] netlink: 'syz.1.5162': attribute type 3 has an invalid length. [ 154.214538][T16469] netlink: 'syz.3.5165': attribute type 1 has an invalid length. [ 154.217388][T16469] netlink: 216 bytes leftover after parsing attributes in process `syz.3.5165'. [ 154.402574][ C2] net_ratelimit: 31673 callbacks suppressed [ 154.402583][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 154.402593][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 154.402904][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 154.405481][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 154.410725][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 154.416740][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 154.421299][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 154.426283][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 154.431228][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 154.435837][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 154.469821][T16491] netlink: 'syz.1.5178': attribute type 1 has an invalid length. [ 154.473319][T16491] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5178'. [ 154.478108][T16490] netlink: 'syz.0.5177': attribute type 10 has an invalid length. [ 154.487123][T16494] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 154.489383][T16494] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 154.495405][T16494] vhci_hcd vhci_hcd.0: Device attached [ 154.501980][T16495] vhci_hcd: unknown pdu 2 [ 154.504233][ T104] vhci_hcd: stop threads [ 154.505769][ T104] vhci_hcd: release socket [ 154.507303][ T104] vhci_hcd: disconnect device [ 154.667017][T16509] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.5186'. [ 154.770162][T16519] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 154.821772][T16522] delete_channel: no stack [ 154.876753][T16528] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5190'. [ 155.002507][T16539] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5201'. [ 155.258256][T16553] i2c i2c-1: Invalid block write size 34 [ 155.857865][T16600] libceph: resolve '400' (ret=-3): failed [ 155.937229][T16606] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5230'. [ 156.093830][T16618] dummy0: entered allmulticast mode [ 156.096698][T16616] dummy0: left allmulticast mode [ 156.193603][T16626] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5240'. [ 156.796599][T16670] tmpfs: Bad value for 'mpol' [ 157.166349][T16684] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 157.169424][T16684] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 157.192206][T16684] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 157.195828][T16684] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 157.220867][T16684] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 157.223651][T16684] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 157.258551][T16684] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 157.288318][T16684] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 157.291402][T16684] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 157.317398][T16684] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 157.698647][T16717] IPv6: Can't replace route, no match found [ 159.341716][ T6247] Bluetooth: hci1: command 0x0406 tx timeout [ 159.344480][ T6247] Bluetooth: hci0: command 0x0c1a tx timeout [ 159.376700][T16806] __nla_validate_parse: 4 callbacks suppressed [ 159.376719][T16806] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5324'. [ 159.427163][ T6247] Bluetooth: hci2: command 0x0c1a tx timeout [ 159.429949][ T64] Bluetooth: hci3: command 0x0c1a tx timeout [ 159.528285][T16814] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5329'. [ 159.758604][ C2] net_ratelimit: 29865 callbacks suppressed [ 159.758622][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 159.758741][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 159.761567][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 159.765359][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 159.770256][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 159.773969][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 159.778002][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 159.782314][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 159.785579][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 159.789404][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 160.274115][T16868] validate_nla: 1 callbacks suppressed [ 160.274133][T16868] netlink: 'syz.1.5356': attribute type 1 has an invalid length. [ 160.280200][T16868] netlink: 228 bytes leftover after parsing attributes in process `syz.1.5356'. [ 160.284349][T16868] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5356'. [ 160.608028][T16886] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5364'. [ 160.866796][T16900] nftables ruleset with unbound set [ 160.954890][T16906] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5374'. [ 160.975169][T16906] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5374'. [ 161.569901][ T6247] Bluetooth: hci1: command 0x0406 tx timeout [ 161.572352][ T64] Bluetooth: hci0: command 0x0c1a tx timeout [ 161.667439][ T6247] Bluetooth: hci2: command 0x0c1a tx timeout [ 161.670231][ T64] Bluetooth: hci3: command 0x0c1a tx timeout [ 162.120745][T16979] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5410'. [ 162.126156][T16979] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5410'. [ 162.133908][T16979] geneve2: entered promiscuous mode [ 162.146437][T16979] geneve2: entered allmulticast mode [ 162.214270][T16985] delete_channel: no stack [ 163.131623][T17038] net veth1_virt_wifi : renamed from virt_wifi0 [ 163.522492][T17058] cgroup: subsys name conflicts with all [ 163.840081][T17085] netlink: 'syz.0.5458': attribute type 2 has an invalid length. [ 163.849077][T17085] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5458'. [ 163.874744][ T6247] Bluetooth: hci2: command 0x0c1a tx timeout [ 163.877512][ T64] Bluetooth: hci3: command 0x0c1a tx timeout [ 164.729694][T17146] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5491'. [ 164.737109][T17151] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.5490'. [ 165.049360][T17171] ipt_ECN: cannot use operation on non-tcp rule [ 165.114555][ C0] net_ratelimit: 38712 callbacks suppressed [ 165.114568][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 165.114756][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 165.116756][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 165.120817][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 165.124483][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 165.129189][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 165.133068][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 165.136959][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 165.140670][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 165.144120][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 165.726869][T17201] netlink: 'syz.1.5516': attribute type 8 has an invalid length. [ 165.893058][T17215] xt_TCPMSS: Only works on TCP SYN packets [ 165.958090][T17219] netlink: 14 bytes leftover after parsing attributes in process `syz.0.5525'. [ 166.617451][T17257] netlink: 'syz.1.5543': attribute type 3 has an invalid length. [ 167.451127][T17291] cgroup: noprefix used incorrectly [ 168.067503][T17342] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5583'. [ 168.227473][T17354] netlink: 48 bytes leftover after parsing attributes in process `syz.0.5587'. [ 168.478907][T17369] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5598'. [ 168.487879][T17369] netlink: 60 bytes leftover after parsing attributes in process `syz.0.5598'. [ 168.491591][T17369] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5598'. [ 168.522217][T17369] netlink: 60 bytes leftover after parsing attributes in process `syz.0.5598'. [ 168.535546][T17369] netlink: 104 bytes leftover after parsing attributes in process `syz.0.5598'. [ 169.874057][T17450] syz.1.5637: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 169.879042][T17450] CPU: 1 UID: 0 PID: 17450 Comm: syz.1.5637 Not tainted syzkaller #0 PREEMPT(full) [ 169.879069][T17450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 169.879079][T17450] Call Trace: [ 169.879085][T17450] [ 169.879092][T17450] dump_stack_lvl+0x16c/0x1f0 [ 169.879110][T17450] warn_alloc+0x248/0x3a0 [ 169.879123][T17450] ? __pfx_warn_alloc+0x10/0x10 [ 169.879134][T17450] ? lockdep_hardirqs_on+0x7c/0x110 [ 169.879152][T17450] ? kasan_save_stack+0x42/0x60 [ 169.879167][T17450] ? kasan_save_stack+0x33/0x60 [ 169.879179][T17450] ? kasan_save_track+0x14/0x30 [ 169.879192][T17450] ? xskq_create+0x52/0x1d0 [ 169.879200][T17450] ? xsk_setsockopt+0x932/0xc00 [ 169.879215][T17450] ? do_sock_setsockopt+0xf3/0x1d0 [ 169.879230][T17450] ? xskq_create+0xfb/0x1d0 [ 169.879239][T17450] __vmalloc_node_range_noprof+0xfbc/0x1480 [ 169.879261][T17450] ? xskq_create+0xfb/0x1d0 [ 169.879274][T17450] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 169.879294][T17450] ? xskq_create+0xfb/0x1d0 [ 169.879303][T17450] vmalloc_user_noprof+0x9e/0xe0 [ 169.879317][T17450] ? xskq_create+0xfb/0x1d0 [ 169.879327][T17450] xskq_create+0xfb/0x1d0 [ 169.879337][T17450] xsk_setsockopt+0x932/0xc00 [ 169.879354][T17450] ? __pfx_xsk_setsockopt+0x10/0x10 [ 169.879373][T17450] ? aa_sock_opt_perm+0xfd/0x1b0 [ 169.879386][T17450] ? __pfx_xsk_setsockopt+0x10/0x10 [ 169.879403][T17450] do_sock_setsockopt+0xf3/0x1d0 [ 169.879423][T17450] __sys_setsockopt+0x120/0x1a0 [ 169.879442][T17450] __ia32_sys_setsockopt+0xbc/0x160 [ 169.879457][T17450] ? __do_fast_syscall_32+0x9a/0x680 [ 169.879475][T17450] ? lockdep_hardirqs_on+0x7c/0x110 [ 169.879491][T17450] __do_fast_syscall_32+0xe8/0x680 [ 169.879505][T17450] do_fast_syscall_32+0x32/0x80 [ 169.879518][T17450] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 169.879531][T17450] RIP: 0023:0xf705d579 [ 169.879540][T17450] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 169.879550][T17450] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 169.879561][T17450] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000011b [ 169.879567][T17450] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004 [ 169.879573][T17450] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 169.879579][T17450] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 169.879584][T17450] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 169.879597][T17450] [ 169.879602][T17450] Mem-Info: [ 169.977462][T17450] active_anon:5011 inactive_anon:4236 isolated_anon:0 [ 169.977462][T17450] active_file:5148 inactive_file:11397 isolated_file:0 [ 169.977462][T17450] unevictable:1768 dirty:458 writeback:0 [ 169.977462][T17450] slab_reclaimable:6052 slab_unreclaimable:53136 [ 169.977462][T17450] mapped:23398 shmem:2323 pagetables:1267 [ 169.977462][T17450] sec_pagetables:317 bounce:0 [ 169.977462][T17450] kernel_misc_reclaimable:0 [ 169.977462][T17450] free:76065 free_pcp:18885 free_cma:0 [ 169.993206][T17450] Node 0 active_anon:292kB inactive_anon:0kB active_file:1332kB inactive_file:52kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:84kB dirty:44kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9200kB pagetables:1140kB sec_pagetables:1180kB all_unreclaimable? yes Balloon:0kB [ 170.006907][T17450] Node 1 active_anon:19852kB inactive_anon:16944kB active_file:19260kB inactive_file:45536kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:93408kB dirty:1788kB writeback:0kB shmem:5756kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:3672kB pagetables:4028kB sec_pagetables:88kB all_unreclaimable? no Balloon:0kB [ 170.019506][T17450] Node 0 DMA free:2064kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:532kB local_pcp:168kB free_cma:0kB [ 170.029600][T17450] lowmem_reserve[]: 0 291 291 291 291 [ 170.031520][T17450] Node 0 DMA32 free:16812kB boost:0kB min:13448kB low:16808kB high:20168kB reserved_highatomic:2048KB free_highatomic:360KB active_anon:292kB inactive_anon:0kB active_file:1332kB inactive_file:52kB unevictable:3536kB writepending:44kB zspages:0kB present:1032196kB managed:298560kB mlocked:0kB bounce:0kB free_pcp:13788kB local_pcp:3680kB free_cma:0kB [ 170.048177][T17450] lowmem_reserve[]: 0 0 0 0 0 [ 170.050233][T17450] Node 1 DMA32 free:285884kB boost:8192kB min:55336kB low:67120kB high:78904kB reserved_highatomic:0KB free_highatomic:0KB active_anon:19852kB inactive_anon:16944kB active_file:19260kB inactive_file:45536kB unevictable:3536kB writepending:1788kB zspages:1592kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:61232kB local_pcp:20012kB free_cma:0kB [ 170.061526][T17450] lowmem_reserve[]: 0 0 0 0 0 [ 170.063229][T17450] Node 0 DMA: 22*4kB (UM) 19*8kB (U) 14*16kB (UM) 6*32kB (UM) 0*64kB 1*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2064kB [ 170.068836][T17450] Node 0 DMA32: 163*4kB (UMEH) 88*8kB (UMEH) 36*16kB (UMEH) 85*32kB (UMEH) 66*64kB (UMEH) 22*128kB (UME) 8*256kB (UME) 4*512kB (UM) 1*1024kB (U) 0*2048kB 0*4096kB = 16812kB [ 170.076441][T17450] Node 1 DMA32: 279*4kB (UME) 59*8kB (ME) 93*16kB (UME) 201*32kB (UME) 293*64kB (UME) 290*128kB (UME) 104*256kB (UME) 66*512kB (UME) 45*1024kB (UM) 23*2048kB (UM) 16*4096kB (U) = 284516kB [ 170.082565][T17450] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 170.086903][T17450] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 170.091056][T17450] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 170.094915][T17450] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 170.101629][T17450] 18973 total pagecache pages [ 170.103542][T17450] 110 pages in swap cache [ 170.105384][T17450] Free swap = 122828kB [ 170.107527][T17450] Total swap = 124996kB [ 170.109304][T17450] 524155 pages RAM [ 170.110879][T17450] 0 pages HighMem/MovableOnly [ 170.112825][T17450] 208620 pages reserved [ 170.114631][T17450] 0 pages cma reserved [ 170.125000][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.470586][ C2] net_ratelimit: 38501 callbacks suppressed [ 170.470599][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 170.470739][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 170.473222][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 170.478005][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 170.482429][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 170.486923][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 170.491348][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 170.496729][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 170.499698][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 170.504765][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 170.574725][T17490] netlink: 'syz.2.5656': attribute type 1 has an invalid length. [ 170.590268][T17490] netlink: 228 bytes leftover after parsing attributes in process `syz.2.5656'. [ 170.593747][T17492] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5655'. [ 170.598381][T17492] netlink: 5 bytes leftover after parsing attributes in process `syz.1.5655'. [ 170.743861][T17496] netlink: 'syz.0.5657': attribute type 4 has an invalid length. [ 170.747169][T17496] netlink: 17 bytes leftover after parsing attributes in process `syz.0.5657'. [ 170.861517][T17495] /dev/sr0: Can't open blockdev [ 171.885735][T17577] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5699'. [ 172.945786][T17615] netlink: 'syz.1.5715': attribute type 2 has an invalid length. [ 173.435386][T17641] tipc: Trying to set illegal importance in message [ 173.638889][T17656] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5734'. [ 173.786093][T17667] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5742'. [ 173.962833][ T64] Bluetooth: hci2: Malformed LE Event: 0x0b [ 175.311251][T17752] ieee802154 phy1 wpan1: encryption failed: -22 [ 175.826535][ C0] net_ratelimit: 34661 callbacks suppressed [ 175.826547][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 175.826569][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 175.828659][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 175.832823][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 175.836932][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 175.841475][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 175.845310][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 175.850331][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 175.855097][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 175.860012][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 175.901767][T17794] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING [ 176.422101][T17821] binder: 17814:17821 ioctl c0306201 80000480 returned -22 [ 176.593428][T17834] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 176.663218][T17845] comedi comedi3: comedi_config --init_data is deprecated [ 177.189776][T17887] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5843'. [ 177.205226][T17889] netlink: 'syz.3.5844': attribute type 1 has an invalid length. [ 177.390907][T17904] ata1.00: invalid multi_count 1 ignored [ 177.531510][ T64] Bluetooth: hci1: unexpected event for opcode 0x1005 [ 177.568680][T17918] netlink: 'syz.3.5858': attribute type 12 has an invalid length. [ 177.907822][T17938] netlink: 'syz.2.5868': attribute type 1 has an invalid length. [ 178.218896][T17968] lo speed is unknown, defaulting to 1000 [ 178.244876][T17968] lo speed is unknown, defaulting to 1000 [ 178.249210][T17968] lo speed is unknown, defaulting to 1000 [ 178.439559][ T920] lo speed is unknown, defaulting to 1000 [ 178.442765][T17968] infiniband syz0: set down [ 178.445156][T17968] infiniband syz0: added lo [ 178.542554][T17968] RDS/IB: syz0: added [ 178.551002][T17968] smc: adding ib device syz0 with port count 1 [ 178.559075][T17968] smc: ib device syz0 port 1 has no pnetid [ 178.567254][ T920] lo speed is unknown, defaulting to 1000 [ 178.577337][T17968] lo speed is unknown, defaulting to 1000 [ 178.731724][T17990] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5894'. [ 178.859839][T17968] lo speed is unknown, defaulting to 1000 [ 179.080647][ T3732] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.084615][ T3732] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.095484][ T3732] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.109879][ T12] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 179.114054][T17968] lo speed is unknown, defaulting to 1000 [ 179.387648][T17968] lo speed is unknown, defaulting to 1000 [ 181.164524][T18132] bridge3: entered promiscuous mode [ 181.182486][ C2] net_ratelimit: 37788 callbacks suppressed [ 181.182497][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 181.182510][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 181.184767][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 181.190007][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 181.194180][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 181.199183][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 181.203326][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 181.207781][ C0] bridge0: received packet on  with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 181.211859][ C2] bridge0: received packet on veth0_to_bridge with own address as source address (addr:0a:35:6f:fc:38:02, vlan:0) [ 181.216074][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 181.695170][T18166] cgroup: No subsys list or none specified [ 182.362296][T18203] netlink: 'syz.1.5995': attribute type 21 has an invalid length. [ 182.365026][T18203] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5995'. [ 182.430554][T18207] cgroup: Invalid name [ 183.187760][T18245] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6017'. [ 183.769701][T18295] netlink: 'syz.2.6040': attribute type 1 has an invalid length. [ 183.773242][T18295] netlink: 224 bytes leftover after parsing attributes in process `syz.2.6040'. [ 184.393138][T18337] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6067'. [ 184.733957][T18373] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] SMP KASAN NOPTI [ 184.739318][T18373] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047] [ 184.743111][T18373] CPU: 1 UID: 0 PID: 18373 Comm: syz.1.6078 Not tainted syzkaller #0 PREEMPT(full) [ 184.747292][T18373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 184.751997][T18373] RIP: 0010:fd_install+0x5e/0x570 [ 184.754330][T18373] Code: c1 ea 03 80 3c 02 00 0f 85 df 04 00 00 48 8d 7d 40 4d 8b ac 24 48 09 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 08 04 00 00 44 8b 65 40 31 ff [ 184.762514][T18373] RSP: 0018:ffffc900257cfce0 EFLAGS: 00010202 [ 184.765225][T18373] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: ffffc90029e34000 [ 184.768620][T18373] RDX: 0000000000000008 RSI: ffffffff82407e1e RDI: 0000000000000041 [ 184.772116][T18373] RBP: 0000000000000001 R08: 0000000000000007 R09: fffffffffffff000 [ 184.775528][T18373] R10: 0000000000000001 R11: 00000000412a9116 R12: ffff8880500ec980 [ 184.778970][T18373] R13: ffff888022e6c000 R14: 00000000ffffffe2 R15: ffff88804b9a8020 [ 184.782308][T18373] FS: 0000000000000000(0000) GS:ffff888097aa5000(0063) knlGS:00000000f544db40 [ 184.786179][T18373] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 184.789131][T18373] CR2: 00000000f7426288 CR3: 0000000056529000 CR4: 0000000000352ef0 [ 184.792481][T18373] Call Trace: [ 184.793972][T18373] [ 184.795315][T18373] do_mq_open+0x558/0xa20 [ 184.797282][T18373] ? __pfx_do_mq_open+0x10/0x10 [ 184.799416][T18373] __ia32_compat_sys_mq_open+0x154/0x280 [ 184.801899][T18373] ? __pfx___ia32_compat_sys_mq_open+0x10/0x10 [ 184.804609][T18373] ? fput+0x70/0xf0 [ 184.806389][T18373] __do_fast_syscall_32+0xe8/0x680 [ 184.808819][T18373] do_fast_syscall_32+0x32/0x80 [ 184.810970][T18373] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 184.813417][T18373] RIP: 0023:0xf705d579 [ 184.815560][T18373] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 184.824036][T18373] RSP: 002b:00000000f544d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000115 [ 184.827707][T18373] RAX: ffffffffffffffda RBX: 00000000800001c0 RCX: 00000000000008c2 [ 184.831189][T18373] RDX: 0000000000000030 RSI: 0000000080000080 RDI: 0000000000000000 [ 184.834547][T18373] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 184.837587][T18373] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 184.840530][T18373] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 184.843656][T18373] [ 184.844978][T18373] Modules linked in: [ 184.846808][T18373] ---[ end trace 0000000000000000 ]--- [ 184.853305][T18373] RIP: 0010:fd_install+0x5e/0x570 [ 184.855537][T18373] Code: c1 ea 03 80 3c 02 00 0f 85 df 04 00 00 48 8d 7d 40 4d 8b ac 24 48 09 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 08 04 00 00 44 8b 65 40 31 ff [ 184.862929][T18373] RSP: 0018:ffffc900257cfce0 EFLAGS: 00010202 [ 184.865398][T18373] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: ffffc90029e34000 [ 184.869057][T18373] RDX: 0000000000000008 RSI: ffffffff82407e1e RDI: 0000000000000041 [ 184.872243][T18373] RBP: 0000000000000001 R08: 0000000000000007 R09: fffffffffffff000 [ 184.875448][T18373] R10: 0000000000000001 R11: 00000000412a9116 R12: ffff8880500ec980 [ 184.878673][T18373] R13: ffff888022e6c000 R14: 00000000ffffffe2 R15: ffff88804b9a8020 [ 184.881989][T18373] FS: 0000000000000000(0000) GS:ffff888097aa5000(0063) knlGS:00000000f544db40 [ 184.885428][T18373] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 184.887976][T18373] CR2: 00000000f741daa8 CR3: 0000000056529000 CR4: 0000000000352ef0 [ 184.891160][T18373] Kernel panic - not syncing: Fatal exception [ 184.894266][T18373] Kernel Offset: disabled [ 184.895857][T18373] Rebooting in 86400 seconds..