last executing test programs: 12.079599803s ago: executing program 2 (id=1896): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) connect$netlink(r1, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_GET_STATS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) sendmsg$NFT_BATCH(r0, 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)={0x40, 0x0, 0x7, 0x801, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}, @NFACCT_PKTS={0xc}, @NFACCT_QUOTA={0xc}]}, 0x40}, 0x1, 0x0, 0x0, 0x4001}, 0x4000000) socket$netlink(0x10, 0x3, 0x0) 12.008133138s ago: executing program 2 (id=1897): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="850000000500000004000000000000009500000000000000fe2fbcb7386e696dfcefc925d5cbc0f2fce5c04f7e5eb2123d682a69d2ad0850f50dc6f84bdc02d267dbf0bdb91808cde4145c9f786bb527c4a6cc641b0630982968c85c03d841129f1bb403975f30a6b689dac570b5105cf075425fd6190297257ef581740b4e2a868a2b4e97da67b7a1887d09f58a9aeb824363f6e5c671b73419017b9c7d639dc6ed859108dd3e5f3652523602ac79ad78a0910a942c52f53a97f58d2c83c39d93b6bd2e702882c7a45d2c72eb5bd2558396927b7b9b8fe9a24b4b1e51c3f4d2c0f00c125d3db433abba7150882c3ec9b62d43"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x64}, 0x48) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000000)=r1, 0x4) sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000880)={0x14, 0x1, 0xa, 0x201}, 0x14}}, 0x0) io_uring_setup(0x336b, &(0x7f00000000c0)) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) poll(0x0, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-generic\x00'}, 0x58) r3 = accept4(r2, 0x0, 0x0, 0x0) sendmmsg$inet(r3, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f00000005c0)="96a67b36bd06304a08a67f14f6c3881ca6167592ce060670a396f8ab05ace2caca6b2a9ecf3471d2", 0x28}, {&(0x7f0000000500)="fc484e55021886bb", 0x7fffefd8}], 0x2}}], 0x1, 0x0) 11.528828103s ago: executing program 2 (id=1898): openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000500)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904", @ANYRES64=r1], 0x0) syz_usb_control_io(r2, 0x0, &(0x7f00000010c0)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB="00000100000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x20004000) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x3, 0x5, &(0x7f0000002800)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x4f}, @call={0x85, 0x0, 0x0, 0x8}]}, &(0x7f0000000040)='GPL\x00', 0x7, 0xfff, &(0x7f0000000240)=""/4095}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001500)={r5, 0x0, 0xe, 0x96, &(0x7f0000001580)="7bff3d3123384c5e301d61177732b6b7f4da65440eb316591fc72da6ee754701abed46fca8cdbbbbd2bbcefcce31a2dab5be6f0117fa8de646ead59773d0717f599ba017b6f19f483161bce4b283cedb85fcd15a914bc740c5134a1651d6c5850a9afcd1b07b31f10eeea611b60be2d8506811c95e2b2d125900e839578248f635da1eb931dfacf78ace469fdba5f757c27ebf7cc1d063e5cc8a3a85783ef06e0c0004c6e90faa8e215bfec5d8e5f928966106e5e5995deac7f87e05e7d344ce428354a2034e443d6ef2ab961343623e614d4bf9df", &(0x7f0000001440)=""/150, 0x0, 0x0, 0x79, 0x3, &(0x7f0000000180)="edc731f46e2fade7b621e460c7575533ca75f3940e7d2f0e8048b9bec2db1e5aec2ea44ad0f15d22991608bbfe092e1cebb77130ddb70b0acbed37c71830599fe344e591abd5f72778eb42d0f6ea69240f4cd429d2fa74797092b12742a1a003527b90181a0dd4ea34b9cd80b1ed26afad4d51a98f2d5904a1", &(0x7f0000001240)="0da951", 0x0, 0x9}, 0x28) syz_emit_vhci(&(0x7f0000000b80)=ANY=[@ANYBLOB="041817aaaaaaaaaa10ea"], 0x1a) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="4400000010000104001007fb5c360dff9fe30000", @ANYRES32=r4, @ANYBLOB="01000000000c0000240012000c000100627269646765000e14000200080007004a9a0020080027"], 0x44}}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000280)={0x1}, 0x10) r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r9, 0xae60) ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x2) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000080)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8], 0x0) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) r11 = dup(r10) ioctl$KVM_SET_MSRS(r11, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000200000071000040"]) ioctl$sock_SIOCOUTQNSD(r7, 0x894b, &(0x7f0000000040)) getsockname$packet(r3, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b000100677265746170000014000280080004000104000005000a000100000008000a00", @ANYRES32=r12], 0x4c}}, 0x0) sendmsg$nl_route(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB='@'], 0x85}}, 0x0) 9.535454181s ago: executing program 2 (id=1915): syz_genetlink_get_family_id$ieee802154(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$alg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route_sched_retired(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x9, [@func_proto]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, 0x0]}}, &(0x7f0000000180)=""/129, 0x2d, 0x81, 0x1}, 0x20) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r2, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r1, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0) sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000a00)={0x0, 0x1c}}, 0x0) 9.485734683s ago: executing program 2 (id=1917): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000004340)={0x6, 0xd, &(0x7f00000007c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) 9.310459006s ago: executing program 2 (id=1919): capset(0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x3ff, &(0x7f0000000500)=0x0) io_submit(r2, 0x2, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)='m', 0xfffffdfc}]) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockname$inet6(r3, 0x0, &(0x7f0000000080)) io_destroy(r2) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, 0x0, 0x0) fcntl$setstatus(r1, 0x4, 0x42800) getsockname$netlink(r0, 0x0, 0x0) read$FUSE(r0, &(0x7f0000003240)={0x2020}, 0x2020) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffffb}]}) 7.382152567s ago: executing program 1 (id=1947): r0 = socket(0x1d, 0x2, 0x6) bind$can_j1939(r0, &(0x7f0000000000)={0x1d, 0x0, 0x20000}, 0x18) 7.28991361s ago: executing program 1 (id=1948): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$FS_IOC_FSSETXATTR(r0, 0x5411, &(0x7f0000000240)) 7.209906453s ago: executing program 1 (id=1949): r0 = syz_open_procfs(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x100800001) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8, 0x2}}}, 0x7) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3) connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) write$binfmt_script(r2, &(0x7f0000000200), 0xfffffd9d) syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x1, 0xa}, {0x0, 0x7, 0xffff, 0x0, 0x7}}}}, 0x17) syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) syz_emit_vhci(0x0, 0x0) syz_open_dev$usbmon(&(0x7f0000000280), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) 4.207489543s ago: executing program 1 (id=1963): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x300, 0x4) connect$inet(r0, &(0x7f0000001bc0)={0x2, 0x4e23, @loopback}, 0x10) syz_open_dev$loop(&(0x7f0000000200), 0x6ff, 0xc0000) r1 = socket$rds(0x15, 0x5, 0x0) r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r2, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000300)) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000003c0)=""/75, 0x0}) r4 = dup(r3) ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x0, r4}) pselect6(0x40, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x0, &(0x7f0000000680)={0xff}, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000040)={&(0x7f0000002200)=[0x0], 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, r6}) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r9, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r7], 0x3c}}, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto(r0, &(0x7f0000000440)="1db4d479c5faee911d50fbdf12a30d564a0e992d5f77ad426077a9f0ca1475183db32443011ff101251bcef8f165533aacd8c755793dc1ae99ad602c7cca2944de604d849a1e3b22905b0d26e9ff30b83f38a29b2530d22bdb6e73ef2a359249c3e29408dd3e0eb42bf3d6ecf7d9f6a38e6c0818e746843a829db24da275daaa1af5754e2aba22b617f1367566fd3b8892e4774e", 0x94, 0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) 3.500736498s ago: executing program 3 (id=1974): r0 = socket(0x1, 0x803, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x31, &(0x7f0000000000), 0x20000000) 3.500440092s ago: executing program 3 (id=1975): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4}) creat(&(0x7f0000000000)='./file0\x00', 0x0) 3.37903313s ago: executing program 3 (id=1977): sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) syz_open_dev$evdev(0x0, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15) dup(r2) socket$nl_netfilter(0x10, 0x3, 0xc) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil) madvise(&(0x7f0000003000/0x1000)=nil, 0x7f7884acbfff, 0x14) 3.15746061s ago: executing program 0 (id=1981): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = dup2(r0, r0) close_range(r0, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x48c}]}) 3.02050414s ago: executing program 0 (id=1982): bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)="275380206f2b336307006b030000006bca7c05537167", 0x0}, 0x38) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000740), 0x0, 0x2, r0}, 0x38) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='rdma.current\x00', 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x6225, 0x3ff, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r1}, 0x38) bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000740), 0x0, 0x2, r1}, 0x38) 2.685574174s ago: executing program 0 (id=1983): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000d00000095"], &(0x7f0000000700)='GPL\x00'}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r0, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8a85009a10d943a, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffff81, 0x14, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x64) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000780)={r1}, 0x4) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={@ifindex, r2, 0x2f, 0x0, 0xffffffffffffffff, @prog_id}, 0x20) 1.333965516s ago: executing program 3 (id=1984): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0x3}, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x12, 0xa01, 0x0, 0x0, {0x7}}, 0x14}}, 0x0) 364.462891ms ago: executing program 3 (id=1985): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4}) creat(&(0x7f0000000000)='./file0\x00', 0x0) 364.236428ms ago: executing program 0 (id=1986): sendmsg$DEVLINK_CMD_PORT_SPLIT(0xffffffffffffffff, 0x0, 0x0) syz_emit_vhci(0x0, 0xd) syz_open_dev$sg(0x0, 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1000, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1) 279.573454ms ago: executing program 1 (id=1987): r0 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x60002) ioctl$SCSI_IOCTL_DOORUNLOCK(r0, 0x5381) 266.784433ms ago: executing program 3 (id=1988): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = eventfd(0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r2}) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x0, 0x3}) 140.371885ms ago: executing program 0 (id=1989): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = dup2(r0, r0) close_range(r0, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000140)={0x1, 0x0, [{0x48c}]}) 89.459728ms ago: executing program 1 (id=1990): bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)="275380206f2b336307006b030000006bca7c05537167", 0x0}, 0x38) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000740), 0x0, 0x2, r0}, 0x38) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='rdma.current\x00', 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x6225, 0x3ff, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r1}, 0x38) bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000740), 0x0, 0x2, r1}, 0x38) 0s ago: executing program 0 (id=1991): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = shmget$private(0x0, 0x2000, 0x2, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_RMID(r1, 0x0) r2 = socket$l2tp6(0xa, 0x2, 0x73) setsockopt$inet6_int(r2, 0x29, 0x10, &(0x7f00000002c0), 0x4) sendmmsg$inet6(r2, &(0x7f0000002300)=[{{&(0x7f0000000500)={0xa, 0x0, 0x0, @local}, 0x1c, 0x0}}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000040), &(0x7f0000000080)=0x8) ioctl$sock_TIOCINQ(r2, 0x541b, &(0x7f0000000140)) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x0) lseek(r3, 0x1f, 0x0) r4 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_TTY_GET(r4, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2ad738b23344a140}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x10, 0x3f8, 0x200, 0x70bd27, 0x25dfdbfd, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4000}, 0x20008081) getdents(r3, 0x0, 0x1800) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000000), &(0x7f00000000c0)=0x8) kernel console output (not intermixed with test programs): interface batadv_slave_1 (retrying later): interface not active [ 101.585690][ T4639] Bluetooth: hci2: command tx timeout [ 101.697519][ T6131] hsr_slave_0: entered promiscuous mode [ 101.704648][ T6131] hsr_slave_1: entered promiscuous mode [ 101.707979][ T6131] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 101.712022][ T6131] Cannot create hsr debugfs directory [ 101.728552][ T6065] 8021q: adding VLAN 0 to HW filter on device bond0 [ 101.819271][ T6163] netlink: 204 bytes leftover after parsing attributes in process `syz.2.300'. [ 101.961172][ T6087] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 101.977255][ T6087] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 101.984299][ T4639] Bluetooth: hci1: command tx timeout [ 101.988232][ T1140] bridge_slave_1: left allmulticast mode [ 102.006753][ T1140] bridge_slave_1: left promiscuous mode [ 102.013960][ T1140] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.022329][ T1140] bridge_slave_0: left allmulticast mode [ 102.026096][ T1140] bridge_slave_0: left promiscuous mode [ 102.029186][ T1140] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.052947][ T1140] bridge_slave_1: left allmulticast mode [ 102.055851][ T1140] bridge_slave_1: left promiscuous mode [ 102.059124][ T1140] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.066856][ T1140] bridge_slave_0: left allmulticast mode [ 102.069333][ T1140] bridge_slave_0: left promiscuous mode [ 102.072362][ T1140] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.544377][ T4639] Bluetooth: hci4: command tx timeout [ 102.827115][ T1140] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 102.834057][ T1140] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 102.842856][ T1140] bond0 (unregistering): Released all slaves [ 102.960823][ T1140] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 102.968734][ T1140] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 102.975589][ T1140] bond0 (unregistering): Released all slaves [ 102.991142][ T6065] 8021q: adding VLAN 0 to HW filter on device team0 [ 103.007661][ T6087] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 103.016354][ T6087] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 103.033865][ T5243] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.036585][ T5243] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.085417][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.088242][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.340141][ T6087] 8021q: adding VLAN 0 to HW filter on device bond0 [ 103.419513][ T6087] 8021q: adding VLAN 0 to HW filter on device team0 [ 103.431518][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.435525][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 103.460932][ T6065] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 103.477238][ T1279] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.480407][ T1279] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.664320][ T4639] Bluetooth: hci2: command tx timeout [ 103.790061][ T1140] hsr_slave_0: left promiscuous mode [ 103.793596][ T1140] hsr_slave_1: left promiscuous mode [ 103.798980][ T1140] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 103.802325][ T1140] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 103.806754][ T1140] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 103.810082][ T1140] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 103.819261][ T1140] hsr_slave_0: left promiscuous mode [ 103.822613][ T1140] hsr_slave_1: left promiscuous mode [ 103.826385][ T1140] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 103.830512][ T1140] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 103.836874][ T1140] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 103.840849][ T1140] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 103.911501][ T1140] veth1_macvtap: left promiscuous mode [ 103.914079][ T1140] veth0_macvtap: left promiscuous mode [ 103.916848][ T1140] veth1_vlan: left promiscuous mode [ 103.919510][ T1140] veth0_vlan: left promiscuous mode [ 103.929255][ T1140] veth1_macvtap: left promiscuous mode [ 103.931612][ T1140] veth0_macvtap: left promiscuous mode [ 103.933777][ T1140] veth1_vlan: left promiscuous mode [ 103.935991][ T1140] veth0_vlan: left promiscuous mode [ 104.077557][ T4639] Bluetooth: hci1: command tx timeout [ 104.624448][ T4639] Bluetooth: hci4: command tx timeout [ 104.883320][ T1140] team0 (unregistering): Port device team_slave_1 removed [ 104.978439][ T1140] team0 (unregistering): Port device team_slave_0 removed [ 106.146385][ T4639] Bluetooth: hci1: command tx timeout [ 106.218906][ T1140] team0 (unregistering): Port device team_slave_1 removed [ 106.294567][ T1140] team0 (unregistering): Port device team_slave_0 removed [ 106.802723][ T6065] veth0_vlan: entered promiscuous mode [ 106.812805][ T6201] netlink: 204 bytes leftover after parsing attributes in process `syz.2.307'. [ 106.853968][ T6131] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 106.863577][ T6131] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 106.872730][ T6065] veth1_vlan: entered promiscuous mode [ 106.883314][ T6131] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 106.892265][ T6131] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 106.933634][ T6087] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.952582][ T6065] veth0_macvtap: entered promiscuous mode [ 106.972136][ T6065] veth1_macvtap: entered promiscuous mode [ 107.028140][ T6065] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.032011][ T6065] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.037245][ T6065] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.063406][ T6065] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 107.067939][ T6065] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.073303][ T6065] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.079866][ T6065] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.083543][ T6065] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.087864][ T6065] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.091498][ T6065] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.115978][ T6087] veth0_vlan: entered promiscuous mode [ 107.142693][ T6087] veth1_vlan: entered promiscuous mode [ 107.177800][ T6131] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.217831][ T6131] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.231991][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.234983][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.262825][ T5243] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.265487][ T5243] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.271977][ T6087] veth0_macvtap: entered promiscuous mode [ 107.286314][ T1128] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.288813][ T6087] veth1_macvtap: entered promiscuous mode [ 107.289590][ T1128] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.340220][ T6087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.346873][ T6087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.351534][ T6087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.356339][ T6087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.361992][ T6087] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.375433][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.378480][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.385645][ T6087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 107.389306][ T6087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.392800][ T6087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 107.398405][ T6087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.411453][ T6087] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.437886][ T6087] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.442246][ T6087] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.446957][ T6087] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.450738][ T6087] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.550835][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.557265][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.594538][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.598862][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.642863][ T6131] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.695364][ T6131] veth0_vlan: entered promiscuous mode [ 107.703207][ T6131] veth1_vlan: entered promiscuous mode [ 107.727645][ T6242] TCP: MD5 Hash not found for 172.20.20.187.0->172.20.20.170.20002 [] L3 index 0 [ 107.732820][ T6131] veth0_macvtap: entered promiscuous mode [ 107.740097][ T6131] veth1_macvtap: entered promiscuous mode [ 107.759682][ T6131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.764022][ T6131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.768346][ T6131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.772630][ T6131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.776241][ T6131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 107.781268][ T6131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.788479][ T6131] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.799906][ T6131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 107.803797][ T6131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.807749][ T6131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 107.811398][ T6131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.816688][ T6131] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 107.821285][ T6131] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.827111][ T6131] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.831721][ T6131] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.837286][ T6131] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.840966][ T6131] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.844306][ T6131] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.924258][ T1128] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.927995][ T1128] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.956004][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.959466][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.044190][ T5242] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 108.224534][ T5242] usb 6-1: Using ep0 maxpacket: 16 [ 108.229694][ T5242] usb 6-1: config 0 interface 0 altsetting 44 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 108.235047][ T4639] Bluetooth: hci1: command tx timeout [ 108.238748][ T5242] usb 6-1: config 0 interface 0 altsetting 44 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 108.246272][ T5242] usb 6-1: config 0 interface 0 has no altsetting 0 [ 108.253274][ T5242] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 108.258694][ T5242] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 108.262170][ T5242] usb 6-1: Product: syz [ 108.264324][ T5242] usb 6-1: Manufacturer: syz [ 108.266470][ T5242] usb 6-1: SerialNumber: syz [ 108.271043][ T5242] usb 6-1: config 0 descriptor?? [ 108.292694][ T5242] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input11 [ 108.398992][ T6274] netlink: 4 bytes leftover after parsing attributes in process `syz.2.323'. [ 108.547423][ T1152] usb 6-1: USB disconnect, device number 5 [ 109.379958][ T6279] syz.2.325: attempt to access beyond end of device [ 109.379958][ T6279] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 109.979674][ T6299] netlink: 4 bytes leftover after parsing attributes in process `syz.2.334'. [ 110.750263][ T6315] netlink: 'syz.1.341': attribute type 23 has an invalid length. [ 110.904875][ T6326] netlink: 'syz.2.343': attribute type 4 has an invalid length. [ 110.987664][ T6334] netlink: 'syz.3.350': attribute type 23 has an invalid length. [ 111.346920][ T6352] netlink: 'syz.0.357': attribute type 10 has an invalid length. [ 111.353121][ T6352] netlink: 40 bytes leftover after parsing attributes in process `syz.0.357'. [ 111.386020][ T6352] team0: Port device team_slave_0 removed [ 111.392194][ T6352] bond0: (slave team_slave_0): Enslaving as an active interface with an up link [ 111.466522][ T6358] netlink: 'syz.0.360': attribute type 23 has an invalid length. [ 111.919373][ T6378] netlink: 'syz.3.369': attribute type 10 has an invalid length. [ 111.923351][ T6378] netlink: 40 bytes leftover after parsing attributes in process `syz.3.369'. [ 111.960572][ T6378] team0: Port device team_slave_0 removed [ 111.967247][ T6378] bond0: (slave team_slave_0): Enslaving as an active interface with an up link [ 112.236191][ T6395] netlink: 'syz.3.376': attribute type 4 has an invalid length. [ 112.521124][ T6399] Unsupported ieee802154 address type: 0 [ 112.839016][ T6418] netlink: 'syz.2.385': attribute type 23 has an invalid length. [ 113.216112][ T6427] netlink: 'syz.3.389': attribute type 12 has an invalid length. [ 113.221025][ T6427] netlink: 132 bytes leftover after parsing attributes in process `syz.3.389'. [ 113.424323][ T6423] Unsupported ieee802154 address type: 0 [ 113.779790][ T6447] netlink: 'syz.2.398': attribute type 12 has an invalid length. [ 113.783066][ T6447] netlink: 132 bytes leftover after parsing attributes in process `syz.2.398'. [ 113.994477][ T6460] capability: warning: `syz.1.403' uses 32-bit capabilities (legacy support in use) [ 114.114808][ T6468] netlink: 4 bytes leftover after parsing attributes in process `syz.2.407'. [ 114.193677][ T6466] Unsupported ieee802154 address type: 0 [ 114.880027][ T39] kauditd_printk_skb: 87 callbacks suppressed [ 114.880044][ T39] audit: type=1804 audit(1720466621.725:291): pid=6490 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.415" name="/newroot/36/bus/file0" dev="overlay" ino=212 res=1 errno=0 [ 115.039166][ T6498] netlink: 40 bytes leftover after parsing attributes in process `syz.2.418'. [ 115.060743][ T6498] team0: Port device team_slave_0 removed [ 115.065836][ T6498] bond0: (slave team_slave_0): Enslaving as an active interface with an up link [ 115.341129][ T6516] netlink: 4 bytes leftover after parsing attributes in process `syz.0.427'. [ 115.463550][ T6518] Unsupported ieee802154 address type: 0 [ 115.514695][ T5242] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 115.718552][ T5242] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 115.725746][ T5242] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 115.731970][ T5242] usb 8-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 115.736603][ T5242] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.743516][ T5242] usb 8-1: config 0 descriptor?? [ 116.202865][ T5242] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0 [ 116.206985][ T5242] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0 [ 116.209912][ T5242] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0 [ 116.213412][ T5242] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0 [ 116.217594][ T5242] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0 [ 116.223870][ T5242] cm6533_jd 0003:0D8C:0022.0002: No inputs registered, leaving [ 116.239705][ T5242] cm6533_jd 0003:0D8C:0022.0002: hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0 [ 116.496081][ T57] usb 8-1: USB disconnect, device number 4 [ 116.525114][ T6540] Unsupported ieee802154 address type: 0 [ 116.720510][ T6557] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 117.328162][ T6587] fuse: Bad value for 'fd' [ 117.335574][ T6583] Unsupported ieee802154 address type: 0 [ 117.784361][ T5245] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 117.993517][ T5245] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 118.009845][ T5245] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 118.035480][ T5245] usb 6-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 118.043509][ T5245] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.050477][ T5245] usb 6-1: config 0 descriptor?? [ 118.204676][ T6614] Unsupported ieee802154 address type: 0 [ 118.501366][ T5245] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0 [ 118.506274][ T5245] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0 [ 118.511006][ T5245] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0 [ 118.516456][ T5245] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0 [ 118.520153][ T5245] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0 [ 118.525088][ T5245] cm6533_jd 0003:0D8C:0022.0003: No inputs registered, leaving [ 118.537535][ T5245] cm6533_jd 0003:0D8C:0022.0003: hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0 [ 118.778689][ T5242] usb 6-1: USB disconnect, device number 6 [ 118.932515][ T6645] input: syz1 as /devices/virtual/input/input14 [ 119.148261][ T6645] vti0: entered allmulticast mode [ 119.350487][ T39] audit: type=1804 audit(1720466626.195:292): pid=6648 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.478" name="/newroot/39/bus/file0" dev="overlay" ino=228 res=1 errno=0 [ 119.555653][ T6652] Unsupported ieee802154 address type: 0 [ 119.642474][ T6663] warning: `syz.0.484' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 119.790829][ T39] audit: type=1326 audit(1720466626.635:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6673 comm="syz.2.490" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7477579 code=0x0 [ 120.124028][ T6689] validate_nla: 2 callbacks suppressed [ 120.124044][ T6689] netlink: 'syz.3.493': attribute type 2 has an invalid length. [ 120.132930][ T6689] netlink: 'syz.3.493': attribute type 1 has an invalid length. [ 120.877056][ T6714] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 121.811513][ T6749] Zero length message leads to an empty skb [ 122.292008][ T6766] netlink: 4 bytes leftover after parsing attributes in process `syz.1.526'. [ 122.917624][ T6775] netlink: 'syz.2.531': attribute type 2 has an invalid length. [ 122.925456][ T6775] netlink: 'syz.2.531': attribute type 1 has an invalid length. [ 123.335529][ T6799] input: syz1 as /devices/virtual/input/input16 [ 123.400535][ T6091] udevd[6091]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 123.440704][ T6799] vti0: entered allmulticast mode [ 124.177615][ T6833] fuse: Bad value for 'fd' [ 124.470079][ T6849] netlink: 4 bytes leftover after parsing attributes in process `syz.1.557'. [ 124.777123][ T5242] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 124.899697][ T6871] capability: warning: `syz.3.571' uses deprecated v2 capabilities in a way that may be insecure [ 124.969442][ T5242] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 124.973995][ T5242] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 124.978998][ T5242] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 124.983639][ T5242] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.989896][ T5242] usb 5-1: config 0 descriptor?? [ 125.191690][ T4639] Bluetooth: hci4: unexpected cc 0x203e length: 2 > 1 [ 125.224363][ T56] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 125.232245][ T4639] Bluetooth: hci4: SCO packet for unknown connection handle 0 [ 125.360998][ T6877] netlink: 8 bytes leftover after parsing attributes in process `syz.1.574'. [ 125.368827][ T6877] netlink: 8 bytes leftover after parsing attributes in process `syz.1.574'. [ 125.407418][ T56] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 125.411904][ T56] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 125.417963][ T56] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 125.421477][ T5242] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0 [ 125.429914][ T56] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 125.431471][ T5242] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0 [ 125.435992][ T56] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 125.439961][ T5242] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0 [ 125.445975][ T5242] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0 [ 125.449460][ T5242] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0 [ 125.458246][ T5242] cm6533_jd 0003:0D8C:0022.0004: No inputs registered, leaving [ 125.462712][ T56] usb 8-1: config 0 descriptor?? [ 125.467433][ T5242] cm6533_jd 0003:0D8C:0022.0004: hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0 [ 125.691279][ T5245] usb 5-1: USB disconnect, device number 4 [ 125.861106][ T6888] xt_NFQUEUE: number of total queues is 0 [ 125.928043][ T56] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0 [ 125.933604][ T56] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving [ 125.962586][ T56] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 126.243576][ T6901] netlink: 8 bytes leftover after parsing attributes in process `syz.0.581'. [ 126.828780][ T6935] netlink: 2036 bytes leftover after parsing attributes in process `syz.0.591'. [ 126.835088][ T6935] netlink: 24 bytes leftover after parsing attributes in process `syz.0.591'. [ 126.912567][ T6936] pim6reg: entered allmulticast mode [ 126.957085][ T6936] pim6reg: left allmulticast mode [ 127.391287][ T39] audit: type=1326 audit(1720466634.235:294): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=6948 comm="syz.2.596" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7477579 code=0x0 [ 127.524458][ T4639] Bluetooth: hci4: SCO packet for unknown connection handle 0 [ 127.579252][ T6952] netlink: 8 bytes leftover after parsing attributes in process `syz.1.597'. [ 127.588839][ T6952] netlink: 8 bytes leftover after parsing attributes in process `syz.1.597'. [ 127.917725][ T6973] netlink: 4 bytes leftover after parsing attributes in process `syz.1.605'. [ 127.921954][ T6973] netlink: 4 bytes leftover after parsing attributes in process `syz.1.605'. [ 127.981437][ T5245] usb 8-1: USB disconnect, device number 5 [ 128.021890][ T6977] xt_NFQUEUE: number of total queues is 0 [ 129.189133][ T39] audit: type=1326 audit(1720466636.035:295): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=7017 comm="syz.2.623" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7477579 code=0x0 [ 129.652126][ T7036] netlink: 104 bytes leftover after parsing attributes in process `syz.3.630'. [ 129.919169][ T7039] fuse: blksize only supported for fuseblk [ 130.046458][ T7045] netlink: 184 bytes leftover after parsing attributes in process `syz.3.632'. [ 130.050747][ T7045] netlink: 60 bytes leftover after parsing attributes in process `syz.3.632'. [ 131.189376][ T39] audit: type=1326 audit(1720466638.035:296): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=7062 comm="syz.3.640" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7412579 code=0x0 [ 131.240112][ T7066] netlink: 104 bytes leftover after parsing attributes in process `syz.2.641'. [ 131.422767][ T7071] fuse: blksize only supported for fuseblk [ 132.011835][ T7097] fuse: blksize only supported for fuseblk [ 132.579113][ T7119] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 132.668362][ T7119] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 132.711285][ T7119] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 133.204958][ T7132] pim6reg: entered allmulticast mode [ 133.244038][ T7132] pim6reg: left allmulticast mode [ 133.265208][ T7134] netlink: 184 bytes leftover after parsing attributes in process `syz.3.666'. [ 133.268954][ T7134] netlink: 60 bytes leftover after parsing attributes in process `syz.3.666'. [ 133.462479][ T7142] netlink: 4 bytes leftover after parsing attributes in process `syz.3.667'. [ 133.681409][ T7148] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 134.043934][ T7156] vivid-000: disconnect [ 134.060077][ T7154] vivid-000: reconnect [ 134.522630][ T7170] netlink: 184 bytes leftover after parsing attributes in process `syz.3.677'. [ 134.528001][ T7170] netlink: 60 bytes leftover after parsing attributes in process `syz.3.677'. [ 134.775861][ T39] audit: type=1326 audit(1720466641.625:297): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=7171 comm="syz.0.678" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ba579 code=0x0 [ 135.082048][ T7196] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 136.466474][ T4639] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 136.475871][ T4639] Bluetooth: hci1: Injecting HCI hardware error event [ 136.483887][ T4639] Bluetooth: hci1: hardware error 0x00 [ 137.013192][ T7235] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 137.084989][ T7235] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 137.112330][ T7235] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 138.231196][ T1354] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.235306][ T1354] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.331515][ T7276] input: syz0 as /devices/virtual/input/input18 [ 138.419264][ T7278] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 138.469105][ T7280] gfs2: path_lookup on c::: returned error -2 [ 138.486829][ T7278] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 138.501743][ T7278] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 138.544307][ T4639] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 139.133282][ T7304] input: syz0 as /devices/virtual/input/input19 [ 139.134057][ T7301] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 139.380679][ T7318] netlink: 'syz.3.731': attribute type 3 has an invalid length. [ 139.383947][ T7318] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.731'. [ 139.540333][ T7323] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 139.592110][ T7323] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 139.598988][ T7325] netlink: 'syz.0.733': attribute type 20 has an invalid length. [ 139.615972][ T7323] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 139.884279][ T5245] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 140.077461][ T5245] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 88, changing to 10 [ 140.083094][ T5245] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49868, setting to 1024 [ 140.089018][ T5245] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 140.093194][ T5245] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.099940][ T5245] usb 5-1: config 0 descriptor?? [ 140.196401][ T7330] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 140.315145][ T5245] usbhid 5-1:0.0: can't add hid device: -71 [ 140.315159][ T7337] gfs2: path_lookup on c::: returned error -2 [ 140.317460][ T5245] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 140.326060][ T5245] usb 5-1: USB disconnect, device number 5 [ 140.327457][ T7333] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 140.477488][ T39] audit: type=1326 audit(1720466647.325:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7334 comm="syz.3.738" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7412579 code=0x0 [ 141.090308][ T39] audit: type=1326 audit(1720466647.935:299): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=unconfined pid=7358 comm="syz.0.748" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ba579 code=0x0 [ 141.118269][ T7364] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 142.065843][ T7383] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 142.068599][ T7383] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 142.149054][ T7383] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 142.151783][ T7383] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 142.159685][ T7383] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 142.161999][ T7383] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 142.211090][ T7432] blktrace: Concurrent blktraces are not allowed on sg0 [ 142.408698][ T7450] bond0: (slave bond_slave_1): Releasing backup interface [ 142.526556][ T7462] tun0: tun_chr_ioctl cmd 1074025675 [ 142.529070][ T7462] tun0: persist enabled [ 142.531868][ T7462] tun0: tun_chr_ioctl cmd 1074025675 [ 142.534526][ T7462] tun0: persist enabled [ 142.628978][ T7462] netlink: 3 bytes leftover after parsing attributes in process `syz.1.779'. [ 142.713519][ T7466] blktrace: Concurrent blktraces are not allowed on sg0 [ 143.014075][ T7485] netlink: 'syz.1.788': attribute type 3 has an invalid length. [ 143.018030][ T7485] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.788'. [ 143.062734][ T7487] gfs2: path_lookup on c::: returned error -2 [ 143.192033][ T5204] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 143.201825][ T5204] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 143.207020][ T5204] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 143.212138][ T5204] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 143.221221][ T5204] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 143.231565][ T5204] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 143.275213][ T4639] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 143.279719][ T4639] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 143.283744][ T4639] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 143.289873][ T4639] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 143.293469][ T4639] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 143.300322][ T4639] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 143.463867][ T7499] netlink: 'syz.1.794': attribute type 20 has an invalid length. [ 143.564826][ T7492] chnl_net:caif_netlink_parms(): no params data found [ 143.621177][ T7510] netlink: 'syz.3.796': attribute type 3 has an invalid length. [ 143.629070][ T7510] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.796'. [ 143.706983][ T7492] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.709957][ T7492] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.712781][ T7492] bridge_slave_0: entered allmulticast mode [ 143.717720][ T7492] bridge_slave_0: entered promiscuous mode [ 143.732201][ T7492] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.735365][ T7492] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.737948][ T7492] bridge_slave_1: entered allmulticast mode [ 143.741293][ T7492] bridge_slave_1: entered promiscuous mode [ 143.784292][ T30] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 143.808632][ T1092] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.866425][ T7492] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 143.906155][ T7492] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 143.930755][ T1092] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.003481][ T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 88, changing to 10 [ 144.012193][ T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49868, setting to 1024 [ 144.024197][ T30] usb 6-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 144.028503][ T30] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.043074][ T7492] team0: Port device team_slave_0 added [ 144.046811][ T30] usb 6-1: config 0 descriptor?? [ 144.067242][ T1092] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.083816][ T7492] team0: Port device team_slave_1 added [ 144.158572][ T1092] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.201383][ T7492] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 144.206898][ T7492] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 144.219311][ T7492] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 144.224472][ T7492] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 144.227139][ T7492] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 144.238947][ T7492] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 144.273071][ T30] usbhid 6-1:0.0: can't add hid device: -71 [ 144.275975][ T30] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 144.283099][ T30] usb 6-1: USB disconnect, device number 7 [ 144.321827][ T7492] hsr_slave_0: entered promiscuous mode [ 144.347679][ T7492] hsr_slave_1: entered promiscuous mode [ 144.352531][ T7492] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 144.358018][ T7492] Cannot create hsr debugfs directory [ 144.496736][ T1092] bridge_slave_1: left allmulticast mode [ 144.498835][ T1092] bridge_slave_1: left promiscuous mode [ 144.501148][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state [ 144.511853][ T1092] bridge_slave_0: left allmulticast mode [ 144.515700][ T1092] bridge_slave_0: left promiscuous mode [ 144.518780][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state [ 144.736513][ T7526] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 144.740490][ T7526] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 145.193732][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 145.203277][ T1092] bond0 (unregistering): (slave team_slave_0): Releasing backup interface [ 145.220925][ T1092] bond0 (unregistering): Released all slaves [ 145.749268][ T1092] hsr_slave_0: left promiscuous mode [ 145.753444][ T1092] hsr_slave_1: left promiscuous mode [ 145.758893][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 145.762240][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 145.767693][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 145.770966][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 145.827591][ T1092] veth1_macvtap: left promiscuous mode [ 145.830488][ T1092] veth0_macvtap: left promiscuous mode [ 145.832978][ T1092] veth1_vlan: left promiscuous mode [ 145.838494][ T1092] veth0_vlan: left promiscuous mode [ 145.940106][ T7556] netlink: 'syz.3.811': attribute type 20 has an invalid length. [ 146.264235][ T30] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 146.465776][ T30] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 88, changing to 10 [ 146.471054][ T30] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49868, setting to 1024 [ 146.477529][ T30] usb 8-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 146.481686][ T30] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 146.498965][ T30] usb 8-1: config 0 descriptor?? [ 147.092487][ T1092] team0 (unregistering): Port device team_slave_1 removed [ 148.169462][ T30] usbhid 8-1:0.0: can't add hid device: -71 [ 148.177389][ T30] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 148.185503][ T30] usb 8-1: USB disconnect, device number 6 [ 148.311528][ T7492] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 148.333732][ T7492] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 148.341793][ T7492] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 148.357675][ T7492] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 148.474912][ T7492] 8021q: adding VLAN 0 to HW filter on device bond0 [ 148.506922][ T7492] 8021q: adding VLAN 0 to HW filter on device team0 [ 148.519096][ T5245] bridge0: port 1(bridge_slave_0) entered blocking state [ 148.523166][ T5245] bridge0: port 1(bridge_slave_0) entered forwarding state [ 148.540783][ T5245] bridge0: port 2(bridge_slave_1) entered blocking state [ 148.544049][ T5245] bridge0: port 2(bridge_slave_1) entered forwarding state [ 148.622594][ T7492] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 148.818662][ T7492] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 148.885380][ T7614] netlink: 12 bytes leftover after parsing attributes in process `syz.1.829'. [ 148.915367][ T7492] veth0_vlan: entered promiscuous mode [ 148.930658][ T39] audit: type=1326 audit(1720466655.775:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7617 comm="syz.3.831" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7412579 code=0x0 [ 148.948841][ T7492] veth1_vlan: entered promiscuous mode [ 148.978945][ T7492] veth0_macvtap: entered promiscuous mode [ 148.981903][ T7492] veth1_macvtap: entered promiscuous mode [ 149.002715][ T7492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 149.008870][ T7492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.012594][ T7492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 149.012606][ T7492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.012616][ T7492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 149.012623][ T7492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.014041][ T7492] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 149.042570][ T7492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.042590][ T7492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.042599][ T7492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.042610][ T7492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.042618][ T7492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 149.042629][ T7492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 149.044386][ T7492] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 149.052427][ T7492] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.086925][ T7492] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.086958][ T7492] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.086982][ T7492] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 149.160345][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.160367][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.189195][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 149.189217][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 149.386515][ T7629] UBIFS error (pid: 7629): cannot open "", error -22 [ 149.405931][ T7628] netlink: 'syz.1.834': attribute type 20 has an invalid length. [ 149.694523][ T35] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 149.876868][ T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 88, changing to 10 [ 149.882053][ T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49868, setting to 1024 [ 149.888743][ T35] usb 6-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 149.892621][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.898447][ T35] usb 6-1: config 0 descriptor?? [ 149.987290][ T7638] netlink: 56 bytes leftover after parsing attributes in process `syz.3.838'. [ 150.147991][ T35] usbhid 6-1:0.0: can't add hid device: -71 [ 150.150494][ T35] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 150.163461][ T35] usb 6-1: USB disconnect, device number 8 [ 150.181673][ T7643] team0: entered promiscuous mode [ 150.183871][ T7643] team_slave_1: entered promiscuous mode [ 150.476094][ T7642] team0: left promiscuous mode [ 150.479056][ T7642] team_slave_1: left promiscuous mode [ 150.612741][ T7653] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 150.791438][ T7656] netlink: 12 bytes leftover after parsing attributes in process `syz.3.845'. [ 150.952782][ T7666] tun0: tun_chr_ioctl cmd 1074025675 [ 150.956534][ T7666] tun0: persist enabled [ 150.962895][ T7666] tun0: tun_chr_ioctl cmd 1074025675 [ 150.966213][ T7666] tun0: persist enabled [ 151.007978][ T7666] netlink: 3 bytes leftover after parsing attributes in process `syz.3.850'. [ 151.227126][ T7677] overlayfs: failed to resolve './file0': -2 [ 151.284005][ T7679] netlink: 'syz.3.855': attribute type 20 has an invalid length. [ 151.589813][ T815] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 151.641473][ T7690] netlink: 12 bytes leftover after parsing attributes in process `syz.0.861'. [ 151.803126][ T815] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 88, changing to 10 [ 151.814242][ T815] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49868, setting to 1024 [ 151.819372][ T815] usb 8-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00 [ 151.823654][ T815] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 151.832496][ T815] usb 8-1: config 0 descriptor?? [ 152.092699][ T815] usbhid 8-1:0.0: can't add hid device: -71 [ 152.104240][ T815] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 152.117753][ T815] usb 8-1: USB disconnect, device number 7 [ 153.158026][ T7720] tun1: tun_chr_ioctl cmd 1074025675 [ 153.173829][ T7720] tun1: persist enabled [ 153.179001][ T7720] tun1: tun_chr_ioctl cmd 1074025675 [ 153.181402][ T7720] tun1: persist enabled [ 153.231299][ T7720] netlink: 3 bytes leftover after parsing attributes in process `syz.3.873'. [ 153.890080][ T39] audit: type=1326 audit(1720466660.735:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7735 comm="syz.2.879" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c7579 code=0x0 [ 153.911806][ T7738] team0: entered promiscuous mode [ 153.929492][ T7738] team_slave_1: entered promiscuous mode [ 154.247992][ T7737] team0: left promiscuous mode [ 154.250827][ T7737] team_slave_1: left promiscuous mode [ 154.794361][ T10] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 154.948300][ T7775] syz.1.896 (7775) used greatest stack depth: 19824 bytes left [ 154.995457][ T10] usb 8-1: Using ep0 maxpacket: 32 [ 155.004780][ T10] usb 8-1: config 0 has no interfaces? [ 155.015605][ T10] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 155.020111][ T10] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 155.023997][ T10] usb 8-1: Product: syz [ 155.026157][ T10] usb 8-1: Manufacturer: syz [ 155.030381][ T10] usb 8-1: SerialNumber: syz [ 155.039739][ T10] usb 8-1: config 0 descriptor?? [ 155.265355][ T39] audit: type=1326 audit(1720466662.115:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7785 comm="syz.0.901" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ba579 code=0x0 [ 155.313695][ T10] usb 8-1: USB disconnect, device number 8 [ 155.331624][ T7779] overlay: ./file0 is not a directory [ 156.008341][ T39] audit: type=1326 audit(1720466662.855:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7815 comm="syz.3.914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7412579 code=0x7ffc0000 [ 156.019811][ T39] audit: type=1326 audit(1720466662.855:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7815 comm="syz.3.914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7412579 code=0x7ffc0000 [ 156.034585][ T39] audit: type=1326 audit(1720466662.875:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7815 comm="syz.3.914" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7412579 code=0x7ffc0000 [ 156.043826][ T39] audit: type=1326 audit(1720466662.885:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7815 comm="syz.3.914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7412579 code=0x7ffc0000 [ 156.063595][ T39] audit: type=1326 audit(1720466662.885:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7815 comm="syz.3.914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7412579 code=0x7ffc0000 [ 156.075944][ T39] audit: type=1326 audit(1720466662.885:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7815 comm="syz.3.914" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7412579 code=0x7ffc0000 [ 156.084979][ T39] audit: type=1326 audit(1720466662.885:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7815 comm="syz.3.914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7412579 code=0x7ffc0000 [ 156.124553][ T39] audit: type=1326 audit(1720466662.885:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7815 comm="syz.3.914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7412579 code=0x7ffc0000 [ 156.156485][ T39] audit: type=1326 audit(1720466662.885:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7815 comm="syz.3.914" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7412579 code=0x7ffc0000 [ 156.862830][ T7867] netlink: 'syz.2.931': attribute type 1 has an invalid length. [ 156.866965][ T7867] netlink: 3440 bytes leftover after parsing attributes in process `syz.2.931'. [ 156.871069][ T7867] netlink: 'syz.2.931': attribute type 1 has an invalid length. [ 156.871260][ T7869] netlink: 'syz.3.932': attribute type 24 has an invalid length. [ 156.875483][ T7867] netlink: 5888 bytes leftover after parsing attributes in process `syz.2.931'. [ 157.030196][ T7883] netlink: 'syz.3.937': attribute type 25 has an invalid length. [ 157.037224][ T7883] netlink: 'syz.3.937': attribute type 7 has an invalid length. [ 157.413959][ T7911] netlink: 'syz.2.947': attribute type 25 has an invalid length. [ 157.418263][ T7911] netlink: 'syz.2.947': attribute type 7 has an invalid length. [ 158.284269][ T56] usb 8-1: new low-speed USB device number 9 using dummy_hcd [ 158.286653][ T7993] program syz.1.976 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 158.397920][ T8002] netlink: 'syz.2.980': attribute type 24 has an invalid length. [ 158.506232][ T56] usb 8-1: config index 0 descriptor too short (expected 1307, got 27) [ 158.510623][ T56] usb 8-1: config 0 has an invalid interface number: 0 but max is -1 [ 158.518000][ T56] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 158.523913][ T56] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 158.532115][ T56] usb 8-1: string descriptor 0 read error: -22 [ 158.547127][ T56] usb 8-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de [ 158.551378][ T56] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 158.556835][ T56] usb 8-1: config 0 descriptor?? [ 158.560181][ T7962] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 158.571330][ T56] hub 8-1:0.0: bad descriptor, ignoring hub [ 158.574321][ T56] hub 8-1:0.0: probe with driver hub failed with error -5 [ 158.585411][ T56] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input20 [ 158.595085][ C2] usb_acecad 8-1:0.0: can't resubmit intr, dummy_hcd.3-1/input0, status -1 [ 158.618083][ C3] usb_acecad 8-1:0.0: can't resubmit intr, dummy_hcd.3-1/input0, status -1 [ 158.639134][ C3] usb_acecad 8-1:0.0: can't resubmit intr, dummy_hcd.3-1/input0, status -1 [ 158.669910][ C3] usb_acecad 8-1:0.0: can't resubmit intr, dummy_hcd.3-1/input0, status -1 [ 158.846149][ T8] usb 8-1: USB disconnect, device number 9 [ 159.100057][ T8039] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 159.235957][ T8047] netlink: 24 bytes leftover after parsing attributes in process `syz.2.992'. [ 159.844407][ T6248] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 160.043793][ T6248] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 160.054269][ T6248] usb 6-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00 [ 160.058564][ T6248] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.075589][ T6248] usb 6-1: config 0 descriptor?? [ 160.084537][ T6248] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 160.306220][ T815] usb 6-1: USB disconnect, device number 9 [ 160.511777][ T8095] netlink: 'syz.2.1012': attribute type 3 has an invalid length. [ 160.515927][ T8095] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1012'. [ 161.062530][ T815] kernel read not supported for file /audio1 (pid: 815 comm: kworker/2:2) [ 161.745940][ T6248] kernel read not supported for file /audio1 (pid: 6248 comm: kworker/1:4) [ 161.857511][ T8170] UBIFS error (pid: 8170): cannot open "", error -22 [ 162.081550][ T8178] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1043'. [ 162.299204][ T8191] Bluetooth: MGMT ver 1.22 [ 162.408935][ T8199] trusted_key: encrypted_key: key user:syz not found [ 162.886124][ T8213] netlink: 'syz.3.1060': attribute type 22 has an invalid length. [ 162.898516][ T8213] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1060'. [ 162.903041][ T8213] netlink: 'syz.3.1060': attribute type 22 has an invalid length. [ 163.188281][ T6248] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 163.323575][ T8218] netlink: 'syz.0.1062': attribute type 2 has an invalid length. [ 163.326668][ T8218] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1062'. [ 163.375053][ T6248] usb 8-1: too many configurations: 9, using maximum allowed: 8 [ 163.379826][ T6248] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.383359][ T6248] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.391018][ T6248] usb 8-1: config 0 interface 0 has no altsetting 0 [ 163.395514][ T6248] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.400063][ T6248] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.405273][ T6248] usb 8-1: config 0 interface 0 has no altsetting 0 [ 163.409533][ T6248] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.413355][ T6248] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.419774][ T6248] usb 8-1: config 0 interface 0 has no altsetting 0 [ 163.423248][ T6248] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.427380][ T6248] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.433010][ T6248] usb 8-1: config 0 interface 0 has no altsetting 0 [ 163.438252][ T6248] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.442171][ T6248] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.447393][ T6248] usb 8-1: config 0 interface 0 has no altsetting 0 [ 163.452934][ T6248] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.457117][ T6248] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.461930][ T6248] usb 8-1: config 0 interface 0 has no altsetting 0 [ 163.466995][ T6248] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.471891][ T6248] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.477130][ T6248] usb 8-1: config 0 interface 0 has no altsetting 0 [ 163.481082][ T6248] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 163.485877][ T6248] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 163.490918][ T6248] usb 8-1: config 0 interface 0 has no altsetting 0 [ 163.496052][ T6248] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 163.499596][ T6248] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 163.503783][ T6248] usb 8-1: Product: syz [ 163.506311][ T6248] usb 8-1: Manufacturer: syz [ 163.508492][ T6248] usb 8-1: SerialNumber: syz [ 163.512718][ T6248] usb 8-1: config 0 descriptor?? [ 163.526921][ T6248] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0 [ 163.544381][ T10] kernel read not supported for file /audio1 (pid: 10 comm: kworker/0:1) [ 164.169968][ T8239] trusted_key: encrypted_key: key user:syz not found [ 164.281077][ T8244] netlink: 'syz.0.1072': attribute type 3 has an invalid length. [ 164.290810][ T8244] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1072'. [ 165.884761][ C1] usb 8-1: yurex_control_callback - control failed: -2 [ 165.912151][ T1279] usb 8-1: USB disconnect, device number 10 [ 165.918004][ T1279] yurex 8-1:0.0: USB YUREX #0 now disconnected [ 166.345077][ T8297] netlink: 191416 bytes leftover after parsing attributes in process `syz.3.1087'. [ 166.357219][ T8297] netlink: zone id is out of range [ 166.359334][ T8297] netlink: zone id is out of range [ 166.361563][ T8297] netlink: zone id is out of range [ 166.363510][ T8297] netlink: zone id is out of range [ 166.369285][ T8297] netlink: zone id is out of range [ 166.371513][ T8297] netlink: zone id is out of range [ 166.373648][ T8297] netlink: zone id is out of range [ 166.376032][ T8297] netlink: zone id is out of range [ 166.380104][ T8297] netlink: zone id is out of range [ 166.382935][ T8297] netlink: zone id is out of range [ 168.118704][ T8346] kvm: pic: non byte read [ 168.864384][ T6248] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 168.968082][ T8384] IPVS: sync thread started: state = BACKUP, mcast_ifn = wg2, syncid = 2, id = 0 [ 169.029469][ T8377] kvm: pic: non byte read [ 169.045311][ T6248] usb 6-1: Using ep0 maxpacket: 8 [ 169.062431][ T6248] usb 6-1: config 0 has no interfaces? [ 169.065277][ T6248] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 169.070098][ T6248] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.079799][ T6248] usb 6-1: config 0 descriptor?? [ 169.401185][ T10] usb 6-1: USB disconnect, device number 10 [ 169.471754][ T8401] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1128'. [ 169.676398][ T8405] netlink: 164768 bytes leftover after parsing attributes in process `syz.2.1132'. [ 169.863592][ T8408] __vm_enough_memory: pid: 8408, comm: syz.3.1133, bytes: 4294963200 not enough memory for the allocation [ 170.055223][ T8413] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1136'. [ 170.061140][ T8413] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1136'. [ 170.218690][ T4639] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 170.229694][ T4639] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 170.243113][ T4639] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 170.263486][ T4639] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 170.268274][ T4639] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 170.272271][ T4639] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 170.334278][ T5204] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 170.349455][ T5204] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 170.357229][ T5204] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 170.364715][ T5204] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 170.370622][ T5204] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 170.377400][ T5204] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 170.430965][ T8414] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12) [ 170.434707][ T8414] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 170.441929][ T8414] vhci_hcd vhci_hcd.0: Device attached [ 170.481229][ T8426] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 170.551939][ T8423] vhci_hcd: connection closed [ 170.557644][ T1087] vhci_hcd: stop threads [ 170.571482][ T1087] vhci_hcd: release socket [ 170.574021][ T1087] vhci_hcd: disconnect device [ 170.576277][ T8429] netlink: 'syz.2.1140': attribute type 22 has an invalid length. [ 170.581289][ T8429] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1140'. [ 170.593149][ T8429] netlink: 'syz.2.1140': attribute type 22 has an invalid length. [ 170.639319][ T81] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.743731][ T81] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.828706][ T81] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 170.841594][ T8415] chnl_net:caif_netlink_parms(): no params data found [ 170.904296][ T5243] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 170.926039][ T81] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.019515][ T8415] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.022792][ T8415] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.026668][ T8415] bridge_slave_0: entered allmulticast mode [ 171.031584][ T8415] bridge_slave_0: entered promiscuous mode [ 171.037190][ T8415] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.040433][ T8415] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.043776][ T8415] bridge_slave_1: entered allmulticast mode [ 171.051361][ T8415] bridge_slave_1: entered promiscuous mode [ 171.095791][ T5243] usb 7-1: too many configurations: 9, using maximum allowed: 8 [ 171.104649][ T5243] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 171.109133][ T5243] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 171.122732][ T5243] usb 7-1: config 0 interface 0 has no altsetting 0 [ 171.132347][ T5243] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 171.141703][ T8415] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.143949][ T5243] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 171.149612][ T8415] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.163635][ T5243] usb 7-1: config 0 interface 0 has no altsetting 0 [ 171.169221][ T5243] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 171.174507][ T5243] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 171.195473][ T5243] usb 7-1: config 0 interface 0 has no altsetting 0 [ 171.206145][ T5243] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 171.210564][ T5243] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 171.215026][ T5243] usb 7-1: config 0 interface 0 has no altsetting 0 [ 171.220623][ T5243] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 171.226245][ T5243] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 171.231299][ T5243] usb 7-1: config 0 interface 0 has no altsetting 0 [ 171.237006][ T5243] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 171.242678][ T5243] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 171.248686][ T5243] usb 7-1: config 0 interface 0 has no altsetting 0 [ 171.252951][ T5243] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 171.262788][ T5243] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 171.273272][ T5243] usb 7-1: config 0 interface 0 has no altsetting 0 [ 171.277239][ T5243] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 171.280460][ T5243] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 171.285753][ T5243] usb 7-1: config 0 interface 0 has no altsetting 0 [ 171.292859][ T5243] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 171.297504][ T5243] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 171.301713][ T5243] usb 7-1: Product: syz [ 171.303805][ T5243] usb 7-1: Manufacturer: syz [ 171.308152][ T5243] usb 7-1: SerialNumber: syz [ 171.312864][ T5243] usb 7-1: config 0 descriptor?? [ 171.344080][ T8415] team0: Port device team_slave_0 added [ 171.348498][ T5243] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0 [ 171.352005][ T8415] team0: Port device team_slave_1 added [ 171.578035][ T8415] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 171.581538][ T8415] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.594929][ T8415] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 171.607059][ T8415] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 171.617210][ T8415] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.632050][ T8415] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 171.654529][ T81] bridge_slave_1: left allmulticast mode [ 171.656848][ T81] bridge_slave_1: left promiscuous mode [ 171.661430][ T81] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.671613][ T81] bridge_slave_0: left allmulticast mode [ 171.676670][ T81] bridge_slave_0: left promiscuous mode [ 171.680587][ T81] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.261293][ T81] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 172.285789][ T81] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 172.307560][ T81] bond0 (unregistering): Released all slaves [ 172.465843][ T4639] Bluetooth: hci0: command tx timeout [ 172.561563][ T8415] hsr_slave_0: entered promiscuous mode [ 172.568676][ T8415] hsr_slave_1: entered promiscuous mode [ 172.573631][ T8415] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 172.582220][ T8415] Cannot create hsr debugfs directory [ 172.828922][ T81] hsr_slave_0: left promiscuous mode [ 172.830753][ T8450] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1145'. [ 172.843155][ T81] hsr_slave_1: left promiscuous mode [ 172.858877][ T81] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 172.862597][ T81] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 172.880438][ T81] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 172.883730][ T81] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 172.934410][ T81] veth1_macvtap: left promiscuous mode [ 172.937494][ T81] veth0_macvtap: left promiscuous mode [ 172.940173][ T81] veth1_vlan: left promiscuous mode [ 172.942711][ T81] veth0_vlan: left promiscuous mode [ 173.302305][ C2] vkms_vblank_simulate: vblank timer overrun [ 173.560582][ C0] usb 7-1: yurex_control_callback - control failed: -2 [ 173.582760][ T8] usb 7-1: USB disconnect, device number 3 [ 173.595971][ T8] yurex 7-1:0.0: USB YUREX #0 now disconnected [ 174.320736][ T81] team0 (unregistering): Port device team_slave_1 removed [ 174.475382][ T81] team0 (unregistering): Port device team_slave_0 removed [ 174.554498][ T4639] Bluetooth: hci0: command tx timeout [ 175.080975][ C2] vkms_vblank_simulate: vblank timer overrun [ 175.671834][ T8479] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 176.147749][ T8494] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1156'. [ 176.323054][ T8513] IPVS: sync thread started: state = BACKUP, mcast_ifn = wg2, syncid = 2, id = 0 [ 176.435429][ T8415] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 176.458059][ T8415] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 176.472097][ T8415] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 176.487465][ T8415] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 176.629400][ T4639] Bluetooth: hci0: command tx timeout [ 176.720226][ T8415] 8021q: adding VLAN 0 to HW filter on device bond0 [ 176.748181][ T8415] 8021q: adding VLAN 0 to HW filter on device team0 [ 176.761637][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.764709][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 176.806090][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.809799][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 177.112503][ T8415] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 177.185806][ T8415] veth0_vlan: entered promiscuous mode [ 177.200383][ T8415] veth1_vlan: entered promiscuous mode [ 177.235334][ T8415] veth0_macvtap: entered promiscuous mode [ 177.242140][ T8415] veth1_macvtap: entered promiscuous mode [ 177.263523][ T8415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 177.273881][ T8415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.279235][ T8415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 177.284797][ T8415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.288595][ T8415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 177.293836][ T8415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.303077][ T8415] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 177.328161][ T8415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 177.333209][ T8415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.340804][ T8415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 177.346878][ T8415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.351198][ T8415] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 177.356555][ T8415] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 177.371395][ T8415] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 177.391414][ T8415] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.395899][ T8415] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.401148][ T8415] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.405752][ T8415] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.522002][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 177.526909][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 177.580346][ T1128] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 177.586254][ T1128] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 178.714278][ T5204] Bluetooth: hci0: command tx timeout [ 180.485354][ T8642] bond0: Error: Cannot enslave bond to itself. [ 180.746757][ T8659] UBIFS error (pid: 8659): cannot open "", error -22 [ 181.566411][ T8686] netlink: 'syz.2.1217': attribute type 22 has an invalid length. [ 181.573639][ T8686] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1217'. [ 181.578158][ T8686] netlink: 'syz.2.1217': attribute type 22 has an invalid length. [ 181.865372][ T10] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 182.055028][ T10] usb 7-1: too many configurations: 9, using maximum allowed: 8 [ 182.067555][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 182.072004][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 182.082426][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 182.087083][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 182.094502][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 182.099669][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 182.107492][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 182.111721][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 182.119182][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 182.128850][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 182.133849][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 182.139785][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 182.149574][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 182.153999][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 182.158933][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 182.163628][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 182.169596][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 182.176830][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 182.181711][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 182.189441][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 182.196760][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 182.200996][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 182.205788][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 182.214663][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 182.221007][ T10] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 182.227693][ T10] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 182.232289][ T10] usb 7-1: Product: syz [ 182.234032][ T10] usb 7-1: Manufacturer: syz [ 182.236412][ T10] usb 7-1: SerialNumber: syz [ 182.241099][ T10] usb 7-1: config 0 descriptor?? [ 182.249634][ T10] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0 [ 183.805238][ T8718] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 184.565287][ C0] usb 7-1: yurex_control_callback - control failed: -2 [ 184.585249][ T56] usb 7-1: USB disconnect, device number 4 [ 184.667404][ T56] yurex 7-1:0.0: USB YUREX #0 now disconnected [ 184.690112][ T8726] bond0: Error: Cannot enslave bond to itself. [ 184.746213][ T8728] cgroup: noprefix used incorrectly [ 185.168295][ T8741] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 185.422801][ T8749] kAFS: unparsable volume name [ 185.519743][ T8754] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1242'. [ 185.523960][ T8754] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1242'. [ 185.870627][ T8754] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12) [ 185.873529][ T8754] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 185.878769][ T8754] vhci_hcd vhci_hcd.0: Device attached [ 185.890980][ T8759] vhci_hcd: connection closed [ 185.898272][ T13] vhci_hcd: stop threads [ 185.902682][ T13] vhci_hcd: release socket [ 185.905242][ T13] vhci_hcd: disconnect device [ 186.698023][ T8772] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 186.761110][ T8766] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1244'. [ 187.096882][ T8785] UBIFS error (pid: 8785): cannot open "", error -22 [ 187.528830][ T8791] usb usb8: usbfs: process 8791 (syz.3.1252) did not claim interface 0 before use [ 187.613075][ T8793] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1253'. [ 187.619676][ T8793] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1253'. [ 187.922046][ T8797] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12) [ 187.925206][ T8797] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 187.929084][ T8797] vhci_hcd vhci_hcd.0: Device attached [ 188.011487][ T8798] vhci_hcd: connection closed [ 188.012676][ T81] vhci_hcd: stop threads [ 188.034452][ T81] vhci_hcd: release socket [ 188.036599][ T81] vhci_hcd: disconnect device [ 188.750806][ T8807] kAFS: unparsable volume name [ 189.153592][ T8818] usb usb8: usbfs: process 8818 (syz.2.1261) did not claim interface 0 before use [ 190.134897][ T8841] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1270'. [ 191.632840][ T8889] netlink: 'syz.3.1292': attribute type 3 has an invalid length. [ 192.208914][ T8895] syzkaller0: entered promiscuous mode [ 192.211842][ T8895] syzkaller0: entered allmulticast mode [ 195.275324][ T8933] loop0: detected capacity change from 0 to 7 [ 195.298074][ T8933] Dev loop0: unable to read RDB block 7 [ 195.313821][ T8933] loop0: AHDI p3 [ 195.316375][ T8933] loop0: partition table partially beyond EOD, truncated [ 196.728456][ T8958] cgroup: noprefix used incorrectly [ 196.824237][ T56] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 197.007819][ T56] usb 5-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 197.012118][ T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 197.021517][ T56] usb 5-1: config 0 descriptor?? [ 197.295371][ T8964] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1322'. [ 197.305606][ T8964] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1322'. [ 197.716393][ T8967] loop0: detected capacity change from 0 to 7 [ 197.728009][ T8967] Dev loop0: unable to read RDB block 7 [ 197.731322][ T8967] loop0: AHDI p3 [ 197.733636][ T8967] loop0: partition table partially beyond EOD, truncated [ 197.777662][ T8965] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12) [ 197.781190][ T8965] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 197.801339][ T8965] vhci_hcd vhci_hcd.0: Device attached [ 197.921448][ T8970] vhci_hcd: connection closed [ 197.921875][ T1086] vhci_hcd: stop threads [ 197.929656][ T1086] vhci_hcd: release socket [ 197.932711][ T1086] vhci_hcd: disconnect device [ 198.067401][ T8981] Bluetooth: MGMT ver 1.22 [ 198.157676][ T8983] net_ratelimit: 2575 callbacks suppressed [ 198.157693][ T8983] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 198.308009][ T56] pegasus 5-1:0.0: probe with driver pegasus failed with error -32 [ 198.310302][ T8985] ip6gretap0 speed is unknown, defaulting to 1000 [ 198.319775][ T8985] ip6gretap0 speed is unknown, defaulting to 1000 [ 198.355449][ T8985] ip6gretap0 speed is unknown, defaulting to 1000 [ 198.409244][ T8985] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 198.426840][ T8985] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 198.489842][ T8985] ip6gretap0 speed is unknown, defaulting to 1000 [ 198.508576][ T8985] ip6gretap0 speed is unknown, defaulting to 1000 [ 198.522049][ T8985] ip6gretap0 speed is unknown, defaulting to 1000 [ 198.526958][ T8985] ip6gretap0 speed is unknown, defaulting to 1000 [ 198.546453][ T8943] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 198.624875][ T56] usb 5-1: USB disconnect, device number 6 [ 198.773375][ T8990] can0: slcan on ptm0. [ 198.918169][ T8989] can0 (unregistered): slcan off ptm0. [ 199.319648][ T9010] cgroup: noprefix used incorrectly [ 199.655906][ T9020] netlink: 'syz.1.1339': attribute type 6 has an invalid length. [ 199.677553][ T1354] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.684394][ T1354] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.773220][ T9022] can0: slcan on ptm0. [ 199.952978][ T9021] can0 (unregistered): slcan off ptm0. [ 201.177270][ T9055] can0: slcan on ptm0. [ 201.245858][ T9058] netlink: 'syz.3.1350': attribute type 6 has an invalid length. [ 201.258453][ T9053] can0 (unregistered): slcan off ptm0. [ 201.433947][ T9062] loop0: detected capacity change from 0 to 7 [ 201.443145][ T9062] Dev loop0: unable to read RDB block 7 [ 201.448844][ T9062] loop0: AHDI p3 [ 201.450762][ T9062] loop0: partition table partially beyond EOD, truncated [ 201.513289][ T9076] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1356'. [ 201.517895][ T9076] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1356'. [ 201.585630][ T9079] team0: No ports can be present during mode change [ 202.027908][ T9096] macvlan0: entered allmulticast mode [ 202.030401][ T9096] veth1_vlan: entered allmulticast mode [ 202.041287][ T9096] macvlan0: left allmulticast mode [ 202.044028][ T9096] veth1_vlan: left allmulticast mode [ 202.078204][ T9080] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12) [ 202.081206][ T9080] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 202.121276][ T9080] vhci_hcd vhci_hcd.0: Device attached [ 202.335138][ T9097] vhci_hcd: connection closed [ 202.338183][ T1092] vhci_hcd: stop threads [ 202.342124][ T1092] vhci_hcd: release socket [ 202.347161][ T1092] vhci_hcd: disconnect device [ 202.573202][ T9103] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 202.873077][ T9111] netlink: 'syz.1.1366': attribute type 4 has an invalid length. [ 202.926235][ T9111] netlink: 'syz.1.1366': attribute type 21 has an invalid length. [ 203.024709][ T39] kauditd_printk_skb: 7 callbacks suppressed [ 203.024725][ T39] audit: type=1326 audit(1720466709.865:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9114 comm="syz.1.1368" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f5579 code=0x0 [ 204.055220][ T9133] cgroup: noprefix used incorrectly [ 204.142742][ T5204] Bluetooth: hci0: unexpected event for opcode 0x080f [ 204.199615][ T9136] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1376'. [ 204.205046][ T9136] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1376'. [ 204.588292][ T9137] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(12) [ 204.592207][ T9137] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 204.597156][ T9137] vhci_hcd vhci_hcd.0: Device attached [ 204.806187][ T4639] Bluetooth: hci0: unexpected event for opcode 0x2016 [ 204.899446][ T9140] vhci_hcd: connection closed [ 204.899820][ T63] vhci_hcd: stop threads [ 204.907198][ T63] vhci_hcd: release socket [ 204.909366][ T63] vhci_hcd: disconnect device [ 204.914409][ T30] usb 20-1: enqueue for inactive port 0 [ 205.174363][ T6248] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 205.357581][ T6248] usb 5-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 205.361597][ T6248] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.376958][ T6248] usb 5-1: config 0 descriptor?? [ 205.461087][ T30] usb usb20-port1: attempt power cycle [ 205.771389][ T39] audit: type=1326 audit(1720466712.615:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9154 comm="syz.2.1381" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c7579 code=0x0 [ 206.004919][ T9165] Driver unsupported XDP return value 0 on prog (id 264) dev N/A, expect packet loss! [ 206.116374][ T30] usb usb20-port1: unable to enumerate USB device [ 206.628543][ T6248] pegasus 5-1:0.0: probe with driver pegasus failed with error -32 [ 206.738688][ T9170] overlayfs: missing 'workdir' [ 206.818069][ T9179] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1390'. [ 206.822807][ T9179] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1390'. [ 206.874196][ T9144] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 206.887072][ T35] usb 5-1: USB disconnect, device number 7 [ 207.099098][ T9181] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12) [ 207.102366][ T9181] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 207.106619][ T9181] vhci_hcd vhci_hcd.0: Device attached [ 207.341370][ T9186] vhci_hcd: connection closed [ 207.347684][ T1128] vhci_hcd: stop threads [ 207.352876][ T1128] vhci_hcd: release socket [ 207.357221][ T1128] vhci_hcd: disconnect device [ 207.424367][ T6248] usb 18-1: enqueue for inactive port 0 [ 207.530789][ T9200] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1399'. [ 207.589059][ T9202] binder: 9201:9202 ioctl c018620c 200005c0 returned -1 [ 207.955842][ T6248] usb usb18-port1: attempt power cycle [ 208.597897][ T9217] overlayfs: missing 'workdir' [ 208.647401][ T8] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 208.655533][ T6248] usb usb18-port1: unable to enumerate USB device [ 208.858219][ T8] usb 7-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 208.871435][ T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.883231][ T8] usb 7-1: config 0 descriptor?? [ 209.182256][ T9229] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 209.185995][ T9229] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 209.190416][ T9229] vhci_hcd vhci_hcd.0: Device attached [ 209.306806][ T9230] vhci_hcd: connection closed [ 209.307047][ T1128] vhci_hcd: stop threads [ 209.311398][ T1128] vhci_hcd: release socket [ 209.313795][ T1128] vhci_hcd: disconnect device [ 209.344808][ T5245] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 209.384417][ T35] vhci_hcd: vhci_device speed not set [ 209.542536][ T5245] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 209.548327][ T5245] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 209.553249][ T5245] usb 6-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00 [ 209.560002][ T5245] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.568976][ T5245] usb 6-1: config 0 descriptor?? [ 209.956853][ T9234] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1410'. [ 210.040619][ T9225] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1408'. [ 210.075765][ T9236] binder: 9235:9236 ioctl c018620c 200005c0 returned -1 [ 210.083061][ T5245] uclogic 0003:5543:0005.0006: unknown main item tag 0x0 [ 210.089844][ T5245] uclogic 0003:5543:0005.0006: No inputs registered, leaving [ 210.096606][ T5245] uclogic 0003:5543:0005.0006: hidraw1: USB HID v0.00 Device [HID 5543:0005] on usb-dummy_hcd.1-1/input0 [ 210.146272][ T8] pegasus 7-1:0.0: probe with driver pegasus failed with error -32 [ 210.310980][ T6248] usb 6-1: USB disconnect, device number 11 [ 210.314649][ T9220] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 210.429783][ T9243] cgroup: noprefix used incorrectly [ 211.396842][ T30] usb 7-1: USB disconnect, device number 5 [ 212.625955][ T9263] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 212.629459][ T9263] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 212.643184][ T9263] vhci_hcd vhci_hcd.0: Device attached [ 212.694587][ T9267] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1419'. [ 212.914535][ T5246] usb 17-1: new low-speed USB device number 2 using vhci_hcd [ 213.276670][ T30] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 213.432749][ T9264] vhci_hcd: connection reset by peer [ 213.440791][ T1087] vhci_hcd: stop threads [ 213.442970][ T1087] vhci_hcd: release socket [ 213.447096][ T1087] vhci_hcd: disconnect device [ 213.471032][ T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 213.477128][ T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 213.481100][ T30] usb 5-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00 [ 213.485152][ T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 213.492618][ T30] usb 5-1: config 0 descriptor?? [ 213.941461][ T9277] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1423'. [ 213.985552][ T30] uclogic 0003:5543:0005.0007: unknown main item tag 0x0 [ 213.990329][ T30] uclogic 0003:5543:0005.0007: No inputs registered, leaving [ 213.995989][ T30] uclogic 0003:5543:0005.0007: hidraw1: USB HID v0.00 Device [HID 5543:0005] on usb-dummy_hcd.0-1/input0 [ 214.055806][ T9291] netlink: 'syz.2.1428': attribute type 2 has an invalid length. [ 214.059044][ T9291] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1428'. [ 214.183959][ T30] usb 5-1: USB disconnect, device number 8 [ 214.264565][ T9297] cgroup: Unexpected value for 'cpuset_v2_mode' [ 214.522835][ T9303] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 214.662507][ T9309] tracefs: Bad value for 'uid' [ 214.722537][ T9312] netlink: 'syz.1.1437': attribute type 2 has an invalid length. [ 214.726664][ T9312] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1437'. [ 215.374259][ T35] usb 6-1: new full-speed USB device number 12 using dummy_hcd [ 215.565607][ T35] usb 6-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 215.571472][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.596978][ T35] usb 6-1: config 0 descriptor?? [ 215.738252][ T9323] cgroup: Unexpected value for 'cpuset_v2_mode' [ 216.180873][ T9333] tracefs: Bad value for 'uid' [ 216.754253][ T9341] macvlan0: entered allmulticast mode [ 216.758870][ T9341] veth1_vlan: entered allmulticast mode [ 216.775583][ T9341] macvlan0: left allmulticast mode [ 216.780014][ T9341] veth1_vlan: left allmulticast mode [ 216.876617][ T35] pegasus 6-1:0.0: probe with driver pegasus failed with error -32 [ 217.104560][ T9320] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 217.112875][ T35] usb 6-1: USB disconnect, device number 12 [ 217.940636][ T9357] tracefs: Bad value for 'uid' [ 218.077733][ T5246] vhci_hcd: vhci_device speed not set [ 218.134786][ T9363] cgroup: Unexpected value for 'cpuset_v2_mode' [ 218.371391][ T9370] dccp_xmit_packet: Payload too large (65475) for featneg. [ 218.489538][ T9374] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 218.633238][ T9379] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 218.636615][ T9379] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 218.646882][ T9379] vhci_hcd vhci_hcd.0: Device attached [ 219.039142][ T9395] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615) [ 219.048482][ T9395] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647 [ 219.104317][ T5246] usb 17-1: device descriptor read/64, error -110 [ 219.374780][ T5246] usb 17-1: new low-speed USB device number 3 using vhci_hcd [ 219.399530][ T9405] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 219.421301][ T9381] vhci_hcd: connection reset by peer [ 219.442279][ T63] vhci_hcd: stop threads [ 219.445402][ T63] vhci_hcd: release socket [ 219.449000][ T63] vhci_hcd: disconnect device [ 219.761448][ T9422] tmpfs: Bad value for 'mpol' [ 220.043496][ T9429] cgroup: noprefix used incorrectly [ 220.193034][ T9433] macvlan0: entered allmulticast mode [ 220.206528][ T9433] veth1_vlan: entered allmulticast mode [ 220.214590][ T9433] macvlan0: left allmulticast mode [ 220.217401][ T9433] veth1_vlan: left allmulticast mode [ 220.388139][ T9409] overlayfs: missing 'workdir' [ 221.044384][ T815] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 221.224283][ T815] usb 8-1: Using ep0 maxpacket: 8 [ 221.230149][ T815] usb 8-1: config 179 has an invalid interface number: 65 but max is 0 [ 221.234467][ T815] usb 8-1: config 179 has no interface number 0 [ 221.237480][ T815] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 221.241933][ T815] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1029, setting to 1024 [ 221.254228][ T815] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 221.260054][ T815] usb 8-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 221.271764][ T815] usb 8-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 221.290337][ T815] usb 8-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 221.297285][ T815] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.305630][ T9441] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 221.322777][ T815] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:179.65/input/input23 [ 221.557291][ T5245] usb 8-1: USB disconnect, device number 11 [ 221.557333][ C2] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 221.565503][ T5245] xpad 8-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 221.736887][ T9468] cgroup: noprefix used incorrectly [ 222.334399][ T9478] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 222.336698][ T9478] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 222.355868][ T9478] vhci_hcd vhci_hcd.0: Device attached [ 222.613955][ T9479] vhci_hcd: connection closed [ 222.634244][ T63] vhci_hcd: stop threads [ 222.639308][ T63] vhci_hcd: release socket [ 222.644594][ T5243] usb 19-1: new low-speed USB device number 2 using vhci_hcd [ 222.644920][ T63] vhci_hcd: disconnect device [ 222.941047][ T9493] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1508'. [ 223.090886][ T9497] dccp_xmit_packet: Payload too large (65475) for featneg. [ 223.201565][ T9501] netlink: 'syz.2.1512': attribute type 3 has an invalid length. [ 223.205642][ T9501] netlink: 'syz.2.1512': attribute type 3 has an invalid length. [ 223.211241][ T9501] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1512'. [ 223.650373][ T9519] dccp_xmit_packet: Payload too large (65475) for featneg. [ 223.900397][ T9527] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 223.903892][ T9527] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 223.909733][ T9527] vhci_hcd vhci_hcd.0: Device attached [ 224.615947][ T9538] vivid-002: disconnect [ 224.693152][ T9528] vhci_hcd: connection reset by peer [ 224.696266][ T1092] vhci_hcd: stop threads [ 224.698547][ T1092] vhci_hcd: release socket [ 224.703658][ T1092] vhci_hcd: disconnect device [ 224.774370][ T5246] vhci_hcd: vhci_device speed not set [ 225.339186][ T9536] vivid-002: reconnect [ 226.724172][ T9574] vivid-000: disconnect [ 226.732350][ T9573] vivid-000: reconnect [ 226.893792][ T9584] syz.0.1545: attempt to access beyond end of device [ 226.893792][ T9584] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0 [ 226.899875][ T9584] MINIX-fs: unable to read superblock [ 227.033170][ T9588] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1547'. [ 227.754675][ T5243] vhci_hcd: vhci_device speed not set [ 228.340542][ T9610] syz.2.1555: attempt to access beyond end of device [ 228.340542][ T9610] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0 [ 228.355447][ T9610] MINIX-fs: unable to read superblock [ 228.532731][ T9614] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 228.536247][ T9614] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 228.546663][ T9614] vhci_hcd vhci_hcd.0: Device attached [ 228.875243][ T815] usb 15-1: new low-speed USB device number 2 using vhci_hcd [ 229.366417][ T9615] vhci_hcd: connection reset by peer [ 229.368972][ T1086] vhci_hcd: stop threads [ 229.371245][ T1086] vhci_hcd: release socket [ 229.373592][ T1086] vhci_hcd: disconnect device [ 229.510140][ T9638] syzkaller0: entered allmulticast mode [ 230.617256][ T9675] macvlan0: entered allmulticast mode [ 230.619185][ T9675] veth1_vlan: entered allmulticast mode [ 230.622223][ T9675] macvlan0: left allmulticast mode [ 230.624497][ T9675] veth1_vlan: left allmulticast mode [ 230.957400][ T9690] xt_socket: unknown flags 0x4 [ 231.398463][ T9697] (syz.3.1589,9697,3):dlmfs_mkdir:420 ERROR: invalid domain name for directory. [ 231.420406][ T39] audit: type=1326 audit(1720466738.265:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9694 comm="syz.1.1588" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f5579 code=0x0 [ 231.732912][ T9702] netlink: 184 bytes leftover after parsing attributes in process `syz.2.1591'. [ 231.737728][ T9702] netlink: 'syz.2.1591': attribute type 1 has an invalid length. [ 232.229683][ T9717] bridge0: port 3(syz_tun) entered blocking state [ 232.235327][ T9717] bridge0: port 3(syz_tun) entered disabled state [ 232.239101][ T9717] syz_tun: entered allmulticast mode [ 232.245649][ T9717] syz_tun: entered promiscuous mode [ 232.252225][ T9717] bridge0: port 3(syz_tun) entered blocking state [ 232.256216][ T9717] bridge0: port 3(syz_tun) entered forwarding state [ 232.269827][ T9717] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 233.618570][ T9747] bridge0: port 3(syz_tun) entered blocking state [ 233.622723][ T9747] bridge0: port 3(syz_tun) entered disabled state [ 233.628607][ T9747] syz_tun: entered allmulticast mode [ 233.651299][ T9747] syz_tun: entered promiscuous mode [ 233.657358][ T9747] bridge0: port 3(syz_tun) entered blocking state [ 233.660770][ T9747] bridge0: port 3(syz_tun) entered forwarding state [ 233.668985][ T9750] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 233.900315][ T9755] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1612'. [ 233.907399][ T9755] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1612'. [ 233.912878][ T9755] netlink: 1 bytes leftover after parsing attributes in process `syz.3.1612'. [ 233.984827][ T815] vhci_hcd: vhci_device speed not set [ 234.322268][ T9775] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 234.477191][ T39] audit: type=1326 audit(1720466741.325:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9770 comm="syz.1.1619" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f5579 code=0x7fc00000 [ 234.489978][ T39] audit: type=1326 audit(1720466741.345:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9770 comm="syz.1.1619" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf73f5579 code=0x7fc00000 [ 235.078069][ T39] audit: type=1326 audit(1720466741.925:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9770 comm="syz.1.1619" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f5579 code=0x7fc00000 [ 235.094386][ T39] audit: type=1326 audit(1720466741.935:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9770 comm="syz.1.1619" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73f5579 code=0x7fc00000 [ 235.103746][ T39] audit: type=1326 audit(1720466741.935:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9770 comm="syz.1.1619" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f5579 code=0x7fc00000 [ 235.127126][ T39] audit: type=1326 audit(1720466741.935:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9770 comm="syz.1.1619" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f5579 code=0x7fc00000 [ 235.152487][ T39] audit: type=1326 audit(1720466741.935:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9770 comm="syz.1.1619" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f5579 code=0x7fc00000 [ 235.441586][ T9823] (syz.2.1640,9823,2):dlmfs_mkdir:420 ERROR: invalid domain name for directory. [ 235.512627][ T9827] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1642'. [ 235.527114][ T9827] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1642'. [ 235.530737][ T9827] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1642'. [ 235.760489][ T39] audit: type=1326 audit(1720466742.605:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9830 comm="syz.2.1644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73c7579 code=0x7fc00000 [ 235.771448][ T39] audit: type=1326 audit(1720466742.605:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9830 comm="syz.2.1644" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf73c7579 code=0x7fc00000 [ 235.974082][ T9846] (syz.0.1650,9846,1):dlmfs_mkdir:420 ERROR: invalid domain name for directory. [ 236.141145][ T9853] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1653'. [ 236.144959][ T9853] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1653'. [ 236.149472][ T9853] netlink: 1 bytes leftover after parsing attributes in process `syz.1.1653'. [ 236.440022][ T39] audit: type=1326 audit(1720466743.285:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9830 comm="syz.2.1644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73c7579 code=0x7fc00000 [ 236.451696][ T39] audit: type=1326 audit(1720466743.285:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9830 comm="syz.2.1644" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73c7579 code=0x7fc00000 [ 236.699207][ T39] audit: type=1326 audit(1720466743.545:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9874 comm="syz.1.1664" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f5579 code=0x0 [ 238.405617][ T9916] overlayfs: missing 'workdir' [ 239.194048][ T39] audit: type=1326 audit(1720466746.035:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9922 comm="syz.2.1679" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c7579 code=0x0 [ 241.185528][ T9944] overlayfs: missing 'workdir' [ 241.515921][ T9965] loop0: detected capacity change from 0 to 49152 [ 241.585796][ T9965] loop0: detected capacity change from 49152 to 49087 [ 241.607713][ T9969] __nla_validate_parse: 1 callbacks suppressed [ 241.607732][ T9969] netlink: 188 bytes leftover after parsing attributes in process `syz.1.1696'. [ 241.617066][ T9969] netlink: 'syz.1.1696': attribute type 1 has an invalid length. [ 241.726824][ T9973] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1222729745 (39127351840 ns) > initial count (25964891200 ns). Using initial count to start timer. [ 241.865024][ T39] audit: type=1326 audit(1720466748.715:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9977 comm="syz.2.1700" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c7579 code=0x0 [ 242.132931][ T39] audit: type=1326 audit(1720466748.965:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.1.1705" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f5579 code=0x7ffc0000 [ 242.144348][ T39] audit: type=1326 audit(1720466748.965:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.1.1705" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f5579 code=0x7ffc0000 [ 242.177252][ T39] audit: type=1326 audit(1720466748.975:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.1.1705" exe="/syz-executor" sig=0 arch=40000003 syscall=343 compat=1 ip=0xf73f5579 code=0x7ffc0000 [ 242.188746][ T39] audit: type=1326 audit(1720466748.975:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9991 comm="syz.1.1705" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f5579 code=0x7ffc0000 [ 242.198499][ T9995] netlink: 188 bytes leftover after parsing attributes in process `syz.1.1706'. [ 242.203737][ T9995] netlink: 'syz.1.1706': attribute type 1 has an invalid length. [ 242.273154][ T9997] loop0: detected capacity change from 0 to 49152 [ 242.324486][ T9997] loop0: detected capacity change from 49152 to 49087 [ 242.742165][ T39] audit: type=1326 audit(1720466749.585:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10011 comm="syz.3.1714" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7412579 code=0x7ffc0000 [ 242.759401][ T39] audit: type=1326 audit(1720466749.585:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10011 comm="syz.3.1714" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7412579 code=0x7ffc0000 [ 242.780753][ T39] audit: type=1326 audit(1720466749.605:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10011 comm="syz.3.1714" exe="/syz-executor" sig=0 arch=40000003 syscall=343 compat=1 ip=0xf7412579 code=0x7ffc0000 [ 242.814372][ T39] audit: type=1326 audit(1720466749.605:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10011 comm="syz.3.1714" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7412579 code=0x7ffc0000 [ 242.825623][ T39] audit: type=1326 audit(1720466749.605:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10011 comm="syz.3.1714" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7412579 code=0x7ffc0000 [ 243.055929][T10030] netlink: 'syz.2.1722': attribute type 1 has an invalid length. [ 243.463272][T10033] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1723'. [ 244.576164][T10077] sock: sock_timestamping_bind_phc: sock not bind to device [ 244.603687][T10077] binder: 10072:10077 ioctl c018620c 200005c0 returned -1 [ 244.720414][T10085] syz.1.1740 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 245.342928][T10111] sock: sock_timestamping_bind_phc: sock not bind to device [ 245.374279][T10111] binder: 10107:10111 ioctl c018620c 200005c0 returned -1 [ 246.022122][T10137] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1222729745 (39127351840 ns) > initial count (25964891200 ns). Using initial count to start timer. [ 246.025635][T10142] netlink: 'syz.1.1761': attribute type 10 has an invalid length. [ 246.867468][T10181] sock: sock_timestamping_bind_phc: sock not bind to device [ 246.886170][T10181] binder: 10174:10181 ioctl c018620c 200005c0 returned -1 [ 247.182390][T10202] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 247.186084][T10202] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 247.198272][T10202] vhci_hcd vhci_hcd.0: Device attached [ 247.423864][T10205] vhci_hcd: connection closed [ 247.425261][ T1128] vhci_hcd: stop threads [ 247.429268][ T1128] vhci_hcd: release socket [ 247.431715][ T1128] vhci_hcd: disconnect device [ 247.474363][ T30] usb 13-1: new low-speed USB device number 3 using vhci_hcd [ 247.477988][ T30] usb 13-1: enqueue for inactive port 0 [ 247.554339][ T30] vhci_hcd: vhci_device speed not set [ 247.703148][T10229] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes [ 248.201106][T10243] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 248.747410][T10263] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 248.750422][T10263] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 248.754848][T10263] vhci_hcd vhci_hcd.0: Device attached [ 249.034772][ T30] usb 15-1: new low-speed USB device number 3 using vhci_hcd [ 249.371600][T10276] syz.2.1811: attempt to access beyond end of device [ 249.371600][T10276] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 249.380099][T10276] efs: cannot read volume header [ 249.485689][T10280] macvlan0: entered allmulticast mode [ 249.550188][T10264] vhci_hcd: connection reset by peer [ 249.553279][ T1087] vhci_hcd: stop threads [ 249.564605][ T1087] vhci_hcd: release socket [ 249.566685][ T1087] vhci_hcd: disconnect device [ 250.127035][T10299] syz.2.1821: attempt to access beyond end of device [ 250.127035][T10299] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 250.133632][T10299] efs: cannot read volume header [ 250.295500][ T39] kauditd_printk_skb: 23 callbacks suppressed [ 250.295517][ T39] audit: type=1326 audit(1720466757.145:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10310 comm="syz.1.1825" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f5579 code=0x0 [ 250.443176][T10314] x_tables: duplicate underflow at hook 1 [ 250.633905][T10320] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 250.636498][T10320] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 250.643241][T10320] vhci_hcd vhci_hcd.0: Device attached [ 250.914288][ T5246] usb 17-1: new low-speed USB device number 4 using vhci_hcd [ 251.404254][ T5245] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 251.464706][T10321] vhci_hcd: connection reset by peer [ 251.467671][ T1128] vhci_hcd: stop threads [ 251.469528][ T1128] vhci_hcd: release socket [ 251.471639][ T1128] vhci_hcd: disconnect device [ 251.600711][ T5245] usb 6-1: config 0 has an invalid interface number: 5 but max is 0 [ 251.612536][ T5245] usb 6-1: config 0 has no interface number 0 [ 251.615357][ T5245] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 251.623806][ T5245] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 251.641065][ T5245] usb 6-1: config 0 descriptor?? [ 251.648237][ T5245] cp210x 6-1:0.5: cp210x converter detected [ 252.015611][T10328] syz.0.1831: attempt to access beyond end of device [ 252.015611][T10328] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 252.022633][T10328] efs: cannot read volume header [ 252.079409][T10326] netlink: 'syz.1.1830': attribute type 7 has an invalid length. [ 252.174068][T10337] x_tables: duplicate underflow at hook 1 [ 252.198741][T10326] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 252.203862][T10326] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 252.264632][T10326] netlink: 'syz.1.1830': attribute type 7 has an invalid length. [ 252.387425][ T5245] cp210x 6-1:0.5: failed to get vendor val 0x000e size 3: -71 [ 252.401632][ T5245] usb 6-1: cp210x converter now attached to ttyUSB0 [ 252.417400][ T5245] usb 6-1: USB disconnect, device number 13 [ 252.425714][ T5245] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 252.429840][ T5245] cp210x 6-1:0.5: device disconnected [ 252.574304][ T5241] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 252.754256][ T5241] usb 5-1: Using ep0 maxpacket: 32 [ 252.759026][ T5241] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 252.763118][ T5241] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 252.767164][ T5241] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.772175][ T5241] usb 5-1: config 0 descriptor?? [ 252.778704][ T5241] hub 5-1:0.0: bad descriptor, ignoring hub [ 252.781378][ T5241] hub 5-1:0.0: probe with driver hub failed with error -5 [ 252.790569][ T5241] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 253.264499][ T5245] usb 5-1: USB disconnect, device number 9 [ 253.337843][ T5204] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 253.345048][ T5204] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 253.352171][ T5204] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 253.365568][ T5204] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 253.372164][ T5204] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 253.381601][ T5204] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 253.456402][T10370] ip6gretap0 speed is unknown, defaulting to 1000 [ 253.492286][T10376] program syz.2.1851 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 253.641316][T10370] chnl_net:caif_netlink_parms(): no params data found [ 253.854233][ T5245] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 253.860280][T10370] bridge0: port 1(bridge_slave_0) entered blocking state [ 253.863376][T10370] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.868390][T10370] bridge_slave_0: entered allmulticast mode [ 253.872536][T10370] bridge_slave_0: entered promiscuous mode [ 253.878140][T10370] bridge0: port 2(bridge_slave_1) entered blocking state [ 253.881224][T10370] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.884411][T10370] bridge_slave_1: entered allmulticast mode [ 253.888744][T10370] bridge_slave_1: entered promiscuous mode [ 253.991641][T10370] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 254.003604][T10370] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 254.036461][ T5245] usb 7-1: config 0 has an invalid interface number: 5 but max is 0 [ 254.040577][ T5245] usb 7-1: config 0 has no interface number 0 [ 254.043088][ T5245] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 254.047469][ T5245] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.055463][ T5245] usb 7-1: config 0 descriptor?? [ 254.074459][T10398] program syz.1.1859 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 254.074719][ T5245] cp210x 7-1:0.5: cp210x converter detected [ 254.137787][T10370] team0: Port device team_slave_0 added [ 254.145653][T10370] team0: Port device team_slave_1 added [ 254.164306][ T30] vhci_hcd: vhci_device speed not set [ 254.272736][T10370] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 254.276357][T10370] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 254.289273][T10370] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 254.297041][T10370] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 254.300583][T10370] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 254.312379][T10370] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 254.405152][T10370] hsr_slave_0: entered promiscuous mode [ 254.409036][T10370] hsr_slave_1: entered promiscuous mode [ 254.513240][T10380] netlink: 'syz.2.1852': attribute type 7 has an invalid length. [ 254.643654][T10380] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 254.652590][T10380] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 254.736389][T10370] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.759122][T10414] netlink: 'syz.2.1852': attribute type 7 has an invalid length. [ 254.842521][T10370] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 254.876852][ T5245] cp210x 7-1:0.5: failed to get vendor val 0x000e size 3: -71 [ 254.890219][ T5245] usb 7-1: cp210x converter now attached to ttyUSB0 [ 254.901337][ T5245] usb 7-1: USB disconnect, device number 6 [ 254.909819][ T5245] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 254.915076][ T5245] cp210x 7-1:0.5: device disconnected [ 254.947187][T10370] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.020319][T10370] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.208087][T10370] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 255.216223][T10370] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 255.224670][T10370] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 255.232197][T10370] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 255.325784][T10370] 8021q: adding VLAN 0 to HW filter on device bond0 [ 255.347238][T10370] 8021q: adding VLAN 0 to HW filter on device team0 [ 255.357598][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.360902][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 255.375329][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.378585][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 255.430136][ T4639] Bluetooth: hci4: command tx timeout [ 255.551220][T10370] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 255.598179][T10370] veth0_vlan: entered promiscuous mode [ 255.606369][T10370] veth1_vlan: entered promiscuous mode [ 255.631727][T10370] veth0_macvtap: entered promiscuous mode [ 255.638938][T10370] veth1_macvtap: entered promiscuous mode [ 255.652765][T10370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.657829][T10370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.661478][T10370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.666252][T10370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.670811][T10370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.674788][T10370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.679059][T10370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.683863][T10370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.690220][T10370] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 255.701533][T10370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 255.707492][T10370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.711792][T10370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 255.717617][T10370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.721103][T10370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 255.726329][T10370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.730356][T10370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 255.735215][T10370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.740809][T10370] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 255.750694][T10370] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.755598][T10370] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.758989][T10370] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.762059][T10370] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.819430][ T1128] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 255.823324][ T1128] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 255.852071][ T1086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 255.856424][ T1086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 256.084439][ T5246] vhci_hcd: vhci_device speed not set [ 256.772156][ T4639] Bluetooth: Wrong link type (-71) [ 257.514276][ T4639] Bluetooth: hci4: command tx timeout [ 258.593481][T10480] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1889'. [ 258.601882][T10480] netlink: 'syz.0.1889': attribute type 1 has an invalid length. [ 259.584947][ T4639] Bluetooth: hci4: command tx timeout [ 259.805659][ T5246] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 259.993725][ T5246] usb 7-1: config 0 has an invalid interface number: 5 but max is 0 [ 259.999241][ T5246] usb 7-1: config 0 has no interface number 0 [ 260.001915][ T5246] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 260.016164][ T5246] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 260.023260][ T5246] usb 7-1: config 0 descriptor?? [ 260.028810][ T5246] cp210x 7-1:0.5: cp210x converter detected [ 260.450572][T10519] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1906'. [ 260.492101][T10500] netlink: 'syz.2.1898': attribute type 7 has an invalid length. [ 260.638909][ T4639] Bluetooth: hci0: ACL packet for unknown connection handle 201 [ 260.662875][T10500] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 260.668178][T10500] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 260.705844][T10500] netlink: 'syz.2.1898': attribute type 7 has an invalid length. [ 260.848782][ T5246] cp210x 7-1:0.5: failed to get vendor val 0x000e size 3: -71 [ 260.876790][ T5246] usb 7-1: cp210x converter now attached to ttyUSB0 [ 260.883063][ T5246] usb 7-1: USB disconnect, device number 7 [ 260.892498][ T5246] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 260.898479][ T5246] cp210x 7-1:0.5: device disconnected [ 261.111137][ T1354] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.122608][ T1354] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.671493][ T4639] Bluetooth: hci4: command tx timeout [ 262.325658][ T5204] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 262.342297][ T5204] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 262.349938][ T5204] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 262.359842][ T5204] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 262.398479][ T5204] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 262.402519][ T5204] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 262.598998][T10580] ip6gretap0 speed is unknown, defaulting to 1000 [ 262.937972][ T1092] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.972277][T10580] chnl_net:caif_netlink_parms(): no params data found [ 263.170918][ T1092] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 263.328927][ T1092] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 263.441412][T10580] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.450183][T10580] bridge0: port 1(bridge_slave_0) entered disabled state [ 263.453356][T10580] bridge_slave_0: entered allmulticast mode [ 263.460515][T10580] bridge_slave_0: entered promiscuous mode [ 263.467283][T10580] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.473557][T10580] bridge0: port 2(bridge_slave_1) entered disabled state [ 263.478044][T10580] bridge_slave_1: entered allmulticast mode [ 263.483482][T10580] bridge_slave_1: entered promiscuous mode [ 263.508173][ T1092] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 263.599009][T10580] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 263.615853][T10618] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 263.637664][T10580] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 263.789455][T10580] team0: Port device team_slave_0 added [ 263.807957][T10580] team0: Port device team_slave_1 added [ 263.943971][T10580] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 263.954210][T10580] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 263.985075][T10580] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 263.992875][T10580] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 263.993815][ C0] vkms_vblank_simulate: vblank timer overrun [ 263.996692][T10580] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 264.010514][T10580] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 264.115095][ T4639] Bluetooth: hci0: ACL packet for unknown connection handle 201 [ 264.361884][T10580] hsr_slave_0: entered promiscuous mode [ 264.386461][T10580] hsr_slave_1: entered promiscuous mode [ 264.414536][T10580] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 264.418295][T10580] Cannot create hsr debugfs directory [ 264.422325][ T1092] bridge_slave_1: left allmulticast mode [ 264.425274][ T1092] bridge_slave_1: left promiscuous mode [ 264.428435][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state [ 264.453958][ T1092] bridge_slave_0: left allmulticast mode [ 264.463725][ T1092] bridge_slave_0: left promiscuous mode [ 264.467801][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state [ 264.469491][ T4639] Bluetooth: hci5: command tx timeout [ 265.711206][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 265.732249][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 265.743361][ T1092] bond0 (unregistering): Released all slaves [ 265.763513][ T1092] bond1 (unregistering): Released all slaves [ 265.808571][ T5246] ip6gretap0 speed is unknown, defaulting to 1000 [ 265.997128][ T1092] IPVS: stopping backup sync thread 8384 ... [ 266.545772][ T4639] Bluetooth: hci5: command tx timeout [ 266.816729][ T1092] hsr_slave_0: left promiscuous mode [ 266.837899][ T1092] hsr_slave_1: left promiscuous mode [ 266.847730][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 266.851595][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 266.895547][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 266.904240][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 267.065579][ T1092] veth1_macvtap: left promiscuous mode [ 267.074917][ T1092] veth0_macvtap: left promiscuous mode [ 267.081557][ T1092] veth1_vlan: left promiscuous mode [ 267.085334][ T1092] veth0_vlan: left promiscuous mode [ 268.626683][ T4639] Bluetooth: hci5: command tx timeout [ 268.991246][ T1092] team0 (unregistering): Port device team_slave_1 removed [ 269.180552][ T1092] team0 (unregistering): Port device team_slave_0 removed [ 270.687987][T10737] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 270.704799][ T4639] Bluetooth: hci5: command tx timeout [ 270.900161][T10580] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 270.927714][T10580] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 270.943778][T10580] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 270.967521][T10580] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 271.045992][T10747] [ 271.047161][T10747] ====================================================== [ 271.050606][T10747] WARNING: possible circular locking dependency detected [ 271.053617][T10747] 6.10.0-rc7-syzkaller #0 Not tainted SYZFAIL: failed to recv rpc fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor) [ 271.056981][T10747] ------------------------------------------------------ [ 271.078139][T10747] syz.1.1990/10747 is trying to acquire lock: [ 271.081938][T10747] ffff88803fffece0 (&pgdat->kswapd_wait){..-.}-{2:2}, at: __wake_up+0x1c/0x60 [ 271.086448][T10747] [ 271.086448][T10747] but task is already holding lock: [ 271.089755][T10747] ffff888049dcb1f8 (&trie->lock){....}-{2:2}, at: trie_update_elem+0xc7/0xdb0 [ 271.103487][T10580] 8021q: adding VLAN 0 to HW filter on device bond0 [ 271.106382][T10747] [ 271.106382][T10747] which lock already depends on the new lock. [ 271.106382][T10747] [ 271.106396][T10747] [ 271.106396][T10747] the existing dependency chain (in reverse order) is: [ 271.106405][T10747] [ 271.106405][T10747] -> #3 (&trie->lock){....}-{2:2}: [ 271.106442][T10747] _raw_spin_lock_irqsave+0x3a/0x60 [ 271.106486][T10747] trie_delete_elem+0xb0/0x820 [ 271.106515][T10747] 0xffffffffa000082a [ 271.106532][T10747] bpf_trace_run4+0x245/0x5a0 [ 271.133388][T10747] __traceiter_sched_switch+0x6c/0xc0 [ 271.136134][T10747] __schedule+0x252c/0x5d00 [ 271.138455][T10747] preempt_schedule_common+0x44/0xc0 [ 271.141199][T10747] preempt_schedule_thunk+0x1a/0x30 [ 271.144102][T10747] try_to_wake_up+0xc08/0x13e0 [ 271.146956][T10747] wake_up_q+0x91/0x140 [ 271.149455][T10747] futex_wake+0x43e/0x4e0 [ 271.151653][T10747] do_futex+0x1e5/0x350 [ 271.153667][T10747] __ia32_sys_futex_time32+0x1da/0x460 [ 271.154520][T10580] 8021q: adding VLAN 0 to HW filter on device team0 [ 271.156161][T10747] __do_fast_syscall_32+0x73/0x120 [ 271.161904][T10747] do_fast_syscall_32+0x32/0x80 [ 271.164333][T10747] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 271.167070][T10747] [ 271.167070][T10747] -> #2 (&rq->__lock){-.-.}-{2:2}: [ 271.169747][T10747] _raw_spin_lock_nested+0x31/0x40 [ 271.172207][T10747] raw_spin_rq_lock_nested+0x29/0x130 [ 271.175348][T10747] task_fork_fair+0x73/0x250 [ 271.178257][T10747] sched_cgroup_fork+0x3cf/0x510 [ 271.180797][T10747] copy_process+0x4710/0x6f50 [ 271.183124][T10747] kernel_clone+0xfd/0x980 [ 271.185262][T10747] user_mode_thread+0xb4/0xf0 [ 271.187588][T10747] rest_init+0x23/0x2b0 [ 271.189904][T10747] start_kernel+0x3df/0x4c0 [ 271.192748][T10747] x86_64_start_reservations+0x18/0x30 [ 271.195934][T10747] x86_64_start_kernel+0xb2/0xc0 [ 271.198546][T10747] common_startup_64+0x13e/0x148 [ 271.200892][T10747] [ 271.200892][T10747] -> #1 (&p->pi_lock){-.-.}-{2:2}: [ 271.204216][T10747] _raw_spin_lock_irqsave+0x3a/0x60 [ 271.207229][T10747] try_to_wake_up+0x9a/0x13e0 [ 271.209643][T10747] autoremove_wake_function+0x16/0x150 [ 271.212292][T10747] __wake_up_common+0x131/0x1e0 [ 271.214695][T10747] __wake_up+0x31/0x60 [ 271.218870][T10747] wakeup_kswapd+0x45e/0x640 [ 271.222593][T10747] get_page_from_freelist+0x9bc/0x2e50 [ 271.225754][T10747] __alloc_pages_noprof+0x22b/0x2460 [ 271.228628][T10747] alloc_pages_mpol_noprof+0x275/0x610 [ 271.231742][T10747] vma_alloc_folio_noprof+0xad/0x1f0 [ 271.235626][T10747] __handle_mm_fault+0x2cc7/0x52a0 [ 271.238729][T10747] handle_mm_fault+0x476/0xa00 [ 271.241603][T10747] do_user_addr_fault+0x426/0xe50 [ 271.244752][T10747] exc_page_fault+0x5c/0xc0 [ 271.247855][T10747] asm_exc_page_fault+0x26/0x30 [ 271.251421][T10747] [ 271.251421][T10747] -> #0 (&pgdat->kswapd_wait){..-.}-{2:2}: [ 271.256192][T10747] __lock_acquire+0x2478/0x3b30 [ 271.259122][T10747] lock_acquire+0x1b1/0x560 [ 271.261997][T10747] _raw_spin_lock_irqsave+0x3a/0x60 [ 271.264942][T10747] __wake_up+0x1c/0x60 [ 271.267608][T10747] wakeup_kswapd+0x45e/0x640 [ 271.270085][T10747] get_page_from_freelist+0x9bc/0x2e50 [ 271.274981][T10747] __alloc_pages_noprof+0x22b/0x2460 [ 271.278377][T10747] __kmalloc_large_node+0x7f/0x1a0 [ 271.281331][T10747] __kmalloc_node_noprof.cold+0x5/0x5f [ 271.284682][T10747] bpf_map_kmalloc_node+0x98/0x4a0 [ 271.288330][T10747] trie_update_elem+0x1ef/0xdb0 [ 271.291464][T10747] bpf_map_update_value+0x2c1/0x6c0 [ 271.294537][T10747] generic_map_update_batch+0x454/0x5f0 [ 271.297382][T10747] bpf_map_do_batch+0x615/0x6e0 [ 271.299705][T10747] __sys_bpf+0x18cb/0x5830 [ 271.302436][T10747] __ia32_sys_bpf+0x76/0xe0 [ 271.305107][T10747] __do_fast_syscall_32+0x73/0x120 [ 271.307877][T10747] do_fast_syscall_32+0x32/0x80 [ 271.310439][T10747] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 271.314259][T10747] [ 271.314259][T10747] other info that might help us debug this: [ 271.314259][T10747] [ 271.320419][T10747] Chain exists of: [ 271.320419][T10747] &pgdat->kswapd_wait --> &rq->__lock --> &trie->lock [ 271.320419][T10747] [ 271.326036][T10747] Possible unsafe locking scenario: [ 271.326036][T10747] [ 271.329003][T10747] CPU0 CPU1 [ 271.331454][T10747] ---- ---- [ 271.334587][T10747] lock(&trie->lock); [ 271.336607][T10747] lock(&rq->__lock); [ 271.339532][T10747] lock(&trie->lock); [ 271.342458][T10747] lock(&pgdat->kswapd_wait); [ 271.344641][T10747] [ 271.344641][T10747] *** DEADLOCK *** [ 271.344641][T10747] [ 271.348876][T10747] 2 locks held by syz.1.1990/10747: [ 271.351496][T10747] #0: ffffffff8dbb4ea0 (rcu_read_lock){....}-{1:2}, at: bpf_map_update_value+0x24b/0x6c0 [ 271.355779][T10747] #1: ffff888049dcb1f8 (&trie->lock){....}-{2:2}, at: trie_update_elem+0xc7/0xdb0 [ 271.360477][T10747] [ 271.360477][T10747] stack backtrace: [ 271.363482][T10747] CPU: 0 PID: 10747 Comm: syz.1.1990 Not tainted 6.10.0-rc7-syzkaller #0 [ 271.367186][T10747] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 271.371950][T10747] Call Trace: [ 271.373708][T10747] [ 271.375379][T10747] dump_stack_lvl+0x116/0x1f0 [ 271.377904][T10747] check_noncircular+0x31a/0x400 [ 271.380693][T10747] ? __pfx_check_noncircular+0x10/0x10 [ 271.382905][T10747] ? hlock_class+0x4e/0x130 [ 271.384980][T10747] ? lockdep_lock+0xc6/0x200 [ 271.387303][T10747] ? __pfx_lockdep_lock+0x10/0x10 [ 271.390305][T10747] __lock_acquire+0x2478/0x3b30 [ 271.392601][T10747] ? __pfx___lock_acquire+0x10/0x10 [ 271.395022][T10747] ? __rmqueue_pcplist+0xc62/0x1550 [ 271.397435][T10747] lock_acquire+0x1b1/0x560 [ 271.399539][T10747] ? __wake_up+0x1c/0x60 [ 271.401566][T10747] ? __pfx_lock_acquire+0x10/0x10 [ 271.404180][T10747] ? __rmqueue_pcplist+0x248/0x1550 [ 271.407630][T10747] ? find_held_lock+0x2d/0x110 [ 271.410854][T10747] ? __zone_watermark_ok+0x252/0x4d0 [ 271.413363][T10747] _raw_spin_lock_irqsave+0x3a/0x60 [ 271.416131][T10747] ? __wake_up+0x1c/0x60 [ 271.418517][T10747] __wake_up+0x1c/0x60 [ 271.421754][T10747] wakeup_kswapd+0x45e/0x640 [ 271.424913][T10747] get_page_from_freelist+0x9bc/0x2e50 [ 271.428375][T10747] ? __pfx_mark_lock+0x10/0x10 [ 271.430758][T10747] ? mark_lock+0xb5/0xc60 [ 271.432941][T10747] ? __pfx_get_page_from_freelist+0x10/0x10 [ 271.436239][T10747] ? prepare_alloc_pages.constprop.0+0x412/0x560 [ 271.440433][T10747] __alloc_pages_noprof+0x22b/0x2460 [ 271.443361][T10747] ? hlock_class+0x4e/0x130 [ 271.445886][T10747] ? cfg80211_classify8021d+0xa3/0x890 [ 271.448952][T10747] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 271.451851][T10747] ? __pfx___lock_acquire+0x10/0x10 [ 271.454533][T10747] ? lock_acquire+0x1b1/0x560 [ 271.457064][T10747] ? find_held_lock+0x2d/0x110 [ 271.459965][T10747] ? bpf_map_get_memcg.isra.0+0x143/0x5a0 [ 271.463237][T10747] ? __pfx_lock_release+0x10/0x10 [ 271.466186][T10747] __kmalloc_large_node+0x7f/0x1a0 [ 271.469529][T10747] __kmalloc_node_noprof.cold+0x5/0x5f [ 271.472836][T10747] ? bpf_map_kmalloc_node+0x98/0x4a0 [ 271.475526][T10747] bpf_map_kmalloc_node+0x98/0x4a0 [ 271.479461][T10747] trie_update_elem+0x1ef/0xdb0 [ 271.482816][T10747] bpf_map_update_value+0x2c1/0x6c0 [ 271.485243][T10747] generic_map_update_batch+0x454/0x5f0 [ 271.487727][T10747] ? __pfx_generic_map_update_batch+0x10/0x10 [ 271.490915][T10747] ? __pfx_generic_map_update_batch+0x10/0x10 [ 271.494337][T10747] bpf_map_do_batch+0x615/0x6e0 [ 271.496727][T10747] __sys_bpf+0x18cb/0x5830 [ 271.498896][T10747] ? __pfx___sys_bpf+0x10/0x10 [ 271.501377][T10747] ? __pfx_futex_wait+0x10/0x10 [ 271.503942][T10747] ? putname+0x12e/0x170 [ 271.506344][T10747] ? do_futex+0x123/0x350 [ 271.508441][T10747] ? __pfx_do_futex+0x10/0x10 [ 271.510823][T10747] ? xfd_validate_state+0x5d/0x180 [ 271.514252][T10747] __ia32_sys_bpf+0x76/0xe0 [ 271.516478][T10747] __do_fast_syscall_32+0x73/0x120 [ 271.518804][T10747] do_fast_syscall_32+0x32/0x80 [ 271.520924][T10747] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 271.524005][T10747] RIP: 0023:0xf73f5579 [ 271.525838][T10747] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 271.536672][T10747] RSP: 002b:00000000f5d0d57c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 271.540873][T10747] RAX: ffffffffffffffda RBX: 000000000000001a RCX: 0000000020000480 [ 271.545143][T10747] RDX: 0000000000000038 RSI: 0000000000000000 RDI: 0000000000000000 [ 271.550022][T10747] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 271.554464][T10747] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 271.558492][T10747] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 271.564894][T10747] [ 271.567621][ C0] vkms_vblank_simulate: vblank timer overrun [ 271.877612][T10747] bridge0: port 3(syz_tun) entered disabled state [ 271.905364][T10747] syz_tun (unregistering): left allmulticast mode [ 271.908199][T10747] syz_tun (unregistering): left promiscuous mode [ 271.911050][T10747] bridge0: port 3(syz_tun) entered disabled state [ 271.941812][ T1092] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.100823][ T1092] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.202112][ T1092] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.271280][ T1092] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.414777][ T1092] bridge_slave_1: left allmulticast mode [ 272.416937][ T1092] bridge_slave_1: left promiscuous mode [ 272.419663][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.424209][ T1092] bridge_slave_0: left allmulticast mode [ 272.426661][ T1092] bridge_slave_0: left promiscuous mode [ 272.429006][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.728537][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 272.733189][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 272.738876][ T1092] bond0 (unregistering): (slave team_slave_0): Releasing backup interface [ 272.743886][ T1092] bond0 (unregistering): Released all slaves [ 273.117965][ T1092] hsr_slave_0: left promiscuous mode [ 273.121222][ T1092] hsr_slave_1: left promiscuous mode [ 273.125316][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 273.129048][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 273.133668][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 273.138221][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 273.144427][ T1092] veth1_macvtap: left promiscuous mode [ 273.147250][ T1092] veth0_macvtap: left promiscuous mode [ 273.149591][ T1092] veth1_vlan: left promiscuous mode [ 273.151926][ T1092] veth0_vlan: left promiscuous mode [ 273.552323][ T1092] team0 (unregistering): Port device team_slave_1 removed [ 276.143942][ T1092] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.221138][ T1092] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.293412][ T1092] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.375952][ T1092] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.562513][ T1092] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.659884][ T1092] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.741311][ T1092] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 276.822372][ T1092] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 277.003516][ T1092] bridge_slave_1: left allmulticast mode [ 277.011468][ T1092] bridge_slave_1: left promiscuous mode [ 277.014340][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.019384][ T1092] bridge_slave_0: left allmulticast mode [ 277.022325][ T1092] bridge_slave_0: left promiscuous mode [ 277.025312][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state [ 277.037131][ T1092] bridge_slave_1: left allmulticast mode [ 277.040202][ T1092] bridge_slave_1: left promiscuous mode [ 277.043075][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.060773][ T1092] bridge_slave_0: left allmulticast mode [ 277.063078][ T1092] bridge_slave_0: left promiscuous mode [ 277.065976][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state [ 277.074872][ T1092] bridge_slave_1: left allmulticast mode [ 277.077463][ T1092] bridge_slave_1: left promiscuous mode [ 277.079926][ T1092] bridge0: port 2(bridge_slave_1) entered disabled state [ 277.088761][ T1092] bridge_slave_0: left allmulticast mode [ 277.091918][ T1092] bridge_slave_0: left promiscuous mode [ 277.094800][ T1092] bridge0: port 1(bridge_slave_0) entered disabled state [ 277.770901][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 277.777503][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 277.782790][ T1092] bond0 (unregistering): Released all slaves [ 277.794297][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 277.799841][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 277.805895][ T1092] bond0 (unregistering): Released all slaves [ 277.815698][ T1092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 277.820203][ T1092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 277.825939][ T1092] bond0 (unregistering): Released all slaves [ 278.527929][ T1092] hsr_slave_0: left promiscuous mode [ 278.547129][ T1092] hsr_slave_1: left promiscuous mode [ 278.550573][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 278.554549][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 278.562799][ T1092] hsr_slave_0: left promiscuous mode [ 278.570344][ T1092] hsr_slave_1: left promiscuous mode [ 278.573945][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 278.577356][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 278.581503][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 278.585639][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 278.592944][ T1092] hsr_slave_0: left promiscuous mode [ 278.596464][ T1092] hsr_slave_1: left promiscuous mode [ 278.599974][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 278.603217][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 278.608545][ T1092] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 278.612588][ T1092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 278.620927][ T1092] veth1_macvtap: left promiscuous mode [ 278.624072][ T1092] veth0_macvtap: left promiscuous mode [ 278.627916][ T1092] veth1_vlan: left promiscuous mode [ 278.630823][ T1092] veth0_vlan: left promiscuous mode [ 278.634418][ T1092] veth1_macvtap: left promiscuous mode [ 278.637059][ T1092] veth0_macvtap: left promiscuous mode [ 278.640169][ T1092] veth1_vlan: left promiscuous mode [ 278.642927][ T1092] veth0_vlan: left promiscuous mode [ 279.132348][ T1092] team0 (unregistering): Port device team_slave_1 removed [ 279.207408][ T1092] team0 (unregistering): Port device team_slave_0 removed [ 279.618530][ T1092] team0 (unregistering): Port device team_slave_1 removed [ 279.690261][ T1092] team0 (unregistering): Port device team_slave_0 removed [ 280.260087][ T1092] team0 (unregistering): Port device team_slave_1 removed [ 280.330191][ T1092] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 19:26:18 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84f94295 RDI=ffffffff94d59e00 RBP=ffffffff94d59dc0 RSP=ffffc900255eed18 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6465746e69612e36 R12=0000000000000000 R13=0000000000000061 R14=ffffffff84f94230 R15=0000000000000000 RIP=ffffffff84f942bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002009f000 CR3=000000002589c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000004520 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000001 RBX=0000000000044c80 RCX=1ffffffff295a37c RDX=1ffff110041b1ba9 RSI=ffffffff8b8fb520 RDI=ffffffff8b8fb560 RBP=ffff88803fffa740 RSP=ffffc90002bdf4b8 R8 =0000000000000000 R9 =ffffed100fffadb8 R10=ffff88807ffd6740 R11=0000000000000000 R12=0000000000000001 R13=0000000000000003 R14=ffffc90002bdf720 R15=dffffc0000000000 RIP=ffffffff81dff9c0 RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f9167490d00 ffffffff 00c00000 GS =0000 ffff88802c100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000560027d66e95 CR3=00000000258d4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000004520 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffca7a68e30 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=3ea4e1303ea4e130 3ea4e1303ea4e130 3ea4e1303ea4e130 3ea4e1303ea4e130 3ea4e1303ea4e130 3ea4e1303ea4e130 3ea4e1303ea4e130 3ea4e1303ea4e130 ZMM22=4fb10c304fb10c30 4fb10c304fb10c30 4fb10c304fb10c30 4fb10c304fb10c30 4fb10c304fb10c30 4fb10c304fb10c30 4fb10c304fb10c30 4fb10c304fb10c30 ZMM23=2761da022761da02 2761da022761da02 2761da022761da02 2761da022761da02 2761da022761da02 2761da022761da02 2761da022761da02 2761da022761da02 ZMM24=3855cf8a3855cf8a 3855cf8a3855cf8a 3855cf8a3855cf8a 3855cf8a3855cf8a 3855cf8a3855cf8a 3855cf8a3855cf8a 3855cf8a3855cf8a 3855cf8a3855cf8a ZMM25=47cbd4fd47cbd4fd 47cbd4fd47cbd4fd 47cbd4fd47cbd4fd 47cbd4fd47cbd4fd 47cbd4fd47cbd4fd 47cbd4fd47cbd4fd 47cbd4fd47cbd4fd 47cbd4fd47cbd4fd ZMM26=6f37281d6f37281d 6f37281d6f37281d 6f37281d6f37281d 6f37281d6f37281d 6f37281d6f37281d 6f37281d6f37281d 6f37281d6f37281d 6f37281d6f37281d ZMM27=6de2fdbe6de2fdbe 6de2fdbe6de2fdbe 6de2fdbe6de2fdbe 6de2fdbe6de2fdbe 6de2fdbe6de2fdbe 6de2fdbe6de2fdbe 6de2fdbe6de2fdbe 6de2fdbe6de2fdbe ZMM28=000000c0000000bf 000000be000000bd 000000bc000000bb 000000ba000000b9 000000b8000000b7 000000b6000000b5 000000b4000000b3 000000b2000000b1 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=5e1a00005e1a0000 5e1a00005e1a0000 5e1a00005e1a0000 5e1a00005e1a0000 5e1a00005e1a0000 5e1a00005e1a0000 5e1a00005e1a0000 5e1a00005e1a0000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffffc90023acf1a8 RCX=ffffffff813c8c1d RDX=ffff88801b5cc880 RSI=0000000000000001 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc90023acf0c8 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000002 R11=dffffc0000000000 R12=ffffffff906e68ac R13=ffffffff906e68b1 R14=0000000000000002 R15=ffffc90023acf1dd RIP=ffffffff818e8e90 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c200000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000581b097c CR3=0000000000f5c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000004520 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000080010001 RBX=ffff8880208e0000 RCX=ffffffff85eea8e9 RDX=ffff8880195da440 RSI=ffffffff85eea8f2 RDI=0000000000000005 RBP=0000000000000000 RSP=ffffc900005f0da8 R8 =0000000000000005 R9 =0000000000000000 R10=0000000020000000 R11=ffffc900005f0ff8 R12=ffffc9000041e100 R13=ffff88801922e028 R14=0000000000000000 R15=ffff88801f666828 RIP=ffffffff85eea8f7 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000003340bff8 CR3=0000000069a7e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000 00ff000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000