last executing test programs: 2.069730717s ago: executing program 2 (id=4292): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000001540)={0x0, 0x0, 0x0, 0x0, 0x0, "dd93105df100"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSWINSZ(r1, 0x5414, 0x0) 1.959962425s ago: executing program 2 (id=4293): ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendto$packet(0xffffffffffffffff, &(0x7f0000001200)="d141362e4c1bf63cf13a51220800ffe19b04f2b0c93e599bdaf1c0e55278fd0af21b", 0x22, 0x0, &(0x7f0000000640)={0x11, 0x0, r0, 0x1, 0x0, 0x6, @remote}, 0x14) 1.880727938s ago: executing program 2 (id=4294): socket$netlink(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$inet_udp(0x2, 0x2, 0x0) socket$packet(0x11, 0x3, 0x300) socket$key(0xf, 0x3, 0x2) bpf$ENABLE_STATS(0x20, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES32=r1, @ANYRES16=r0], 0x20}, 0x1, 0xc00000000000000}, 0x0) bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="4c00030007"], 0xd) 1.749173436s ago: executing program 2 (id=4295): socket$packet(0x11, 0x2, 0x300) socket$inet6_sctp(0xa, 0x801, 0x84) socket$kcm(0x10, 0x2, 0x0) syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_io_uring_setup(0x5169, &(0x7f0000000200), 0x0, 0x0) syz_io_uring_setup(0xd79, &(0x7f00000035c0), 0x0, 0x0) pipe(&(0x7f0000000100)) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000140)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}}, 0x0) 1.540494896s ago: executing program 1 (id=4298): ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'rose0\x00'}) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) 1.416946608s ago: executing program 1 (id=4299): bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000780), 0x8) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x16, 0x13, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x72}}, @printk={@s}]}, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x38, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 1.416737479s ago: executing program 2 (id=4300): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x8, 0xa}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000e000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c250000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x80) 1.296209826s ago: executing program 2 (id=4303): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r0, 0x0, 0x0) 1.295761659s ago: executing program 1 (id=4304): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000880)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd3860800000080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c600000000d7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000638477fbac141716e000030a07070403fe80000000000002845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0x0, 0x700}, 0x2c) 1.140625408s ago: executing program 1 (id=4307): openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_vs\x00') read$FUSE(r0, &(0x7f0000006040)={0x2020}, 0x8f5) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) openat$capi20(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) 1.049956528s ago: executing program 1 (id=4309): sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setscheduler(0x0, 0x2, &(0x7f0000000200)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, 0x0, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) getpid() r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r4}, 0x10) syz_open_dev$vim2m(0x0, 0x0, 0x2) prctl$PR_GET_TSC(0x43, &(0x7f0000000040)) 630.569835ms ago: executing program 0 (id=4319): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x9) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000780)={'wlan1\x00'}) setsockopt$RXRPC_UPGRADEABLE_SERVICE(r0, 0x110, 0x5, &(0x7f00000007c0)=[0x1], 0x2) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="fcdc1604205e8cbbcefaad894e19dd76e431f2acbdc43e180a716aa978260bb201846ad8e0653a2e9eb529c15826987a813ae0cc1fd310a4495968bdb7ed03db0ca60249aef7cfd4e54da42edf35ea4f7131faa56dc3046d7592b94fb5454f7ebf573000b19bb4f82b2908a4c5d925ef5c54574e45db55ddcaa0ea36cc4c470b8f949329edfd", @ANYRES32=r3, @ANYRES32=r2, @ANYRESDEC=r2], 0xfc}}, 0x20000000) socket$inet(0x2, 0x3, 0x7) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000125bd7000fedbdf25010000000800060004000000080006000000000008000400060000001400028008000612030000000800070005000000"], 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x10) sendmsg$IPVS_CMD_DEL_DEST(r1, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000600)=ANY=[@ANYBLOB="f0000000e4e933868ca12d147cd6e89f820be0980bd68a", @ANYRES16=0x0, @ANYBLOB="00082cbd7000fddbdf25070000003800018006000200040000000800050002000000080006006f766600060004004e2200000c0007000400000003000000060004004e2100000800050001f0ffff0800040008000000400002800800090004000000080008000700000006000b00020000000800060000000000080006000900000014000100fe8800000000000000000000000000010c00018006000100020000004000038006000400070000000500080004000000050008000700000008000500640101001400460000000000000000000000ffffffffffff05000800060000000800060007000000"], 0xf0}, 0x1, 0x0, 0x0, 0x10}, 0x48804) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f0000000300)='io\x00') read$FUSE(r0, &(0x7f0000001c00)={0x2020}, 0x2020) preadv(r4, &(0x7f0000000280)=[{&(0x7f0000000000)=""/142, 0x8e}], 0x1, 0x0, 0x0) socket(0x2b, 0x2, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000340)={'team0\x00', 0x0}) setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000080)={r6, 0x1, 0x6, @remote}, 0x10) setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000140)={r6, 0x1, 0x6, @random="98622cad9baa"}, 0xfffffffffffffe01) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'syz_tun\x00', 0x0}) setsockopt$packet_add_memb(r5, 0x107, 0x1, &(0x7f0000000180)={r7, 0x1, 0x6, @remote}, 0x10) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x11, @multicast1, 0x0, 0x0, 'lblcr\x00'}, 0x2c) read(r4, &(0x7f0000001b00)=""/194, 0xc2) 430.777223ms ago: executing program 3 (id=4322): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000000f40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000d40)=""/60, 0x3c}], 0x1}}], 0x2, 0x0, 0x0) sendmsg$IPCTNL_MSG_EXP_GET(r1, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000d80)={0x14}, 0x14}}, 0x0) 339.037819ms ago: executing program 3 (id=4323): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x0) r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300000000000085000000ad000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$P9_RMKNOD(r1, &(0x7f0000000040)={0x14}, 0x14) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000005c0)={r3, 0xffffffffffffffff, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)=[0x0], 0x0, 0x0, 0x1}}, 0x3c) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) chdir(&(0x7f00000000c0)='./bus\x00') creat(&(0x7f0000000440)='./file0\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)=[0x0], 0x0, 0x0, 0x1}}, 0x40) close_range(r0, 0xffffffffffffffff, 0x0) 338.776132ms ago: executing program 0 (id=4324): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000001540)={0x0, 0x0, 0x0, 0x0, 0x0, "dd93105df100"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSWINSZ(r1, 0x5414, 0x0) 238.900494ms ago: executing program 0 (id=4325): bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r1}}, 0x10) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000440)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000340)=0x1, r1, 0x0, 0x1, 0x4}}, 0x20) 238.504002ms ago: executing program 3 (id=4326): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000002f80)={0x2c, r1, 0xc4fc9e906872378b, 0x0, 0x0, {{0x5}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x4}]}]}]}]}, 0x2c}}, 0x0) 170.589086ms ago: executing program 0 (id=4327): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="38020000300009007fffffff000000000700002c040006801e0001"], 0x238}}, 0x0) 170.116265ms ago: executing program 3 (id=4328): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0x0, 0x1}, 0x6) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r1, &(0x7f0000000000), 0x0) 169.896583ms ago: executing program 1 (id=4329): socket(0x0, 0x0, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000080)={0x3, 'batadv0\x00'}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f00000004c0)="5703e62a20d6d5cd51879ceee6", 0xd, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004c8]}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 68.464047ms ago: executing program 0 (id=4330): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x72) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x14, 0x12, 0xa01, 0x0, 0x0, {0x80}}, 0x14}}, 0x0) 68.256036ms ago: executing program 3 (id=4331): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000000f40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000d40)=""/60, 0x3c}], 0x1}}], 0x2, 0x0, 0x0) sendmsg$IPCTNL_MSG_EXP_GET(r1, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000d80)={0x14}, 0x14}}, 0x0) 509.7µs ago: executing program 3 (id=4332): socket$nl_route(0x10, 0x3, 0x0) r0 = socket(0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000001280)=[{&(0x7f0000001f00)=""/102382, 0x18fee}, {0x0}], 0x2, 0x0, 0xc3e) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r2, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, &(0x7f0000000240)={@hyper}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, &(0x7f0000000300)={{@host}, @host, 0x0, 0x0, 0x1}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r2, 0x7a8, &(0x7f0000000000)={{@my=0x1}, @my=0x1, 0x0, 0x0, 0x421}) ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r2, 0x7a9, &(0x7f00000003c0)={{@host}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff8, 0x4}) 0s ago: executing program 0 (id=4333): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x3, 0x2000000000000145, 0x0, &(0x7f0000000ac0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xfe68}, 0xcd) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4188aec6, &(0x7f0000000040)) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) kernel console output (not intermixed with test programs): r" sig=0 arch=40000003 syscall=443 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 408.302399][ T39] audit: type=1326 audit(1722617330.677:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12771 comm="syz.3.2452" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 408.315570][ T39] audit: type=1326 audit(1722617330.677:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12771 comm="syz.3.2452" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 408.711483][T12783] netlink: 19 bytes leftover after parsing attributes in process `syz.2.2455'. [ 409.990726][T12820] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2471'. [ 410.409241][T12845] vxcan1: entered allmulticast mode [ 410.538898][T12849] vxcan1: left allmulticast mode [ 410.702560][T12857] fuse: Bad value for 'fd' [ 410.969392][T12865] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 410.994854][T12865] tipc: Enabled bearer , priority 0 [ 411.590444][ T5361] Bluetooth: hci6: command 0x0406 tx timeout [ 411.788771][ C2] vkms_vblank_simulate: vblank timer overrun [ 411.855814][T12871] netlink: 47 bytes leftover after parsing attributes in process `syz.3.2491'. [ 413.477025][ T5404] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 413.721529][ T5404] usb 5-1: config 0 has an invalid interface number: 117 but max is 0 [ 413.725358][ T5404] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 413.747056][ T5404] usb 5-1: config 0 has no interface number 0 [ 413.755285][ T5404] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 413.768936][ T5404] usb 5-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 413.815304][ T5404] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0 [ 413.827174][ T5404] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 413.832870][ T5404] usb 5-1: Product: syz [ 413.837387][ T5404] usb 5-1: Manufacturer: syz [ 413.839754][ T5404] usb 5-1: SerialNumber: syz [ 413.849069][ T5404] usb 5-1: config 0 descriptor?? [ 414.113733][T12918] pimreg: entered allmulticast mode [ 414.121175][T12918] pimreg: left allmulticast mode [ 415.160690][ T39] audit: type=1400 audit(1722617337.627:205): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=12940 comm="syz.3.2518" [ 415.188257][T12941] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2518'. [ 416.377226][T12986] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0 [ 416.422656][ T5436] usb 5-1: USB disconnect, device number 31 [ 417.141215][ T39] audit: type=1326 audit(1722617339.607:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13015 comm="syz.0.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 417.162543][ T39] audit: type=1326 audit(1722617339.607:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13015 comm="syz.0.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 417.188027][ T39] audit: type=1326 audit(1722617339.607:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13015 comm="syz.0.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 417.220295][ T39] audit: type=1326 audit(1722617339.607:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13015 comm="syz.0.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 417.232320][ T39] audit: type=1326 audit(1722617339.607:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13015 comm="syz.0.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 417.250771][ T39] audit: type=1326 audit(1722617339.617:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13015 comm="syz.0.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 417.260973][ T39] audit: type=1326 audit(1722617339.617:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13015 comm="syz.0.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 417.271799][ T39] audit: type=1326 audit(1722617339.617:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13015 comm="syz.0.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 417.283891][ T39] audit: type=1326 audit(1722617339.627:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13015 comm="syz.0.2542" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 418.184742][ T5351] Bluetooth: hci8: unexpected event for opcode 0x204e [ 418.827994][T13062] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 418.830965][T13062] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 418.835800][T13062] vhci_hcd vhci_hcd.0: Device attached [ 418.844150][T13062] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(5) [ 418.847120][T13062] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 418.850800][T13062] vhci_hcd vhci_hcd.0: Device attached [ 418.868927][T13062] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(7) [ 418.871871][T13062] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 418.875279][T13062] vhci_hcd vhci_hcd.0: Device attached [ 418.879710][T13067] vhci_hcd: connection closed [ 418.881495][T13065] vhci_hcd: connection closed [ 418.883731][T13063] vhci_hcd: connection closed [ 418.887226][ T1101] vhci_hcd: stop threads [ 418.891979][ T1101] vhci_hcd: release socket [ 418.895356][ T1101] vhci_hcd: disconnect device [ 418.897802][ T1101] vhci_hcd: stop threads [ 418.899308][ T1101] vhci_hcd: release socket [ 418.900940][ T1101] vhci_hcd: disconnect device [ 418.903028][ T1101] vhci_hcd: stop threads [ 418.905009][ T1101] vhci_hcd: release socket [ 418.908215][ T1101] vhci_hcd: disconnect device [ 419.816961][ T5390] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 419.961010][T13120] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 419.964066][T13120] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 419.969288][T13120] vhci_hcd vhci_hcd.0: Device attached [ 419.979283][T13120] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(5) [ 419.982248][T13120] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 419.985688][T13120] vhci_hcd vhci_hcd.0: Device attached [ 419.998845][T13120] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(7) [ 420.006549][T13120] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 420.010202][T13120] vhci_hcd vhci_hcd.0: Device attached [ 420.014517][T13121] vhci_hcd: connection closed [ 420.015087][T13127] vhci_hcd: connection closed [ 420.016605][ T1101] vhci_hcd: stop threads [ 420.016960][ T5390] usb 5-1: Using ep0 maxpacket: 32 [ 420.017824][T13125] vhci_hcd: connection closed [ 420.019036][ T5390] usb 5-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e [ 420.019061][ T5390] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 420.021196][ T5390] usb 5-1: config 0 descriptor?? [ 420.029560][ T1101] vhci_hcd: release socket [ 420.029574][ T1101] vhci_hcd: disconnect device [ 420.037168][ T1101] vhci_hcd: stop threads [ 420.040651][ T1101] vhci_hcd: release socket [ 420.042556][ T1101] vhci_hcd: disconnect device [ 420.059144][ T1101] vhci_hcd: stop threads [ 420.061112][ T1101] vhci_hcd: release socket [ 420.063045][ T1101] vhci_hcd: disconnect device [ 420.066303][ T5390] usb 5-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state [ 420.098048][ T5390] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 420.102805][ T5390] dvbdev: DVB: registering new adapter (HCW 126xxx) [ 420.106003][ T5390] usb 5-1: media controller created [ 420.109766][T13132] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2584'. [ 420.171384][ T5390] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 420.205352][ T5390] usb 5-1: selecting invalid altsetting 1 [ 420.207848][ T5390] set interface failed [ 420.208481][ T5390] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 420.213321][ T5390] error writing reg: 0xff, val: 0x00 [ 420.240122][ T5390] dvb_usb_mxl111sf 5-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22 [ 420.274599][ T57] usb 5-1: USB disconnect, device number 32 [ 420.704738][ C3] vkms_vblank_simulate: vblank timer overrun [ 421.011560][T13155] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 421.014431][T13155] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 421.023077][T13155] vhci_hcd vhci_hcd.0: Device attached [ 421.030137][T13155] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(5) [ 421.033134][T13155] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 421.036508][T13155] vhci_hcd vhci_hcd.0: Device attached [ 421.049767][T13155] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(7) [ 421.052787][T13155] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 421.056834][T13155] vhci_hcd vhci_hcd.0: Device attached [ 421.060635][T13158] vhci_hcd: connection closed [ 421.061408][T13160] vhci_hcd: connection closed [ 421.073248][ T13] vhci_hcd: stop threads [ 421.077951][T13156] vhci_hcd: connection closed [ 421.088129][ T13] vhci_hcd: release socket [ 421.092350][ T13] vhci_hcd: disconnect device [ 421.110262][ T13] vhci_hcd: stop threads [ 421.112229][ T13] vhci_hcd: release socket [ 421.129429][ T13] vhci_hcd: disconnect device [ 421.134519][ T13] vhci_hcd: stop threads [ 421.136574][ T13] vhci_hcd: release socket [ 421.139505][ T13] vhci_hcd: disconnect device [ 421.357015][ T57] usb 8-1: new high-speed USB device number 27 using dummy_hcd [ 421.542351][ T57] usb 8-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af [ 421.547619][ T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.555355][ T57] usb 8-1: config 0 descriptor?? [ 421.561541][ T57] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 421.721799][T13184] fuse: Bad value for 'fd' [ 421.846784][ T5351] Bluetooth: hci9: unexpected event for opcode 0x0428 [ 422.040997][ T57] gspca_sonixj: reg_w1 err -71 [ 422.048618][ T57] sonixj 8-1:0.0: probe with driver sonixj failed with error -71 [ 422.058183][ T57] usb 8-1: USB disconnect, device number 27 [ 422.824479][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 422.824729][T13201] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 422.831510][T13201] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 422.842654][T13201] vhci_hcd vhci_hcd.0: Device attached [ 422.854352][T13201] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(5) [ 422.857385][T13201] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 422.867385][T13201] vhci_hcd vhci_hcd.0: Device attached [ 422.888932][T13201] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(7) [ 422.891814][T13201] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 422.895237][T13201] vhci_hcd vhci_hcd.0: Device attached [ 422.899726][T13206] vhci_hcd: connection closed [ 422.901481][T13204] vhci_hcd: connection closed [ 422.904205][T13202] vhci_hcd: connection closed [ 422.912985][ T1101] vhci_hcd: stop threads [ 422.916830][ T1101] vhci_hcd: release socket [ 422.925502][ T1101] vhci_hcd: disconnect device [ 422.930410][ T1101] vhci_hcd: stop threads [ 422.935320][ T1101] vhci_hcd: release socket [ 422.941531][ T1101] vhci_hcd: disconnect device [ 422.944429][ T1101] vhci_hcd: stop threads [ 422.946742][ T1101] vhci_hcd: release socket [ 422.949666][ T1101] vhci_hcd: disconnect device [ 423.092486][T13213] fuse: Bad value for 'fd' [ 423.466528][T13237] fuse: Bad value for 'fd' [ 424.044716][ T5351] Bluetooth: hci8: unexpected event for opcode 0x0428 [ 425.006482][T13318] overlayfs: failed to resolve './file0': -2 [ 425.374290][ T5351] Bluetooth: hci6: unexpected event for opcode 0x0428 [ 425.909306][ T5351] Bluetooth: hci9: Controller not accepting commands anymore: ncmd = 0 [ 425.913621][ T5351] Bluetooth: hci9: Injecting HCI hardware error event [ 425.919757][ T5361] Bluetooth: hci9: hardware error 0x00 [ 426.509531][T13371] overlayfs: failed to resolve './file1': -2 [ 427.987786][ T5361] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 428.073028][ T5361] Bluetooth: hci8: Controller not accepting commands anymore: ncmd = 0 [ 428.076987][ T5361] Bluetooth: hci8: Injecting HCI hardware error event [ 428.082572][ T5351] Bluetooth: hci8: hardware error 0x00 [ 429.419881][T13473] syz.0.2724[13473] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 429.420057][T13473] syz.0.2724[13473] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 429.426340][T13473] syz.0.2724[13473] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 429.433874][ T5361] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0 [ 429.435161][T13473] syz.0.2724[13473] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 429.439673][ T5361] Bluetooth: hci6: Injecting HCI hardware error event [ 429.459110][ T5361] Bluetooth: hci6: hardware error 0x00 [ 430.147605][ T5351] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 430.154629][ T5351] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 430.168244][ T5351] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 430.173046][ T5351] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 430.179801][ T6895] syz_tun (unregistering): left promiscuous mode [ 430.191565][ T5351] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 430.195994][ T5351] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 430.200074][ T5351] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 430.413958][T13502] chnl_net:caif_netlink_parms(): no params data found [ 430.579244][T13502] bridge0: port 1(bridge_slave_0) entered blocking state [ 430.582112][T13502] bridge0: port 1(bridge_slave_0) entered disabled state [ 430.584979][T13502] bridge_slave_0: entered allmulticast mode [ 430.596763][T13502] bridge_slave_0: entered promiscuous mode [ 430.603611][T13502] bridge0: port 2(bridge_slave_1) entered blocking state [ 430.606719][T13502] bridge0: port 2(bridge_slave_1) entered disabled state [ 430.612838][T13502] bridge_slave_1: entered allmulticast mode [ 430.622802][T13502] bridge_slave_1: entered promiscuous mode [ 430.713656][T13502] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 430.729212][T13502] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 430.811831][T13502] team0: Port device team_slave_0 added [ 430.823370][T13502] team0: Port device team_slave_1 added [ 430.943427][T13502] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 430.950033][T13502] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 430.979206][T13502] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 430.986178][T13502] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 430.994167][T13502] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 431.012498][T13502] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 431.213829][T13502] hsr_slave_0: entered promiscuous mode [ 431.237102][T13502] hsr_slave_1: entered promiscuous mode [ 431.244784][T13502] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 431.248221][T13502] Cannot create hsr debugfs directory [ 431.509831][ T5361] Bluetooth: hci6: Opcode 0x0c03 failed: -110 [ 431.670881][T13502] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.765106][T13502] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.878431][T13502] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 431.947003][ T5436] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 431.947003][T13502] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 432.129543][ T5436] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 432.133683][ T5436] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 432.149444][ T5436] usb 5-1: config 0 descriptor?? [ 432.154286][T13502] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 432.154746][ T5436] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 432.217049][T13502] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 432.225517][T13502] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 432.244109][T13502] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 432.307107][ T5361] Bluetooth: hci4: command tx timeout [ 432.342311][T13502] 8021q: adding VLAN 0 to HW filter on device bond0 [ 432.386525][T13502] 8021q: adding VLAN 0 to HW filter on device team0 [ 432.401843][ T5413] bridge0: port 1(bridge_slave_0) entered blocking state [ 432.404901][ T5413] bridge0: port 1(bridge_slave_0) entered forwarding state [ 432.421800][ T1426] bridge0: port 2(bridge_slave_1) entered blocking state [ 432.425047][ T1426] bridge0: port 2(bridge_slave_1) entered forwarding state [ 432.461306][T13502] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 432.559228][ T5436] cpia1 5-1:0.0: unexpected state after lo power cmd: 00 [ 432.660418][T13502] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 432.750701][T13502] veth0_vlan: entered promiscuous mode [ 432.762166][T13502] veth1_vlan: entered promiscuous mode [ 432.809304][T13502] veth0_macvtap: entered promiscuous mode [ 432.818344][T13502] veth1_macvtap: entered promiscuous mode [ 432.850186][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 432.854894][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 432.863075][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 432.869051][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 432.873512][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 432.879654][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 432.884187][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 432.889282][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 432.896336][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 432.901910][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 432.907577][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 432.912385][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 432.917725][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 432.926975][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 432.931670][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 432.936663][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 432.943196][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 432.948939][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 432.959858][T13502] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 432.978330][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 432.983634][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 432.990738][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 432.999322][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.004789][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 433.010603][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.015185][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 433.020840][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.025388][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 433.030942][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.035485][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 433.041206][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.045515][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 433.050882][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.055317][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 433.062418][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.073900][T13502] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 433.078715][T13502] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.093053][T13502] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 433.109628][T13502] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 433.114362][T13502] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 433.120517][T13502] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 433.124288][T13502] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 433.285252][ T1190] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 433.298701][ T1190] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 433.352985][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 433.359590][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 433.379464][ T5436] gspca_cpia1: usb_control_msg 03, error -71 [ 433.382181][ T5436] cpia1 5-1:0.0: unexpected systemstate: 00 [ 433.397138][ T5436] usb 5-1: USB disconnect, device number 33 [ 433.511386][T13591] netlink: 19 bytes leftover after parsing attributes in process `syz.3.2757'. [ 433.967020][T13606] netlink: 228 bytes leftover after parsing attributes in process `syz.2.2761'. [ 433.971355][T13606] netlink: 228 bytes leftover after parsing attributes in process `syz.2.2761'. [ 434.322414][T13624] devtmpfs: Bad value for 'mpol' [ 434.387035][ T5361] Bluetooth: hci4: command tx timeout [ 434.402090][T13629] fuse: Bad value for 'group_id' [ 434.405076][T13629] fuse: Bad value for 'group_id' [ 434.983843][T13651] netlink: 19 bytes leftover after parsing attributes in process `syz.1.2778'. [ 435.299242][T13657] tipc: Failed to remove unknown binding: 66,1,1/4:1095595896/1095595898 [ 435.303699][T13657] tipc: Failed to remove unknown binding: 66,1,1/4:1095595896/1095595898 [ 436.467284][ T5361] Bluetooth: hci4: command tx timeout [ 436.549596][T13700] netlink: 19 bytes leftover after parsing attributes in process `syz.3.2799'. [ 436.915445][ T39] kauditd_printk_skb: 8 callbacks suppressed [ 436.915462][ T39] audit: type=1326 audit(1722617359.377:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13722 comm="syz.0.2806" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73ee579 code=0x0 [ 437.212010][T13743] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 437.216488][T13743] IPv6: NLM_F_CREATE should be set when creating new route [ 437.219880][T13743] IPv6: NLM_F_CREATE should be set when creating new route [ 437.715327][T13760] block nbd3: shutting down sockets [ 438.547762][ T5361] Bluetooth: hci4: command tx timeout [ 439.041104][T13828] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 439.063600][T13828] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(5) [ 439.066919][T13828] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 439.074800][T13828] vhci_hcd vhci_hcd.0: Device attached [ 439.094317][T13828] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(7) [ 439.097535][T13828] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 439.119889][T13828] vhci_hcd vhci_hcd.0: Device attached [ 439.127153][T13832] vhci_hcd: connection closed [ 439.128479][T13829] vhci_hcd: connection closed [ 439.130548][ T1099] vhci_hcd: stop threads [ 439.141211][ T1099] vhci_hcd: release socket [ 439.143311][ T1099] vhci_hcd: disconnect device [ 439.145664][ T1099] vhci_hcd: stop threads [ 439.149077][ T1099] vhci_hcd: release socket [ 439.151165][ T1099] vhci_hcd: disconnect device [ 439.571570][T13842] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2844'. [ 440.477604][T13869] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 440.480632][T13869] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 440.484392][T13869] vhci_hcd vhci_hcd.0: Device attached [ 440.494145][T13869] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 440.501576][T13869] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(7) [ 440.504586][T13869] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 440.517344][T13869] vhci_hcd vhci_hcd.0: Device attached [ 440.524993][T13873] vhci_hcd: connection closed [ 440.525381][ T1100] vhci_hcd: stop threads [ 440.526609][T13870] vhci_hcd: connection closed [ 440.531513][ T1100] vhci_hcd: release socket [ 440.541832][ T1100] vhci_hcd: disconnect device [ 440.549426][ T1100] vhci_hcd: stop threads [ 440.553549][ T1100] vhci_hcd: release socket [ 440.561345][ T1100] vhci_hcd: disconnect device [ 441.107378][T13903] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2870'. [ 441.865756][T13941] netlink: 19 bytes leftover after parsing attributes in process `syz.2.2886'. [ 442.476170][T13960] netlink: 19 bytes leftover after parsing attributes in process `syz.1.2895'. [ 442.523693][T13965] netlink: 'syz.1.2898': attribute type 28 has an invalid length. [ 442.739226][T13986] fuse: Unknown parameter 'group_i00000000000000000000' [ 442.739604][T13985] netlink: 19 bytes leftover after parsing attributes in process `syz.1.2908'. [ 442.990794][T14009] netlink: 19 bytes leftover after parsing attributes in process `syz.1.2918'. [ 443.103662][T14014] netlink: 47 bytes leftover after parsing attributes in process `syz.2.2920'. [ 443.226983][ T5436] usb 8-1: new high-speed USB device number 28 using dummy_hcd [ 443.413814][ T5436] usb 8-1: Using ep0 maxpacket: 8 [ 443.451698][ T5436] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 443.457808][ T5436] usb 8-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 443.466997][ T5436] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 443.470543][ T5436] usb 8-1: SerialNumber: syz [ 443.485461][ T5436] usb 8-1: config 0 descriptor?? [ 443.498651][ T5436] usb 8-1: Found UVC 0.00 device (05ac:8501) [ 443.504838][ T5436] uvcvideo 8-1:0.0: Entity type for entity Output 255 was not initialized! [ 443.535843][ T5436] usb 8-1: Failed to create links for entity 255 [ 443.546030][ T5436] usb 8-1: Failed to register entities (-22). [ 443.654396][T14031] netlink: 19 bytes leftover after parsing attributes in process `syz.0.2927'. [ 443.707358][ T832] usb 8-1: USB disconnect, device number 28 [ 444.307295][T14051] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2933'. [ 444.312363][T14051] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 444.316797][T14051] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 444.323989][ T39] audit: type=1326 audit(1722617366.787:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14050 comm="syz.3.2934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 444.355290][ T39] audit: type=1326 audit(1722617366.787:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14050 comm="syz.3.2934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 444.392006][ T39] audit: type=1326 audit(1722617366.787:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14050 comm="syz.3.2934" exe="/syz-executor" sig=0 arch=40000003 syscall=322 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 444.404493][ T39] audit: type=1326 audit(1722617366.787:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14050 comm="syz.3.2934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 444.414645][ T39] audit: type=1326 audit(1722617366.787:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14050 comm="syz.3.2934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 444.434605][ T39] audit: type=1326 audit(1722617366.787:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14050 comm="syz.3.2934" exe="/syz-executor" sig=0 arch=40000003 syscall=325 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 444.446686][ T39] audit: type=1326 audit(1722617366.797:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14050 comm="syz.3.2934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 444.470386][ T39] audit: type=1326 audit(1722617366.797:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14050 comm="syz.3.2934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 444.591195][T14061] netlink: 19 bytes leftover after parsing attributes in process `syz.3.2938'. [ 444.876152][T14073] fuse: Unknown parameter 'group_i00000000000000000000' [ 445.089677][T14082] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 445.092361][T14082] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 445.123392][T14082] vhci_hcd vhci_hcd.0: Device attached [ 445.157049][T14087] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(6) [ 445.160346][T14087] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 445.177516][T14087] vhci_hcd vhci_hcd.0: Device attached [ 445.186565][T14082] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 445.217882][T14079] block nbd1: shutting down sockets [ 445.224662][T14092] netlink: 47 bytes leftover after parsing attributes in process `syz.2.2948'. [ 445.258045][T14088] vhci_hcd: connection closed [ 445.258321][T14083] vhci_hcd: connection closed [ 445.260835][ T1100] vhci_hcd: stop threads [ 445.278371][ T1100] vhci_hcd: release socket [ 445.286200][ T1100] vhci_hcd: disconnect device [ 445.317063][ T1100] vhci_hcd: stop threads [ 445.318788][ T1100] vhci_hcd: release socket [ 445.320937][ T1100] vhci_hcd: disconnect device [ 445.327185][ T1426] vhci_hcd: vhci_device speed not set [ 445.357446][ T1376] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.893655][T14121] fuse: Unknown parameter 'group_id00000000000000000000' [ 446.041076][T14127] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2959'. [ 447.057728][T14144] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 447.060825][T14144] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 447.066139][T14144] vhci_hcd vhci_hcd.0: Device attached [ 447.090867][T14144] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(5) [ 447.093698][T14144] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 447.098905][T14144] vhci_hcd vhci_hcd.0: Device attached [ 447.104540][T14144] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 447.109523][T14147] vhci_hcd: connection closed [ 447.109722][ T1100] vhci_hcd: stop threads [ 447.110082][T14145] vhci_hcd: connection closed [ 447.111899][ T1100] vhci_hcd: release socket [ 447.120674][ T1100] vhci_hcd: disconnect device [ 447.123122][ T1100] vhci_hcd: stop threads [ 447.125150][ T1100] vhci_hcd: release socket [ 447.128692][ T1100] vhci_hcd: disconnect device [ 448.099097][T14177] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2977'. [ 448.137212][T14179] fuse: Bad value for 'user_id' [ 448.139480][T14179] fuse: Bad value for 'user_id' [ 449.339679][T14231] syz_tun: entered promiscuous mode [ 449.352787][T14231] syz_tun: left promiscuous mode [ 449.392331][T14236] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3002'. [ 450.599034][T14271] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3015'. [ 451.019573][T14291] fuse: Bad value for 'fd' [ 451.137859][T14297] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3026'. [ 451.570145][T14310] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3029'. [ 452.509128][T14334] fuse: Bad value for 'fd' [ 452.834377][T14350] netlink: 47 bytes leftover after parsing attributes in process `syz.0.3046'. [ 452.842133][T14354] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3050'. [ 453.212636][T14379] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3063'. [ 453.640409][T14427] netlink: 'syz.2.3085': attribute type 1 has an invalid length. [ 453.732683][T14440] netlink: 47 bytes leftover after parsing attributes in process `syz.3.3091'. [ 454.042052][T14467] netlink: 47 bytes leftover after parsing attributes in process `syz.2.3104'. [ 455.071924][T14482] fuse: Invalid rootmode [ 455.553322][T14495] loop0: detected capacity change from 0 to 128 [ 456.827722][T14512] fuse: Invalid rootmode [ 457.253844][T14533] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3130'. [ 457.691699][T14537] fuse: Invalid rootmode [ 458.285053][ T39] audit: type=1326 audit(1722617380.747:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.2.3133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000 [ 458.295344][ T39] audit: type=1326 audit(1722617380.747:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.2.3133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000 [ 458.307070][ T39] audit: type=1326 audit(1722617380.757:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.2.3133" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f45579 code=0x7ffc0000 [ 458.334058][ T39] audit: type=1326 audit(1722617380.757:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.2.3133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000 [ 458.347352][ T39] audit: type=1326 audit(1722617380.757:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.2.3133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000 [ 458.356513][ T39] audit: type=1326 audit(1722617380.767:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.2.3133" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7f45579 code=0x7ffc0000 [ 458.375247][ T39] audit: type=1326 audit(1722617380.767:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.2.3133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000 [ 458.384722][ T39] audit: type=1326 audit(1722617380.767:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.2.3133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000 [ 458.395425][ T39] audit: type=1326 audit(1722617380.767:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.2.3133" exe="/syz-executor" sig=0 arch=40000003 syscall=42 compat=1 ip=0xf7f45579 code=0x7ffc0000 [ 458.405194][ T39] audit: type=1326 audit(1722617380.767:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14545 comm="syz.2.3133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f45579 code=0x7ffc0000 [ 458.766500][T14556] tipc: Started in network mode [ 458.769660][T14556] tipc: Node identity ac1414aa, cluster identity 4711 [ 458.774669][T14556] tipc: Enabled bearer , priority 10 [ 458.843863][T14560] fuse: Bad value for 'rootmode' [ 459.766969][ T8] tipc: Node number set to 2886997162 [ 459.822149][T14588] fuse: Bad value for 'rootmode' [ 460.268934][T14614] fuse: Unknown parameter 'use00000000000000000000' [ 461.040245][T14641] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3173'. [ 461.281151][ C3] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 461.365525][T14667] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3185'. [ 461.431990][T14670] mac80211_hwsim hwsim23 »»»»»»: renamed from wlan0 (while UP) [ 461.729303][T14690] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3195'. [ 463.170539][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 464.445416][ T1100] Bluetooth: hci10: Frame reassembly failed (-84) [ 464.787134][ T5354] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 464.791531][ T5354] Bluetooth: hci4: Injecting HCI hardware error event [ 464.797652][ T5354] Bluetooth: hci4: hardware error 0x00 [ 465.537145][ T5351] Bluetooth: hci4: unexpected event for opcode 0x0428 [ 465.693029][T14869] fuse: Unknown parameter 'user_id00000000000000000000' [ 465.797741][T14873] overlayfs: failed to resolve './file0': -2 [ 465.999615][T14884] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3247'. [ 466.036305][T14884] bridge0: port 1(bridge_slave_0) entered disabled state [ 466.206091][T14884] bridge_slave_0 (unregistering): left allmulticast mode [ 466.227249][T14884] bridge_slave_0 (unregistering): left promiscuous mode [ 466.230870][T14884] bridge0: port 1(bridge_slave_0) entered disabled state [ 466.467054][ T5361] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 466.467156][ T5351] Bluetooth: hci10: command 0x1003 tx timeout [ 466.781618][T14909] overlayfs: failed to resolve './file0': -2 [ 466.877030][ T5354] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 467.880013][ C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 468.019021][T14940] fuse: Bad value for 'fd' [ 468.379367][T14950] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3269'. [ 468.418262][T14950] bridge0: port 1(bridge_slave_0) entered disabled state [ 468.427777][ T10] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 468.511636][T14950] bridge_slave_0 (unregistering): left allmulticast mode [ 468.515414][T14950] bridge_slave_0 (unregistering): left promiscuous mode [ 468.519528][T14950] bridge0: port 1(bridge_slave_0) entered disabled state [ 468.661500][ T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 468.665695][ T10] usb 6-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 468.686912][ T10] usb 6-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0 [ 468.691258][ T10] usb 6-1: config 0 interface 0 has no altsetting 0 [ 468.694080][ T10] usb 6-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00 [ 468.709377][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 468.714735][ T10] usb 6-1: config 0 descriptor?? [ 468.723447][ T13] Bluetooth: hci10: Frame reassembly failed (-84) [ 469.145366][ T10] zeroplus 0003:0C12:0005.0014: item fetching failed at offset 1/5 [ 469.156484][ T10] zeroplus 0003:0C12:0005.0014: parse failed [ 469.159987][ T10] zeroplus 0003:0C12:0005.0014: probe with driver zeroplus failed with error -22 [ 469.334871][T14961] netlink: 47 bytes leftover after parsing attributes in process `syz.2.3277'. [ 469.351472][ T5404] usb 6-1: USB disconnect, device number 15 [ 470.200482][T14985] netlink: 47 bytes leftover after parsing attributes in process `syz.1.3287'. [ 470.498899][T15003] netlink: 19 bytes leftover after parsing attributes in process `syz.1.3295'. [ 470.787286][ T5361] Bluetooth: hci10: command 0x1003 tx timeout [ 470.791931][ T5354] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 470.978558][ T5361] Bluetooth: hci10: sending frame failed (-49) [ 470.984274][ T5354] Bluetooth: hci10: Opcode 0x1003 failed: -49 [ 471.245670][T15025] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3303'. [ 471.579458][T15036] fuse: Bad value for 'fd' [ 471.942274][T15043] netlink: 47 bytes leftover after parsing attributes in process `syz.2.3311'. [ 471.960353][T15045] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3312'. [ 472.693225][T15061] fuse: Unknown parameter '0x0000000000000004' [ 473.027379][T15072] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3322'. [ 473.300869][T15085] fuse: Unknown parameter '0x0000000000000004' [ 473.617080][ T832] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 473.767275][ T832] usb 5-1: device descriptor read/64, error -71 [ 473.789221][T15095] pim6reg1: entered promiscuous mode [ 473.791478][T15095] pim6reg1: entered allmulticast mode [ 473.826515][T15098] netlink: 47 bytes leftover after parsing attributes in process `syz.3.3333'. [ 474.012799][T15107] fuse: Unknown parameter '0x0000000000000004' [ 474.046969][ T832] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 474.197084][ T832] usb 5-1: device descriptor read/64, error -71 [ 474.327178][ T832] usb usb5-port1: attempt power cycle [ 474.356514][T15120] netlink: 47 bytes leftover after parsing attributes in process `syz.1.3342'. [ 474.749600][ T832] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 474.778034][ T832] usb 5-1: device descriptor read/8, error -71 [ 475.047046][ T832] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 475.087683][ T832] usb 5-1: device descriptor read/8, error -71 [ 475.147015][T15140] netlink: 47 bytes leftover after parsing attributes in process `syz.3.3352'. [ 475.207517][ T832] usb usb5-port1: unable to enumerate USB device [ 475.466548][T15150] overlayfs: missing 'lowerdir' [ 475.564733][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 475.753267][T15163] netlink: 47 bytes leftover after parsing attributes in process `syz.3.3362'. [ 476.163266][ C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 476.846645][T15193] netlink: 47 bytes leftover after parsing attributes in process `syz.1.3373'. [ 476.915041][T15195] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3374'. [ 477.022658][T15199] ptrace attach of "/syz-executor exec"[9372] was attempted by "/syz-executor exec"[15199] [ 477.452297][T15221] fuse: Unknown parameter 'fd0x0000000000000004' [ 477.501046][ C3] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 477.644087][T15232] overlayfs: missing 'lowerdir' [ 478.184215][T15262] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3400'. [ 478.235995][T15267] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 478.239936][T15267] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 478.865403][T15299] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 478.868099][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 478.877595][T15299] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 479.792756][T15331] fuse: Unknown parameter 'fd0x0000000000000004' [ 480.497499][ T5482] usb 8-1: new high-speed USB device number 29 using dummy_hcd [ 480.679590][ T5482] usb 8-1: config 0 has too many interfaces: 255, using maximum allowed: 32 [ 480.683807][ T5482] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 480.688913][ T5482] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 255 [ 480.694960][ T5482] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 480.700291][ T5482] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 480.704875][ T5482] usb 8-1: SerialNumber: syz [ 480.711144][ T5482] usb 8-1: config 0 descriptor?? [ 480.932068][ T8] usb 8-1: USB disconnect, device number 29 [ 481.296940][ T39] kauditd_printk_skb: 59 callbacks suppressed [ 481.296957][ T39] audit: type=1326 audit(1722617403.757:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15373 comm="syz.1.3438" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x0 [ 481.525795][T15381] netlink: 19 bytes leftover after parsing attributes in process `syz.2.3442'. [ 482.060273][ T5361] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 482.065277][ T5361] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 482.075070][ T5361] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 482.081958][ T5361] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 482.087281][ T5361] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 482.093214][ T5361] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 482.318453][T15398] chnl_net:caif_netlink_parms(): no params data found [ 482.341000][T15413] netlink: 19 bytes leftover after parsing attributes in process `syz.1.3452'. [ 482.520240][T15398] bridge0: port 1(bridge_slave_0) entered blocking state [ 482.523432][T15398] bridge0: port 1(bridge_slave_0) entered disabled state [ 482.526627][T15398] bridge_slave_0: entered allmulticast mode [ 482.533173][T15398] bridge_slave_0: entered promiscuous mode [ 482.539426][T15398] bridge0: port 2(bridge_slave_1) entered blocking state [ 482.542698][T15398] bridge0: port 2(bridge_slave_1) entered disabled state [ 482.546112][T15398] bridge_slave_1: entered allmulticast mode [ 482.551112][T15398] bridge_slave_1: entered promiscuous mode [ 482.674300][T15432] netlink: 19 bytes leftover after parsing attributes in process `syz.3.3460'. [ 482.717104][T15398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 482.732473][T15398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 482.785628][T15443] random: crng reseeded on system resumption [ 482.833543][ T39] audit: type=1326 audit(1722617405.297:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15437 comm="syz.1.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 482.854550][ T39] audit: type=1326 audit(1722617405.297:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15437 comm="syz.1.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 482.865171][ T39] audit: type=1326 audit(1722617405.297:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15437 comm="syz.1.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 482.875732][ T39] audit: type=1326 audit(1722617405.297:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15437 comm="syz.1.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 482.886313][ T39] audit: type=1326 audit(1722617405.297:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15437 comm="syz.1.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 482.897233][ T39] audit: type=1326 audit(1722617405.297:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15437 comm="syz.1.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 482.907007][ T39] audit: type=1326 audit(1722617405.297:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15437 comm="syz.1.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 482.916577][ T39] audit: type=1326 audit(1722617405.297:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15437 comm="syz.1.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 482.927791][ T39] audit: type=1326 audit(1722617405.297:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15437 comm="syz.1.3463" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 482.937636][T15398] team0: Port device team_slave_0 added [ 482.941578][T15398] team0: Port device team_slave_1 added [ 483.038306][T15398] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 483.048612][T15398] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 483.081344][T15398] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 483.094814][T15398] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 483.104643][T15398] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 483.131866][T15398] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 483.309336][T15398] hsr_slave_0: entered promiscuous mode [ 483.322105][T15398] hsr_slave_1: entered promiscuous mode [ 483.325723][T15398] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 483.336337][T15398] Cannot create hsr debugfs directory [ 483.659100][T15398] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 483.664028][T15398] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 483.814434][T15482] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3480'. [ 483.916574][T15398] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 483.921945][T15398] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 483.932945][T15488] netlink: 47 bytes leftover after parsing attributes in process `syz.3.3483'. [ 484.022739][T15398] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 484.027556][T15398] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.148658][ T5354] Bluetooth: hci9: command tx timeout [ 484.181628][T15398] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 484.186325][T15398] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.483924][T15398] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 484.515206][T15398] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 484.536131][T15398] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 484.551913][T15398] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 484.745385][T15398] 8021q: adding VLAN 0 to HW filter on device bond0 [ 484.766217][T15398] 8021q: adding VLAN 0 to HW filter on device team0 [ 484.777537][ T5404] bridge0: port 1(bridge_slave_0) entered blocking state [ 484.781197][ T5404] bridge0: port 1(bridge_slave_0) entered forwarding state [ 484.819518][ T5404] bridge0: port 2(bridge_slave_1) entered blocking state [ 484.822689][ T5404] bridge0: port 2(bridge_slave_1) entered forwarding state [ 484.858402][T15398] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 484.863585][T15398] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 485.076776][T15398] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 485.103490][T15522] netlink: 47 bytes leftover after parsing attributes in process `syz.1.3492'. [ 485.168242][T15398] veth0_vlan: entered promiscuous mode [ 485.179042][T15398] veth1_vlan: entered promiscuous mode [ 485.261037][T15398] veth0_macvtap: entered promiscuous mode [ 485.269935][T15398] veth1_macvtap: entered promiscuous mode [ 485.288085][ T57] usb 8-1: new high-speed USB device number 30 using dummy_hcd [ 485.313373][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 485.318231][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.343324][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 485.348597][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.352651][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 485.358289][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.362054][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 485.366544][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.371473][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 485.376045][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.391429][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 485.397122][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.401511][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 485.406119][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.420459][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 485.429476][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.434067][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 485.438594][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.442408][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 485.446766][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.453782][T15398] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 485.465526][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 485.470469][ T57] usb 8-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=9f.d4 [ 485.471438][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.492081][ T57] usb 8-1: New USB device strings: Mfr=188, Product=0, SerialNumber=0 [ 485.503513][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 485.511584][ T57] usb 8-1: Manufacturer: syz [ 485.524256][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.532874][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 485.540899][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.545881][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 485.550724][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.554524][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 485.560035][ T57] usb 8-1: config 0 descriptor?? [ 485.561228][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.567656][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 485.571958][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.576118][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 485.584241][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.597299][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 485.601815][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.606166][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 485.613038][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.619474][T15398] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 485.624061][T15398] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.639285][T15398] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 485.684419][T15398] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 485.690047][T15398] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 485.695846][T15398] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 485.699707][T15398] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 485.810389][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 485.815210][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 485.860809][ T1101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 485.864311][ T1101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 485.994465][ T57] gs_usb 8-1:0.0: Couldn't get device config: (err=-71) [ 486.000610][ T57] gs_usb 8-1:0.0: probe with driver gs_usb failed with error -71 [ 486.014701][ T57] usb 8-1: USB disconnect, device number 30 [ 486.074245][ T832] bridge0: port 2(bridge_slave_1) entered disabled state [ 486.201612][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 486.228264][ T5354] Bluetooth: hci9: command tx timeout [ 486.566985][ T57] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 486.714882][T15557] netlink: 19 bytes leftover after parsing attributes in process `syz.3.3504'. [ 486.762193][ T57] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 486.776970][ T57] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 486.792037][ T57] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 486.802743][ T57] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 486.817686][ T57] usb 7-1: Product: syz [ 486.820261][ T57] usb 7-1: Manufacturer: syz [ 486.824999][ T57] usb 7-1: SerialNumber: syz [ 487.903767][ T57] cdc_ncm 7-1:1.0: bind() failure [ 487.911068][ T57] cdc_ncm 7-1:1.1: CDC Union missing and no IAD found [ 487.914793][ T57] cdc_ncm 7-1:1.1: bind() failure [ 487.927148][ T57] usb 7-1: USB disconnect, device number 19 [ 488.156786][T15584] netlink: 19 bytes leftover after parsing attributes in process `syz.1.3513'. [ 488.320234][ T5354] Bluetooth: hci9: command tx timeout [ 488.520469][T15601] Bluetooth: MGMT ver 1.23 [ 488.785460][ T39] kauditd_printk_skb: 15 callbacks suppressed [ 488.785479][ T39] audit: type=1326 audit(1722617411.247:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15623 comm="syz.3.3526" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 488.797772][ T39] audit: type=1326 audit(1722617411.247:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15623 comm="syz.3.3526" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 488.809825][ T39] audit: type=1326 audit(1722617411.277:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15623 comm="syz.3.3526" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 488.818763][ T39] audit: type=1326 audit(1722617411.277:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15623 comm="syz.3.3526" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 488.837549][ T39] audit: type=1326 audit(1722617411.277:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15623 comm="syz.3.3526" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 488.849313][ T39] audit: type=1326 audit(1722617411.277:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15623 comm="syz.3.3526" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 488.862105][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 488.868427][ T39] audit: type=1326 audit(1722617411.277:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15623 comm="syz.3.3526" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 488.878996][ T39] audit: type=1326 audit(1722617411.277:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15623 comm="syz.3.3526" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 488.889076][ T39] audit: type=1326 audit(1722617411.277:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15623 comm="syz.3.3526" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 488.899500][ T39] audit: type=1326 audit(1722617411.277:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15623 comm="syz.3.3526" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 489.069790][T11832] syz_tun: left allmulticast mode [ 489.084519][T11832] syz_tun: left promiscuous mode [ 489.095350][ T5361] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 489.102592][ T5361] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 489.106719][ T5361] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 489.120042][ T5361] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 489.140283][ T5361] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 489.144279][ T5361] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 489.413728][ T1101] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 489.534534][T15657] netlink: 19 bytes leftover after parsing attributes in process `syz.1.3540'. [ 489.584376][ T1101] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 489.665393][T15634] chnl_net:caif_netlink_parms(): no params data found [ 489.690625][ T1101] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 489.815132][ T1101] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 489.924304][T15634] bridge0: port 1(bridge_slave_0) entered blocking state [ 489.936388][T15634] bridge0: port 1(bridge_slave_0) entered disabled state [ 489.945421][T15634] bridge_slave_0: entered allmulticast mode [ 489.954279][T15634] bridge_slave_0: entered promiscuous mode [ 489.970318][T15634] bridge0: port 2(bridge_slave_1) entered blocking state [ 489.989512][T15634] bridge0: port 2(bridge_slave_1) entered disabled state [ 489.995479][T15634] bridge_slave_1: entered allmulticast mode [ 489.999737][T15634] bridge_slave_1: entered promiscuous mode [ 490.104268][T15634] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 490.142538][T15634] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 490.336659][T15634] team0: Port device team_slave_0 added [ 490.344784][T15634] team0: Port device team_slave_1 added [ 490.387327][ T5354] Bluetooth: hci9: command tx timeout [ 490.388541][ T1101] bridge_slave_1: left allmulticast mode [ 490.393847][ T1101] bridge_slave_1: left promiscuous mode [ 490.396556][ T1101] bridge0: port 2(bridge_slave_1) entered disabled state [ 490.606597][T15683] netlink: 19 bytes leftover after parsing attributes in process `syz.3.3548'. [ 490.662251][ T1101] erspan0 (unregistering): left allmulticast mode [ 491.277055][ T5354] Bluetooth: hci8: command tx timeout [ 491.299957][T15704] overlayfs: missing 'workdir' [ 491.322985][ T1101] bond0 (unregistering): (slave ): Releasing backup interface [ 491.333962][ T1101] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 491.342291][ T1101] bond0 (unregistering): Released all slaves [ 491.410440][T15687] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3550'. [ 491.449578][T15634] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 491.487340][T15634] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 491.517370][T15634] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 491.522955][ T1101] tipc: Left network mode [ 491.526620][T15634] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 491.534192][T15634] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 491.566062][T15634] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 491.891722][T15634] hsr_slave_0: entered promiscuous mode [ 491.911482][T15634] hsr_slave_1: entered promiscuous mode [ 491.920121][T15634] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 491.928501][T15634] Cannot create hsr debugfs directory [ 491.942951][T15729] overlayfs: missing 'workdir' [ 492.092718][ T1101] team0: left promiscuous mode [ 492.094707][ T1101] team_slave_0: left promiscuous mode [ 492.097866][ T1101] team_slave_1: left promiscuous mode [ 492.116168][ T1101] dummy0: left promiscuous mode [ 492.152977][ T1101] hsr_slave_0: left promiscuous mode [ 492.161183][ T1101] hsr_slave_1: left promiscuous mode [ 492.164790][ T1101] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 492.169648][ T1101] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 492.173930][ T1101] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 492.178012][ T1101] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 492.232443][ T1101] veth1_macvtap: left promiscuous mode [ 492.235170][ T1101] veth0_macvtap: left promiscuous mode [ 492.239440][ T1101] veth1_vlan: left promiscuous mode [ 492.241956][ T1101] veth0_vlan: left promiscuous mode [ 492.316791][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 493.072260][T15761] netlink: 19 bytes leftover after parsing attributes in process `syz.2.3578'. [ 493.347669][ T5354] Bluetooth: hci8: command tx timeout [ 493.862766][ T1101] team0 (unregistering): Port device team_slave_1 removed [ 494.037516][ T1101] team0 (unregistering): Port device team_slave_0 removed [ 494.820332][T15763] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3579'. [ 495.446000][ T5354] Bluetooth: hci8: command tx timeout [ 495.493899][T15790] bridge10: the hash_elasticity option has been deprecated and is always 16 [ 495.794671][ C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 495.868680][ T39] kauditd_printk_skb: 62 callbacks suppressed [ 495.868692][ T39] audit: type=1326 audit(1722617418.327:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15811 comm="syz.2.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000 [ 495.880397][ T39] audit: type=1326 audit(1722617418.337:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15811 comm="syz.2.3597" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000 [ 496.436133][T15634] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 496.445352][T15634] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 496.464553][T15634] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 496.474568][T15634] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 496.616554][T15634] 8021q: adding VLAN 0 to HW filter on device bond0 [ 496.637492][T15634] 8021q: adding VLAN 0 to HW filter on device team0 [ 496.647048][ T30] bridge0: port 1(bridge_slave_0) entered blocking state [ 496.650603][ T30] bridge0: port 1(bridge_slave_0) entered forwarding state [ 496.655198][T15853] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3609'. [ 496.689927][ T30] bridge0: port 2(bridge_slave_1) entered blocking state [ 496.693086][ T30] bridge0: port 2(bridge_slave_1) entered forwarding state [ 496.786805][T15634] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 496.796960][T15634] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 497.035296][T15634] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 497.050393][T15885] tipc: Started in network mode [ 497.052649][T15885] tipc: Node identity 8, cluster identity 4711 [ 497.055258][T15885] tipc: Node number set to 8 [ 497.160528][T15634] veth0_vlan: entered promiscuous mode [ 497.179280][T15634] veth1_vlan: entered promiscuous mode [ 497.221357][T15634] veth0_macvtap: entered promiscuous mode [ 497.231475][T15634] veth1_macvtap: entered promiscuous mode [ 497.252347][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 497.258714][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.264042][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 497.268417][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.272729][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 497.277387][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.281737][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 497.290574][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.294947][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 497.301199][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.308634][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 497.313668][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.318543][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 497.322914][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.327325][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 497.332613][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.337336][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 497.341415][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.345191][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 497.350809][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.358280][T15634] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 497.373014][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.376730][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.393205][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.402538][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.414686][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.423381][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.428324][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.433206][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.437866][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.442218][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.446561][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.451040][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.455545][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.460345][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.464771][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.470607][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.474941][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.480920][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.485262][T15634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 497.490651][T15634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 497.497858][T15634] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 497.515262][ T5354] Bluetooth: hci8: command tx timeout [ 497.527960][T15634] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.537010][T15634] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.545838][T15634] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.554225][T15634] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 497.768884][T14498] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 497.778212][T14498] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 497.794579][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 497.809614][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 498.383939][T15930] tipc: Started in network mode [ 498.386117][T15930] tipc: Node identity 8, cluster identity 4711 [ 498.397305][T15930] tipc: Node number set to 8 [ 499.245347][ T5361] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 499.255579][ T5361] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 499.261157][ T5361] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 499.266666][ T5361] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 499.272623][ T5361] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 499.276230][ T5361] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 499.522061][T15965] chnl_net:caif_netlink_parms(): no params data found [ 499.590857][T14498] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 499.689965][ T39] audit: type=1326 audit(1722617422.157:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15988 comm="syz.0.3647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 499.704500][ T39] audit: type=1326 audit(1722617422.157:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15988 comm="syz.0.3647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 499.719396][ T39] audit: type=1326 audit(1722617422.157:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15988 comm="syz.0.3647" exe="/syz-executor" sig=0 arch=40000003 syscall=275 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 499.755094][ T39] audit: type=1326 audit(1722617422.157:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15988 comm="syz.0.3647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 499.769777][T14498] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 499.770130][ T39] audit: type=1326 audit(1722617422.157:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15988 comm="syz.0.3647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 499.788715][T15995] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3642'. [ 499.793920][T15994] netlink: 19 bytes leftover after parsing attributes in process `syz.0.3648'. [ 499.996070][T14498] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 500.028389][T15965] bridge0: port 1(bridge_slave_0) entered blocking state [ 500.031874][T15965] bridge0: port 1(bridge_slave_0) entered disabled state [ 500.035102][T15965] bridge_slave_0: entered allmulticast mode [ 500.048616][T15965] bridge_slave_0: entered promiscuous mode [ 500.054847][T15965] bridge0: port 2(bridge_slave_1) entered blocking state [ 500.071346][T15965] bridge0: port 2(bridge_slave_1) entered disabled state [ 500.074751][T15965] bridge_slave_1: entered allmulticast mode [ 500.079414][T15965] bridge_slave_1: entered promiscuous mode [ 500.118086][T14498] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 500.236126][T15965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 500.251390][T15965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 500.393176][T15965] team0: Port device team_slave_0 added [ 500.425975][ T39] audit: type=1326 audit(1722617422.887:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16017 comm="syz.2.3656" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x0 [ 500.449210][T15965] team0: Port device team_slave_1 added [ 500.486944][ T56] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 500.546331][T14498] bridge_slave_1: left allmulticast mode [ 500.549794][T14498] bridge_slave_1: left promiscuous mode [ 500.552763][T14498] bridge0: port 2(bridge_slave_1) entered disabled state [ 500.669001][ T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 500.674254][ T56] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 500.682296][ T56] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 500.686449][ T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 500.694184][ T56] usb 6-1: config 0 descriptor?? [ 501.115861][ T56] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 501.122806][ T56] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 501.126106][ T56] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 501.129984][ T56] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 501.133786][ T56] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 501.138729][ T56] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 501.142083][ T56] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 501.145424][ T56] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 501.149233][ T56] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 501.152363][ T56] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0 [ 501.155614][ T56] plantronics 0003:047F:FFFF.0015: unbalanced collection at end of report description [ 501.161044][ T56] plantronics 0003:047F:FFFF.0015: parse failed [ 501.163974][ T56] plantronics 0003:047F:FFFF.0015: probe with driver plantronics failed with error -22 [ 501.314523][ T5482] usb 6-1: USB disconnect, device number 16 [ 501.347802][ T5354] Bluetooth: hci6: command tx timeout [ 501.348496][ T5361] Bluetooth: hci9: Controller not accepting commands anymore: ncmd = 0 [ 501.355943][ T5361] Bluetooth: hci9: Injecting HCI hardware error event [ 501.361791][ T5354] Bluetooth: hci9: hardware error 0x00 [ 501.975282][T14498] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 501.985553][T14498] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 502.037636][T14498] bond0 (unregistering): Released all slaves [ 502.049546][T15965] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 502.052266][T15965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 502.076903][T15965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 502.100765][T15965] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 502.103949][T15965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 502.123232][T15965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 502.162219][ T5361] Bluetooth: hci8: Controller not accepting commands anymore: ncmd = 0 [ 502.166390][ T5361] Bluetooth: hci8: Injecting HCI hardware error event [ 502.172393][ T5351] Bluetooth: hci8: hardware error 0x00 [ 502.297956][T14498] tipc: Disabling bearer [ 502.317303][T14498] tipc: Disabling bearer [ 502.324862][T14498] tipc: Left network mode [ 502.349449][T15965] hsr_slave_0: entered promiscuous mode [ 502.373541][T15965] hsr_slave_1: entered promiscuous mode [ 502.386400][T15965] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 502.392023][T15965] Cannot create hsr debugfs directory [ 502.596959][ T5482] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 502.647307][ T5389] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 502.774002][T14498] hsr_slave_0: left promiscuous mode [ 502.776761][T14498] hsr_slave_1: left promiscuous mode [ 502.780032][ T5482] usb 6-1: Using ep0 maxpacket: 32 [ 502.783207][T14498] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 502.785356][ T5482] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 502.785597][T14498] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 502.791378][ T5482] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 502.803183][ T5482] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 502.808176][ T5482] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 502.811332][T14498] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 502.816461][T14498] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 502.819656][ T5482] usb 6-1: config 0 interface 0 has no altsetting 0 [ 502.826123][ T5482] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 502.827075][ T5389] usb 7-1: Using ep0 maxpacket: 32 [ 502.830475][ T5482] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 502.837318][ T5482] usb 6-1: Product: syz [ 502.838403][ T5389] usb 7-1: config index 0 descriptor too short (expected 156, got 27) [ 502.839500][ T5482] usb 6-1: Manufacturer: syz [ 502.839517][ T5482] usb 6-1: SerialNumber: syz [ 502.841409][ T5482] usb 6-1: config 0 descriptor?? [ 502.842998][ T5389] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 502.850134][ T5482] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 502.856693][ T5389] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 502.860184][ T5482] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 502.867760][ T5389] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 502.875771][ T5389] usb 7-1: config 0 interface 0 has no altsetting 0 [ 502.885897][ T5389] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 502.894526][ T5389] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 502.903098][ T5389] usb 7-1: Product: syz [ 502.906708][ T5389] usb 7-1: Manufacturer: syz [ 502.911480][T14498] veth1_macvtap: left promiscuous mode [ 502.912536][ T5389] usb 7-1: SerialNumber: syz [ 502.913960][T14498] veth0_macvtap: left promiscuous mode [ 502.918905][T14498] veth1_vlan: left promiscuous mode [ 502.919169][ T5389] usb 7-1: config 0 descriptor?? [ 502.921455][T14498] veth0_vlan: left promiscuous mode [ 502.926594][ T5389] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 502.937153][ T5389] ldusb 7-1:0.0: LD USB Device #1 now attached to major 180 minor 1 [ 503.088258][ T5482] usb 6-1: USB disconnect, device number 17 [ 503.090942][ C3] ldusb 6-1:0.0: usb_submit_urb failed (-19) [ 503.102020][ T5482] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 503.249845][ T5404] usb 7-1: USB disconnect, device number 20 [ 503.253778][ T5404] ldusb 7-1:0.0: LD USB Device #1 now disconnected [ 503.437203][ T5361] Bluetooth: hci6: command tx timeout [ 503.442439][ T5354] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 504.309377][ T5351] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 504.486473][T14498] team0 (unregistering): Port device team_slave_1 removed [ 504.570729][T14498] team0 (unregistering): Port device team_slave_0 removed [ 505.490113][T16054] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3667'. [ 505.511833][ T5351] Bluetooth: hci6: command tx timeout [ 505.559550][T16070] program syz.1.3672 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 505.618898][ T39] audit: type=1326 audit(1722617428.087:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16073 comm="syz.1.3674" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x0 [ 506.086248][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 506.090366][T15965] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 506.101931][T15965] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 506.111976][T15965] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 506.126347][T15965] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 506.185747][T14498] IPVS: stop unused estimator thread 0... [ 506.270924][T15965] 8021q: adding VLAN 0 to HW filter on device bond0 [ 506.311480][T15965] 8021q: adding VLAN 0 to HW filter on device team0 [ 506.329972][ T5436] bridge0: port 1(bridge_slave_0) entered blocking state [ 506.333079][ T5436] bridge0: port 1(bridge_slave_0) entered forwarding state [ 506.354797][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 506.358317][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 506.388781][T16109] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3684'. [ 506.636451][T15965] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 506.733918][T16132] raw_sendmsg: syz.0.3691 forgot to set AF_INET. Fix it! [ 506.745206][ T56] bridge0: port 2(bridge_slave_1) entered disabled state [ 506.799628][ T1376] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.821282][T15965] veth0_vlan: entered promiscuous mode [ 506.850425][T15965] veth1_vlan: entered promiscuous mode [ 506.879636][ T39] audit: type=1326 audit(1722617429.337:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16142 comm="syz.2.3696" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x0 [ 506.903351][T15965] veth0_macvtap: entered promiscuous mode [ 506.921184][T15965] veth1_macvtap: entered promiscuous mode [ 506.942001][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 506.947189][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 506.951391][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 506.955743][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 506.962394][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 506.966815][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 506.971830][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 506.975794][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 506.987512][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 506.991484][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 506.995638][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 507.003482][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.008224][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 507.012793][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.018586][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 507.022983][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.026723][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 507.033096][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.038158][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 507.042378][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.066498][T15965] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 507.085471][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 507.092042][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.096175][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 507.101496][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.105953][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 507.111620][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.115973][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 507.120621][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.124712][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 507.139005][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.142838][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 507.146773][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.150768][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 507.157113][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.160811][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 507.164848][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.169037][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 507.173442][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.178224][T15965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 507.183134][T15965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 507.190882][T15965] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 507.199037][T15965] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 507.203509][T15965] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 507.207638][T15965] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 507.217562][T15965] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 507.463716][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 507.473747][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 507.532419][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 507.535796][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 507.597843][ T5351] Bluetooth: hci6: command tx timeout [ 507.915818][T16190] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3714'. [ 508.046208][ T39] audit: type=1326 audit(1722617430.507:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16204 comm="syz.3.3719" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x0 [ 509.340739][T16237] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3732'. [ 510.905889][T16349] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3777'. [ 511.400750][T16369] netlink: 224 bytes leftover after parsing attributes in process `syz.0.3786'. [ 511.482919][T16375] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3787'. [ 511.486235][T16373] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3789'. [ 511.839382][T16397] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 511.856080][T16397] CIFS mount error: No usable UNC path provided in device string! [ 511.856080][T16397] [ 511.862041][T16397] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 512.443541][T16424] sctp: [Deprecated]: syz.3.3807 (pid 16424) Use of struct sctp_assoc_value in delayed_ack socket option. [ 512.443541][T16424] Use struct sctp_sack_info instead [ 512.603261][ T39] audit: type=1326 audit(1722617435.067:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16431 comm="syz.3.3812" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x0 [ 512.653062][T16435] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3814'. [ 512.967368][T16455] netlink: 56 bytes leftover after parsing attributes in process `syz.2.3823'. [ 513.013615][T16461] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3826'. [ 513.437241][ T56] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 513.637020][ T56] usb 7-1: Using ep0 maxpacket: 8 [ 513.642010][ T56] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 513.645848][ T56] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 513.650315][ T56] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 513.656335][ T56] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 513.661803][ T56] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 513.668445][ T56] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 513.672346][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 513.899214][ T56] usb 7-1: usb_control_msg returned -32 [ 513.902403][ T56] usbtmc 7-1:16.0: can't read capabilities [ 514.028735][T16501] netlink: 83 bytes leftover after parsing attributes in process `syz.3.3845'. [ 514.469893][T16512] usbtmc 7-1:16.0: usb_control_msg returned -71 [ 514.473330][ T56] usb 7-1: USB disconnect, device number 21 [ 514.872388][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 514.930064][T16544] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3863'. [ 515.531786][T16551] vxfs: WRONG superblock magic 00000000 at 1 [ 515.543490][T16551] vxfs: WRONG superblock magic 00000000 at 8 [ 515.551144][T16551] vxfs: can't find superblock. [ 516.351202][ T39] audit: type=1326 audit(1722617438.817:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16567 comm="syz.2.3872" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x0 [ 516.442758][T16570] netlink: 'syz.1.3873': attribute type 29 has an invalid length. [ 516.446688][T16570] netlink: 'syz.1.3873': attribute type 29 has an invalid length. [ 516.450292][T16570] netlink: 'syz.1.3873': attribute type 29 has an invalid length. [ 516.494354][ T39] audit: type=1326 audit(1722617438.957:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16572 comm="syz.1.3874" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x0 [ 517.079280][ T13] vlan0: left allmulticast mode [ 517.081578][ T13] veth0_vlan: left allmulticast mode [ 517.083962][ T13] vlan0: left promiscuous mode [ 517.086491][ T13] bridge0: port 4(vlan0) entered disabled state [ 517.092935][ T13] team0: left allmulticast mode [ 517.095168][ T13] team_slave_0: left allmulticast mode [ 517.098684][ T13] team_slave_1: left allmulticast mode [ 517.101498][ T13] bridge0: port 3(team0) entered disabled state [ 517.114048][ T13] bridge_slave_1: left allmulticast mode [ 517.116991][ T13] bridge_slave_1: left promiscuous mode [ 517.119624][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 517.124962][ T13] bridge_slave_0: left allmulticast mode [ 517.128066][ T13] bridge_slave_0: left promiscuous mode [ 517.130746][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 518.792241][ T13]  (unregistering): (slave bond_slave_0): Releasing backup interface [ 518.801494][ T13]  (unregistering): (slave bond_slave_1): Releasing backup interface [ 518.812491][ T13]  (unregistering): Released all slaves [ 518.822872][T16595] netlink: 'syz.1.3882': attribute type 29 has an invalid length. [ 519.244576][T16631] netlink: 'syz.3.3897': attribute type 29 has an invalid length. [ 519.252218][T16631] netlink: 'syz.3.3897': attribute type 29 has an invalid length. [ 519.256987][T16631] netlink: 'syz.3.3897': attribute type 29 has an invalid length. [ 519.470740][ T13] hsr_slave_0: left promiscuous mode [ 519.476458][ T13] hsr_slave_1: left promiscuous mode [ 519.480873][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 519.484318][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 519.490719][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 519.493885][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 519.517222][ T56] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 519.546343][ T13] veth1_macvtap: left promiscuous mode [ 519.549273][ T13] veth0_macvtap: left promiscuous mode [ 519.551999][ T13] veth1_vlan: left promiscuous mode [ 519.554395][ T13] veth0_vlan: left promiscuous mode [ 519.709017][ T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 519.713802][ T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 519.724971][ T56] usb 7-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00 [ 519.742400][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 519.756753][ T56] usb 7-1: config 0 descriptor?? [ 520.202883][ T56] elo 0003:04E7:0030.0016: item fetching failed at offset 5/7 [ 520.215377][ T56] elo 0003:04E7:0030.0016: parse failed [ 520.219384][ T56] elo 0003:04E7:0030.0016: probe with driver elo failed with error -22 [ 520.281467][ T39] audit: type=1326 audit(1722617442.747:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.3905" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 520.291159][ T39] audit: type=1326 audit(1722617442.747:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.3905" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 520.304291][ T39] audit: type=1326 audit(1722617442.747:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.3905" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 520.316285][ T39] audit: type=1326 audit(1722617442.747:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.3905" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 520.327148][ T39] audit: type=1326 audit(1722617442.747:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.3905" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 520.337234][ T39] audit: type=1326 audit(1722617442.747:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.3905" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 520.347194][ T39] audit: type=1326 audit(1722617442.747:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.3905" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 520.360172][ T39] audit: type=1326 audit(1722617442.747:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.3905" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 520.377670][ T39] audit: type=1326 audit(1722617442.747:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.3905" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 520.390220][ T39] audit: type=1326 audit(1722617442.747:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16646 comm="syz.0.3905" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 520.402407][ T56] usb 7-1: USB disconnect, device number 22 [ 521.494602][ T13] team_slave_1 (unregistering): left promiscuous mode [ 521.509871][ T13] team0 (unregistering): Port device team_slave_1 removed [ 521.691536][ T13] team_slave_0 (unregistering): left promiscuous mode [ 521.697220][ T13] team0 (unregistering): Port device team_slave_0 removed [ 521.718850][T16664] IPv4: Oversized IP packet from 127.202.26.0 [ 522.127259][T16672] syz.2.3914[16672] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 522.127413][T16672] syz.2.3914[16672] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 523.521225][ T13] IPVS: stop unused estimator thread 0... [ 523.687877][ T1101] Bluetooth: hci10: Frame reassembly failed (-84) [ 525.760724][ T5351] Bluetooth: hci10: Opcode 0x1003 failed: -110 [ 526.162842][T16762] netlink: 'syz.0.3949': attribute type 29 has an invalid length. [ 526.172623][T16762] netlink: 'syz.0.3949': attribute type 29 has an invalid length. [ 526.182849][T16762] netlink: 'syz.0.3949': attribute type 29 has an invalid length. [ 527.121387][T16794] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3960'. [ 527.384892][T16806] netlink: 'syz.0.3966': attribute type 29 has an invalid length. [ 527.393714][T16806] netlink: 'syz.0.3966': attribute type 29 has an invalid length. [ 527.398105][T16806] netlink: 'syz.0.3966': attribute type 29 has an invalid length. [ 527.422805][T16809] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 527.471903][ T39] kauditd_printk_skb: 241 callbacks suppressed [ 527.471919][ T39] audit: type=1326 audit(1722617449.937:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16808 comm="syz.2.3967" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000 [ 527.496959][ T39] audit: type=1326 audit(1722617449.937:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16808 comm="syz.2.3967" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000 [ 527.546963][ T39] audit: type=1326 audit(1722617449.937:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16808 comm="syz.2.3967" exe="/syz-executor" sig=0 arch=40000003 syscall=225 compat=1 ip=0xf745e579 code=0x7ffc0000 [ 527.566965][ T39] audit: type=1326 audit(1722617449.937:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16808 comm="syz.2.3967" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000 [ 527.595593][ T39] audit: type=1326 audit(1722617449.937:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16808 comm="syz.2.3967" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000 [ 527.605645][ T39] audit: type=1326 audit(1722617449.937:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16808 comm="syz.2.3967" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf745e579 code=0x7ffc0000 [ 527.641840][ T39] audit: type=1326 audit(1722617449.937:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16808 comm="syz.2.3967" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000 [ 527.652739][ T39] audit: type=1326 audit(1722617449.937:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16808 comm="syz.2.3967" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000 [ 527.662166][ T39] audit: type=1326 audit(1722617449.937:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16808 comm="syz.2.3967" exe="/syz-executor" sig=0 arch=40000003 syscall=186 compat=1 ip=0xf745e579 code=0x7ffc0000 [ 527.677248][ T39] audit: type=1326 audit(1722617449.937:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16808 comm="syz.2.3967" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7ffc0000 [ 527.907666][ T5413] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 528.120308][ T5413] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 528.125883][ T5413] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 528.130316][ T5413] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 528.152647][ T5413] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 528.166929][ T5413] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 528.173138][ T5413] usb 6-1: config 0 descriptor?? [ 528.218558][T16855] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3989'. [ 528.246318][T16855] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3989'. [ 528.369483][T16859] netlink: 'syz.3.3991': attribute type 29 has an invalid length. [ 528.373872][T16859] netlink: 'syz.3.3991': attribute type 29 has an invalid length. [ 528.378225][T16859] netlink: 'syz.3.3991': attribute type 29 has an invalid length. [ 528.626302][ T5413] acrux 0003:1A34:0802.0017: hidraw1: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.1-1/input0 [ 528.632121][ T5413] acrux 0003:1A34:0802.0017: no inputs found [ 528.634717][ T5413] acrux 0003:1A34:0802.0017: Failed to enable force feedback support, error: -19 [ 528.888483][ T5404] usb 6-1: USB disconnect, device number 18 [ 529.327126][ T5404] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 529.557465][T16899] netlink: 'syz.0.4009': attribute type 29 has an invalid length. [ 529.704189][T16901] syzkaller1: entered promiscuous mode [ 529.706648][T16901] syzkaller1: entered allmulticast mode [ 529.817215][T16903] netlink: 88 bytes leftover after parsing attributes in process `syz.2.4011'. [ 530.059514][T16918] netlink: 512 bytes leftover after parsing attributes in process `syz.0.4018'. [ 530.147745][T16923] Context (ID=0x0) not attached to queue pair (handle=0x2:0x0) [ 530.283602][T16926] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4020'. [ 530.420757][T16928] syzkaller1: entered promiscuous mode [ 530.425525][T16928] syzkaller1: entered allmulticast mode [ 531.393449][T16962] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4033'. [ 532.195795][T17003] team0: entered promiscuous mode [ 532.198984][T17003] team_slave_0: entered promiscuous mode [ 532.201427][T17003] team_slave_1: entered promiscuous mode [ 532.223838][T17003] syz_tun: entered promiscuous mode [ 532.237271][T17002] syz_tun: left promiscuous mode [ 532.239743][T17002] team0: left promiscuous mode [ 532.241822][T17002] team_slave_0: left promiscuous mode [ 532.245084][T17002] team_slave_1: left promiscuous mode [ 533.324954][T17052] validate_nla: 3 callbacks suppressed [ 533.324970][T17052] netlink: 'syz.3.4073': attribute type 29 has an invalid length. [ 533.343015][T17052] netlink: 'syz.3.4073': attribute type 29 has an invalid length. [ 533.770147][T17068] netlink: 'syz.0.4080': attribute type 2 has an invalid length. [ 534.045101][T17074] netlink: 'syz.0.4082': attribute type 29 has an invalid length. [ 534.054559][T17074] netlink: 'syz.0.4082': attribute type 29 has an invalid length. [ 534.795630][T17090] netlink: 'syz.3.4089': attribute type 2 has an invalid length. [ 536.008421][T17121] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4101'. [ 536.017944][T17122] overlayfs: failed to resolve './file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 536.068721][T17121] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4101'. [ 536.399251][T17143] netlink: 'syz.3.4110': attribute type 1 has an invalid length. [ 536.402519][T17143] netlink: 512 bytes leftover after parsing attributes in process `syz.3.4110'. [ 536.409457][ T57] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 536.608020][ T57] usb 6-1: Using ep0 maxpacket: 32 [ 536.612923][ T57] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 536.616612][ T57] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 536.632238][ T57] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 536.649569][ T57] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 536.656673][ T57] usb 6-1: config 0 interface 0 has no altsetting 0 [ 536.663491][ T57] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 536.668076][ T57] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 536.677207][ T57] usb 6-1: Product: syz [ 536.679686][ T57] usb 6-1: Manufacturer: syz [ 536.682731][ T57] usb 6-1: SerialNumber: syz [ 536.703183][ T57] usb 6-1: config 0 descriptor?? [ 536.712734][ T57] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 536.727291][ T57] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 536.729005][ T56] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 536.918507][T17160] team0: entered promiscuous mode [ 536.921112][T17160] team_slave_0: entered promiscuous mode [ 536.941553][ C3] ldusb 6-1:0.0: usb_submit_urb failed (-19) [ 536.945397][T16130] usb 6-1: USB disconnect, device number 20 [ 536.949285][T17160] team_slave_1: entered promiscuous mode [ 536.954205][T16130] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 536.967287][T17158] syz_tun: entered promiscuous mode [ 536.971879][T17157] syz_tun: left promiscuous mode [ 536.977151][T17157] team0: left promiscuous mode [ 536.977994][ T56] usb 7-1: Using ep0 maxpacket: 32 [ 536.979445][T17157] team_slave_0: left promiscuous mode [ 536.983995][ T56] usb 7-1: config index 0 descriptor too short (expected 156, got 27) [ 536.984422][T17157] team_slave_1: left promiscuous mode [ 536.990421][ T56] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 536.995121][ T56] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 537.001808][ T56] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 537.008981][ T56] usb 7-1: config 0 interface 0 has no altsetting 0 [ 537.014865][ T56] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 537.019551][ T56] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 537.023237][ T56] usb 7-1: Product: syz [ 537.025104][ T56] usb 7-1: Manufacturer: syz [ 537.027636][ T56] usb 7-1: SerialNumber: syz [ 537.032199][ T56] usb 7-1: config 0 descriptor?? [ 537.042528][ T56] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 537.048361][ T56] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 537.356771][ T10] usb 7-1: USB disconnect, device number 23 [ 537.374083][ C0] ldusb 7-1:0.0: usb_submit_urb failed (-19) [ 537.396732][ T10] ldusb 7-1:0.0: LD USB Device #0 now disconnected [ 538.894669][T17215] netlink: 'syz.1.4137': attribute type 1 has an invalid length. [ 538.896985][T17212] syz.0.4132[17212] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 538.898381][T17212] syz.0.4132[17212] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 538.904078][T17215] netlink: 512 bytes leftover after parsing attributes in process `syz.1.4137'. [ 539.071027][T17224] netlink: 'syz.1.4140': attribute type 2 has an invalid length. [ 539.571377][T17249] netlink: 'syz.3.4150': attribute type 2 has an invalid length. [ 540.064018][T17281] netlink: 'syz.2.4162': attribute type 2 has an invalid length. [ 540.287078][T17289] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4166'. [ 540.698209][T17304] team0: entered promiscuous mode [ 540.700012][T17304] team_slave_0: entered promiscuous mode [ 540.703355][T17304] team_slave_1: entered promiscuous mode [ 540.720974][T17304] syz_tun: entered promiscuous mode [ 540.737829][T17300] syz_tun: left promiscuous mode [ 540.743323][T17300] team0: left promiscuous mode [ 540.745202][T17300] team_slave_0: left promiscuous mode [ 540.767146][T17300] team_slave_1: left promiscuous mode [ 540.784453][T17309] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4174'. [ 540.802478][T17309] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4174'. [ 541.077189][T17324] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4179'. [ 541.102891][T17325] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4181'. [ 541.140285][T17326] syzkaller0: entered promiscuous mode [ 541.148810][T17325] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 541.152003][T17325] IPv6: NLM_F_CREATE should be set when creating new route [ 541.163631][T17326] syzkaller0 (unregistering): left promiscuous mode [ 541.363834][T17336] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4185'. [ 541.392812][T17336] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4185'. [ 541.489123][T17341] netlink: 'syz.2.4189': attribute type 2 has an invalid length. [ 541.677058][T17355] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.4194'. [ 541.941007][T17370] netlink: 'syz.1.4201': attribute type 1 has an invalid length. [ 541.944581][T17370] netlink: 512 bytes leftover after parsing attributes in process `syz.1.4201'. [ 542.171023][T17384] netlink: 'syz.3.4206': attribute type 1 has an invalid length. [ 542.174566][T17384] netlink: 168864 bytes leftover after parsing attributes in process `syz.3.4206'. [ 542.179616][T17384] netlink: 1 bytes leftover after parsing attributes in process `syz.3.4206'. [ 542.320384][T17393] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 542.325774][T17393] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 542.456114][T17401] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 542.464439][T17401] tipc: Enabled bearer , priority 10 [ 543.441050][T17451] netlink: 'syz.2.4235': attribute type 1 has an invalid length. [ 543.444331][T17451] netlink: 512 bytes leftover after parsing attributes in process `syz.2.4235'. [ 543.959053][ T832] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 544.148359][T17475] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4246'. [ 544.159601][ T832] usb 5-1: Using ep0 maxpacket: 32 [ 544.164262][ T832] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 544.168246][ T832] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 544.173080][ T832] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 544.178615][ T832] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 544.184619][ T832] usb 5-1: config 0 interface 0 has no altsetting 0 [ 544.190874][ T832] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 544.194907][ T832] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 544.198862][ T832] usb 5-1: Product: syz [ 544.201529][ T832] usb 5-1: Manufacturer: syz [ 544.203613][ T832] usb 5-1: SerialNumber: syz [ 544.230355][ T832] usb 5-1: config 0 descriptor?? [ 544.236259][ T832] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 544.244180][ T832] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 544.502557][ T57] usb 5-1: USB disconnect, device number 38 [ 544.511010][ T57] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 544.956950][T17501] team0: entered promiscuous mode [ 544.959601][T17501] team_slave_0: entered promiscuous mode [ 544.962532][T17501] team_slave_1: entered promiscuous mode [ 545.112412][T17499] team0: left promiscuous mode [ 545.114378][T17499] team_slave_0: left promiscuous mode [ 545.137147][T17499] team_slave_1: left promiscuous mode [ 545.902478][T17528] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 546.569913][T17543] syzkaller0: entered promiscuous mode [ 546.587418][T17541] syzkaller0: left promiscuous mode [ 546.886486][T17552] team0: entered promiscuous mode [ 546.917005][T17552] team_slave_0: entered promiscuous mode [ 546.919573][T17552] team_slave_1: entered promiscuous mode [ 546.947721][T17548] team0: left promiscuous mode [ 546.949946][T17548] team_slave_0: left promiscuous mode [ 546.952578][T17548] team_slave_1: left promiscuous mode [ 547.290769][T17577] netlink: 'syz.0.4287': attribute type 1 has an invalid length. [ 547.294084][T17577] __nla_validate_parse: 2 callbacks suppressed [ 547.294094][T17577] netlink: 512 bytes leftover after parsing attributes in process `syz.0.4287'. [ 547.492343][T16130] IPVS: starting estimator thread 0... [ 547.496432][T17584] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available [ 547.586977][T17585] IPVS: using max 22 ests per chain, 52800 per kthread [ 547.728600][T17589] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 547.888478][T17597] Bluetooth: hci3: invalid length 0, exp 2 for type 15 [ 548.000342][T17600] netlink: 'syz.1.4296': attribute type 1 has an invalid length. [ 548.004196][T17600] netlink: 512 bytes leftover after parsing attributes in process `syz.1.4296'. [ 548.038849][T17601] bond_slave_0: entered promiscuous mode [ 548.041161][T17601] bond_slave_1: entered promiscuous mode [ 548.043536][T17601] vlan0: entered promiscuous mode [ 548.045875][T17601] bond0: entered promiscuous mode [ 548.052403][T17601] bond0: left promiscuous mode [ 548.056796][T17601] bond_slave_0: left promiscuous mode [ 548.061112][T17601] bond_slave_1: left promiscuous mode [ 548.353977][T17609] netlink: 'syz.3.4301': attribute type 2 has an invalid length. [ 548.667313][ T57] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 548.883715][ T57] usb 7-1: Using ep0 maxpacket: 8 [ 548.906328][ T57] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 548.912703][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 548.926951][ T57] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 548.946948][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 548.952156][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 548.963032][ T57] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 548.966368][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 548.977101][ T57] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 548.982151][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 548.987799][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 548.996761][ T57] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 549.000607][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 549.005275][ T57] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 549.011222][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 549.016537][ T57] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 549.030037][ T57] usb 7-1: string descriptor 0 read error: -22 [ 549.037067][ T57] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 549.041421][ T57] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 549.076354][ T57] adutux 7-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 549.247590][T17659] team0: entered promiscuous mode [ 549.250517][T17659] team_slave_0: entered promiscuous mode [ 549.252942][T17659] team_slave_1: entered promiscuous mode [ 549.277488][T17653] team0: left promiscuous mode [ 549.279533][T17653] team_slave_0: left promiscuous mode [ 549.287627][T17653] team_slave_1: left promiscuous mode [ 549.297375][ T57] usb 7-1: USB disconnect, device number 24 [ 549.547621][T17671] netlink: 'syz.0.4327': attribute type 1 has an invalid length. [ 549.567282][T17671] netlink: 512 bytes leftover after parsing attributes in process `syz.0.4327'. [ 549.793184][T17674] jump_label: Fatal kernel bug, unexpected op at preempt_notifier_register+0xd/0xf0 [ffffffff815b2e1d] (eb 12 90 48 c7 != 66 90 0f 1f 00)) size:2 type:1 [ 549.800332][T17674] ------------[ cut here ]------------ [ 549.802819][T17674] kernel BUG at arch/x86/kernel/jump_label.c:73! [ 549.805449][T17674] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 549.809395][T17674] CPU: 0 UID: 0 PID: 17674 Comm: syz.1.4329 Not tainted 6.11.0-rc1-syzkaller-00154-gc0ecd6388360 #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 549.814637][T17674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 549.828850][T17674] RIP: 0010:__jump_label_patch+0x388/0x400 [ 549.831980][T17674] Code: 48 c7 c3 60 c0 1c 93 e8 06 6d 5a 00 45 89 e1 49 89 d8 4c 89 f1 41 55 4c 89 f2 4c 89 f6 48 c7 c7 60 34 46 8b e8 09 10 3b 00 90 <0f> 0b be 04 00 00 00 48 89 45 c8 e8 f8 f9 b8 00 48 8b 45 c8 e9 f4 [ 549.840680][T17674] RSP: 0018:ffffc90034f97c28 EFLAGS: 00010282 [ 549.843492][T17674] RAX: 0000000000000096 RBX: ffffffff8b466ae1 RCX: ffffffff816bc7a9 [ 549.847735][T17674] RDX: 0000000000000000 RSI: ffffffff816c5796 RDI: 0000000000000005 [ 549.851283][T17674] RBP: ffffc90034f97c70 R08: 0000000000000005 R09: 0000000000000000 [ 549.854399][T17674] R10: 0000000080000000 R11: 0000000000000000 R12: 0000000000000002 [ 549.859525][T17674] R13: 0000000000000001 R14: ffffffff815b2e1d R15: 0000000000000085 [ 549.863381][T17674] FS: 0000000000000000(0000) GS:ffff88802c000000(0063) knlGS:00000000572d1440 [ 549.868686][T17674] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 549.873964][T17674] CR2: 000000000c35416e CR3: 000000004a3f2000 CR4: 0000000000352ef0 [ 549.877846][T17674] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 549.881307][T17674] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 549.892442][T17674] Call Trace: [ 549.894244][T17674] [ 549.896235][T17674] ? show_regs+0x8c/0xa0 [ 549.903483][T17674] ? die+0x36/0xa0 [ 549.905189][T17674] ? do_trap+0x232/0x430 [ 549.906891][T17674] ? __jump_label_patch+0x388/0x400 [ 549.909218][T17674] ? __jump_label_patch+0x388/0x400 [ 549.911538][T17674] ? do_error_trap+0xf4/0x230 [ 549.932449][T17674] ? __jump_label_patch+0x388/0x400 [ 549.934746][T17674] ? handle_invalid_op+0x34/0x40 [ 549.937045][T17674] ? __jump_label_patch+0x388/0x400 [ 549.938863][T17674] ? exc_invalid_op+0x2e/0x50 [ 549.940496][T17674] ? asm_exc_invalid_op+0x1a/0x20 [ 549.943297][T17674] ? preempt_notifier_register+0xd/0xf0 [ 549.945631][T17674] ? __wake_up_klogd.part.0+0x99/0xf0 [ 549.948173][T17674] ? vprintk+0x86/0xa0 [ 549.949920][T17674] ? __jump_label_patch+0x388/0x400 [ 549.952247][T17674] ? __jump_label_patch+0x387/0x400 [ 549.955276][T17674] arch_jump_label_transform_queue+0x7e/0x120 [ 549.958377][T17674] __jump_label_update+0x125/0x420 [ 549.960816][T17674] jump_label_update+0x1d7/0x400 [ 549.963222][T17674] __static_key_slow_dec_cpuslocked.part.0+0x4e/0x90 [ 549.966570][T17674] static_key_slow_dec+0x7c/0xc0 [ 549.969063][T17674] kvm_put_kvm+0x8f8/0xb80 [ 549.971152][T17674] ? __pfx_kvm_vm_release+0x10/0x10 [ 549.973646][T17674] kvm_vm_release+0x42/0x60 [ 549.975826][T17674] __fput+0x408/0xbb0 [ 549.977989][T17674] ? _raw_spin_unlock_irq+0x23/0x50 [ 549.980468][T17674] task_work_run+0x14e/0x250 [ 549.982881][T17674] ? __pfx_task_work_run+0x10/0x10 [ 549.985877][T17674] ? __pfx___close_range+0x10/0x10 [ 549.988503][T17674] syscall_exit_to_user_mode+0x27b/0x2a0 [ 549.991916][T17674] __do_fast_syscall_32+0x80/0x120 [ 549.994051][T17674] do_fast_syscall_32+0x32/0x80 [ 549.996029][T17674] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 549.999316][T17674] RIP: 0023:0xf7f35579 [ 550.001557][T17674] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 550.011328][T17674] RSP: 002b:00000000ff83af2c EFLAGS: 00000202 ORIG_RAX: 00000000000001b4 [ 550.015265][T17674] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 000000000000001e [ 550.018978][T17674] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 550.022408][T17674] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 550.025911][T17674] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 550.029568][T17674] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 550.033356][T17674] [ 550.034811][T17674] Modules linked in: [ 550.040230][T17674] ---[ end trace 0000000000000000 ]--- [ 550.042789][T17674] RIP: 0010:__jump_label_patch+0x388/0x400 [ 550.045567][T17674] Code: 48 c7 c3 60 c0 1c 93 e8 06 6d 5a 00 45 89 e1 49 89 d8 4c 89 f1 41 55 4c 89 f2 4c 89 f6 48 c7 c7 60 34 46 8b e8 09 10 3b 00 90 <0f> 0b be 04 00 00 00 48 89 45 c8 e8 f8 f9 b8 00 48 8b 45 c8 e9 f4 [ 550.055014][T17674] RSP: 0018:ffffc90034f97c28 EFLAGS: 00010282 [ 550.066609][T17674] RAX: 0000000000000096 RBX: ffffffff8b466ae1 RCX: ffffffff816bc7a9 [ 550.074767][T17674] RDX: 0000000000000000 RSI: ffffffff816c5796 RDI: 0000000000000005 [ 550.079135][T17674] RBP: ffffc90034f97c70 R08: 0000000000000005 R09: 0000000000000000 [ 550.083366][T17674] R10: 0000000080000000 R11: 0000000000000000 R12: 0000000000000002 [ 550.087214][T17674] R13: 0000000000000001 R14: ffffffff815b2e1d R15: 0000000000000085 [ 550.090568][T17674] FS: 0000000000000000(0000) GS:ffff88802c100000(0063) knlGS:00000000572d1440 [ 550.094362][T17674] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 550.097576][T17674] CR2: 00000000f7fb6e40 CR3: 000000004a3f2000 CR4: 0000000000352ef0 [ 550.101119][T17674] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 550.104641][T17674] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 550.110390][T17674] Kernel panic - not syncing: Fatal exception [ 550.113652][T17674] Kernel Offset: disabled [ 550.115554][T17674] Rebooting in 86400 seconds.. VM DIAGNOSIS: 16:51:12 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff84fa2e70 RDI=ffffffff9511a3c0 RBP=ffffffff9511a380 RSP=ffffc90034f975a8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6e69203a73706f4f R12=0000000000000000 R13=0000000000000020 R14=fffffbfff2a234ca R15=dffffc0000000000 RIP=ffffffff84fa2e97 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c35416e CR3=000000004a3f2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000006000000000 0000000100000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000006000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=ffffed10054709e4 RBX=ffffed10054709e5 RCX=ffffffff81c80bca RDX=ffffed10054709e5 RSI=0000000000000004 RDI=ffff88802a384f20 RBP=ffffed10054709e4 RSP=ffffc90001fbf800 R8 =0000000000000000 R9 =ffffed10054709e4 R10=ffff88802a384f23 R11=ffff88802c128a40 R12=ffff88802a384f00 R13=dffffc0000000000 R14=0000000000000002 R15=ffffc90001fbf8c8 RIP=ffffffff81e9972e RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7475008 CR3=00000000762c2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=ffffea000181c400 RBX=ffffc90002b2fa98 RCX=ffffffff81d6d3b9 RDX=000000000000004b RSI=ffffffff81d6d3cc RDI=0000000000000005 RBP=0000000000000000 RSP=ffffc90002b2f628 R8 =0000000000000005 R9 =0000000000000001 R10=0000000000000001 R11=dffffc0000000000 R12=0000000000000001 R13=000000000000004c R14=ffff88805dee7000 R15=000000000000004b RIP=ffffffff81d6d3d7 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fd342d3d440 CR3=00000000797f8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000004532af RBX=0000000000000003 RCX=ffffffff8b05fa19 RDX=0000000000000000 RSI=ffffffff8b4cd060 RDI=ffffffff8bb04160 RBP=ffffed1002cfb488 RSP=ffffc90000497e08 R8 =0000000000000001 R9 =ffffed1005866fd9 R10=ffff88802c337ecb R11=0000000000000000 R12=0000000000000003 R13=ffff8880167da440 R14=ffffffff90110158 R15=0000000000000000 RIP=ffffffff8b060e0f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c3b3972 CR3=0000000063062000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002000002 Opmask01=0000000000000008 Opmask02=000000000000ffdf Opmask03=2040000404420020 Opmask04=00000000ffdfffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005611a1dba240 00005611a1db6bb0 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 00ff000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffffffffffffff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1d638dc551251f9f 73732567b3b2b704 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737142 7373737373737373 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c 2c2c2c2c2c2c2c2c ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e69646165520073 25203a656c696620 7974706d6520676e 697070696b530065 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4245484d4952005f 090c164940454a0c 55585c41490c4b42 455c5c4547530049 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000003 00005611a1db1410 0000000000000051 000000302f716d00 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005611a1dc61c0 00005611a1db7f00 0000000000000041 00000000302e3836 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005611a1e17c00 5341494c41444f4d 0000000000000031 0000003177617264 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 69305f474f5b647c 6930382432273f39 7b27697a787c7a30 23333a3a38263342 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000