last executing test programs: 2.055320997s ago: executing program 2 (id=907): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, 0x0, 0x0) ioctl$PPPOEIOCSFWD(r0, 0x40047452, &(0x7f0000000100)={0x18, 0x0, {0x3, @multicast, 'vlan1\x00'}}) 1.993869559s ago: executing program 2 (id=909): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800) 1.83946803s ago: executing program 0 (id=913): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='9p_protocol_dump\x00', r0}, 0x10) mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1) pipe2$9p(&(0x7f00000003c0), 0x82800) syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@perf_event={0x4}}, 0x18) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) io_setup(0xb2, &(0x7f0000000200)) ppoll(&(0x7f0000000180)=[{r2}], 0x1, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18) shutdown(r2, 0x0) r3 = eventfd(0xc) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r3) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r3}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000c40)={0x1, 0x0, [{0x0, 0xf3, &(0x7f00000008c0)=""/243}]}) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r3}) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1) unshare(0x64000600) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB], 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10) getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x2) 815.877873ms ago: executing program 0 (id=924): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x101442, 0x0) socket$xdp(0x2c, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00'}, 0x10) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) 759.988651ms ago: executing program 0 (id=925): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x15, @remote, 'bond0\x00'}}, 0x1e) ioctl$PPPOEIOCSFWD(r0, 0x40047452, 0x0) 758.942128ms ago: executing program 0 (id=927): bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000080)='kfree\x00'}, 0x18) r0 = io_uring_setup(0x4f04, &(0x7f00000002c0)={0x0, 0x48c7, 0x400, 0x0, 0xffffffff}) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c) listen(r1, 0xfffffffc) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) close_range(r0, 0xffffffffffffffff, 0x0) 679.780029ms ago: executing program 0 (id=929): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f00000001c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x0, 0x0, &(0x7f0000000680), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x8}, 0x4c) 679.438686ms ago: executing program 0 (id=931): r0 = fsopen(&(0x7f0000001500)='devtmpfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x6) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) symlink(&(0x7f0000000780)='./file0/../file0\x00', 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000200)='kfree\x00', r2}, 0x18) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x4) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='configfs\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e20, 0x0, @loopback}]}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e20, 0xfffff92a, @loopback, 0xfffffffa}}, 0x8, 0x0, 0x7, 0x9, 0x1}, &(0x7f0000000140)=0x98) mkdir(&(0x7f0000000000)='./control\x00', 0x0) mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./control\x00', 0x0, 0x2000, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94) gettid() r3 = eventfd2(0x0, 0x0) write$eventfd(r3, &(0x7f0000000140)=0xfffffffffffffff8, 0x8) write$eventfd(r3, &(0x7f0000000040)=0x8, 0x8) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) 250.788006ms ago: executing program 3 (id=937): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r0}, 0x18) r1 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f0000000000)={'bridge0\x00', 0x0}) 171.223474ms ago: executing program 1 (id=939): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0) close(r2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafbe863cac50580cd8b", 0x17}, {&(0x7f0000000440)="9c74dfbf77572856c809ff86bb648daf351a32ad5ea7e5599da7a5b3d468381d8ff50420", 0x24}], 0x2) 170.686245ms ago: executing program 3 (id=940): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 170.548996ms ago: executing program 3 (id=941): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10) recvmmsg(r0, 0x0, 0x0, 0x10120, 0x0) shutdown(r0, 0x1) 108.447114ms ago: executing program 2 (id=942): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x101442, 0x0) socket$xdp(0x2c, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000005c0)='sched_switch\x00'}, 0x10) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) 108.251203ms ago: executing program 1 (id=943): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x24008085}, 0x0) 107.767639ms ago: executing program 3 (id=944): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/slabinfo\x00', 0x0, 0x0) r1 = syz_io_uring_setup(0x5169, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r0, 0x0, 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b1000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x18) io_uring_enter(r1, 0x7368, 0x0, 0x0, 0x0, 0x0) 107.659496ms ago: executing program 1 (id=945): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r0}, 0x10) r1 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) tgkill(r1, r1, 0x0) 50.831876ms ago: executing program 2 (id=946): bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x1e, 0x0, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x7ff, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x8}, 0x94) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="1400000034000b45d30000000000000005d25a80", 0x14}], 0x1}, 0x810) r0 = socket$kcm(0x11, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0) sendmsg$kcm(r0, &(0x7f00000001c0)={&(0x7f0000000100)=@phonet={0x23, 0x0, 0x0, 0xd}, 0x80, &(0x7f00000018c0)}, 0x0) 50.220147ms ago: executing program 3 (id=947): mkdir(&(0x7f0000000540)='./file0\x00', 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000300)=0xf2b, 0x4) getsockopt$inet6_buf(r0, 0x29, 0x6, 0x0, &(0x7f0000000080)=0xa4) unshare(0x22020400) r1 = open(&(0x7f0000000180)='./bus\x00', 0x14337f, 0x0) flock(r1, 0x5) pipe2$9p(&(0x7f0000001900), 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0}, 0x94) bind$inet6(r0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x2e, &(0x7f00000006c0)=ANY=[], 0x0, 0x9687, 0x0, 0x0, 0x40f00, 0x11, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000400)={0x1, 0x3, 0x569b, 0x81}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000004c0), 0x0, 0x10, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = socket(0x10, 0x803, 0x0) r4 = socket(0x10, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000740)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14) sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4800000010000104000000000100000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000280012800b000100697036746e6c00001800028014000300ff"], 0x48}}, 0x0) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x50, 0x10, 0x401, 0x0, 0x100, {0x0, 0x0, 0x0, r5, 0x100, 0x306c}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_IPTUN_FWMARK={0x8, 0x14, 0x4}]}}}]}, 0x50}}, 0xeb64d656001f6f32) 50.029547ms ago: executing program 2 (id=948): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xa, 0x4, 0xfff, 0x7}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000080850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f00000021c0)={r2, 0x0, 0x0}, 0x10) 49.859927ms ago: executing program 1 (id=949): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r0}, 0x18) r1 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f0000000000)={'bridge0\x00', 0x0}) 777µs ago: executing program 2 (id=950): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18) r2 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x40, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0xa}}]}, 0x40}}, 0x0) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f0000000380)={0xe6, 0x6, 0x4, 0x8, 0x7, 0x0, [{0x1, 0x4, 0x83b, '\x00', 0x4}, {0x6ae, 0x4, 0x6, '\x00', 0x405}, {0x4, 0xffffffffffffb701, 0x3ff, '\x00', 0x300}, {0x85a8, 0x3, 0x8, '\x00', 0x1c0b}, {0x1a3, 0x9, 0x3, '\x00', 0x1}, {0x5, 0x1, 0x9}, {0x7fffffffffffffff, 0x0, 0xf38e, '\x00', 0x4}]}) r6 = gettid() timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)=0x0) timer_settime(r7, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r8 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0) preadv2(r8, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1) 469.291µs ago: executing program 1 (id=951): creat(&(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x71) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x4d884) r0 = syz_io_uring_setup(0xd2, &(0x7f0000000100)={0x0, 0xfffffffd, 0x800, 0x0, 0xc0}, &(0x7f00000002c0)=0x0, &(0x7f0000000000)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x8, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc}) io_uring_enter(r0, 0x47bc, 0x20, 0x0, 0x0, 0x0) 107.531µs ago: executing program 3 (id=952): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0) close(r2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafbe863cac50580cd8b", 0x17}, {&(0x7f0000000440)="9c74dfbf77572856c809ff86bb648daf351a32ad5ea7e5599da7a5b3d468381d8ff50420", 0x24}], 0x2) 0s ago: executing program 1 (id=953): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r3, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x4, 0x600, 0x1}}, 0x20) sendmsg$inet6(r2, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:60177' (ED25519) to the list of known hosts. [ 40.782568][ T5899] cgroup: Unknown subsys name 'net' [ 40.984037][ T5899] cgroup: Unknown subsys name 'cpuset' [ 40.989622][ T5899] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 41.861754][ T5899] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.032423][ T5956] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.038915][ T5961] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.041931][ T5969] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 45.044300][ T5969] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 45.047024][ T5969] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 45.049631][ T5969] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 45.057428][ T5966] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 45.057523][ T5967] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.058346][ T5968] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.060114][ T5966] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.061278][ T5969] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 45.061671][ T5969] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 45.062267][ T5969] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 45.063088][ T5967] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.063282][ T5967] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.063740][ T5967] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.064000][ T5967] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 45.065276][ T5956] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.067145][ T5969] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.068899][ T5956] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.246206][ T5957] chnl_net:caif_netlink_parms(): no params data found [ 45.395042][ T5957] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.397749][ T5957] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.400067][ T5957] bridge_slave_0: entered allmulticast mode [ 45.402982][ T5957] bridge_slave_0: entered promiscuous mode [ 45.408195][ T5953] chnl_net:caif_netlink_parms(): no params data found [ 45.412666][ T5963] chnl_net:caif_netlink_parms(): no params data found [ 45.426789][ T5957] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.428954][ T5957] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.431334][ T5957] bridge_slave_1: entered allmulticast mode [ 45.433925][ T5957] bridge_slave_1: entered promiscuous mode [ 45.496824][ T5957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.528265][ T5959] chnl_net:caif_netlink_parms(): no params data found [ 45.547226][ T5957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.559607][ T5963] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.561930][ T5963] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.564130][ T5963] bridge_slave_0: entered allmulticast mode [ 45.566658][ T5963] bridge_slave_0: entered promiscuous mode [ 45.617574][ T5963] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.619790][ T5963] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.622233][ T5963] bridge_slave_1: entered allmulticast mode [ 45.624780][ T5963] bridge_slave_1: entered promiscuous mode [ 45.656784][ T5957] team0: Port device team_slave_0 added [ 45.692043][ T5957] team0: Port device team_slave_1 added [ 45.694056][ T5953] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.696160][ T5953] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.698405][ T5953] bridge_slave_0: entered allmulticast mode [ 45.701096][ T5953] bridge_slave_0: entered promiscuous mode [ 45.705381][ T5963] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.709819][ T5963] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.746124][ T5953] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.748379][ T5953] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.750798][ T5953] bridge_slave_1: entered allmulticast mode [ 45.753352][ T5953] bridge_slave_1: entered promiscuous mode [ 45.813365][ T5959] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.815608][ T5959] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.817782][ T5959] bridge_slave_0: entered allmulticast mode [ 45.820261][ T5959] bridge_slave_0: entered promiscuous mode [ 45.837137][ T5957] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.839391][ T5957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.848261][ T5957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.867749][ T5953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.872757][ T5963] team0: Port device team_slave_0 added [ 45.874733][ T5959] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.876918][ T5959] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.879059][ T5959] bridge_slave_1: entered allmulticast mode [ 45.881726][ T5959] bridge_slave_1: entered promiscuous mode [ 45.896940][ T5957] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.899082][ T5957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.907005][ T5957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.917535][ T5953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.935844][ T5963] team0: Port device team_slave_1 added [ 45.952955][ T5959] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.985912][ T5959] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.004807][ T5953] team0: Port device team_slave_0 added [ 46.045019][ T5953] team0: Port device team_slave_1 added [ 46.047333][ T5963] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.049512][ T5963] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.058632][ T5963] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.077965][ T5957] hsr_slave_0: entered promiscuous mode [ 46.080157][ T5957] hsr_slave_1: entered promiscuous mode [ 46.084386][ T5959] team0: Port device team_slave_0 added [ 46.099132][ T5963] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.101383][ T5963] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.109206][ T5963] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.118266][ T5959] team0: Port device team_slave_1 added [ 46.134185][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.136349][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.144596][ T5953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.148911][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.151314][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.159248][ T5953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.234219][ T5959] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.236927][ T5959] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.246859][ T5959] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.279402][ T5963] hsr_slave_0: entered promiscuous mode [ 46.282750][ T5963] hsr_slave_1: entered promiscuous mode [ 46.284837][ T5963] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.287295][ T5963] Cannot create hsr debugfs directory [ 46.289386][ T5959] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.292125][ T5959] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.302621][ T5959] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.382043][ T5953] hsr_slave_0: entered promiscuous mode [ 46.384482][ T5953] hsr_slave_1: entered promiscuous mode [ 46.386530][ T5953] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.388863][ T5953] Cannot create hsr debugfs directory [ 46.443020][ T5959] hsr_slave_0: entered promiscuous mode [ 46.445301][ T5959] hsr_slave_1: entered promiscuous mode [ 46.447332][ T5959] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.449657][ T5959] Cannot create hsr debugfs directory [ 46.701607][ T5957] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 46.707522][ T5957] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 46.712082][ T5957] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 46.719735][ T5957] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 46.746411][ T5963] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 46.754776][ T5963] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 46.759349][ T5963] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 46.764512][ T5963] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 46.793562][ T5953] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 46.797943][ T5953] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 46.806725][ T5953] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 46.812286][ T5953] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 46.851194][ T5959] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 46.854964][ T5959] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 46.859653][ T5959] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 46.864785][ T5959] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 46.905441][ T5957] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.913646][ T5963] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.929810][ T5957] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.948804][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.951128][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.959846][ T5963] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.964030][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.966319][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.979195][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.981504][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.992164][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.994442][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.008819][ T5953] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.022496][ T5959] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.037757][ T5953] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.043106][ T5959] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.053723][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.055945][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.063642][ T1227] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.066031][ T1227] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.075264][ T1227] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.077509][ T1227] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.084716][ T1227] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.086922][ T1227] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.102324][ T5317] Bluetooth: hci3: command tx timeout [ 47.102369][ T5969] Bluetooth: hci2: command tx timeout [ 47.104210][ T5317] Bluetooth: hci1: command tx timeout [ 47.106124][ T5956] Bluetooth: hci0: command tx timeout [ 47.119188][ T5959] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 47.137746][ T5957] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.169302][ T5957] veth0_vlan: entered promiscuous mode [ 47.174493][ T5957] veth1_vlan: entered promiscuous mode [ 47.189798][ T5963] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.197315][ T5957] veth0_macvtap: entered promiscuous mode [ 47.204194][ T5957] veth1_macvtap: entered promiscuous mode [ 47.218691][ T5957] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.229471][ T5957] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.234163][ T5957] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.237006][ T5957] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.239667][ T5957] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.243644][ T5957] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.251928][ T5963] veth0_vlan: entered promiscuous mode [ 47.257729][ T5963] veth1_vlan: entered promiscuous mode [ 47.273823][ T5959] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.284111][ T5953] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.306404][ T5963] veth0_macvtap: entered promiscuous mode [ 47.309582][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.310040][ T5963] veth1_macvtap: entered promiscuous mode [ 47.312699][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.336868][ T5959] veth0_vlan: entered promiscuous mode [ 47.343734][ T5963] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.348833][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.353733][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.354706][ T5963] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.361978][ T5959] veth1_vlan: entered promiscuous mode [ 47.365141][ T5963] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.367861][ T5963] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.370994][ T5963] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.373694][ T5963] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.383988][ T5953] veth0_vlan: entered promiscuous mode [ 47.391166][ T5957] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 47.406880][ T5953] veth1_vlan: entered promiscuous mode [ 47.423639][ T1227] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.424276][ T5959] veth0_macvtap: entered promiscuous mode [ 47.426142][ T1227] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.429684][ T5959] veth1_macvtap: entered promiscuous mode [ 47.459131][ T1227] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.459865][ T5959] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.462044][ T1227] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.466246][ T5959] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.472854][ T5953] veth0_macvtap: entered promiscuous mode [ 47.476717][ T5953] veth1_macvtap: entered promiscuous mode [ 47.480814][ T5959] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.483567][ T5959] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.486279][ T5959] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.489201][ T5959] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.509995][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.521469][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.532224][ T5953] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.534941][ T5953] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.537912][ T5953] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.541457][ T5953] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.562507][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.564946][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.580214][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.583937][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.608722][ T102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.613377][ T102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.630278][ T102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.634163][ T102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.918861][ T6063] tipc: Started in network mode [ 47.920686][ T6063] tipc: Node identity eaf2042d7d22, cluster identity 4711 [ 47.923107][ T6063] tipc: Enabled bearer , priority 0 [ 47.927567][ T6066] syz.0.11 uses obsolete (PF_INET,SOCK_PACKET) [ 47.965944][ T6062] tipc: Resetting bearer [ 48.015111][ C0] vcan0: j1939_tp_txtimer: 0xffff888060325800: tx aborted with unknown reason: -2 [ 48.018552][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888060425000: 0x00000: (250) Any other reason (if a Connection Abort reason is identified that is not listed in the table use code 250) [ 48.026622][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888060325800: 0x00000: (250) Any other reason (if a Connection Abort reason is identified that is not listed in the table use code 250) [ 48.027653][ T6065] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11'. [ 48.527557][ T6062] tipc: Disabling bearer [ 48.718090][ T6084] netlink: 'syz.1.18': attribute type 29 has an invalid length. [ 48.727966][ T6084] netlink: 'syz.1.18': attribute type 29 has an invalid length. [ 48.766626][ T6088] netlink: 'syz.1.20': attribute type 29 has an invalid length. [ 48.770979][ T6088] netlink: 'syz.1.20': attribute type 29 has an invalid length. [ 49.072639][ T6109] netlink: 'syz.3.28': attribute type 2 has an invalid length. [ 49.075105][ T6109] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.28'. [ 49.078032][ T6109] nbd: must specify at least one socket [ 49.130520][ T5821] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 49.180706][ T5956] Bluetooth: hci1: command tx timeout [ 49.182403][ T5956] Bluetooth: hci0: command tx timeout [ 49.184045][ T5956] Bluetooth: hci2: command tx timeout [ 49.185007][ T5317] Bluetooth: hci3: command tx timeout [ 49.285002][ T5821] usb 7-1: Using ep0 maxpacket: 16 [ 49.288365][ T5821] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 49.291516][ T5821] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 49.302902][ T5821] usb 7-1: config 0 descriptor?? [ 49.719123][ T5821] koneplus 0003:1E7D:2E22.0002: hidraw1: USB HID v20.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.2-1/input0 [ 49.916487][ T29] usb 7-1: USB disconnect, device number 2 [ 51.260789][ T5317] Bluetooth: hci3: command tx timeout [ 51.262087][ T5969] Bluetooth: hci0: command tx timeout [ 51.262548][ T5317] Bluetooth: hci1: command tx timeout [ 51.264405][ T5956] Bluetooth: hci2: command tx timeout [ 51.440132][ T6165] process 'syz.1.46' launched './file0' with NULL argv: empty string added [ 52.632113][ T6019] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 52.811961][ T6019] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 52.815383][ T6019] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 52.818640][ T6019] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 52.821675][ T6019] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 52.831554][ T6019] usb 5-1: config 0 descriptor?? [ 53.245879][ T6019] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0 [ 53.248135][ T6019] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x2 [ 53.310117][ T6019] cp2112 0003:10C4:EA90.0003: hidraw1: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0 [ 53.341161][ T5317] Bluetooth: hci1: command tx timeout [ 53.350422][ T5317] Bluetooth: hci2: command tx timeout [ 53.350509][ T5956] Bluetooth: hci0: command tx timeout [ 53.352201][ T5317] Bluetooth: hci3: command tx timeout [ 53.478140][ T6019] cp2112 0003:10C4:EA90.0003: Part Number: 0x00 Device Version: 0x00 [ 53.678878][ T6019] cp2112 0003:10C4:EA90.0003: error requesting SMBus config [ 53.683969][ T6019] cp2112 0003:10C4:EA90.0003: probe with driver cp2112 failed with error -32 [ 53.692279][ T6019] usb 5-1: USB disconnect, device number 2 [ 53.979038][ T6200] netlink: 48 bytes leftover after parsing attributes in process `syz.2.56'. [ 55.594844][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 55.597487][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 55.799679][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 55.802543][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 55.805084][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 55.807618][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 56.035649][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 56.080651][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 56.101611][ T0] NOHZ tick-stop error: local softirq work is pending, handler #248!!! [ 56.640530][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 58.300646][ T6359] netlink: 48 bytes leftover after parsing attributes in process `syz.0.106'. [ 60.695656][ T9] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 60.867018][ T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 60.870267][ T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 60.873427][ T9] usb 7-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 60.876450][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.886745][ T9] usb 7-1: config 0 descriptor?? [ 61.301395][ T9] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 61.303751][ T9] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x2 [ 61.315536][ T9] cp2112 0003:10C4:EA90.0004: hidraw1: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0 [ 61.512636][ T9] cp2112 0003:10C4:EA90.0004: Part Number: 0x00 Device Version: 0x00 [ 61.713998][ T9] cp2112 0003:10C4:EA90.0004: error requesting SMBus config [ 61.725542][ T9] cp2112 0003:10C4:EA90.0004: probe with driver cp2112 failed with error -32 [ 61.736493][ T9] usb 7-1: USB disconnect, device number 3 [ 70.783946][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.786067][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.909071][ T40] audit: type=1326 audit(1753150410.592:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.3.246" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 70.917947][ T40] audit: type=1326 audit(1753150410.592:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.3.246" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 70.925462][ T40] audit: type=1326 audit(1753150410.592:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.3.246" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 70.933392][ T40] audit: type=1326 audit(1753150410.592:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.3.246" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 70.941142][ T40] audit: type=1326 audit(1753150410.592:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.3.246" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 70.949384][ T40] audit: type=1326 audit(1753150410.592:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.3.246" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 70.956831][ T40] audit: type=1326 audit(1753150410.592:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.3.246" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 70.964973][ T40] audit: type=1326 audit(1753150410.592:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.3.246" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 70.972244][ T40] audit: type=1326 audit(1753150410.592:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.3.246" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 70.978888][ T40] audit: type=1326 audit(1753150410.592:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6755 comm="syz.3.246" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 73.255036][ T6822] netlink: 4 bytes leftover after parsing attributes in process `syz.0.269'. [ 73.304117][ T6822] hsr_slave_0 (unregistering): left promiscuous mode [ 73.862489][ T6856] Zero length message leads to an empty skb [ 74.822451][ T6904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.303'. [ 76.109787][ T6962] netlink: 24 bytes leftover after parsing attributes in process `syz.3.329'. [ 76.136578][ T6962] sch_tbf: burst 88 is lower than device veth3 mtu (1514) ! [ 76.254925][ T6977] netlink: 'syz.3.336': attribute type 29 has an invalid length. [ 76.258917][ T6977] netlink: 'syz.3.336': attribute type 29 has an invalid length. [ 78.351251][ C0] vcan0: j1939_tp_txtimer: 0xffff88800b9d4400: tx aborted with unknown reason: -2 [ 78.354254][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88800b9d4800: 0x00000: (250) Any other reason (if a Connection Abort reason is identified that is not listed in the table use code 250) [ 78.360117][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88800b9d4400: 0x00000: (250) Any other reason (if a Connection Abort reason is identified that is not listed in the table use code 250) [ 78.361450][ T7099] netlink: 4 bytes leftover after parsing attributes in process `syz.3.386'. [ 78.598648][ T7110] netlink: 4 bytes leftover after parsing attributes in process `syz.3.390'. [ 78.602070][ T7110] openvswitch: netlink: Flow key attr not present in new flow. [ 78.944719][ T40] kauditd_printk_skb: 42 callbacks suppressed [ 78.944730][ T40] audit: type=1326 audit(1753150418.622:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.2.402" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 78.953394][ T40] audit: type=1326 audit(1753150418.622:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.2.402" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 78.992021][ T7145] netlink: 4 bytes leftover after parsing attributes in process `syz.3.407'. [ 78.999646][ C2] vcan0: j1939_tp_txtimer: 0xffff888051708400: tx aborted with unknown reason: -2 [ 79.003651][ C2] vcan0: j1939_xtp_rx_abort_one: 0xffff888051708800: 0x00000: (250) Any other reason (if a Connection Abort reason is identified that is not listed in the table use code 250) [ 79.012751][ C2] vcan0: j1939_xtp_rx_abort_one: 0xffff888051708400: 0x00000: (250) Any other reason (if a Connection Abort reason is identified that is not listed in the table use code 250) [ 79.015348][ T7125] netlink: 4 bytes leftover after parsing attributes in process `syz.1.396'. [ 79.045580][ T40] audit: type=1326 audit(1753150418.732:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 79.052474][ T40] audit: type=1326 audit(1753150418.732:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 79.062146][ T40] audit: type=1326 audit(1753150418.732:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=218 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 79.068798][ T40] audit: type=1326 audit(1753150418.732:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 79.076209][ T40] audit: type=1326 audit(1753150418.732:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 79.083004][ T40] audit: type=1326 audit(1753150418.732:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 79.089721][ T40] audit: type=1326 audit(1753150418.732:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 79.097380][ T40] audit: type=1326 audit(1753150418.732:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7147 comm="syz.0.408" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 79.125324][ T7163] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 8, id = 0 [ 79.142271][ T7165] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 79.147269][ T7165] batadv_slave_0: entered promiscuous mode [ 79.201835][ T7172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.414'. [ 79.205242][ T7172] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 79.233241][ T7172] batadv_slave_0 (unregistering): left promiscuous mode [ 79.235637][ T7172] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 80.539584][ T7252] lo speed is unknown, defaulting to 1000 [ 80.542774][ T7252] lo speed is unknown, defaulting to 1000 [ 80.545964][ T7252] lo speed is unknown, defaulting to 1000 [ 80.554066][ T7252] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 80.560526][ T7252] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 80.577314][ T7252] lo speed is unknown, defaulting to 1000 [ 80.580681][ T7252] lo speed is unknown, defaulting to 1000 [ 80.583295][ T7252] lo speed is unknown, defaulting to 1000 [ 80.585807][ T7252] lo speed is unknown, defaulting to 1000 [ 80.722699][ T7261] netlink: 'syz.1.455': attribute type 29 has an invalid length. [ 80.725755][ T7261] netlink: 'syz.1.455': attribute type 29 has an invalid length. [ 81.023227][ T838] cfg80211: failed to load regulatory.db [ 81.339860][ T7224] syz.2.439: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 81.348810][ T7224] CPU: 3 UID: 0 PID: 7224 Comm: syz.2.439 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 81.348824][ T7224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.348830][ T7224] Call Trace: [ 81.348834][ T7224] [ 81.348838][ T7224] dump_stack_lvl+0x16c/0x1f0 [ 81.348853][ T7224] warn_alloc+0x248/0x3a0 [ 81.348864][ T7224] ? __pfx_warn_alloc+0x10/0x10 [ 81.348880][ T7224] ? hash_netiface_create+0x3ec/0x1250 [ 81.348891][ T7224] ? __vmalloc_node_noprof+0xad/0xf0 [ 81.348908][ T7224] __vmalloc_node_range_noprof+0x101b/0x14b0 [ 81.348927][ T7224] ? hash_netiface_create+0x3ec/0x1250 [ 81.348941][ T7224] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 81.348961][ T7224] ? hash_netiface_create+0x3ec/0x1250 [ 81.348970][ T7224] __vmalloc_node_noprof+0xad/0xf0 [ 81.348984][ T7224] ? hash_netiface_create+0x3ec/0x1250 [ 81.348995][ T7224] __vmalloc_node_range_noprof+0xb73/0x14b0 [ 81.349014][ T7224] ? hash_netiface_create+0x3ec/0x1250 [ 81.349026][ T7224] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 81.349042][ T7224] ? __alloc_pages_noprof+0xb/0x1b0 [ 81.349051][ T7224] ? ___kmalloc_large_node+0x84/0x1e0 [ 81.349068][ T7224] __kvmalloc_node_noprof+0x30a/0x620 [ 81.349084][ T7224] ? hash_netiface_create+0x3ec/0x1250 [ 81.349094][ T7224] ? hash_netiface_create+0x3ec/0x1250 [ 81.349106][ T7224] ? hash_netiface_create+0x3ec/0x1250 [ 81.349115][ T7224] hash_netiface_create+0x3ec/0x1250 [ 81.349125][ T7224] ? __nla_parse+0x5b/0x60 [ 81.349139][ T7224] ? __pfx_hash_netiface_create+0x10/0x10 [ 81.349149][ T7224] ip_set_create+0x7e1/0x14d0 [ 81.349161][ T7224] ? __pfx_ip_set_create+0x10/0x10 [ 81.349170][ T7224] ? trace_contention_end+0xdd/0x130 [ 81.349194][ T7224] ? find_held_lock+0x2b/0x80 [ 81.349208][ T7224] nfnetlink_rcv_msg+0x9fc/0x1200 [ 81.349227][ T7224] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 81.349243][ T7224] ? consume_skb+0xcc/0x100 [ 81.349268][ T7224] ? __pfx___dev_queue_xmit+0x10/0x10 [ 81.349286][ T7224] netlink_rcv_skb+0x155/0x420 [ 81.349299][ T7224] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 81.349314][ T7224] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 81.349332][ T7224] ? ns_capable+0xd7/0x110 [ 81.349345][ T7224] nfnetlink_rcv+0x1b3/0x430 [ 81.349359][ T7224] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 81.349372][ T7224] ? netlink_deliver_tap+0x1ae/0xd30 [ 81.349386][ T7224] netlink_unicast+0x58d/0x850 [ 81.349400][ T7224] ? __pfx_netlink_unicast+0x10/0x10 [ 81.349416][ T7224] netlink_sendmsg+0x8d1/0xdd0 [ 81.349431][ T7224] ? __pfx_netlink_sendmsg+0x10/0x10 [ 81.349444][ T7224] ? __import_iovec+0x1dd/0x650 [ 81.349459][ T7224] ____sys_sendmsg+0xa98/0xc70 [ 81.349474][ T7224] ? __pfx_____sys_sendmsg+0x10/0x10 [ 81.349486][ T7224] ? get_compat_msghdr+0x11a/0x170 [ 81.349500][ T7224] ? __pfx_futex_wake_mark+0x10/0x10 [ 81.349522][ T7224] ___sys_sendmsg+0x134/0x1d0 [ 81.349533][ T7224] ? __pfx____sys_sendmsg+0x10/0x10 [ 81.349550][ T7224] ? find_held_lock+0x2b/0x80 [ 81.349569][ T7224] __sys_sendmsg+0x16d/0x220 [ 81.349580][ T7224] ? __pfx___sys_sendmsg+0x10/0x10 [ 81.349590][ T7224] ? __ia32_sys_futex_time32+0x1d9/0x460 [ 81.349609][ T7224] ? rcu_is_watching+0x12/0xc0 [ 81.349622][ T7224] __do_fast_syscall_32+0x7c/0x3a0 [ 81.349634][ T7224] do_fast_syscall_32+0x32/0x80 [ 81.349645][ T7224] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 81.349658][ T7224] RIP: 0023:0xf70fe579 [ 81.349667][ T7224] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 81.349676][ T7224] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 81.349686][ T7224] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 81.349692][ T7224] RDX: 0000000000000810 RSI: 0000000000000000 RDI: 0000000000000000 [ 81.349697][ T7224] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 81.349703][ T7224] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 81.349709][ T7224] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 81.349721][ T7224] [ 81.349725][ T7224] Mem-Info: [ 81.506410][ T7224] active_anon:4957 inactive_anon:91 isolated_anon:0 [ 81.506410][ T7224] active_file:4173 inactive_file:15312 isolated_file:0 [ 81.506410][ T7224] unevictable:1741 dirty:21 writeback:0 [ 81.506410][ T7224] slab_reclaimable:7023 slab_unreclaimable:55424 [ 81.506410][ T7224] mapped:23568 shmem:2283 pagetables:1133 [ 81.506410][ T7224] sec_pagetables:317 bounce:0 [ 81.506410][ T7224] kernel_misc_reclaimable:0 [ 81.506410][ T7224] free:49194 free_pcp:9398 free_cma:0 [ 81.520188][ T7224] Node 0 active_anon:484kB inactive_anon:336kB active_file:760kB inactive_file:40kB unevictable:3428kB isolated(anon):0kB isolated(file):0kB mapped:724kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7652kB pagetables:1772kB sec_pagetables:1156kB all_unreclaimable? no Balloon:0kB [ 81.530148][ T7224] Node 1 active_anon:19264kB inactive_anon:24kB active_file:15932kB inactive_file:61208kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:93548kB dirty:84kB writeback:0kB shmem:5596kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5052kB pagetables:2740kB sec_pagetables:112kB all_unreclaimable? no Balloon:0kB [ 81.540293][ T7224] Node 0 DMA free:2076kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:12kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:544kB local_pcp:60kB free_cma:0kB [ 81.549012][ T7224] lowmem_reserve[]: 0 289 289 289 289 [ 81.550777][ T7224] Node 0 DMA32 free:17680kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:2048KB free_highatomic:1648KB active_anon:484kB inactive_anon:324kB active_file:760kB inactive_file:40kB unevictable:3428kB writepending:0kB present:1032196kB managed:296004kB mlocked:0kB bounce:0kB free_pcp:10116kB local_pcp:3848kB free_cma:0kB [ 81.560461][ T7224] lowmem_reserve[]: 0 0 0 0 0 [ 81.561973][ T7224] Node 1 DMA32 free:177020kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:19264kB inactive_anon:24kB active_file:15932kB inactive_file:61208kB unevictable:3536kB writepending:84kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:26932kB local_pcp:9992kB free_cma:0kB [ 81.571644][ T7224] lowmem_reserve[]: 0 0 0 0 0 [ 81.573197][ T7224] Node 0 DMA: 3*4kB (M) 6*8kB (UM) 10*16kB (UM) 6*32kB (UM) 2*64kB (UM) 2*128kB (UM) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2076kB [ 81.577847][ T7224] Node 0 DMA32: 2*4kB (UM) 109*8kB (MEH) 72*16kB (UMEH) 61*32kB (UMEH) 78*64kB (UMEH) 32*128kB (UMEH) 6*256kB (UME) 2*512kB (UM) 2*1024kB (UM) 0*2048kB 0*4096kB = 17680kB [ 81.583305][ T7224] Node 1 DMA32: 671*4kB (UME) 570*8kB (ME) 313*16kB (ME) 284*32kB (ME) 247*64kB (UME) 35*128kB (UME) 16*256kB (UME) 14*512kB (UME) 13*1024kB (UM) 14*2048kB (UM) 20*4096kB (UM) = 176796kB [ 81.589040][ T7224] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 81.592012][ T7224] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 81.594905][ T7224] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 81.597893][ T7224] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 81.600879][ T7224] 22083 total pagecache pages [ 81.602352][ T7224] 319 pages in swap cache [ 81.603732][ T7224] Free swap = 118924kB [ 81.605669][ T7224] Total swap = 124996kB [ 81.607038][ T7224] 524155 pages RAM [ 81.608217][ T7224] 0 pages HighMem/MovableOnly [ 81.609728][ T7224] 209243 pages reserved [ 81.611088][ T7224] 0 pages cma reserved [ 82.230195][ T7349] lo speed is unknown, defaulting to 1000 [ 82.489641][ T7374] netlink: 'syz.1.503': attribute type 21 has an invalid length. [ 82.492174][ T7374] IPv6: NLM_F_CREATE should be specified when creating new route [ 82.696588][ T7400] netlink: 12 bytes leftover after parsing attributes in process `syz.2.514'. [ 82.699445][ T7400] netlink: 28 bytes leftover after parsing attributes in process `syz.2.514'. [ 82.703423][ T7400] netlink: 12 bytes leftover after parsing attributes in process `syz.2.514'. [ 82.706795][ T7400] netlink: 28 bytes leftover after parsing attributes in process `syz.2.514'. [ 82.709629][ T7400] netlink: 'syz.2.514': attribute type 6 has an invalid length. [ 82.856772][ T7416] netlink: 4 bytes leftover after parsing attributes in process `syz.3.519'. [ 83.934653][ T7482] __nla_validate_parse: 1 callbacks suppressed [ 83.934664][ T7482] netlink: 14 bytes leftover after parsing attributes in process `syz.1.547'. [ 84.365397][ T40] kauditd_printk_skb: 29 callbacks suppressed [ 84.365408][ T40] audit: type=1326 audit(1753151192.045:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.3.552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 84.374243][ T40] audit: type=1326 audit(1753151192.045:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.3.552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 84.381153][ T40] audit: type=1326 audit(1753151192.045:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.3.552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 84.387660][ T40] audit: type=1326 audit(1753151192.045:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.3.552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 84.394440][ T40] audit: type=1326 audit(1753151192.045:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.3.552" exe="/syz-executor" sig=0 arch=40000003 syscall=426 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 84.401250][ T40] audit: type=1326 audit(1753151192.045:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.3.552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 84.408338][ T40] audit: type=1326 audit(1753151192.045:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.3.552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 84.415301][ T40] audit: type=1326 audit(1753151192.045:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.3.552" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 84.422302][ T40] audit: type=1326 audit(1753151192.055:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7492 comm="syz.3.552" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 84.429380][ T40] audit: type=1326 audit(1753151192.055:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7494 comm="syz.3.552" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fc4579 code=0x7ffc0000 [ 84.479430][ T7465] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 84.483445][ T7465] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 84.490086][ T7465] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 84.493937][ T7465] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 84.495857][ T7465] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 84.498754][ T7465] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 84.503187][ T7465] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 84.505477][ T7465] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 84.508615][ T7465] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 84.512445][ T7465] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 84.514898][ T7465] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 84.517762][ T7465] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 85.319128][ T7543] lo speed is unknown, defaulting to 1000 [ 85.740558][ T5958] Bluetooth: hci0: command 0x0c1a tx timeout [ 85.885894][ T7595] netlink: 'syz.2.597': attribute type 10 has an invalid length. [ 85.889189][ T7595] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.892056][ T7595] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.898460][ T7595] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.900718][ T7595] bridge0: port 2(bridge_slave_1) entered forwarding state [ 85.902974][ T7595] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.905180][ T7595] bridge0: port 1(bridge_slave_0) entered forwarding state [ 85.909638][ T7595] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 86.541292][ T5956] Bluetooth: hci1: command 0x0c1a tx timeout [ 86.541983][ T5958] Bluetooth: hci2: command 0x0c1a tx timeout [ 86.550477][ T5958] Bluetooth: hci3: command 0x0c1a tx timeout [ 87.136053][ T7693] netlink: 4 bytes leftover after parsing attributes in process `syz.1.637'. [ 87.139208][ T7693] hsr_slave_0: left promiscuous mode [ 87.141995][ T7693] hsr_slave_1: left promiscuous mode [ 87.485810][ T7731] lo speed is unknown, defaulting to 1000 [ 87.821619][ T5958] Bluetooth: hci0: command 0x0c1a tx timeout [ 88.620599][ T5958] Bluetooth: hci3: command 0x0c1a tx timeout [ 88.620628][ T5956] Bluetooth: hci1: command 0x0c1a tx timeout [ 88.620773][ T5317] Bluetooth: hci2: command 0x0c1a tx timeout [ 89.160139][ T7831] netlink: 4 bytes leftover after parsing attributes in process `syz.3.695'. [ 89.163250][ T7831] openvswitch: netlink: Flow key attr not present in new flow. [ 89.635569][ T40] kauditd_printk_skb: 28 callbacks suppressed [ 89.635580][ T40] audit: type=1326 audit(1753151197.315:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7865 comm="syz.2.711" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 89.650400][ T40] audit: type=1326 audit(1753151197.315:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7865 comm="syz.2.711" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 89.656812][ T40] audit: type=1326 audit(1753151197.315:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7865 comm="syz.2.711" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 89.680490][ T40] audit: type=1326 audit(1753151197.315:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7865 comm="syz.2.711" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 89.690421][ T40] audit: type=1326 audit(1753151197.315:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7865 comm="syz.2.711" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 89.702565][ T40] audit: type=1326 audit(1753151197.315:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7865 comm="syz.2.711" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 89.715843][ T40] audit: type=1326 audit(1753151197.315:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7865 comm="syz.2.711" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 89.724737][ T40] audit: type=1326 audit(1753151197.315:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7865 comm="syz.2.711" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 89.738348][ T40] audit: type=1326 audit(1753151197.315:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7865 comm="syz.2.711" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 89.747412][ T40] audit: type=1326 audit(1753151197.315:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7865 comm="syz.2.711" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fe579 code=0x7ffc0000 [ 89.901343][ T5956] Bluetooth: hci0: command 0x0c1a tx timeout [ 89.913766][ T7878] lo speed is unknown, defaulting to 1000 [ 90.140201][ T7901] syz.3.723 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 90.700506][ T5958] Bluetooth: hci1: command 0x0c1a tx timeout [ 90.700524][ T5317] Bluetooth: hci3: command 0x0c1a tx timeout [ 90.701223][ T5956] Bluetooth: hci2: command 0x0c1a tx timeout [ 92.141984][ T7996] Illegal XDP return value 1827373598 on prog (id 283) dev N/A, expect packet loss! [ 92.742418][ T8040] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 92.745324][ T8040] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 92.749707][ T8040] vhci_hcd vhci_hcd.0: Device attached [ 92.755942][ T8041] vhci_hcd: connection closed [ 92.757436][ T1227] vhci_hcd: stop threads [ 92.764102][ T1227] vhci_hcd: release socket [ 92.767413][ T1227] vhci_hcd: disconnect device [ 92.827088][ T8052] netlink: 14 bytes leftover after parsing attributes in process `syz.0.782'. [ 93.334456][ T8067] tipc: Started in network mode [ 93.336085][ T8067] tipc: Node identity 8ac9382ad9b8, cluster identity 4711 [ 93.338337][ T8067] tipc: Enabled bearer , priority 0 [ 93.343716][ T8066] tipc: Disabling bearer [ 93.850378][ T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 94.023667][ T9] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 94.026492][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 94.029052][ T9] usb 6-1: Product: syz [ 94.032111][ T9] usb 6-1: Manufacturer: syz [ 94.033622][ T9] usb 6-1: SerialNumber: syz [ 94.040968][ T9] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 94.074208][ T9] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 94.155376][ T8137] netlink: 'syz.0.811': attribute type 3 has an invalid length. [ 94.360734][ T6020] usb 6-1: USB disconnect, device number 2 [ 95.110385][ T9] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 95.112914][ T9] ath9k_htc: Failed to initialize the device [ 95.115772][ T6020] usb 6-1: ath9k_htc: USB layer deinitialized [ 95.132987][ T8214] loop7: detected capacity change from 0 to 7 [ 95.137070][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 95.139948][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 95.142546][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 95.145419][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 95.147957][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 95.150854][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 95.153410][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 95.156205][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 95.159255][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 95.162146][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 95.166116][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 95.168936][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 95.171769][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 95.174706][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 95.177160][ T8214] ldm_validate_partition_table(): Disk read failed. [ 95.179382][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 95.182264][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 95.185350][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 95.188840][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 95.191723][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 95.194242][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 95.197329][ T8214] Dev loop7: unable to read RDB block 0 [ 95.199395][ T8214] loop7: unable to read partition table [ 95.201325][ T8214] loop7: partition table beyond EOD, truncated [ 95.203264][ T8214] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 95.370877][ T6039] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 95.545443][ T6039] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 95.548944][ T6039] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 95.552049][ T6039] usb 8-1: Product: syz [ 95.553417][ T6039] usb 8-1: Manufacturer: syz [ 95.554913][ T6039] usb 8-1: SerialNumber: syz [ 95.563015][ T6039] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 95.578693][ T6039] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 95.662725][ T8254] netlink: 28 bytes leftover after parsing attributes in process `syz.1.861'. [ 95.848447][ T8266] netlink: 8 bytes leftover after parsing attributes in process `syz.1.867'. [ 95.856666][ T61] usb 8-1: USB disconnect, device number 2 [ 96.433214][ T40] kauditd_printk_skb: 45 callbacks suppressed [ 96.433229][ T40] audit: type=1326 audit(1753151204.115:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8282 comm="syz.0.874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 96.446234][ T40] audit: type=1326 audit(1753151204.115:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8282 comm="syz.0.874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 96.453246][ T40] audit: type=1326 audit(1753151204.115:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8282 comm="syz.0.874" exe="/syz-executor" sig=0 arch=40000003 syscall=95 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 96.461272][ T40] audit: type=1326 audit(1753151204.115:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8282 comm="syz.0.874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 96.468050][ T40] audit: type=1326 audit(1753151204.115:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8282 comm="syz.0.874" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 96.620408][ T6039] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive [ 96.622756][ T6039] ath9k_htc: Failed to initialize the device [ 96.625286][ T61] usb 8-1: ath9k_htc: USB layer deinitialized [ 96.806078][ T8321] tipc: Enabling of bearer rejected, failed to enable media [ 96.871109][ T8334] ptrace attach of "/syz-executor exec"[8336] was attempted by "/syz-executor exec"[8334] [ 97.042074][ T8354] tipc: Enabling of bearer rejected, failed to enable media [ 97.259128][ T8372] lo speed is unknown, defaulting to 1000 [ 97.776773][ T8392] tipc: Enabling of bearer rejected, failed to enable media [ 97.914356][ T8397] netlink: 14 bytes leftover after parsing attributes in process `syz.3.921'. [ 98.372983][ T8411] tipc: Enabling of bearer rejected, failed to enable media [ 98.562158][ T8363] warn_alloc: 1 callbacks suppressed [ 98.562169][ T8363] syz.2.909: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 98.569116][ T8363] CPU: 0 UID: 0 PID: 8363 Comm: syz.2.909 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 98.569129][ T8363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 98.569135][ T8363] Call Trace: [ 98.569140][ T8363] [ 98.569144][ T8363] dump_stack_lvl+0x16c/0x1f0 [ 98.569158][ T8363] warn_alloc+0x248/0x3a0 [ 98.569169][ T8363] ? __pfx_warn_alloc+0x10/0x10 [ 98.569185][ T8363] ? hash_netiface_create+0x3ec/0x1250 [ 98.569195][ T8363] ? __vmalloc_node_noprof+0xad/0xf0 [ 98.569212][ T8363] __vmalloc_node_range_noprof+0x101b/0x14b0 [ 98.569231][ T8363] ? hash_netiface_create+0x3ec/0x1250 [ 98.569245][ T8363] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 98.569264][ T8363] ? hash_netiface_create+0x3ec/0x1250 [ 98.569273][ T8363] __vmalloc_node_noprof+0xad/0xf0 [ 98.569287][ T8363] ? hash_netiface_create+0x3ec/0x1250 [ 98.569298][ T8363] __vmalloc_node_range_noprof+0xb73/0x14b0 [ 98.569317][ T8363] ? hash_netiface_create+0x3ec/0x1250 [ 98.569330][ T8363] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 98.569345][ T8363] ? __alloc_pages_noprof+0xb/0x1b0 [ 98.569359][ T8363] ? ___kmalloc_large_node+0x84/0x1e0 [ 98.569376][ T8363] __kvmalloc_node_noprof+0x30a/0x620 [ 98.569392][ T8363] ? hash_netiface_create+0x3ec/0x1250 [ 98.569403][ T8363] ? hash_netiface_create+0x3ec/0x1250 [ 98.569414][ T8363] ? hash_netiface_create+0x3ec/0x1250 [ 98.569423][ T8363] hash_netiface_create+0x3ec/0x1250 [ 98.569433][ T8363] ? __nla_parse+0x5b/0x60 [ 98.569447][ T8363] ? __pfx_hash_netiface_create+0x10/0x10 [ 98.569457][ T8363] ip_set_create+0x7e1/0x14d0 [ 98.569469][ T8363] ? __pfx_ip_set_create+0x10/0x10 [ 98.569478][ T8363] ? trace_contention_end+0xdd/0x130 [ 98.569502][ T8363] ? find_held_lock+0x2b/0x80 [ 98.569516][ T8363] nfnetlink_rcv_msg+0x9fc/0x1200 [ 98.569535][ T8363] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 98.569552][ T8363] ? consume_skb+0xcc/0x100 [ 98.569576][ T8363] ? __pfx___dev_queue_xmit+0x10/0x10 [ 98.569594][ T8363] netlink_rcv_skb+0x155/0x420 [ 98.569607][ T8363] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 98.569622][ T8363] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 98.569640][ T8363] ? ns_capable+0xd7/0x110 [ 98.569653][ T8363] nfnetlink_rcv+0x1b3/0x430 [ 98.569667][ T8363] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 98.569680][ T8363] ? netlink_deliver_tap+0x1ae/0xd30 [ 98.569694][ T8363] netlink_unicast+0x58d/0x850 [ 98.569708][ T8363] ? __pfx_netlink_unicast+0x10/0x10 [ 98.569724][ T8363] netlink_sendmsg+0x8d1/0xdd0 [ 98.569739][ T8363] ? __pfx_netlink_sendmsg+0x10/0x10 [ 98.569752][ T8363] ? __import_iovec+0x1dd/0x650 [ 98.569766][ T8363] ____sys_sendmsg+0xa98/0xc70 [ 98.569782][ T8363] ? __pfx_____sys_sendmsg+0x10/0x10 [ 98.569794][ T8363] ? get_compat_msghdr+0x11a/0x170 [ 98.569808][ T8363] ? __pfx_futex_wake_mark+0x10/0x10 [ 98.569825][ T8363] ___sys_sendmsg+0x134/0x1d0 [ 98.569836][ T8363] ? __pfx____sys_sendmsg+0x10/0x10 [ 98.569853][ T8363] ? find_held_lock+0x2b/0x80 [ 98.569872][ T8363] __sys_sendmsg+0x16d/0x220 [ 98.569882][ T8363] ? __pfx___sys_sendmsg+0x10/0x10 [ 98.569892][ T8363] ? __ia32_sys_futex_time32+0x1d9/0x460 [ 98.569911][ T8363] ? rcu_is_watching+0x12/0xc0 [ 98.569924][ T8363] __do_fast_syscall_32+0x7c/0x3a0 [ 98.569937][ T8363] do_fast_syscall_32+0x32/0x80 [ 98.569947][ T8363] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 98.569960][ T8363] RIP: 0023:0xf70fe579 [ 98.569969][ T8363] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 98.569978][ T8363] RSP: 002b:00000000f50ee55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 98.569987][ T8363] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 98.569993][ T8363] RDX: 0000000000000800 RSI: 0000000000000000 RDI: 0000000000000000 [ 98.569999][ T8363] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 98.570005][ T8363] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 98.570010][ T8363] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 98.570023][ T8363] [ 98.570026][ T8363] Mem-Info: [ 98.695421][ T8363] active_anon:2597 inactive_anon:1536 isolated_anon:0 [ 98.695421][ T8363] active_file:2018 inactive_file:7247 isolated_file:0 [ 98.695421][ T8363] unevictable:1749 dirty:250 writeback:0 [ 98.695421][ T8363] slab_reclaimable:5430 slab_unreclaimable:54201 [ 98.695421][ T8363] mapped:22301 shmem:2172 pagetables:1195 [ 98.695421][ T8363] sec_pagetables:321 bounce:0 [ 98.695421][ T8363] kernel_misc_reclaimable:0 [ 98.695421][ T8363] free:64927 free_pcp:7018 free_cma:0 [ 98.710650][ T8363] Node 0 active_anon:440kB inactive_anon:372kB active_file:1452kB inactive_file:412kB unevictable:3460kB isolated(anon):0kB isolated(file):0kB mapped:1584kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7700kB pagetables:1672kB sec_pagetables:1168kB all_unreclaimable? no Balloon:0kB [ 98.721315][ T8363] Node 1 active_anon:10044kB inactive_anon:5772kB active_file:6764kB inactive_file:28632kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:87752kB dirty:992kB writeback:0kB shmem:5152kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5024kB pagetables:3080kB sec_pagetables:116kB all_unreclaimable? no Balloon:0kB [ 98.731443][ T8363] Node 0 DMA free:2036kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:12kB inactive_anon:4kB active_file:8kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:272kB local_pcp:124kB free_cma:0kB [ 98.740233][ T8363] lowmem_reserve[]: 0 289 289 289 289 [ 98.742021][ T8363] Node 0 DMA32 free:15116kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:2048KB free_highatomic:1672KB active_anon:428kB inactive_anon:368kB active_file:1444kB inactive_file:408kB unevictable:3460kB writepending:8kB present:1032196kB managed:296004kB mlocked:0kB bounce:0kB free_pcp:11208kB local_pcp:2520kB free_cma:0kB [ 98.751709][ T8363] lowmem_reserve[]: 0 0 0 0 0 [ 98.753270][ T8363] Node 1 DMA32 free:242240kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:10044kB inactive_anon:5772kB active_file:6764kB inactive_file:28632kB unevictable:3536kB writepending:992kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:17256kB local_pcp:8356kB free_cma:0kB [ 98.764683][ T8363] lowmem_reserve[]: 0 0 0 0 0 [ 98.766201][ T8363] Node 0 DMA: 10*4kB (UM) 5*8kB (M) 4*16kB (UM) 7*32kB (UM) 4*64kB (UM) 3*128kB (UM) 0*256kB 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2032kB [ 98.770659][ T8363] Node 0 DMA32: 52*4kB (ME) 104*8kB (MEH) 94*16kB (UMEH) 62*32kB (MEH) 57*64kB (UMEH) 16*128kB (UMEH) 15*256kB (UME) 2*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 15088kB [ 98.775757][ T8363] Node 1 DMA32: 716*4kB (ME) 546*8kB (UME) 245*16kB (ME) 182*32kB (UME) 111*64kB (UME) 62*128kB (UME) 31*256kB (ME) 29*512kB (ME) 33*1024kB (UME) 15*2048kB (UM) 30*4096kB (UM) = 242192kB [ 98.781757][ T8363] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 98.784712][ T8363] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 98.787548][ T8363] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 98.790468][ T5958] Bluetooth: hci3: command 0x0c1a tx timeout [ 98.792509][ T8363] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 98.795361][ T8363] 11925 total pagecache pages [ 98.796862][ T8363] 409 pages in swap cache [ 98.798207][ T8363] Free swap = 114796kB [ 98.799505][ T8363] Total swap = 124996kB [ 98.800867][ T8363] 524155 pages RAM [ 98.802046][ T8363] 0 pages HighMem/MovableOnly [ 98.803521][ T8363] 209243 pages reserved [ 98.804860][ T8363] 0 pages cma reserved [ 98.902529][ T8441] tipc: Enabling of bearer rejected, failed to enable media [ 98.917133][ T8363] syz.2.909 (8363) used greatest stack depth: 20792 bytes left [ 99.055216][ T8467] netlink: 8 bytes leftover after parsing attributes in process `syz.2.950'. [ 99.092446][ T8475] BUG: assuming non migratable context at ./include/linux/filter.h:703 [ 99.095196][ T8475] in_atomic(): 0, irqs_disabled(): 0, migration_disabled() 0 pid: 8475, name: syz.1.953 [ 99.099628][ T8475] 3 locks held by syz.1.953/8475: [ 99.102453][ T8475] #0: ffff88806fae6818 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sctp_sendmsg+0xd8c/0x1ee0 [ 99.105645][ T8475] #1: ffffffff8e5c4c80 (rcu_read_lock){....}-{1:3}, at: sctp_v6_xmit+0xbac/0x11a0 [ 99.108737][ T8475] #2: ffffffff8e5c4c80 (rcu_read_lock){....}-{1:3}, at: nf_hook+0xb2/0x780 [ 99.111457][ T8470] tipc: Enabling of bearer rejected, failed to enable media [ 99.111871][ T8475] CPU: 0 UID: 0 PID: 8475 Comm: syz.1.953 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 99.111885][ T8475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 99.111897][ T8475] Call Trace: [ 99.111901][ T8475] [ 99.111905][ T8475] dump_stack_lvl+0x16c/0x1f0 [ 99.111918][ T8475] __cant_migrate+0x1c7/0x250 [ 99.111931][ T8475] ? __pfx_nf_nat_ipv6_fn+0x10/0x10 [ 99.111950][ T8475] ? __pfx___cant_migrate+0x10/0x10 [ 99.111968][ T8475] nf_hook_run_bpf+0x83/0x1e0 [ 99.111985][ T8475] ? __pfx_nf_hook_run_bpf+0x10/0x10 [ 99.111998][ T8475] ? nf_nat_ipv6_out+0x3cc/0x4c0 [ 99.112014][ T8475] ? __pfx_nf_hook_run_bpf+0x10/0x10 [ 99.112026][ T8475] nf_hook_slow+0xbe/0x200 [ 99.112038][ T8475] nf_hook+0x45e/0x780 [ 99.112051][ T8475] ? __pfx_ip6_finish_output+0x10/0x10 [ 99.112064][ T8475] ? __pfx_nf_hook+0x10/0x10 [ 99.112095][ T8475] ? nf_hook+0x497/0x780 [ 99.112110][ T8475] ? __pfx_ip6_finish_output+0x10/0x10 [ 99.112123][ T8475] ? __pfx_nf_hook+0x10/0x10 [ 99.112140][ T8475] ip6_output+0x33f/0x540 [ 99.112153][ T8475] ? __pfx_ip6_finish_output+0x10/0x10 [ 99.112169][ T8475] ? __pfx_ip6_output+0x10/0x10 [ 99.112187][ T8475] ip6_xmit+0x12d7/0x2320 [ 99.112199][ T8475] ? __kasan_slab_free+0x51/0x70 [ 99.112209][ T8475] ? kmem_cache_free+0x2d1/0x4d0 [ 99.112223][ T8475] ? __pfx_ip6_xmit+0x10/0x10 [ 99.112246][ T8475] sctp_v6_xmit+0xcab/0x11a0 [ 99.112261][ T8475] ? kasan_quarantine_put+0x10a/0x240 [ 99.112272][ T8475] ? __pfx_sctp_v6_xmit+0x10/0x10 [ 99.112286][ T8475] ? kmem_cache_free+0x2d1/0x4d0 [ 99.112295][ T8475] ? sctp_chunk_put+0x205/0x2c0 [ 99.112310][ T8475] sctp_packet_transmit+0x1ef6/0x3040 [ 99.112334][ T8475] sctp_packet_singleton+0x19e/0x370 [ 99.112348][ T8475] ? __pfx_sctp_packet_singleton+0x10/0x10 [ 99.112366][ T8475] ? sctp_outq_select_transport+0x208/0x740 [ 99.112382][ T8475] sctp_outq_flush+0x53d/0x3350 [ 99.112395][ T8475] ? _raw_spin_unlock_irq+0x21/0x50 [ 99.112415][ T8475] ? __pfx_sctp_outq_flush+0x10/0x10 [ 99.112430][ T8475] ? __pfx_sctp_sm_lookup_event+0x10/0x10 [ 99.112440][ T8475] ? sctp_outq_tail+0x671/0xa30 [ 99.112453][ T8475] ? sctp_endpoint_add_asoc+0x225/0x2f0 [ 99.112466][ T8475] sctp_do_sm+0x1792/0x5c80 [ 99.112484][ T8475] ? kasan_save_stack+0x42/0x60 [ 99.112493][ T8475] ? kasan_save_stack+0x33/0x60 [ 99.112501][ T8475] ? kasan_save_track+0x14/0x30 [ 99.112511][ T8475] ? __pfx_sctp_do_sm+0x10/0x10 [ 99.112523][ T8475] ? sctp_sendmsg+0xef5/0x1ee0 [ 99.112536][ T8475] ? ____sys_sendmsg+0x973/0xc70 [ 99.112549][ T8475] ? __do_fast_syscall_32+0x7c/0x3a0 [ 99.112559][ T8475] ? do_fast_syscall_32+0x32/0x80 [ 99.112583][ T8475] ? sk_leave_memory_pressure+0xdd/0x130 [ 99.112600][ T8475] ? __sk_mem_raise_allocated+0x94d/0x1670 [ 99.112615][ T8475] sctp_primitive_ASSOCIATE+0x9c/0xd0 [ 99.112632][ T8475] sctp_sendmsg_to_asoc+0xa45/0x1bf0 [ 99.112644][ T8475] ? sctp_assoc_set_primary+0x177/0x300 [ 99.112661][ T8475] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 99.112675][ T8475] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 99.112695][ T8475] sctp_sendmsg+0xef5/0x1ee0 [ 99.112709][ T8475] ? finish_task_switch.isra.0+0x221/0xc10 [ 99.112725][ T8475] ? __pfx_sctp_sendmsg+0x10/0x10 [ 99.112740][ T8475] ? __pfx___might_resched+0x10/0x10 [ 99.112755][ T8475] ? find_held_lock+0x2b/0x80 [ 99.112766][ T8475] ? __pfx_aa_sk_perm+0x10/0x10 [ 99.112781][ T8475] ? __import_iovec+0x1dd/0x650 [ 99.112793][ T8475] ? __pfx_sctp_sendmsg+0x10/0x10 [ 99.112807][ T8475] inet_sendmsg+0x11c/0x140 [ 99.112823][ T8475] ____sys_sendmsg+0x973/0xc70 [ 99.112835][ T8475] ? init_inodes+0x24d3/0x2eb0 [ 99.112848][ T8475] ? __pfx_____sys_sendmsg+0x10/0x10 [ 99.112860][ T8475] ? get_compat_msghdr+0x11a/0x170 [ 99.112873][ T8475] ? try_to_wake_up+0xa2f/0x1680 [ 99.112885][ T8475] ___sys_sendmsg+0x134/0x1d0 [ 99.112913][ T8475] ? __pfx____sys_sendmsg+0x10/0x10 [ 99.112932][ T8475] ? find_held_lock+0x2b/0x80 [ 99.112953][ T8475] __sys_sendmsg+0x16d/0x220 [ 99.112964][ T8475] ? __pfx___sys_sendmsg+0x10/0x10 [ 99.112974][ T8475] ? __ia32_sys_futex_time32+0x1d9/0x460 [ 99.112996][ T8475] ? rcu_is_watching+0x12/0xc0 [ 99.113009][ T8475] __do_fast_syscall_32+0x7c/0x3a0 [ 99.113022][ T8475] do_fast_syscall_32+0x32/0x80 [ 99.113034][ T8475] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 99.113046][ T8475] RIP: 0023:0xf70de579 [ 99.113054][ T8475] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 99.113064][ T8475] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 99.113073][ T8475] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000800 [ 99.113079][ T8475] RDX: 0000000004048043 RSI: 0000000000000000 RDI: 0000000000000000 [ 99.113085][ T8475] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 99.113090][ T8475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 99.113096][ T8475] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 99.113109][ T8475] VM DIAGNOSIS: 02:13:58 Registers: info registers vcpu 0 CPU#0 RAX=0000000000146e6b RBX=0000000000000000 RCX=ffffffff8b82ac69 RDX=0000000000000000 RSI=ffffffff8de29c33 RDI=ffffffff8c155de0 RBP=fffffbfff1c52ef0 RSP=ffffffff8e207e08 R8 =0000000000000001 R9 =ffffed1005646645 R10=ffff88802b23322b R11=0000000000000001 R12=0000000000000000 R13=ffffffff8e297780 R14=ffffffff90a95b50 R15=0000000000000000 RIP=ffffffff8b8297cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809752d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7476188 CR3=0000000072ae5000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000046 RBX=ffffffff8e5c4c80 RCX=00000000927b7543 RDX=0000000000000000 RSI=ffffffff8de04a0a RDI=ffffffff8c155de0 RBP=0000000000000002 RSP=ffffc900038ef620 R8 =93df5a4c706d073c R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff819814ba RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809762d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7135636 CR3=0000000067317000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000002 RCX=ffffffff95d75720 RDX=0000000000000000 RSI=ffff888023da8b40 RDI=ffff888023da8000 RBP=ffff888023da8000 RSP=ffffc9000399ec08 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000050 R11=0000000000000001 R12=ffff888023da8af0 R13=ffff888023da8b40 R14=0000000000000002 R15=0000000000000001 RIP=ffffffff8197f1b3 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809772d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f66bee01000 CR3=0000000029093000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 63696d6f74616269 6c2f343662696c2f ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000248 0000000000007db8 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffffffffffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001da0 0000000000033260 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8556d065 RDI=ffffffff9b09f540 RBP=ffffffff9b09f500 RSP=ffffc90006ab6718 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000020 R14=ffffffff9b09f500 R15=ffffffff8556d000 RIP=ffffffff8556d08f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88809782d000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f741d54c CR3=000000001e627000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000