last executing test programs: 7.639645426s ago: executing program 1 (id=4370): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ptrace$ARCH_MAP_VDSO_X32(0x1e, r0, 0x1, 0x2001) r3 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@loopback, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@dev, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0xe8) r4 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@loopback, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in=@multicast2, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0xe8) sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0) r5 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f00000001c0), 0x4) sendmsg$key(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="0203100802"], 0x10}}, 0x0) sendmsg$key(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0) sendmsg$key(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) recvmmsg(r5, &(0x7f0000000f00), 0x274, 0x10000, &(0x7f0000001000)={0x77359400}) futex(0x0, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0) openat$sndtimer(0xffffffffffffff9c, 0x0, 0x123101) futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, 0x0, 0x0) tkill(0x0, 0x11) 1.90960077s ago: executing program 0 (id=4414): unshare(0x2040400) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0) ioctl$TCSETSW2(r0, 0x5425, 0x0) 1.439872196s ago: executing program 0 (id=4415): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}) connect$unix(r2, 0x0, 0x0) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) r4 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x2}, {}, 0x0, 0x6e6bb9, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2, 0x7, 0x200}}, 0xe8) sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0x0) 1.239945697s ago: executing program 2 (id=4416): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000001480)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0xffffffff, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x10}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4008841}, 0x0) 1.239742426s ago: executing program 1 (id=4380): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r0 = gettid() syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r1, 0x25, &(0x7f0000000000)={0x1}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r2, 0x26, &(0x7f0000000480)={0x0, 0x2, 0x1000000000000, 0x8725}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f00000004c0)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) 1.239585277s ago: executing program 2 (id=4417): msgsnd(0x0, &(0x7f00000058c0)={0x3, "69dc509bac571f1d1255ed2d2ad816158a979f5a48f9e9c1551edf64182fd9d1aa42de10337cf308d88307203df51065da1b9f11f1e40e1de96242f73abcf44b05f47472dc84077c5d95f1308e2e093ca16f771c8e0afec1bd7c6bbb70310681592582d9fafdaf99319611d74f76ebd2671020d53f4dce8ce695cbdaa9697333201abfd34f0478d39dfbbcf82c0267c03685193563a3739dd676fa2199ab56577496cdbd1b2468667e62b3f2919fd614aa6b641a8fa94e03d3477f96000fbdfd45ef3a0f45abfe50632967827ee71c53a88d289f9efcb68efa170efb31fb798295d64d54485107c7c669fb81d2f547a8df22d749ebdb0d914f46489877789bfb3bd9625031415ba4b96f337d658f6ec0afbb93ba4d41e3a3dc0b10c8bff7034f4707bf616968a27d3e922ebdda0a92d20faae7bcd01e6829c2dea16d8f3de19e65d634e08cea78a7a22eec232e417564c8424c5f395f67deaffa30f44390d6a8a600d0251212387315b7cbf288ece6e3b5a4b64b55cce45fcf6191cfabb5ce176080e1adf46346b5c3eb0a589508c564eab5e5474f1633e3bb477f8239680ac1cc30b2bfc7c879291fd65dfc9071f43eb12db9e5ef2733589e640168800f66b2ccb2804f440bb5b371a7dd5c5572db94683386d6852cfcec74aaa59b6807174d85ddc4da42cf8fc9811e7efdeefc65ca096736566f371f5f3e76eda2bff42ee26335b69295350865071b77b46721e9620459b5abce0e2273f345af7e0ec2c4f95251e5ce6eec30ef97d0457d3871c3d65a4fd5901ccec1e0f82b3c5feb6a9935bafb037b78defa084de22cecc6f40610793b76b67ed78713f123917e52e5d6de4019ddf8b7597c7a349c275acd59a66040455a191ffbd38d91f41ce42262bd912694b5e9c748d5bce2d682cfc4bc1aa9330091d3920381301805e345158a54ca595f28c2cb57929078ad770eb143a5ab31434d41cac58a36a58a91ce2d96f34e633407b4e29ec164efaf3c50df6be2cec3ec88c09c13979c493c8286c6c8a6fcaf2806d6dafdff9ae731a2d19ecfc74dd29f13287eb66c653f7c4018a84454d961d624527ad79e9dc2f2697e429608d94dc74f463ce439dbad86b277c4241f2e513e69fb56cd5e859d5bc82d662a156d867bf083ca247a2a07a5cb7679b1f358ada7a41de224958749f3ad0e55331278579144ee57866f4a4e967aa46462f041e9db8ca7f7d97b408224a0f60ec1a58599d4d32a3a9afd59854465e752d0a8ed68ffa7c481c1791220bfb1f6eeb534cd3b0e5086083072979b8444120ca65a7f7f68e11dbd0aaa235e052812878aee1c0ca5be62213336428aa8a1ba9e87ec4cac02695f5402389fee717d1abb147aa9f31a7f5c80c7fd90c6807ee806ad83434ea4997d24e3c85a875395178f8b2c91b1946f55ec0de0bbe167b4dc3aa891947e855fdaf0f8e08b3c9d79d0899d8205061abc1379ae2f3c02c35be98ea948d48bce169452f197ab838be307eaa0b98861d814ee2753b9d33042f730357d789b4a4b55335259edfc4986a3ba73de7bfcc0e3fd13550183d3fe37966c02831575ad0e23da245fec7766c64ae1c64dc5f59b9f865ab61a4d6f8631a3aeb9d2baf8d67ea241166a89942acbc29d5815a7023c3d90c39243a2713e5c1f9d6188eaeec83e89c9650238c079c7700b0613b6d3bbf51e5ff4441d9c46f0837bf75d682f36ea9e75bb9eae6adeb2036e1345e82c91071c885b2790ca940a55a07c78a5a13da90446a55684e066484f43a42057b743e0772b80a513e0606a98aaa2e35586f0d9563bad7f9e596859756520e053c3d8cbc629a07b2e8616cd6ba6677debe6390dce9fb23a121eec3e143a5570770bc1138eb3a7e98de1e70511a9cf909c68b067aeefeb27eda104d3149500fccb4b3b5e73d4e9bebf2d79899e4bffc7b7ddd3e43577eaf39e46c668b5d9020b5d623dfd555fbe5d3a99fe183e0e05e57c1634059add2814a0eaca4e5f09d8cf3f4073c7016c669194913af6413b4e4b6e54a9e05b72e827caec65eb6b74d0740041800d2de04fd54d8656f36cd56df7549faf479d16397085a0c1e6e7913c9ce202030a15d810b8f733ae4499553fbc33502c39cb9e4ad43ab08a46014455b146e1af8e2f0c7617ed1f65aa5a5be9fea0d71f25fd35362bc972e6897c1f359000622caf3c776ee3c129020a1414ed0c2c00c5412b1a2bd91a1cf793e727bae126df01b8694f67b0cad99f6b271ae8d9b3c6b05b90b396704414357d1da035fc214dfc20bd9bfdcce2cf08b8b04f3d92914ad09a3964ccca4afbcaf25a28e981ccbdf890f8af251a30a109215244824be0e8305391a7515608be24e21f28afbf6edeef49f3c130e1e8d02cc17f9487506b8a8cc9fa54c6538edd17ddb0b41aca482e38a7f4b0746cfbc823fb586df8e6eaae50a4e8513f3b4db34da1d5322332ecf03e36a2533086df0cd26594a064f695b980a54c2c439a4d21fe71e1f16be6be708ebdfd5de1ed46790daae463cc3fa00e1f3957950faed767e7d6b5616e9fd25bcc3d84f27953c70f636a05747d9dc0364cca25f7161c4ea0db0679285ad639be07e1ca8642bba3af274d3364a06082638805fe0fa5eb913122eeaecb3b3f90f7a627871159aa51a47fcd28bf838a821227535c6b1a9b264a287d1ed02f9155691597c4d9dffa5060c93699c1a5d56806cbc630abe938391ce01d5ba7b4f956a1fcbf063990de37f0c3368cefb84b271f469d38dfe81e82eca441568091539ba6e8009de41286800867b629af7cd1a81c136d1edfa413b2c130d9d45b79554827aca504a7af7ad54bcb8bb0db189f4920f5d813ca68d170a95b316f6d70a33708808212b2bed72b881740ad303dda3b6851e930e585abd9ab65781eb4d7cd81211c4d1aa76a5c352e5b54ab2359c33f81a36953be63fff389f64afc41105f9fc34062a335b00d50fde4755bb8e48d2765f7d27f145b7d6c2ef529918816e64132f1b8117427930bf6dc7d4a98cadc16af1ca45cbd3d221c372efced5d5083edaec164cbcb4fdbc528543c920cdc5c911bab40b1f0b2fa1748f3b15d54a2cbb469be3516975bb412d8870738438168bf06fd8d739da9d4f36d6ee1d7c1ebda99243f043836accaed8aa554909413239d6c41226469ae5d824bfbc1de1231498fa0ad0b1d44f9d4b4bbe3821d57a6593e797a3e4c55fdb739fa2debb35f9a867d386ae99a44ac50a29d6bdbc6f6bedb2dc4d17bd6d9054cb54365c8f5c7fb8608730f459aa4518174fda7bde6179ac17cd1c6049e59e2b71082cf3187ce5646b47db745bd8444420cc5ee8aeb6038a61920698c8ee7cffd2f4f6ec666c79fa2feb522f4306002a2f67ad8d98c5ec8b6f5616b494d2023fffbf3cd92dfb9389c38e3eda197d61104327fa133706afa11ba3a79e65be1e89d7ca02ecd64ece2151a99fc75c7f4ac56a93f952715fdb4252e3c6ebd44bc83ece535c736d27482115f662e849ecc47fa79723b96a15b4c6eecc1779b6f52d2d2151508c424bf26688cb30305fb4464febd4c81948283e7994f5b67ddb6067d33f194d93e2ad151fcfb3a388177dc3435a8fd30b9da6caac1a5c3d6a2c982622e3d46dec15b584a5a8116c46f5fe96086551df98f777199a3a21ce12d253eb70343a5d67c18606ce3e82876caab4dd4b803dc0d7f0c9f6ea066a956cb0f2556b5ec67f75df85b0370ae9aa27c3f4cbffb8547901bf7a4a1db0b509f52dab60cdc4d5bf3f78e632b49d811ae85f0b87d582d574878b5387c771ddb4d415ffad6058e28ca9d7581ca9ad5fb9c1d1c0bef389a60168a86487a097b126c7c8a227219859f6826af2ce4f65720f580326b508ee3c1b212cf9c5099c17b0a8b41dbee6431a76f28f3f2df391cae254266bf2e97fa6a529ad0011bb78337f3b5f5ae3f7b47b1fddfe9254f9b030d907d7412ba8f0b789b1281ab3a1003f8c7ab1f21b127a216de077bc64643e6e5c70ed9754d4fb9e39b6e566e7be8c6c23828d80d46e3d250ded7a1a9ba28445027fe721e136bbf2627f4d3beb9ab5c6366c220a9050db231c7c1dea625ebd9d093f00fbb75f8525742be54b6373134801579564599753eeb1085e3f32aaa4e1a963af72b3780d9f519da0e2925a81a9e164ddfd3708ddbfc88cf470c7e30f5d5200ac6a33ce2cb7cb2b5fdae27e4bb3e882b04ec091f8809277d5126eb78be9e069cdc8cc469935d78f58478e3d958c26942a0556a4c82b05391cb0739887dae1ca16252e020e4d3dbdf93ee039973969580244e5caa382938b686b216365180acbaaaa104e8bbdcd813dc9e4a7ed872cad53af7ffa0c5d3af6e8604bd9977317c6578671b2b9addac7f63c73433055e813761ab476365c2a7bf2e7cd7089bcac8346d3c0c042f53e4615b89430984ab2dde05ef510400996452c624bbb5e595e5de9f54dfae0ae2eaa22d8968cbafaf735c7372eab23f31199e179e11b847f8f07562b6cbee92377a88f77c97cdc63048bb78ae2f7b25b071313a7b0c0ed19068c29ab48b7369e97c946eb5ace5da4ca030301c59284ac2daab11011ed67e5ebbc778c3e88e6718241f21f301f6c85ef1e153e96812c587550759b0c1bbeb064859fb1eae98a3ca2909c9487f5664caf07c9b38576e49ae7050605e88d9950fb4b18c1387f70b4eb3bfff00bb9248bdfc37dd1cba89872302883fc194a19ecef3fc408a86e36177e57e0bd79d7e1481bcbe4167cb4dd30906a072420051e12aa0e7f6904342ceb75c77c04a345b3f8e7fbde2acb853b52d32cd86aa2546171429a1f0bf7f5d7d9cabe6fe0035beaead4105ff517c82c4e9ea666874cc4eb077be4dd1c1c1a495daa06f0c9286d87b8021c882a9999d3e710f1c31b2a5db1dee2ebad98c1aefa14da545f0f42769723753896ba0c13da531aa5b3b94a185b66d3cb0eca515ac808c812e624832535794d7110c1138267a779e07124c9d50105e98e80d8b694107de6264307e58db590253272c6bab89952c9970154879742c84d5b61fd81b22ebfc646efe884343171d3bb89e9532100033cb04e5ea797a304f5ad9c3a1864ee700198700229bec6407119352abd70893b508b08544601a2d31231e102288af20aee99a8e76dc74e776abc536533b7c6b066de32ad78085dbec49295fe795732f8d400f6cd028feb9e1e96398ef5f44302c0a32eabb99acef2a13b96c1b7c176071694d2d9ca7d1ac31af20f8192527663d9acfece49b21a243b48f058fadc9f123d26aa574bc29874acc33aa2b901b88069f6b69aba90cfe5716f2de4b4ecc1f90d3d8e4a35f513429cab023d65854dd992b98cd73017a4c47093ac7d800cb5ef4ff9584a9196480591911973c068ff279109ce03d8c2a6cc2c4eedbb8df157311c00826c12d54c0ccb405d2790165e5c5a775701d5ec1a1d3e4b37c862499292452edf8e6e142d82130adc22bb34bd63d087237c1de86f3ac610cb200447ad3bdbed2f9049bc4e51dadbf576890d15e91ff4af9164f71839b2837d8be4a47ca1ec56de4e66ac943d82326461a711d97321680d10072c7ccacde2aee1fd2c1bc16ab160a883aae2eace95420386950206611db902dee88fc4d19a6b13c5cf3dec3b55a1a203fdbb02101963bbde362f624f15914cabbd33db0ecbdf32a880eb734ec9e6b9f6957b93f5c16445acd13b50af6"}, 0xfd1, 0x0) writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)}], 0x1) socket(0x10, 0x80002, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x1, 0x0, 0x0) read$FUSE(r1, &(0x7f0000000340)={0x2020}, 0x2020) r3 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00') read$FUSE(r3, &(0x7f0000001680)={0x2020}, 0x2020) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000001580)=[{&(0x7f0000000200)=""/176, 0xb0}, {&(0x7f0000000380)=""/239, 0xef}, {&(0x7f0000000040)}, {&(0x7f0000000480)=""/233, 0xe9}, {&(0x7f00000002c0)=""/92, 0x5c}, {&(0x7f0000000580)=""/4096, 0x1000}], 0x6) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newlink={0x30, 0x10, 0x801, 0x0, 0xfffffffc, {0x0, 0x0, 0x4c, 0x0, 0xc3}, [@IFLA_GROUP={0x8}, @IFLA_OPERSTATE={0x5, 0x10, 0x5}]}, 0x30}, 0x1, 0xffffa888}, 0x8810) 1.159836463s ago: executing program 2 (id=4418): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) recvmsg$unix(r2, &(0x7f0000000280)={0x0, 0xfffffffffffffe12, 0x0}, 0x1124) setsockopt$sock_int(r2, 0x1, 0xa, &(0x7f0000000180)=0x1007e, 0x11fb96e13838704f) sendto$unix(r1, &(0x7f0000000000)="ba", 0x1, 0x48005, 0x0, 0x0) 1.069898354s ago: executing program 2 (id=4419): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_ro(r3, 0x0, 0x275a, 0x0) write$cgroup_int(r4, &(0x7f0000000200)=0x1, 0x12) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'}) socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$NL80211_CMD_SET_REG(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000500)=ANY=[@ANYBLOB='(\x00', @ANYRES16, @ANYBLOB="0100271a0000000c002280040000800400008007"], 0x28}, 0x1, 0x0, 0x0, 0x4044800}, 0x10) r6 = add_key$fscrypt_v1(&(0x7f0000000300), &(0x7f0000000080)={'fscrypt:', @desc1}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0x4}, 0x48, 0xffffffffffffffff) keyctl$KEYCTL_MOVE(0x4, r6, r6, 0x0, 0x0) close(0xffffffffffffffff) r7 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r7, 0x0, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="070000000000000002000000000000000000000000000000000000000000040000000000000000000000000000000000000000f4005424ebf937644cac00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100020000000000"], 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r8}, 0x10) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x11}, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000180)=ANY=[@ANYRESOCT=r9, @ANYRESHEX, @ANYRESHEX, @ANYRESHEX]) 939.914756ms ago: executing program 3 (id=4421): r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x40101, 0x0) syz_open_dev$MSR(&(0x7f0000000040), 0x1, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000480)='./binderfs/custom0\x00', 0x800, 0x0) mmap$binder(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x9) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000005c0)=<r2=>0x0) ptrace(0x4208, r2) ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000001600)={0x5, 0xffffff7f, 0x2, 0xe, 0x4, "29c93b4bdf78eb8fecb8fbd4b03f376ba6255d", 0x3c6, 0x4}) write$binfmt_misc(r0, &(0x7f00000016c0)="415c323f9faa4f17b7b1a9f8f634752b6cf2affdfc206cd05f9ba323b81ca87b74fb71b8284471ef86833822a19df5d545725356774914bd447904a2052f88fba36b0e49dd117d07a07d0a527fed34d73392994c0891fd7ae47232d35d64cf748cb0abac8b17f514b8b6a42427e365088aba38d47bd615bae554cc06cc1537ec2b253101dfa6e23fdd792a7e2260813c43cb1555ae64514948ad30b46a0e6ff4e215bf806084eec91b9162", 0xab) 889.689704ms ago: executing program 3 (id=4422): syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x85, 0x4f, 0xbe, 0x10, 0x50d, 0x2102, 0x70d0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x1d, 0x0, 0x2, 0xff, 0xff, 0xff, 0x0, [], [{{0x9, 0x5, 0xa, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x82, 0x2, 0x450}}]}}]}}]}}, 0x0) gettid() socket$netlink(0x10, 0x3, 0x0) 568.951744ms ago: executing program 0 (id=4423): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000340)=@newlink={0x50, 0x10, 0x437, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, 0x1a494, 0xa080}, [@IFLA_LINKMODE={0x5, 0x11, 0xd}, @IFLA_VFINFO_LIST={0x28, 0x16, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, [@IFLA_VF_IB_PORT_GUID={0x14, 0xb, {0xa, 0x800}}, @IFLA_VF_LINK_STATE={0xc, 0x5, {0xffff, 0x80000001}}]}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x4c841}, 0x24044804) 568.744107ms ago: executing program 0 (id=4424): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 479.755756ms ago: executing program 0 (id=4425): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB]) 348.056286ms ago: executing program 0 (id=4426): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xfffffffffffffffe}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f00000008c0)={{0xa, 0x0, 0x400, 0xfffffffb, '\x00', 0x431}, 0x4, 0x10000000, 0x1, r0, 0x0, 0x100, 'syz0\x00', &(0x7f0000000880)}) bpf$MAP_CREATE(0x0, 0x0, 0x48) gettid() bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='f2fs_writepages\x00', 0xffffffffffffffff, 0x0, 0x800}, 0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x17, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305829, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="10000000040000000400000008"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r3, 0x0, &(0x7f0000000080)=""/52}, 0x20) r4 = socket$inet(0x2, 0x3, 0x8d) setsockopt$inet_msfilter(r4, 0x0, 0x8, 0x0, 0x1) getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, &(0x7f0000000140)) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2e}}}) socketpair(0x1, 0x1, 0x0, 0x0) ioctl(0xffffffffffffffff, 0x8916, 0x0) 347.871528ms ago: executing program 1 (id=4427): r0 = syz_open_dev$loop(&(0x7f0000000000), 0x9, 0x40) ioctl$BLKALIGNOFF(r0, 0x127a, &(0x7f0000000040)) 347.810804ms ago: executing program 3 (id=4428): creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dc4a) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280)=ANY=[], 0x0, 0x0) 347.701313ms ago: executing program 3 (id=4429): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(0xffffffffffffffff, 0x942e, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x200, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = open(0x0, 0x20aa01, 0x13d) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) timerfd_settime(r2, 0x2, &(0x7f0000000200)={{0x77359400}, {0x77359400}}, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) r3 = socket(0x840000000002, 0x3, 0x100) ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r3, 0x8982, 0x0) 347.627615ms ago: executing program 1 (id=4430): prctl$PR_SET_SECUREBITS(0x1c, 0x1d) setgroups(0x0, 0x0) getgroups(0x1, &(0x7f0000000080)=[<r0=>0xee00]) setregid(0x0, r0) r1 = socket$unix(0x1, 0x1, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r2, 0x0) r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) setgroups(0x1, &(0x7f0000000000)=[r0]) write$tcp_mem(r3, 0x0, 0xffffff20) 259.797878ms ago: executing program 1 (id=4431): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xa6, 0x0, 0x5, 0x0, 0xfffffffffffffdfc}, {0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4, 0xff, 0x2, 0x0, 0x800000000000000}, {0x2, 0x3, 0x0, 0x0, 0x4, 0x5, 0x4, 0x0, 0x5}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000100)={[{0x0, 0xffff, 0x6, 0x81, 0x7, 0x1b, 0x9, 0xe, 0x4, 0x6, 0x7f, 0x7, 0x6}, {0x5, 0x3, 0x13, 0x1, 0x7, 0xfe, 0x7c, 0x2, 0x3, 0x4, 0x0, 0x43, 0x5}, {0x4, 0xfff8, 0xaf, 0xf6, 0x6, 0x3d, 0xb9, 0x0, 0x8, 0x0, 0xa, 0x2, 0x10}], 0x9}) 195.618675ms ago: executing program 2 (id=4432): unshare(0x60480) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd2(0x0, 0x80000) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x7c, 0x3000, 0x8, r2}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x5002, 0x3000, 0x8, r2, 0x4}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x1, 0x81) 195.513145ms ago: executing program 1 (id=4433): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE(r0, &(0x7f00000000c0)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000006c0)=""/83, 0x53}}, 0x120) writev(r0, &(0x7f0000000780)=[{0x0}], 0x1) 119.92273ms ago: executing program 2 (id=4434): syz_usb_connect$cdc_ncm(0x5, 0x74, 0x0, 0x0) r0 = socket$key(0xf, 0x3, 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={0x0, 0x10}}, 0x0) mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha1\x00'}, 0x58) r2 = accept4(r1, 0x0, 0x0, 0x0) r3 = openat$procfs(0xffffff9c, &(0x7f0000000c40)='/proc/crypto\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x3) 70.006338ms ago: executing program 3 (id=4435): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000140)="8457", 0x2}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=[@rthdrdstopts={{0x18, 0x29, 0x37, {0x62}}}, @flowinfo={{0x14, 0x29, 0xb, 0x5}}], 0x30}}], 0x2, 0x4400c800) 0s ago: executing program 3 (id=4436): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180200002343ffff0000000000000000850000004100000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0xfdef, &(0x7f0000000a80)=ANY=[], 0x0) kernel console output (not intermixed with test programs): driver hub failed with error -5 [ 214.936497][ T63] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input25 [ 215.479784][T12541] overlayfs: missing 'lowerdir' [ 215.563123][ T63] usb 7-1: USB disconnect, device number 10 [ 216.091397][ T64] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 216.241790][ T64] usb 6-1: Using ep0 maxpacket: 16 [ 216.245243][ T64] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 216.248837][ T64] usb 6-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 216.253786][ T64] usb 6-1: config 0 interface 0 has no altsetting 0 [ 216.258598][ T64] usb 6-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 216.261809][ T64] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 216.264628][ T64] usb 6-1: Product: syz [ 216.266241][ T64] usb 6-1: Manufacturer: syz [ 216.267976][ T64] usb 6-1: SerialNumber: syz [ 216.270335][ T64] usb 6-1: config 0 descriptor?? [ 216.411925][ T63] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 216.561525][ T63] usb 7-1: Using ep0 maxpacket: 8 [ 216.565759][ T63] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 216.569224][ T63] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 216.572283][ T63] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 216.575843][ T63] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 216.579925][ T63] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 216.582721][ T63] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 216.691635][ T6005] usb 6-1: USB disconnect, device number 23 [ 216.865088][ T63] usb 7-1: GET_CAPABILITIES returned 0 [ 216.867285][ T63] usbtmc 7-1:16.0: can't read capabilities [ 217.146575][ T6005] usb 7-1: USB disconnect, device number 11 [ 218.635941][T12590] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2546'. [ 218.661518][T12590] bridge_slave_1: left allmulticast mode [ 218.663209][T12590] bridge_slave_1: left promiscuous mode [ 218.664888][T12590] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.669896][T12590] bridge_slave_0: left allmulticast mode [ 218.675391][T12590] bridge_slave_0: left promiscuous mode [ 218.677057][T12590] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.126643][T12604] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 219.126643][T12604] program syz.1.2551 not setting count and/or reply_len properly [ 219.749125][T12609] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2561'. [ 219.971406][ T6021] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 220.191529][ T6021] usb 6-1: Using ep0 maxpacket: 16 [ 220.196164][ T6021] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 220.201979][ T6021] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 220.204632][ T6021] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.207190][ T6021] usb 6-1: Product: syz [ 220.208561][ T6021] usb 6-1: Manufacturer: syz [ 220.209888][ T6021] usb 6-1: SerialNumber: syz [ 220.216541][ T6021] usb 6-1: config 0 descriptor?? [ 220.221814][ T6021] hub 6-1:0.0: bad descriptor, ignoring hub [ 220.223576][ T6021] hub 6-1:0.0: probe with driver hub failed with error -5 [ 220.231452][ T6021] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input26 [ 220.541566][ T64] usb 6-1: USB disconnect, device number 24 [ 222.154285][T12688] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2568'. [ 222.371464][ T63] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 222.521494][ T63] usb 7-1: Using ep0 maxpacket: 8 [ 222.534088][ T63] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 222.539175][ T63] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 222.554832][ T63] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 222.558599][ T63] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 222.563646][ T63] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 222.574700][ T63] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 222.796296][ T63] usb 7-1: GET_CAPABILITIES returned 0 [ 222.797857][ T63] usbtmc 7-1:16.0: can't read capabilities [ 223.003674][ T63] usb 7-1: USB disconnect, device number 12 [ 223.155366][T12711] fuse: Bad value for 'rootmode' [ 224.102641][T12731] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 224.102641][T12731] program syz.3.2575 not setting count and/or reply_len properly [ 224.141450][ T946] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 224.301395][ T946] usb 6-1: Using ep0 maxpacket: 8 [ 224.304143][ T946] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 224.306973][ T946] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 224.309792][ T946] usb 6-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 224.312792][ T946] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 224.316369][ T946] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 224.319823][ T946] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 224.323903][ T946] usbtmc 6-1:16.0: bulk endpoints not found [ 224.382649][T12739] fuse: Bad value for 'rootmode' [ 224.529603][ T63] usb 6-1: USB disconnect, device number 25 [ 224.701368][ T6021] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 224.851684][ T6021] usb 5-1: Using ep0 maxpacket: 8 [ 224.854226][ T6021] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 224.856665][ T6021] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 224.858941][ T6021] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 224.861276][ T6021] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 224.864494][ T6021] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 224.866649][ T6021] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.079858][ T6021] usb 5-1: GET_CAPABILITIES returned 0 [ 225.081352][ T6021] usbtmc 5-1:16.0: can't read capabilities [ 225.194253][T12757] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 225.194253][T12757] program syz.3.2587 not setting count and/or reply_len properly [ 225.288778][ T946] usb 5-1: USB disconnect, device number 15 [ 225.623721][T12760] process 'syz.1.2596' launched '/dev/fd/4' with NULL argv: empty string added [ 225.849627][T12766] fuse: Bad value for 'rootmode' [ 226.265705][T12779] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 226.265705][T12779] program syz.0.2592 not setting count and/or reply_len properly [ 227.441683][ T9] usb 8-1: new high-speed USB device number 13 using dummy_hcd [ 227.611392][ T9] usb 8-1: Using ep0 maxpacket: 8 [ 227.618974][ T9] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 227.624623][ T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 227.989743][ T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 227.993229][ T9] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 228.008272][ T9] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 228.011008][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 228.225508][ T9] usb 8-1: GET_CAPABILITIES returned 0 [ 228.227071][ T9] usbtmc 8-1:16.0: can't read capabilities [ 228.437811][ T9] usb 8-1: USB disconnect, device number 13 [ 228.836439][T12800] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 228.836439][T12800] program syz.0.2601 not setting count and/or reply_len properly [ 229.144363][T12809] fuse: Unknown parameter 'use00000000000000000000' [ 229.191394][ T946] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 229.351480][ T946] usb 6-1: Using ep0 maxpacket: 16 [ 229.355369][ T946] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 229.361072][ T946] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 229.364963][ T946] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 229.368196][ T946] usb 6-1: Product: syz [ 229.370002][ T946] usb 6-1: Manufacturer: syz [ 229.371997][ T946] usb 6-1: SerialNumber: syz [ 229.375778][ T946] usb 6-1: config 0 descriptor?? [ 229.379174][ T946] hub 6-1:0.0: bad descriptor, ignoring hub [ 229.385227][ T946] hub 6-1:0.0: probe with driver hub failed with error -5 [ 229.389666][ T946] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input27 [ 229.771570][ T5988] usb 6-1: USB disconnect, device number 26 [ 230.491455][ T9] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 230.671482][ T9] usb 7-1: Using ep0 maxpacket: 8 [ 230.677381][ T9] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 230.680112][ T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 230.684181][ T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 230.687035][ T9] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 230.690616][ T9] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 230.693237][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.747375][T12836] fuse: Unknown parameter 'use00000000000000000000' [ 230.899215][ T9] usb 7-1: GET_CAPABILITIES returned 0 [ 230.900821][ T9] usbtmc 7-1:16.0: can't read capabilities [ 231.113077][ T9] usb 7-1: USB disconnect, device number 13 [ 233.281434][ T5988] usb 8-1: new high-speed USB device number 14 using dummy_hcd [ 233.431486][ T5988] usb 8-1: Using ep0 maxpacket: 8 [ 233.437084][ T5988] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 233.441036][ T5988] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 233.443923][ T5988] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 233.447410][ T5988] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 233.451818][ T5988] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 233.455139][ T5988] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.462387][T12876] geneve0: entered allmulticast mode [ 233.665171][ T5988] usb 8-1: GET_CAPABILITIES returned 0 [ 233.666699][ T5988] usbtmc 8-1:16.0: can't read capabilities [ 233.870113][ T63] usb 8-1: USB disconnect, device number 14 [ 233.873080][ T946] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 234.031416][ T946] usb 6-1: Using ep0 maxpacket: 16 [ 234.034574][ T946] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 234.037620][ T946] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 234.040801][ T946] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0 [ 234.044216][ T946] usb 6-1: config 0 interface 0 has no altsetting 0 [ 234.048086][ T946] usb 6-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 234.050812][ T946] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 234.053772][ T946] usb 6-1: Product: syz [ 234.055463][ T946] usb 6-1: Manufacturer: syz [ 234.057518][ T946] usb 6-1: SerialNumber: syz [ 234.061082][ T946] usb 6-1: config 0 descriptor?? [ 234.269372][ T946] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input28 [ 234.272882][ T5344] synaptics_usb 6-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 234.276468][ T5344] synaptics_usb 6-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 234.280201][ T5344] synaptics_usb 6-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 234.283786][ T5344] synaptics_usb 6-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 234.472216][ T9] usb 6-1: USB disconnect, device number 27 [ 235.020754][T12894] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 235.023175][T12894] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 235.348315][T12902] geneve0: entered allmulticast mode [ 235.367098][T12904] fuse: Bad value for 'user_id' [ 235.368562][T12904] fuse: Bad value for 'user_id' [ 236.553171][T12927] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 236.553171][T12927] program syz.3.2644 not setting count and/or reply_len properly [ 236.791734][T12934] overlayfs: missing 'workdir' [ 236.806012][T12930] 9pnet_fd: Insufficient options for proto=fd [ 236.851961][ T6287] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 236.917578][T12936] fuse: Bad value for 'fd' [ 237.015028][ T6287] usb 6-1: Using ep0 maxpacket: 8 [ 237.017733][ T6287] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 237.020690][ T6287] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 237.024067][ T6287] usb 6-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 237.027970][ T6287] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 237.035084][ T6287] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 237.038062][ T6287] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 237.052478][ T6287] usbtmc 6-1:16.0: bulk endpoints not found [ 237.262368][ T9] usb 6-1: USB disconnect, device number 28 [ 237.905325][T12955] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 237.953017][T12961] fuse: Bad value for 'fd' [ 238.075114][T12971] fuse: Unknown parameter 'user_i00000000000000000000' [ 238.151789][ T6287] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 238.269902][T12978] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 238.269902][T12978] program syz.0.2659 not setting count and/or reply_len properly [ 238.321399][ T6287] usb 6-1: Using ep0 maxpacket: 16 [ 238.324878][ T6287] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 238.330530][ T6287] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 238.338712][ T6287] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 238.341994][ T6287] usb 6-1: Product: syz [ 238.343687][ T6287] usb 6-1: Manufacturer: syz [ 238.346731][ T6287] usb 6-1: SerialNumber: syz [ 238.352462][ T6287] usb 6-1: config 0 descriptor?? [ 238.358198][ T6287] hub 6-1:0.0: bad descriptor, ignoring hub [ 238.360628][ T6287] hub 6-1:0.0: probe with driver hub failed with error -5 [ 238.370901][ T6287] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input29 [ 238.401382][ T1480] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 238.496697][T12979] 9pnet_fd: Insufficient options for proto=fd [ 238.551376][ T1480] usb 7-1: Using ep0 maxpacket: 16 [ 238.555633][ T1480] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 238.561748][ T1480] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 238.565459][ T1480] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 238.568592][ T1480] usb 7-1: Product: syz [ 238.570843][ T1480] usb 7-1: Manufacturer: syz [ 238.578931][ T1480] usb 7-1: SerialNumber: syz [ 238.601721][ T1480] usb 7-1: config 0 descriptor?? [ 238.605066][ T1480] hub 7-1:0.0: bad descriptor, ignoring hub [ 238.606832][ T1480] hub 7-1:0.0: probe with driver hub failed with error -5 [ 238.611767][ T1480] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input30 [ 238.646055][ T1480] input: failed to attach handler mousedev to device input30, error: -5 [ 238.661643][ T5988] usb 6-1: USB disconnect, device number 29 [ 238.951735][ T6287] usb 7-1: USB disconnect, device number 14 [ 239.141445][ T63] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 239.291420][ T63] usb 5-1: Using ep0 maxpacket: 8 [ 239.294169][ T63] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 239.301826][ T63] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 239.304545][ T63] usb 5-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 239.307994][ T63] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 239.312742][ T63] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 239.315460][ T63] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 239.321813][ T63] usbtmc 5-1:16.0: bulk endpoints not found [ 239.487808][ T5960] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 239.491476][ T5960] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 239.494472][ T5960] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 239.506945][ T5960] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 239.509798][ T5960] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 239.513092][ T5960] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 239.544267][ T1480] usb 5-1: USB disconnect, device number 16 [ 239.584084][T12988] chnl_net:caif_netlink_parms(): no params data found [ 239.647098][T12988] bridge0: port 1(bridge_slave_0) entered blocking state [ 239.649494][T12988] bridge0: port 1(bridge_slave_0) entered disabled state [ 239.651992][T12988] bridge_slave_0: entered allmulticast mode [ 239.654626][T12988] bridge_slave_0: entered promiscuous mode [ 239.657198][T12988] bridge0: port 2(bridge_slave_1) entered blocking state [ 239.659170][T12988] bridge0: port 2(bridge_slave_1) entered disabled state [ 239.661156][T12988] bridge_slave_1: entered allmulticast mode [ 239.663376][T12988] bridge_slave_1: entered promiscuous mode [ 239.692940][T12988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 239.711808][T12684] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.722806][T12988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 239.741511][T13001] fuse: Bad value for 'fd' [ 239.750331][T12988] team0: Port device team_slave_0 added [ 239.756822][T12988] team0: Port device team_slave_1 added [ 239.780246][T12684] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.801452][T12988] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 239.803757][T12988] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 239.810923][T12988] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 239.814793][T12988] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 239.816835][T12988] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 239.824013][T12988] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 239.857384][T12988] hsr_slave_0: entered promiscuous mode [ 239.859418][T12988] hsr_slave_1: entered promiscuous mode [ 239.861416][T12988] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 239.863542][T12988] Cannot create hsr debugfs directory [ 239.885205][T12684] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.938798][T12684] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.080053][T12684] bridge_slave_0: left allmulticast mode [ 240.087857][T12684] bridge_slave_0: left promiscuous mode [ 240.090170][T12684] bridge0: port 1(bridge_slave_0) entered disabled state [ 240.164066][T13012] fuse: Unknown parameter 'user_id00000000000000000000' [ 240.324598][T13018] overlayfs: missing 'workdir' [ 240.473545][T13021] fuse: Bad value for 'fd' [ 240.506868][T13025] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 240.506868][T13025] program syz.1.2675 not setting count and/or reply_len properly [ 240.625145][T12684] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 240.629346][T12684] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 240.633062][T12684] bond0 (unregistering): Released all slaves [ 240.727680][T12684] tipc: Disabling bearer <udp:syz1> [ 240.737480][T12684] tipc: Left network mode [ 240.780879][T13030] 9pnet_fd: Insufficient options for proto=fd [ 240.786707][T12684] IPVS: stopping master sync thread 7527 ... [ 241.025955][T12684] hsr_slave_0: left promiscuous mode [ 241.032133][T12684] hsr_slave_1: left promiscuous mode [ 241.034008][T12684] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 241.036601][T12684] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 241.038933][T12684] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 241.041024][T12684] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 241.061400][T12684] veth1_macvtap: left allmulticast mode [ 241.064521][T12684] veth1_macvtap: left promiscuous mode [ 241.066139][T12684] veth0_macvtap: left promiscuous mode [ 241.069334][T12684] veth1_vlan: left promiscuous mode [ 241.071891][T12684] veth0_vlan: left promiscuous mode [ 241.551572][ T5960] Bluetooth: hci0: command tx timeout [ 242.385141][T12684] team0 (unregistering): Port device team_slave_1 removed [ 242.413565][T13048] fuse: Bad value for 'fd' [ 242.467905][T13050] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2688'. [ 242.480090][T12684] team0 (unregistering): Port device team_slave_0 removed [ 243.037568][T12988] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 243.045527][T12988] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 243.052023][T12988] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 243.056407][T12988] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 243.131941][T12988] 8021q: adding VLAN 0 to HW filter on device bond0 [ 243.142931][T12988] 8021q: adding VLAN 0 to HW filter on device team0 [ 243.150101][ T76] bridge0: port 1(bridge_slave_0) entered blocking state [ 243.152106][ T76] bridge0: port 1(bridge_slave_0) entered forwarding state [ 243.206538][ T76] bridge0: port 2(bridge_slave_1) entered blocking state [ 243.208509][ T76] bridge0: port 2(bridge_slave_1) entered forwarding state [ 243.317234][T12988] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 243.336515][T12988] veth0_vlan: entered promiscuous mode [ 243.343351][T12988] veth1_vlan: entered promiscuous mode [ 243.356192][T12988] veth0_macvtap: entered promiscuous mode [ 243.359383][T12988] veth1_macvtap: entered promiscuous mode [ 243.366308][T12988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 243.369386][T12988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.374060][T12988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 243.377084][T12988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.379852][T12988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 243.383716][T12988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.409380][T12988] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 243.414611][T12988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 243.418105][T12988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.420817][T12988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 243.424261][T12988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.426977][T12988] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 243.430065][T12988] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.433707][T12988] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 243.440893][T12988] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 243.443629][T12988] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 243.446294][T12988] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 243.448954][T12988] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 243.481047][ T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 243.483784][ T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 243.491541][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 243.493928][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 243.548866][T13069] geneve0: entered allmulticast mode [ 243.631685][ T5960] Bluetooth: hci0: command tx timeout [ 244.238073][T13085] fuse: Bad value for 'fd' [ 244.330107][T13095] fuse: Bad value for 'fd' [ 244.658215][T13109] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.2703'. [ 244.661777][T13109] netlink: zone id is out of range [ 244.663426][T13109] netlink: zone id is out of range [ 244.665014][T13109] netlink: zone id is out of range [ 244.669306][T13109] netlink: del zone limit has 4 unknown bytes [ 244.735466][T13109] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2703'. [ 245.168843][T13124] fuse: Invalid rootmode [ 245.711409][ T5960] Bluetooth: hci0: command tx timeout [ 245.722126][ T40] kauditd_printk_skb: 40 callbacks suppressed [ 245.722149][ T40] audit: type=1326 audit(1742884982.519:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.1.2712" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 245.770518][ T40] audit: type=1326 audit(1742884982.519:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.1.2712" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 245.804645][ T40] audit: type=1326 audit(1742884982.519:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.1.2712" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 245.833843][ T40] audit: type=1326 audit(1742884982.519:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.1.2712" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 245.841482][ T40] audit: type=1326 audit(1742884982.519:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.1.2712" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 245.855644][ T40] audit: type=1326 audit(1742884982.519:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.1.2712" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 245.883723][ T40] audit: type=1326 audit(1742884982.519:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.1.2712" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 245.991636][ T40] audit: type=1326 audit(1742884982.519:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.1.2712" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 245.997603][ T40] audit: type=1326 audit(1742884982.519:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.1.2712" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 246.003951][ T40] audit: type=1326 audit(1742884982.519:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13130 comm="syz.1.2712" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 246.443773][T13148] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 246.443773][T13148] program syz.0.2714 not setting count and/or reply_len properly [ 247.116224][T13155] fuse: Invalid rootmode [ 247.249211][T13160] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2720'. [ 247.791517][ T5960] Bluetooth: hci0: command tx timeout [ 248.656947][T13191] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2730'. [ 249.372445][ T9] usb 8-1: new high-speed USB device number 15 using dummy_hcd [ 249.521368][ T9] usb 8-1: Using ep0 maxpacket: 16 [ 249.525852][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 249.532192][ T9] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 249.534881][ T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 249.537201][ T9] usb 8-1: Product: syz [ 249.538405][ T9] usb 8-1: Manufacturer: syz [ 249.539766][ T9] usb 8-1: SerialNumber: syz [ 249.543513][ T9] usb 8-1: config 0 descriptor?? [ 249.547168][ T9] hub 8-1:0.0: bad descriptor, ignoring hub [ 249.548904][ T9] hub 8-1:0.0: probe with driver hub failed with error -5 [ 249.553792][ T9] input: syz syz as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input31 [ 250.001746][ T9] usb 8-1: USB disconnect, device number 15 [ 250.701443][ T63] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 250.851447][ T63] usb 7-1: Using ep0 maxpacket: 16 [ 250.854956][ T63] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 250.860701][ T63] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 250.865413][ T63] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.868526][ T63] usb 7-1: Product: syz [ 250.870306][ T63] usb 7-1: Manufacturer: syz [ 250.872233][ T63] usb 7-1: SerialNumber: syz [ 250.875550][ T63] usb 7-1: config 0 descriptor?? [ 250.878949][ T63] hub 7-1:0.0: bad descriptor, ignoring hub [ 250.881506][ T63] hub 7-1:0.0: probe with driver hub failed with error -5 [ 250.885840][ T63] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input32 [ 251.381598][ T63] usb 7-1: USB disconnect, device number 15 [ 251.478274][T13240] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 251.478274][T13240] program syz.3.2744 not setting count and/or reply_len properly [ 252.355553][ T40] kauditd_printk_skb: 33 callbacks suppressed [ 252.355570][ T40] audit: type=1326 audit(1742884989.149:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13243 comm="syz.2.2747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 252.391574][ T40] audit: type=1326 audit(1742884989.149:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13243 comm="syz.2.2747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 252.397752][ T40] audit: type=1326 audit(1742884989.149:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13243 comm="syz.2.2747" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 252.421439][ T40] audit: type=1326 audit(1742884989.149:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13243 comm="syz.2.2747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 252.427902][ T40] audit: type=1326 audit(1742884989.149:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13243 comm="syz.2.2747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 252.440616][ T40] audit: type=1326 audit(1742884989.149:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13243 comm="syz.2.2747" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 252.449002][ T40] audit: type=1326 audit(1742884989.149:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13243 comm="syz.2.2747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 252.455739][T13240] 9pnet_fd: Insufficient options for proto=fd [ 252.457977][ T40] audit: type=1326 audit(1742884989.149:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13243 comm="syz.2.2747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 252.464176][ T40] audit: type=1326 audit(1742884989.149:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13243 comm="syz.2.2747" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 252.470824][ T40] audit: type=1326 audit(1742884989.149:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13243 comm="syz.2.2747" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 253.001481][ T64] usb 8-1: new high-speed USB device number 16 using dummy_hcd [ 253.134561][T13272] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 253.134561][T13272] program syz.0.2752 not setting count and/or reply_len properly [ 253.161891][ T64] usb 8-1: Using ep0 maxpacket: 8 [ 253.173013][ T64] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 253.177651][ T64] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 253.181975][ T64] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 253.185831][ T64] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 253.190653][ T64] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 253.194198][ T64] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 253.353733][T13277] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.2760'. [ 253.357388][T13277] netlink: zone id is out of range [ 253.358848][T13277] netlink: zone id is out of range [ 253.360317][T13277] netlink: zone id is out of range [ 253.362530][T13277] netlink: del zone limit has 4 unknown bytes [ 253.433664][T13278] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2760'. [ 253.458258][T13275] 9pnet_fd: Insufficient options for proto=fd [ 253.601041][ T64] usb 8-1: usb_control_msg returned -71 [ 253.602758][ T64] usbtmc 8-1:16.0: can't read capabilities [ 253.605522][ T64] usb 8-1: USB disconnect, device number 16 [ 254.311403][ T6021] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 254.471434][ T6021] usb 5-1: Using ep0 maxpacket: 8 [ 254.476457][ T6021] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 254.479141][ T6021] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 254.482450][ T6021] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 254.485192][ T6021] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 254.488729][ T6021] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 254.491179][ T6021] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.725226][ T6021] usb 5-1: GET_CAPABILITIES returned 0 [ 254.726790][ T6021] usbtmc 5-1:16.0: can't read capabilities [ 255.039010][ T6005] usb 5-1: USB disconnect, device number 17 [ 255.073002][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.225612][T13305] 9pnet_fd: Insufficient options for proto=fd [ 255.587920][T13311] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2769'. [ 256.825795][T13335] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 256.825795][T13335] program syz.3.2772 not setting count and/or reply_len properly [ 257.259047][T13338] 9pnet_fd: Insufficient options for proto=fd [ 257.303530][T13343] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.2777'. [ 257.306587][T13343] netlink: zone id is out of range [ 257.308032][T13343] netlink: zone id is out of range [ 257.309535][T13343] netlink: zone id is out of range [ 257.312235][T13343] netlink: del zone limit has 4 unknown bytes [ 257.367411][T13344] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2777'. [ 257.624522][T13349] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.2779'. [ 257.627950][T13349] netlink: zone id is out of range [ 257.629823][T13349] netlink: zone id is out of range [ 257.636243][T13349] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2779'. [ 257.747310][T13357] fuse: Unknown parameter 'fd0x0000000000000003' [ 257.941466][ T5988] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 258.104879][T13365] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 258.104879][T13365] program syz.3.2781 not setting count and/or reply_len properly [ 258.111451][ T5988] usb 5-1: Using ep0 maxpacket: 16 [ 258.114471][ T5988] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 258.122844][ T5988] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 258.126111][ T5988] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 258.128733][ T5988] usb 5-1: Product: syz [ 258.137371][ T5988] usb 5-1: Manufacturer: syz [ 258.138791][ T5988] usb 5-1: SerialNumber: syz [ 258.195379][ T5988] usb 5-1: config 0 descriptor?? [ 258.197794][ T5988] hub 5-1:0.0: bad descriptor, ignoring hub [ 258.199599][ T5988] hub 5-1:0.0: probe with driver hub failed with error -5 [ 258.202673][ T5988] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input33 [ 258.330006][T13369] 9pnet_fd: Insufficient options for proto=fd [ 258.481993][ T6005] usb 5-1: USB disconnect, device number 18 [ 259.935670][T13405] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.2800'. [ 259.938755][T13405] net_ratelimit: 2 callbacks suppressed [ 259.938764][T13405] netlink: zone id is out of range [ 259.942032][T13405] netlink: zone id is out of range [ 259.943588][T13405] netlink: zone id is out of range [ 259.946096][T13405] netlink: del zone limit has 4 unknown bytes [ 260.003773][T13407] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2800'. [ 260.717229][T13401] syz.1.2798 (13401) used greatest stack depth: 19760 bytes left [ 260.941024][T13423] 9pnet_fd: Insufficient options for proto=fd [ 261.274046][T13432] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 261.274046][T13432] program syz.0.2806 not setting count and/or reply_len properly [ 261.500683][T13433] 9pnet_fd: Insufficient options for proto=fd [ 261.792037][T13446] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.2811'. [ 261.795640][T13446] netlink: zone id is out of range [ 261.797095][T13446] netlink: zone id is out of range [ 261.798515][T13446] netlink: zone id is out of range [ 261.800598][T13446] netlink: del zone limit has 4 unknown bytes [ 261.850478][T13446] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2811'. [ 262.036533][T13451] 9pnet_fd: Insufficient options for proto=fd [ 263.990820][T13489] 9pnet_fd: Insufficient options for proto=fd [ 266.018533][T13527] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.2842'. [ 266.021943][T13527] netlink: zone id is out of range [ 266.023421][T13527] netlink: zone id is out of range [ 266.025174][T13527] netlink: zone id is out of range [ 266.028099][T13527] netlink: del zone limit has 4 unknown bytes [ 266.110889][T13528] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2842'. [ 266.547891][T13535] fuse: Unknown parameter 'user_id00000000000000000000' [ 266.760815][T13546] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.2852'. [ 266.766358][T13546] netlink: zone id is out of range [ 266.768074][T13546] netlink: zone id is out of range [ 266.769662][T13546] netlink: zone id is out of range [ 266.772455][T13546] netlink: del zone limit has 4 unknown bytes [ 266.829408][T13548] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2852'. [ 267.934780][T13568] fuse: Unknown parameter 'user_id00000000000000000000' [ 269.144350][T13598] fuse: Unknown parameter 'user_id00000000000000000000' [ 269.572676][T13618] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 269.572676][T13618] program syz.3.2869 not setting count and/or reply_len properly [ 269.640996][T13619] 9pnet_fd: Insufficient options for proto=fd [ 269.707830][T13622] fuse: Bad value for 'fd' [ 271.185018][T13658] fuse: Bad value for 'fd' [ 271.750963][T13675] tipc: Started in network mode [ 271.752695][T13675] tipc: Node identity ac14140f, cluster identity 4711 [ 271.755390][T13675] tipc: New replicast peer: 255.255.255.255 [ 271.758643][T13675] tipc: Enabled bearer <udp:syz2>, priority 10 [ 272.751877][ T6021] tipc: Node number set to 2886997007 [ 273.611719][T13712] vlan0: entered promiscuous mode [ 273.617957][T13712] team0: Port device vlan0 added [ 274.851362][ T6287] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 275.021413][ T6287] usb 5-1: Using ep0 maxpacket: 16 [ 275.028044][ T6287] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 275.032394][ T6287] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 275.035659][ T6287] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 275.041380][ T6287] usb 5-1: Product: syz [ 275.042834][ T6287] usb 5-1: Manufacturer: syz [ 275.044490][ T6287] usb 5-1: SerialNumber: syz [ 275.047621][ T6287] usb 5-1: config 0 descriptor?? [ 275.050779][ T6287] hub 5-1:0.0: bad descriptor, ignoring hub [ 275.053126][ T6287] hub 5-1:0.0: probe with driver hub failed with error -5 [ 275.057588][ T6287] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input34 [ 275.309946][T13756] fuse: Unknown parameter '0x0000000000000003' [ 276.362123][T13781] fuse: Unknown parameter '0x0000000000000003' [ 276.591431][ T66] Bluetooth: hci0: command 0x0405 tx timeout [ 277.281621][T13801] 9pnet_fd: Insufficient options for proto=fd [ 277.551184][T13808] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.2943'. [ 277.556746][T13808] netlink: zone id is out of range [ 277.558207][T13808] netlink: zone id is out of range [ 277.559703][T13808] netlink: zone id is out of range [ 277.564198][T13808] netlink: del zone limit has 4 unknown bytes [ 277.621003][T13809] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2943'. [ 277.668091][T13813] fuse: Unknown parameter '0x0000000000000003' [ 277.734547][T13817] vlan0: entered promiscuous mode [ 277.739205][T13817] team0: Port device vlan0 added [ 278.956166][ T31] usb 5-1: USB disconnect, device number 19 [ 279.924873][T13885] 9pnet_fd: Insufficient options for proto=fd [ 280.201399][ T66] Bluetooth: hci0: command 0x0405 tx timeout [ 281.588657][T13912] 9pnet_fd: Insufficient options for proto=fd [ 282.014626][T13933] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 283.166778][T13949] fuse: Unknown parameter 'fd0x0000000000000003' [ 284.726284][T14000] fuse: Bad value for 'fd' [ 285.277432][T14004] 9pnet_fd: Insufficient options for proto=fd [ 286.035967][T14027] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 286.340756][T14035] fuse: Bad value for 'fd' [ 287.762383][T14068] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 287.762383][T14068] program syz.0.3040 not setting count and/or reply_len properly [ 287.871410][ T5960] Bluetooth: hci3: command 0x0406 tx timeout [ 288.007815][T14076] 9pnet_fd: Insufficient options for proto=fd [ 288.094593][T14079] fuse: Bad value for 'fd' [ 289.543663][T14115] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.3059'. [ 289.548074][T14115] netlink: zone id is out of range [ 289.549546][T14115] netlink: zone id is out of range [ 289.550978][T14115] netlink: zone id is out of range [ 289.555823][T14115] netlink: del zone limit has 4 unknown bytes [ 289.568265][T14111] 9pnet_fd: Insufficient options for proto=fd [ 289.613240][T14119] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3059'. [ 291.625200][T14165] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.3077'. [ 291.629256][T14165] netlink: zone id is out of range [ 291.630682][T14165] netlink: zone id is out of range [ 291.635329][T14165] netlink: zone id is out of range [ 291.638133][T14165] netlink: del zone limit has 4 unknown bytes [ 291.696102][T14167] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3077'. [ 292.087209][T14186] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3084'. [ 293.367845][T14221] fuse: Unknown parameter 'grou00000000000000000000' [ 294.257598][T14234] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.3101'. [ 294.261402][T14234] netlink: zone id is out of range [ 294.263313][T14234] netlink: zone id is out of range [ 294.325178][T14241] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3101'. [ 294.435401][T14244] fuse: Bad value for 'rootmode' [ 294.728490][T14252] fuse: Unknown parameter 'grou00000000000000000000' [ 295.586146][T14276] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3115'. [ 295.833663][T14284] fuse: Bad value for 'fd' [ 295.929793][T14288] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.3121'. [ 295.936839][T14288] net_ratelimit: 2 callbacks suppressed [ 295.936847][T14288] netlink: del zone limit has 4 unknown bytes [ 295.995835][T14290] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3121'. [ 296.831453][ T5960] Bluetooth: hci0: command 0x0405 tx timeout [ 297.785709][T14317] 9pnet_fd: Insufficient options for proto=fd [ 297.942297][T14325] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.3131'. [ 297.956849][T14325] netlink: del zone limit has 4 unknown bytes [ 298.024602][T14326] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3131'. [ 298.176967][T14330] fuse: Unknown parameter 'user_id00000000000000000000' [ 298.915069][T14355] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3141'. [ 298.919349][T14355] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3141'. [ 299.044030][T14355] team0 (unregistering): Port device team_slave_0 removed [ 299.052721][T14355] team0 (unregistering): Port device team_slave_1 removed [ 299.059820][T14355] team0 (unregistering): Port device vlan0 removed [ 299.455957][T14370] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.3146'. [ 299.459416][T14370] netlink: zone id is out of range [ 299.460925][T14370] netlink: zone id is out of range [ 299.462577][T14370] netlink: zone id is out of range [ 299.464639][T14370] netlink: del zone limit has 4 unknown bytes [ 299.522367][T14371] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3146'. [ 301.253307][T14396] 9pnet_fd: Insufficient options for proto=fd [ 302.294183][T14420] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3161'. [ 302.298460][T14420] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3161'. [ 302.310852][T14422] fuse: Bad value for 'fd' [ 302.392420][T14425] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.3163'. [ 302.399548][T14425] netlink: zone id is out of range [ 302.401041][T14425] netlink: zone id is out of range [ 302.403893][T14420] team0 (unregistering): Port device team_slave_0 removed [ 302.404663][T14425] netlink: zone id is out of range [ 302.408705][T14425] netlink: del zone limit has 4 unknown bytes [ 302.409691][T14420] team0 (unregistering): Port device team_slave_1 removed [ 302.415415][T14420] team0 (unregistering): Port device vlan0 removed [ 302.492536][T14427] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3163'. [ 303.381242][T14441] 9pnet_fd: Insufficient options for proto=fd [ 304.938225][T14494] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 304.938225][T14494] program syz.0.3184 not setting count and/or reply_len properly [ 305.233282][T14494] 9pnet_fd: Insufficient options for proto=fd [ 306.550711][T14532] 9pnet_fd: Insufficient options for proto=fd [ 308.355246][ T5960] Bluetooth: hci1: command 0x0406 tx timeout [ 308.382329][T14582] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 308.382329][T14582] program syz.0.3208 not setting count and/or reply_len properly [ 308.600481][T14589] 9pnet_fd: Insufficient options for proto=fd [ 310.122173][T14619] 9pnet_fd: Insufficient options for proto=fd [ 310.584970][T14634] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3229'. [ 310.638490][T14636] fuse: Bad value for 'fd' [ 311.994963][T14664] fuse: Bad value for 'fd' [ 312.467449][T14667] 9pnet_fd: Insufficient options for proto=fd [ 312.933129][T14677] 9pnet_fd: Insufficient options for proto=fd [ 313.129060][T14685] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.3245'. [ 313.133052][T14685] netlink: zone id is out of range [ 313.134665][T14685] netlink: zone id is out of range [ 313.136183][T14685] netlink: zone id is out of range [ 313.138402][T14685] netlink: del zone limit has 4 unknown bytes [ 313.203683][T14689] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3245'. [ 313.396575][T14698] fuse: Bad value for 'fd' [ 313.471424][ T5960] Bluetooth: hci4: command 0x0405 tx timeout [ 314.295902][T14710] 9pnet_fd: Insufficient options for proto=fd [ 314.994504][T14736] fuse: Bad value for 'fd' [ 315.290395][T14741] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3262'. [ 315.397381][T14728] 9pnet_fd: Insufficient options for proto=fd [ 315.502658][T14751] netlink: zone id is out of range [ 315.504132][T14751] netlink: zone id is out of range [ 315.505563][T14751] netlink: zone id is out of range [ 315.507560][T14751] netlink: del zone limit has 4 unknown bytes [ 315.820698][T14762] fuse: Bad value for 'fd' [ 315.893856][T14765] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 315.893856][T14765] program syz.0.3264 not setting count and/or reply_len properly [ 316.514233][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 316.522983][T14765] 9pnet_fd: Insufficient options for proto=fd [ 316.710587][T14781] netlink: zone id is out of range [ 316.712369][T14781] netlink: zone id is out of range [ 316.868633][T14781] netlink: 292 bytes leftover after parsing attributes in process `syz.0.3275'. [ 316.994275][T14793] fuse: Bad value for 'fd' [ 317.246223][T14803] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3282'. [ 317.343055][T14801] 9pnet_fd: Insufficient options for proto=fd [ 317.476296][T14809] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3283'. [ 317.981597][T14827] fuse: Bad value for 'fd' [ 318.311360][T14828] 9pnet_fd: Insufficient options for proto=fd [ 319.144657][T14848] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 319.144657][T14848] program syz.0.3292 not setting count and/or reply_len properly [ 319.585730][T14853] 9pnet_fd: Insufficient options for proto=fd [ 320.134339][T14865] fuse: Bad value for 'fd' [ 321.111958][ T835] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 321.281421][ T835] usb 5-1: Using ep0 maxpacket: 8 [ 321.285212][ T835] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 321.288053][ T835] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 321.290764][ T835] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 321.293526][ T835] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 321.297080][ T835] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 321.299635][ T835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 321.316316][T14891] fuse: Bad value for 'fd' [ 321.507614][ T835] usb 5-1: GET_CAPABILITIES returned 0 [ 321.509634][ T835] usbtmc 5-1:16.0: can't read capabilities [ 321.755383][ T6021] usb 5-1: USB disconnect, device number 20 [ 322.879055][T14925] fuse: Bad value for 'fd' [ 323.158799][T14928] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3319'. [ 325.397228][T14976] 9pnet_fd: Insufficient options for proto=fd [ 325.951422][ T5988] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 326.113795][ T5988] usb 5-1: Using ep0 maxpacket: 8 [ 326.118227][ T5988] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 326.121030][ T5988] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 326.124014][ T5988] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 326.126809][ T5988] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 326.150477][ T5988] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 326.153168][ T5988] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 326.399160][ T5988] usb 5-1: GET_CAPABILITIES returned 0 [ 326.400862][ T5988] usbtmc 5-1:16.0: can't read capabilities [ 326.569023][ T6287] usb 5-1: USB disconnect, device number 21 [ 327.278971][T15027] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3352'. [ 328.007080][T15035] 9pnet_fd: Insufficient options for proto=fd [ 328.274118][T15037] 9pnet_fd: Insufficient options for proto=fd [ 329.436743][T15072] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3363'. [ 329.611561][ T6021] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 329.771823][ T6021] usb 5-1: Using ep0 maxpacket: 16 [ 329.780017][ T6021] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 329.793355][ T6021] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 329.799857][ T6021] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 329.807647][ T6021] usb 5-1: Product: syz [ 329.810128][ T6021] usb 5-1: Manufacturer: syz [ 329.811753][ T6021] usb 5-1: SerialNumber: syz [ 329.816065][ T6021] usb 5-1: config 0 descriptor?? [ 329.818511][ T6021] hub 5-1:0.0: bad descriptor, ignoring hub [ 329.820311][ T6021] hub 5-1:0.0: probe with driver hub failed with error -5 [ 329.823353][ T6021] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input35 [ 330.207140][T15085] fuse: Bad value for 'fd' [ 330.213001][ T6021] usb 5-1: USB disconnect, device number 22 [ 330.407748][T15090] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.3371'. [ 330.481852][T15091] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3371'. [ 330.611532][T15092] 9pnet_fd: Insufficient options for proto=fd [ 330.776586][T15099] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3373'. [ 332.047905][T15124] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 332.047905][T15124] program syz.0.3377 not setting count and/or reply_len properly [ 332.727828][T15129] 9pnet_fd: Insufficient options for proto=fd [ 332.885287][T15140] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3385'. [ 332.968751][T15148] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3395'. [ 333.207003][T15165] fuse: Bad value for 'fd' [ 333.607744][T15172] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.3397'. [ 333.669691][T15173] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3397'. [ 334.295208][T15198] fuse: Bad value for 'fd' [ 335.093368][T15216] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.3412'. [ 335.173346][T15216] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3412'. [ 335.311498][T15221] fuse: Bad value for 'fd' [ 336.816551][T15232] fuse: Bad value for 'fd' [ 338.314903][T15267] fuse: Bad value for 'fd' [ 338.622537][ T5986] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 338.791417][ T5986] usb 5-1: Using ep0 maxpacket: 8 [ 338.794562][ T5986] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 338.797388][ T5986] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 338.800195][ T5986] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 338.805975][ T5986] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 338.809585][ T5986] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 338.812152][ T5986] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.032818][ T5986] usb 5-1: GET_CAPABILITIES returned 0 [ 339.034375][ T5986] usbtmc 5-1:16.0: can't read capabilities [ 339.251218][ T63] usb 5-1: USB disconnect, device number 23 [ 339.735042][T15295] fuse: Bad value for 'fd' [ 341.207082][T15328] fuse: Bad value for 'fd' [ 341.762853][T15336] macsec0: entered promiscuous mode [ 341.764820][T15336] macsec0: entered allmulticast mode [ 341.766780][T15336] veth1_macvtap: entered allmulticast mode [ 343.586410][T15367] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.3458'. [ 343.590707][T15367] net_ratelimit: 10 callbacks suppressed [ 343.590720][T15367] netlink: zone id is out of range [ 343.595789][T15367] netlink: zone id is out of range [ 343.601470][T15367] netlink: zone id is out of range [ 343.603461][T15367] netlink: del zone limit has 4 unknown bytes [ 343.665993][T15370] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3458'. [ 344.036833][T15379] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3461'. [ 345.826931][T15389] 9pnet_fd: Insufficient options for proto=fd [ 346.378101][T15410] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.3468'. [ 346.382062][T15410] netlink: zone id is out of range [ 346.384018][T15410] netlink: zone id is out of range [ 346.386108][T15410] netlink: zone id is out of range [ 346.388798][T15410] netlink: del zone limit has 4 unknown bytes [ 346.453431][T15414] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3468'. [ 347.593706][T15438] macsec0: entered promiscuous mode [ 347.595125][T15438] macsec0: entered allmulticast mode [ 347.596467][T15438] veth1_macvtap: entered allmulticast mode [ 348.958252][T15468] fuse: Bad value for 'group_id' [ 348.959700][T15468] fuse: Bad value for 'group_id' [ 350.367608][T15487] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.3489'. [ 350.370963][T15487] netlink: zone id is out of range [ 350.372641][T15487] netlink: zone id is out of range [ 350.374396][T15487] netlink: zone id is out of range [ 350.376635][T15487] netlink: del zone limit has 4 unknown bytes [ 350.451635][T15488] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3489'. [ 350.518276][T15491] gtp0: entered promiscuous mode [ 350.520260][T15491] gtp0: entered allmulticast mode [ 351.850745][T15517] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.3499'. [ 351.855786][T15517] netlink: zone id is out of range [ 351.857228][T15517] netlink: zone id is out of range [ 351.858673][T15517] netlink: zone id is out of range [ 351.860725][T15517] netlink: del zone limit has 4 unknown bytes [ 351.918332][T15520] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3499'. [ 352.525621][T15534] gtp0: entered promiscuous mode [ 352.527718][T15534] gtp0: entered allmulticast mode [ 353.164333][T15539] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.3505'. [ 353.168495][T15539] netlink: zone id is out of range [ 353.170518][T15539] netlink: zone id is out of range [ 353.175646][T15539] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3505'. [ 353.189919][T15540] gtp0: entered promiscuous mode [ 353.191502][T15540] gtp0: entered allmulticast mode [ 353.234737][T15541] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3505'. [ 353.583458][T15552] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.3511'. [ 353.646714][T15555] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3511'. [ 354.792412][T15574] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 354.792412][T15574] program syz.0.3515 not setting count and/or reply_len properly [ 355.036151][T15579] fuse: Unknown parameter 'grou00000000000000000000' [ 355.063225][T15577] 9pnet_fd: Insufficient options for proto=fd [ 355.213391][T15582] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3518'. [ 355.949805][T15606] fuse: Unknown parameter 'grou00000000000000000000' [ 356.823800][T15618] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.3531'. [ 356.826870][T15618] net_ratelimit: 6 callbacks suppressed [ 356.826879][T15618] netlink: zone id is out of range [ 356.829864][T15618] netlink: zone id is out of range [ 356.832009][T15618] netlink: zone id is out of range [ 356.834050][T15618] netlink: del zone limit has 4 unknown bytes [ 356.837477][T15618] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3531'. [ 356.893552][T15619] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3531'. [ 357.246318][T15637] fuse: Unknown parameter 'group_i00000000000000000000' [ 357.513143][T15640] gtp1: entered promiscuous mode [ 357.514576][T15640] gtp1: entered allmulticast mode [ 358.531540][ T31] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 358.681502][ T31] usb 5-1: Using ep0 maxpacket: 16 [ 358.684296][ T31] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 358.689164][ T31] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 358.692479][ T31] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 358.694794][ T31] usb 5-1: Product: syz [ 358.696392][ T31] usb 5-1: Manufacturer: syz [ 358.698095][ T31] usb 5-1: SerialNumber: syz [ 358.700599][ T31] usb 5-1: config 0 descriptor?? [ 358.703184][ T31] hub 5-1:0.0: bad descriptor, ignoring hub [ 358.704924][ T31] hub 5-1:0.0: probe with driver hub failed with error -5 [ 358.708346][ T31] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input36 [ 359.051741][ T63] usb 5-1: USB disconnect, device number 24 [ 359.308937][T15662] gtp1: entered promiscuous mode [ 359.310376][T15662] gtp1: entered allmulticast mode [ 360.586792][T15677] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.3548'. [ 360.590893][T15677] netlink: zone id is out of range [ 360.600266][T15677] netlink: zone id is out of range [ 360.601941][T15677] netlink: zone id is out of range [ 360.603945][T15677] netlink: del zone limit has 4 unknown bytes [ 360.608454][T15677] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3548'. [ 360.664384][T15681] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3548'. [ 361.050803][T15690] gtp2: entered promiscuous mode [ 361.052399][T15690] gtp2: entered allmulticast mode [ 362.117518][T15711] gtp2: entered promiscuous mode [ 362.119040][T15711] gtp2: entered allmulticast mode [ 362.260944][T15715] fuse: Unknown parameter 'grou00000000000000000000' [ 362.488858][T15721] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.3560'. [ 362.492645][T15721] netlink: zone id is out of range [ 362.494201][T15721] netlink: zone id is out of range [ 362.495741][T15721] netlink: zone id is out of range [ 362.497822][T15721] netlink: del zone limit has 4 unknown bytes [ 362.501130][T15721] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3560'. [ 362.557054][T15722] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3560'. [ 363.032087][T15732] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3565'. [ 363.082223][T15736] fuse: Bad value for 'user_id' [ 363.084197][T15736] fuse: Bad value for 'user_id' [ 363.801209][T15753] fuse: Bad value for 'user_id' [ 363.803194][T15753] fuse: Bad value for 'user_id' [ 364.671420][ T5960] Bluetooth: hci0: command 0x0405 tx timeout [ 365.064475][T15776] fuse: Unknown parameter 'group_id00000000000000000000' [ 365.222086][T15774] gtp3: entered promiscuous mode [ 365.223516][T15774] gtp3: entered allmulticast mode [ 366.504299][T15805] gtp4: entered promiscuous mode [ 366.506223][T15805] gtp4: entered allmulticast mode [ 367.142473][T15810] gtp3: entered promiscuous mode [ 367.144632][T15810] gtp3: entered allmulticast mode [ 367.691285][T15828] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.3590'. [ 367.694439][T15828] netlink: zone id is out of range [ 367.695896][T15828] netlink: zone id is out of range [ 367.697304][T15828] netlink: zone id is out of range [ 367.699377][T15828] netlink: del zone limit has 4 unknown bytes [ 368.097553][T15835] netlink: 1608 bytes leftover after parsing attributes in process `syz.2.3592'. [ 368.101224][T15835] netlink: zone id is out of range [ 368.103180][T15835] netlink: zone id is out of range [ 368.105190][T15835] netlink: zone id is out of range [ 368.108144][T15835] netlink: del zone limit has 4 unknown bytes [ 368.182421][T15839] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3592'. [ 368.341509][ T6005] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 368.501572][ T6005] usb 5-1: Using ep0 maxpacket: 8 [ 368.505775][ T6005] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 368.509692][ T6005] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 368.513322][ T6005] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 368.516911][ T6005] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 368.522899][ T6005] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 368.527924][ T6005] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 368.749302][ T6005] usb 5-1: GET_CAPABILITIES returned 0 [ 368.751041][ T6005] usbtmc 5-1:16.0: can't read capabilities [ 368.886846][T15851] fuse: Bad value for 'user_id' [ 368.888405][T15851] fuse: Bad value for 'user_id' [ 368.955672][ T6005] usb 5-1: USB disconnect, device number 25 [ 369.003275][T15852] gtp4: entered promiscuous mode [ 369.005268][T15852] gtp4: entered allmulticast mode [ 369.010186][T15854] netlink: 1608 bytes leftover after parsing attributes in process `syz.1.3597'. [ 369.013686][T15854] netlink: zone id is out of range [ 369.015272][T15854] netlink: zone id is out of range [ 369.076922][T15855] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3597'. [ 369.396284][T15859] fuse: Bad value for 'user_id' [ 369.397737][T15859] fuse: Bad value for 'user_id' [ 369.467573][T15862] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3600'. [ 369.821404][ T63] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 369.975598][ T63] usb 5-1: Using ep0 maxpacket: 16 [ 369.979864][ T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 369.989714][ T63] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 369.992361][ T63] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 369.994542][ T63] usb 5-1: Product: syz [ 369.995718][ T63] usb 5-1: Manufacturer: syz [ 369.997011][ T63] usb 5-1: SerialNumber: syz [ 370.009347][ T63] usb 5-1: config 0 descriptor?? [ 370.011653][ T63] hub 5-1:0.0: bad descriptor, ignoring hub [ 370.013330][ T63] hub 5-1:0.0: probe with driver hub failed with error -5 [ 370.016157][ T63] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input37 [ 370.362740][ T6021] usb 5-1: USB disconnect, device number 26 [ 371.455808][T15908] gtp0: entered promiscuous mode [ 371.457278][T15908] gtp0: entered allmulticast mode [ 371.555180][T15902] 9pnet_fd: Insufficient options for proto=fd [ 371.996506][T15911] fuse: Bad value for 'fd' [ 372.200318][T15919] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.3615'. [ 372.209150][T15919] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3615'. [ 372.256854][T15925] gtp5: entered promiscuous mode [ 372.258287][T15925] gtp5: entered allmulticast mode [ 372.451394][ T5988] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 372.613086][ T5988] usb 5-1: Using ep0 maxpacket: 16 [ 372.615656][ T5988] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 372.619541][ T5988] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 372.622072][ T5988] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 372.624193][ T5988] usb 5-1: Product: syz [ 372.625350][ T5988] usb 5-1: Manufacturer: syz [ 372.626578][ T5988] usb 5-1: SerialNumber: syz [ 372.628696][ T5988] usb 5-1: config 0 descriptor?? [ 372.630856][ T5988] hub 5-1:0.0: bad descriptor, ignoring hub [ 372.634288][ T5988] hub 5-1:0.0: probe with driver hub failed with error -5 [ 372.637183][ T5988] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input38 [ 373.347100][T15938] 9pnet_fd: Insufficient options for proto=fd [ 373.840265][T15948] fuse: Bad value for 'fd' [ 374.065309][T15955] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.3625'. [ 374.068508][T15955] net_ratelimit: 6 callbacks suppressed [ 374.068517][T15955] netlink: zone id is out of range [ 374.071681][T15955] netlink: zone id is out of range [ 374.073110][T15955] netlink: zone id is out of range [ 374.075105][T15955] netlink: del zone limit has 4 unknown bytes [ 374.158629][T15955] netlink: 128 bytes leftover after parsing attributes in process `syz.0.3625'. [ 374.767287][T15975] fuse: Invalid rootmode [ 374.881692][T15976] gtp1: entered promiscuous mode [ 374.883814][T15976] gtp1: entered allmulticast mode [ 375.323066][T15985] fuse: Bad value for 'rootmode' [ 376.094649][T16009] gtp5: entered promiscuous mode [ 376.096251][T16009] gtp5: entered allmulticast mode [ 376.663092][ T63] usb 5-1: USB disconnect, device number 27 [ 376.937330][T16016] 9pnet_fd: Insufficient options for proto=fd [ 377.708605][T16035] gtp6: entered promiscuous mode [ 377.710067][T16035] gtp6: entered allmulticast mode [ 377.963720][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 377.989562][T16036] 9pnet_fd: Insufficient options for proto=fd [ 378.638837][T16051] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.3651'. [ 378.645896][T16051] netlink: zone id is out of range [ 378.647342][T16051] netlink: zone id is out of range [ 378.648720][T16051] netlink: zone id is out of range [ 378.650640][T16051] netlink: del zone limit has 4 unknown bytes [ 378.756649][T16053] gtp7: entered promiscuous mode [ 378.758160][T16053] gtp7: entered allmulticast mode [ 378.927257][T16056] fuse: Invalid rootmode [ 379.878809][T16067] gtp8: entered promiscuous mode [ 379.880583][T16067] gtp8: entered allmulticast mode [ 380.742984][T16084] fuse: Invalid rootmode [ 380.744364][T16086] fuse: Bad value for 'rootmode' [ 380.931381][T16089] fuse: Unknown parameter 'use00000000000000000000' [ 381.453201][T16097] xt_CONNSECMARK: invalid mode: 0 [ 381.514426][T16099] fuse: Unknown parameter 'use00000000000000000000' [ 381.912744][T16103] 9pnet_fd: Insufficient options for proto=fd [ 382.082254][T16114] fuse: Unknown parameter 'user_i00000000000000000000' [ 382.251867][T16123] fuse: Invalid rootmode [ 382.676390][T16125] fuse: Bad value for 'rootmode' [ 382.747814][T16128] fuse: Bad value for 'rootmode' [ 382.887807][T16132] fuse: Unknown parameter 'use00000000000000000000' [ 383.075065][T16138] netlink: 1608 bytes leftover after parsing attributes in process `syz.3.3678'. [ 383.079808][T16138] netlink: zone id is out of range [ 383.083413][T16138] netlink: zone id is out of range [ 383.086474][T16138] netlink: zone id is out of range [ 383.090608][T16138] netlink: del zone limit has 4 unknown bytes [ 383.259458][T16139] fuse: Unknown parameter 'user_i00000000000000000000' [ 383.822381][T16149] 9pnet_fd: Insufficient options for proto=fd [ 383.928180][T16166] fuse: Bad value for 'fd' [ 384.979009][T16181] fuse: Unknown parameter 'user_id00000000000000000000' [ 384.981470][T16175] 9pnet_fd: Insufficient options for proto=fd [ 385.280989][T16182] gtp9: entered promiscuous mode [ 385.282849][T16182] gtp9: entered allmulticast mode [ 385.451689][T16197] gtp6: entered promiscuous mode [ 385.453142][T16197] gtp6: entered allmulticast mode [ 385.468468][T16199] fuse: Unknown parameter 'user_i00000000000000000000' [ 386.400519][T16204] fuse: Unknown parameter 'user_id00000000000000000000' [ 387.219761][T16219] fuse: Unknown parameter 'user_i00000000000000000000' [ 387.678171][T16226] fuse: Unknown parameter 'user_id00000000000000000000' [ 387.914061][T16231] fuse: Unknown parameter 'user_i00000000000000000000' [ 388.243904][T16237] fuse: Bad value for 'fd' [ 388.451242][T16243] fuse: Unknown parameter '0x0000000000000006' [ 389.393677][T16265] xt_CONNSECMARK: invalid mode: 0 [ 390.050271][T16279] fuse: Bad value for 'fd' [ 390.144539][T16283] fuse: Bad value for 'fd' [ 391.396737][T16295] 9pnet_fd: Insufficient options for proto=fd [ 391.944711][T16314] fuse: Bad value for 'fd' [ 392.023319][T16319] fuse: Bad value for 'fd' [ 392.451519][ T6005] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 392.611394][ T6005] usb 5-1: Using ep0 maxpacket: 16 [ 392.616533][ T6005] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 392.624200][ T6005] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 392.629256][ T6005] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 392.634302][ T6005] usb 5-1: Product: syz [ 392.635851][ T6005] usb 5-1: Manufacturer: syz [ 392.638313][ T6005] usb 5-1: SerialNumber: syz [ 392.645090][ T6005] usb 5-1: config 0 descriptor?? [ 392.649630][ T6005] hub 5-1:0.0: bad descriptor, ignoring hub [ 392.653433][ T6005] hub 5-1:0.0: probe with driver hub failed with error -5 [ 392.663493][ T6005] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input39 [ 392.818126][T16333] 9pnet_fd: Insufficient options for proto=fd [ 393.303013][T16345] fuse: Unknown parameter 'fd0x0000000000000006' [ 393.440031][T16349] fuse: Bad value for 'fd' [ 393.796054][T16354] 9pnet_fd: Insufficient options for proto=fd [ 394.257006][T16372] fuse: Unknown parameter 'fd0x0000000000000006' [ 394.694158][T16380] 9pnet_fd: Insufficient options for proto=fd [ 394.805439][T16383] fuse: Bad value for 'fd' [ 394.828491][T16385] xt_CONNSECMARK: invalid mode: 0 [ 395.192558][T16400] gtp7: entered promiscuous mode [ 395.194109][T16400] gtp7: entered allmulticast mode [ 396.361649][ T6005] usb 5-1: USB disconnect, device number 28 [ 396.949832][T16420] fuse: Bad value for 'fd' [ 397.287643][T16425] gtp1: entered promiscuous mode [ 397.289576][T16425] gtp1: entered allmulticast mode [ 397.632231][T16427] sg_write: data in/out 489/14 bytes for SCSI command 0x0-- guessing data in; [ 397.632231][T16427] program syz.0.3759 not setting count and/or reply_len properly [ 397.810450][T16432] xt_CONNSECMARK: invalid mode: 0 [ 397.886392][T16430] 9pnet_fd: Insufficient options for proto=fd [ 398.163956][T16443] xt_CONNSECMARK: invalid mode: 0 [ 398.841149][T16454] 9pnet_fd: Insufficient options for proto=fd [ 399.121574][T16461] fuse: Bad value for 'fd' [ 399.784409][T16482] fuse: Unknown parameter '0x0000000000000009' [ 399.855989][T16473] 9pnet_fd: Insufficient options for proto=fd [ 400.714759][T16495] fuse: Bad value for 'fd' [ 400.736496][T16496] fuse: Unknown parameter '0x0000000000000009' [ 400.864152][T16500] fuse: Unknown parameter 'fd0x0000000000000006' [ 401.285725][T16506] gtp10: entered promiscuous mode [ 401.287835][T16506] gtp10: entered allmulticast mode [ 402.953262][T16528] fuse: Bad value for 'fd' [ 403.231459][ T6287] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 403.382159][ T6287] usb 5-1: Using ep0 maxpacket: 8 [ 403.384737][ T6287] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 403.387535][ T6287] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 403.390234][ T6287] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 403.393705][ T6287] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 403.397738][ T6287] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 403.400255][ T6287] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 403.606638][ T6287] usb 5-1: GET_CAPABILITIES returned 0 [ 403.608261][ T6287] usbtmc 5-1:16.0: can't read capabilities [ 403.809399][ T6287] usb 5-1: USB disconnect, device number 29 [ 403.886955][T16544] 9pnet_fd: Insufficient options for proto=fd [ 404.583777][T16566] fuse: Bad value for 'fd' [ 405.215400][T16577] gtp11: entered promiscuous mode [ 405.216827][T16577] gtp11: entered allmulticast mode [ 406.451368][ T5988] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 406.517000][T16597] gtp12: entered promiscuous mode [ 406.518563][T16597] gtp12: entered allmulticast mode [ 406.614741][ T5988] usb 5-1: Using ep0 maxpacket: 8 [ 406.617929][ T5988] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 406.621552][ T5988] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 406.624593][ T5988] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 406.627388][ T5988] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 406.630899][ T5988] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 406.636998][ T5988] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 406.637533][T16598] gtp2: entered promiscuous mode [ 406.644935][T16598] gtp2: entered allmulticast mode [ 406.844351][ T5988] usb 5-1: GET_CAPABILITIES returned 0 [ 406.845970][ T5988] usbtmc 5-1:16.0: can't read capabilities [ 407.049135][ T5988] usb 5-1: USB disconnect, device number 30 [ 407.232253][T16602] gtp8: entered promiscuous mode [ 407.233769][T16602] gtp8: entered allmulticast mode [ 407.584955][T16604] fuse: Bad value for 'fd' [ 409.441570][T16642] fuse: Bad value for 'fd' [ 412.612847][T16687] 9pnet_fd: Insufficient options for proto=fd [ 413.465118][ T40] kauditd_printk_skb: 28 callbacks suppressed [ 413.465134][ T40] audit: type=1326 audit(1742885150.259:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16731 comm="syz.1.3848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 413.474800][ T40] audit: type=1326 audit(1742885150.259:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16731 comm="syz.1.3848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 413.481896][ T40] audit: type=1326 audit(1742885150.259:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16731 comm="syz.1.3848" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 413.488671][ T40] audit: type=1326 audit(1742885150.259:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16731 comm="syz.1.3848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 413.496641][ T40] audit: type=1326 audit(1742885150.259:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16731 comm="syz.1.3848" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 413.506461][ T40] audit: type=1326 audit(1742885150.259:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16731 comm="syz.1.3848" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc0579 code=0x7ffc0000 [ 415.000416][T16760] syz.1.3859 (16760) used greatest stack depth: 19744 bytes left [ 415.143457][T16746] syz.2.3849 (16746) used greatest stack depth: 18208 bytes left [ 416.117505][T16842] capability: warning: `syz.0.3892' uses 32-bit capabilities (legacy support in use) [ 416.621388][ T5956] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 416.782153][ T5956] usb 5-1: Using ep0 maxpacket: 16 [ 416.792629][ T5956] usb 5-1: unable to get BOS descriptor or descriptor too short [ 416.795645][ T5956] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64 [ 416.798869][ T5956] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023 [ 416.816117][ T5956] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 416.822187][ T5956] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 416.825255][ T5956] usb 5-1: Product: syz [ 416.826444][ T5956] usb 5-1: Manufacturer: syz [ 416.827783][ T5956] usb 5-1: SerialNumber: syz [ 417.078378][ T5956] cdc_ncm 5-1:1.0: bind() failure [ 417.081089][ T5956] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 417.083034][ T5956] cdc_ncm 5-1:1.1: bind() failure [ 417.091500][ T5956] usb 5-1: USB disconnect, device number 31 [ 417.923565][ T40] audit: type=1326 audit(1742885154.519:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.2.3914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x50000 [ 417.929448][ T40] audit: type=1326 audit(1742885154.519:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.2.3914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x50000 [ 417.938889][ T40] audit: type=1326 audit(1742885154.519:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.2.3914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x50000 [ 417.951251][ T40] audit: type=1326 audit(1742885154.519:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.2.3914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x50000 [ 418.085593][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.092549][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.095914][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.102726][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.105610][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.127866][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.141409][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.144295][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.147132][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.181536][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.184583][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.187462][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.190299][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.201614][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.211461][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.214257][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.217112][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.227273][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.237449][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.241439][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.244329][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.254788][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.261386][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.267923][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.275021][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.281368][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.283917][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.288281][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.290385][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.298415][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.300552][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.305364][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.311362][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.313437][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.315503][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.317597][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.319765][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.322069][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.324158][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.326279][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.328391][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.335720][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.337871][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.339970][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.342131][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.344208][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.346279][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.348382][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.350469][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.352760][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.354830][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.356907][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.359014][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.361100][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.363299][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.365583][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.367698][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.369737][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.373454][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.375520][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.377610][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.379677][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.383565][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.385616][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.387730][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.389766][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.393694][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.395758][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.397837][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.399933][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.403803][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.405851][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.407983][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.410066][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.412225][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.421431][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.423675][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.425696][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.427776][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.429831][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.432034][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.434083][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.436214][ T5988] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 418.441984][ T5988] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0 [ 418.471594][ T40] kauditd_printk_skb: 1847 callbacks suppressed [ 418.471610][ T40] audit: type=1326 audit(1742885155.269:2541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.2.3914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x50000 [ 418.491421][ T40] audit: type=1326 audit(1742885155.269:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.2.3914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x50000 [ 418.501090][ T40] audit: type=1326 audit(1742885155.269:2543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.2.3914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x50000 [ 418.520470][ T40] audit: type=1326 audit(1742885155.269:2544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.2.3914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x50000 [ 418.551419][ T40] audit: type=1326 audit(1742885155.269:2545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.2.3914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x50000 [ 418.571371][ T40] audit: type=1326 audit(1742885155.269:2546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.2.3914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x50000 [ 418.577491][ T40] audit: type=1326 audit(1742885155.269:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.2.3914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x50000 [ 418.601399][ T40] audit: type=1326 audit(1742885155.299:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.2.3914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x50000 [ 418.613717][ T40] audit: type=1326 audit(1742885155.299:2549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.2.3914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x50000 [ 418.620561][ T40] audit: type=1326 audit(1742885155.299:2550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16895 comm="syz.2.3914" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x50000 [ 419.875438][T16929] input: syz1 as /devices/virtual/input/input40 [ 419.982041][T16933] 9pnet_fd: Insufficient options for proto=fd [ 421.206512][T16968] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 421.759501][ T5960] Bluetooth: hci1: unexpected event for opcode 0x1804 [ 422.812107][ T5960] Bluetooth: hci3: ACL packet for unknown connection handle 200 [ 422.955808][T17039] netlink: 36 bytes leftover after parsing attributes in process `syz.1.3972'. [ 423.128640][T17061] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3981'. [ 423.389744][T17089] input: syz1 as /devices/virtual/input/input41 [ 423.412073][T17087] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3992'. [ 423.439975][T17087] bridge_slave_1: left allmulticast mode [ 423.442033][T17087] bridge_slave_1: left promiscuous mode [ 423.443903][T17087] bridge0: port 2(bridge_slave_1) entered disabled state [ 423.470958][T17087] bridge1: port 1(bridge_slave_1) entered blocking state [ 423.481545][T17087] bridge1: port 1(bridge_slave_1) entered disabled state [ 423.483620][T17087] bridge_slave_1: entered allmulticast mode [ 423.485855][T17087] bridge_slave_1: entered promiscuous mode [ 424.655908][ T40] kauditd_printk_skb: 10980 callbacks suppressed [ 424.655926][ T40] audit: type=1326 audit(1742885161.449:13531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17135 comm="syz.2.4011" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 424.669952][ T40] audit: type=1326 audit(1742885161.449:13532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17135 comm="syz.2.4011" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 424.682731][ T40] audit: type=1326 audit(1742885161.479:13533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17135 comm="syz.2.4011" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 424.691434][ T40] audit: type=1326 audit(1742885161.479:13534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17135 comm="syz.2.4011" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 424.702303][ T40] audit: type=1326 audit(1742885161.479:13535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17135 comm="syz.2.4011" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 425.801474][ T5960] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 425.804065][ T5960] Bluetooth: hci1: Injecting HCI hardware error event [ 425.808418][ T5960] Bluetooth: hci1: hardware error 0x00 [ 426.426337][T17199] wlan1: mtu greater than device maximum [ 427.871705][ T5960] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 429.518441][T17306] Bluetooth: MGMT ver 1.23 [ 430.543922][T17356] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4098'. [ 433.255000][T17431] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4127'. [ 434.541418][ T5956] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 434.703852][ T5956] usb 5-1: config 0 has an invalid interface number: 125 but max is 0 [ 434.706369][ T5956] usb 5-1: config 0 has no interface number 0 [ 434.722860][ T5956] usb 5-1: New USB device found, idVendor=0421, idProduct=007b, bcdDevice=ed.44 [ 434.725257][ T5956] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 434.727345][ T5956] usb 5-1: Product: syz [ 434.728448][ T5956] usb 5-1: Manufacturer: syz [ 434.729695][ T5956] usb 5-1: SerialNumber: syz [ 434.731964][ T5956] usb 5-1: config 0 descriptor?? [ 434.751723][ T5956] rndis_host 5-1:0.125: invalid descriptor buffer length [ 434.753607][ T5956] usb 5-1: bad CDC descriptors [ 434.755010][ T5956] cdc_acm 5-1:0.125: invalid descriptor buffer length [ 434.939516][ T5988] usb 5-1: USB disconnect, device number 32 [ 435.347743][T17508] Illegal XDP return value 4294967274 on prog (id 909) dev syz_tun, expect packet loss! [ 435.902280][ T5956] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 436.052490][ T5956] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 436.058988][ T5956] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 436.061705][ T5956] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 436.063888][ T5956] usb 5-1: SerialNumber: syz [ 436.214594][T17573] wg0: entered allmulticast mode [ 436.505136][T17583] netlink: 128 bytes leftover after parsing attributes in process `syz.2.4183'. [ 436.688118][ T5956] cdc_ether 5-1:1.0 eth2: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 436.893439][ T5956] usb 5-1: USB disconnect, device number 33 [ 436.895541][ T5956] cdc_ether 5-1:1.0 eth2: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device [ 437.100313][ T5960] Bluetooth: hci0: unexpected event 0x03 length: 17 > 11 [ 437.480981][T17628] netlink: 'syz.3.4205': attribute type 7 has an invalid length. [ 437.485147][T17628] netlink: 'syz.3.4205': attribute type 8 has an invalid length. [ 438.157010][T17661] input: syz0 as /devices/virtual/input/input42 [ 439.442149][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.884570][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.886674][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.888697][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.890704][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.892802][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.894749][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.896785][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.898859][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.900885][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.903454][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.905513][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.907620][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.909652][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.911767][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.913973][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.916081][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.918174][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.920217][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.922335][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.924435][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.926500][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.928711][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.930814][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.932908][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.934995][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.937098][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.939135][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.941165][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.943247][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.945336][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.947376][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.949451][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.951535][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.953554][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.955579][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.957646][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.959691][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.961773][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.963799][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.965816][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.967844][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.969777][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.971796][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.973738][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.975775][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.977826][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.979899][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.981993][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.984035][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.986124][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.988192][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.990232][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.992341][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.994388][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.996534][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 439.998554][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.000484][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.003043][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.005150][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.007214][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.009246][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.011345][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.013352][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.015402][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.017455][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.019506][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.021638][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.023688][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.025644][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.027683][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.029887][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.031974][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.034164][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.036168][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.038236][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.040213][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.042220][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.044190][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.046237][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.048220][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.050164][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.052212][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.054152][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 440.058852][ T5986] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0 [ 440.912361][T17814] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4285'. [ 441.099443][ T5960] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 441.102157][ T5960] CPU: 0 UID: 0 PID: 5960 Comm: kworker/u33:8 Not tainted 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 441.102171][ T5960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 441.102179][ T5960] Workqueue: hci0 hci_rx_work [ 441.102205][ T5960] Call Trace: [ 441.102209][ T5960] <TASK> [ 441.102213][ T5960] dump_stack_lvl+0x16c/0x1f0 [ 441.102229][ T5960] sysfs_warn_dup+0x7f/0xa0 [ 441.102244][ T5960] sysfs_create_dir_ns+0x24d/0x2b0 [ 441.102259][ T5960] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 441.102273][ T5960] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 441.102284][ T5960] ? kobject_add_internal+0x12d/0x990 [ 441.102300][ T5960] ? do_raw_spin_unlock+0x172/0x230 [ 441.102311][ T5960] kobject_add_internal+0x2c8/0x990 [ 441.102330][ T5960] kobject_add+0x16f/0x240 [ 441.102344][ T5960] ? __pfx_kobject_add+0x10/0x10 [ 441.102380][ T5960] ? class_to_subsys+0x3e/0x160 [ 441.102409][ T5960] ? do_raw_spin_unlock+0x172/0x230 [ 441.102420][ T5960] ? kobject_put+0xab/0x5a0 [ 441.102443][ T5960] device_add+0x289/0x1a70 [ 441.102455][ T5960] ? __pfx_dev_set_name+0x10/0x10 [ 441.102469][ T5960] ? __pfx_device_add+0x10/0x10 [ 441.102480][ T5960] ? mgmt_send_event_skb+0x2f2/0x460 [ 441.102501][ T5960] hci_conn_add_sysfs+0x17e/0x230 [ 441.102512][ T5960] le_conn_complete_evt+0x1077/0x1d60 [ 441.102531][ T5960] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 441.102545][ T5960] ? __mutex_lock+0x1cc/0xb10 [ 441.102563][ T5960] hci_le_enh_conn_complete_evt+0x23d/0x380 [ 441.102578][ T5960] ? skb_pull_data+0x166/0x210 [ 441.102592][ T5960] hci_le_meta_evt+0x2e2/0x5d0 [ 441.102601][ T5960] ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10 [ 441.102617][ T5960] hci_event_packet+0x666/0x1180 [ 441.102631][ T5960] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 441.102641][ T5960] ? __pfx_hci_event_packet+0x10/0x10 [ 441.102654][ T5960] ? mark_held_locks+0x9f/0xe0 [ 441.102668][ T5960] ? kcov_remote_start+0x3cf/0x6e0 [ 441.102683][ T5960] ? lockdep_hardirqs_on+0x7c/0x110 [ 441.102698][ T5960] hci_rx_work+0x2c5/0x16b0 [ 441.102708][ T5960] ? process_one_work+0x921/0x1ba0 [ 441.102723][ T5960] process_one_work+0x9c5/0x1ba0 [ 441.102740][ T5960] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 441.102753][ T5960] ? __pfx_process_one_work+0x10/0x10 [ 441.102770][ T5960] ? assign_work+0x1a0/0x250 [ 441.102783][ T5960] worker_thread+0x6c8/0xf00 [ 441.102800][ T5960] ? __kthread_parkme+0x148/0x220 [ 441.102810][ T5960] ? __pfx_worker_thread+0x10/0x10 [ 441.102823][ T5960] kthread+0x3af/0x750 [ 441.102834][ T5960] ? __pfx_kthread+0x10/0x10 [ 441.102845][ T5960] ? lock_acquire+0x2f/0xb0 [ 441.102859][ T5960] ? __pfx_kthread+0x10/0x10 [ 441.102871][ T5960] ret_from_fork+0x45/0x80 [ 441.102884][ T5960] ? __pfx_kthread+0x10/0x10 [ 441.102895][ T5960] ret_from_fork_asm+0x1a/0x30 [ 441.102912][ T5960] </TASK> [ 441.102924][ T5960] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 441.180561][ T5960] Bluetooth: hci0: failed to register connection device [ 441.443028][T17848] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4300'. [ 442.063921][T17855] virtio-fs: tag <(null)> not found [ 442.781395][ T40] audit: type=1326 audit(1742885179.509:13536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17882 comm="syz.2.4313" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 442.788046][ T40] audit: type=1326 audit(1742885179.509:13537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17882 comm="syz.2.4313" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 442.811383][ T40] audit: type=1326 audit(1742885179.509:13538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17882 comm="syz.2.4313" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f23598 code=0x7ffc0000 [ 442.817975][ T40] audit: type=1326 audit(1742885179.509:13539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17882 comm="syz.2.4313" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f23598 code=0x7ffc0000 [ 442.824471][ T40] audit: type=1326 audit(1742885179.509:13540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17882 comm="syz.2.4313" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f23598 code=0x7ffc0000 [ 442.831137][ T40] audit: type=1326 audit(1742885179.509:13541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17882 comm="syz.2.4313" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f23598 code=0x7ffc0000 [ 442.837816][ T40] audit: type=1326 audit(1742885179.509:13542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17882 comm="syz.2.4313" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f23598 code=0x7ffc0000 [ 442.843323][ T40] audit: type=1326 audit(1742885179.519:13543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17882 comm="syz.2.4313" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f23598 code=0x7ffc0000 [ 442.849483][ T40] audit: type=1326 audit(1742885179.519:13544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17882 comm="syz.2.4313" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f23598 code=0x7ffc0000 [ 442.861469][ T40] audit: type=1326 audit(1742885179.519:13545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17882 comm="syz.2.4313" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f23598 code=0x7ffc0000 [ 445.421993][T17993] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4360'. [ 447.272693][ T5960] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 447.291643][ T5960] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 447.296460][ T5960] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 447.299981][ T5960] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 447.325158][ T5960] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 447.327301][ T5960] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 447.504674][T12825] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 447.513290][T18060] chnl_net:caif_netlink_parms(): no params data found [ 448.159621][T12825] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 448.377883][T12825] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 448.390503][T18060] bridge0: port 1(bridge_slave_0) entered blocking state [ 448.392757][T18060] bridge0: port 1(bridge_slave_0) entered disabled state [ 448.394831][T18060] bridge_slave_0: entered allmulticast mode [ 448.396926][T18060] bridge_slave_0: entered promiscuous mode [ 448.401935][T18060] bridge0: port 2(bridge_slave_1) entered blocking state [ 448.411576][T18060] bridge0: port 2(bridge_slave_1) entered disabled state [ 448.413785][T18060] bridge_slave_1: entered allmulticast mode [ 448.418615][T18060] bridge_slave_1: entered promiscuous mode [ 448.496216][T12825] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 448.531123][T18060] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 448.543010][T18060] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 448.582992][T18093] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4396'. [ 448.602165][T18060] team0: Port device team_slave_0 added [ 448.607042][T18060] team0: Port device team_slave_1 added [ 448.648643][T18060] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 448.650398][T18060] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 448.659710][T18060] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 448.667726][T18060] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 448.669395][T18060] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 448.677691][T18060] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 448.690475][T12825] bridge_slave_1: left allmulticast mode [ 448.693761][T12825] bridge_slave_1: left promiscuous mode [ 448.695373][T12825] bridge0: port 2(bridge_slave_1) entered disabled state [ 448.698256][T12825] bridge_slave_0: left allmulticast mode [ 448.699804][T12825] bridge_slave_0: left promiscuous mode [ 448.701736][T12825] bridge0: port 1(bridge_slave_0) entered disabled state [ 448.924313][T18105] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4401'. [ 449.161817][T12825] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 449.221896][T12825] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 449.244633][T12825] bond0 (unregistering): Released all slaves [ 449.300753][T18060] hsr_slave_0: entered promiscuous mode [ 449.303916][T18060] hsr_slave_1: entered promiscuous mode [ 449.377453][T12825] tipc: Disabling bearer <udp:syz2> [ 449.379640][T12825] tipc: Left network mode [ 449.391755][ T5960] Bluetooth: hci1: command tx timeout [ 449.439919][T18115] raw_sendmsg: syz.2.4402 forgot to set AF_INET. Fix it! [ 449.664961][T12825] hsr_slave_0: left promiscuous mode [ 449.671617][T12825] hsr_slave_1: left promiscuous mode [ 449.673835][T12825] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 449.684783][T12825] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 449.701592][T12825] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 449.704221][T12825] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 449.753699][T12825] veth1_macvtap: left allmulticast mode [ 449.755878][T12825] veth1_macvtap: left promiscuous mode [ 449.757810][T12825] veth0_macvtap: left promiscuous mode [ 449.759916][T12825] veth1_vlan: left promiscuous mode [ 449.768343][T12825] veth0_vlan: left promiscuous mode [ 450.785712][T12825] team0 (unregistering): Port device team_slave_1 removed [ 450.861113][T12825] team0 (unregistering): Port device team_slave_0 removed [ 451.471422][ T5960] Bluetooth: hci1: command tx timeout [ 451.862016][T18060] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 451.865516][T18060] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 451.869398][T18060] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 451.875228][T18060] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 451.910731][T18060] 8021q: adding VLAN 0 to HW filter on device bond0 [ 451.919537][T18060] 8021q: adding VLAN 0 to HW filter on device team0 [ 451.926046][ T1173] bridge0: port 1(bridge_slave_0) entered blocking state [ 451.928147][ T1173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 451.933099][ T1173] bridge0: port 2(bridge_slave_1) entered blocking state [ 451.935151][ T1173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 451.950767][T18060] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 452.026108][T18060] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 452.045457][T18060] veth0_vlan: entered promiscuous mode [ 452.050663][T18060] veth1_vlan: entered promiscuous mode [ 452.062771][T18060] veth0_macvtap: entered promiscuous mode [ 452.067101][T18060] veth1_macvtap: entered promiscuous mode [ 452.074536][T18060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 452.077721][T18060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 452.080451][T18060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 452.084279][T18060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 452.087034][T18060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 452.089992][T18060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 452.093512][T18060] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 452.104559][T18060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 452.108209][T18060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 452.111170][T18060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 452.115010][T18060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 452.117747][T18060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 452.120584][T18060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 452.124128][T18060] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 452.128697][T18060] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 452.131790][T18060] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 452.134076][T18060] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 452.136328][T18060] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 452.169449][ T1173] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 452.171960][ T1173] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 452.190609][T12678] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 452.193065][T12678] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 452.280245][T18164] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 452.909941][T18180] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4423'. [ 452.913244][T18180] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 453.328082][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.330809][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.335593][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.337620][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.339657][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.342605][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.344623][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.346756][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.348739][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.350737][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.354771][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.356739][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.358813][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.360726][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.363236][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.365258][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.368696][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.370824][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.374097][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.376130][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.378157][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.380115][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.382763][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.384733][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.386691][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.388729][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.390738][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.394096][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.396046][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.398009][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.399972][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.404577][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.406533][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.408457][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.410359][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.421527][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.423537][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.425518][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.427455][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.429385][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.441341][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.443360][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.445811][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.447862][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.449906][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.452066][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.454098][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.456125][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.458281][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.460347][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.471355][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.473386][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.475365][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.477452][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.479485][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.481592][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.483651][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.485713][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.487779][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.489817][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.491963][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.493993][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.496035][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.498074][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.500127][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.502375][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.504406][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.506429][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.508446][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.510489][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.512566][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.514557][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.516576][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.518597][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.520571][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.522671][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.524723][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.526793][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.528872][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.530962][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.533080][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.535127][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.537167][ T6005] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 453.539702][ T6005] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0 [ 453.551398][ T5960] Bluetooth: hci1: command tx timeout [ 453.573144][T18211] BUG: Bad page state in process syz.3.4436 pfn:441e2 [ 453.575150][T18211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x441e2 [ 453.578665][T18211] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 453.581556][T18211] raw: 04fff00000000000 dead000000000040 ffff88801f2bf000 0000000000000000 [ 453.584163][T18211] raw: ffff888000000000 3fffffffffffffff 00000000ffffffff 0000000000000000 [ 453.586512][T18211] page dumped because: page_pool leak [ 453.587990][T18211] page_owner tracks the page as allocated [ 453.589748][T18211] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 18211, tgid 18210 (syz.3.4436), ts 453573097499, free_ts 453521554156 [ 453.594523][T18211] post_alloc_hook+0x181/0x1b0 [ 453.595851][T18211] get_page_from_freelist+0xfce/0x2f80 [ 453.597347][T18211] __alloc_frozen_pages_noprof+0x221/0x2470 [ 453.598961][T18211] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 453.600474][T18211] __page_pool_alloc_pages_slow+0x18c/0x770 [ 453.602345][T18211] page_pool_alloc_netmems+0xc4/0x160 [ 453.603809][T18211] page_pool_alloc_frag_netmem+0x220/0x760 [ 453.605405][T18211] skb_pp_cow_data+0x571/0xf10 [ 453.606733][T18211] skb_cow_data_for_xdp+0x88/0xb0 [ 453.608136][T18211] do_xdp_generic+0x3f1/0xe70 [ 453.609437][T18211] tun_get_user+0x1e04/0x3e50 [ 453.610769][T18211] tun_chr_write_iter+0xdc/0x210 [ 453.612210][T18211] vfs_write+0x5ae/0x1150 [ 453.613387][T18211] ksys_write+0x12b/0x250 [ 453.614587][T18211] __do_fast_syscall_32+0x73/0x120 [ 453.615995][T18211] do_fast_syscall_32+0x32/0x80 [ 453.617346][T18211] page last free pid 0 tgid 0 stack trace: [ 453.618966][T18211] free_frozen_pages+0x6db/0xfb0 [ 453.620361][T18211] tlb_remove_table_rcu+0x116/0x1a0 [ 453.621872][T18211] rcu_core+0x79d/0x14d0 [ 453.623068][T18211] handle_softirqs+0x213/0x8f0 [ 453.624394][T18211] __irq_exit_rcu+0x109/0x170 [ 453.625710][T18211] irq_exit_rcu+0x9/0x30 [ 453.626895][T18211] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 453.628447][T18211] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 453.630125][T18211] Modules linked in: [ 453.631278][T18211] CPU: 3 UID: 0 PID: 18211 Comm: syz.3.4436 Not tainted 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 453.631303][T18211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 453.631310][T18211] Call Trace: [ 453.631314][T18211] <TASK> [ 453.631319][T18211] dump_stack_lvl+0x16c/0x1f0 [ 453.631335][T18211] bad_page+0xb3/0x1f0 [ 453.631346][T18211] ? __pfx_bad_page+0x10/0x10 [ 453.631357][T18211] ? page_bad_reason+0x9d/0x1e0 [ 453.631369][T18211] free_frozen_pages+0x701/0xfb0 [ 453.631387][T18211] page_frag_free+0x255/0x2a0 [ 453.631398][T18211] __xdp_return+0x363/0xac0 [ 453.631413][T18211] ? kmem_cache_free+0x2e2/0x4d0 [ 453.631427][T18211] bpf_xdp_adjust_tail+0x9de/0xf70 [ 453.631448][T18211] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 453.631457][T18211] bpf_prog_run_generic_xdp+0x623/0x1500 [ 453.631475][T18211] do_xdp_generic+0x70a/0xe70 [ 453.631487][T18211] ? __pfx_do_xdp_generic+0x10/0x10 [ 453.631506][T18211] ? tun_get_user+0x1d55/0x3e50 [ 453.631523][T18211] tun_get_user+0x1e04/0x3e50 [ 453.631540][T18211] ? __pfx___futex_wait+0x10/0x10 [ 453.631556][T18211] ? __pfx_tun_get_user+0x10/0x10 [ 453.631570][T18211] ? find_held_lock+0x2d/0x110 [ 453.631583][T18211] ? __pfx_lock_release+0x10/0x10 [ 453.631602][T18211] tun_chr_write_iter+0xdc/0x210 [ 453.631618][T18211] vfs_write+0x5ae/0x1150 [ 453.631633][T18211] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 453.631648][T18211] ? __pfx_lock_release+0x10/0x10 [ 453.631661][T18211] ? __pfx_vfs_write+0x10/0x10 [ 453.631675][T18211] ? lock_acquire+0x2f/0xb0 [ 453.631687][T18211] ? __fget_files+0x40/0x3b0 [ 453.631706][T18211] ksys_write+0x12b/0x250 [ 453.631719][T18211] ? __pfx_ksys_write+0x10/0x10 [ 453.631736][T18211] __do_fast_syscall_32+0x73/0x120 [ 453.631751][T18211] do_fast_syscall_32+0x32/0x80 [ 453.631764][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 453.631780][T18211] RIP: 0023:0xf7fa3579 [ 453.631788][T18211] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 453.631797][T18211] RSP: 002b:00000000f50c6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 SYZFAIL: failed to recv rpc [ 453.631807][T18211] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 453.631813][T18211] RDX: 000000000000fdef RSI: 00000000f742cff4 RDI: 0000000000000000 [ 453.631819][T18211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 453.631824][T18211] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 453.631830][T18211] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 453.631841][T18211] </TASK> fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 453.701967][T18211] Disabling lock debugging due to kernel taint [ 453.703811][T18211] BUG: Bad page state in process syz.3.4436 pfn:6c27f [ 453.705619][T18211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6c27f [ 453.707937][T18211] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 453.709879][T18211] raw: 04fff00000000000 dead000000000040 ffff88801f2bf000 0000000000000000 [ 453.712358][T18211] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 453.714626][T18211] page dumped because: page_pool leak [ 453.716361][T18211] page_owner tracks the page as allocated [ 453.717962][T18211] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 18211, tgid 18210 (syz.3.4436), ts 453573093253, free_ts 453521561730 [ 453.722497][T18211] post_alloc_hook+0x181/0x1b0 [ 453.723768][T18211] get_page_from_freelist+0xfce/0x2f80 [ 453.725415][T18211] __alloc_frozen_pages_noprof+0x221/0x2470 [ 453.727018][T18211] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 453.728505][T18211] __page_pool_alloc_pages_slow+0x18c/0x770 [ 453.730215][T18211] page_pool_alloc_netmems+0xc4/0x160 [ 453.731800][T18211] skb_pp_cow_data+0x776/0xf10 [ 453.733091][T18211] skb_cow_data_for_xdp+0x88/0xb0 [ 453.734445][T18211] do_xdp_generic+0x3f1/0xe70 [ 453.735681][T18211] tun_get_user+0x1e04/0x3e50 [ 453.736943][T18211] tun_chr_write_iter+0xdc/0x210 [ 453.738254][T18211] vfs_write+0x5ae/0x1150 [ 453.739458][T18211] ksys_write+0x12b/0x250 [ 453.740664][T18211] __do_fast_syscall_32+0x73/0x120 [ 453.742081][T18211] do_fast_syscall_32+0x32/0x80 [ 453.743324][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 453.745009][T18211] page last free pid 0 tgid 0 stack trace: [ 453.746623][T18211] free_frozen_pages+0x6db/0xfb0 [ 453.747988][T18211] tlb_remove_table_rcu+0x116/0x1a0 [ 453.749350][T18211] rcu_core+0x79d/0x14d0 [ 453.750514][T18211] handle_softirqs+0x213/0x8f0 [ 453.752007][T18211] __irq_exit_rcu+0x109/0x170 [ 453.753314][T18211] irq_exit_rcu+0x9/0x30 [ 453.754470][T18211] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 453.755964][T18211] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 453.757577][T18211] Modules linked in: [ 453.758652][T18211] CPU: 3 UID: 0 PID: 18211 Comm: syz.3.4436 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 453.758668][T18211] Tainted: [B]=BAD_PAGE [ 453.758672][T18211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 453.758678][T18211] Call Trace: [ 453.758682][T18211] <TASK> [ 453.758686][T18211] dump_stack_lvl+0x16c/0x1f0 [ 453.758700][T18211] bad_page+0xb3/0x1f0 [ 453.758711][T18211] ? __pfx_bad_page+0x10/0x10 [ 453.758720][T18211] ? page_bad_reason+0x9d/0x1e0 [ 453.758731][T18211] free_frozen_pages+0x701/0xfb0 [ 453.758747][T18211] page_frag_free+0x255/0x2a0 [ 453.758756][T18211] __xdp_return+0x363/0xac0 [ 453.758770][T18211] ? kmem_cache_free+0x2e2/0x4d0 [ 453.758785][T18211] bpf_xdp_adjust_tail+0x9de/0xf70 [ 453.758802][T18211] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 453.758810][T18211] bpf_prog_run_generic_xdp+0x623/0x1500 [ 453.758824][T18211] do_xdp_generic+0x70a/0xe70 [ 453.758835][T18211] ? __pfx_do_xdp_generic+0x10/0x10 [ 453.758849][T18211] ? tun_get_user+0x1d55/0x3e50 [ 453.758864][T18211] tun_get_user+0x1e04/0x3e50 [ 453.758879][T18211] ? __pfx___futex_wait+0x10/0x10 [ 453.758893][T18211] ? __pfx_tun_get_user+0x10/0x10 [ 453.758906][T18211] ? find_held_lock+0x2d/0x110 [ 453.758917][T18211] ? __pfx_lock_release+0x10/0x10 [ 453.758933][T18211] tun_chr_write_iter+0xdc/0x210 [ 453.758947][T18211] vfs_write+0x5ae/0x1150 [ 453.758960][T18211] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 453.758974][T18211] ? __pfx_lock_release+0x10/0x10 [ 453.758986][T18211] ? __pfx_vfs_write+0x10/0x10 [ 453.758999][T18211] ? lock_acquire+0x2f/0xb0 [ 453.759017][T18211] ? __fget_files+0x40/0x3b0 [ 453.759039][T18211] ksys_write+0x12b/0x250 [ 453.759059][T18211] ? __pfx_ksys_write+0x10/0x10 [ 453.759080][T18211] __do_fast_syscall_32+0x73/0x120 [ 453.759102][T18211] do_fast_syscall_32+0x32/0x80 [ 453.759121][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 453.759146][T18211] RIP: 0023:0xf7fa3579 [ 453.759159][T18211] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 453.759176][T18211] RSP: 002b:00000000f50c6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 453.759192][T18211] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 453.759203][T18211] RDX: 000000000000fdef RSI: 00000000f742cff4 RDI: 0000000000000000 [ 453.759213][T18211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 453.759223][T18211] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 453.759232][T18211] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 453.759247][T18211] </TASK> [ 453.759256][T18211] BUG: Bad page state in process syz.3.4436 pfn:6dbb5 [ 453.832093][T18211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6dbb5 [ 453.834415][T18211] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 453.836315][T18211] raw: 04fff00000000000 dead000000000040 ffff88801f2bf000 0000000000000000 [ 453.838614][T18211] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 453.840907][T18211] page dumped because: page_pool leak [ 453.842433][T18211] page_owner tracks the page as allocated [ 453.843932][T18211] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 18211, tgid 18210 (syz.3.4436), ts 453573088682, free_ts 453521568660 [ 453.848514][T18211] post_alloc_hook+0x181/0x1b0 [ 453.849783][T18211] get_page_from_freelist+0xfce/0x2f80 [ 453.851348][T18211] __alloc_frozen_pages_noprof+0x221/0x2470 [ 453.852908][T18211] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 453.854475][T18211] __page_pool_alloc_pages_slow+0x18c/0x770 [ 453.856001][T18211] page_pool_alloc_netmems+0xc4/0x160 [ 453.857426][T18211] skb_pp_cow_data+0x776/0xf10 [ 453.858783][T18211] skb_cow_data_for_xdp+0x88/0xb0 [ 453.860129][T18211] do_xdp_generic+0x3f1/0xe70 [ 453.861478][T18211] tun_get_user+0x1e04/0x3e50 [ 453.862767][T18211] tun_chr_write_iter+0xdc/0x210 [ 453.864102][T18211] vfs_write+0x5ae/0x1150 [ 453.865246][T18211] ksys_write+0x12b/0x250 [ 453.866425][T18211] __do_fast_syscall_32+0x73/0x120 [ 453.867832][T18211] do_fast_syscall_32+0x32/0x80 [ 453.869127][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 453.870819][T18211] page last free pid 0 tgid 0 stack trace: [ 453.872419][T18211] free_frozen_pages+0x6db/0xfb0 [ 453.873765][T18211] tlb_remove_table_rcu+0x116/0x1a0 [ 453.875151][T18211] rcu_core+0x79d/0x14d0 [ 453.876276][T18211] handle_softirqs+0x213/0x8f0 [ 453.877591][T18211] __irq_exit_rcu+0x109/0x170 [ 453.878843][T18211] irq_exit_rcu+0x9/0x30 [ 453.879995][T18211] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 453.881525][T18211] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 453.883140][T18211] Modules linked in: [ 453.884203][T18211] CPU: 3 UID: 0 PID: 18211 Comm: syz.3.4436 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 453.884218][T18211] Tainted: [B]=BAD_PAGE [ 453.884222][T18211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 453.884228][T18211] Call Trace: [ 453.884231][T18211] <TASK> [ 453.884235][T18211] dump_stack_lvl+0x16c/0x1f0 [ 453.884250][T18211] bad_page+0xb3/0x1f0 [ 453.884261][T18211] ? __pfx_bad_page+0x10/0x10 [ 453.884270][T18211] ? page_bad_reason+0x9d/0x1e0 [ 453.884283][T18211] free_frozen_pages+0x701/0xfb0 [ 453.884297][T18211] page_frag_free+0x255/0x2a0 [ 453.884307][T18211] __xdp_return+0x363/0xac0 [ 453.884321][T18211] ? kmem_cache_free+0x2e2/0x4d0 [ 453.884334][T18211] bpf_xdp_adjust_tail+0x9de/0xf70 [ 453.884352][T18211] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 453.884359][T18211] bpf_prog_run_generic_xdp+0x623/0x1500 [ 453.884374][T18211] do_xdp_generic+0x70a/0xe70 [ 453.884385][T18211] ? __pfx_do_xdp_generic+0x10/0x10 [ 453.884399][T18211] ? tun_get_user+0x1d55/0x3e50 [ 453.884415][T18211] tun_get_user+0x1e04/0x3e50 [ 453.884430][T18211] ? __pfx___futex_wait+0x10/0x10 [ 453.884444][T18211] ? __pfx_tun_get_user+0x10/0x10 [ 453.884457][T18211] ? find_held_lock+0x2d/0x110 [ 453.884469][T18211] ? __pfx_lock_release+0x10/0x10 [ 453.884485][T18211] tun_chr_write_iter+0xdc/0x210 [ 453.884498][T18211] vfs_write+0x5ae/0x1150 [ 453.884512][T18211] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 453.884526][T18211] ? __pfx_lock_release+0x10/0x10 [ 453.884539][T18211] ? __pfx_vfs_write+0x10/0x10 [ 453.884552][T18211] ? lock_acquire+0x2f/0xb0 [ 453.884564][T18211] ? __fget_files+0x40/0x3b0 [ 453.884580][T18211] ksys_write+0x12b/0x250 [ 453.884592][T18211] ? __pfx_ksys_write+0x10/0x10 [ 453.884606][T18211] __do_fast_syscall_32+0x73/0x120 [ 453.884620][T18211] do_fast_syscall_32+0x32/0x80 [ 453.884633][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 453.884648][T18211] RIP: 0023:0xf7fa3579 [ 453.884655][T18211] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 453.884665][T18211] RSP: 002b:00000000f50c6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 453.884675][T18211] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 453.884681][T18211] RDX: 000000000000fdef RSI: 00000000f742cff4 RDI: 0000000000000000 [ 453.884686][T18211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 453.884691][T18211] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 453.884697][T18211] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 453.884705][T18211] </TASK> [ 453.884711][T18211] BUG: Bad page state in process syz.3.4436 pfn:4a16a [ 453.957521][T18211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4a16a [ 453.959922][T18211] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 453.962000][T18211] raw: 04fff00000000000 dead000000000040 ffff88801f2bf000 0000000000000000 [ 453.964205][T18211] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 453.966371][T18211] page dumped because: page_pool leak [ 453.967769][T18211] page_owner tracks the page as allocated [ 453.969240][T18211] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 18211, tgid 18210 (syz.3.4436), ts 453573084160, free_ts 453521575652 [ 453.973812][T18211] post_alloc_hook+0x181/0x1b0 [ 453.975082][T18211] get_page_from_freelist+0xfce/0x2f80 [ 453.976515][T18211] __alloc_frozen_pages_noprof+0x221/0x2470 [ 453.978112][T18211] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 453.979594][T18211] __page_pool_alloc_pages_slow+0x18c/0x770 [ 453.981200][T18211] page_pool_alloc_netmems+0xc4/0x160 [ 453.982691][T18211] skb_pp_cow_data+0x776/0xf10 [ 453.983959][T18211] skb_cow_data_for_xdp+0x88/0xb0 [ 453.985335][T18211] do_xdp_generic+0x3f1/0xe70 [ 453.986590][T18211] tun_get_user+0x1e04/0x3e50 [ 453.987871][T18211] tun_chr_write_iter+0xdc/0x210 [ 453.989181][T18211] vfs_write+0x5ae/0x1150 [ 453.990335][T18211] ksys_write+0x12b/0x250 [ 453.991541][T18211] __do_fast_syscall_32+0x73/0x120 [ 453.992904][T18211] do_fast_syscall_32+0x32/0x80 [ 453.994167][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 453.995834][T18211] page last free pid 0 tgid 0 stack trace: [ 453.997390][T18211] free_frozen_pages+0x6db/0xfb0 [ 453.998719][T18211] tlb_remove_table_rcu+0x116/0x1a0 [ 454.000138][T18211] rcu_core+0x79d/0x14d0 [ 454.001345][T18211] handle_softirqs+0x213/0x8f0 [ 454.002627][T18211] __irq_exit_rcu+0x109/0x170 [ 454.003895][T18211] irq_exit_rcu+0x9/0x30 [ 454.005041][T18211] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 454.006516][T18211] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 454.008143][T18211] Modules linked in: [ 454.009199][T18211] CPU: 3 UID: 0 PID: 18211 Comm: syz.3.4436 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 454.009214][T18211] Tainted: [B]=BAD_PAGE [ 454.009218][T18211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 454.009224][T18211] Call Trace: [ 454.009228][T18211] <TASK> [ 454.009232][T18211] dump_stack_lvl+0x16c/0x1f0 [ 454.009247][T18211] bad_page+0xb3/0x1f0 [ 454.009257][T18211] ? __pfx_bad_page+0x10/0x10 [ 454.009266][T18211] ? page_bad_reason+0x9d/0x1e0 [ 454.009276][T18211] free_frozen_pages+0x701/0xfb0 [ 454.009295][T18211] page_frag_free+0x255/0x2a0 [ 454.009305][T18211] __xdp_return+0x363/0xac0 [ 454.009319][T18211] ? kmem_cache_free+0x2e2/0x4d0 [ 454.009333][T18211] bpf_xdp_adjust_tail+0x9de/0xf70 [ 454.009350][T18211] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 454.009358][T18211] bpf_prog_run_generic_xdp+0x623/0x1500 [ 454.009372][T18211] do_xdp_generic+0x70a/0xe70 [ 454.009383][T18211] ? __pfx_do_xdp_generic+0x10/0x10 [ 454.009397][T18211] ? tun_get_user+0x1d55/0x3e50 [ 454.009413][T18211] tun_get_user+0x1e04/0x3e50 [ 454.009428][T18211] ? __pfx___futex_wait+0x10/0x10 [ 454.009442][T18211] ? __pfx_tun_get_user+0x10/0x10 [ 454.009455][T18211] ? find_held_lock+0x2d/0x110 [ 454.009467][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.009483][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.009497][T18211] vfs_write+0x5ae/0x1150 [ 454.009510][T18211] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 454.009525][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.009537][T18211] ? __pfx_vfs_write+0x10/0x10 [ 454.009550][T18211] ? lock_acquire+0x2f/0xb0 [ 454.009562][T18211] ? __fget_files+0x40/0x3b0 [ 454.009578][T18211] ksys_write+0x12b/0x250 [ 454.009590][T18211] ? __pfx_ksys_write+0x10/0x10 [ 454.009604][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.009618][T18211] do_fast_syscall_32+0x32/0x80 [ 454.009632][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.009647][T18211] RIP: 0023:0xf7fa3579 [ 454.009655][T18211] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 454.009664][T18211] RSP: 002b:00000000f50c6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 454.009674][T18211] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 454.009680][T18211] RDX: 000000000000fdef RSI: 00000000f742cff4 RDI: 0000000000000000 [ 454.009686][T18211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 454.009691][T18211] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 454.009697][T18211] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 454.009705][T18211] </TASK> [ 454.009711][T18211] BUG: Bad page state in process syz.3.4436 pfn:6a3c9 [ 454.082992][T18211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x6a3c9 [ 454.085683][T18211] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 454.087647][T18211] raw: 04fff00000000000 dead000000000040 ffff88801f2bf000 0000000000000000 [ 454.089916][T18211] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 454.092244][T18211] page dumped because: page_pool leak [ 454.093675][T18211] page_owner tracks the page as allocated [ 454.095189][T18211] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 18211, tgid 18210 (syz.3.4436), ts 453573079363, free_ts 453521582648 [ 454.099699][T18211] post_alloc_hook+0x181/0x1b0 [ 454.101006][T18211] get_page_from_freelist+0xfce/0x2f80 [ 454.102535][T18211] __alloc_frozen_pages_noprof+0x221/0x2470 [ 454.104107][T18211] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 454.105608][T18211] __page_pool_alloc_pages_slow+0x18c/0x770 [ 454.107217][T18211] page_pool_alloc_netmems+0xc4/0x160 [ 454.108677][T18211] skb_pp_cow_data+0x776/0xf10 [ 454.109970][T18211] skb_cow_data_for_xdp+0x88/0xb0 [ 454.111380][T18211] do_xdp_generic+0x3f1/0xe70 [ 454.112638][T18211] tun_get_user+0x1e04/0x3e50 [ 454.113942][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.115343][T18211] vfs_write+0x5ae/0x1150 [ 454.116547][T18211] ksys_write+0x12b/0x250 [ 454.117779][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.119215][T18211] do_fast_syscall_32+0x32/0x80 [ 454.120564][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.122363][T18211] page last free pid 0 tgid 0 stack trace: [ 454.123960][T18211] free_frozen_pages+0x6db/0xfb0 [ 454.125344][T18211] tlb_remove_table_rcu+0x116/0x1a0 [ 454.126768][T18211] rcu_core+0x79d/0x14d0 [ 454.127954][T18211] handle_softirqs+0x213/0x8f0 [ 454.129282][T18211] __irq_exit_rcu+0x109/0x170 [ 454.130604][T18211] irq_exit_rcu+0x9/0x30 [ 454.131823][T18211] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 454.133378][T18211] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 454.135048][T18211] Modules linked in: [ 454.136145][T18211] CPU: 3 UID: 0 PID: 18211 Comm: syz.3.4436 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 454.136160][T18211] Tainted: [B]=BAD_PAGE [ 454.136163][T18211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 454.136169][T18211] Call Trace: [ 454.136173][T18211] <TASK> [ 454.136178][T18211] dump_stack_lvl+0x16c/0x1f0 [ 454.136192][T18211] bad_page+0xb3/0x1f0 [ 454.136203][T18211] ? __pfx_bad_page+0x10/0x10 [ 454.136217][T18211] ? page_bad_reason+0x9d/0x1e0 [ 454.136226][T18211] free_frozen_pages+0x701/0xfb0 [ 454.136240][T18211] page_frag_free+0x255/0x2a0 [ 454.136250][T18211] __xdp_return+0x363/0xac0 [ 454.136264][T18211] ? kmem_cache_free+0x2e2/0x4d0 [ 454.136278][T18211] bpf_xdp_adjust_tail+0x9de/0xf70 [ 454.136296][T18211] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 454.136304][T18211] bpf_prog_run_generic_xdp+0x623/0x1500 [ 454.136318][T18211] do_xdp_generic+0x70a/0xe70 [ 454.136329][T18211] ? __pfx_do_xdp_generic+0x10/0x10 [ 454.136343][T18211] ? tun_get_user+0x1d55/0x3e50 [ 454.136359][T18211] tun_get_user+0x1e04/0x3e50 [ 454.136374][T18211] ? __pfx___futex_wait+0x10/0x10 [ 454.136388][T18211] ? __pfx_tun_get_user+0x10/0x10 [ 454.136401][T18211] ? find_held_lock+0x2d/0x110 [ 454.136413][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.136429][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.136443][T18211] vfs_write+0x5ae/0x1150 [ 454.136457][T18211] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 454.136471][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.136483][T18211] ? __pfx_vfs_write+0x10/0x10 [ 454.136496][T18211] ? lock_acquire+0x2f/0xb0 [ 454.136508][T18211] ? __fget_files+0x40/0x3b0 [ 454.136524][T18211] ksys_write+0x12b/0x250 [ 454.136537][T18211] ? __pfx_ksys_write+0x10/0x10 [ 454.136551][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.136564][T18211] do_fast_syscall_32+0x32/0x80 [ 454.136578][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.136593][T18211] RIP: 0023:0xf7fa3579 [ 454.136600][T18211] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 454.136610][T18211] RSP: 002b:00000000f50c6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 454.136620][T18211] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 454.136626][T18211] RDX: 000000000000fdef RSI: 00000000f742cff4 RDI: 0000000000000000 [ 454.136631][T18211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 454.136637][T18211] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 454.136643][T18211] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 454.136650][T18211] </TASK> [ 454.136657][T18211] BUG: Bad page state in process syz.3.4436 pfn:4cbea [ 454.209558][T18211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x4cbea [ 454.212350][T18211] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 454.214312][T18211] raw: 04fff00000000000 dead000000000040 ffff88801f2bf000 0000000000000000 [ 454.216652][T18211] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 454.219005][T18211] page dumped because: page_pool leak [ 454.220464][T18211] page_owner tracks the page as allocated [ 454.222056][T18211] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 18211, tgid 18210 (syz.3.4436), ts 453573075342, free_ts 453521589478 [ 454.226614][T18211] post_alloc_hook+0x181/0x1b0 [ 454.227946][T18211] get_page_from_freelist+0xfce/0x2f80 [ 454.229447][T18211] __alloc_frozen_pages_noprof+0x221/0x2470 [ 454.231082][T18211] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 454.232628][T18211] __page_pool_alloc_pages_slow+0x18c/0x770 [ 454.234258][T18211] page_pool_alloc_netmems+0xc4/0x160 [ 454.235752][T18211] skb_pp_cow_data+0x776/0xf10 [ 454.237082][T18211] skb_cow_data_for_xdp+0x88/0xb0 [ 454.238491][T18211] do_xdp_generic+0x3f1/0xe70 [ 454.239796][T18211] tun_get_user+0x1e04/0x3e50 [ 454.241093][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.242496][T18211] vfs_write+0x5ae/0x1150 [ 454.243672][T18211] ksys_write+0x12b/0x250 [ 454.244824][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.246186][T18211] do_fast_syscall_32+0x32/0x80 [ 454.247515][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.249189][T18211] page last free pid 0 tgid 0 stack trace: [ 454.250775][T18211] free_frozen_pages+0x6db/0xfb0 [ 454.252145][T18211] tlb_remove_table_rcu+0x116/0x1a0 [ 454.253537][T18211] rcu_core+0x79d/0x14d0 [ 454.254727][T18211] handle_softirqs+0x213/0x8f0 [ 454.256021][T18211] __irq_exit_rcu+0x109/0x170 [ 454.257336][T18211] irq_exit_rcu+0x9/0x30 [ 454.258490][T18211] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 454.260005][T18211] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 454.261639][T18211] Modules linked in: [ 454.262716][T18211] CPU: 3 UID: 0 PID: 18211 Comm: syz.3.4436 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 454.262732][T18211] Tainted: [B]=BAD_PAGE [ 454.262735][T18211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 454.262741][T18211] Call Trace: [ 454.262746][T18211] <TASK> [ 454.262750][T18211] dump_stack_lvl+0x16c/0x1f0 [ 454.262764][T18211] bad_page+0xb3/0x1f0 [ 454.262775][T18211] ? __pfx_bad_page+0x10/0x10 [ 454.262784][T18211] ? page_bad_reason+0x9d/0x1e0 [ 454.262794][T18211] free_frozen_pages+0x701/0xfb0 [ 454.262808][T18211] page_frag_free+0x255/0x2a0 [ 454.262817][T18211] __xdp_return+0x363/0xac0 [ 454.262832][T18211] ? kmem_cache_free+0x2e2/0x4d0 [ 454.262845][T18211] bpf_xdp_adjust_tail+0x9de/0xf70 [ 454.262863][T18211] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 454.262871][T18211] bpf_prog_run_generic_xdp+0x623/0x1500 [ 454.262885][T18211] do_xdp_generic+0x70a/0xe70 [ 454.262896][T18211] ? __pfx_do_xdp_generic+0x10/0x10 [ 454.262910][T18211] ? tun_get_user+0x1d55/0x3e50 [ 454.262925][T18211] tun_get_user+0x1e04/0x3e50 [ 454.262939][T18211] ? __pfx___futex_wait+0x10/0x10 [ 454.262954][T18211] ? __pfx_tun_get_user+0x10/0x10 [ 454.262967][T18211] ? find_held_lock+0x2d/0x110 [ 454.262978][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.262994][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.263012][T18211] vfs_write+0x5ae/0x1150 [ 454.263025][T18211] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 454.263040][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.263052][T18211] ? __pfx_vfs_write+0x10/0x10 [ 454.263065][T18211] ? lock_acquire+0x2f/0xb0 [ 454.263077][T18211] ? __fget_files+0x40/0x3b0 [ 454.263093][T18211] ksys_write+0x12b/0x250 [ 454.263106][T18211] ? __pfx_ksys_write+0x10/0x10 [ 454.263120][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.263134][T18211] do_fast_syscall_32+0x32/0x80 [ 454.263147][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.263163][T18211] RIP: 0023:0xf7fa3579 [ 454.263170][T18211] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 454.263180][T18211] RSP: 002b:00000000f50c6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 454.263189][T18211] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 454.263195][T18211] RDX: 000000000000fdef RSI: 00000000f742cff4 RDI: 0000000000000000 [ 454.263200][T18211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 454.263206][T18211] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 454.263211][T18211] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 454.263219][T18211] </TASK> [ 454.263227][T18211] BUG: Bad page state in process syz.3.4436 pfn:47b76 [ 454.334250][T18211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x47b76 [ 454.336937][T18211] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 454.338861][T18211] raw: 04fff00000000000 dead000000000040 ffff88801f2bf000 0000000000000000 [ 454.341092][T18211] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 454.343406][T18211] page dumped because: page_pool leak [ 454.344844][T18211] page_owner tracks the page as allocated [ 454.346360][T18211] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 18211, tgid 18210 (syz.3.4436), ts 453573071147, free_ts 453521596530 [ 454.350786][T18211] post_alloc_hook+0x181/0x1b0 [ 454.352123][T18211] get_page_from_freelist+0xfce/0x2f80 [ 454.353566][T18211] __alloc_frozen_pages_noprof+0x221/0x2470 [ 454.355157][T18211] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 454.356628][T18211] __page_pool_alloc_pages_slow+0x18c/0x770 [ 454.358218][T18211] page_pool_alloc_netmems+0xc4/0x160 [ 454.359670][T18211] skb_pp_cow_data+0x776/0xf10 [ 454.360965][T18211] skb_cow_data_for_xdp+0x88/0xb0 [ 454.362369][T18211] do_xdp_generic+0x3f1/0xe70 [ 454.363632][T18211] tun_get_user+0x1e04/0x3e50 [ 454.364918][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.366247][T18211] vfs_write+0x5ae/0x1150 [ 454.367438][T18211] ksys_write+0x12b/0x250 [ 454.368640][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.370023][T18211] do_fast_syscall_32+0x32/0x80 [ 454.371398][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.373058][T18211] page last free pid 0 tgid 0 stack trace: [ 454.374599][T18211] free_frozen_pages+0x6db/0xfb0 [ 454.375946][T18211] tlb_remove_table_rcu+0x116/0x1a0 [ 454.377344][T18211] rcu_core+0x79d/0x14d0 [ 454.378488][T18211] handle_softirqs+0x213/0x8f0 [ 454.379769][T18211] __irq_exit_rcu+0x109/0x170 [ 454.381027][T18211] irq_exit_rcu+0x9/0x30 [ 454.382219][T18211] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 454.383743][T18211] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 454.385369][T18211] Modules linked in: [ 454.386445][T18211] CPU: 3 UID: 0 PID: 18211 Comm: syz.3.4436 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 454.386460][T18211] Tainted: [B]=BAD_PAGE [ 454.386463][T18211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 454.386469][T18211] Call Trace: [ 454.386473][T18211] <TASK> [ 454.386478][T18211] dump_stack_lvl+0x16c/0x1f0 [ 454.386492][T18211] bad_page+0xb3/0x1f0 [ 454.386501][T18211] ? __pfx_bad_page+0x10/0x10 [ 454.386511][T18211] ? page_bad_reason+0x9d/0x1e0 [ 454.386521][T18211] free_frozen_pages+0x701/0xfb0 [ 454.386535][T18211] page_frag_free+0x255/0x2a0 [ 454.386544][T18211] __xdp_return+0x363/0xac0 [ 454.386558][T18211] ? kmem_cache_free+0x2e2/0x4d0 [ 454.386572][T18211] bpf_xdp_adjust_tail+0x9de/0xf70 [ 454.386589][T18211] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 454.386597][T18211] bpf_prog_run_generic_xdp+0x623/0x1500 [ 454.386612][T18211] do_xdp_generic+0x70a/0xe70 [ 454.386623][T18211] ? __pfx_do_xdp_generic+0x10/0x10 [ 454.386636][T18211] ? tun_get_user+0x1d55/0x3e50 [ 454.386652][T18211] tun_get_user+0x1e04/0x3e50 [ 454.386666][T18211] ? __pfx___futex_wait+0x10/0x10 [ 454.386681][T18211] ? __pfx_tun_get_user+0x10/0x10 [ 454.386694][T18211] ? find_held_lock+0x2d/0x110 [ 454.386705][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.386722][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.386736][T18211] vfs_write+0x5ae/0x1150 [ 454.386750][T18211] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 454.386763][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.386776][T18211] ? __pfx_vfs_write+0x10/0x10 [ 454.386789][T18211] ? lock_acquire+0x2f/0xb0 [ 454.386801][T18211] ? __fget_files+0x40/0x3b0 [ 454.386817][T18211] ksys_write+0x12b/0x250 [ 454.386830][T18211] ? __pfx_ksys_write+0x10/0x10 [ 454.386843][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.386857][T18211] do_fast_syscall_32+0x32/0x80 [ 454.386870][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.386885][T18211] RIP: 0023:0xf7fa3579 [ 454.386893][T18211] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 454.386902][T18211] RSP: 002b:00000000f50c6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 454.386912][T18211] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 454.386918][T18211] RDX: 000000000000fdef RSI: 00000000f742cff4 RDI: 0000000000000000 [ 454.386924][T18211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 454.386929][T18211] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 454.386935][T18211] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 454.386943][T18211] </TASK> [ 454.386949][T18211] BUG: Bad page state in process syz.3.4436 pfn:700df [ 454.458446][T18211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x700df [ 454.460704][T18211] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 454.462683][T18211] raw: 04fff00000000000 dead000000000040 ffff88801f2bf000 0000000000000000 [ 454.464968][T18211] raw: 0000000000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 454.467304][T18211] page dumped because: page_pool leak [ 454.468773][T18211] page_owner tracks the page as allocated [ 454.470277][T18211] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 18211, tgid 18210 (syz.3.4436), ts 453573066347, free_ts 453521603483 [ 454.474998][T18211] post_alloc_hook+0x181/0x1b0 [ 454.476316][T18211] get_page_from_freelist+0xfce/0x2f80 [ 454.477794][T18211] __alloc_frozen_pages_noprof+0x221/0x2470 [ 454.479404][T18211] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 454.480884][T18211] __page_pool_alloc_pages_slow+0x18c/0x770 [ 454.482538][T18211] page_pool_alloc_netmems+0xc4/0x160 [ 454.483971][T18211] skb_pp_cow_data+0x776/0xf10 [ 454.485291][T18211] skb_cow_data_for_xdp+0x88/0xb0 [ 454.486661][T18211] do_xdp_generic+0x3f1/0xe70 [ 454.487958][T18211] tun_get_user+0x1e04/0x3e50 [ 454.489218][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.490568][T18211] vfs_write+0x5ae/0x1150 [ 454.491778][T18211] ksys_write+0x12b/0x250 [ 454.492948][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.494310][T18211] do_fast_syscall_32+0x32/0x80 [ 454.495644][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.497319][T18211] page last free pid 0 tgid 0 stack trace: [ 454.498861][T18211] free_frozen_pages+0x6db/0xfb0 [ 454.500223][T18211] tlb_remove_table_rcu+0x116/0x1a0 [ 454.501663][T18211] rcu_core+0x79d/0x14d0 [ 454.502805][T18211] handle_softirqs+0x213/0x8f0 [ 454.504130][T18211] __irq_exit_rcu+0x109/0x170 [ 454.505464][T18211] irq_exit_rcu+0x9/0x30 [ 454.506607][T18211] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 454.508137][T18211] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 454.509735][T18211] Modules linked in: [ 454.510861][T18211] CPU: 3 UID: 0 PID: 18211 Comm: syz.3.4436 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 454.510876][T18211] Tainted: [B]=BAD_PAGE [ 454.510880][T18211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 454.510886][T18211] Call Trace: [ 454.510891][T18211] <TASK> [ 454.510896][T18211] dump_stack_lvl+0x16c/0x1f0 [ 454.510911][T18211] bad_page+0xb3/0x1f0 [ 454.510920][T18211] ? __pfx_bad_page+0x10/0x10 [ 454.510930][T18211] ? page_bad_reason+0x9d/0x1e0 [ 454.510939][T18211] free_frozen_pages+0x701/0xfb0 [ 454.510953][T18211] page_frag_free+0x255/0x2a0 [ 454.510963][T18211] __xdp_return+0x363/0xac0 [ 454.510977][T18211] ? kmem_cache_free+0x2e2/0x4d0 [ 454.510991][T18211] bpf_xdp_adjust_tail+0x9de/0xf70 [ 454.511008][T18211] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 454.511016][T18211] bpf_prog_run_generic_xdp+0x623/0x1500 [ 454.511030][T18211] do_xdp_generic+0x70a/0xe70 [ 454.511041][T18211] ? __pfx_do_xdp_generic+0x10/0x10 [ 454.511060][T18211] ? tun_get_user+0x1d55/0x3e50 [ 454.511075][T18211] tun_get_user+0x1e04/0x3e50 [ 454.511090][T18211] ? __pfx___futex_wait+0x10/0x10 [ 454.511104][T18211] ? __pfx_tun_get_user+0x10/0x10 [ 454.511117][T18211] ? find_held_lock+0x2d/0x110 [ 454.511128][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.511144][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.511158][T18211] vfs_write+0x5ae/0x1150 [ 454.511171][T18211] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 454.511185][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.511198][T18211] ? __pfx_vfs_write+0x10/0x10 [ 454.511210][T18211] ? lock_acquire+0x2f/0xb0 [ 454.511222][T18211] ? __fget_files+0x40/0x3b0 [ 454.511238][T18211] ksys_write+0x12b/0x250 [ 454.511250][T18211] ? __pfx_ksys_write+0x10/0x10 [ 454.511265][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.511278][T18211] do_fast_syscall_32+0x32/0x80 [ 454.511303][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.511318][T18211] RIP: 0023:0xf7fa3579 [ 454.511326][T18211] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 454.511336][T18211] RSP: 002b:00000000f50c6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 454.511346][T18211] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 454.511352][T18211] RDX: 000000000000fdef RSI: 00000000f742cff4 RDI: 0000000000000000 [ 454.511358][T18211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 454.511363][T18211] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 454.511369][T18211] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 454.511377][T18211] </TASK> [ 454.581085][T18211] BUG: Bad page state in process syz.3.4436 pfn:4cdd2 [ 454.582974][T18211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x4cdd2 [ 454.585622][T18211] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 454.587573][T18211] raw: 04fff00000000000 dead000000000040 ffff88801f2bf000 0000000000000000 [ 454.589950][T18211] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 454.592390][T18211] page dumped because: page_pool leak [ 454.593960][T18211] page_owner tracks the page as allocated [ 454.595580][T18211] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 18211, tgid 18210 (syz.3.4436), ts 453573062096, free_ts 453521610683 [ 454.600056][T18211] post_alloc_hook+0x181/0x1b0 [ 454.601384][T18211] get_page_from_freelist+0xfce/0x2f80 [ 454.602862][T18211] __alloc_frozen_pages_noprof+0x221/0x2470 [ 454.604472][T18211] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 454.605942][T18211] __page_pool_alloc_pages_slow+0x18c/0x770 [ 454.607641][T18211] page_pool_alloc_netmems+0xc4/0x160 [ 454.609078][T18211] skb_pp_cow_data+0x776/0xf10 [ 454.610386][T18211] skb_cow_data_for_xdp+0x88/0xb0 [ 454.611792][T18211] do_xdp_generic+0x3f1/0xe70 [ 454.613110][T18211] tun_get_user+0x1e04/0x3e50 [ 454.614416][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.615746][T18211] vfs_write+0x5ae/0x1150 [ 454.616899][T18211] ksys_write+0x12b/0x250 [ 454.618055][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.619495][T18211] do_fast_syscall_32+0x32/0x80 [ 454.620811][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.622532][T18211] page last free pid 0 tgid 0 stack trace: [ 454.624109][T18211] free_frozen_pages+0x6db/0xfb0 [ 454.625463][T18211] tlb_remove_table_rcu+0x116/0x1a0 [ 454.626937][T18211] rcu_core+0x79d/0x14d0 [ 454.628084][T18211] handle_softirqs+0x213/0x8f0 [ 454.629362][T18211] __irq_exit_rcu+0x109/0x170 [ 454.630646][T18211] irq_exit_rcu+0x9/0x30 [ 454.631872][T18211] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 454.633376][T18211] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 454.635063][T18211] Modules linked in: [ 454.636181][T18211] CPU: 3 UID: 0 PID: 18211 Comm: syz.3.4436 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 454.636196][T18211] Tainted: [B]=BAD_PAGE [ 454.636200][T18211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 454.636206][T18211] Call Trace: [ 454.636210][T18211] <TASK> [ 454.636215][T18211] dump_stack_lvl+0x16c/0x1f0 [ 454.636230][T18211] bad_page+0xb3/0x1f0 [ 454.636240][T18211] ? __pfx_bad_page+0x10/0x10 [ 454.636250][T18211] ? page_bad_reason+0x9d/0x1e0 [ 454.636259][T18211] free_frozen_pages+0x701/0xfb0 [ 454.636273][T18211] page_frag_free+0x255/0x2a0 [ 454.636283][T18211] __xdp_return+0x363/0xac0 [ 454.636297][T18211] ? kmem_cache_free+0x2e2/0x4d0 [ 454.636311][T18211] bpf_xdp_adjust_tail+0x9de/0xf70 [ 454.636328][T18211] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 454.636336][T18211] bpf_prog_run_generic_xdp+0x623/0x1500 [ 454.636350][T18211] do_xdp_generic+0x70a/0xe70 [ 454.636361][T18211] ? __pfx_do_xdp_generic+0x10/0x10 [ 454.636375][T18211] ? tun_get_user+0x1d55/0x3e50 [ 454.636391][T18211] tun_get_user+0x1e04/0x3e50 [ 454.636406][T18211] ? __pfx___futex_wait+0x10/0x10 [ 454.636420][T18211] ? __pfx_tun_get_user+0x10/0x10 [ 454.636433][T18211] ? find_held_lock+0x2d/0x110 [ 454.636445][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.636461][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.636475][T18211] vfs_write+0x5ae/0x1150 [ 454.636488][T18211] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 454.636502][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.636515][T18211] ? __pfx_vfs_write+0x10/0x10 [ 454.636528][T18211] ? lock_acquire+0x2f/0xb0 [ 454.636540][T18211] ? __fget_files+0x40/0x3b0 [ 454.636555][T18211] ksys_write+0x12b/0x250 [ 454.636568][T18211] ? __pfx_ksys_write+0x10/0x10 [ 454.636582][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.636596][T18211] do_fast_syscall_32+0x32/0x80 [ 454.636609][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.636625][T18211] RIP: 0023:0xf7fa3579 [ 454.636633][T18211] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 454.636642][T18211] RSP: 002b:00000000f50c6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 454.636652][T18211] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 454.636658][T18211] RDX: 000000000000fdef RSI: 00000000f742cff4 RDI: 0000000000000000 [ 454.636664][T18211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 454.636669][T18211] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 454.636675][T18211] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 454.636683][T18211] </TASK> [ 454.636689][T18211] BUG: Bad page state in process syz.3.4436 pfn:6afe4 [ 454.709772][T18211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88806afe49c0 pfn:0x6afe4 [ 454.712518][T18211] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 454.714568][T18211] raw: 04fff00000000000 dead000000000040 ffff88801f2bf000 0000000000000000 [ 454.716842][T18211] raw: ffff88806afe49c0 0000000000000001 00000000ffffffff 0000000000000000 [ 454.719144][T18211] page dumped because: page_pool leak [ 454.720579][T18211] page_owner tracks the page as allocated [ 454.722139][T18211] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 18211, tgid 18210 (syz.3.4436), ts 453573058083, free_ts 453521618223 [ 454.726630][T18211] post_alloc_hook+0x181/0x1b0 [ 454.728013][T18211] get_page_from_freelist+0xfce/0x2f80 [ 454.729494][T18211] __alloc_frozen_pages_noprof+0x221/0x2470 [ 454.731159][T18211] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 454.732690][T18211] __page_pool_alloc_pages_slow+0x18c/0x770 [ 454.734290][T18211] page_pool_alloc_netmems+0xc4/0x160 [ 454.735751][T18211] skb_pp_cow_data+0x776/0xf10 [ 454.737126][T18211] skb_cow_data_for_xdp+0x88/0xb0 [ 454.738507][T18211] do_xdp_generic+0x3f1/0xe70 [ 454.739786][T18211] tun_get_user+0x1e04/0x3e50 [ 454.741067][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.742463][T18211] vfs_write+0x5ae/0x1150 [ 454.743671][T18211] ksys_write+0x12b/0x250 [ 454.744850][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.746194][T18211] do_fast_syscall_32+0x32/0x80 [ 454.747527][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.749219][T18211] page last free pid 0 tgid 0 stack trace: [ 454.750823][T18211] free_frozen_pages+0x6db/0xfb0 [ 454.752218][T18211] tlb_remove_table_rcu+0x116/0x1a0 [ 454.753580][T18211] rcu_core+0x79d/0x14d0 [ 454.754772][T18211] handle_softirqs+0x213/0x8f0 [ 454.756093][T18211] __irq_exit_rcu+0x109/0x170 [ 454.757387][T18211] irq_exit_rcu+0x9/0x30 [ 454.758545][T18211] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 454.760082][T18211] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 454.761726][T18211] Modules linked in: [ 454.762819][T18211] CPU: 3 UID: 0 PID: 18211 Comm: syz.3.4436 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 454.762834][T18211] Tainted: [B]=BAD_PAGE [ 454.762837][T18211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 454.762843][T18211] Call Trace: [ 454.762847][T18211] <TASK> [ 454.762851][T18211] dump_stack_lvl+0x16c/0x1f0 [ 454.762865][T18211] bad_page+0xb3/0x1f0 [ 454.762875][T18211] ? __pfx_bad_page+0x10/0x10 [ 454.762884][T18211] ? page_bad_reason+0x9d/0x1e0 [ 454.762894][T18211] free_frozen_pages+0x701/0xfb0 [ 454.762908][T18211] page_frag_free+0x255/0x2a0 [ 454.762917][T18211] __xdp_return+0x363/0xac0 [ 454.762931][T18211] ? kmem_cache_free+0x2e2/0x4d0 [ 454.762945][T18211] bpf_xdp_adjust_tail+0x9de/0xf70 [ 454.762962][T18211] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 454.762970][T18211] bpf_prog_run_generic_xdp+0x623/0x1500 [ 454.762984][T18211] do_xdp_generic+0x70a/0xe70 [ 454.762995][T18211] ? __pfx_do_xdp_generic+0x10/0x10 [ 454.763009][T18211] ? tun_get_user+0x1d55/0x3e50 [ 454.763028][T18211] tun_get_user+0x1e04/0x3e50 [ 454.763042][T18211] ? __pfx___futex_wait+0x10/0x10 [ 454.763057][T18211] ? __pfx_tun_get_user+0x10/0x10 [ 454.763070][T18211] ? find_held_lock+0x2d/0x110 [ 454.763082][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.763098][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.763112][T18211] vfs_write+0x5ae/0x1150 [ 454.763125][T18211] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 454.763139][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.763151][T18211] ? __pfx_vfs_write+0x10/0x10 [ 454.763164][T18211] ? lock_acquire+0x2f/0xb0 [ 454.763176][T18211] ? __fget_files+0x40/0x3b0 [ 454.763192][T18211] ksys_write+0x12b/0x250 [ 454.763204][T18211] ? __pfx_ksys_write+0x10/0x10 [ 454.763218][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.763233][T18211] do_fast_syscall_32+0x32/0x80 [ 454.763246][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.763261][T18211] RIP: 0023:0xf7fa3579 [ 454.763268][T18211] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 454.763278][T18211] RSP: 002b:00000000f50c6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 454.763287][T18211] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 454.763293][T18211] RDX: 000000000000fdef RSI: 00000000f742cff4 RDI: 0000000000000000 [ 454.763299][T18211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 454.763304][T18211] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 454.763310][T18211] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 454.763318][T18211] </TASK> [ 454.763324][T18211] BUG: Bad page state in process syz.3.4436 pfn:72429 [ 454.834678][T18211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x2 pfn:0x72429 [ 454.837044][T18211] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 454.838973][T18211] raw: 04fff00000000000 dead000000000040 ffff88801f2bf000 0000000000000000 [ 454.841240][T18211] raw: 0000000000000002 0000000000000001 00000000ffffffff 0000000000000000 [ 454.843567][T18211] page dumped because: page_pool leak [ 454.845031][T18211] page_owner tracks the page as allocated [ 454.846571][T18211] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 18211, tgid 18210 (syz.3.4436), ts 453573054088, free_ts 453521625421 [ 454.851138][T18211] post_alloc_hook+0x181/0x1b0 [ 454.852506][T18211] get_page_from_freelist+0xfce/0x2f80 [ 454.853957][T18211] __alloc_frozen_pages_noprof+0x221/0x2470 [ 454.855591][T18211] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 454.857120][T18211] __page_pool_alloc_pages_slow+0x18c/0x770 [ 454.858709][T18211] page_pool_alloc_netmems+0xc4/0x160 [ 454.860172][T18211] skb_pp_cow_data+0x776/0xf10 [ 454.861509][T18211] skb_cow_data_for_xdp+0x88/0xb0 [ 454.862870][T18211] do_xdp_generic+0x3f1/0xe70 [ 454.864174][T18211] tun_get_user+0x1e04/0x3e50 [ 454.865476][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.866855][T18211] vfs_write+0x5ae/0x1150 [ 454.868018][T18211] ksys_write+0x12b/0x250 [ 454.869186][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.870578][T18211] do_fast_syscall_32+0x32/0x80 [ 454.871942][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.873634][T18211] page last free pid 0 tgid 0 stack trace: [ 454.875262][T18211] free_frozen_pages+0x6db/0xfb0 [ 454.876747][T18211] tlb_remove_table_rcu+0x116/0x1a0 [ 454.878134][T18211] rcu_core+0x79d/0x14d0 [ 454.879298][T18211] handle_softirqs+0x213/0x8f0 [ 454.880608][T18211] __irq_exit_rcu+0x109/0x170 [ 454.881939][T18211] irq_exit_rcu+0x9/0x30 [ 454.883121][T18211] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 454.884621][T18211] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 454.886247][T18211] Modules linked in: [ 454.887364][T18211] CPU: 3 UID: 0 PID: 18211 Comm: syz.3.4436 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 454.887379][T18211] Tainted: [B]=BAD_PAGE [ 454.887383][T18211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 454.887388][T18211] Call Trace: [ 454.887393][T18211] <TASK> [ 454.887397][T18211] dump_stack_lvl+0x16c/0x1f0 [ 454.887412][T18211] bad_page+0xb3/0x1f0 [ 454.887422][T18211] ? __pfx_bad_page+0x10/0x10 [ 454.887431][T18211] ? page_bad_reason+0x9d/0x1e0 [ 454.887441][T18211] free_frozen_pages+0x701/0xfb0 [ 454.887456][T18211] page_frag_free+0x255/0x2a0 [ 454.887465][T18211] __xdp_return+0x363/0xac0 [ 454.887479][T18211] ? kmem_cache_free+0x2e2/0x4d0 [ 454.887493][T18211] bpf_xdp_adjust_tail+0x9de/0xf70 [ 454.887510][T18211] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 454.887518][T18211] bpf_prog_run_generic_xdp+0x623/0x1500 [ 454.887533][T18211] do_xdp_generic+0x70a/0xe70 [ 454.887544][T18211] ? __pfx_do_xdp_generic+0x10/0x10 [ 454.887558][T18211] ? tun_get_user+0x1d55/0x3e50 [ 454.887573][T18211] tun_get_user+0x1e04/0x3e50 [ 454.887588][T18211] ? __pfx___futex_wait+0x10/0x10 [ 454.887603][T18211] ? __pfx_tun_get_user+0x10/0x10 [ 454.887616][T18211] ? find_held_lock+0x2d/0x110 [ 454.887627][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.887643][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.887657][T18211] vfs_write+0x5ae/0x1150 [ 454.887670][T18211] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 454.887684][T18211] ? __pfx_lock_release+0x10/0x10 [ 454.887697][T18211] ? __pfx_vfs_write+0x10/0x10 [ 454.887709][T18211] ? lock_acquire+0x2f/0xb0 [ 454.887722][T18211] ? __fget_files+0x40/0x3b0 [ 454.887738][T18211] ksys_write+0x12b/0x250 [ 454.887751][T18211] ? __pfx_ksys_write+0x10/0x10 [ 454.887765][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.887779][T18211] do_fast_syscall_32+0x32/0x80 [ 454.887792][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.887807][T18211] RIP: 0023:0xf7fa3579 [ 454.887814][T18211] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 454.887824][T18211] RSP: 002b:00000000f50c6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 454.887833][T18211] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 454.887840][T18211] RDX: 000000000000fdef RSI: 00000000f742cff4 RDI: 0000000000000000 [ 454.887846][T18211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 454.887851][T18211] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 454.887857][T18211] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 454.887865][T18211] </TASK> [ 454.887871][T18211] BUG: Bad page state in process syz.3.4436 pfn:54164 [ 454.960062][T18211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x54164 [ 454.962791][T18211] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 454.964728][T18211] raw: 04fff00000000000 dead000000000040 ffff88801f2bf000 0000000000000000 [ 454.967054][T18211] raw: ffff888000000000 0000000000000001 00000000ffffffff 0000000000000000 [ 454.969321][T18211] page dumped because: page_pool leak [ 454.970751][T18211] page_owner tracks the page as allocated [ 454.972326][T18211] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 18211, tgid 18210 (syz.3.4436), ts 453573049053, free_ts 453521633373 [ 454.976811][T18211] post_alloc_hook+0x181/0x1b0 [ 454.978120][T18211] get_page_from_freelist+0xfce/0x2f80 [ 454.979580][T18211] __alloc_frozen_pages_noprof+0x221/0x2470 [ 454.981170][T18211] alloc_pages_bulk_noprof+0x6f9/0x1390 [ 454.982697][T18211] __page_pool_alloc_pages_slow+0x18c/0x770 [ 454.984300][T18211] page_pool_alloc_netmems+0xc4/0x160 [ 454.985760][T18211] skb_pp_cow_data+0x776/0xf10 [ 454.987066][T18211] skb_cow_data_for_xdp+0x88/0xb0 [ 454.988408][T18211] do_xdp_generic+0x3f1/0xe70 [ 454.989699][T18211] tun_get_user+0x1e04/0x3e50 [ 454.990972][T18211] tun_chr_write_iter+0xdc/0x210 [ 454.992330][T18211] vfs_write+0x5ae/0x1150 [ 454.993514][T18211] ksys_write+0x12b/0x250 [ 454.994710][T18211] __do_fast_syscall_32+0x73/0x120 [ 454.996124][T18211] do_fast_syscall_32+0x32/0x80 [ 454.997453][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 454.999165][T18211] page last free pid 0 tgid 0 stack trace: [ 455.000696][T18211] free_frozen_pages+0x6db/0xfb0 [ 455.002075][T18211] tlb_remove_table_rcu+0x116/0x1a0 [ 455.003467][T18211] rcu_core+0x79d/0x14d0 [ 455.004606][T18211] handle_softirqs+0x213/0x8f0 [ 455.005871][T18211] __irq_exit_rcu+0x109/0x170 [ 455.007210][T18211] irq_exit_rcu+0x9/0x30 [ 455.008356][T18211] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 455.009924][T18211] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 455.011594][T18211] Modules linked in: [ 455.012653][T18211] CPU: 3 UID: 0 PID: 18211 Comm: syz.3.4436 Tainted: G B 6.14.0-syzkaller-00624-g2f2d52945852 #0 [ 455.012668][T18211] Tainted: [B]=BAD_PAGE [ 455.012672][T18211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 455.012678][T18211] Call Trace: [ 455.012682][T18211] <TASK> [ 455.012687][T18211] dump_stack_lvl+0x16c/0x1f0 [ 455.012701][T18211] bad_page+0xb3/0x1f0 [ 455.012711][T18211] ? __pfx_bad_page+0x10/0x10 [ 455.012720][T18211] ? page_bad_reason+0x9d/0x1e0 [ 455.012730][T18211] free_frozen_pages+0x701/0xfb0 [ 455.012744][T18211] page_frag_free+0x255/0x2a0 [ 455.012753][T18211] __xdp_return+0x363/0xac0 [ 455.012767][T18211] ? kmem_cache_free+0x2e2/0x4d0 [ 455.012781][T18211] bpf_xdp_adjust_tail+0x9de/0xf70 [ 455.012798][T18211] bpf_prog_f476d5219b92964a+0x1e/0x20 [ 455.012806][T18211] bpf_prog_run_generic_xdp+0x623/0x1500 [ 455.012820][T18211] do_xdp_generic+0x70a/0xe70 [ 455.012832][T18211] ? __pfx_do_xdp_generic+0x10/0x10 [ 455.012845][T18211] ? tun_get_user+0x1d55/0x3e50 [ 455.012860][T18211] tun_get_user+0x1e04/0x3e50 [ 455.012875][T18211] ? __pfx___futex_wait+0x10/0x10 [ 455.012890][T18211] ? __pfx_tun_get_user+0x10/0x10 [ 455.012903][T18211] ? find_held_lock+0x2d/0x110 [ 455.012915][T18211] ? __pfx_lock_release+0x10/0x10 [ 455.012931][T18211] tun_chr_write_iter+0xdc/0x210 [ 455.012945][T18211] vfs_write+0x5ae/0x1150 [ 455.012958][T18211] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 455.012972][T18211] ? __pfx_lock_release+0x10/0x10 [ 455.012985][T18211] ? __pfx_vfs_write+0x10/0x10 [ 455.012997][T18211] ? lock_acquire+0x2f/0xb0 [ 455.013009][T18211] ? __fget_files+0x40/0x3b0 [ 455.013028][T18211] ksys_write+0x12b/0x250 [ 455.013041][T18211] ? __pfx_ksys_write+0x10/0x10 [ 455.013055][T18211] __do_fast_syscall_32+0x73/0x120 [ 455.013069][T18211] do_fast_syscall_32+0x32/0x80 [ 455.013082][T18211] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 455.013098][T18211] RIP: 0023:0xf7fa3579 [ 455.013106][T18211] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 455.013115][T18211] RSP: 002b:00000000f50c6520 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 455.013124][T18211] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000a80 [ 455.013130][T18211] RDX: 000000000000fdef RSI: 00000000f742cff4 RDI: 0000000000000000 [ 455.013136][T18211] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 455.013141][T18211] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 455.013147][T18211] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 455.013155][T18211] </TASK> [ 455.414434][T12678] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.603525][T12678] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.683457][T12678] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.813546][T12678] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.889555][T12678] bridge_slave_1: left allmulticast mode [ 455.891212][T12678] bridge_slave_1: left promiscuous mode [ 455.892838][T12678] bridge0: port 2(bridge_slave_1) entered disabled state [ 455.895388][T12678] bridge_slave_0: left allmulticast mode [ 455.896924][T12678] bridge_slave_0: left promiscuous mode [ 455.898508][T12678] bridge0: port 1(bridge_slave_0) entered disabled state [ 456.093527][T12678] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 456.097103][T12678] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 456.099798][T12678] bond0 (unregistering): Released all slaves [ 456.385537][T12678] hsr_slave_0: left promiscuous mode [ 456.387965][T12678] hsr_slave_1: left promiscuous mode [ 456.390291][T12678] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 456.393115][T12678] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 456.395354][T12678] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 456.397334][T12678] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 456.400262][T12678] veth1_macvtap: left allmulticast mode [ 456.402318][T12678] veth1_macvtap: left promiscuous mode [ 456.403770][T12678] veth0_macvtap: left promiscuous mode [ 456.405516][T12678] veth1_vlan: left promiscuous mode [ 456.407576][T12678] veth0_vlan: left promiscuous mode [ 456.565907][T12678] team0 (unregistering): Port device team_slave_1 removed [ 456.601945][T12678] team0 (unregistering): Port device team_slave_0 removed [ 457.207013][T12678] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 457.265520][T12678] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 457.343372][T12678] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 457.394655][T12678] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 457.440795][T12678] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 457.534715][T12678] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 457.604069][T12678] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 457.664627][T12678] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 457.739279][T12678] bridge_slave_0: left allmulticast mode [ 457.740895][T12678] bridge_slave_0: left promiscuous mode [ 457.742588][T12678] bridge0: port 1(bridge_slave_0) entered disabled state [ 457.746151][T12678] bridge_slave_1: left allmulticast mode [ 457.747800][T12678] bridge_slave_1: left promiscuous mode [ 457.749401][T12678] bridge1: port 1(bridge_slave_1) entered disabled state [ 458.175027][T12678] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 458.179133][T12678] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 458.182879][T12678] bond0 (unregistering): Released all slaves [ 458.188318][T12678] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 458.191372][T12678] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 458.194346][T12678] bond0 (unregistering): Released all slaves [ 458.607393][T12678] hsr_slave_0: left promiscuous mode [ 458.609535][T12678] hsr_slave_1: left promiscuous mode [ 458.611202][T12678] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 458.613270][T12678] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 458.615419][T12678] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 458.617443][T12678] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 458.620643][T12678] hsr_slave_0: left promiscuous mode [ 458.622509][T12678] hsr_slave_1: left promiscuous mode [ 458.624157][T12678] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 458.626815][T12678] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 458.629393][T12678] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 458.631431][T12678] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 458.634914][T12678] veth1_macvtap: left promiscuous mode [ 458.636379][T12678] veth0_macvtap: left promiscuous mode [ 458.637930][T12678] veth1_vlan: left promiscuous mode [ 458.639408][T12678] veth0_vlan: left promiscuous mode [ 458.641232][T12678] veth1_macvtap: left promiscuous mode [ 458.642764][T12678] veth0_macvtap: left promiscuous mode [ 458.644291][T12678] veth1_vlan: left promiscuous mode [ 458.645692][T12678] veth0_vlan: left promiscuous mode [ 459.472439][T12678] wg0 (unregistering): left allmulticast mode [ 460.155557][T12678] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.204361][T12678] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.254045][T12678] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.294035][T12678] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.339245][T12678] bridge_slave_1: left allmulticast mode [ 460.340828][T12678] bridge_slave_1: left promiscuous mode [ 460.342499][T12678] bridge0: port 2(bridge_slave_1) entered disabled state [ 460.345168][T12678] bridge_slave_0: left allmulticast mode [ 460.346759][T12678] bridge_slave_0: left promiscuous mode [ 460.348350][T12678] bridge0: port 1(bridge_slave_0) entered disabled state [ 460.455590][T12678] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 460.459505][T12678] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 460.463007][T12678] bond0 (unregistering): Released all slaves [ 460.765687][T12678] hsr_slave_0: left promiscuous mode [ 460.767463][T12678] hsr_slave_1: left promiscuous mode [ 460.769211][T12678] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 460.771364][T12678] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 460.773511][T12678] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 460.775810][T12678] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 460.779971][T12678] veth1_macvtap: left promiscuous mode [ 460.782479][T12678] veth0_macvtap: left promiscuous mode [ 460.784334][T12678] veth1_vlan: left promiscuous mode [ 460.785771][T12678] veth0_vlan: left promiscuous mode [ 460.947410][T12678] team0 (unregistering): Port device team_slave_1 removed [ 460.986262][T12678] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 06:46:30 Registers: info registers vcpu 0 CPU#0 RAX=00000002000008fd RBX=ffff888012138000 RCX=0000000000000830 RDX=0000000000000002 RSI=00000000000000fd RDI=0000000000000002 RBP=0000000000000008 RSP=ffffc900034ff560 R8 =0000000000000000 R9 =fffffbfff20c4ea2 R10=ffffffff90627517 R11=0000000000000004 R12=0000000000000003 R13=1ffff9200069fead R14=0000000000000001 R15=ffffc900034ff588 RIP=ffffffff8167f058 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73c9790 CR3=00000000539c2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000004 00c800a400000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000200000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88802b43ed40 RCX=ffffffff8b585df0 RDX=ffffed1005687da9 RSI=0000000000000002 RDI=ffff88802b43ed42 RBP=0000000000000003 RSP=ffffc9000048fa80 R8 =0000000000000000 R9 =ffffed1005687da8 R10=ffff88802b43ed43 R11=0000000000000000 R12=ffffed1005687da8 R13=0000000000000000 R14=ffff88802b53fc80 R15=0000000000080000 RIP=ffffffff821c4ce8 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080019680 CR3=000000004efa8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000006000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88801ff0af30 RCX=ffff88801ff0af30 RDX=1ffff11003fe15ea RSI=0000000000000000 RDI=ffff88801ff0af50 RBP=dffffc0000000000 RSP=ffffc90003907308 R8 =0000000000000001 R9 =fffffbfff2dd8198 R10=ffffffff96ec0cc7 R11=0000000000000001 R12=ffffed1003fe15e5 R13=ffff88801ff0a440 R14=0000000000000005 R15=0000000000000000 RIP=ffffffff8195d1ed RFL=00000802 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f0db64f3d00 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055ee76bd8e95 CR3=000000004414c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcd49fbbd0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=ff494f8eff494f8e ff494f8eff494f8e ff494f8eff494f8e ff494f8eff494f8e ff494f8eff494f8e ff494f8eff494f8e ff494f8eff494f8e ff494f8eff494f8e ZMM22=621640f7621640f7 621640f7621640f7 621640f7621640f7 621640f7621640f7 621640f7621640f7 621640f7621640f7 621640f7621640f7 621640f7621640f7 ZMM23=c1faa238c1faa238 c1faa238c1faa238 c1faa238c1faa238 c1faa238c1faa238 c1faa238c1faa238 c1faa238c1faa238 c1faa238c1faa238 c1faa238c1faa238 ZMM24=6007473660074736 6007473660074736 6007473660074736 6007473660074736 6007473660074736 6007473660074736 6007473660074736 6007473660074736 ZMM25=2402ca972402ca97 2402ca972402ca97 2402ca972402ca97 2402ca972402ca97 2402ca972402ca97 2402ca972402ca97 2402ca972402ca97 2402ca972402ca97 ZMM26=5b2fa4a95b2fa4a9 5b2fa4a95b2fa4a9 5b2fa4a95b2fa4a9 5b2fa4a95b2fa4a9 5b2fa4a95b2fa4a9 5b2fa4a95b2fa4a9 5b2fa4a95b2fa4a9 5b2fa4a95b2fa4a9 ZMM27=0d1a74320d1a7432 0d1a74320d1a7432 0d1a74320d1a7432 0d1a74320d1a7432 0d1a74320d1a7432 0d1a74320d1a7432 0d1a74320d1a7432 0d1a74320d1a7432 ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=9127000091270000 9127000091270000 9127000091270000 9127000091270000 9127000091270000 9127000091270000 9127000091270000 9127000091270000 info registers vcpu 3 CPU#3 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff853e6e95 RDI=ffffffff9ab70da0 RBP=ffffffff9ab70d60 RSP=ffffc90003726fb0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005 R12=0000000000000000 R13=0000000000000031 R14=ffffffff9ab70d60 R15=0000000000000000 RIP=ffffffff853e6ebf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080010000 CR3=000000006c272000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000