last executing test programs: 16.874531895s ago: executing program 2 (id=44): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 16.775620465s ago: executing program 2 (id=50): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000072000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 16.734505522s ago: executing program 2 (id=52): mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mount$9p_virtio(&(0x7f0000000040), &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x4040, &(0x7f0000000200)={'trans=virtio,', {[{@afid={'afid', 0x3d, 0x8}}]}}) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00') read$FUSE(r0, &(0x7f000000c1c0)={0x2020}, 0x2020) 16.695286885s ago: executing program 2 (id=54): mkdir(&(0x7f0000001c00)='./file0\x00', 0x8) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f0000000340)='./file0\x00') mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, 0x0) 16.579580121s ago: executing program 2 (id=60): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto$unix(r1, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da", 0xe2, 0x800, 0x0, 0x0) 14.581536833s ago: executing program 2 (id=132): mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}}) truncate(&(0x7f0000000040)='./file0\x00', 0x0) 14.537680196s ago: executing program 32 (id=132): mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}}) truncate(&(0x7f0000000040)='./file0\x00', 0x0) 3.683223652s ago: executing program 1 (id=389): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000240)={'wg0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@ipv4_newroute={0x2c, 0x18, 0xaba64f4add525e83, 0x3, 0x0, {0x2, 0x0, 0x10, 0x0, 0x2, 0x2, 0xfe, 0x2}, [@RTA_OIF={0x8, 0x4, r1}, @RTA_PREFSRC={0x8, 0x7, @multicast1}]}, 0x2c}, 0x1, 0xffffff7f}, 0x24004004) 3.645289683s ago: executing program 1 (id=391): r0 = socket$kcm(0x2, 0x5, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x2, 0x0}}, 0x10, &(0x7f00000011c0)=[{&(0x7f0000000280)='#', 0x1}], 0x1}, 0x0) recvmsg$kcm(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f0000000180), 0x43) 2.800747515s ago: executing program 1 (id=406): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_to_team\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newlink={0x48, 0x10, 0x401, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2093}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}}]}, 0x48}}, 0x20000000) 2.799398004s ago: executing program 0 (id=416): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB="200617"], 0x0, 0x0, 0x0, 0x0}, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0) 2.720622051s ago: executing program 1 (id=410): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) syz_usb_connect(0x2, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="120110010928fc10ac059102254301020301090212000100004000090484000003e102"], 0x0) syz_open_dev$evdev(&(0x7f0000000600), 0x6828, 0x0) 1.171630014s ago: executing program 3 (id=435): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000000c0)={0x0, 0x100000}) 1.165504165s ago: executing program 0 (id=436): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x5, 0x28, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000400)={r1}, 0xc) 1.13382419s ago: executing program 0 (id=438): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001200000008000800000001000800090000000000180001801400020076657468305f746f5f626f6e640000000800070000000000080006"], 0x4c}}, 0x0) 1.128498593s ago: executing program 3 (id=439): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000300)={r1}, &(0x7f0000000180)=0x8) 1.059604042s ago: executing program 3 (id=441): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'macvlan0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000380)=ANY=[@ANYBLOB="8400000010000305000000040000000000000000", @ANYRES32=0x0, @ANYBLOB="1546010000000000540012800c0001006d6163766c616e0044000280060002000100000008000100010000000800030003000000080007000500000008000100100000000600020001000000100005800a000400aaaaaaaaaa2e000008000500", @ANYRES32=r1], 0x84}}, 0x20008040) 1.05627036s ago: executing program 0 (id=449): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000004700)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r2, {}, {}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x700) 1.045498853s ago: executing program 3 (id=450): bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sk_reuseport=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001200000008000800000001000800090000000000180001801400020076657468305f746f5f626f6e640000000800070000000000080006"], 0x4c}}, 0x0) 987.443412ms ago: executing program 3 (id=443): openat$sndtimer(0xffffffffffffff9c, &(0x7f00000003c0), 0x121000) r0 = syz_io_uring_setup(0x239, &(0x7f0000001180)={0x0, 0xcd0c, 0x10100, 0xfffffffa, 0x3c1}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) 984.669633ms ago: executing program 3 (id=444): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB="200617"], 0x0, 0x0, 0x0, 0x0}, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0) 921.368787ms ago: executing program 4 (id=445): socket$tipc(0x1e, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000001600), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_PORTS(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001640)={0x1c, r1, 0x1, 0xfffffffe}, 0x1c}}, 0x0) 919.443321ms ago: executing program 4 (id=455): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x40000012}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}) 99.609272ms ago: executing program 1 (id=446): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x5, 0x28, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000400)={r1}, 0xc) 99.465164ms ago: executing program 4 (id=447): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000100001005d790000000000000500000a60000000060a0b0400000000000000000200000234000480300001800b00010074617267657400002000028008000240000000010800030002b511120c0001004e465155455545000900010073797a30000000000900020073797a320000000014000000110001"], 0x88}}, 0x0) close(r0) 97.569253ms ago: executing program 0 (id=457): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000840)={0x7, 0x0, [{0xa, 0x702000, 0x6, 0x2, 0xfcb, 0x5, 0x9}, {0x1, 0x2, 0x3, 0x9, 0x8, 0xfffffffc, 0x7}, {0x80000008, 0xb, 0x1, 0x2, 0x3, 0x4, 0x6}, {0x0, 0x7, 0x3, 0xdc64, 0x4, 0x1ff, 0x2}, {0x40000000, 0xff, 0x1, 0x8, 0x9, 0x9, 0xfffffff9}, {0x2, 0x16, 0x6, 0x4, 0x7f, 0x1, 0xf5eb}, {0x40000001, 0x0, 0x2, 0xa9, 0x1, 0xb}]}) 47.124727ms ago: executing program 1 (id=448): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000000c0)={0x0, 0x100000}) 47.028761ms ago: executing program 4 (id=451): r0 = syz_io_uring_setup(0x1e1e, &(0x7f0000000380)={0x0, 0x86f7, 0x10100, 0x3, 0x38a}, &(0x7f0000002000)=0x0, &(0x7f0000000440)=0x0) r3 = openat$6lowpan_control(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r3, 0xfffffffffffffffd, 0x0, 0x0, 0x22}) io_uring_enter(r0, 0x48e9, 0xf2bb, 0x2, 0x0, 0x0) 44.953657ms ago: executing program 4 (id=452): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000200)={@local, 0x1}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000280)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x420005e, 0x0, 0x9, 0x0, 0x1ffffd}) 1.362218ms ago: executing program 4 (id=453): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r1, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0xd6, 0x1c, 0x7, 0xfe, 0x401, 0x7, 0xa, 0x0, 0x52, 0x8000, 0x7e9, 0x401, 0x5, "cb630dab3a0338057401a192419598961f50dc45c87d55b42a28b8f01c0e0e7a"}}) close_range(r0, 0xffffffffffffffff, 0x0) 0s ago: executing program 0 (id=454): openat$sndtimer(0xffffffffffffff9c, &(0x7f00000003c0), 0x121000) r0 = syz_io_uring_setup(0x239, &(0x7f0000001180)={0x0, 0xcd0c, 0x10100, 0xfffffffa, 0x3c1}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:27073' (ED25519) to the list of known hosts. [ 40.727058][ T5913] cgroup: Unknown subsys name 'net' [ 40.875658][ T5913] cgroup: Unknown subsys name 'cpuset' [ 40.879373][ T5913] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 41.713964][ T5913] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 44.724385][ T5951] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 44.724893][ T5947] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 44.726817][ T5951] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 44.729464][ T5947] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 44.731664][ T5951] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 44.733577][ T5947] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 44.735735][ T5951] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 44.738233][ T5947] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 44.740531][ T5951] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 44.740717][ T5957] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 44.742199][ T5947] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 44.743199][ T5957] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 44.744950][ T63] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 44.745466][ T5958] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 44.745967][ T5958] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 44.747105][ T5947] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 44.748232][ T5951] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 44.748774][ T5951] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 44.753820][ T5957] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 44.755678][ T5951] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 44.999829][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 45.021409][ T5943] chnl_net:caif_netlink_parms(): no params data found [ 45.076779][ T5949] chnl_net:caif_netlink_parms(): no params data found [ 45.100280][ T5952] chnl_net:caif_netlink_parms(): no params data found [ 45.174806][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.177078][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.179431][ T5943] bridge_slave_0: entered allmulticast mode [ 45.182826][ T5943] bridge_slave_0: entered promiscuous mode [ 45.198815][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.201091][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.204161][ T5942] bridge_slave_0: entered allmulticast mode [ 45.206732][ T5942] bridge_slave_0: entered promiscuous mode [ 45.258960][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.261194][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.263623][ T5943] bridge_slave_1: entered allmulticast mode [ 45.266170][ T5943] bridge_slave_1: entered promiscuous mode [ 45.268941][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.271202][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.273733][ T5942] bridge_slave_1: entered allmulticast mode [ 45.276318][ T5942] bridge_slave_1: entered promiscuous mode [ 45.284654][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.286904][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.289121][ T5949] bridge_slave_0: entered allmulticast mode [ 45.291603][ T5949] bridge_slave_0: entered promiscuous mode [ 45.337259][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.339693][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.341935][ T5949] bridge_slave_1: entered allmulticast mode [ 45.345103][ T5949] bridge_slave_1: entered promiscuous mode [ 45.376367][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.381050][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.414507][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.418936][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.436951][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.470199][ T5952] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.473179][ T5952] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.475982][ T5952] bridge_slave_0: entered allmulticast mode [ 45.479060][ T5952] bridge_slave_0: entered promiscuous mode [ 45.484171][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.512423][ T5952] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.515200][ T5952] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.517427][ T5952] bridge_slave_1: entered allmulticast mode [ 45.520034][ T5952] bridge_slave_1: entered promiscuous mode [ 45.538131][ T5942] team0: Port device team_slave_0 added [ 45.541840][ T5943] team0: Port device team_slave_0 added [ 45.573736][ T5942] team0: Port device team_slave_1 added [ 45.576623][ T5943] team0: Port device team_slave_1 added [ 45.593488][ T5952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.597611][ T5949] team0: Port device team_slave_0 added [ 45.626677][ T5952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.630554][ T5949] team0: Port device team_slave_1 added [ 45.688082][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.690293][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.698146][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.703810][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.705968][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.714156][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.745970][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.748573][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.756461][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.760203][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.762399][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.770438][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.775555][ T5952] team0: Port device team_slave_0 added [ 45.777853][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.780374][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.788363][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.803533][ T5952] team0: Port device team_slave_1 added [ 45.806308][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.809129][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.819793][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.931001][ T5942] hsr_slave_0: entered promiscuous mode [ 45.933315][ T5942] hsr_slave_1: entered promiscuous mode [ 45.951150][ T5943] hsr_slave_0: entered promiscuous mode [ 45.953391][ T5943] hsr_slave_1: entered promiscuous mode [ 45.955368][ T5943] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 45.957796][ T5943] Cannot create hsr debugfs directory [ 45.959950][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.962252][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.970378][ T5952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.974699][ T5952] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.976864][ T5952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.984800][ T5952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.991009][ T5949] hsr_slave_0: entered promiscuous mode [ 45.993399][ T5949] hsr_slave_1: entered promiscuous mode [ 45.995383][ T5949] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 45.997705][ T5949] Cannot create hsr debugfs directory [ 46.159478][ T5952] hsr_slave_0: entered promiscuous mode [ 46.161917][ T5952] hsr_slave_1: entered promiscuous mode [ 46.164172][ T5952] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.166549][ T5952] Cannot create hsr debugfs directory [ 46.373053][ T5943] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 46.378882][ T5943] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 46.384644][ T5943] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 46.393571][ T5943] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 46.419685][ T5949] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 46.424130][ T5949] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 46.428841][ T5949] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 46.434887][ T5949] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 46.481816][ T5952] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 46.489257][ T5952] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 46.494421][ T5952] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 46.498622][ T5952] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 46.543646][ T5942] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 46.547664][ T5942] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 46.552244][ T5942] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 46.560803][ T5942] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 46.567192][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.599727][ T5943] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.610547][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.623402][ T90] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.625594][ T90] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.640974][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.644059][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.654967][ T5949] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.666304][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.668477][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.679755][ T90] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.681887][ T90] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.710771][ T5952] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.743204][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 46.748854][ T5952] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.760759][ T90] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.763066][ T90] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.773600][ T90] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.775822][ T90] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.781482][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 46.787750][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.790603][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.801966][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.804783][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.814421][ T5953] Bluetooth: hci0: command tx timeout [ 46.814427][ T5306] Bluetooth: hci3: command tx timeout [ 46.814480][ T5951] Bluetooth: hci1: command tx timeout [ 46.814635][ T5306] Bluetooth: hci2: command tx timeout [ 46.842018][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.881496][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.896022][ T5943] veth0_vlan: entered promiscuous mode [ 46.903464][ T5943] veth1_vlan: entered promiscuous mode [ 46.920879][ T5949] veth0_vlan: entered promiscuous mode [ 46.927563][ T5943] veth0_macvtap: entered promiscuous mode [ 46.934782][ T5943] veth1_macvtap: entered promiscuous mode [ 46.941078][ T5949] veth1_vlan: entered promiscuous mode [ 46.951940][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.958706][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.967708][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.973789][ T5943] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.976637][ T5943] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.979605][ T5943] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.984534][ T5943] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.995822][ T5952] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.011002][ T5949] veth0_macvtap: entered promiscuous mode [ 47.017346][ T5949] veth1_macvtap: entered promiscuous mode [ 47.046358][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.048862][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.054177][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.062487][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.065553][ T5942] veth0_vlan: entered promiscuous mode [ 47.076218][ T5949] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.079768][ T5949] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.083668][ T5949] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.086399][ T5949] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.095492][ T5952] veth0_vlan: entered promiscuous mode [ 47.103698][ T5942] veth1_vlan: entered promiscuous mode [ 47.106444][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.109235][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.117428][ T5952] veth1_vlan: entered promiscuous mode [ 47.140959][ T5943] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 47.150000][ T1149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.150330][ T5952] veth0_macvtap: entered promiscuous mode [ 47.152426][ T1149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.169130][ T5952] veth1_macvtap: entered promiscuous mode [ 47.176075][ T5942] veth0_macvtap: entered promiscuous mode [ 47.184101][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.185491][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.186563][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.190451][ T5942] veth1_macvtap: entered promiscuous mode [ 47.200412][ T5952] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.207992][ T5952] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.210694][ T5952] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.214299][ T5952] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.216986][ T5952] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.221879][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.227608][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.233937][ T5942] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.237287][ T5942] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.240654][ T5942] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.244473][ T5942] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.290789][ T6037] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6'. [ 47.315757][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.318161][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.329642][ T6039] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 47.334494][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.337374][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.350003][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.353473][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.367718][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.370814][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.495622][ T6054] netlink: 'syz.0.11': attribute type 1 has an invalid length. [ 47.887539][ T6083] bridge1: entered promiscuous mode [ 47.895557][ T6087] netlink: 12 bytes leftover after parsing attributes in process `syz.1.26'. [ 47.903883][ T6087] Zero length message leads to an empty skb [ 47.926154][ T6089] capability: warning: `syz.0.28' uses deprecated v2 capabilities in a way that may be insecure [ 48.208458][ T6112] ======================================================= [ 48.208458][ T6112] WARNING: The mand mount option has been deprecated and [ 48.208458][ T6112] and is ignored by this kernel. Remove the mand [ 48.208458][ T6112] option from the mount to silence this warning. [ 48.208458][ T6112] ======================================================= [ 48.226954][ T6112] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 48.232518][ T6112] overlayfs: overlapping lowerdir path [ 48.482887][ T6135] dummy0: entered promiscuous mode [ 48.485335][ T6135] macsec1: entered allmulticast mode [ 48.487137][ T6135] dummy0: entered allmulticast mode [ 48.494582][ T6135] dummy0: left allmulticast mode [ 48.496279][ T6135] dummy0: left promiscuous mode [ 48.893470][ T5951] Bluetooth: hci1: command tx timeout [ 48.902997][ T5951] Bluetooth: hci2: command tx timeout [ 48.904253][ T5953] Bluetooth: hci3: command tx timeout [ 49.359557][ T6204] netlink: 236 bytes leftover after parsing attributes in process `syz.1.80'. [ 49.670211][ T6213] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 50.017320][ T6248] syz.1.103 (6248): /proc/6245/oom_adj is deprecated, please use /proc/6245/oom_score_adj instead. [ 50.071248][ T6256] netlink: 60 bytes leftover after parsing attributes in process `syz.3.106'. [ 50.074520][ T6256] netlink: 60 bytes leftover after parsing attributes in process `syz.3.106'. [ 50.623747][ T6309] netlink: 8 bytes leftover after parsing attributes in process `syz.1.131'. [ 50.631279][ T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 50.642307][ T6309] IPVS: Error joining to the multicast group [ 50.740922][ T6316] macvlan0: entered promiscuous mode [ 50.746268][ T6316] netlink: 'syz.1.136': attribute type 1 has an invalid length. [ 50.816057][ T5957] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 50.819389][ T5957] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 50.821995][ T5957] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 50.824720][ T5957] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 50.827165][ T5957] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 50.869441][ T6330] 8021q: adding VLAN 0 to HW filter on device bond1 [ 50.873541][ T6330] bond0: (slave bond1): Enslaving as an active interface with an up link [ 50.949018][ T6323] chnl_net:caif_netlink_parms(): no params data found [ 50.973009][ T5951] Bluetooth: hci1: command tx timeout [ 50.974814][ T5957] Bluetooth: hci2: command tx timeout [ 50.983186][ T5957] Bluetooth: hci3: command tx timeout [ 51.043036][ T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.048785][ T6323] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.051039][ T6323] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.053308][ T6323] bridge_slave_0: entered allmulticast mode [ 51.055934][ T6323] bridge_slave_0: entered promiscuous mode [ 51.059526][ T6323] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.061751][ T6323] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.067221][ T6323] bridge_slave_1: entered allmulticast mode [ 51.070282][ T6323] bridge_slave_1: entered promiscuous mode [ 51.107927][ T6323] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 51.112304][ T6323] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.124635][ T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.168940][ T6323] team0: Port device team_slave_0 added [ 51.172273][ T6323] team0: Port device team_slave_1 added [ 51.207865][ T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.213865][ T6323] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 51.216028][ T6323] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.223847][ T6323] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 51.228058][ T6323] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 51.230182][ T6323] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.238222][ T6323] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.278434][ T6323] hsr_slave_0: entered promiscuous mode [ 51.280622][ T6323] hsr_slave_1: entered promiscuous mode [ 51.282655][ T6323] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 51.285020][ T6323] Cannot create hsr debugfs directory [ 51.400938][ T13] bridge_slave_1: left allmulticast mode [ 51.404369][ T13] bridge_slave_1: left promiscuous mode [ 51.407507][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.417909][ T13] bridge_slave_0: left allmulticast mode [ 51.420054][ T13] bridge_slave_0: left promiscuous mode [ 51.422132][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.674470][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 51.681665][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 51.686852][ T13] bond0 (unregistering): Released all slaves [ 51.723083][ T6323] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 51.727379][ T6323] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 51.731319][ T6323] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 51.736095][ T6323] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 51.780831][ T6323] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.789805][ T6323] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.798414][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.800923][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.806687][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.809337][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.933220][ T5832] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 51.968204][ T13] hsr_slave_0: left promiscuous mode [ 51.970382][ T13] hsr_slave_1: left promiscuous mode [ 51.972267][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 51.975680][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 51.978498][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 51.980814][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 51.999009][ T13] veth1_macvtap: left promiscuous mode [ 52.000863][ T13] veth0_macvtap: left promiscuous mode [ 52.002661][ T13] veth1_vlan: left promiscuous mode [ 52.004447][ T13] veth0_vlan: left promiscuous mode [ 52.082973][ T5832] usb 8-1: Using ep0 maxpacket: 8 [ 52.097155][ T5832] usb 8-1: unable to get BOS descriptor or descriptor too short [ 52.102663][ T5832] usb 8-1: unable to read config index 0 descriptor/start: -71 [ 52.105123][ T5832] usb 8-1: can't read configurations, error -71 [ 52.401725][ T13] team0 (unregistering): Port device team_slave_1 removed [ 52.444198][ T13] team0 (unregistering): Port device team_slave_0 removed [ 52.800033][ T6323] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.893274][ T5957] Bluetooth: hci0: command tx timeout [ 53.022573][ T6323] veth0_vlan: entered promiscuous mode [ 53.028953][ T6323] veth1_vlan: entered promiscuous mode [ 53.043325][ T6323] veth0_macvtap: entered promiscuous mode [ 53.047234][ T6323] veth1_macvtap: entered promiscuous mode [ 53.059609][ T6323] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 53.065783][ T5957] Bluetooth: hci3: command 0x0419 tx timeout [ 53.068112][ T5951] Bluetooth: hci2: command tx timeout [ 53.068131][ T5306] Bluetooth: hci1: command tx timeout [ 53.074220][ T6436] bridge_slave_0: invalid flags given to default FDB implementation [ 53.083530][ T6323] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 53.092107][ T6323] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.102416][ T6323] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.107271][ T6323] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.109640][ T6323] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.185460][ T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.187836][ T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.209148][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.211632][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.302647][ T40] audit: type=1326 audit(1749719547.055:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.0.174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 53.331018][ T40] audit: type=1326 audit(1749719547.075:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.0.174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 53.339810][ T40] audit: type=1326 audit(1749719547.075:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.0.174" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704e598 code=0x7ffc0000 [ 53.346885][ T40] audit: type=1326 audit(1749719547.075:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.0.174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 53.353485][ T40] audit: type=1326 audit(1749719547.075:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.0.174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 53.361889][ T40] audit: type=1326 audit(1749719547.075:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.0.174" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e579 code=0x7ffc0000 [ 53.369276][ T40] audit: type=1326 audit(1749719547.085:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.0.174" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704e598 code=0x7ffc0000 [ 53.375846][ T40] audit: type=1326 audit(1749719547.085:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.0.174" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704e598 code=0x7ffc0000 [ 53.382074][ T40] audit: type=1326 audit(1749719547.085:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.0.174" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704e598 code=0x7ffc0000 [ 53.389165][ T40] audit: type=1326 audit(1749719547.085:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6453 comm="syz.0.174" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704e598 code=0x7ffc0000 [ 53.407485][ T6470] program syz.1.177 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 53.620774][ T6504] Driver unsupported XDP return value 0 on prog (id 32) dev N/A, expect packet loss! [ 53.715887][ T6522] netlink: 4 bytes leftover after parsing attributes in process `syz.0.197'. [ 53.718658][ T6522] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 53.720920][ T6522] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 53.726516][ T6522] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 53.729125][ T6522] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 53.904153][ T6537] input: syz1 as /devices/virtual/input/input5 [ 54.203824][ T6560] ref_ctr_offset mismatch. inode: 0x1a5 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x4 [ 54.554789][ T6584] Process accounting resumed [ 54.575451][ T6589] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input6 [ 54.685309][ T6605] netlink: 'syz.1.229': attribute type 10 has an invalid length. [ 54.695720][ T6605] team0: Port device syz_tun added [ 54.972938][ T5306] Bluetooth: hci0: command tx timeout [ 55.044005][ T29] kernel read not supported for file /dsp (pid: 29 comm: kworker/1:0) [ 55.132999][ T5306] Bluetooth: hci3: command 0x0419 tx timeout [ 55.818945][ T6666] netlink: 'syz.4.254': attribute type 2 has an invalid length. [ 55.850083][ T6672] process 'syz.0.255' launched './file0' with NULL argv: empty string added [ 56.011542][ T6692] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.227030][ T6718] netlink: 'syz.0.275': attribute type 2 has an invalid length. [ 56.354772][ T6734] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.975207][ T5832] kernel read not supported for file /dsp (pid: 5832 comm: kworker/0:3) [ 57.052990][ T5306] Bluetooth: hci0: command tx timeout [ 57.399041][ T6797] Bluetooth: hci4: Frame reassembly failed (-84) [ 57.401814][ T1140] Bluetooth: hci4: Frame reassembly failed (-84) [ 57.434504][ T6801] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 57.441776][ T6801] vti0: entered promiscuous mode [ 57.582976][ T29] usb 6-1: new low-speed USB device number 2 using dummy_hcd [ 57.744598][ T29] usb 6-1: config 0 has an invalid interface number: 55 but max is 0 [ 57.747196][ T29] usb 6-1: config 0 has no interface number 0 [ 57.749177][ T29] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 57.752505][ T29] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 57.755848][ T29] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 57.759410][ T29] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 57.762813][ T29] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 57.766168][ T29] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 57.770078][ T29] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 57.772816][ T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.777191][ T29] usb 6-1: config 0 descriptor?? [ 57.780268][ T6792] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 57.782602][ T6792] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 57.790252][ T29] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 57.996002][ T838] usb 6-1: USB disconnect, device number 2 [ 57.997941][ C0] ldusb 6-1:0.55: usb_submit_urb failed (-19) [ 57.999076][ T6792] ldusb 6-1:0.55: Couldn't submit interrupt_out_urb -19 [ 58.002288][ T838] ldusb 6-1:0.55: LD USB Device #0 now disconnected [ 59.133809][ T5953] Bluetooth: hci0: command tx timeout [ 59.452961][ T5953] Bluetooth: hci4: command 0x1003 tx timeout [ 59.453301][ T5306] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 60.181702][ T6856] ALSA: mixer_oss: invalid OSS volume '”' [ 60.214323][ T6860] netlink: 4 bytes leftover after parsing attributes in process `syz.4.333'. [ 60.254561][ T5957] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 60.286307][ T6860] team0 (unregistering): Port device team_slave_0 removed [ 60.291576][ T6860] team0 (unregistering): Port device team_slave_1 removed [ 60.407247][ T6879] warning: `syz.4.343' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 60.480406][ T6889] netlink: 4 bytes leftover after parsing attributes in process `syz.3.348'. [ 60.703040][ T5832] usb 9-1: new full-speed USB device number 2 using dummy_hcd [ 60.833955][ T6926] netlink: 8 bytes leftover after parsing attributes in process `syz.0.364'. [ 60.841075][ T6926] macvlan2: entered allmulticast mode [ 60.843303][ T6926] veth1_vlan: entered allmulticast mode [ 60.858369][ T5832] usb 9-1: config 0 has an invalid interface number: 132 but max is 0 [ 60.862720][ T5832] usb 9-1: config 0 has no interface number 0 [ 60.867040][ T5832] usb 9-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 60.870028][ T5832] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 60.872543][ T5832] usb 9-1: Product: syz [ 60.874966][ T5832] usb 9-1: Manufacturer: syz [ 60.876426][ T5832] usb 9-1: SerialNumber: syz [ 60.878045][ T6929] netlink: 4 bytes leftover after parsing attributes in process `syz.0.365'. [ 60.880757][ T5832] usb 9-1: config 0 descriptor?? [ 60.883948][ T5832] hub 9-1:0.132: bad descriptor, ignoring hub [ 60.885929][ T5832] hub 9-1:0.132: probe with driver hub failed with error -5 [ 60.890354][ T5832] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.132/input/input7 [ 60.947166][ T6121] kernel read not supported for file /dsp (pid: 6121 comm: kworker/2:4) [ 62.452710][ T5355] udevd[5355]: worker [6425] terminated by signal 33 (Unknown signal 33) [ 62.455474][ T5355] udevd[5355]: worker [6425] failed while handling '/devices/platform/dummy_udc.0/gadget.0' [ 62.713155][ T60] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 62.772909][ T53] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 62.883085][ T60] usb 5-1: Using ep0 maxpacket: 16 [ 62.886058][ T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 62.889407][ T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 62.893118][ T60] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 62.897131][ T60] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 62.899986][ T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 62.904321][ T60] usb 5-1: config 0 descriptor?? [ 62.934462][ T53] usb 6-1: config 0 has an invalid interface number: 132 but max is 0 [ 62.937008][ T53] usb 6-1: config 0 has no interface number 0 [ 62.940850][ T53] usb 6-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 62.943814][ T53] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 62.946596][ T53] usb 6-1: Product: syz [ 62.947902][ T53] usb 6-1: Manufacturer: syz [ 62.949317][ T53] usb 6-1: SerialNumber: syz [ 62.952640][ T53] usb 6-1: config 0 descriptor?? [ 62.955285][ T53] hub 6-1:0.132: bad descriptor, ignoring hub [ 62.957114][ T53] hub 6-1:0.132: probe with driver hub failed with error -5 [ 62.960805][ T53] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.132/input/input10 [ 63.324049][ T60] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 63.326273][ T60] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 63.328372][ T60] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 63.330477][ T60] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 63.333137][ T60] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 63.339988][ T60] input: HID 0955:7214 Haptics as /devices/virtual/input/input11 [ 63.356062][ T7060] netlink: 11 bytes leftover after parsing attributes in process `syz.4.424'. [ 63.358056][ T60] shield 0003:0955:7214.0002: Registered Thunderstrike controller [ 63.361261][ T60] shield 0003:0955:7214.0002: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.0-1/input0 [ 63.522364][ T7023] random: crng reseeded on system resumption [ 63.538391][ T60] usb 5-1: USB disconnect, device number 2 [ 63.543225][ T1020] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 63.546660][ T1020] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 63.560290][ T1020] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 63.564075][ T1020] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 63.627260][ T7080] netlink: 8 bytes leftover after parsing attributes in process `syz.4.430'. [ 63.634143][ T7080] macvlan2: entered allmulticast mode [ 63.635836][ T7080] veth1_vlan: entered allmulticast mode [ 64.099119][ T7094] syz.4.437 (7094) used greatest stack depth: 20600 bytes left [ 64.151748][ T7103] netlink: 8 bytes leftover after parsing attributes in process `syz.3.441'. [ 64.157765][ T7103] macvlan2: entered allmulticast mode [ 64.159439][ T7103] veth1_vlan: entered allmulticast mode [ 64.203381][ T7107] netlink: 4 bytes leftover after parsing attributes in process `syz.0.449'. [ 64.269818][ T7107] team0 (unregistering): Port device team_slave_0 removed [ 64.274782][ T7107] team0 (unregistering): Port device team_slave_1 removed [ 64.493179][ T60] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 64.616441][ T9] usb 9-1: USB disconnect, device number 2 [ 64.642908][ T60] usb 8-1: Using ep0 maxpacket: 16 [ 64.646267][ T60] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 64.649496][ T60] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 64.652355][ T60] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 64.656392][ T60] usb 8-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 64.659111][ T60] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.662536][ T60] usb 8-1: config 0 descriptor?? [ 65.071867][ T60] shield 0003:0955:7214.0003: unknown main item tag 0x0 [ 65.074164][ T60] shield 0003:0955:7214.0003: unknown main item tag 0x0 [ 65.076302][ T60] shield 0003:0955:7214.0003: unknown main item tag 0x0 [ 65.078362][ T60] shield 0003:0955:7214.0003: unknown main item tag 0x0 [ 65.080522][ T60] shield 0003:0955:7214.0003: unknown main item tag 0x0 [ 65.084654][ T60] input: HID 0955:7214 Haptics as /devices/virtual/input/input12 [ 65.098281][ T60] shield 0003:0955:7214.0003: Registered Thunderstrike controller [ 65.101801][ T60] shield 0003:0955:7214.0003: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.3-1/input0 [ 65.273238][ T7113] random: crng reseeded on system resumption [ 65.284843][ T6027] usb 8-1: USB disconnect, device number 4 [ 65.286735][ T7124] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 65.290198][ T7124] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 65.290487][ T6027] ------------[ cut here ]------------ [ 65.295076][ T7124] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 65.295277][ T6027] workqueue: work disable count underflowed [ 65.298506][ T7124] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 65.300644][ T6027] WARNING: CPU: 1 PID: 6027 at kernel/workqueue.c:4328 enable_work+0x2f8/0x340 [ 65.306965][ T6027] Modules linked in: [ 65.308913][ T6027] CPU: 1 UID: 0 PID: 6027 Comm: kworker/1:3 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(full) SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 65.313193][ T6027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 65.316952][ T6027] Workqueue: usb_hub_wq hub_event [ 65.318573][ T6027] RIP: 0010:enable_work+0x2f8/0x340 [ 65.320162][ T6027] Code: 89 ee e8 bb 02 38 00 45 84 ed 0f 85 29 fe ff ff e8 cd 07 38 00 c6 05 c7 0a ed 0e 01 90 48 c7 c7 80 fe 8b 8b e8 d9 1f f7 ff 90 <0f> 0b 90 90 e9 06 fe ff ff 48 89 ef e8 67 e0 9d 00 e9 aa fe ff ff [ 65.326356][ T6027] RSP: 0018:ffffc90004d773c0 EFLAGS: 00010086 [ 65.328452][ T6027] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a92c8 [ 65.330959][ T6027] RDX: ffff888022af4880 RSI: ffffffff817a92d5 RDI: 0000000000000001 [ 65.333685][ T6027] RBP: ffff88806c4c8730 R08: 0000000000000001 R09: 0000000000000000 [ 65.336291][ T6027] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff920009aee79 [ 65.338860][ T6027] R13: 0000000000000000 R14: ffff88806c4c8728 R15: ffffffff8fc699a0 [ 65.341328][ T6027] FS: 0000000000000000(0000) GS:ffff888097862000(0000) knlGS:0000000000000000 [ 65.344100][ T6027] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 65.346176][ T6027] CR2: 000000002f70fffc CR3: 000000006d068000 CR4: 0000000000352ef0 [ 65.348647][ T6027] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 65.351128][ T6027] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 65.353597][ T6027] Call Trace: [ 65.354635][ T6027] [ 65.355557][ T6027] ? __pfx_enable_work+0x10/0x10 [ 65.357084][ T6027] ? __thermal_zone_cdev_unbind+0x6c/0x6a0 [ 65.358883][ T6027] __cancel_work_sync+0xe7/0x130 [ 65.360394][ T6027] thermal_zone_device_unregister+0x239/0x450 [ 65.362262][ T6027] ? __pfx_shield_remove+0x10/0x10 [ 65.363917][ T6027] power_supply_unregister+0x10a/0x150 [ 65.365753][ T6027] shield_remove+0x75/0x130 [ 65.367309][ T6027] ? __pfx_shield_remove+0x10/0x10 [ 65.369334][ T6027] hid_device_remove+0xce/0x260 [ 65.371268][ T6027] ? __pfx_hid_device_remove+0x10/0x10 [ 65.373223][ T6027] device_remove+0xcb/0x170 [ 65.374910][ T6027] device_release_driver_internal+0x44b/0x620 [ 65.377108][ T6027] bus_remove_device+0x22f/0x420 [ 65.378951][ T6027] device_del+0x396/0x9f0 [ 65.380458][ T6027] ? __pfx_device_del+0x10/0x10 [ 65.382248][ T6027] ? do_raw_spin_lock+0x12c/0x2b0 [ 65.384155][ T6027] ? find_held_lock+0x2b/0x80 [ 65.385705][ T6027] hid_destroy_device+0x19c/0x240 [ 65.387577][ T6027] usbhid_disconnect+0xa0/0xe0 [ 65.389170][ T6027] usb_unbind_interface+0x1dd/0x9a0 [ 65.391127][ T6027] ? kernfs_remove_by_name_ns+0xbe/0x110 [ 65.393279][ T6027] ? __pfx_usb_unbind_interface+0x10/0x10 [ 65.395339][ T6027] device_remove+0x122/0x170 [ 65.397068][ T6027] device_release_driver_internal+0x44b/0x620 [ 65.399263][ T6027] bus_remove_device+0x22f/0x420 [ 65.401024][ T6027] device_del+0x396/0x9f0 [ 65.402422][ T6027] ? __pfx_device_del+0x10/0x10 [ 65.404029][ T6027] ? kobject_put+0x210/0x5a0 [ 65.405698][ T6027] usb_disable_device+0x355/0x7d0 [ 65.407560][ T6027] usb_disconnect+0x2e1/0x920 [ 65.409223][ T6027] hub_event+0x1c57/0x4fa0 [ 65.410793][ T6027] ? __lock_acquire+0xb8a/0x1c90 [ 65.412524][ T6027] ? __pfx_hub_event+0x10/0x10 [ 65.414051][ T6027] ? sm3_block_generic+0x27c0/0x35e0 [ 65.415710][ T6027] ? finish_task_switch.isra.0+0x221/0xc10 [ 65.417552][ T6027] ? rcu_is_watching+0x12/0xc0 [ 65.419064][ T6027] process_one_work+0x9cf/0x1b70 [ 65.420627][ T6027] ? __pfx_process_one_work+0x10/0x10 [ 65.422315][ T6027] ? assign_work+0x1a0/0x250 [ 65.423791][ T6027] worker_thread+0x6c8/0xf10 [ 65.425255][ T6027] ? __kthread_parkme+0x19e/0x250 [ 65.426848][ T6027] ? __pfx_worker_thread+0x10/0x10 [ 65.428455][ T6027] kthread+0x3c2/0x780 [ 65.429768][ T6027] ? __pfx_kthread+0x10/0x10 [ 65.431230][ T6027] ? rcu_is_watching+0x12/0xc0 [ 65.432737][ T6027] ? __pfx_kthread+0x10/0x10 [ 65.434226][ T6027] ret_from_fork+0x5d4/0x6f0 [ 65.435692][ T6027] ? __pfx_kthread+0x10/0x10 [ 65.437105][ T6027] ret_from_fork_asm+0x1a/0x30 [ 65.438731][ T6027] [ 65.439833][ T6027] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 65.442349][ T6027] CPU: 1 UID: 0 PID: 6027 Comm: kworker/1:3 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(full) [ 65.446479][ T6027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 65.450137][ T6027] Workqueue: usb_hub_wq hub_event [ 65.451766][ T6027] Call Trace: [ 65.452918][ T6027] [ 65.453999][ T6027] dump_stack_lvl+0x3d/0x1f0 [ 65.455440][ T6027] panic+0x71c/0x800 [ 65.456661][ T6027] ? __pfx_panic+0x10/0x10 [ 65.458055][ T6027] ? show_trace_log_lvl+0x29b/0x3e0 [ 65.459660][ T6027] ? check_panic_on_warn+0x1f/0xb0 [ 65.461225][ T6027] ? enable_work+0x2f8/0x340 [ 65.462729][ T6027] check_panic_on_warn+0xab/0xb0 [ 65.464417][ T6027] __warn+0xf6/0x3c0 [ 65.465691][ T6027] ? __pfx_vprintk_emit+0x10/0x10 [ 65.467517][ T6027] ? enable_work+0x2f8/0x340 [ 65.469196][ T6027] report_bug+0x3c3/0x580 [ 65.470658][ T6027] ? enable_work+0x2f8/0x340 [ 65.472193][ T6027] handle_bug+0x184/0x210 [ 65.473766][ T6027] exc_invalid_op+0x17/0x50 [ 65.475192][ T6027] asm_exc_invalid_op+0x1a/0x20 [ 65.476861][ T6027] RIP: 0010:enable_work+0x2f8/0x340 [ 65.478814][ T6027] Code: 89 ee e8 bb 02 38 00 45 84 ed 0f 85 29 fe ff ff e8 cd 07 38 00 c6 05 c7 0a ed 0e 01 90 48 c7 c7 80 fe 8b 8b e8 d9 1f f7 ff 90 <0f> 0b 90 90 e9 06 fe ff ff 48 89 ef e8 67 e0 9d 00 e9 aa fe ff ff [ 65.485093][ T6027] RSP: 0018:ffffc90004d773c0 EFLAGS: 00010086 [ 65.487062][ T6027] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a92c8 [ 65.489675][ T6027] RDX: ffff888022af4880 RSI: ffffffff817a92d5 RDI: 0000000000000001 [ 65.492342][ T6027] RBP: ffff88806c4c8730 R08: 0000000000000001 R09: 0000000000000000 [ 65.494942][ T6027] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff920009aee79 [ 65.497494][ T6027] R13: 0000000000000000 R14: ffff88806c4c8728 R15: ffffffff8fc699a0 [ 65.499970][ T6027] ? __warn_printk+0x198/0x350 [ 65.501511][ T6027] ? __warn_printk+0x1a5/0x350 [ 65.503047][ T6027] ? __pfx_enable_work+0x10/0x10 [ 65.504620][ T6027] ? __thermal_zone_cdev_unbind+0x6c/0x6a0 [ 65.506467][ T6027] __cancel_work_sync+0xe7/0x130 [ 65.508033][ T6027] thermal_zone_device_unregister+0x239/0x450 [ 65.509976][ T6027] ? __pfx_shield_remove+0x10/0x10 [ 65.511597][ T6027] power_supply_unregister+0x10a/0x150 [ 65.513322][ T6027] shield_remove+0x75/0x130 [ 65.514785][ T6027] ? __pfx_shield_remove+0x10/0x10 [ 65.516588][ T6027] hid_device_remove+0xce/0x260 [ 65.518449][ T6027] ? __pfx_hid_device_remove+0x10/0x10 [ 65.520234][ T6027] device_remove+0xcb/0x170 [ 65.521843][ T6027] device_release_driver_internal+0x44b/0x620 [ 65.523753][ T6027] bus_remove_device+0x22f/0x420 [ 65.525533][ T6027] device_del+0x396/0x9f0 [ 65.526864][ T6027] ? __pfx_device_del+0x10/0x10 [ 65.528363][ T6027] ? do_raw_spin_lock+0x12c/0x2b0 [ 65.529966][ T6027] ? find_held_lock+0x2b/0x80 [ 65.531389][ T6027] hid_destroy_device+0x19c/0x240 [ 65.532937][ T6027] usbhid_disconnect+0xa0/0xe0 [ 65.534383][ T6027] usb_unbind_interface+0x1dd/0x9a0 [ 65.535966][ T6027] ? kernfs_remove_by_name_ns+0xbe/0x110 [ 65.537695][ T6027] ? __pfx_usb_unbind_interface+0x10/0x10 [ 65.539430][ T6027] device_remove+0x122/0x170 [ 65.540854][ T6027] device_release_driver_internal+0x44b/0x620 [ 65.542728][ T6027] bus_remove_device+0x22f/0x420 [ 65.544239][ T6027] device_del+0x396/0x9f0 [ 65.545571][ T6027] ? __pfx_device_del+0x10/0x10 [ 65.547069][ T6027] ? kobject_put+0x210/0x5a0 [ 65.548486][ T6027] usb_disable_device+0x355/0x7d0 [ 65.550039][ T6027] usb_disconnect+0x2e1/0x920 [ 65.551493][ T6027] hub_event+0x1c57/0x4fa0 [ 65.552880][ T6027] ? __lock_acquire+0xb8a/0x1c90 [ 65.554398][ T6027] ? __pfx_hub_event+0x10/0x10 [ 65.555889][ T6027] ? sm3_block_generic+0x27c0/0x35e0 [ 65.557494][ T6027] ? finish_task_switch.isra.0+0x221/0xc10 [ 65.559300][ T6027] ? rcu_is_watching+0x12/0xc0 [ 65.560879][ T6027] process_one_work+0x9cf/0x1b70 [ 65.562432][ T6027] ? __pfx_process_one_work+0x10/0x10 [ 65.564071][ T6027] ? assign_work+0x1a0/0x250 [ 65.565501][ T6027] worker_thread+0x6c8/0xf10 [ 65.566924][ T6027] ? __kthread_parkme+0x19e/0x250 [ 65.568444][ T6027] ? __pfx_worker_thread+0x10/0x10 [ 65.570059][ T6027] kthread+0x3c2/0x780 [ 65.571321][ T6027] ? __pfx_kthread+0x10/0x10 [ 65.572766][ T6027] ? rcu_is_watching+0x12/0xc0 [ 65.574288][ T6027] ? __pfx_kthread+0x10/0x10 [ 65.575751][ T6027] ret_from_fork+0x5d4/0x6f0 [ 65.577170][ T6027] ? __pfx_kthread+0x10/0x10 [ 65.578635][ T6027] ret_from_fork_asm+0x1a/0x30 [ 65.580131][ T6027] [ 65.592998][ T6027] Kernel Offset: disabled [ 65.594360][ T6027] Rebooting in 86400 seconds.. VM DIAGNOSIS: 09:12:39 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffff88802b341920 RCX=ffffffff81af664d RDX=ffff8880271c4880 RSI=ffffffff81af6629 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc900072f7868 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=dffffc0000000000 R13=0000000000000003 R14=ffffed1005668325 R15=ffff88802b23d080 RIP=ffffffff81bb7976 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097762000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002e81cffc CR3=000000006cbfc000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8557d555 RDI=ffffffff9ae6ca80 RBP=ffffffff9ae6ca40 RSP=ffffc90004d76d30 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=000000000000005b R14=ffffffff9ae6ca40 R15=ffffffff8557d4f0 RIP=ffffffff8557d57f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097862000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002f70fffc CR3=000000006d068000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88802b3438e0 RCX=ffffffff81af664d RDX=ffff88802824a440 RSI=ffffffff81af6629 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc900039f7678 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=dffffc0000000000 R13=0000000000000003 R14=ffffed100566871d R15=ffff88802b43d080 RIP=ffffffff81af662f RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097962000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fcd54b1a6b0 CR3=0000000067f33000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff81f118e0 RDX=0000000000000000 RSI=0000000000000008 RDI=ffffffff90882750 RBP=ffffc90003877ee0 RSP=ffffc90003877dd8 R8 =0000000000000005 R9 =0000000000000007 R10=0000000000000003 R11=0000000000000001 R12=ffff8880210a4880 R13=0000000000000000 R14=0000000000000003 R15=ffff8880210a5df0 RIP=ffffffff822148f0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097a62000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffebadfe388 CR3=000000004ba75000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a 0000002c00000012 0004000000080024 0000000000280030 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001d0 0000001000000000 0000000000000000 0000000000000015 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ca0030656c69662f 2e01ffffffffffff ffffef0805800308 000000af00000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 74732e75706301ff ffffffffffffffed 080280030a800202 0103ae0030656c69 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 662f2e01ffffffff ffffffffef080a80 030fffffffff0228 8080800800108002 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0480020fffffffff 020a0140ca007366 6d617201ffffffff fffffffff3081080 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 030030656c69662f 2e01ffffffffffff ffffef0804800300 080005800204013f ZMM24=44593c8b44593c8b 44593c8b44593c8b 44593c8b44593c8b 44593c8b44593c8b 44593c8b44593c8b 44593c8b44593c8b 44593c8b44593c8b 44593c8b44593c8b ZMM25=ae77bd6aae77bd6a ae77bd6aae77bd6a ae77bd6aae77bd6a ae77bd6aae77bd6a ae77bd6aae77bd6a ae77bd6aae77bd6a ae77bd6aae77bd6a ae77bd6aae77bd6a ZMM26=75f5ffc175f5ffc1 75f5ffc175f5ffc1 75f5ffc175f5ffc1 75f5ffc175f5ffc1 75f5ffc175f5ffc1 75f5ffc175f5ffc1 75f5ffc175f5ffc1 75f5ffc175f5ffc1 ZMM27=26d48ad326d48ad3 26d48ad326d48ad3 26d48ad326d48ad3 26d48ad326d48ad3 26d48ad326d48ad3 26d48ad326d48ad3 26d48ad326d48ad3 26d48ad326d48ad3 ZMM28=00000200000001ff 000001fe000001fd 000001fc000001fb 000001fa000001f9 000001f8000001f7 000001f6000001f5 000001f4000001f3 000001f2000001f1 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=ce060000ce060000 ce060000ce060000 ce060000ce060000 ce060000ce060000 ce060000ce060000 ce060000ce060000 ce060000ce060000 ce060000ce060000