last executing test programs: 6m44.156483589s ago: executing program 32 (id=20209): r0 = syz_open_dev$ttys(0xc, 0x2, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) read$FUSE(r0, 0x0, 0x0) 4m9.936605179s ago: executing program 2 (id=25266): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f00000000c0)={'\x00', 0x8, 0x9e7a, 0xc, 0x1, 0x59c}) ioctl$SG_BLKTRACETEARDOWN(r0, 0x1276, 0x20000000) 4m9.794834616s ago: executing program 2 (id=25273): mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = socket(0x10, 0x803, 0x0) getsockname$packet(r0, 0x0, &(0x7f0000000700)) 4m9.792845827s ago: executing program 2 (id=25275): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0a00000001000000dd00000009"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020205d0af8ff00000000bea100000000000007010000f8ffffffb702000008000000b7030000ffee0000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x54, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 4m9.722935857s ago: executing program 2 (id=25276): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x2}, 0x6) write(r0, &(0x7f0000000340)="0a000300", 0x4) 4m9.722677586s ago: executing program 2 (id=25277): mkdir(&(0x7f0000005800)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 4m9.665085204s ago: executing program 2 (id=25279): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r0, 0x6, 0x1, &(0x7f0000000040)=0xfffe, 0x4) bind$inet(r0, &(0x7f0000003900)={0x2, 0x4e24, @multicast1}, 0x10) 3m53.636176467s ago: executing program 33 (id=25279): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r0, 0x6, 0x1, &(0x7f0000000040)=0xfffe, 0x4) bind$inet(r0, &(0x7f0000003900)={0x2, 0x4e24, @multicast1}, 0x10) 3m36.009161736s ago: executing program 1 (id=26195): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x38, r1, 0x2cb3b0415539fbbb, 0x70bd2b, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x7d}, @void, @val={0xc, 0x99, {0x0, 0x5a}}}}, [@NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x2}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xffffff81}]}, 0x38}, 0x1, 0x0, 0x0, 0x801}, 0x0) 3m35.93640728s ago: executing program 1 (id=26198): ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0x13, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000a0000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 3m35.860897972s ago: executing program 1 (id=26201): munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000f00)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x0, 0x1c, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @remote}, @ib={0x1b, 0x1, 0x0, {"15a82a35c72b55077ec82827906f7f19"}, 0x8001, 0x7, 0x7}}}, 0x118) 3m35.860452147s ago: executing program 1 (id=26203): r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc) setsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000100)={@multicast2, @broadcast}, 0xc) 3m35.795654256s ago: executing program 1 (id=26206): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) fstat(r0, &(0x7f0000000300)) 3m35.720055631s ago: executing program 1 (id=26207): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x2c, r1, 0x1, 0x0, 0x0, {0x23}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}]}]}, 0x2c}}, 0x0) 3m19.724286884s ago: executing program 4 (id=26681): syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x5, 0x97, &(0x7f00000001c0)=""/151}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, &(0x7f00000000c0)='\x00', 0x0, 0x2}, 0x48) 3m19.723927299s ago: executing program 4 (id=26683): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x17}}], 0x10) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000040), 0x4) 3m19.723858695s ago: executing program 34 (id=26207): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x2c, r1, 0x1, 0x0, 0x0, {0x23}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}]}]}, 0x2c}}, 0x0) 3m19.67011562s ago: executing program 4 (id=26686): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x80042, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe) ioctl$TCFLSH(r0, 0x540b, 0x3) 3m19.574450172s ago: executing program 4 (id=26687): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x8) 3m19.57425217s ago: executing program 4 (id=26688): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="2c0000001a00010000000080fbdbdf250a0080fd00000000000000000800010000000000080002"], 0x2c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20000050) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x80}, 0x20000840) 3m19.061837871s ago: executing program 4 (id=26695): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x13, &(0x7f0000001100)=ANY=[@ANYBLOB="1800000055a60701000000000100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000030000078500000086000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 3m18.959007945s ago: executing program 35 (id=26695): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x13, &(0x7f0000001100)=ANY=[@ANYBLOB="1800000055a60701000000000100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000030000078500000086000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 2m56.428862905s ago: executing program 5 (id=27018): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x80042, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe) ioctl$TCFLSH(r0, 0x540b, 0x3) 2m56.334363346s ago: executing program 5 (id=27014): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001880)={'bond_slave_0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0x0, 0xffff}, {0xffff, 0xffff}, {0xc, 0x2}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x3, 0x1, 0x0, 0x2, 0x4}, 0xa4ca, 0x0, 0x2000008, 0x6, 0xfffffffe, 0x18, 0xb, 0x2e, 0x3, 0x9, {0x10001, 0x7fff, 0x2, 0x7, 0x2, 0x7fffffff}}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x9, 0x7, 0xa9, 0x1, 0x1}}, {0x4}}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x4c840}, 0x800) 2m56.258884146s ago: executing program 5 (id=27025): r0 = socket(0x40000000015, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0), 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback, 0xa77}, 0x1c) 2m56.188746778s ago: executing program 5 (id=27019): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x8) 2m56.18376037s ago: executing program 5 (id=27030): r0 = socket$inet6(0xa, 0x3, 0x5) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f00000002c0)=ANY=[], 0x8) getsockopt$inet6_opts(r0, 0x29, 0x39, 0x0, &(0x7f0000000640)) 2m55.655839494s ago: executing program 5 (id=27041): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff024}, {0x20, 0x0, 0x0, 0xff}, {0x6, 0x0, 0x0, 0x6}]}, 0x8) sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f000801}, 0x0) 2m55.588158631s ago: executing program 36 (id=27041): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff024}, {0x20, 0x0, 0x0, 0xff}, {0x6, 0x0, 0x0, 0x6}]}, 0x8) sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f000801}, 0x0) 2m42.945954588s ago: executing program 7 (id=27392): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) sendmsg$NFC_CMD_DISABLE_SE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000ffdbdf251200000008001500c000000008000100bf"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x8880) 2m42.883023013s ago: executing program 7 (id=27393): io_setup(0x7, &(0x7f0000000280)=0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0) io_submit(r0, 0x1, &(0x7f0000000340)=[&(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000140)='-3', 0x2}]) 2m42.795325334s ago: executing program 7 (id=27398): r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) read$FUSE(r0, &(0x7f0000002240)={0x2020}, 0x2020) writev(r0, &(0x7f0000002140)=[{&(0x7f0000000780)="aafd", 0x2}], 0x1) 2m42.721261293s ago: executing program 7 (id=27402): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0xc) 2m42.659803543s ago: executing program 7 (id=27405): r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000003040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000003180)={0x0, 0x0, &(0x7f0000003140)={&(0x7f0000003080)={0x14, r0, 0xe6e964277ae08d57, 0x70bd2c, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x8040000}, 0x90) 2m42.659403196s ago: executing program 8 (id=27406): prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='\x85\xb1\xccBpy\xc1s\xf9\\\x98\xce\xa4g\xd2\xd4\xdei\xa1\x8e\x9c\xe4\x82\x05\xf3u\fe\x87\xa5+8u@6\xefq\xa1\x9a\xfb\x1f$\x19\xd3\xa5r\xcc\x84\xdc\xcfJ\t\x04z\xc9\x89D\xadc\x11@\xdc\xb51\x8a\xc9_\xc3|\xb2^g\xe5Gt\x1e\xc6\x81\xb4\xdd\xd7V\"\x92\xbci\x978\xfce\b\xcc\xf7\'&\xe0\xa2\xb6\xb3\xfc\xd5[\xd9\xf6\xb7\xa8\xa7\xaf\\\xc1\x89]K\x9c\xc9IM\x02tM\x19\xdb\xf2U%L\x11\fx\xd2/*\xa9\xbd2\xd6\x9c+') r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00') read$FUSE(r0, &(0x7f0000001300)={0x2020}, 0x2020) 2m42.564161248s ago: executing program 8 (id=27407): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000a18150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000b000000850000000700000095"], &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000040)="76ea090000000000009ba56a88ca", 0x0, 0x5, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 2m42.562896103s ago: executing program 8 (id=27415): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000007c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x403, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x4c, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x24, 0x3, "7339f2f30455afb9fdd672bad09dfb78c7699c74e891a0c70000000000000000"}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xc, 0x1, 'RATEEST\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040) 2m42.432073613s ago: executing program 8 (id=27419): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0xc) 2m42.34487191s ago: executing program 8 (id=27413): mount$9p_unix(&(0x7f0000003680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000003600)='.\x00', &(0x7f0000003640), 0x2000000, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8923, &(0x7f00000000c0)={'bond_slave_1\x00', @random="0163014030d9"}) 2m42.088493373s ago: executing program 7 (id=27423): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@private0, 0x8000000, 0x0, 0xff, 0x1, 0xffff}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x0, 0xff, 0x3, 0x0, 0x600}, 0x20) 2m42.032633025s ago: executing program 37 (id=27423): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@private0, 0x8000000, 0x0, 0xff, 0x1, 0xffff}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x0, 0xff, 0x3, 0x0, 0x600}, 0x20) 2m40.895367804s ago: executing program 8 (id=27438): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r0, 0x6, &(0x7f0000002000)={0x1}) fcntl$lock(r0, 0x24, &(0x7f0000000000)={0x2, 0x0, 0x1, 0x7fffffff}) 2m40.818352526s ago: executing program 38 (id=27438): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r0, 0x6, &(0x7f0000002000)={0x1}) fcntl$lock(r0, 0x24, &(0x7f0000000000)={0x2, 0x0, 0x1, 0x7fffffff}) 1.350120559s ago: executing program 0 (id=32031): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x1, 0x0, 0x8, 0x4006}) fcntl$lock(r0, 0x7, &(0x7f0000000280)={0x0, 0x1, 0x7, 0x10}) fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x1, 0x2, 0x2, 0xf45}) 1.271992098s ago: executing program 0 (id=32025): r0 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0) poll(&(0x7f0000000380)=[{r0, 0x1200}], 0x1, 0x60000000) ioctl$SNDCTL_SEQ_RESET(r1, 0x5100) 1.057600581s ago: executing program 9 (id=32028): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_CREATE_DEVICE(r1, 0xc018aec0, &(0x7f00000000c0)={0x1}) 912.82211ms ago: executing program 9 (id=32029): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x80) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) rmdir(&(0x7f0000000640)='./file0\x00') 854.608962ms ago: executing program 9 (id=32032): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00') preadv(r0, &(0x7f00000003c0)=[{&(0x7f0000000380)=""/44, 0x2c}], 0x1, 0x0, 0x0) writev(r0, &(0x7f00000003c0), 0x100000000000022d) 751.238684ms ago: executing program 9 (id=32034): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0xfffffffe}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r2}, 0xc) 744.38841ms ago: executing program 6 (id=32036): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/vmallocinfo\x00', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}}) read$char_usb(r0, &(0x7f00000000c0)=""/104, 0x12) 743.395281ms ago: executing program 9 (id=32037): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe0}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x2c, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x200003e1}, @TCA_FQ_QUANTUM={0x8, 0x3, 0x1ff}, @TCA_FQ_ORPHAN_MASK={0x8, 0xa, 0x100}, @TCA_FQ_PLIMIT={0x8, 0x1, 0x47b2}, @TCA_FQ_FLOW_PLIMIT={0x8}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x51}, 0x20040000) 579.078118ms ago: executing program 3 (id=32039): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r1) sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x30, r2, 0x1, 0x70bd25, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x5}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x2}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x4000) 501.96337ms ago: executing program 9 (id=32040): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="4cfe", 0x2}], 0x1}, 0x4015) recvmsg$unix(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x400101a2) recvmsg$unix(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002) 501.159188ms ago: executing program 3 (id=32041): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1fe, 0xa, 0x1, 0x0, 0xfd}) r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0) dup2(r0, r1) 445.658219ms ago: executing program 6 (id=32042): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) ioctl$KVM_SET_MSRS(r2, 0xc048aeca, &(0x7f0000000340)={0x8, 0x0, [{0x16d, 0x0, 0x8}, {0x35a, 0x0, 0xffffffff}, {0xb80, 0x0, 0xd}, {0x9ae, 0x0, 0x3}, {0xb3e, 0x0, 0x8}, {0x36d, 0x0, 0xa7c}, {0x34a, 0x0, 0x85}, {0x9e9, 0x0, 0x2}]}) 354.273606ms ago: executing program 3 (id=32043): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) capset(&(0x7f0000a31000)={0x20080522}, &(0x7f0000000080)) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x14, r1, 0x1, 0x70bd2d, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20000011}, 0x4000810) 298.79318ms ago: executing program 0 (id=32044): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x401, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r2, 0x401c0}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8}, @IFLA_BOND_ALL_SLAVES_ACTIVE={0x5, 0x11, 0x1}]}}}]}, 0x44}}, 0x0) 294.321263ms ago: executing program 3 (id=32045): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) shutdown(r0, 0x198864e9b5e5e9e4) r1 = io_uring_setup(0x47b, &(0x7f0000000ac0)={0x0, 0xfffefffa, 0x80, 0x4, 0x4800020}) close_range(r1, 0xffffffffffffffff, 0x200000000000000) 278.427593ms ago: executing program 6 (id=32046): r0 = syz_open_dev$cec(&(0x7f00000000c0), 0xffffffffffffffff, 0x80243) ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000040)={'\x00\f\x00', 0x0, 0x5, 0x2, 0x0, 0xc, "00000000020000000000002100", "00004702", "0052008f", '\x00', ["fdfeffbf84a438dfc5d5c010", "d78cb8b0211a83be12ff0bff", "0000efffffffffffbfff00", "000003cefd70f14003556000"]}) ioctl$CEC_TRANSMIT(r0, 0xc0386105, &(0x7f0000000100)={0xfffffffffffffff7, 0xffffffffffffffff, 0x6, 0x9, 0x9, 0x7fff, "16b0bc450cfc47961ed5d8167d4f7865", 0x1, 0x52, 0x1, 0x49, 0x9, 0x9, 0xd}) ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000140)={"4497acf4", 0xb, 0x5, 0x0, 0x3, 0x1000006, 'U\x00', "1575a859", "0725eade", '\'q6O', ["aabe8459c62224475793e8a7", "7f9ce2d2c4f439ff80e1d1c8", "fa0700f22b42a3023be516d1"]}) 211.308298ms ago: executing program 3 (id=32047): r0 = getpgid(0x0) r1 = syz_pidfd_open(r0, 0x0) r2 = pidfd_getfd(r1, r1, 0x0) setns(r2, 0x66020000) 208.841964ms ago: executing program 0 (id=32048): bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0xf, &(0x7f0000000500)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x100b0}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x5, 0x5, 0x9fd, 0x85, 0x41}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000180)="ff5fb99772024dca4128654351fb3280df65", 0x800, r0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r0}, 0x38) 149.315908ms ago: executing program 3 (id=32049): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000000b00010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f40)={{0x14}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}, {0x10, 0x1, 0x0, 0x1, @exthdr={{0xb}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x90}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800) 149.010803ms ago: executing program 6 (id=32050): r0 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_udp_int(r0, 0x11, 0xb, &(0x7f0000000200)=0x20000006, 0x4) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e24, @empty}, 0x10) syz_emit_ethernet(0xbe, &(0x7f0000000300)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x68, 0x0, 0x0, 0x88, 0x0, @remote, @local}, {0xfffe, 0x4e24, 0x4d, 0x0, @wg=@initiation={0x1, 0x4, "497a1d08fd3d0ee007022798bb6374ed840b4f36f41fc4d035e9ebe414aa958d", "4bbef5e4007898221aa606d083cd59745493938f1e2de8fdadd3823fedd2c01b2aff03050a4ca5d10fd1b6b06f47ea42", "ef7c9d6a98e3943f6892078bb952854743fe4dddd2e7c0ce70a4ac7d", {"a851525b16af17fe87acbae2ab0b233d", "01422d01cd53c3abe94331d0b7918724"}}}}}}}, 0x0) 78.219451ms ago: executing program 6 (id=32051): sendmsg$IPSET_CMD_PROTOCOL(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x1, 0x6, 0x201, 0x0, 0x0, {0x7, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4040) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = socket(0x1e, 0x4, 0x0) connect$tipc(r0, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10) 77.385077ms ago: executing program 0 (id=32052): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000019c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_ASSOCIATE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x44}, 0x4000040) 70.261874ms ago: executing program 6 (id=32053): r0 = socket$kcm(0x2, 0x1, 0x84) sendmsg$inet(r0, &(0x7f0000002700)={&(0x7f0000000080)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000580)=[{&(0x7f0000000180)="90", 0x1}], 0x1}, 0x8040) sendmsg$inet(r0, &(0x7f0000000400)={&(0x7f00000000c0)={0x2, 0x4e24, @rand_addr=0x64010101}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000100)="c50e", 0x2}], 0x1}, 0x4014) setsockopt$sock_attach_bpf(r0, 0x84, 0xb, 0x0, 0x0) 0s ago: executing program 0 (id=32054): setsockopt$inet6_IPV6_RTHDRDSTOPTS(0xffffffffffffffff, 0x29, 0x37, &(0x7f0000000100)=ANY=[@ANYBLOB="00fe0000000000000730000000020a020700090000000000000008000000000000000400000000000000de1c0000000000000000000000000000c2040000000906b7346cc414b75ece10b9bf0ce0f516d4ce59d675a722771c41beab0a8521da1f825476c90be14399fbc13ab8897161f3cab11c6957a1274d7712a851e55fff014704ed04dcdbc80c6804e84cb098f4b5b4772c0ea8a30007dfde6c18268a7a9088d36b665e50599cf71a16a8842c6db38a301d8125bb1d4de36a4ae9fbe2e7137946b08f6edbb3d8625d5a235ec5403fbc72df81b8248c436364ec3b98ced809122f7539316bd297f870e8369cd131528653e1c838776381ce4669ad1638a4a596ae0281b26ea1c95bc379eeba6ead2ef83c606ebe1abbe6b74363f0022e14704416eda7e9614890ecb4f40fa96e786cd9d4340bfc566d7124f74cc68e2d6781d2d63a29f9757a8a75adaaf5c3bb81a23e01bbff05dca7338f036963d389459d09624a2331e8fd6f03ce84b99735353ff15e2c10fcc55df716a513ff1188b35b2d952c422431c04ad878ce18f412db9d6941ec289cf61ae1e0097daf838756ec6e70aba4822ceaf7ec4791db8c32610b9555031372f85273d6070e4845059492c5edee5dd555a0d674233ae1dcb857aaf4bf0bb5beb2544bf1bf92745be1d1e07c06010f14f04aec0371807c3c89e9d7df90662593943ba32f28b63a2b10207c4873d77d2187783fa97880c63bc54affe9f6ee1874ce93b06148c45b8a13eae8f2b761e86da57399258a0e7289e76d6207a46b5a86c8ff9d815931e23e7e795c75c1f435657f8fe89744bcdde3a07b392b5898555de4f89a4f4361b15ff795a87fbe14f32652cfe2913e668b8eebd2b10d676a0f1e134711c51509d2607a8b16eea6abfbf2d66fa0516d114f73ae0079cf5152cd7ea8b9894b56ab10b848f039d1d60500e0fac42b9aa0165da59a5b244644e552c6fa482bb6975216fd6651e35f0b1f0ff5b6924d3510bff100a6f85e44e15746fefca218e81c751f41dcb99eaee1c4e89186bfbd4fda0c420c50968658a815aab214f829cb6f8aa706b61972aa4af7c475ec3132be46d03a6798c4aaac65f5fd393ed55baaf3617ca922d8c44599865df327a6f50ebb6b2220cb52a75ad1391a0dfae9d6fd12c5a64061f07f927cdd9dc65960f70d6a8fcdb370d100af56892dacc9015d2f00f2d215874512e82ed94bc3ffae545dc9311c1f0c268de5df2cd30ee2388625f52e69b9a35b16c7fb0f5371679233c6b925b340d8e665ea22b2a8525f4793979e349f7ddb2fd24f0a7a4c42f9322e37f54b6ecc3aea2e3b8cd50bdd872e542e0403eae7ea3764869168163ac46a4cf93a50e94b32a543428b1b1bd452ada9f34910d0216c0126f471247b77bf477a90b7346a321d7923df9a0a60dfab679fc7cc8990ca623c05f6034d97d69d0ce4715c4b16d968c2aec8ad5e69bdc7600739cd8e1540fb2b89979bc2ca52da15497fe4d53e3500cccc84514f4410487298b5a030c704f1abcfae5ce04d0b57e6ec487d8f01302a38d010f9a1713201fd8f1fc4a4baddd4ec197387d4aab42508aad5b0c62e9784f2f9f18101543627640f55e471d59c5f862e08d6464d1957af0f9c2224bc2f0af5184547c89a79817b5e103367b750260563bb3356961c7005138cf79b6432ba345c26df571728e148ded8537b173ff9155b2ae760d8303b94827299a6ab6661e36aec4f80fc5dad6ac092958f92d5ba9c45cbf0a0871881d64993eaee870ef143f2fe160499837f21e5d177463ea323314892d13cc7edb222564afae59bea5ba3d70240dd2a2e2a2586824adc5513921ec9c37bc372487c2b4c21bae7bd532050149618f96548bc3959706befe1c1c7f5f2fe65f504171bef9f7bae4839e0cbcf05c172c1e33c179b780478c30693620381b25cd32596b7499de31a07bd175e6334bbd5f0ff0b52a17e997f69840ee98981b29e372d70506f23ccc88e333a75bf4dbdcb0845448782b24fea7e61d59462587971d5daa819412698df99d01cef7c68137d1cc54fd403bae4b3b00d04e1293e77dfcb26909f840bfd"], 0x800) bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0b0000000500000001"], 0x50) r0 = fanotify_init(0x1, 0x80000) write$binfmt_elf64(r0, &(0x7f00000006c0)=ANY=[@ANYBLOB="7f454c4622"], 0x18) 0s ago: executing program 0 (id=32055): syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x0, 0x40002) io_setup(0x8, &(0x7f0000004200)=0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') io_submit(r0, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) kernel console output (not intermixed with test programs): pe 58 has an invalid length. [ 658.882325][T30948] netlink: 27 bytes leftover after parsing attributes in process `syz.8.27244'. [ 659.229367][T30972] binder: 30971:30972 ioctl c018620c 80000140 returned -22 [ 659.308083][ T5943] Bluetooth: hci3: command tx timeout [ 659.523086][ T9] kernel read not supported for file 342/task/343/cmdline (pid: 9 comm: kworker/0:0) [ 659.595053][T31006] binder: 31005:31006 ioctl c018620c 80000140 returned -22 [ 659.626202][T31010] netlink: 4 bytes leftover after parsing attributes in process `syz.8.27272'. [ 659.697147][T31014] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(4) [ 659.699689][T31014] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 659.702464][T31014] vhci_hcd vhci_hcd.0: Device attached [ 659.707569][T31016] vhci_hcd: connection closed [ 659.707788][ T60] vhci_hcd vhci_hcd.8: stop threads [ 659.711187][ T60] vhci_hcd vhci_hcd.8: release socket [ 659.713256][ T60] vhci_hcd vhci_hcd.8: disconnect device [ 659.895486][T31025] Bluetooth: MGMT ver 1.23 [ 660.193927][T31043] F2FS-fs: Conflicting test_dummy_encryption options [ 660.537097][T31077] netlink: 4 bytes leftover after parsing attributes in process `syz.8.27303'. [ 660.848064][T31106] netlink: 12 bytes leftover after parsing attributes in process `syz.3.27314'. [ 660.909172][T31116] netlink: 4 bytes leftover after parsing attributes in process `syz.3.27317'. [ 661.763972][T31196] Bluetooth: MGMT ver 1.23 [ 661.766666][T30144] usb 12-1: new high-speed USB device number 2 using dummy_hcd [ 661.839179][T31202] veth0: Caught tx_queue_len zero misconfig [ 661.960726][T30144] usb 12-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 661.964604][T30144] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 661.966479][T31206] netlink: 12 bytes leftover after parsing attributes in process `syz.8.27361'. [ 661.968520][T30144] usb 12-1: Product: syz [ 661.974617][T30144] usb 12-1: Manufacturer: syz [ 661.976648][T30144] usb 12-1: SerialNumber: syz [ 661.983510][T30144] usb 12-1: config 0 descriptor?? [ 661.988952][T30144] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 661.998014][T30144] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 662.002752][T30144] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 662.006699][T30144] usb 12-1: media controller created [ 662.017825][T30144] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 662.068048][T30144] DVB: Unable to find symbol mt352_attach() [ 662.102595][T30144] DVB: Unable to find symbol nxt6000_attach() [ 662.105174][T30144] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 662.111300][T30144] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.7/usb12/12-1/input/input79 [ 662.116565][T30144] dvb-usb: schedule remote query interval to 1000 msecs. [ 662.119319][T30144] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 662.122607][T30144] dvb-usb: bulk message failed: -22 (7/0) [ 662.124036][T31217] nd_bus ndbus0: __nd_ioctl:bus unknown input size cmd: cmd_call field: 1 [ 662.124503][T30144] dvb-usb: bulk message failed: -22 (7/0) [ 662.213511][T31172] dvb-usb: bulk message failed: -22 (7/0) [ 662.218534][T27719] usb 12-1: USB disconnect, device number 2 [ 662.327869][T27719] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 662.393154][T31240] ªªªªªª speed is unknown, defaulting to 1000 [ 662.484716][T31242] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 662.794229][T31257] netlink: 'syz.7.27383': attribute type 62 has an invalid length. [ 662.846245][T31262] nbd: couldn't find a device at index 0 [ 663.454137][T31314] netlink: 8 bytes leftover after parsing attributes in process `syz.3.27410'. [ 663.463507][T31314] vlan0: entered promiscuous mode [ 663.465665][T31314] dummy0: entered promiscuous mode [ 663.498523][ T5943] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 664.017133][T16292] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 664.024496][T16292] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 664.027630][T16292] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 664.030754][T16292] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 664.034955][T16292] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 664.433969][T16386] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 664.761874][T31346] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 665.115902][T16386] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 665.170264][T31338] ªªªªªª speed is unknown, defaulting to 1000 [ 665.227391][T16292] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 665.232168][T16292] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 665.236804][T16292] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 665.266961][T16292] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 665.272714][T16292] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 665.447225][T16386] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 665.524426][T31375] ªªªªªª speed is unknown, defaulting to 1000 [ 665.788950][T16386] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 665.900685][ T1415] aoe: packet could not be sent on bond0. consider increasing tx_queue_len [ 666.014187][T31338] chnl_net:caif_netlink_parms(): no params data found [ 666.182190][T31375] chnl_net:caif_netlink_parms(): no params data found [ 666.233894][T16386] bridge_slave_1: left allmulticast mode [ 666.235295][ T5943] Bluetooth: hci1: command tx timeout [ 666.243114][T16386] bridge_slave_1: left promiscuous mode [ 666.245790][T16386] bridge0: port 2(bridge_slave_1) entered disabled state [ 666.377904][T16386] bridge_slave_0: left allmulticast mode [ 666.380322][T16386] bridge_slave_0: left promiscuous mode [ 666.382748][T16386] bridge0: port 1(bridge_slave_0) entered disabled state [ 667.240852][T16386] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 667.358432][T16386] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 667.380925][T16386] bond0 (unregistering): Released all slaves [ 667.432727][T16292] Bluetooth: hci3: command tx timeout [ 667.433318][T31338] bridge0: port 1(bridge_slave_0) entered blocking state [ 667.438536][T31338] bridge0: port 1(bridge_slave_0) entered disabled state [ 667.441621][T31338] bridge_slave_0: entered allmulticast mode [ 667.447330][T31338] bridge_slave_0: entered promiscuous mode [ 667.462622][T31338] bridge0: port 2(bridge_slave_1) entered blocking state [ 667.465832][T31338] bridge0: port 2(bridge_slave_1) entered disabled state [ 667.468916][T31338] bridge_slave_1: entered allmulticast mode [ 667.472854][T31338] bridge_slave_1: entered promiscuous mode [ 667.511992][T31338] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 667.523130][T31338] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 667.558998][T31375] bridge0: port 1(bridge_slave_0) entered blocking state [ 667.562961][T31375] bridge0: port 1(bridge_slave_0) entered disabled state [ 667.566274][T31375] bridge_slave_0: entered allmulticast mode [ 667.570459][T31375] bridge_slave_0: entered promiscuous mode [ 667.585837][T31375] bridge0: port 2(bridge_slave_1) entered blocking state [ 667.589247][T31375] bridge0: port 2(bridge_slave_1) entered disabled state [ 667.593125][T31375] bridge_slave_1: entered allmulticast mode [ 667.597520][T31375] bridge_slave_1: entered promiscuous mode [ 667.613835][T31338] team0: Port device team_slave_0 added [ 667.628428][T31338] team0: Port device team_slave_1 added [ 667.636673][T31375] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 667.643430][T31375] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 668.034617][T31375] team0: Port device team_slave_0 added [ 668.075312][T31338] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 668.078229][T31338] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 668.087383][T31338] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 668.093126][T31375] team0: Port device team_slave_1 added [ 668.105449][T31338] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 668.108645][T31338] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 668.120073][T31338] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 668.139961][T31375] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 668.142923][T31375] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 668.152624][T31375] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 668.459035][T16292] Bluetooth: hci1: command tx timeout [ 668.493716][T31375] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 668.496386][T31375] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 668.505206][T31375] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 668.544542][ T5943] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 668.546717][T16292] Bluetooth: hci4: command 0x1003 tx timeout [ 669.102309][T31338] hsr_slave_0: entered promiscuous mode [ 669.105595][T31338] hsr_slave_1: entered promiscuous mode [ 669.108825][T31338] debugfs: 'hsr0' already exists in 'hsr' [ 669.111849][T31338] Cannot create hsr debugfs directory [ 669.160424][T31375] hsr_slave_0: entered promiscuous mode [ 669.163041][T31375] hsr_slave_1: entered promiscuous mode [ 669.165911][T31375] debugfs: 'hsr0' already exists in 'hsr' [ 669.168377][T31375] Cannot create hsr debugfs directory [ 669.474564][T16386] hsr_slave_0: left promiscuous mode [ 669.528053][T16386] hsr_slave_1: left promiscuous mode [ 669.531633][T16386] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 669.534829][T16386] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 669.561469][T16386] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 669.564573][T16386] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 669.635748][T16386] veth1_macvtap: left promiscuous mode [ 669.638174][T16386] veth0_macvtap: left promiscuous mode [ 669.640602][T16386] veth1_vlan: left promiscuous mode [ 669.642921][T16386] veth0_vlan: left promiscuous mode [ 669.656308][ T5943] Bluetooth: hci3: command tx timeout [ 670.458692][T16386] team0 (unregistering): Port device team_slave_1 removed [ 670.533814][T16386] team0 (unregistering): Port device team_slave_0 removed [ 670.683112][ T5943] Bluetooth: hci1: command tx timeout [ 670.840251][T31338] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 671.143416][T31338] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 671.169419][T31338] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 671.212395][T31338] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 671.496944][T31338] 8021q: adding VLAN 0 to HW filter on device bond0 [ 671.508898][T31338] 8021q: adding VLAN 0 to HW filter on device team0 [ 671.513915][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 671.516508][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 671.524033][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 671.527127][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 671.890982][ T5943] Bluetooth: hci3: command tx timeout [ 672.162805][T31338] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 672.782277][T16386] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 672.904119][T31375] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 672.916868][ T5943] Bluetooth: hci1: command tx timeout [ 673.154208][T16386] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 673.209767][T31375] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 673.253100][T31375] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 673.463394][T16386] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 673.485568][T31375] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 673.723038][T16386] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 673.795321][T31338] veth0_vlan: entered promiscuous mode [ 673.809393][T31338] veth1_vlan: entered promiscuous mode [ 673.844923][T31338] veth0_macvtap: entered promiscuous mode [ 673.854115][T31338] veth1_macvtap: entered promiscuous mode [ 673.861016][T31375] 8021q: adding VLAN 0 to HW filter on device bond0 [ 673.881608][T31338] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 673.887568][T31375] 8021q: adding VLAN 0 to HW filter on device team0 [ 673.893861][T31338] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 673.902306][ T119] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 673.918641][T16926] bridge0: port 1(bridge_slave_0) entered blocking state [ 673.921830][T16926] bridge0: port 1(bridge_slave_0) entered forwarding state [ 673.926472][ T119] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 673.933483][ T119] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 673.950396][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 673.952985][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 673.956023][ T119] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 674.025607][T31375] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 674.029060][T31375] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 674.103582][ T5943] Bluetooth: hci3: command tx timeout [ 674.129505][T16386] bridge_slave_1: left allmulticast mode [ 674.131903][T16386] bridge_slave_1: left promiscuous mode [ 674.136693][T16386] bridge0: port 2(bridge_slave_1) entered disabled state [ 674.233541][T16386] bridge_slave_0: left allmulticast mode [ 674.236032][T16386] bridge_slave_0: left promiscuous mode [ 674.238619][T16386] bridge0: port 1(bridge_slave_0) entered disabled state [ 675.151871][T16386] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 675.269399][T16386] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 675.303635][T16386] bond0 (unregistering): Released all slaves [ 675.384145][ T184] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 675.386814][ T184] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 675.423903][ T184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 675.426530][ T184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 675.494696][T31375] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 675.530599][T31375] veth0_vlan: entered promiscuous mode [ 675.549828][T31375] veth1_vlan: entered promiscuous mode [ 675.848140][T31375] veth0_macvtap: entered promiscuous mode [ 675.863950][T31375] veth1_macvtap: entered promiscuous mode [ 675.880732][T31375] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 675.918249][T31375] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 675.928198][ T184] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 675.931218][ T184] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 675.936113][ T184] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 675.939164][ T184] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 676.516340][T16926] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 676.518880][T16926] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 676.574655][T16926] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 676.577516][T16926] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 676.779682][T16386] hsr_slave_0: left promiscuous mode [ 676.798477][T16386] hsr_slave_1: left promiscuous mode [ 676.802006][T16386] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 676.805342][T16386] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 676.855809][T16386] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 676.856305][T31619] netlink: 'syz.3.27487': attribute type 3 has an invalid length. [ 676.858654][T16386] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 676.866555][T31619] netlink: 'syz.3.27487': attribute type 1 has an invalid length. [ 676.869201][T31619] netlink: 224 bytes leftover after parsing attributes in process `syz.3.27487'. [ 676.947997][T16386] veth1_macvtap: left promiscuous mode [ 676.950507][T16386] veth0_macvtap: left promiscuous mode [ 676.952720][T16386] veth1_vlan: left promiscuous mode [ 676.959816][T16386] veth0_vlan: left promiscuous mode [ 677.368006][T31647] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 677.664230][T16386] team0 (unregistering): Port device team_slave_1 removed [ 677.717541][T16386] team0 (unregistering): Port device team_slave_0 removed [ 677.866920][T16292] Bluetooth: hci4: command 0x1003 tx timeout [ 677.870577][ T5943] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 678.150073][T31700] Bluetooth: MGMT ver 1.23 [ 678.300043][T29904] kernel write not supported for file /input/event1 (pid: 29904 comm: kworker/0:5) [ 678.510685][T27056] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 678.560843][T31737] netlink: 24 bytes leftover after parsing attributes in process `syz.9.27544'. [ 678.689777][T27056] usb 5-1: Using ep0 maxpacket: 8 [ 678.701988][T27056] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 678.705435][T27056] usb 5-1: config 0 has no interface number 0 [ 678.708040][T27056] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 678.728180][T27056] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 678.732345][T27056] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 678.738468][T27056] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 678.745506][T27056] usb 5-1: config 0 descriptor?? [ 678.771055][T27056] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 678.887100][T29904] IPVS: starting estimator thread 0... [ 678.902858][T31768] netlink: 16 bytes leftover after parsing attributes in process `syz.9.27555'. [ 678.966545][T31711] iowarrior 5-1:0.1: Error -90 while submitting URB [ 678.978591][T31766] IPVS: using max 41 ests per chain, 98400 per kthread [ 678.982472][T29904] usb 5-1: USB disconnect, device number 6 [ 679.155509][T31785] netlink: 8 bytes leftover after parsing attributes in process `syz.6.27560'. [ 680.227502][T31856] netlink: 8 bytes leftover after parsing attributes in process `syz.3.27579'. [ 680.266239][T31859] hugetlbfs: Bad value 'ßø' for mount option 'size' [ 680.266239][T31859] [ 680.706650][T29904] libceph: connect (1)[c::]:6789 error -101 [ 680.710024][T29904] libceph: mon0 (1)[c::]:6789 connect error [ 680.842476][T31910] GUP no longer grows the stack in syz.3.27606 (31910): 80007000-80008000 (80004000) [ 680.846030][T31910] CPU: 3 UID: 0 PID: 31910 Comm: syz.3.27606 Tainted: G L syzkaller #0 PREEMPT(full) [ 680.846049][T31910] Tainted: [L]=SOFTLOCKUP [ 680.846053][T31910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 680.846060][T31910] Call Trace: [ 680.846066][T31910] [ 680.846071][T31910] dump_stack_lvl+0x100/0x190 [ 680.846091][T31910] gup_vma_lookup.cold+0x83/0x96 [ 680.846108][T31910] fixup_user_fault+0x253/0x510 [ 680.846128][T31910] fault_in_user_writeable+0x70/0xe0 [ 680.846142][T31910] futex_lock_pi+0x682/0x7b0 [ 680.846158][T31910] ? __pfx_futex_lock_pi+0x10/0x10 [ 680.846174][T31910] ? __pfx___futex_wait+0x10/0x10 [ 680.846201][T31910] ? __pfx_futex_wake_mark+0x10/0x10 [ 680.846225][T31910] do_futex+0x18a/0x350 [ 680.846242][T31910] ? __pfx_do_futex+0x10/0x10 [ 680.846260][T31910] ? __vm_munmap+0x1d2/0x390 [ 680.846277][T31910] __ia32_sys_futex_time32+0x2f4/0x470 [ 680.846293][T31910] ? xfd_validate_state+0x129/0x190 [ 680.846307][T31910] ? __pfx___ia32_sys_futex_time32+0x10/0x10 [ 680.846328][T31910] __do_fast_syscall_32+0xe3/0x8c0 [ 680.846342][T31910] do_fast_syscall_32+0x32/0x70 [ 680.846354][T31910] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 680.846368][T31910] RIP: 0023:0xf702ef6c [ 680.846378][T31910] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad [ 680.846388][T31910] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 00000000000000f0 [ 680.846399][T31910] RAX: ffffffffffffffda RBX: 0000000080004000 RCX: 000000000000008d [ 680.846407][T31910] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 680.846414][T31910] RBP: 0000000000000082 R08: 0000000000000000 R09: 0000000000000000 [ 680.846421][T31910] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 680.846427][T31910] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 680.846441][T31910] [ 680.865250][T31912] netlink: 8 bytes leftover after parsing attributes in process `syz.9.27607'. [ 680.991254][T31920] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.27611' resets device [ 681.013288][T28382] libceph: connect (1)[c::]:6789 error -101 [ 681.015240][T28382] libceph: mon0 (1)[c::]:6789 connect error [ 681.072370][T31927] netlink: 4 bytes leftover after parsing attributes in process `syz.3.27614'. [ 681.164257][T31937] usb usb7: usbfs: process 31937 (syz.3.27619) did not claim interface 0 before use [ 681.521568][T31967] CIFS: VFS: Malformed UNC in devname [ 681.556324][T28382] libceph: connect (1)[c::]:6789 error -101 [ 681.560382][T28382] libceph: mon0 (1)[c::]:6789 connect error [ 681.574200][T31898] ceph: No mds server is up or the cluster is laggy [ 681.992149][T32005] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 681.995506][T32005] macvtap1: entered allmulticast mode [ 681.995868][T32005] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 682.103527][T32013] netlink: 8 bytes leftover after parsing attributes in process `syz.6.27654'. [ 682.107558][T32013] netlink: 4 bytes leftover after parsing attributes in process `syz.6.27654'. [ 682.114980][T32013] netlink: 'syz.6.27654': attribute type 14 has an invalid length. [ 682.118793][T32013] netlink: 'syz.6.27654': attribute type 12 has an invalid length. [ 682.226613][T32031] comedi comedi3: driver 'ni_daq_700' does not support attach using comedi_config [ 682.487793][T32056] netlink: 8 bytes leftover after parsing attributes in process `syz.3.27675'. [ 682.491279][T32056] netlink: 20 bytes leftover after parsing attributes in process `syz.3.27675'. [ 682.504903][T32056] geneve4: entered promiscuous mode [ 682.507313][T32056] geneve4: entered allmulticast mode [ 682.609308][T32070] warn_alloc: 3 callbacks suppressed [ 682.609320][T32070] syz.3.27681: page allocation failure: order:10, mode:0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 682.616085][T32070] CPU: 2 UID: 0 PID: 32070 Comm: syz.3.27681 Tainted: G L syzkaller #0 PREEMPT(full) [ 682.616110][T32070] Tainted: [L]=SOFTLOCKUP [ 682.616114][T32070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 682.616122][T32070] Call Trace: [ 682.616126][T32070] [ 682.616131][T32070] dump_stack_lvl+0x100/0x190 [ 682.616150][T32070] warn_alloc.cold+0x95/0x1c1 [ 682.616170][T32070] ? __pfx_warn_alloc+0x10/0x10 [ 682.616190][T32070] ? psi_memstall_leave+0x19c/0x2e0 [ 682.616207][T32070] ? __pfx___might_resched+0x10/0x10 [ 682.616234][T32070] __alloc_frozen_pages_noprof+0xf36/0x2ba0 [ 682.616263][T32070] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 682.616284][T32070] ? aa_file_perm+0x268/0x1530 [ 682.616305][T32070] ? aa_file_perm+0x277/0x1530 [ 682.616322][T32070] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 682.616341][T32070] ? policy_nodemask+0xed/0x4f0 [ 682.616359][T32070] alloc_pages_mpol+0x1fb/0x550 [ 682.616376][T32070] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 682.616392][T32070] ? stack_trace_save+0x8e/0xc0 [ 682.616411][T32070] ? __pfx_stack_trace_save+0x10/0x10 [ 682.616428][T32070] ? stack_depot_save_flags+0x27/0x9d0 [ 682.616445][T32070] ? qrtr_tun_write_iter+0xc1/0x1b0 [ 682.616459][T32070] ___kmalloc_large_node+0x104/0x150 [ 682.616478][T32070] __kmalloc_large_node_noprof+0x1c/0x70 [ 682.616488][T32070] ? common_file_perm+0x1ab/0x4f0 [ 682.616504][T32070] __kmalloc_noprof+0x5be/0x850 [ 682.616523][T32070] qrtr_tun_write_iter+0xc1/0x1b0 [ 682.616538][T32070] aio_write+0x3ba/0x920 [ 682.616556][T32070] ? __pfx_aio_write+0x10/0x10 [ 682.616571][T32070] ? __lock_acquire+0x4a5/0x2630 [ 682.616592][T32070] ? __might_fault+0xc5/0x140 [ 682.616609][T32070] ? io_submit_one+0x1142/0x1fb0 [ 682.616625][T32070] io_submit_one+0x1142/0x1fb0 [ 682.616643][T32070] ? __lock_acquire+0x4a5/0x2630 [ 682.616658][T32070] ? __pfx_io_submit_one+0x10/0x10 [ 682.616679][T32070] ? __might_fault+0xc5/0x140 [ 682.616699][T32070] ? __ia32_compat_sys_io_submit+0x1a7/0x3b0 [ 682.616714][T32070] __ia32_compat_sys_io_submit+0x1a7/0x3b0 [ 682.616731][T32070] ? __pfx___ia32_compat_sys_io_submit+0x10/0x10 [ 682.616746][T32070] ? xfd_validate_state+0x129/0x190 [ 682.616783][T32070] __do_fast_syscall_32+0xe3/0x8c0 [ 682.616803][T32070] do_fast_syscall_32+0x32/0x70 [ 682.616822][T32070] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 682.616845][T32070] RIP: 0023:0xf702ef6c [ 682.616860][T32070] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 58 b8 77 00 00 00 cd 80 0f 0b 8d b6 00 00 00 00 b8 ad [ 682.616877][T32070] RSP: 002b:00000000f541d50c EFLAGS: 00000292 ORIG_RAX: 00000000000000f8 [ 682.616896][T32070] RAX: ffffffffffffffda RBX: 00000000f7f5c000 RCX: 00000000000000e7 [ 682.616906][T32070] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 682.616917][T32070] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 682.616927][T32070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 682.616938][T32070] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 682.616963][T32070] [ 682.616970][T32070] Mem-Info: [ 682.730288][T32070] active_anon:183 inactive_anon:2014 isolated_anon:0 [ 682.730288][T32070] active_file:423 inactive_file:2325 isolated_file:0 [ 682.730288][T32070] unevictable:1768 dirty:242 writeback:0 [ 682.730288][T32070] slab_reclaimable:7495 slab_unreclaimable:64259 [ 682.730288][T32070] mapped:22289 shmem:1774 pagetables:2141 [ 682.730288][T32070] sec_pagetables:342 bounce:0 [ 682.730288][T32070] kernel_misc_reclaimable:0 [ 682.730288][T32070] free:87777 free_pcp:670 free_cma:0 [ 682.744848][T32070] Node 0 active_anon:136kB inactive_anon:92kB active_file:52kB inactive_file:496kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2672kB dirty:128kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8712kB pagetables:1776kB sec_pagetables:1148kB all_unreclaimable? yes Balloon:0kB [ 682.760787][T32070] Node 1 active_anon:596kB inactive_anon:7964kB active_file:1640kB inactive_file:8804kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:86484kB dirty:840kB writeback:0kB shmem:3560kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6640kB pagetables:6788kB sec_pagetables:220kB all_unreclaimable? no Balloon:0kB [ 682.774820][T32070] Node 0 DMA free:2728kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 682.779959][T32084] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 682.789802][T32070] lowmem_reserve[]: 0 285 285 285 285 [ 682.792869][T32070] Node 0 DMA32 free:32700kB boost:16384kB min:29456kB low:32724kB high:35992kB reserved_highatomic:0KB free_highatomic:0KB active_anon:136kB inactive_anon:92kB active_file:52kB inactive_file:496kB unevictable:3536kB writepending:128kB zspages:1084kB present:1032196kB managed:292712kB mlocked:0kB bounce:0kB free_pcp:1164kB local_pcp:224kB free_cma:0kB [ 682.808849][T32070] lowmem_reserve[]: 0 0 0 0 0 [ 682.811605][T32070] Node 1 DMA32 free:315052kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:596kB inactive_anon:7964kB active_file:1640kB inactive_file:8804kB unevictable:3536kB writepending:840kB zspages:5832kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:2088kB local_pcp:780kB free_cma:0kB [ 682.825843][T32070] lowmem_reserve[]: 0 0 0 0 0 [ 682.828394][T32070] Node 0 DMA: 24*4kB (UE) 9*8kB (UE) 18*16kB (U) 11*32kB (UE) 2*64kB (UE) 0*128kB 1*256kB (E) 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 2728kB [ 682.834717][T32070] Node 0 DMA32: 825*4kB (UME) 409*8kB (UME) 196*16kB (UM) 225*32kB (UME) 77*64kB (UME) 40*128kB (UME) 16*256kB (UME) 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 32588kB [ 682.842318][T32070] Node 1 DMA32: 5517*4kB (UME) 5967*8kB (UME) 5745*16kB (UME) 697*32kB (UME) 299*64kB (UME) 114*128kB (UME) 100*256kB (UME) 109*512kB (UM) 15*1024kB (UM) 0*2048kB 0*4096kB = 314524kB [ 682.850530][T32070] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 682.854538][T32070] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 682.858431][T32070] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 682.864634][T32070] Node 1 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 682.868694][T32070] 5249 total pagecache pages [ 682.871017][T32070] 667 pages in swap cache [ 682.873395][T32070] Free swap = 44908kB [ 682.875130][T32070] Total swap = 124996kB [ 682.877513][T32070] 524155 pages RAM [ 682.879060][T32070] 0 pages HighMem/MovableOnly [ 682.881876][T32070] 210084 pages reserved [ 682.883689][T32070] 0 pages cma reserved [ 683.173785][T32114] netlink: 4 bytes leftover after parsing attributes in process `syz.6.27701'. [ 683.295466][T32127] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold [ 683.298995][T31991] IPVS: starting estimator thread 0... [ 683.304237][T32122] bond13: (slave bond_slave_1): Device is not bonding slave [ 683.307243][T32122] bond13: option active_slave: invalid value (bond_slave_1) [ 683.343645][T32122] bond13 (unregistering): Released all slaves [ 683.416177][T32128] IPVS: using max 21 ests per chain, 50400 per kthread [ 683.549027][T32147] netlink: 24 bytes leftover after parsing attributes in process `syz.3.27716'. [ 683.996607][T32197] netlink: 256 bytes leftover after parsing attributes in process `syz.0.27739'. [ 684.000472][T32197] netlink: 'syz.0.27739': attribute type 9 has an invalid length. [ 684.209082][T32216] new mount options do not match the existing superblock, will be ignored [ 684.214527][T32216] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 "" [ 684.456072][T32244] new mount options do not match the existing superblock, will be ignored [ 684.460132][T32244] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 "" [ 684.523434][ T40] audit: type=1326 audit(649.412:22101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32154 comm="syz.9.27719" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7fc00000 [ 685.030079][T32293] comedi comedi3: dt2817: I/O port conflict (0x1,5) [ 685.346665][T32319] comedi comedi3: dt2817: I/O port conflict (0x1,5) [ 685.572073][ T40] audit: type=1326 audit(650.395:22102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32269 comm="syz.6.27777" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7fc00000 [ 685.748775][T32347] veth0_to_hsr: Caught tx_queue_len zero misconfig [ 686.982307][T32372] ceph: No mds server is up or the cluster is laggy [ 687.096021][T32427] genirq: Flags mismatch irq 4. 00200000 (pcl818) vs. 00200080 (ttyS0) [ 687.254590][T32441] 9pnet_virtio: no channels available for device 3$Î~VºÐPÚ [ 687.506766][T28382] libceph: connect (1)[c::]:6789 error -101 [ 687.509767][T28382] libceph: mon0 (1)[c::]:6789 connect error [ 687.799332][T29904] libceph: connect (1)[c::]:6789 error -101 [ 687.801485][T29904] libceph: mon0 (1)[c::]:6789 connect error [ 687.923163][T32470] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.27862'. [ 688.168214][T32486] netlink: 20 bytes leftover after parsing attributes in process `syz.0.27871'. [ 688.346288][T29904] libceph: connect (1)[c::]:6789 error -101 [ 688.348977][T29904] libceph: mon0 (1)[c::]:6789 connect error [ 688.388900][T32454] ceph: No mds server is up or the cluster is laggy [ 688.562882][T32508] genirq: Flags mismatch irq 4. 00200000 (pcl818) vs. 00200080 (ttyS0) [ 690.243201][T32583] netlink: 16 bytes leftover after parsing attributes in process `syz.6.27918'. [ 690.278035][T32587] macsec1: entered promiscuous mode [ 690.281599][T32587] macsec1: entered allmulticast mode [ 690.471204][T32604] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 690.473236][T32604] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 690.583775][T32604] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 690.663894][T32604] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 690.665913][T32604] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 690.781778][T32604] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 690.868351][T32604] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 690.871161][T32604] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 690.974181][T32604] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 692.173437][T32719] program syz.0.27969 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 692.359299][T32734] netlink: 12 bytes leftover after parsing attributes in process `syz.0.27975'. [ 692.514386][T32746] support for cryptoloop has been removed. Use dm-crypt instead. [ 692.610849][T32755] netlink: 4 bytes leftover after parsing attributes in process `syz.3.27986'. [ 692.616432][T32758] tmpfs: Too few inodes for current use [ 692.663607][T16292] Bluetooth: hci0: command 0x0c1a tx timeout [ 692.851802][T16292] Bluetooth: hci1: command 0x0c1a tx timeout [ 692.997373][ T311] random: crng reseeded on system resumption [ 693.090698][ T316] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_vlan, syncid = 0, id = 0 [ 693.103250][T16292] Bluetooth: hci3: command 0x0c1a tx timeout [ 693.316875][ T329] tmpfs: Too few inodes for current use [ 693.937572][ T40] audit: type=1326 audit(658.224:22103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=345 comm="syz.6.28008" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7fc00000 [ 694.650410][ T40] audit: type=1326 audit(658.888:22104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=345 comm="syz.6.28008" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706ef78 code=0x7fc00000 [ 694.886370][T16292] Bluetooth: hci0: command 0x0c1a tx timeout [ 695.067822][T16292] Bluetooth: hci1: command 0x0c1a tx timeout [ 695.236043][ T429] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 695.314369][T16292] Bluetooth: hci3: command 0x0c1a tx timeout [ 695.532647][ T447] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 696.279884][T30918] IPVS: starting estimator thread 0... [ 696.384114][ T481] IPVS: using max 32 ests per chain, 76800 per kthread [ 696.577933][ T502] netlink: 8 bytes leftover after parsing attributes in process `syz.9.28083'. [ 697.024297][ T5943] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 697.024626][T16292] Bluetooth: hci4: command 0x1003 tx timeout [ 697.120832][ T5943] Bluetooth: hci0: command 0x0c1a tx timeout [ 697.291458][ T5943] Bluetooth: hci1: command 0x0c1a tx timeout [ 697.364762][ T40] audit: type=1326 audit(661.423:22105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=538 comm="syz.9.28100" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7fc00000 [ 697.537382][ T5943] Bluetooth: hci3: command 0x0c1a tx timeout [ 698.071897][ T40] audit: type=1326 audit(662.087:22106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=538 comm="syz.9.28100" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fdef78 code=0x7fc00000 [ 698.118858][ T542] netlink: 8 bytes leftover after parsing attributes in process `syz.3.28102'. [ 698.196316][ T548] netlink: 8 bytes leftover after parsing attributes in process `syz.3.28104'. [ 698.583438][ T561] netlink: 8 bytes leftover after parsing attributes in process `syz.3.28118'. [ 698.586797][ T561] netlink: 8 bytes leftover after parsing attributes in process `syz.3.28118'. [ 698.789578][ T574] netlink: 56 bytes leftover after parsing attributes in process `syz.3.28113'. [ 699.771655][ T5943] Bluetooth: hci3: command 0x0c1a tx timeout [ 699.971991][ T614] sock: sock_timestamping_bind_phc: sock not bind to device [ 700.665226][ T648] netlink: 28 bytes leftover after parsing attributes in process `syz.9.28152'. [ 701.233493][ T680] mkiss: ax0: crc mode is auto. [ 701.783268][ T693] ªªªªªª speed is unknown, defaulting to 1000 [ 702.107788][T29659] hid_parser_main: 2 callbacks suppressed [ 702.107807][T29659] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 702.117735][T29659] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 702.120677][T29659] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 702.123386][T29659] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 702.141607][T29659] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 702.144247][T29659] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 702.147768][T29659] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 702.150494][T29659] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 702.153534][T29659] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 702.156876][T29659] hid-generic 0000:0000:0004.0009: unknown main item tag 0x0 [ 702.163618][T29659] hid-generic 0000:0000:0004.0009: hidraw0: HID v0.03 Device [syz1] on syz1 [ 702.285815][ T716] fido_id[716]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 702.716814][ T760] comedi comedi3: multiq3: I/O port conflict (0x8001,16) [ 703.576975][ T827] sg_write: data in/out 41084/1 bytes for SCSI command 0x1c-- guessing data in; [ 703.576975][ T827] program syz.0.28234 not setting count and/or reply_len properly [ 703.731164][ T844] netlink: 65039 bytes leftover after parsing attributes in process `syz.9.28241'. [ 704.072434][ T876] netlink: 'syz.0.28254': attribute type 4 has an invalid length. [ 704.080077][ T876] netlink: 17 bytes leftover after parsing attributes in process `syz.0.28254'. [ 704.362777][ T901] netlink: 'syz.0.28263': attribute type 2 has an invalid length. [ 704.365458][ T901] netlink: 16 bytes leftover after parsing attributes in process `syz.0.28263'. [ 704.368481][ T901] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check. [ 704.435584][ T903] netlink: 4 bytes leftover after parsing attributes in process `syz.0.28264'. [ 704.640168][ T928] netlink: 4 bytes leftover after parsing attributes in process `syz.9.28275'. [ 704.673796][ T930] vlan2: entered allmulticast mode [ 704.675743][ T930] bond0: entered allmulticast mode [ 704.677859][ T930] bond_slave_0: entered allmulticast mode [ 704.681272][ T930] bond_slave_1: entered allmulticast mode [ 704.708268][ T932] ptrace attach of "/syz-executor exec"[31338] was attempted by ""[932] [ 704.742636][ T936] vlan2: entered allmulticast mode [ 704.745130][ T936] bond0: entered allmulticast mode [ 704.747236][ T936] bond_slave_0: entered allmulticast mode [ 704.749570][ T936] bond_slave_1: entered allmulticast mode [ 705.183184][ T995] nbd: must specify an index to disconnect [ 705.460944][ T1009] sctp: [Deprecated]: syz.6.28307 (pid 1009) Use of struct sctp_assoc_value in delayed_ack socket option. [ 705.460944][ T1009] Use struct sctp_sack_info instead [ 705.497350][ T1011] ptrace attach of "/syz-executor exec"[31375] was attempted by ""[1011] [ 705.537139][ T1013] overlayfs: only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed. [ 705.769651][ T1033] comedi comedi3: pcl726: I/O port conflict (0x4f29,16) [ 705.950148][ T1042] tipc: MTU too low for tipc bearer [ 706.116109][ T1060] sctp: [Deprecated]: syz.0.28333 (pid 1060) Use of struct sctp_assoc_value in delayed_ack socket option. [ 706.116109][ T1060] Use struct sctp_sack_info instead [ 706.462664][ T1075] tipc: MTU too low for tipc bearer [ 707.682264][ T1188] netlink: 'syz.0.28383': attribute type 5 has an invalid length. [ 708.073294][ T1227] tipc: Failed to obtain node identity [ 708.075651][ T1227] tipc: Enabling of bearer rejected, failed to enable media [ 708.441398][ T1256] netlink: 28 bytes leftover after parsing attributes in process `syz.6.28416'. [ 708.581685][ T1268] netlink: 277 bytes leftover after parsing attributes in process `syz.0.28423'. [ 708.584881][ T1268] netlink: 277 bytes leftover after parsing attributes in process `syz.0.28423'. [ 709.470010][ T1330] netlink: 120 bytes leftover after parsing attributes in process `syz.6.28452'. [ 709.478905][ T1330] netlink: 'syz.6.28452': attribute type 1 has an invalid length. [ 709.482100][ T1330] netlink: 64 bytes leftover after parsing attributes in process `syz.6.28452'. [ 709.760807][ T40] audit: type=1326 audit(673.022:22107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1359 comm="syz.0.28466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 709.782441][ T40] audit: type=1326 audit(673.022:22108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1359 comm="syz.0.28466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 709.794333][ T40] audit: type=1326 audit(673.031:22109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1359 comm="syz.0.28466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 709.803497][ T40] audit: type=1326 audit(673.031:22110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1359 comm="syz.0.28466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 709.820851][ T40] audit: type=1326 audit(673.031:22111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1359 comm="syz.0.28466" exe="/syz-executor" sig=0 arch=40000003 syscall=233 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 709.829701][ T40] audit: type=1326 audit(673.031:22112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1359 comm="syz.0.28466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 709.839025][ T40] audit: type=1326 audit(673.031:22113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1359 comm="syz.0.28466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 709.850490][ T40] audit: type=1326 audit(673.031:22114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1359 comm="syz.0.28466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 709.860210][ T40] audit: type=1326 audit(673.031:22115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1359 comm="syz.0.28466" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 709.869644][ T40] audit: type=1326 audit(673.031:22116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1359 comm="syz.0.28466" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 710.262807][ T1412] 9p: Invalid gid '0x00000000ffffffff' [ 710.388792][ T1426] mkiss: ax0: crc mode is auto. [ 710.513425][ T5943] Bluetooth: hci0: unexpected event for opcode 0x200c [ 710.806141][ T1457] program syz.0.28509 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 711.157552][T28382] Process accounting resumed [ 711.174303][ T1481] Process accounting resumed [ 711.356497][ T1494] fuse: blksize only supported for fuseblk [ 712.148635][T29904] Process accounting resumed [ 712.158763][ T1529] Process accounting resumed [ 712.717588][ T1558] netlink: 8 bytes leftover after parsing attributes in process `syz.0.28557'. [ 713.226423][ T1597] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 713.395146][ T1603] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 714.587537][ T1692] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 714.625221][ T1696] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 714.853891][ T1710] sp0: Synchronizing with TNC [ 714.952954][ T1715] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 715.326600][T16292] Bluetooth: hci3: command 0x0c1a tx timeout [ 715.351521][ T1758] A link change request failed with some changes committed already. Interface ªªªªªª may have been left with an inconsistent configuration, please check. [ 716.653994][ T1845] ptrace attach of "/syz-executor exec"[1848] was attempted by "/syz-executor exec"[1845] [ 717.121336][ T1879] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.28706'. [ 717.416597][ T1906] netlink: 8 bytes leftover after parsing attributes in process `syz.9.28723'. [ 717.420353][ T1906] netlink: 4 bytes leftover after parsing attributes in process `syz.9.28723'. [ 717.425424][ T1906] netlink: 'syz.9.28723': attribute type 13 has an invalid length. [ 717.428604][ T1906] netlink: 'syz.9.28723': attribute type 11 has an invalid length. [ 717.435665][ T1908] rtc_cmos 00:05: Alarms can be up to one day in the future [ 717.480638][ T1912] netlink: 8 bytes leftover after parsing attributes in process `syz.6.28726'. [ 717.649877][ T1932] ªªªªªª speed is unknown, defaulting to 1000 [ 718.060634][T30918] rtc_cmos 00:05: Alarms can be up to one day in the future [ 718.073462][T30918] rtc_cmos 00:05: Alarms can be up to one day in the future [ 718.085329][T30918] rtc_cmos 00:05: Alarms can be up to one day in the future [ 718.088937][T30918] rtc_cmos 00:05: Alarms can be up to one day in the future [ 718.091380][T30918] rtc rtc0: __rtc_set_alarm: err=-22 [ 718.922596][ T2036] ªªªªªª speed is unknown, defaulting to 1000 [ 719.658465][ T2082] ªªªªªª speed is unknown, defaulting to 1000 [ 720.742125][ T5943] Bluetooth: hci1: unexpected event for opcode 0x202d [ 721.007525][ T40] kauditd_printk_skb: 9 callbacks suppressed [ 721.007538][ T40] audit: type=1326 audit(683.545:22126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2184 comm="syz.3.28853" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 721.018109][ T40] audit: type=1326 audit(683.545:22127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2184 comm="syz.3.28853" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 721.027758][ T40] audit: type=1326 audit(683.555:22128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2184 comm="syz.3.28853" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 721.036684][ T40] audit: type=1326 audit(683.555:22129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2184 comm="syz.3.28853" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 721.045583][ T40] audit: type=1326 audit(683.555:22130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2184 comm="syz.3.28853" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 721.054097][ T40] audit: type=1326 audit(683.555:22131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2184 comm="syz.3.28853" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 721.064403][ T40] audit: type=1326 audit(683.555:22132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2184 comm="syz.3.28853" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 721.073563][ T40] audit: type=1326 audit(683.555:22133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2184 comm="syz.3.28853" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 721.083153][ T40] audit: type=1326 audit(683.555:22134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2184 comm="syz.3.28853" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 721.091365][ T40] audit: type=1326 audit(683.555:22135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2184 comm="syz.3.28853" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 721.104109][ T2190] netlink: 36 bytes leftover after parsing attributes in process `syz.3.28855'. [ 721.506209][ T2209] ªªªªªª speed is unknown, defaulting to 1000 [ 721.930211][T29904] hid-generic FFFF:0008:0003.000A: item fetching failed at offset 0/1 [ 721.937766][T29904] hid-generic FFFF:0008:0003.000A: probe with driver hid-generic failed with error -22 [ 722.160145][ T2239] ªªªªªª speed is unknown, defaulting to 1000 [ 726.602709][T30918] kernel read not supported for file /media0 (pid: 30918 comm: kworker/2:6) [ 727.129258][ T2325] macvlan2: entered promiscuous mode [ 727.131675][ T2325] macvlan2: entered allmulticast mode [ 727.953294][ T2362] netlink: 'syz.6.28931': attribute type 1 has an invalid length. [ 729.260175][ T2409] netlink: 'syz.6.28954': attribute type 4 has an invalid length. [ 729.263774][ T2409] netlink: 240 bytes leftover after parsing attributes in process `syz.6.28954'. [ 729.623262][ T2432] block nbd3: shutting down sockets [ 729.778360][ T2454] xt_socket: unknown flags 0x50 [ 730.108107][ T2480] netlink: 'syz.3.28989': attribute type 11 has an invalid length. [ 730.110678][ T2480] netlink: 199788 bytes leftover after parsing attributes in process `syz.3.28989'. [ 730.216389][ T2490] netlink: 8 bytes leftover after parsing attributes in process `syz.3.28993'. [ 730.837284][ T2526] can0: slcan on ptm0. [ 730.990341][ T2525] can0 (unregistered): slcan off ptm0. [ 731.075638][ T2543] netlink: 12 bytes leftover after parsing attributes in process `syz.9.29018'. [ 731.114651][ T2547] netlink: 4 bytes leftover after parsing attributes in process `syz.9.29019'. [ 731.485129][ T2608] usb usb9: usbfs: process 2608 (syz.0.29043) did not claim interface 16 before use [ 731.578734][ T1415] aoe: packet could not be sent on bond0. consider increasing tx_queue_len [ 732.296917][ T2676] rtc_cmos 00:05: Alarms can be up to one day in the future [ 732.546722][ T2701] bond0: (slave macsec1): Error -34 calling dev_set_mtu [ 732.799725][ T2724] netlink: 'syz.0.29085': attribute type 7 has an invalid length. [ 732.803212][ T2724] netlink: 'syz.0.29085': attribute type 8 has an invalid length. [ 732.824929][ T2731] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 732.893652][ T2737] netlink: 8 bytes leftover after parsing attributes in process `syz.0.29090'. [ 732.897590][ T2737] netlink: 'syz.0.29090': attribute type 5 has an invalid length. [ 732.900832][ T2737] netlink: 'syz.0.29090': attribute type 9 has an invalid length. [ 732.904481][ T2737] netlink: 4 bytes leftover after parsing attributes in process `syz.0.29090'. [ 732.914661][ T2737] geneve2: entered promiscuous mode [ 732.916888][ T2737] geneve2: entered allmulticast mode [ 732.920595][ T60] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 732.925762][ T60] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 732.929363][ T60] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 732.932928][ T60] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 733.003206][ T2752] vlan2: entered promiscuous mode [ 733.005389][ T2752] bridge0: entered promiscuous mode [ 733.176540][ T40] kauditd_printk_skb: 11 callbacks suppressed [ 733.176553][ T40] audit: type=1326 audit(694.920:22147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2781 comm="syz.9.29107" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 733.185432][ T40] audit: type=1326 audit(694.920:22148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2781 comm="syz.9.29107" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 733.193206][ T40] audit: type=1326 audit(694.938:22149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2781 comm="syz.9.29107" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 733.201963][ T40] audit: type=1326 audit(694.938:22150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2781 comm="syz.9.29107" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 733.210810][ T40] audit: type=1326 audit(694.938:22151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2781 comm="syz.9.29107" exe="/syz-executor" sig=0 arch=40000003 syscall=250 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 733.219351][ T40] audit: type=1326 audit(694.938:22152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2781 comm="syz.9.29107" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 733.229153][ T40] audit: type=1326 audit(694.938:22153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2781 comm="syz.9.29107" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 733.351506][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 733.377716][ T2806] netlink: 32 bytes leftover after parsing attributes in process `syz.9.29118'. [ 733.714849][ T2849] netlink: 'syz.0.29134': attribute type 2 has an invalid length. [ 733.843970][ C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 734.016085][ T2901] netlink: 4 bytes leftover after parsing attributes in process `syz.9.29155'. [ 734.027248][ T2901] netlink: 8 bytes leftover after parsing attributes in process `syz.9.29155'. [ 734.752425][ T3032] ALSA: mixer_oss: invalid OSS volume '' [ 734.863449][ T3048] comedi comedi3: pcl812: I/O port conflict (0x4f27,16) [ 734.970623][ T3059] netlink: 4 bytes leftover after parsing attributes in process `syz.6.29217'. [ 734.974947][ T3059] netlink: 8 bytes leftover after parsing attributes in process `syz.6.29217'. [ 735.726032][ T3097] netlink: 28 bytes leftover after parsing attributes in process `syz.6.29235'. [ 735.767532][ T3101] netlink: 32 bytes leftover after parsing attributes in process `syz.6.29237'. [ 735.969448][ T3119] overlayfs: conflicting options: nfs_export=on,index=off [ 736.011962][ T3125] netlink: 32 bytes leftover after parsing attributes in process `syz.3.29248'. [ 736.018529][ T3125] netlink: 32 bytes leftover after parsing attributes in process `syz.3.29248'. [ 736.862486][ T3185] netlink: 'syz.6.29277': attribute type 3 has an invalid length. [ 737.042529][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 738.274470][ T3263] netlink: 68 bytes leftover after parsing attributes in process `syz.6.29312'. [ 738.278887][ T3263] netlink: 16 bytes leftover after parsing attributes in process `syz.6.29312'. [ 738.293900][ T3266] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 738.419348][ C3] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 739.069613][ T3336] xt_l2tp: v2 tid > 0xffff: 37482740 [ 739.760175][ T3402] netlink: 'syz.0.29362': attribute type 2 has an invalid length. [ 739.995464][ T3428] netlink: 'syz.6.29372': attribute type 2 has an invalid length. [ 740.164319][ T3446] IPVS: stopping backup sync thread 316 ... [ 740.214687][T16292] Bluetooth: hci3: command 0x0c1a tx timeout [ 741.585734][ T3497] netlink: 'syz.9.29405': attribute type 1 has an invalid length. [ 741.589061][ T3497] netlink: 216 bytes leftover after parsing attributes in process `syz.9.29405'. [ 741.629527][ T3501] 9p: p9: multiple sources not supported [ 742.245926][ T3583] netlink: 'syz.0.29442': attribute type 1 has an invalid length. [ 742.249166][ T3583] netlink: 216 bytes leftover after parsing attributes in process `syz.0.29442'. [ 742.438632][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 743.095231][ T3650] netlink: 4 bytes leftover after parsing attributes in process `syz.9.29474'. [ 743.116453][ T3652] max out of range [ 743.241003][ T3660] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 743.244502][ T3660] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 743.451989][ T3676] netlink: 12 bytes leftover after parsing attributes in process `syz.9.29487'. [ 743.550037][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 743.875665][ T3698] xt_l2tp: invalid flags combination: 0 [ 744.395660][ T3736] max out of range [ 744.588406][ T3756] random: crng reseeded on system resumption [ 744.672432][ C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 744.704761][ T3769] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 744.708067][ T3769] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 745.324431][ T3827] CUSE: DEVNAME unspecified [ 747.138024][ T3871] netlink: 12 bytes leftover after parsing attributes in process `syz.3.29578'. [ 747.180494][ T3875] random: crng reseeded on system resumption [ 747.383195][ T3900] random: crng reseeded on system resumption [ 748.258350][ T3956] bond_slave_0: Caught tx_queue_len zero misconfig [ 748.342938][ T3962] netlink: 16 bytes leftover after parsing attributes in process `syz.6.29623'. [ 748.530211][ T3986] usb usb7: selecting invalid altsetting 6 [ 748.715582][ T4001] netlink: 8 bytes leftover after parsing attributes in process `syz.6.29639'. [ 748.718588][ T4001] netlink: 4 bytes leftover after parsing attributes in process `syz.6.29639'. [ 748.721483][ T4001] netlink: 'syz.6.29639': attribute type 13 has an invalid length. [ 748.827373][ T4012] binder: 4011:4012 unknown command 1853191215 [ 748.829390][ T4012] binder: 4011:4012 ioctl c0306201 80000080 returned -22 [ 748.882824][ T4018] netlink: 16 bytes leftover after parsing attributes in process `syz.9.29647'. [ 749.258003][ T4048] netlink: 8 bytes leftover after parsing attributes in process `syz.9.29662'. [ 749.262717][ T4048] netlink: 4 bytes leftover after parsing attributes in process `syz.9.29662'. [ 749.266531][ T4048] netlink: 'syz.9.29662': attribute type 13 has an invalid length. [ 749.840503][ T4089] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 750.478181][ T4155] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 750.523613][ T4161] mkiss: ax0: crc mode is auto. [ 750.619375][ T40] audit: type=1326 audit(711.242:22154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4172 comm="syz.9.29721" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x0 [ 750.743707][ T4187] macsec2: entered promiscuous mode [ 750.747345][ T4187] macsec2: entered allmulticast mode [ 751.302632][ T4233] mkiss: ax0: crc mode is auto. [ 751.530428][ T4253] netlink: 12 bytes leftover after parsing attributes in process `syz.3.29753'. [ 751.604490][ T4266] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0 [ 751.925878][ T4290] nbd: must specify a size in bytes for the device [ 751.977793][ T4299] loop5: detected capacity change from 0 to 7 [ 751.996429][ T1713] Dev loop5: unable to read RDB block 7 [ 751.998909][ T1713] loop5: unable to read partition table [ 752.003469][ T1713] loop5: partition table beyond EOD, truncated [ 752.031660][ T4299] Dev loop5: unable to read RDB block 7 [ 752.033506][ T4299] loop5: unable to read partition table [ 752.035272][ T4299] loop5: partition table beyond EOD, truncated [ 752.037242][ T4299] loop_reread_partitions: partition scan of loop5 (úùƒå¡™‰üg¾CêjÌ–ã¢P=×!MX‹ºÐ œëÜ%õ«`Éæ˜Èµ4FLQkÝŠ5) failed (rc=-5) [ 752.326725][ T6006] usb 11-1: new full-speed USB device number 3 using dummy_hcd [ 752.503361][ T6006] usb 11-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 752.503391][ T6006] usb 11-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 752.503409][ T6006] usb 11-1: Product: syz [ 752.503422][ T6006] usb 11-1: Manufacturer: syz [ 752.503437][ T6006] usb 11-1: SerialNumber: syz [ 752.505590][ T6006] usb 11-1: config 0 descriptor?? [ 752.742772][T27719] usb 11-1: USB disconnect, device number 3 [ 752.869088][ T4349] sctp: [Deprecated]: syz.0.29800 (pid 4349) Use of struct sctp_assoc_value in delayed_ack socket option. [ 752.869088][ T4349] Use struct sctp_sack_info instead [ 753.606465][ T4412] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.29831'. [ 754.161466][ T4442] xt_l2tp: wrong L2TP version: 0 [ 754.213371][ T4445] netlink: 12 bytes leftover after parsing attributes in process `syz.3.29846'. [ 754.217487][ T4445] 8021q: VLANs not supported on team0 [ 754.416897][ T4453] xt_l2tp: v2 sid > 0xffff: 1114112 [ 754.485435][ T4455] binder_alloc: binder_alloc_mmap_handler: 4454 80ffd000-80fff000 already mapped failed -16 [ 754.722658][ T4486] netlink: 32 bytes leftover after parsing attributes in process `syz.0.29867'. [ 754.926143][ T4506] ata1.00: invalid command format 189 [ 755.226237][ T4540] tmpfs: Cannot change global quota limit on remount [ 755.728909][ T4583] nftables ruleset with unbound set [ 755.791274][ T5943] Bluetooth: hci3: command 0x0c1a tx timeout [ 755.969711][ T4608] netlink: 12 bytes leftover after parsing attributes in process `syz.6.29926'. [ 755.973731][ T4608] netlink: 12 bytes leftover after parsing attributes in process `syz.6.29926'. [ 756.265704][ T4639] can0: slcan on ptm0. [ 756.389329][ T4638] can0 (unregistered): slcan off ptm0. [ 756.619392][ T4671] ªªªªªª speed is unknown, defaulting to 1000 [ 757.006830][ T4698] netlink: 4 bytes leftover after parsing attributes in process `syz.9.29968'. [ 757.182123][ T4714] netlink: 'syz.9.29976': attribute type 1 has an invalid length. [ 757.185684][ T4714] netlink: 'syz.9.29976': attribute type 3 has an invalid length. [ 757.189016][ T4714] netlink: 172 bytes leftover after parsing attributes in process `syz.9.29976'. [ 757.193116][ T4714] NCSI netlink: No device for ifindex 813332851 [ 757.363124][ T4741] netlink: 'syz.6.29989': attribute type 1 has an invalid length. [ 757.455648][ T4757] Bluetooth: MGMT ver 1.23 [ 757.570732][ T4768] binder: 4766:4768 ioctl c0306201 80000080 returned -22 [ 757.890374][ T4808] xt_l2tp: unknown flags: 51 [ 758.155069][ T4832] netlink: 'syz.0.30029': attribute type 1 has an invalid length. [ 758.379743][ T4860] tmpfs: Cannot enable quota on remount [ 758.407791][ T4862] ªªªªªª speed is unknown, defaulting to 1000 [ 759.152137][ T4925] ªªªªªª speed is unknown, defaulting to 1000 [ 759.530592][ T4960] netlink: 8 bytes leftover after parsing attributes in process `syz.9.30071'. [ 759.541956][ T4960] netlink: 4 bytes leftover after parsing attributes in process `syz.9.30071'. [ 759.545872][ T4960] netlink: 'syz.9.30071': attribute type 15 has an invalid length. [ 759.744919][ T4984] comedi comedi3: pcl818: I/O port conflict (0x4f23,16) [ 760.034766][T29659] usb 14-1: new full-speed USB device number 2 using dummy_hcd [ 760.210709][T29659] usb 14-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 760.213385][T29659] usb 14-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 760.215797][T29659] usb 14-1: Product: syz [ 760.217661][T29659] usb 14-1: Manufacturer: syz [ 760.219254][T29659] usb 14-1: SerialNumber: syz [ 760.222086][T29659] usb 14-1: config 0 descriptor?? [ 760.447696][T29659] usb 14-1: USB disconnect, device number 2 [ 760.536779][ T5040] netlink: 'syz.3.30118': attribute type 3 has an invalid length. [ 760.539852][ T5040] netlink: 44 bytes leftover after parsing attributes in process `syz.3.30118'. [ 760.542803][ T5040] netlink: 'syz.3.30118': attribute type 3 has an invalid length. [ 760.545522][ T5040] netlink: 44 bytes leftover after parsing attributes in process `syz.3.30118'. [ 760.593447][ T5049] netlink: 32 bytes leftover after parsing attributes in process `syz.6.30113'. [ 761.085322][ T5093] xt_l2tp: wrong L2TP version: 0 [ 761.460058][ T5130] sp0: Synchronizing with TNC [ 761.933479][ T5159] netlink: 8 bytes leftover after parsing attributes in process `syz.3.30164'. [ 761.933500][ T5159] netlink: 4 bytes leftover after parsing attributes in process `syz.3.30164'. [ 761.933525][ T5159] netlink: 'syz.3.30164': attribute type 15 has an invalid length. [ 762.456656][ T5193] netlink: 4 bytes leftover after parsing attributes in process `syz.9.30179'. [ 762.559038][ T5193] veth3: entered promiscuous mode [ 762.970076][ T5243] [U] k43° [ 762.981241][ T5248] binder: 5247:5248 ioctl 400c620e 80000240 returned -22 [ 763.020312][ T5250] netlink: 'syz.3.30206': attribute type 5 has an invalid length. [ 763.029864][ T5252] comedi comedi3: comedi_parport: I/O port conflict (0x8001,3) [ 763.231943][ T5269] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 763.391721][T16292] Bluetooth: hci3: command 0x0c1a tx timeout [ 764.420929][ T5346] netlink: 4 bytes leftover after parsing attributes in process `syz.3.30245'. [ 764.957252][ T5412] netlink: 504 bytes leftover after parsing attributes in process `syz.6.30276'. [ 765.054789][ T5423] comedi comedi3: pcl816: I/O port conflict (0x8001,16) [ 765.353417][ T5454] mkiss: ax0: crc mode is auto. [ 765.625981][T16292] Bluetooth: hci3: command 0x0c1a tx timeout [ 765.786551][T16292] Bluetooth: hci0: command 0x0c1a tx timeout [ 766.496305][ T5470] use of bytesused == 0 is deprecated and will be removed in the future, [ 766.500013][ T5470] use the actual size instead. [ 766.542756][ T5477] netlink: 4 bytes leftover after parsing attributes in process `syz.6.30305'. [ 766.774845][ T5503] netlink: 'syz.0.30318': attribute type 1 has an invalid length. [ 766.781330][ T5503] netlink: 96 bytes leftover after parsing attributes in process `syz.0.30318'. [ 766.784849][ T5503] netlink: 1 bytes leftover after parsing attributes in process `syz.0.30318'. [ 766.788479][ T5503] netlink: 'syz.0.30318': attribute type 1 has an invalid length. [ 766.791703][ T5503] netlink: 634 bytes leftover after parsing attributes in process `syz.0.30318'. [ 767.118631][ T5533] netlink: 220 bytes leftover after parsing attributes in process `syz.3.30335'. [ 767.124137][ T5533] netlink: 8 bytes leftover after parsing attributes in process `syz.3.30335'. [ 767.285811][ T5556] UHID_CREATE from different security context by process 1933 (syz.6.30345), this is not allowed. [ 767.534949][ T5574] netlink: 8 bytes leftover after parsing attributes in process `syz.0.30354'. [ 767.584723][ T40] audit: type=1326 audit(727.116:22155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5579 comm="syz.0.30357" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 767.601925][ T40] audit: type=1326 audit(727.125:22156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5579 comm="syz.0.30357" exe="/syz-executor" sig=0 arch=40000003 syscall=164 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 767.608856][ T40] audit: type=1326 audit(727.125:22157): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=5579 comm="syz.0.30357" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 767.616461][ T40] audit: type=1326 audit(727.125:22158): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=5579 comm="syz.0.30357" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 767.712889][ T5595] IPVS: Scheduler module ip_vs_sip not found [ 767.739647][ T5604] netlink: 4 bytes leftover after parsing attributes in process `syz.6.30366'. [ 767.924883][ T5625] netlink: 8 bytes leftover after parsing attributes in process `syz.9.30377'. [ 768.240699][ T5673] binder: 5670:5673 ioctl 541b 0 returned -22 [ 769.153612][ T5700] sp0: Synchronizing with TNC [ 769.189932][ T5706] netlink: 'syz.6.30414': attribute type 14 has an invalid length. [ 769.247060][ T5712] comedi comedi3: pcl730: I/O port conflict (0xc000,4) [ 769.720596][T29595] usb 8-1: new high-speed USB device number 22 using dummy_hcd [ 769.902800][T29595] usb 8-1: too many configurations: 9, using maximum allowed: 8 [ 769.908004][T29595] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 769.911502][T29595] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 769.916169][T29595] usb 8-1: config 0 interface 0 has no altsetting 0 [ 769.919727][T29595] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 769.923297][T29595] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 769.927914][T29595] usb 8-1: config 0 interface 0 has no altsetting 0 [ 769.931686][T29595] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 769.935166][T29595] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 769.939356][T29595] usb 8-1: config 0 interface 0 has no altsetting 0 [ 769.942889][T29595] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 769.947724][T29595] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 769.952175][T29595] usb 8-1: config 0 interface 0 has no altsetting 0 [ 769.955853][T29595] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 769.959685][T29595] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 769.964149][T29595] usb 8-1: config 0 interface 0 has no altsetting 0 [ 769.968589][T29595] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 769.972258][T29595] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 769.976638][T29595] usb 8-1: config 0 interface 0 has no altsetting 0 [ 769.980507][T29595] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 769.984044][T29595] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 769.988544][T29595] usb 8-1: config 0 interface 0 has no altsetting 0 [ 769.992070][T29595] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 769.995618][T29595] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 770.000269][T29595] usb 8-1: config 0 interface 0 has no altsetting 0 [ 770.004664][T29595] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 770.008167][T29595] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 770.011989][T29595] usb 8-1: Product: syz [ 770.013709][T29595] usb 8-1: Manufacturer: syz [ 770.015668][T29595] usb 8-1: SerialNumber: syz [ 770.019096][T29595] usb 8-1: config 0 descriptor?? [ 770.031818][T29595] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0 [ 770.248633][T28382] usb 8-1: USB disconnect, device number 22 [ 770.254415][T28382] yurex 8-1:0.0: USB YUREX #0 now disconnected [ 770.990852][ T5786] sp0: Synchronizing with TNC [ 771.421681][ T5828] __nla_validate_parse: 3 callbacks suppressed [ 771.421699][ T5828] netlink: 4 bytes leftover after parsing attributes in process `syz.9.30467'. [ 771.544487][ T5842] netlink: 20 bytes leftover after parsing attributes in process `syz.6.30473'. [ 771.545313][ T5842] netlink: 56 bytes leftover after parsing attributes in process `syz.6.30473'. [ 771.867855][ T5881] netlink: 'syz.9.30492': attribute type 11 has an invalid length. [ 771.867871][ T5881] netlink: 'syz.9.30492': attribute type 4 has an invalid length. [ 771.867879][ T5881] netlink: 199768 bytes leftover after parsing attributes in process `syz.9.30492'. [ 772.032302][ T40] audit: type=1326 audit(731.269:22159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5899 comm="syz.6.30501" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf706ef6c code=0x0 [ 772.409712][ T5929] netlink: 260 bytes leftover after parsing attributes in process `syz.9.30514'. [ 772.621587][ T5948] sch_tbf: peakrate 1 is lower than or equals to rate 16149960914006595198 ! [ 772.993075][ T5966] netlink: 'syz.6.30528': attribute type 1 has an invalid length. [ 773.043026][ T5970] ALSA: seq fatal error: cannot create timer (-22) [ 773.508287][ T6021] sp0: Synchronizing with TNC [ 773.515722][ T6021] sp0: Found TNC [ 773.521255][ T6020] [U] è` [ 773.717374][ T6032] vlan3: entered allmulticast mode [ 773.719769][ T6032] team0: entered allmulticast mode [ 773.721451][ T6032] team_slave_0: entered allmulticast mode [ 773.723386][ T6032] team_slave_1: entered allmulticast mode [ 774.524901][ T6121] ipvlan2: entered allmulticast mode [ 774.526706][ T6121] dummy0: entered allmulticast mode [ 775.064319][ T6178] sp0: Synchronizing with TNC [ 775.747766][ T6236] random: crng reseeded on system resumption [ 775.775219][T30918] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 775.942742][T30918] usb 5-1: too many configurations: 9, using maximum allowed: 8 [ 775.945959][T30918] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 775.948923][T30918] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 775.952269][T30918] usb 5-1: config 0 interface 0 has no altsetting 0 [ 775.955552][T30918] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 775.959072][T30918] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 775.963574][T30918] usb 5-1: config 0 interface 0 has no altsetting 0 [ 775.969235][T30918] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 775.973041][T30918] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 775.979569][T30918] usb 5-1: config 0 interface 0 has no altsetting 0 [ 775.983568][T30918] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 775.989119][T30918] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 775.993647][T30918] usb 5-1: config 0 interface 0 has no altsetting 0 [ 775.998009][T30918] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 776.001761][T30918] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 776.006333][T30918] usb 5-1: config 0 interface 0 has no altsetting 0 [ 776.010508][T30918] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 776.014295][T30918] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 776.024083][T30918] usb 5-1: config 0 interface 0 has no altsetting 0 [ 776.028823][T30918] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 776.032561][T30918] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 776.039259][T30918] usb 5-1: config 0 interface 0 has no altsetting 0 [ 776.043085][T30918] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 776.046903][T30918] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 776.052335][T30918] usb 5-1: config 0 interface 0 has no altsetting 0 [ 776.057084][T30918] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 776.061560][T30918] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 776.064995][T30918] usb 5-1: Product: syz [ 776.066770][T30918] usb 5-1: Manufacturer: syz [ 776.068742][T30918] usb 5-1: SerialNumber: syz [ 776.073991][T30918] usb 5-1: config 0 descriptor?? [ 776.081153][T30918] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0 [ 776.319712][T29659] usb 5-1: USB disconnect, device number 7 [ 776.325195][T29659] yurex 5-1:0.0: USB YUREX #0 now disconnected [ 777.934084][ T40] audit: type=1326 audit(2000000003.591:22160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6302 comm="syz.0.30679" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 777.952111][ T40] audit: type=1326 audit(2000000003.601:22161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6302 comm="syz.0.30679" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 777.959472][ T40] audit: type=1326 audit(2000000003.601:22162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6302 comm="syz.0.30679" exe="/syz-executor" sig=0 arch=40000003 syscall=435 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 777.984361][ T40] audit: type=1326 audit(2000000003.619:22163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6302 comm="syz.0.30679" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 777.993106][ T40] audit: type=1326 audit(2000000003.638:22164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6306 comm="syz.0.30679" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf717572b code=0x7ffc0000 [ 778.016331][ T40] audit: type=1326 audit(2000000003.657:22165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6302 comm="syz.0.30679" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 778.039837][ T40] audit: type=1326 audit(2000000003.694:22166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6302 comm="syz.0.30679" exe="/syz-executor" sig=0 arch=40000003 syscall=424 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 778.047339][ T40] audit: type=1326 audit(2000000003.694:22167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6302 comm="syz.0.30679" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 778.069254][ T40] audit: type=1326 audit(2000000003.694:22168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6302 comm="syz.0.30679" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 778.381994][T28382] kernel write not supported for file /dsp1 (pid: 28382 comm: kworker/0:2) [ 778.505427][ T6353] ªªªªªª speed is unknown, defaulting to 1000 [ 778.740239][ T6363] netlink: 72 bytes leftover after parsing attributes in process `syz.3.30706'. [ 779.033584][ T6389] netlink: zone id is out of range [ 779.035812][ T6389] netlink: zone id is out of range [ 779.038018][ T6389] netlink: zone id is out of range [ 779.040004][ T6389] netlink: zone id is out of range [ 779.041846][ T6389] netlink: zone id is out of range [ 779.063939][ T6389] netlink: zone id is out of range [ 779.066448][ T6389] netlink: zone id is out of range [ 779.068845][ T6389] netlink: zone id is out of range [ 779.071608][ T6389] netlink: zone id is out of range [ 779.074014][ T6389] netlink: zone id is out of range [ 780.241591][T16292] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 780.245326][T16292] Bluetooth: hci0: command 0x0c1a tx timeout [ 780.648195][ T6507] netlink: 20 bytes leftover after parsing attributes in process `syz.9.30775'. [ 780.651169][ T6507] netlink: 4 bytes leftover after parsing attributes in process `syz.9.30775'. [ 780.680210][ T6511] netlink: 20 bytes leftover after parsing attributes in process `syz.3.30777'. [ 781.208552][ T6549] netlink: 8 bytes leftover after parsing attributes in process `syz.9.30795'. [ 781.583268][ T6580] vivid-007: disconnect [ 781.585785][ T6579] vivid-007: reconnect [ 781.652575][ T6588] ALSA: mixer_oss: invalid OSS volume '—ˆ†åÉY¢¤{õ›´žÜÿ¬¤Uøü°ŽDíÆD ' [ 781.655929][ T6588] ALSA: mixer_oss: invalid OSS volume 'ߧ«4cÑTÆÒÈ󯆩"¦m!lŠT.îšÎ œ¾®ì' [ 781.659385][ T6588] ALSA: mixer_oss: invalid OSS volume 'lg§' [ 781.661294][ T6590] program syz.9.30814 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 781.662133][ T6588] ALSA: mixer_oss: invalid OSS volume 'í)nÃäÃkëKi†·,r‚¾WY\ñZV‰Óå¼÷?J`G' [ 781.662158][ T6588] ALSA: mixer_oss: invalid OSS volume 'kûO0ÍÇòª$ÛÒgÀ¾{ƒpl{ˆúy;_A¸RW§€' [ 781.662169][ T6588] ALSA: mixer_oss: invalid OSS volume 'ò' [ 781.662180][ T6588] ALSA: mixer_oss: invalid OSS volume 'sv«ˆ Fu{Qby>áñh%w¾áõ]' [ 781.662202][ T6588] ALSA: mixer_oss: invalid OSS volume 'ŽEÙ“•= Øv?ïÌ@4Åä8î¶@»híüÉÆL' [ 781.662211][ T6588] ALSA: mixer_oss: invalid OSS volume 'î+­³?>3Iq¡»0:i¸Ýq½|û—UëDœÅ™¯û' [ 781.662225][ T6588] ALSA: mixer_oss: invalid OSS volume 'vÓ·*xrµýN0¡Ü—ƒácŒ†Až‚€åìdâhû' [ 781.662232][ T6588] ALSA: mixer_oss: invalid OSS volume '±äJMÊïé œ%HœJ[~S' [ 781.745018][ T6598] netlink: 7060 bytes leftover after parsing attributes in process `syz.0.30818'. [ 781.915754][ T6619] : entered promiscuous mode [ 782.041939][ T40] audit: type=1326 audit(2000000007.436:22169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.0.30834" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 782.322135][ T6653] dummy0: entered promiscuous mode [ 782.326640][ T6653] dummy0: left promiscuous mode [ 782.840412][ T6699] program syz.3.30865 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 782.850663][ T6702] xt_l2tp: invalid flags combination: 8 [ 782.957584][ T5993] hid_parser_main: 91 callbacks suppressed [ 782.957604][ T5993] hid-generic 00A1:0082:80000004.000B: unknown main item tag 0x0 [ 782.966203][ T5993] hid-generic 00A1:0082:80000004.000B: unknown main item tag 0x0 [ 782.968798][ T5993] hid-generic 00A1:0082:80000004.000B: unknown main item tag 0x0 [ 782.971511][ T5993] hid-generic 00A1:0082:80000004.000B: unknown main item tag 0x0 [ 782.974675][ T5993] hid-generic 00A1:0082:80000004.000B: unknown main item tag 0x0 [ 782.978235][ T5993] hid-generic 00A1:0082:80000004.000B: unknown main item tag 0x0 [ 782.980939][ T5993] hid-generic 00A1:0082:80000004.000B: unknown main item tag 0x0 [ 782.983906][ T5993] hid-generic 00A1:0082:80000004.000B: unknown main item tag 0x0 [ 782.986385][ T5993] hid-generic 00A1:0082:80000004.000B: unknown main item tag 0x0 [ 782.989157][ T5993] hid-generic 00A1:0082:80000004.000B: unknown main item tag 0x0 [ 782.999378][ T5993] hid-generic 00A1:0082:80000004.000B: hidraw0: HID v0.05 Device [syz1] on syz0 [ 783.087682][ T6721] fido_id[6721]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 783.589451][ T6775] netlink: 24 bytes leftover after parsing attributes in process `syz.9.30902'. [ 783.844329][ T6803] tmpfs: Cannot change global quota limit on remount [ 784.600563][ T6855] net_ratelimit: 29 callbacks suppressed [ 784.600578][ T6855] netlink: set zone limit has 4 unknown bytes [ 784.640228][ T6861] can0: slcan on ptm0. [ 784.787457][ T6860] can0 (unregistered): slcan off ptm0. [ 784.965424][ T40] kauditd_printk_skb: 10 callbacks suppressed [ 784.965443][ T40] audit: type=1326 audit(2000000010.167:22180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.30963" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 784.986576][ T40] audit: type=1326 audit(2000000010.167:22181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.30963" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 784.995851][ T40] audit: type=1326 audit(2000000010.177:22182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.30963" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 785.005991][ T40] audit: type=1326 audit(2000000010.177:22183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.30963" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 785.031667][ T40] audit: type=1326 audit(2000000010.177:22184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.30963" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 785.041561][ T40] audit: type=1326 audit(2000000010.177:22185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.30963" exe="/syz-executor" sig=0 arch=40000003 syscall=52 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 785.050762][ T40] audit: type=1326 audit(2000000010.205:22186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.30963" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 785.058834][ T40] audit: type=1326 audit(2000000010.205:22187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6896 comm="syz.0.30963" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f73f6c code=0x7ffc0000 [ 785.138142][ T6912] mkiss: ax0: crc mode is auto. [ 785.856341][ T6954] netlink: 28 bytes leftover after parsing attributes in process `syz.9.30989'. [ 785.955783][ T6960] netlink: 536 bytes leftover after parsing attributes in process `syz.9.30992'. [ 785.960241][ T6960] netlink: 32 bytes leftover after parsing attributes in process `syz.9.30992'. [ 786.322674][ T6974] netlink: 4 bytes leftover after parsing attributes in process `syz.6.30999'. [ 786.482128][ T6992] netlink: 16 bytes leftover after parsing attributes in process `syz.0.31007'. [ 786.705627][ T7024] vivid-007: disconnect [ 786.709935][ T7023] vivid-007: reconnect [ 786.864074][ T7040] xt_bpf: check failed: parse error [ 787.092105][ T7064] PKCS8: Unsupported PKCS#8 version [ 787.658082][ T7117] vcan0: tx address claim with dlc 0 [ 788.570418][ T7170] netlink: 8 bytes leftover after parsing attributes in process `syz.0.31094'. [ 788.577268][ T7170] hsr0: entered promiscuous mode [ 788.580619][ T7170] macvlan2: entered allmulticast mode [ 788.582478][ T7170] hsr0: entered allmulticast mode [ 788.584212][ T7170] hsr_slave_0: entered allmulticast mode [ 788.586118][ T7170] hsr_slave_1: entered allmulticast mode [ 788.789346][ T7187] netlink: 'syz.9.31102': attribute type 21 has an invalid length. [ 788.794601][ T7187] netlink: 128 bytes leftover after parsing attributes in process `syz.9.31102'. [ 788.797671][ T7187] netlink: 3 bytes leftover after parsing attributes in process `syz.9.31102'. [ 788.903061][ T7199] netlink: 4 bytes leftover after parsing attributes in process `syz.6.31108'. [ 788.907520][ T7199] netlink: 4 bytes leftover after parsing attributes in process `syz.6.31108'. [ 789.029838][ T7209] loop7: detected capacity change from 0 to 524255232 [ 789.148078][ T7219] netlink: 'syz.0.31118': attribute type 4 has an invalid length. [ 789.337705][ T7229] nbd2: detected capacity change from 0 to 127 [ 789.344393][ T5943] block nbd2: Receive control failed (result -32) [ 789.348475][ T5701] block nbd2: Send control failed (result -32) [ 789.350912][ T5701] block nbd2: Request send failed, requeueing [ 789.360125][ T35] block nbd2: Dead connection, failed to find a fallback [ 789.364074][ T35] block nbd2: shutting down sockets [ 789.366393][ T35] blk_print_req_error: 95 callbacks suppressed [ 789.366409][ T35] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 789.367761][ T5701] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 789.368721][ T35] buffer_io_error: 95 callbacks suppressed [ 789.368730][ T35] Buffer I/O error on dev nbd2, logical block 0, async page read [ 789.389516][ T5701] Buffer I/O error on dev nbd2, logical block 1, async page read [ 789.395042][ T5701] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 789.398128][ T5701] Buffer I/O error on dev nbd2, logical block 2, async page read [ 789.401138][ T5701] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 789.404409][ T5701] Buffer I/O error on dev nbd2, logical block 3, async page read [ 789.407612][ T5701] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 789.411720][ T5701] Buffer I/O error on dev nbd2, logical block 0, async page read [ 789.414865][ T5701] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 789.418139][ T5701] Buffer I/O error on dev nbd2, logical block 1, async page read [ 789.421245][ T5701] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 789.425148][ T5701] Buffer I/O error on dev nbd2, logical block 2, async page read [ 789.427799][ T5701] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 789.430943][ T5701] Buffer I/O error on dev nbd2, logical block 3, async page read [ 789.434175][ T5701] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 789.437481][ T5701] Buffer I/O error on dev nbd2, logical block 0, async page read [ 789.440322][ T5701] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 789.443462][ T5701] Buffer I/O error on dev nbd2, logical block 1, async page read [ 789.447168][ T5701] ldm_validate_partition_table(): Disk read failed. [ 789.449474][ T5701] Dev nbd2: unable to read RDB block 0 [ 789.451470][ T5701] nbd2: unable to read partition table [ 789.456775][ T5701] ldm_validate_partition_table(): Disk read failed. [ 789.460395][ T5701] Dev nbd2: unable to read RDB block 0 [ 789.464504][ T5701] nbd2: unable to read partition table [ 789.853092][ T7256] cifs: Unknown parameter 'mode' [ 789.855313][ T7256] CIFS mount error: No usable UNC path provided in device string! [ 789.855313][ T7256] [ 789.859673][ T7256] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 790.129293][ T7276] nbd3: detected capacity change from 0 to 127 [ 790.134195][ T5943] block nbd3: Receive control failed (result -32) [ 790.135189][ T5701] block nbd3: Send control failed (result -32) [ 790.139124][ T5701] block nbd3: Request send failed, requeueing [ 790.141426][ T5360] block nbd3: Dead connection, failed to find a fallback [ 790.143980][ T5360] block nbd3: shutting down sockets [ 790.146231][ T5701] ldm_validate_partition_table(): Disk read failed. [ 790.148568][ T5701] Dev nbd3: unable to read RDB block 0 [ 790.151001][ T5701] nbd3: unable to read partition table [ 790.160595][ T5701] ldm_validate_partition_table(): Disk read failed. [ 790.165337][ T5701] Dev nbd3: unable to read RDB block 0 [ 790.167484][ T5701] nbd3: unable to read partition table [ 790.503493][ T7303] nbd4: detected capacity change from 0 to 127 [ 790.508049][ T5943] block nbd4: Receive control failed (result -104) [ 790.620516][T31509] usb 14-1: new high-speed USB device number 3 using dummy_hcd [ 790.792031][T31509] usb 14-1: too many configurations: 9, using maximum allowed: 8 [ 790.796581][T31509] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 790.800468][T31509] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 790.807168][T31509] usb 14-1: config 0 interface 0 has no altsetting 0 [ 790.811011][T31509] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 790.815011][T31509] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 790.818595][T31509] usb 14-1: config 0 interface 0 has no altsetting 0 [ 790.821635][T31509] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 790.825350][T31509] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 790.830145][T31509] usb 14-1: config 0 interface 0 has no altsetting 0 [ 790.834163][T31509] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 790.837971][T31509] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 790.842807][T31509] usb 14-1: config 0 interface 0 has no altsetting 0 [ 790.847309][T31509] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 790.851263][T31509] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 790.856324][T31509] usb 14-1: config 0 interface 0 has no altsetting 0 [ 790.860140][T31509] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 790.863388][T31509] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 790.867215][T31509] usb 14-1: config 0 interface 0 has no altsetting 0 [ 790.870869][T31509] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 790.874871][T31509] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 790.879754][T31509] usb 14-1: config 0 interface 0 has no altsetting 0 [ 790.883922][T31509] usb 14-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 790.887883][T31509] usb 14-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 790.892722][T31509] usb 14-1: config 0 interface 0 has no altsetting 0 [ 790.897468][T31509] usb 14-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 790.900630][T31509] usb 14-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 790.903596][T31509] usb 14-1: Product: syz [ 790.905074][T31509] usb 14-1: Manufacturer: syz [ 790.907028][T31509] usb 14-1: SerialNumber: syz [ 790.911429][T31509] usb 14-1: config 0 descriptor?? [ 790.917421][T31509] yurex 14-1:0.0: USB YUREX device now attached to Yurex #0 [ 791.112548][ T7332] nbd5: detected capacity change from 0 to 127 [ 791.120917][ T5943] block nbd5: Receive control failed (result -104) [ 791.289576][ T40] audit: type=1326 audit(2000000016.088:22188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7341 comm="syz.3.31175" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 791.299426][ T40] audit: type=1326 audit(2000000016.098:22189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7341 comm="syz.3.31175" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 791.309668][ T40] audit: type=1326 audit(2000000016.098:22190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7341 comm="syz.3.31175" exe="/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 791.319777][ T40] audit: type=1326 audit(2000000016.098:22191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7341 comm="syz.3.31175" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 791.329685][ T40] audit: type=1326 audit(2000000016.098:22192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7341 comm="syz.3.31175" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 791.339668][ T40] audit: type=1326 audit(2000000016.107:22193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7341 comm="syz.3.31175" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 791.348857][ T40] audit: type=1326 audit(2000000016.107:22194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7341 comm="syz.3.31175" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 791.357718][ T40] audit: type=1326 audit(2000000016.107:22195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7341 comm="syz.3.31175" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 791.366758][ T40] audit: type=1326 audit(2000000016.107:22196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7341 comm="syz.3.31175" exe="/syz-executor" sig=0 arch=40000003 syscall=335 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 791.374804][ T40] audit: type=1326 audit(2000000016.107:22197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7341 comm="syz.3.31175" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 791.411744][ T7346] macvlan0: entered promiscuous mode [ 791.417590][ T7346] netlink: 'syz.6.31178': attribute type 1 has an invalid length. [ 791.421301][ T7346] netlink: 'syz.6.31178': attribute type 2 has an invalid length. [ 791.636975][ T7358] netlink: 8 bytes leftover after parsing attributes in process `syz.3.31185'. [ 791.808595][ T7372] (syz.0.31191,7372,3):dlmfs_mkdir:421 ERROR: invalid domain name for directory. [ 793.025020][ T7394] bridge0: entered promiscuous mode [ 793.027088][ T7394] macvlan2: entered promiscuous mode [ 793.326895][ C0] usb 14-1: yurex_control_callback - control failed: -2 [ 793.331179][T30918] usb 14-1: USB disconnect, device number 3 [ 793.334894][T30918] yurex 14-1:0.0: USB YUREX #0 now disconnected [ 793.678841][T28382] kernel write not supported for file /radio5 (pid: 28382 comm: kworker/0:2) [ 793.687446][T29659] kernel read not supported for file /dsp (pid: 29659 comm: kworker/1:7) [ 795.206892][ T7465] netlink: 28 bytes leftover after parsing attributes in process `syz.3.31232'. [ 795.207845][ T7468] netlink: 4 bytes leftover after parsing attributes in process `syz.9.31231'. [ 795.512012][ T7482] bpf: Bad value for 'uid' [ 795.841136][ T7504] delete_channel: no stack [ 796.335022][ T7551] netlink: 8 bytes leftover after parsing attributes in process `syz.0.31273'. [ 796.735625][ T7563] netlink: 24 bytes leftover after parsing attributes in process `syz.6.31278'. [ 797.275695][ T1415] aoe: packet could not be sent on bond0. consider increasing tx_queue_len [ 797.371540][ T7608] netlink: 52 bytes leftover after parsing attributes in process `syz.0.31298'. [ 797.832419][ T7628] IPVS: wlc: FWM 3 0x00000003 - no destination available [ 798.498517][ T7672] netlink: 52 bytes leftover after parsing attributes in process `syz.3.31324'. [ 798.607331][ T7675] ref_ctr_offset mismatch. inode: 0x1707 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x30656c69662f2e [ 798.932207][T30918] hid_parser_main: 18 callbacks suppressed [ 798.932227][T30918] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 798.939216][T30918] hid-generic 0000:0000:0000.000C: hidraw0: HID v0.00 Device [syz1] on syz0 [ 799.021548][ T7700] fido_id[7700]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 799.171955][T29595] hid-generic 000F:09B2:0800.000D: unknown main item tag 0x0 [ 799.175670][T29595] hid-generic 000F:09B2:0800.000D: unknown main item tag 0x0 [ 799.178080][T29595] hid-generic 000F:09B2:0800.000D: unknown main item tag 0x0 [ 799.180449][T29595] hid-generic 000F:09B2:0800.000D: unknown main item tag 0x0 [ 799.182835][T29595] hid-generic 000F:09B2:0800.000D: unknown main item tag 0x0 [ 799.188143][T29595] hid-generic 000F:09B2:0800.000D: unknown main item tag 0x0 [ 799.191076][T29595] hid-generic 000F:09B2:0800.000D: unknown main item tag 0x0 [ 799.193908][T29595] hid-generic 000F:09B2:0800.000D: unknown main item tag 0x0 [ 799.196822][T29595] hid-generic 000F:09B2:0800.000D: unknown main item tag 0x0 [ 799.203804][T29595] hid-generic 000F:09B2:0800.000D: hidraw0: HID v0.46 Device [syz1] on syz1 [ 799.237817][ T7727] fido_id[7727]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 799.726574][ T7768] netlink: 'syz.3.31370': attribute type 8 has an invalid length. [ 799.796361][ T7774] loop9: detected capacity change from 0 to 7 [ 799.802952][ T7361] Dev loop9: unable to read RDB block 7 [ 799.805128][ T7361] loop9: unable to read partition table [ 799.806897][ T7776] sp0: Synchronizing with TNC [ 799.806987][ T7361] loop9: partition table beyond EOD, truncated [ 799.821012][ T7774] Dev loop9: unable to read RDB block 7 [ 799.823324][ T7774] loop9: unable to read partition table [ 799.832569][ T7774] loop9: partition table beyond EOD, truncated [ 799.834560][ T7774] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5) [ 800.046966][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 800.046981][ T40] audit: type=1326 audit(2000000024.273:22199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.3.31384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 800.060642][ T40] audit: type=1326 audit(2000000024.273:22200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.3.31384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 800.069880][ T40] audit: type=1326 audit(2000000024.292:22201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.3.31384" exe="/syz-executor" sig=0 arch=40000003 syscall=181 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 800.080013][ T40] audit: type=1326 audit(2000000024.292:22202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.3.31384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 800.090730][ T40] audit: type=1326 audit(2000000024.292:22203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7795 comm="syz.3.31384" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702ef6c code=0x7ffc0000 [ 800.196265][ T7810] binder: 7809:7810 ioctl c0306201 80000480 returned -22 [ 800.250050][ T7815] bad cache= option: nonee : 16 [ 800.250050][ T7815] min keysize : 16 [ 800.250050][ T7815] max keysize : 32 [ 800.250050][ T7815] ivsize : 16 [ 800.250050][ T7815] chunksize : 16 [ 800.250050][ T7815] walksize : 16 [ 800.250050][ T7815] statesize : 0 [ 800.250050][ T7815] [ 800.250050][ T7815] name : lrw(camellia) [ 800.250050][ T7815] driver : lrw(ecb-camellia-aesni-avx2) [ 800.250050][ T7815] module : kernel [ 800.250050][ T7815] priority : 500 [ 800.250050][ T7815] refcnt : 1 [ 800.250050][ T7815] selftest : passed [ 800.250050][ T7815] internal : no [ 800.250050][ T7815] type : skcipher [ 800.250050][ T7815] async : no [ 800.250050][ T7815] blocksize : 16 [ 800.250050][ T7815] min keysize : 32 [ 800.250050][ T7815] max keysize : 48 [ 800.250050][ T7815] ivsize : 16 [ 800.250050][ T7815] chunksize : 16 [ 800.250050][ T7815] walksize : 16 [ 800.250050][ T7815] statesize : 0 [ 800.250050][ T7815] [ 800.250050][ T7815] name : echainiv(aegis128) [ 800.250050][ T7815] driver : echainiv(pcrypt(aegis128-aesni)) [ 800.250050][ T7815] module : kernel [ 800.250050][ T7815] priority : 500 [ 800.250050][ T7815] refcnt : 1 [ 800.250050][ T7815] selftest : passed [ 800.250050][ T7815] internal : no [ 800.250050][ T7815] type : aead [ 800.250050][ T7815] async : yes [ 800.250050][ T7815] blocksize : 1 [ 800.250050][ T7815] ivsize : 16 [ 800.250050][ T7815] maxauthsize : 16 [ 800.250050][ T7815] geniv : [ 800.250050][ T7815] [ 800.250050][ T7815] name : essiv(cbc(aes) [ 800.250050][ T7815] [ 800.303923][ T7815] CIFS: VFS: bad cache= option: nonee : 16 [ 800.303923][ T7815] min keysize : 16 [ 800.303923][ T7815] max keysize : 32 [ 800.303923][ T7815] ivsize : 16 [ 800.303923][ T7815] chunksize : 16 [ 800.303923][ T7815] walksize : 16 [ 800.303923][ T7815] statesize : 0 [ 800.303923][ T7815] [ 800.303923][ T7815] name : lrw(camellia) [ 800.303923][ T7815] driver : lrw(ecb-camellia-aesni-avx2) [ 800.303923][ T7815] module : kernel [ 800.303923][ T7815] priority : 500 [ 800.303923][ T7815] refcnt : 1 [ 800.303923][ T7815] selftest : passed [ 800.303923][ T7815] internal : no [ 800.303923][ T7815] type : skcipher [ 800.303923][ T7815] async : no [ 800.303923][ T7815] blocksize : 16 [ 800.303923][ T7815] min keysize : 32 [ 800.303923][ T7815] max keysize : 48 [ 800.303923][ T7815] ivsize : 16 [ 800.303923][ T7815] chunksize : 16 [ 800.303923][ T7815] walksize : 16 [ 800.303923][ T7815] statesize : 0 [ 800.303923][ T7815] [ 800.303923][ T7815] name : echainiv(aegis128) [ 800.303923][ T7815] driver : echainiv(pcrypt(aegis128-aesni)) [ 800.303923][ T7815] module : kernel [ 800.303923][ T7815] priority : 500 [ 800.303923][ T7815] refcnt : 1 [ 800.303923][ T7815] selftest : passed [ 800.303923][ T7815] internal : no [ 800.303923][ T7815] type : aead [ 800.303923][ T7815] async : yes [ 800.303923][ T7815] blocksize : 1 [ 800.303923][ T7815] ivsize : 16 [ 800.303923][ T7815] maxauthsize : 16 [ 800.303923][ T7815] geniv : [ 800.303923][ T7815] [ 800.303923][ T7815] name : essiv(cbc(aes) [ 800.367612][ T7815] CIFS mount error: No usable UNC path provided in device string! [ 800.367612][ T7815] [ 800.373440][ T7815] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 800.794672][ T7853] netlink: 4 bytes leftover after parsing attributes in process `syz.9.31408'. [ 800.802247][ T7853] batman_adv: batadv0: Adding interface: ipvlan3 [ 800.804329][ T7853] batman_adv: batadv0: The MTU of interface ipvlan3 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 800.813591][ T7853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 800.817485][ T7853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 800.821179][ T7853] batman_adv: batadv0: Not using interface ipvlan3 (retrying later): interface not active [ 800.970735][ T7859] veth0: entered promiscuous mode [ 800.973222][ T7859] veth0: left promiscuous mode [ 801.297084][ T7873] netlink: 60 bytes leftover after parsing attributes in process `syz.9.31418'. [ 801.300266][ T7873] bridge0: port 2(bridge_slave_1) entered disabled state [ 801.302810][ T7873] bridge0: port 1(bridge_slave_0) entered disabled state [ 801.352614][ T7876] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 801.354459][ T7877] 9pnet_virtio: no channels available for device syz [ 801.357113][ T7876] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 801.364345][ T7876] overlayfs: failed to set uuid (8141/file0, err=-13); falling back to uuid=null. [ 801.517138][ T7881] netlink: 'syz.3.31422': attribute type 9 has an invalid length. [ 801.520045][ T7881] netlink: 8 bytes leftover after parsing attributes in process `syz.3.31422'. [ 802.575337][ T7921] veth1_to_batadv: entered promiscuous mode [ 802.577681][ T7921] macsec2: entered promiscuous mode [ 802.738105][ C3] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 803.192275][T31509] hid-generic 0000:0000:0000.000E: hidraw0: HID v0.00 Device [syz1] on syz0 [ 803.226820][ T7952] fido_id[7952]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 803.692891][ T7971] vcan0: tx drop: invalid sa for name 0x0000000000000002 [ 804.520818][ T7987] netlink: 'syz.9.31471': attribute type 16 has an invalid length. [ 804.523674][ T7987] netlink: 48 bytes leftover after parsing attributes in process `syz.9.31471'. [ 805.065717][ T8026] netlink: 8 bytes leftover after parsing attributes in process `syz.3.31488'. [ 805.070200][ T8026] netlink: 4 bytes leftover after parsing attributes in process `syz.3.31488'. [ 805.075050][ T8026] netlink: 'syz.3.31488': attribute type 13 has an invalid length. [ 805.078452][ T8026] netlink: 'syz.3.31488': attribute type 12 has an invalid length. [ 806.466728][ T6006] kernel read not supported for file /adsp1 (pid: 6006 comm: kworker/3:3) [ 806.650321][ T8097] input: syz1 as /devices/virtual/input/input83 [ 807.386713][ T8136] netlink: 4 bytes leftover after parsing attributes in process `syz.9.31537'. [ 808.234660][ T40] audit: type=1326 audit(2000000031.934:22204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8146 comm="syz.9.31542" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fdef78 code=0x7ffc0000 [ 808.243696][ T40] audit: type=1326 audit(2000000031.934:22205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8146 comm="syz.9.31542" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fdef78 code=0x7ffc0000 [ 808.253702][ T40] audit: type=1326 audit(2000000031.934:22206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8146 comm="syz.9.31542" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fdef78 code=0x7ffc0000 [ 808.263350][ T40] audit: type=1326 audit(2000000031.934:22207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8146 comm="syz.9.31542" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fdef78 code=0x7ffc0000 [ 808.269300][ T8149] bond1: option lacp_rate: mode dependency failed, not supported in mode active-backup(1) [ 808.273447][ T40] audit: type=1326 audit(2000000031.934:22208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8146 comm="syz.9.31542" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fdef78 code=0x7ffc0000 [ 808.288134][ T40] audit: type=1326 audit(2000000031.934:22209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8146 comm="syz.9.31542" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fdef78 code=0x7ffc0000 [ 808.300554][ T40] audit: type=1326 audit(2000000031.934:22210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8146 comm="syz.9.31542" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fdef78 code=0x7ffc0000 [ 808.304403][ T8149] bond1 (unregistering): Released all slaves [ 808.308120][ T40] audit: type=1326 audit(2000000031.934:22211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8146 comm="syz.9.31542" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fdef78 code=0x7ffc0000 [ 808.316140][ T40] audit: type=1326 audit(2000000031.934:22212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8146 comm="syz.9.31542" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fdef78 code=0x7ffc0000 [ 808.323158][ T40] audit: type=1326 audit(2000000031.934:22213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8146 comm="syz.9.31542" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf6fdef78 code=0x7ffc0000 [ 808.697842][ T8174] netlink: 8 bytes leftover after parsing attributes in process `syz.9.31554'. [ 808.987534][ T8186] netlink: 24 bytes leftover after parsing attributes in process `syz.6.31559'. [ 809.065660][ T8195] netlink: 20 bytes leftover after parsing attributes in process `syz.6.31561'. [ 809.281221][ T8215] IPVS: rr: FWM 3 0x00000003 - no destination available [ 809.561300][ T8238] kvm: kvm [8237]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x1 [ 809.748758][ T8250] dummy0: entered allmulticast mode [ 809.752732][ T8250] dummy0: left allmulticast mode [ 810.770029][ T8312] pimreg: entered allmulticast mode [ 810.811505][ T8314] sp0: Synchronizing with TNC [ 810.830664][ T8313] [U] è`` [ 810.996321][ T8321] vcan0: tx address claim with dest, not broadcast [ 811.489472][ T8364] netlink: 12 bytes leftover after parsing attributes in process `syz.9.31641'. [ 811.494453][ T8364] netlink: 12 bytes leftover after parsing attributes in process `syz.9.31641'. [ 811.613661][ T8378] binder: 8377:8378 ioctl c0306201 0 returned -14 [ 811.678321][ T8382] netem: incorrect ge model size [ 812.179262][ T8421] netlink: 24 bytes leftover after parsing attributes in process `syz.0.31667'. [ 812.561681][ T8445] netlink: 32 bytes leftover after parsing attributes in process `syz.0.31679'. [ 812.566859][ T8445] netlink: 32 bytes leftover after parsing attributes in process `syz.0.31679'. [ 812.686288][ T8455] netlink: 4 bytes leftover after parsing attributes in process `syz.3.31684'. [ 812.811104][T30918] kernel read not supported for file /video7 (pid: 30918 comm: kworker/2:6) [ 812.846129][ T8470] delete_channel: no stack [ 813.037410][ T8487] netlink: 'syz.0.31698': attribute type 1 has an invalid length. [ 813.040017][ T8487] netlink: 'syz.0.31698': attribute type 2 has an invalid length. [ 813.042599][ T8487] netlink: 'syz.0.31698': attribute type 1 has an invalid length. [ 813.045189][ T8487] netlink: 'syz.0.31698': attribute type 3 has an invalid length. [ 813.047709][ T8487] netlink: 4 bytes leftover after parsing attributes in process `syz.0.31698'. [ 813.417691][ T8513] netlink: 92 bytes leftover after parsing attributes in process `syz.9.31710'. [ 813.434352][ T8514] netlink: 44 bytes leftover after parsing attributes in process `syz.0.31711'. [ 813.482285][ T8514] netlink: 40 bytes leftover after parsing attributes in process `syz.0.31711'. [ 813.494418][ T8514] bridge0: port 2(bridge_slave_1) entered disabled state [ 814.242465][ T8567] smc: ib device syz2 ibport 1 erased user defined pnetid S [ 814.381781][ T8577] gfs2: path_lookup on  returned error -2 [ 814.436352][ T40] kauditd_printk_skb: 186 callbacks suppressed [ 814.436365][ T40] audit: type=1800 audit(2000000037.734:22400): pid=8580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.31742" name="file0" dev="9p" ino=72614247 res=0 errno=0 [ 814.811597][ T8591] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 815.019668][ T8607] misc userio: Can't change port type on an already running userio instance [ 815.660934][ T40] audit: type=1326 audit(2000000038.884:22401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8633 comm="syz.9.31769" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 815.667920][ T40] audit: type=1326 audit(2000000038.884:22402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8633 comm="syz.9.31769" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 815.676158][ T40] audit: type=1326 audit(2000000038.884:22403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8633 comm="syz.9.31769" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 815.684079][ T40] audit: type=1326 audit(2000000038.884:22404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8633 comm="syz.9.31769" exe="/syz-executor" sig=0 arch=40000003 syscall=291 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 815.691598][ T40] audit: type=1326 audit(2000000038.884:22405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8633 comm="syz.9.31769" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 815.698346][ T40] audit: type=1326 audit(2000000038.884:22406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8633 comm="syz.9.31769" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 815.706602][ T40] audit: type=1326 audit(2000000038.884:22407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8633 comm="syz.9.31769" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 815.713859][ T40] audit: type=1326 audit(2000000038.884:22408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8633 comm="syz.9.31769" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 815.720715][ T40] audit: type=1326 audit(2000000038.884:22409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8633 comm="syz.9.31769" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 816.442028][ T8677] team0 (unregistering): Port device team_slave_0 removed [ 816.484326][ T8677] team0 (unregistering): Port device team_slave_1 removed [ 817.351418][ T8735] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 818.775156][ T842] kernel write not supported for file /snd/midiC2D0 (pid: 842 comm: kworker/3:2) [ 818.839322][ T8812] syz_tun: entered allmulticast mode [ 818.845329][ T8811] syz_tun: left allmulticast mode [ 819.257805][ T8854] __nla_validate_parse: 8 callbacks suppressed [ 819.257823][ T8854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.31869'. [ 819.812399][ T40] kauditd_printk_skb: 11 callbacks suppressed [ 819.812411][ T40] audit: type=1326 audit(2000000042.766:22421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8884 comm="syz.6.31885" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x0 [ 819.963866][ T8890] A link change request failed with some changes committed already. Interface macsec0 may have been left with an inconsistent configuration, please check. [ 820.303158][ T8915] batadv_slave_0: Caught tx_queue_len zero misconfig [ 820.343090][ T8917] netlink: 24 bytes leftover after parsing attributes in process `syz.3.31899'. [ 820.426058][ T842] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 820.608337][ T842] usb 5-1: Using ep0 maxpacket: 8 [ 820.620977][ T842] usb 5-1: New USB device found, idVendor=22b8, idProduct=6425, bcdDevice=d3.6c [ 820.624694][ T842] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 820.628494][ T842] usb 5-1: Product: syz [ 820.630845][ T842] usb 5-1: Manufacturer: syz [ 820.633537][ T842] usb 5-1: SerialNumber: syz [ 820.638290][ T842] usb 5-1: config 0 descriptor?? [ 820.644906][ T842] cdc_ether 5-1:0.0: skipping garbage [ 820.647131][ T842] usb 5-1: bad CDC descriptors [ 820.649802][ T842] usb 5-1: unsupported MDLM descriptors [ 820.653306][ T842] cdc_acm 5-1:0.0: skipping garbage [ 820.878948][ T5993] usb 5-1: USB disconnect, device number 8 [ 820.903313][ T8941] IPVS: wlc: FWM 3 0x00000003 - no destination available [ 820.963334][ T8943] netlink: 8 bytes leftover after parsing attributes in process `syz.6.31912'. [ 820.967022][ T8943] netlink: 12 bytes leftover after parsing attributes in process `syz.6.31912'. [ 821.099919][ T8952] program syz.9.31915 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 821.573621][ T40] audit: type=1326 audit(2000000044.412:22422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8988 comm="syz.6.31927" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 821.580709][ T40] audit: type=1326 audit(2000000044.412:22423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8988 comm="syz.6.31927" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706ef78 code=0x7ffc0000 [ 821.587594][ T40] audit: type=1326 audit(2000000044.412:22424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8988 comm="syz.6.31927" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706ef78 code=0x7ffc0000 [ 821.595483][ T40] audit: type=1326 audit(2000000044.412:22425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8988 comm="syz.6.31927" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706ef78 code=0x7ffc0000 [ 821.604862][ T40] audit: type=1326 audit(2000000044.412:22426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8988 comm="syz.6.31927" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706ef78 code=0x7ffc0000 [ 821.611920][ T40] audit: type=1326 audit(2000000044.412:22427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8988 comm="syz.6.31927" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 821.619552][ T40] audit: type=1326 audit(2000000044.412:22428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8988 comm="syz.6.31927" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706ef78 code=0x7ffc0000 [ 821.627909][ T40] audit: type=1326 audit(2000000044.412:22429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8988 comm="syz.6.31927" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706ef78 code=0x7ffc0000 [ 821.637846][ T40] audit: type=1326 audit(2000000044.412:22430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8988 comm="syz.6.31927" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706ef78 code=0x7ffc0000 [ 821.703263][ T8995] dummy0: entered allmulticast mode [ 821.706231][ T8995] dummy0: left allmulticast mode [ 821.771303][ T8999] netlink: 20 bytes leftover after parsing attributes in process `syz.0.31936'. [ 822.061710][ T1454] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 822.221995][ T1454] usb 5-1: Using ep0 maxpacket: 8 [ 822.226166][ T1454] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 822.229903][ T1454] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 822.237348][ T1454] pvrusb2: Hardware description: Terratec Grabster AV400 [ 822.239770][ T1454] pvrusb2: ********** [ 822.241280][ T1454] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 822.245706][ T1454] pvrusb2: Important functionality might not be entirely working. [ 822.249049][ T1454] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 822.253904][ T1454] pvrusb2: ********** [ 822.412860][ T9022] kvm: kvm [9021]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x1 [ 822.456358][ T2484] pvrusb2: Invalid write control endpoint [ 822.502704][ T2484] pvrusb2: Invalid write control endpoint [ 822.505470][ T2484] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 822.508701][ T2484] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 822.512126][ T2484] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 822.515291][ T2484] pvrusb2: Device being rendered inoperable [ 822.520980][ T2484] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 822.525255][ T2484] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 822.536312][ T2484] pvrusb2: Attached sub-driver cx25840 [ 822.538880][ T2484] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 822.543402][ T2484] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 822.669048][ T9005] pvrusb2: Attempted to execute control transfer when device not ok [ 822.674345][ T5993] usb 5-1: USB disconnect, device number 9 [ 823.312476][ T2107] block nbd5: Possible stuck request ffff888026e10000: control (read@0,1024B). Runtime 30 seconds [ 823.318247][ T2107] block nbd5: Possible stuck request ffff888026e10200: control (read@1024,1024B). Runtime 30 seconds [ 823.321619][ T2107] block nbd5: Possible stuck request ffff888026e10400: control (read@2048,1024B). Runtime 30 seconds [ 823.329435][ T2107] block nbd5: Possible stuck request ffff888026e10600: control (read@3072,1024B). Runtime 30 seconds [ 823.339656][ T70] block nbd4: Possible stuck request ffff888026d98000: control (read@0,1024B). Runtime 30 seconds [ 823.343134][ T70] block nbd4: Possible stuck request ffff888026d98200: control (read@1024,1024B). Runtime 30 seconds [ 823.347604][ T70] block nbd4: Possible stuck request ffff888026d98400: control (read@2048,1024B). Runtime 30 seconds [ 823.348106][ T9066] binder: 9064:9066 ioctl c0306201 0 returned -14 [ 823.352225][ T70] block nbd4: Possible stuck request ffff888026d98600: control (read@3072,1024B). Runtime 30 seconds [ 823.402358][ T9071] netlink: 12 bytes leftover after parsing attributes in process `syz.0.31968'. [ 823.407767][ T9071] netlink: 12 bytes leftover after parsing attributes in process `syz.0.31968'. [ 823.466668][ T9082] netlink: 4 bytes leftover after parsing attributes in process `syz.0.31975'. [ 823.479056][ T9085] vcan0: tx address claim with dest, not broadcast [ 823.995771][ T9128] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 824.047404][ T9137] netlink: 4 bytes leftover after parsing attributes in process `syz.6.32000'. [ 824.099122][ T9143] netlink: 666 bytes leftover after parsing attributes in process `syz.6.32002'. [ 825.027011][ T9204] netlink: 44 bytes leftover after parsing attributes in process `syz.6.32030'. [ 825.055419][ T9204] netlink: 40 bytes leftover after parsing attributes in process `syz.6.32030'. [ 825.061641][ T9204] bridge0: port 2(bridge_slave_1) entered disabled state [ 825.153726][ T9211] netlink: 36 bytes leftover after parsing attributes in process `syz.6.32035'. [ 825.205571][ T5993] kernel write not supported for file /vmallocinfo (pid: 5993 comm: kworker/2:4) [ 825.318772][ T1454] kernel write not supported for file /uinput (pid: 1454 comm: kworker/1:2) [ 825.604401][ T9233] bond0: entered promiscuous mode [ 825.606594][ T9233] bond_slave_0: entered promiscuous mode [ 825.609143][ T9233] bond_slave_1: entered promiscuous mode [ 825.958409][ T9258] ================================================================== [ 825.961152][ T9258] BUG: KASAN: slab-use-after-free in dvb_device_open+0x33f/0x3b0 [ 825.963648][ T9258] Read of size 8 at addr ffff888021487618 by task syz.0.32055/9258 [ 825.967112][ T9258] [ 825.968795][ T9258] CPU: 3 UID: 0 PID: 9258 Comm: syz.0.32055 Tainted: G L syzkaller #0 PREEMPT(full) [ 825.968826][ T9258] Tainted: [L]=SOFTLOCKUP [ 825.968833][ T9258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 825.969255][ T9258] Call Trace: [ 825.969263][ T9258] [ 825.969271][ T9258] dump_stack_lvl+0x100/0x190 [ 825.969302][ T9258] print_report+0x156/0x4c9 [ 825.969328][ T9258] ? __virt_addr_valid+0x81/0x620 [ 825.969352][ T9258] ? __phys_addr+0xe8/0x180 [ 825.969375][ T9258] ? dvb_device_open+0x33f/0x3b0 [ 825.969394][ T9258] kasan_report+0xdf/0x1e0 [ 825.969441][ T9258] ? dvb_device_open+0x33f/0x3b0 [ 825.969462][ T9258] ? __pfx_dvb_device_open+0x10/0x10 [ 825.969481][ T9258] dvb_device_open+0x33f/0x3b0 [ 825.969500][ T9258] ? __pfx_dvb_device_open+0x10/0x10 [ 825.969518][ T9258] chrdev_open+0x234/0x6a0 [ 825.969546][ T9258] ? __pfx_apparmor_file_open+0x10/0x10 [ 825.969568][ T9258] ? __pfx_chrdev_open+0x10/0x10 [ 825.969596][ T9258] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 825.969627][ T9258] do_dentry_open+0x6d8/0x1660 [ 825.969652][ T9258] ? __pfx_chrdev_open+0x10/0x10 [ 825.969681][ T9258] vfs_open+0x82/0x3f0 [ 825.969700][ T9258] path_openat+0x208c/0x31a0 [ 825.969729][ T9258] ? asm_int80_emulation+0x1a/0x20 [ 825.969750][ T9258] ? __pfx_path_openat+0x10/0x10 [ 825.969781][ T9258] do_file_open+0x20e/0x430 [ 825.969807][ T9258] ? __pfx_do_file_open+0x10/0x10 [ 825.969842][ T9258] ? _raw_spin_unlock+0x28/0x50 [ 825.969868][ T9258] ? alloc_fd+0x476/0x790 [ 825.969896][ T9258] do_sys_openat2+0x10d/0x1e0 [ 825.969915][ T9258] ? __pfx_do_sys_openat2+0x10/0x10 [ 825.969940][ T9258] ? kcov_ioctl+0x16a/0x720 [ 825.969965][ T9258] ? rcu_is_watching+0x12/0xc0 [ 825.969990][ T9258] ? kcov_ioctl+0x16a/0x720 [ 825.970016][ T9258] __ia32_compat_sys_openat+0x12d/0x210 [ 825.970037][ T9258] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 825.970059][ T9258] ? kcov_ioctl+0x16a/0x720 [ 825.970090][ T9258] do_int80_emulation+0x141/0x6b0 [ 825.970111][ T9258] asm_int80_emulation+0x1a/0x20 [ 825.970130][ T9258] RIP: 0023:0xf717572b [ 825.970145][ T9258] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 825.970163][ T9258] RSP: 002b:00000000f543603c EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 825.970180][ T9258] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5436100 [ 825.970192][ T9258] RDX: 0000000000040002 RSI: 0000000000000000 RDI: 0000000000000000 [ 825.970203][ T9258] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 825.970214][ T9258] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 825.970225][ T9258] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 825.970244][ T9258] [ 825.970251][ T9258] [ 826.079691][ T9258] Allocated by task 2484: [ 826.081494][ T9258] kasan_save_stack+0x30/0x50 [ 826.083491][ T9258] kasan_save_track+0x14/0x30 [ 826.085470][ T9258] __kasan_kmalloc+0xaa/0xb0 [ 826.087342][ T9258] __kvmalloc_node_noprof+0x360/0xa00 [ 826.089497][ T9258] v4l2_ctrl_new+0x4a6/0x23a0 [ 826.091371][ T9258] v4l2_ctrl_new_std+0x1bb/0x290 [ 826.093486][ T9258] cx25840_probe.cold+0x90d/0xf2c [ 826.095441][ T9258] i2c_device_probe+0x658/0xd10 [ 826.097434][ T9258] really_probe+0x241/0xa60 [ 826.099291][ T9258] __driver_probe_device+0x1de/0x400 [ 826.101431][ T9258] driver_probe_device+0x4c/0x1b0 [ 826.103508][ T9258] __device_attach_driver+0x1ff/0x3e0 [ 826.105678][ T9258] bus_for_each_drv+0x159/0x1e0 [ 826.107602][ T9258] __device_attach+0x1e4/0x4d0 [ 826.109516][ T9258] device_initial_probe+0xaf/0xd0 [ 826.111529][ T9258] bus_probe_device+0x64/0x160 [ 826.113478][ T9258] device_add+0x11d9/0x1950 [ 826.115300][ T9258] i2c_new_client_device+0x660/0xd30 [ 826.117463][ T9258] v4l2_i2c_new_subdev_board+0xb6/0x2b0 [ 826.119679][ T9258] v4l2_i2c_new_subdev+0x13e/0x190 [ 826.121744][ T9258] pvr2_hdw_initialize+0x2158/0x3710 [ 826.123993][ T9258] pvr2_context_thread_func+0x253/0x920 [ 826.126206][ T9258] kthread+0x370/0x450 [ 826.127784][ T9258] ret_from_fork+0x754/0xd80 [ 826.129763][ T9258] ret_from_fork_asm+0x1a/0x30 [ 826.131713][ T9258] [ 826.132748][ T9258] Freed by task 5993: [ 826.134387][ T9258] kasan_save_stack+0x30/0x50 [ 826.136298][ T9258] kasan_save_track+0x14/0x30 [ 826.138199][ T9258] kasan_save_free_info+0x3b/0x70 [ 826.140239][ T9258] __kasan_slab_free+0x5f/0x80 [ 826.142239][ T9258] kfree+0x1f6/0x6b0 [ 826.143890][ T9258] v4l2_ctrl_handler_free+0x552/0x970 [ 826.146207][ T9258] i2c_device_remove+0x81/0x280 [ 826.148327][ T9258] device_remove+0xcb/0x180 [ 826.150204][ T9258] device_release_driver_internal+0x42e/0x600 [ 826.152703][ T9258] bus_remove_device+0x22f/0x440 [ 826.154880][ T9258] device_del+0x376/0x9b0 [ 826.156645][ T9258] device_unregister+0x1d/0xe0 [ 826.158610][ T9258] i2c_unregister_device+0xf5/0x270 [ 826.160758][ T9258] __unregister_client+0x80/0xa0 [ 826.162862][ T9258] device_for_each_child+0x11e/0x1a0 [ 826.165197][ T9258] i2c_del_adapter+0x4a7/0x820 [ 826.167224][ T9258] pvr2_i2c_core_done+0x72/0xd0 [ 826.168852][ T9258] pvr2_hdw_disconnect+0xcb/0x600 [ 826.170445][ T9258] pvr2_context_disconnect+0x32/0xc0 [ 826.172236][ T9258] pvr_disconnect+0x80/0xd0 [ 826.174085][ T9258] usb_unbind_interface+0x1dd/0x9e0 [ 826.176120][ T9258] device_remove+0x12a/0x180 [ 826.177989][ T9258] device_release_driver_internal+0x42e/0x600 [ 826.180438][ T9258] bus_remove_device+0x22f/0x440 [ 826.182490][ T9258] device_del+0x376/0x9b0 [ 826.184310][ T9258] usb_disable_device+0x367/0x810 [ 826.186330][ T9258] usb_disconnect+0x2e2/0x9a0 [ 826.188167][ T9258] hub_event+0x1d0c/0x4af0 [ 826.189940][ T9258] process_one_work+0x9d7/0x1920 [ 826.192022][ T9258] worker_thread+0x5da/0xe40 [ 826.194007][ T9258] kthread+0x370/0x450 [ 826.195669][ T9258] ret_from_fork+0x754/0xd80 [ 826.197590][ T9258] ret_from_fork_asm+0x1a/0x30 [ 826.199469][ T9258] [ 826.200468][ T9258] The buggy address belongs to the object at ffff888021487600 [ 826.200468][ T9258] which belongs to the cache kmalloc-256 of size 256 [ 826.205896][ T9258] The buggy address is located 24 bytes inside of [ 826.205896][ T9258] freed 256-byte region [ffff888021487600, ffff888021487700) [ 826.211153][ T9258] [ 826.212142][ T9258] The buggy address belongs to the physical page: [ 826.214684][ T9258] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x21486 [ 826.218163][ T9258] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 826.221332][ T9258] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 826.224289][ T9258] page_type: f5(slab) [ 826.225907][ T9258] raw: 00fff00000000040 ffff88801b842b40 dead000000000100 dead000000000122 [ 826.229296][ T9258] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 826.232715][ T9258] head: 00fff00000000040 ffff88801b842b40 dead000000000100 dead000000000122 [ 826.235938][ T9258] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 826.239338][ T9258] head: 00fff00000000001 ffffea0000852181 00000000ffffffff 00000000ffffffff [ 826.242791][ T9258] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 826.246258][ T9258] page dumped because: kasan: bad access detected [ 826.248764][ T9258] page_owner tracks the page as allocated [ 826.251034][ T9258] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 18722644541, free_ts 12633345553 [ 826.259365][ T9258] post_alloc_hook+0x153/0x170 [ 826.261407][ T9258] get_page_from_freelist+0x111d/0x3140 [ 826.263694][ T9258] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 826.266077][ T9258] new_slab+0xa6/0x6d0 [ 826.267733][ T9258] refill_objects+0x26b/0x400 [ 826.269787][ T9258] __pcs_replace_empty_main+0x19f/0x600 [ 826.272169][ T9258] __kmalloc_cache_noprof+0x493/0x6f0 [ 826.274380][ T9258] bus_add_driver+0x92/0x5b0 [ 826.276265][ T9258] driver_register+0x1e2/0x360 [ 826.278182][ T9258] usb_register_driver+0x21c/0x3e0 [ 826.280228][ T9258] do_one_initcall+0x11d/0x760 [ 826.282111][ T9258] kernel_init_freeable+0x6e5/0x7a0 [ 826.284135][ T9258] kernel_init+0x1f/0x1e0 [ 826.285879][ T9258] ret_from_fork+0x754/0xd80 [ 826.287768][ T9258] ret_from_fork_asm+0x1a/0x30 [ 826.289722][ T9258] page last free pid 1 tgid 1 stack trace: [ 826.292065][ T9258] __free_frozen_pages+0x7ca/0x10a0 [ 826.294177][ T9258] qlist_free_all+0x47/0xe0 [ 826.295998][ T9258] kasan_quarantine_reduce+0x1a0/0x1f0 [ 826.298172][ T9258] __kasan_slab_alloc+0x69/0x90 [ 826.300132][ T9258] __kmalloc_cache_noprof+0x243/0x6f0 [ 826.302324][ T9258] bus_add_driver+0x92/0x5b0 [ 826.304297][ T9258] driver_register+0x1e2/0x360 [ 826.306119][ T9258] e1000_init_module+0x46/0xb0 [ 826.307609][ T9258] do_one_initcall+0x11d/0x760 [ 826.309383][ T9258] kernel_init_freeable+0x6e5/0x7a0 [ 826.311590][ T9258] kernel_init+0x1f/0x1e0 [ 826.313468][ T9258] ret_from_fork+0x754/0xd80 [ 826.315425][ T9258] ret_from_fork_asm+0x1a/0x30 [ 826.317408][ T9258] [ 826.318414][ T9258] Memory state around the buggy address: [ 826.320701][ T9258] ffff888021487500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 826.323278][ T9258] ffff888021487580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 826.325831][ T9258] >ffff888021487600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 826.328306][ T9258] ^ [ 826.329824][ T9258] ffff888021487680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 826.332511][ T9258] ffff888021487700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 826.335719][ T9258] ================================================================== SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 826.356951][ T9258] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 826.359350][ T9258] CPU: 3 UID: 0 PID: 9258 Comm: syz.0.32055 Tainted: G L syzkaller #0 PREEMPT(full) [ 826.362995][ T9258] Tainted: [L]=SOFTLOCKUP [ 826.364370][ T9258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 826.367504][ T9258] Call Trace: [ 826.368778][ T9258] [ 826.369788][ T9258] dump_stack_lvl+0x100/0x190 [ 826.371302][ T9258] vpanic+0x552/0x970 [ 826.372661][ T9258] ? __pfx_vpanic+0x10/0x10 [ 826.374238][ T9258] ? dvb_device_open+0x33f/0x3b0 [ 826.376159][ T9258] panic+0xd1/0xe0 [ 826.377667][ T9258] ? __pfx_panic+0x10/0x10 [ 826.379146][ T9258] ? dvb_device_open+0x33f/0x3b0 [ 826.380841][ T9258] ? preempt_schedule_common+0x42/0xc0 [ 826.382649][ T9258] check_panic_on_warn.cold+0x19/0x34 [ 826.384512][ T9258] end_report.part.0+0x3a/0x90 [ 826.386205][ T9258] kasan_report.cold+0xe/0x18 [ 826.388185][ T9258] ? dvb_device_open+0x33f/0x3b0 [ 826.390303][ T9258] ? __pfx_dvb_device_open+0x10/0x10 [ 826.392033][ T9258] dvb_device_open+0x33f/0x3b0 [ 826.393607][ T9258] ? __pfx_dvb_device_open+0x10/0x10 [ 826.395294][ T9258] chrdev_open+0x234/0x6a0 [ 826.396802][ T9258] ? __pfx_apparmor_file_open+0x10/0x10 [ 826.398559][ T9258] ? __pfx_chrdev_open+0x10/0x10 [ 826.400174][ T9258] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 826.402289][ T9258] do_dentry_open+0x6d8/0x1660 [ 826.403899][ T9258] ? __pfx_chrdev_open+0x10/0x10 [ 826.405510][ T9258] vfs_open+0x82/0x3f0 [ 826.406838][ T9258] path_openat+0x208c/0x31a0 [ 826.408382][ T9258] ? asm_int80_emulation+0x1a/0x20 [ 826.410013][ T9258] ? __pfx_path_openat+0x10/0x10 [ 826.411596][ T9258] do_file_open+0x20e/0x430 [ 826.413193][ T9258] ? __pfx_do_file_open+0x10/0x10 [ 826.414934][ T9258] ? _raw_spin_unlock+0x28/0x50 [ 826.416567][ T9258] ? alloc_fd+0x476/0x790 [ 826.418110][ T9258] do_sys_openat2+0x10d/0x1e0 [ 826.419647][ T9258] ? __pfx_do_sys_openat2+0x10/0x10 [ 826.421390][ T9258] ? kcov_ioctl+0x16a/0x720 [ 826.422929][ T9258] ? rcu_is_watching+0x12/0xc0 [ 826.424537][ T9258] ? kcov_ioctl+0x16a/0x720 [ 826.425989][ T9258] __ia32_compat_sys_openat+0x12d/0x210 [ 826.427720][ T9258] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 826.429682][ T9258] ? kcov_ioctl+0x16a/0x720 [ 826.431144][ T9258] do_int80_emulation+0x141/0x6b0 [ 826.432841][ T9258] asm_int80_emulation+0x1a/0x20 [ 826.434489][ T9258] RIP: 0023:0xf717572b [ 826.435799][ T9258] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 826.442075][ T9258] RSP: 002b:00000000f543603c EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 826.444771][ T9258] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5436100 [ 826.447490][ T9258] RDX: 0000000000040002 RSI: 0000000000000000 RDI: 0000000000000000 [ 826.450705][ T9258] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 826.453876][ T9258] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 826.457268][ T9258] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 826.460490][ T9258] [ 826.462405][ T9258] Kernel Offset: disabled [ 826.464120][ T9258] Rebooting in 86400 seconds.. VM DIAGNOSIS: 19:24:39 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffffffff8e7e9220 RCX=ffffffff9176eb01 RDX=0000000000000000 RSI=ffffffff8df6a234 RDI=ffffffff8c1ae720 RBP=ffffffff81b7adde RSP=ffffc900040ff418 R8 =0000000000000001 R9 =0000000000000007 R10=0000000000000200 R11=000000000000aeb3 R12=ffff8880298c4900 R13=ffffc900040ff528 R14=0000000000000202 R15=ffffc900040ff55c RIP=ffffffff8b8f7ba0 RFL=00000096 [--S-AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097154000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7f555b8 CR3=000000004bcdb000 CR4=00352ef0 DR0=000000006000003f DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000401261 RBX=ffff88801c32a480 RCX=ffffffff8b8c5c75 RDX=0000000000000000 RSI=ffffffff8de78b6e RDI=ffffffff8c1ae720 RBP=0000000000000001 RSP=ffffc9000046fdf0 R8 =0000000000000001 R9 =ffffed1005666795 R10=ffff88802b333cab R11=0000000000000000 R12=ffffed1003865490 R13=0000000000000001 R14=ffffffff90d98110 R15=0000000000000000 RIP=ffffffff8b8c45df RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097254000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f73f800c CR3=0000000065437000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000011400000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000080000 RBX=0000000000000000 RCX=ffffc9000d161000 RDX=0000000000080000 RSI=ffffffff89588988 RDI=ffff8880292ac900 RBP=0000000000000000 RSP=ffffc900065b7708 R8 =0000000000000004 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=ffff888028957400 R13=0000000000000001 R14=ffffc900065b7e20 R15=0000000000000000 RIP=ffffffff89588988 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097354000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7226d10 CR3=0000000065437000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000080000001 RBX=ffffc90002cdf574 RCX=ffffffff8b88dd5c RDX=00000000ffffffd4 RSI=0000000000000000 RDI=0000000000000005 RBP=ffffffff9b68450b RSP=ffffc90002cdf240 R8 =0000000000000005 R9 =0000000000000000 R10=00000000ffffffd4 R11=0000000035323954 R12=0000000000000031 R13=ffffc90002cdf540 R14=ffffffff9b6844e0 R15=000000000000002b RIP=ffffffff8207f220 RFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097454000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f5435ff4 CR3=0000000075237000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffff000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000