last executing test programs: 6.864034967s ago: executing program 1 (id=79): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd', @ANYRESHEX]) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg(r3, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4b, 0x9, 0x8, 0x0, 0x400003}, 0x0) getsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x20, 0x0, &(0x7f0000001040)=0x5d) syz_usb_connect(0x0, 0x5f, 0x0, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$6lowpan_control(r4, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b) ioctl$SOUND_PCM_READ_CHANNELS(0xffffffffffffffff, 0x80045006, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000680), 0x40000, 0x19) setsockopt$RXRPC_SECURITY_KEY(0xffffffffffffffff, 0x110, 0xffe, 0x0, 0x0) write$6lowpan_control(r4, &(0x7f0000000300)='connect aa:aa:aa:aa:aa:11 1', 0x1b) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[], 0xb8}}, 0x0) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e99900000000fedbdf25fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc"], 0xb8}, 0x1, 0x0, 0x0, 0x4048000}, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x2c, &(0x7f0000000180)={&(0x7f00000006c0)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000900000000000000000000ac1e000100000000000000000000000000000000000000000a0040", @ANYRESHEX=r5, @ANYRES16=r5, @ANYBLOB="83727cafcb5e7f004ad486f96a29028c9c066da99f12fb02f61783e5d81fce8794eca2d9a0f413750b6ec2d335b7c0eaa7bb13f198193a3f6b988e6e2f568ac7ce1ee9cba2b156b3466c73f724d6a2bfdd43c35b1915a28f9428137426d0e598b78bbdec126adbb342a3719ed7d5b095d3b8c2cc1623eda000bd4d075bf103cfaf56f529276778dd0ed048fb7081d6536b900aa8513c7d0e59ab709b084eb4ed65511dd7a5354a0a45a2e708a2f3107ed057fb9bafe22e700643f1f1729042a135e151034b9c74ae3c"], 0xb8}, 0x1, 0x0, 0x0, 0x8041}, 0x4000) 5.258926562s ago: executing program 0 (id=83): ppoll(&(0x7f00000000c0)=[{}], 0x1, 0x0, 0x0, 0x0) r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000000c0)=ANY=[]) 4.359134777s ago: executing program 0 (id=87): r0 = fsopen(&(0x7f0000000040)='afs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='%(,c\xbe\xfbL:', 0x0) 4.358837164s ago: executing program 0 (id=88): prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x4b, 0x89}, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x49, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x7, &(0x7f0000000380), 0x0) setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000001340)=ANY=[@ANYBLOB="10000000000000000a004e2400000007fc00000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000"], 0x90) open$dir(0x0, 0x14502, 0xa3) write$USERIO_CMD_SET_PORT_TYPE(0xffffffffffffffff, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES32, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x48) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r2, 0x0, 0x81, &(0x7f00000000c0)={'broute\x00', 0x0, 0x0, 0x0, [0x1, 0x51e5, 0xd78, 0x9a, 0x1, 0x268], 0x0, 0x0}, 0x78) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) dup2(r3, r1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r4, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10) recvmmsg(r4, &(0x7f00000050c0)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/23, 0x17}, {0x0}], 0x2}}], 0x1, 0x6bf68237da62a01, 0x0) sendmmsg(r4, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000000)=0xa82, 0x0, 0x4) socket$netlink(0x10, 0x3, 0x0) 3.730030244s ago: executing program 1 (id=90): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x2c, r1, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@ETHTOOL_A_DEBUG_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8800}, 0x2000c0c0) 3.66906311s ago: executing program 1 (id=91): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f00000000c0)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000040)={@hyper, 0x1}) ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r1, 0x7af, &(0x7f0000000240)={@my=0x1}) ioctl$IOCTL_VMCI_QUEUEPAIR_DETACH(r1, 0x7b1, 0x0) ppoll(0x0, 0x65, 0x0, 0x0, 0xfffffffffffffe56) openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0) syz_open_dev$evdev(0x0, 0x2, 0x44240) 3.668852431s ago: executing program 2 (id=92): socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000006000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94) 3.593330242s ago: executing program 2 (id=93): bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRES64=0x0], 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x48) getpgid(0x0) r0 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb) keyctl$search(0xa, r0, 0x0, 0x0, r0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030007e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x90) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]}) close_range(r2, 0xffffffffffffffff, 0x0) 3.49931727s ago: executing program 2 (id=94): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x141) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000600)={0x17}) 3.409171971s ago: executing program 0 (id=95): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f00000001c0)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) shmget(0x1, 0x1000, 0x200, &(0x7f0000fff000/0x1000)=nil) fsmount(0xffffffffffffffff, 0x0, 0xf) getpid() setns(0xffffffffffffffff, 0x24020000) syz_clone(0x120e1100, 0x0, 0x13, 0x0, 0x0, 0x0) 2.690151732s ago: executing program 3 (id=100): sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000540)={0xc9, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) r0 = socket$nl_generic(0x10, 0x3, 0x10) pipe(&(0x7f0000000040)={0xffffffffffffffff}) bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1, 0x6, &(0x7f0000000080)=@framed={{0x18, 0x3}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @generic={0x66}, @exit]}, 0x0}, 0x94) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0xe, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8}, [@map_idx_val={0x18, 0x4}, @printk={@x}, @exit]}, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x3e, &(0x7f0000000340)=""/62, 0x41100, 0x5, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xc, 0x7, 0x43e64c37}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000900)=[0xffffffffffffffff, 0xffffffffffffffff, r2, 0xffffffffffffffff], 0x0, 0x10, 0x2}, 0x94) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r4 = accept4(r3, 0x0, 0x0, 0x800) sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 2.620275624s ago: executing program 3 (id=101): bpf$PROG_LOAD(0x5, 0x0, 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x5, 0x897, 0x200, 0x0, 0xf}) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r3, 0x3) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x3a, &(0x7f0000000280)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local, {[@timestamp_prespec={0x44, 0x4, 0xb3, 0x3, 0x1}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x0, 0x0, 0x1}}}}}}, 0x0) syz_emit_ethernet(0x38, &(0x7f0000000580)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2a, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x4}, {"c516"}}}}}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) 2.520284765s ago: executing program 2 (id=102): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x0, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) r1 = openat$dsp(0xffffffffffffff9c, 0x0, 0xa4101, 0x0) ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000001180)) r2 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') execveat$binfmt(0xffffffffffffff9c, r2, &(0x7f0000000080), &(0x7f00000000c0), 0x0) r3 = openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff) close(r3) execveat$binfmt(0xffffffffffffff9c, r2, &(0x7f0000000100), 0x0, 0x0) r4 = openat$binfmt(0xffffffffffffff9c, r2, 0x2, 0x0) write(r4, &(0x7f0000000180)="0101", 0x2) close(r4) 2.439511023s ago: executing program 0 (id=103): socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8) mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/diskstats\x00', 0x0, 0x0) read$FUSE(r1, &(0x7f0000000200)={0x2020}, 0x2020) mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='devtmpfs\x00', 0x2200892, 0x0) 2.210302778s ago: executing program 3 (id=104): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) fsopen(&(0x7f0000000200)='iso9660\x00', 0x0) read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000) syz_emit_ethernet(0x0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r1) sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x20, r2, 0x6a98047402e98331, 0x70bd21, 0xffa1, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x24000044}, 0x4008800) 1.794717432s ago: executing program 2 (id=105): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000) sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) getpid() mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r1 = inotify_init() inotify_add_watch(r1, &(0x7f00000000c0)='./file0\x00', 0x20000002) umount2(0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x0, 0x0, &(0x7f00000008c0)='syzkaller\x00', 0x2}, 0x94) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r2, 0xffffffffffffffff, 0x0) 1.430200479s ago: executing program 3 (id=106): r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$setperm(0x5, r0, 0x12032) keyctl$read(0xb, r0, 0x0, 0x0) 1.429899018s ago: executing program 3 (id=107): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x2}, 0x94) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount(&(0x7f0000000300)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000012c0)='./file0\x00', &(0x7f0000001300)='gfs2\x00', 0x0, 0x0) 1.329472846s ago: executing program 1 (id=108): r0 = syz_io_uring_setup(0x2b06, 0x0, 0x0, &(0x7f0000ffe000)) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0) sendfile(r1, r1, 0x0, 0x40008) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x8002, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) r4 = socket$alg(0x26, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x2) ioctl$TIOCVHANGUP(r6, 0x5437, 0x2) r7 = accept4(r4, 0x0, 0x0, 0x80800) socket$inet6_sctp(0xa, 0x801, 0x84) recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/81, 0xfff3}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) ioctl$RTC_SET_TIME(r2, 0x4024700a, &(0x7f0000000200)={0x17, 0x20, 0x13, 0x1b, 0xb, 0x46, 0x4, 0xf5, 0x1}) write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000000380)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0xffffffffffffffff, 0xffffffff, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0x90) io_uring_register$IORING_REGISTER_FILES(r0, 0x14, &(0x7f00000003c0), 0x2) syz_usb_connect$cdc_ecm(0x2, 0x0, 0x0, 0x0) 491.72131ms ago: executing program 1 (id=109): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0) write$binfmt_aout(r0, &(0x7f0000000080)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"}) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000180)={0x38000, 0x8, 0x0, 0x2, 0x2, "aa32b73986bbee6bd231334cbfa0b758261a93"}) 409.964791ms ago: executing program 3 (id=110): ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f00000002c0)=0xfffffffe) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty, 0x4000006}, 0x1c) listen(r2, 0x6) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) 239.123849ms ago: executing program 1 (id=111): socket$inet(0x2, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r4, 0x0) setpgid(0x0, r4) bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000440)='./file0/file0\x00'}, 0x18) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0) add_key$fscrypt_v1(0x0, &(0x7f0000000080)={'fscrypt:', @desc2}, 0x0, 0x0, 0xffffffffffffffff) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0x0) write$cgroup_int(r5, &(0x7f0000000040)=0x1c9, 0x12) 149.620034ms ago: executing program 0 (id=112): setsockopt$ALG_SET_AEAD_AUTHSIZE(0xffffffffffffffff, 0x117, 0x5, 0x0, 0x9) r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000226aa140070ad0001310010203010902240001000000000904000002bd22f00009050303000000000009058aff30"], 0x0) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000180)={0xfffffffffffffcd2, 0x0, &(0x7f0000000280)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x28000000000000) 0s ago: executing program 2 (id=113): syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x85}, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) timer_settime(0x0, 0x1, &(0x7f00000000c0)={{}, {0x77359400}}, 0x0) r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_msfilter(r0, 0x0, 0x29, 0x0, 0x1c) syz_emit_ethernet(0x78, &(0x7f0000000580)={@link_local, @local, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x3, 0x1b, 0x6a, 0x65, 0x0, 0xaa, 0x32, 0x0, @dev={0xac, 0x14, 0x14, 0x23}, @loopback}, "b596a643a990272b50d70b9db0f1fc2ec945e98d34f24dd193ca56cdfefa2751d5ef6855b4fbdc080d2c2e664c6dbf7dc5d82d75aab7c59139b1142a147b2c618d4108a3d7cbd38f0eebc29f54ba6e62fa4c402f13d1"}}}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x1) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) semget$private(0x0, 0x1, 0x81) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f00000000c0)={'filter\x00', 0x7, 0x2, 0x3e0, 0x1f8, 0x2f8, 0x1f8, 0x2f8, 0x2f8, 0x2f8, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE2={0x28}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'vxcan1\x00', 'nr0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac, @broadcast}}}, {{@arp={@remote, @multicast2, 0x0, 0x0, 0x0, 0x0, {@mac}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pim6reg\x00', 'vcan0\x00'}, 0xc0, 0x100}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "dcbc4f0fcafe5fd600342efa7968d220b64d039e8a81d171eeb2e9630554"}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x430) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = add_key$user(&(0x7f0000000040), &(0x7f0000000180)={'syz', 0x0}, &(0x7f0000000080)='\x00', 0x1, 0xfffffffffffffffb) pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) ioctl$IOC_WATCH_QUEUE_SET_SIZE(r4, 0x5760, 0x14) keyctl$KEYCTL_WATCH_KEY(0x20, r3, r4, 0x100000000000f7) keyctl$revoke(0x3, r3) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:4233' (ED25519) to the list of known hosts. [ 56.927904][ T5949] cgroup: Unknown subsys name 'net' [ 57.095402][ T5949] cgroup: Unknown subsys name 'cpuset' [ 57.102377][ T5949] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 58.466748][ T5949] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 64.088098][ T5963] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 64.092543][ T5976] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 64.093002][ T5970] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 64.095296][ T5976] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 64.098617][ T5977] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 64.100514][ T5976] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 64.104107][ T5977] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 64.109379][ T5976] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 64.111597][ T5977] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 64.113302][ T5976] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 64.116494][ T5975] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 64.117916][ T5976] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 64.123152][ T5975] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 64.123897][ T5970] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 64.128607][ T5975] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 64.129530][ T5970] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 64.133536][ T5975] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 64.135555][ T5970] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 64.138477][ T5975] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 64.141546][ T5970] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 64.575486][ T5973] chnl_net:caif_netlink_parms(): no params data found [ 64.592571][ T5962] chnl_net:caif_netlink_parms(): no params data found [ 64.602741][ T5960] chnl_net:caif_netlink_parms(): no params data found [ 64.649562][ T5969] chnl_net:caif_netlink_parms(): no params data found [ 64.794519][ T5973] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.797950][ T5973] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.801107][ T5973] bridge_slave_0: entered allmulticast mode [ 64.804571][ T5973] bridge_slave_0: entered promiscuous mode [ 64.853950][ T5962] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.856265][ T5962] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.858794][ T5962] bridge_slave_0: entered allmulticast mode [ 64.862159][ T5962] bridge_slave_0: entered promiscuous mode [ 64.865207][ T5973] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.868358][ T5973] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.872006][ T5973] bridge_slave_1: entered allmulticast mode [ 64.877868][ T5973] bridge_slave_1: entered promiscuous mode [ 64.970605][ T5962] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.973668][ T5962] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.976630][ T5962] bridge_slave_1: entered allmulticast mode [ 64.980102][ T5962] bridge_slave_1: entered promiscuous mode [ 65.042553][ T5969] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.044948][ T5969] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.047331][ T5969] bridge_slave_0: entered allmulticast mode [ 65.050462][ T5969] bridge_slave_0: entered promiscuous mode [ 65.055346][ T5960] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.057814][ T5960] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.060036][ T5960] bridge_slave_0: entered allmulticast mode [ 65.063312][ T5960] bridge_slave_0: entered promiscuous mode [ 65.090797][ T5973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.093942][ T5969] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.097178][ T5969] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.100318][ T5969] bridge_slave_1: entered allmulticast mode [ 65.105223][ T5969] bridge_slave_1: entered promiscuous mode [ 65.109193][ T5960] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.113768][ T5960] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.116900][ T5960] bridge_slave_1: entered allmulticast mode [ 65.120848][ T5960] bridge_slave_1: entered promiscuous mode [ 65.129157][ T5962] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.135235][ T5973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.227751][ T5962] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.307677][ T5960] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.328697][ T5973] team0: Port device team_slave_0 added [ 65.336283][ T5969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.341510][ T5960] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.347128][ T5962] team0: Port device team_slave_0 added [ 65.350553][ T5973] team0: Port device team_slave_1 added [ 65.355202][ T5969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.375930][ T5962] team0: Port device team_slave_1 added [ 65.462390][ T5960] team0: Port device team_slave_0 added [ 65.517308][ T5973] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.520237][ T5973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.530980][ T5973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.538482][ T5969] team0: Port device team_slave_0 added [ 65.542895][ T5960] team0: Port device team_slave_1 added [ 65.572986][ T5973] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.575939][ T5973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.586567][ T5973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.593259][ T5969] team0: Port device team_slave_1 added [ 65.642225][ T5962] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.644586][ T5962] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.653293][ T5962] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.661516][ T5962] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.664299][ T5962] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.672866][ T5962] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.700223][ T5960] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.703513][ T5960] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.714459][ T5960] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.721444][ T5960] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.724374][ T5960] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.735157][ T5960] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.776269][ T5969] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.778796][ T5969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.789390][ T5969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.795396][ T5969] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.798316][ T5969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.808860][ T5969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.927237][ T5962] hsr_slave_0: entered promiscuous mode [ 65.930531][ T5962] hsr_slave_1: entered promiscuous mode [ 65.991893][ T5960] hsr_slave_0: entered promiscuous mode [ 65.995010][ T5960] hsr_slave_1: entered promiscuous mode [ 65.998050][ T5960] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 66.002134][ T5960] Cannot create hsr debugfs directory [ 66.037215][ T5973] hsr_slave_0: entered promiscuous mode [ 66.040478][ T5973] hsr_slave_1: entered promiscuous mode [ 66.043591][ T5973] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 66.046396][ T5973] Cannot create hsr debugfs directory [ 66.132138][ T5975] Bluetooth: hci0: command tx timeout [ 66.161957][ T5969] hsr_slave_0: entered promiscuous mode [ 66.164561][ T5969] hsr_slave_1: entered promiscuous mode [ 66.167303][ T5969] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 66.170440][ T5969] Cannot create hsr debugfs directory [ 66.201493][ T5975] Bluetooth: hci1: command tx timeout [ 66.201531][ T5970] Bluetooth: hci2: command tx timeout [ 66.211440][ T5970] Bluetooth: hci3: command tx timeout [ 66.624279][ T5962] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 66.636996][ T5962] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 66.643314][ T5962] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 66.656652][ T5962] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 66.695499][ T5960] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 66.701710][ T5960] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 66.708314][ T5960] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 66.714761][ T5960] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 66.773397][ T5969] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 66.778870][ T5969] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 66.788340][ T5969] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 66.793592][ T5969] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 66.876425][ T5973] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 66.891228][ T5973] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 66.899313][ T5973] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 66.910472][ T5973] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 66.970526][ T5960] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.983743][ T5962] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.013507][ T5960] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.018518][ T5962] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.038009][ T1139] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.041430][ T1139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.047844][ T1139] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.050920][ T1139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.069208][ T5969] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.079713][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.082942][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.088132][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.091151][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.120896][ T5969] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.153875][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.157369][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.186261][ T5973] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.190219][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.192840][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.239135][ T5973] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.258480][ T5969] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 67.270268][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.273397][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.279019][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.282240][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.310867][ T5973] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 67.315113][ T5973] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 67.359268][ T5960] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.389433][ T5960] veth0_vlan: entered promiscuous mode [ 67.399457][ T5960] veth1_vlan: entered promiscuous mode [ 67.418278][ T5962] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.436553][ T5960] veth0_macvtap: entered promiscuous mode [ 67.455651][ T5960] veth1_macvtap: entered promiscuous mode [ 67.470225][ T5973] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.490015][ T5960] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.496929][ T5969] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.516251][ T5960] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.527159][ T5962] veth0_vlan: entered promiscuous mode [ 67.531159][ T5960] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.535897][ T5960] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.539479][ T5960] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.544906][ T5960] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.581061][ T5962] veth1_vlan: entered promiscuous mode [ 67.614860][ T5973] veth0_vlan: entered promiscuous mode [ 67.639350][ T5969] veth0_vlan: entered promiscuous mode [ 67.643239][ T5973] veth1_vlan: entered promiscuous mode [ 67.657355][ T5969] veth1_vlan: entered promiscuous mode [ 67.657962][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.664252][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.670970][ T5962] veth0_macvtap: entered promiscuous mode [ 67.678370][ T5962] veth1_macvtap: entered promiscuous mode [ 67.704715][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.708615][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.715482][ T5962] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.734612][ T5962] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.739957][ T5962] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.745817][ T5962] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.749481][ T5962] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.753567][ T5962] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.774357][ T5969] veth0_macvtap: entered promiscuous mode [ 67.776345][ T5960] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 67.777466][ T5973] veth0_macvtap: entered promiscuous mode [ 67.787594][ T5973] veth1_macvtap: entered promiscuous mode [ 67.799691][ T5969] veth1_macvtap: entered promiscuous mode [ 67.834627][ T5973] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.845883][ T5973] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.856685][ T5973] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.859739][ T5973] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.863403][ T5973] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.866286][ T5973] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.874066][ T5969] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.894522][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.897719][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.916407][ T5969] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.941981][ T5969] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.945830][ T5969] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.949516][ T5969] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.953982][ T5969] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.969785][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.973424][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.008461][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.015489][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.060526][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.077074][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.106018][ T1139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.109341][ T1139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.139567][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.142708][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.212299][ T5970] Bluetooth: hci0: command tx timeout [ 68.225210][ T6069] Zero length message leads to an empty skb [ 68.239964][ T6072] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 68.281593][ T5970] Bluetooth: hci3: command tx timeout [ 68.283965][ T5970] Bluetooth: hci2: command tx timeout [ 68.291445][ T5970] Bluetooth: hci1: command tx timeout [ 68.711181][ T6076] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6'. [ 68.911448][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 69.145447][ T6086] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6'. [ 69.152902][ T6086] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6'. [ 69.159072][ T6086] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6'. [ 69.262061][ T6079] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 69.265437][ T6079] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 69.328306][ T6079] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 69.478546][ T6093] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9'. [ 69.628066][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 69.857771][ T6079] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 69.864042][ T6079] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 70.042558][ T6079] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 70.046062][ T6079] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 70.048012][ T6079] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 70.054232][ T6079] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 70.068166][ T6079] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 70.070720][ T6079] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 70.092398][ T6079] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 70.299347][ T6108] netlink: 'syz.2.13': attribute type 1 has an invalid length. [ 70.325399][ T6104] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 70.333864][ T6104] process 'syz.0.11' launched './file2' with NULL argv: empty string added [ 70.347990][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 70.370661][ T6108] vlan2: entered allmulticast mode [ 70.373601][ T6108] veth1: entered allmulticast mode [ 70.466581][ T6109] netlink: 'syz.0.11': attribute type 29 has an invalid length. [ 70.469851][ T6112] netlink: 'syz.0.11': attribute type 29 has an invalid length. [ 70.681638][ T29] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 70.861873][ T29] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 70.873391][ T9] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 70.875923][ T29] usb 6-1: config 0 interface 0 has no altsetting 0 [ 70.885841][ T29] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 70.889553][ T29] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 70.892875][ T29] usb 6-1: Product: syz [ 70.894380][ T29] usb 6-1: Manufacturer: syz [ 70.899873][ T29] usb 6-1: SerialNumber: syz [ 70.926168][ T29] usb 6-1: config 0 descriptor?? [ 70.937128][ T29] usb 6-1: selecting invalid altsetting 0 [ 71.031423][ T9] usb 7-1: Using ep0 maxpacket: 16 [ 71.035195][ T9] usb 7-1: config 0 has an invalid interface number: 8 but max is 0 [ 71.041618][ T9] usb 7-1: config 0 has no interface number 0 [ 71.059579][ T9] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 71.079884][ T9] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 71.122216][ T9] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 71.126005][ T9] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 71.129383][ T9] usb 7-1: Product: syz [ 71.131212][ T9] usb 7-1: SerialNumber: syz [ 71.143470][ T9] usb 7-1: config 0 descriptor?? [ 71.157268][ T9] cm109 7-1:0.8: invalid payload size 0, expected 4 [ 71.173333][ T9] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.8/input/input5 [ 71.322393][ T5975] Bluetooth: hci0: command 0x0419 tx timeout [ 71.484957][ C0] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 71.486961][ T6020] usb 7-1: USB disconnect, device number 2 [ 71.488193][ C0] cm109 7-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 71.504057][ T6020] cm109 7-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 71.881834][ T5975] Bluetooth: hci1: command 0x0419 tx timeout [ 72.048358][ T6128] kvm: pic: single mode not supported [ 72.048439][ T6128] kvm: pic: level sensitive irq not supported [ 72.052280][ T6128] kvm: pic: level sensitive irq not supported [ 72.056480][ T6128] kvm: pic: level sensitive irq not supported [ 72.060675][ T6128] kvm: pic: non byte write [ 72.066553][ T6128] kvm: pic: non byte write [ 72.076394][ T6128] kvm: pic: non byte write [ 72.078809][ T6128] kvm: pic: non byte write [ 72.083595][ T6128] kvm: pic: level sensitive irq not supported [ 72.101766][ T6128] kvm: pic: level sensitive irq not supported [ 72.102328][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 72.107100][ T6128] kvm: pic: level sensitive irq not supported [ 72.110365][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 72.111172][ T6128] kvm: pic: level sensitive irq not supported [ 72.113292][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 72.116723][ T6128] kvm: pic: level sensitive irq not supported [ 72.118853][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 72.122710][ T6128] kvm: pic: level sensitive irq not supported [ 72.125625][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 72.134320][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 72.137800][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 72.142410][ T5975] Bluetooth: hci3: command 0x0419 tx timeout [ 72.145053][ T5975] Bluetooth: hci2: command 0x0419 tx timeout [ 72.508501][ T6139] syz.0.21 uses obsolete (PF_INET,SOCK_PACKET) [ 72.591368][ T9] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 72.753473][ T9] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 72.758058][ T9] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 72.763908][ T9] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 72.767676][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.769073][ T40] audit: type=1326 audit(1752927131.393:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6142 comm="syz.0.23" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000 [ 72.779915][ T6137] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 72.788100][ T40] audit: type=1326 audit(1752927131.413:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6142 comm="syz.0.23" exe="/syz-executor" sig=0 arch=40000003 syscall=433 compat=1 ip=0xf7ff3579 code=0x7ffc0000 [ 72.797352][ T9] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 72.797918][ T40] audit: type=1326 audit(1752927131.413:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6142 comm="syz.0.23" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000 [ 72.810161][ T40] audit: type=1326 audit(1752927131.413:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6142 comm="syz.0.23" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000 [ 72.819104][ T40] audit: type=1326 audit(1752927131.413:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6142 comm="syz.0.23" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7ff3579 code=0x7ffc0000 [ 72.827942][ T40] audit: type=1326 audit(1752927131.413:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6142 comm="syz.0.23" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000 [ 72.839880][ T40] audit: type=1326 audit(1752927131.413:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6142 comm="syz.0.23" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000 [ 72.856436][ T40] audit: type=1326 audit(1752927131.423:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6142 comm="syz.0.23" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf7ff3579 code=0x7ffc0000 [ 73.314783][ T9] usb 6-1: USB disconnect, device number 2 [ 73.404631][ T5970] Bluetooth: hci0: command 0x0419 tx timeout [ 73.834859][ T40] audit: type=1326 audit(1752927132.463:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6142 comm="syz.0.23" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000 [ 73.843839][ T40] audit: type=1326 audit(1752927132.463:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6142 comm="syz.0.23" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff3579 code=0x7ffc0000 [ 73.921440][ T6159] netlink: 4 bytes leftover after parsing attributes in process `syz.1.26'. [ 73.925842][ T6159] netlink: 4 bytes leftover after parsing attributes in process `syz.1.26'. [ 73.931012][ T6159] netlink: 4 bytes leftover after parsing attributes in process `syz.1.26'. [ 73.961858][ T5970] Bluetooth: hci1: command 0x0419 tx timeout [ 74.211623][ T5970] Bluetooth: hci2: command 0x0419 tx timeout [ 74.214277][ T5970] Bluetooth: hci3: command 0x0419 tx timeout [ 74.443232][ T6165] netlink: 4 bytes leftover after parsing attributes in process `syz.0.27'. [ 74.570645][ T6167] could not allocate digest TFM handle [ 74.989320][ T6177] input: syz0 as /devices/virtual/input/input6 [ 75.104773][ T9] usb 7-1: USB disconnect, device number 3 [ 75.481444][ T5975] Bluetooth: hci0: command 0x0419 tx timeout [ 75.870832][ T6193] netlink: 'syz.2.33': attribute type 29 has an invalid length. [ 76.001392][ T6003] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 76.041579][ T5975] Bluetooth: hci1: command 0x0419 tx timeout [ 76.144615][ T1419] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.147544][ T1419] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.153861][ T6003] usb 8-1: config 0 has no interfaces? [ 76.162322][ T6003] usb 8-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 76.166229][ T6003] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 76.169731][ T6003] usb 8-1: Product: syz [ 76.171672][ T6003] usb 8-1: Manufacturer: syz [ 76.174062][ T6003] usb 8-1: SerialNumber: syz [ 76.178223][ T6003] usb 8-1: config 0 descriptor?? [ 76.281478][ T5975] Bluetooth: hci3: command 0x0419 tx timeout [ 76.282017][ T5970] Bluetooth: hci2: command 0x0419 tx timeout [ 76.601423][ T53] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 76.765644][ T53] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 76.773805][ T53] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 76.777540][ T53] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 76.785194][ T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 76.802680][ T6206] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 76.826203][ T53] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 76.992308][ T6212] tipc: Started in network mode [ 76.994729][ T6212] tipc: Node identity 7f000001, cluster identity 4711 [ 76.998349][ T6212] tipc: Enabled bearer , priority 10 [ 77.124998][ T6220] binfmt_misc: register: failed to install interpreter file ./file0 [ 77.371360][ T1022] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 77.535732][ T1022] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 77.540049][ T1022] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 77.546577][ T1022] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 77.551976][ T1022] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 77.555153][ T1022] usb 7-1: SerialNumber: syz [ 77.571639][ T5970] Bluetooth: hci0: command 0x0419 tx timeout [ 77.578225][ T1022] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22 [ 77.583293][ T1022] usb-storage 7-1:1.0: USB Mass Storage device detected [ 77.593097][ T1022] usb-storage 7-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 77.598171][ T1022] scsi host6: usb-storage 7-1:1.0 [ 78.121392][ T5970] Bluetooth: hci1: command 0x0419 tx timeout [ 78.122948][ T1019] tipc: Node number set to 2130706433 [ 78.297387][ T6230] mmap: syz.2.38 (6230) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 78.361526][ T5970] Bluetooth: hci2: command 0x0419 tx timeout [ 78.361607][ T5975] Bluetooth: hci3: command 0x0419 tx timeout [ 78.407508][ T29] usb 8-1: USB disconnect, device number 2 [ 78.799431][ T6234] hub 2-0:1.0: USB hub found [ 78.803029][ T6234] hub 2-0:1.0: 2 ports detected [ 79.030402][ T53] usb 5-1: USB disconnect, device number 2 [ 79.511050][ T6245] IPVS: sync thread started: state = BACKUP, mcast_ifn = netdevsim0, syncid = 67108897, id = 0 [ 79.794340][ T6249] netlink: 4 bytes leftover after parsing attributes in process `syz.3.43'. [ 79.799476][ T6249] netem: incorrect ge model size [ 79.802086][ T6249] netem: change failed [ 80.070221][ T1022] usb 7-1: USB disconnect, device number 4 [ 80.155300][ T6251] netlink: 4 bytes leftover after parsing attributes in process `syz.2.44'. [ 80.441676][ T5975] Bluetooth: hci3: command 0x0419 tx timeout [ 80.689632][ T6263] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 80.693140][ T6263] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 80.696244][ T6263] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 80.699008][ T6263] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 80.703652][ T6267] IPVS: ip_vs_add_dest(): server weight less than zero [ 80.711871][ T6265] netlink: 4 bytes leftover after parsing attributes in process `syz.2.44'. [ 80.716206][ T53] IPVS: starting estimator thread 0... [ 80.732272][ T6263] netlink: 4 bytes leftover after parsing attributes in process `syz.2.44'. [ 80.747428][ T6263] netlink: 4 bytes leftover after parsing attributes in process `syz.2.44'. [ 80.770551][ T6271] Option 'å%%*UÄ' to dns_resolver key: bad/missing value [ 80.821630][ T6268] IPVS: using max 46 ests per chain, 110400 per kthread [ 82.681458][ T5975] Bluetooth: hci0: command 0x0419 tx timeout [ 82.761499][ T5975] Bluetooth: hci3: command 0x0419 tx timeout [ 82.764145][ T5975] Bluetooth: hci2: command 0x0419 tx timeout [ 82.766819][ T5975] Bluetooth: hci1: command 0x0419 tx timeout [ 83.071661][ T6020] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 83.236066][ T6020] usb 5-1: config 0 has no interfaces? [ 83.240489][ T6020] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 83.244775][ T6020] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.248288][ T6020] usb 5-1: Product: syz [ 83.250136][ T6020] usb 5-1: Manufacturer: syz [ 83.252569][ T6020] usb 5-1: SerialNumber: syz [ 83.256837][ T6020] usb 5-1: config 0 descriptor?? [ 83.400176][ T6295] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 83.414443][ T6295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.54'. [ 84.002067][ T6311] program syz.3.56 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 84.471377][ T1019] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 84.621499][ T1019] usb 6-1: device descriptor read/64, error -71 [ 84.691516][ T1022] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 84.861434][ T1019] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 84.871705][ T1022] usb 7-1: Using ep0 maxpacket: 32 [ 84.878410][ T1022] usb 7-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb [ 84.882220][ T1022] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 84.886064][ T1022] usb 7-1: Product: syz [ 84.888010][ T1022] usb 7-1: Manufacturer: syz [ 84.889941][ T1022] usb 7-1: SerialNumber: syz [ 84.895156][ T1022] usb 7-1: config 0 descriptor?? [ 84.901059][ T1022] gspca_main: ov534_9-2.14.0 probing 05a9:1550 [ 84.991852][ T1019] usb 6-1: device descriptor read/64, error -71 [ 85.111534][ T1019] usb usb6-port1: attempt power cycle [ 85.459537][ T6053] usb 5-1: USB disconnect, device number 3 [ 85.465623][ T1019] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 85.484944][ T1019] usb 6-1: device descriptor read/8, error -71 [ 85.522960][ T6328] batman_adv: batadv0: Adding interface: ip6gretap1 [ 85.525765][ T6328] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.535938][ T6328] batman_adv: batadv0: Not using interface ip6gretap1 (retrying later): interface not active [ 85.545317][ T6328] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 85.548463][ T6328] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 85.552326][ T6328] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 85.555279][ T6328] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 85.560826][ T6328] batman_adv: batadv0: Removing interface: ip6gretap1 [ 85.721435][ T1019] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 85.742203][ T1019] usb 6-1: device descriptor read/8, error -71 [ 85.851837][ T1019] usb usb6-port1: unable to enumerate USB device [ 86.221456][ T53] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 86.281536][ T1019] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 86.371450][ T53] usb 5-1: Using ep0 maxpacket: 32 [ 86.373856][ T54] cfg80211: failed to load regulatory.db [ 86.377271][ T53] usb 5-1: config 0 has an invalid interface number: 184 but max is 0 [ 86.382321][ T53] usb 5-1: config 0 has no interface number 0 [ 86.384948][ T53] usb 5-1: config 0 interface 184 has no altsetting 0 [ 86.390884][ T53] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee [ 86.396405][ T53] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 86.399943][ T53] usb 5-1: Product: syz [ 86.401824][ T53] usb 5-1: Manufacturer: syz [ 86.403868][ T53] usb 5-1: SerialNumber: syz [ 86.408400][ T53] usb 5-1: config 0 descriptor?? [ 86.413730][ T53] smsc75xx v1.0.0 [ 86.415374][ T53] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22 [ 86.419757][ T53] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -22 [ 86.444377][ T1019] usb 8-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5 [ 86.447298][ T1019] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 86.450225][ T1019] usb 8-1: Product: syz [ 86.451878][ T1019] usb 8-1: Manufacturer: syz [ 86.453620][ T1019] usb 8-1: SerialNumber: syz [ 86.458380][ T1019] usb 8-1: config 0 descriptor?? [ 86.465252][ T1019] gspca_main: sq905c-2.14.0 probing 2770:9052 [ 86.721707][ T1022] gspca_ov534_9: reg_r err -110 [ 86.871079][ T1019] gspca_sq905c: sq905c_read: usb_control_msg failed (-32) [ 86.874005][ T1019] sq905c 8-1:0.0: Reading version command failed [ 86.876508][ T1019] sq905c 8-1:0.0: probe with driver sq905c failed with error -32 [ 87.011334][ T1022] gspca_ov534_9: Unknown sensor 0000 [ 87.011386][ T1022] ov534_9 7-1:0.0: probe with driver ov534_9 failed with error -22 [ 87.422110][ T6003] usb 7-1: USB disconnect, device number 5 [ 87.564022][ T1022] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 87.721471][ T1022] usb 6-1: Using ep0 maxpacket: 8 [ 87.728840][ T1022] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 87.737801][ T1022] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 87.745407][ T1022] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.757702][ T1022] usb 6-1: config 0 descriptor?? [ 88.182981][ T1022] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 88.378693][ T6003] usb 6-1: USB disconnect, device number 7 [ 88.951844][ T6003] usb 5-1: USB disconnect, device number 4 [ 89.085141][ T6053] usb 8-1: USB disconnect, device number 3 [ 89.508170][ T6390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.79'. [ 90.052134][ T6397] netlink: 4 bytes leftover after parsing attributes in process `syz.1.79'. [ 90.065930][ T6397] netlink: 4 bytes leftover after parsing attributes in process `syz.1.79'. [ 90.074248][ T6397] netlink: 4 bytes leftover after parsing attributes in process `syz.1.79'. [ 90.081176][ T6397] netlink: 4 bytes leftover after parsing attributes in process `syz.1.79'. [ 91.118242][ T6409] program syz.0.83 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 91.990512][ T12] Bluetooth: (null): Invalid header checksum [ 92.041446][ T5975] Bluetooth: hci3: command 0x0419 tx timeout [ 92.053137][ T12] Bluetooth: (null): Invalid header checksum [ 92.092383][ T61] Bluetooth: (null): Invalid header checksum [ 92.121459][ T5970] Bluetooth: hci0: command 0x0419 tx timeout [ 92.121812][ T6395] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 92.306030][ T12] Bluetooth: (null): Invalid header checksum [ 92.312167][ T46] Bluetooth: (null): Invalid header checksum [ 92.423548][ T1242] Bluetooth: (null): Invalid header checksum [ 92.499135][ T6395] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 92.502495][ T6395] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 92.506171][ T6395] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 93.786132][ T6462] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.790721][ T6462] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.905414][ T6462] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 93.916824][ T6462] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 93.997846][ T6462] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.003003][ T6462] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.006288][ T6462] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.009839][ T6462] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.201440][ T5975] Bluetooth: hci1: command 0x0419 tx timeout [ 94.531464][ T5975] Bluetooth: hci3: command 0x0419 tx timeout [ 94.534372][ T5975] Bluetooth: hci2: command 0x0419 tx timeout [ 95.207314][ T6485] syz.3.107: attempt to access beyond end of device [ 95.207314][ T6485] nbd3: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 95.214088][ T6485] gfs2: error -5 reading superblock [ 96.421475][ T6469] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 96.568278][ T6501] [ 96.569446][ T6501] ====================================================== [ 96.572626][ T6501] WARNING: possible circular locking dependency detected [ 96.575994][ T6501] 6.16.0-rc6-syzkaller-00237-gc7de79e662b8 #0 Not tainted [ 96.583374][ T6469] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 96.588669][ T6501] ------------------------------------------------------ [ 96.588682][ T6501] syz.1.111/6501 is trying to acquire lock: [ 96.588693][ T6501] ffff88806f1a5940 (&sbi->pipe_mutex){+.+.}-{4:4}, at: autofs_notify_daemon+0x4a6/0xd60 [ 96.593475][ T6469] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 96.595914][ T6501] [ 96.595914][ T6501] but task is already holding lock: [ 96.595924][ T6501] ffff8880244f0488 [ 96.598600][ T6469] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 96.602204][ T6501] (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 96.602255][ T6501] [ 96.602255][ T6501] which lock already depends on the new lock. [ 96.602255][ T6501] [ 96.602262][ T6501] [ 96.602262][ T6501] the existing dependency chain (in reverse order) is: [ 96.602268][ T6501] [ 96.602268][ T6501] -> #2 (&of->mutex){+.+.}-{4:4}: [ 96.602290][ T6501] __mutex_lock+0x199/0xb90 [ 96.609232][ T6469] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 96.610499][ T6501] kernfs_fop_write_iter+0x28f/0x510 [ 96.615592][ T6469] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 96.618239][ T6501] iter_file_splice_write+0x91f/0x1150 [ 96.618273][ T6501] do_splice+0x1478/0x1fc0 [ 96.618294][ T6501] __do_splice+0x32a/0x360 [ 96.623569][ T6469] usb 5-1: Product: syz [ 96.626560][ T6501] __ia32_sys_splice+0x189/0x250 [ 96.629618][ T6469] usb 5-1: Manufacturer: syz [ 96.631519][ T6501] __do_fast_syscall_32+0x7c/0x3a0 [ 96.631543][ T6501] do_fast_syscall_32+0x32/0x80 [ 96.631556][ T6501] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.631572][ T6501] [ 96.631572][ T6501] -> #1 (&pipe->mutex){+.+.}-{4:4}: [ 96.631594][ T6501] __mutex_lock+0x199/0xb90 [ 96.631608][ T6501] anon_pipe_write+0x15d/0x1a70 [ 96.631624][ T6501] __kernel_write_iter+0x720/0xa90 [ 96.631638][ T6501] __kernel_write+0xf5/0x140 [ 96.631651][ T6501] autofs_notify_daemon+0x4db/0xd60 [ 96.631671][ T6501] autofs_wait+0x10ca/0x1a70 [ 96.631687][ T6501] autofs_mount_wait+0x132/0x380 [ 96.631703][ T6501] autofs_d_automount+0x390/0x7f0 [ 96.631720][ T6501] __traverse_mounts+0x195/0x790 [ 96.631745][ T6501] step_into+0x5aa/0x2270 [ 96.631766][ T6501] walk_component+0xfc/0x5b0 [ 96.631787][ T6501] link_path_walk+0x627/0xe20 [ 96.631809][ T6501] path_lookupat+0x15a/0x6d0 [ 96.631831][ T6501] filename_lookup+0x224/0x5f0 [ 96.631843][ T6501] user_path_at+0x3a/0x60 [ 96.631856][ T6501] bpf_obj_get_user+0xae/0x490 [ 96.631877][ T6501] __sys_bpf+0x2845/0x4ea0 [ 96.631890][ T6501] __ia32_sys_bpf+0x76/0xe0 [ 96.631902][ T6501] __do_fast_syscall_32+0x7c/0x3a0 [ 96.631916][ T6501] do_fast_syscall_32+0x32/0x80 [ 96.631931][ T6501] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.631949][ T6501] [ 96.631949][ T6501] -> #0 (&sbi->pipe_mutex){+.+.}-{4:4}: [ 96.631972][ T6501] __lock_acquire+0x126f/0x1c90 [ 96.631993][ T6501] lock_acquire+0x179/0x350 [ 96.632012][ T6501] __mutex_lock+0x199/0xb90 [ 96.632025][ T6501] autofs_notify_daemon+0x4a6/0xd60 [ 96.632042][ T6501] autofs_wait+0x10ca/0x1a70 [ 96.632060][ T6501] autofs_mount_wait+0x132/0x380 [ 96.632076][ T6501] autofs_d_automount+0x390/0x7f0 [ 96.632093][ T6501] __traverse_mounts+0x195/0x790 [ 96.632110][ T6501] step_into+0x5aa/0x2270 [ 96.632130][ T6501] walk_component+0xfc/0x5b0 [ 96.632150][ T6501] path_lookupat+0x142/0x6d0 [ 96.632170][ T6501] filename_lookup+0x224/0x5f0 [ 96.632183][ T6501] kern_path+0x35/0x50 [ 96.632194][ T6501] lookup_bdev+0xd8/0x280 [ 96.632214][ T6501] resume_store+0x1d6/0x460 [ 96.632226][ T6501] kobj_attr_store+0x55/0x80 [ 96.632240][ T6501] sysfs_kf_write+0xf2/0x150 [ 96.632260][ T6501] kernfs_fop_write_iter+0x351/0x510 [ 96.632279][ T6501] vfs_write+0x6c4/0x1150 [ 96.632291][ T6501] ksys_write+0x12a/0x250 [ 96.632304][ T6501] __do_fast_syscall_32+0x7c/0x3a0 [ 96.632319][ T6501] do_fast_syscall_32+0x32/0x80 [ 96.632333][ T6501] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.632350][ T6501] [ 96.632350][ T6501] other info that might help us debug this: [ 96.632350][ T6501] [ 96.632355][ T6501] Chain exists of: [ 96.632355][ T6501] &sbi->pipe_mutex --> &pipe->mutex --> &of->mutex [ 96.632355][ T6501] [ 96.632382][ T6501] Possible unsafe locking scenario: [ 96.632382][ T6501] [ 96.632386][ T6501] CPU0 CPU1 [ 96.632391][ T6501] ---- ---- [ 96.632395][ T6501] lock(&of->mutex); [ 96.632406][ T6501] lock(&pipe->mutex); [ 96.632418][ T6501] lock(&of->mutex); [ 96.639111][ T6469] usb 5-1: SerialNumber: syz [ 96.641363][ T6501] lock(&sbi->pipe_mutex); [ 96.641380][ T6501] [ 96.641380][ T6501] *** DEADLOCK *** [ 96.641380][ T6501] [ 96.641385][ T6501] 4 locks held by syz.1.111/6501: [ 96.641395][ T6501] #0: ffff88802366eef8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 96.641439][ T6501] #1: ffff888023600428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 96.641481][ T6501] #2: ffff8880244f0488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 96.641523][ T6501] #3: ffff888041282f08 (kn->active#69){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 96.641569][ T6501] [ 96.641569][ T6501] stack backtrace: [ 96.641577][ T6501] CPU: 2 UID: 0 PID: 6501 Comm: syz.1.111 Not tainted 6.16.0-rc6-syzkaller-00237-gc7de79e662b8 #0 PREEMPT(full) [ 96.641595][ T6501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.641605][ T6501] Call Trace: [ 96.641611][ T6501] [ 96.641617][ T6501] dump_stack_lvl+0x116/0x1f0 [ 96.641634][ T6501] print_circular_bug+0x275/0x350 [ 96.641656][ T6501] check_noncircular+0x14c/0x170 [ 96.641681][ T6501] __lock_acquire+0x126f/0x1c90 [ 96.641707][ T6501] lock_acquire+0x179/0x350 [ 96.641728][ T6501] ? autofs_notify_daemon+0x4a6/0xd60 [ 96.641759][ T6501] ? __pfx___might_resched+0x10/0x10 [ 96.641777][ T6501] ? irqentry_exit+0x3b/0x90 [ 96.641794][ T6501] __mutex_lock+0x199/0xb90 [ 96.641810][ T6501] ? autofs_notify_daemon+0x4a6/0xd60 [ 96.641832][ T6501] ? autofs_notify_daemon+0x45a/0xd60 [ 96.641852][ T6501] ? autofs_notify_daemon+0x4a6/0xd60 [ 96.641872][ T6501] ? __pfx___mutex_lock+0x10/0x10 [ 96.641888][ T6501] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 96.641906][ T6501] ? from_kgid_munged+0xab/0x130 [ 96.641934][ T6501] ? autofs_notify_daemon+0x4a6/0xd60 [ 96.641954][ T6501] autofs_notify_daemon+0x4a6/0xd60 [ 96.641977][ T6501] ? __pfx_autofs_notify_daemon+0x10/0x10 [ 96.641997][ T6501] ? sysfs_kf_write+0xf2/0x150 [ 96.642018][ T6501] ? kernfs_fop_write_iter+0x351/0x510 [ 96.642036][ T6501] ? vfs_write+0x6c4/0x1150 [ 96.642062][ T6501] ? lockdep_init_map_type+0x5c/0x280 [ 96.642084][ T6501] ? lockdep_init_map_type+0x5c/0x280 [ 96.642110][ T6501] autofs_wait+0x10ca/0x1a70 [ 96.642131][ T6501] ? __pfx_autofs_wait+0x10/0x10 [ 96.642149][ T6501] ? __pfx_path_check_mount+0x10/0x10 [ 96.642168][ T6501] ? find_held_lock+0x2b/0x80 [ 96.642184][ T6501] ? path_has_submounts+0xcb/0x120 [ 96.642204][ T6501] ? do_raw_spin_unlock+0x172/0x230 [ 96.642220][ T6501] ? find_held_lock+0x2b/0x80 [ 96.642237][ T6501] autofs_mount_wait+0x132/0x380 [ 96.642257][ T6501] autofs_d_automount+0x390/0x7f0 [ 96.642279][ T6501] __traverse_mounts+0x195/0x790 [ 96.642302][ T6501] step_into+0x5aa/0x2270 [ 96.642361][ T6501] ? __pfx_step_into+0x10/0x10 [ 96.642383][ T6501] ? __pfx___up_read+0x10/0x10 [ 96.642405][ T6501] ? walk_component+0x35e/0x5b0 [ 96.642426][ T6501] ? lookup_fast+0x156/0x610 [ 96.642449][ T6501] walk_component+0xfc/0x5b0 [ 96.642473][ T6501] path_lookupat+0x142/0x6d0 [ 96.642498][ T6501] filename_lookup+0x224/0x5f0 [ 96.642514][ T6501] ? __pfx_filename_lookup+0x10/0x10 [ 96.642537][ T6501] ? getname_kernel+0x52/0x370 [ 96.642555][ T6501] ? __asan_memcpy+0x3c/0x60 [ 96.642580][ T6501] kern_path+0x35/0x50 [ 96.642592][ T6501] lookup_bdev+0xd8/0x280 [ 96.642612][ T6501] ? __pfx_lookup_bdev+0x10/0x10 [ 96.642631][ T6501] ? __asan_memcpy+0x3c/0x60 [ 96.642653][ T6501] resume_store+0x1d6/0x460 [ 96.642668][ T6501] ? __pfx_resume_store+0x10/0x10 [ 96.642685][ T6501] ? find_held_lock+0x2b/0x80 [ 96.642702][ T6501] ? __pfx_resume_store+0x10/0x10 [ 96.642717][ T6501] kobj_attr_store+0x55/0x80 [ 96.642742][ T6501] ? __pfx_kobj_attr_store+0x10/0x10 [ 96.642757][ T6501] sysfs_kf_write+0xf2/0x150 [ 96.642779][ T6501] kernfs_fop_write_iter+0x351/0x510 [ 96.642798][ T6501] ? __pfx_sysfs_kf_write+0x10/0x10 [ 96.642820][ T6501] vfs_write+0x6c4/0x1150 [ 96.642836][ T6501] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 96.642856][ T6501] ? __pfx_vfs_write+0x10/0x10 [ 96.642869][ T6501] ? find_held_lock+0x2b/0x80 [ 96.642889][ T6501] ksys_write+0x12a/0x250 [ 96.642904][ T6501] ? __pfx_ksys_write+0x10/0x10 [ 96.642921][ T6501] ? rcu_is_watching+0x12/0xc0 [ 96.642941][ T6501] __do_fast_syscall_32+0x7c/0x3a0 [ 96.642957][ T6501] do_fast_syscall_32+0x32/0x80 [ 96.642971][ T6501] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.642988][ T6501] RIP: 0023:0xf703e579 [ 96.643000][ T6501] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 96.643013][ T6501] RSP: 002b:00000000f4fec55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 96.643028][ T6501] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000080000040 [ 96.643037][ T6501] RDX: 0000000000000012 RSI: 0000000000000000 RDI: 0000000000000000 [ 96.643046][ T6501] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 96.643055][ T6501] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 96.643064][ T6501] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 96.643077][ T6501] [ 96.972441][ T6501] block device autoloading is deprecated and will be removed. [ 96.995764][ T6469] usb 5-1: config 0 descriptor?? [ 96.998443][ T6501] PM: Image not found (code -22) [ 97.206646][ T6469] adutux 5-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0 [ 97.408390][ T6469] usb 5-1: USB disconnect, device number 5 VM DIAGNOSIS: 12:12:35 Registers: info registers vcpu 0 CPU#0 RAX=00000002000008fd RBX=ffff88801dee2440 RCX=0000000000000830 RDX=0000000000000002 RSI=00000000000000fd RDI=0000000000000002 RBP=0000000000000008 RSP=ffffc9000045fab8 R8 =0000000000000000 R9 =fffffbfff2152b0a R10=ffffffff90a95857 R11=ffffffff9af77ee8 R12=0000000000000003 R13=1ffff9200008bf58 R14=0000000000000001 R15=ffffc9000045fae0 RIP=ffffffff81693ef8 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809752e000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000008001f000 CR3=000000006f10a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=dffffc0000000000 RBX=ffff888054daf1c0 RCX=ffff888054daf1c8 RDX=1ffff1100a9b5e39 RSI=ffffffff8c155be0 RDI=ffff888054daf1d4 RBP=0000000000000000 RSP=ffffc90007897be0 R8 =0000000000000000 R9 =fffff52000f12f74 R10=0000000000000202 R11=0000000000000000 R12=ffffc90007897d60 R13=0000000000000000 R14=0000000000000001 R15=0000000000000000 RIP=ffffffff84dce687 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88809762e000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000008003a000 CR3=00000000466cf000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000037 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8556b7e5 RDI=ffffffff9b09e500 RBP=ffffffff9b09e4c0 RSP=ffffc9000fbaeaa8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e36312e36 R12=0000000000000000 R13=0000000000000037 R14=ffffffff9b09e4c0 R15=ffffffff8556b780 RIP=ffffffff8556b80f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88809772e000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000004 CR3=0000000070f95000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000061 RCX=ffffffff819b1812 RDX=ffff888023e52440 RSI=0000000000000000 RDI=0000000000000001 RBP=0000000000000001 RSP=ffffc9000e58f340 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000002c00 R12=1ffff92001cb1e6b R13=0000000000000200 R14=ffff88802717c880 R15=ffffc9000e58f410 RIP=ffffffff81bb4f6b RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809782e000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000005751da9c CR3=000000004fcb9000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000024000000000 0000000500000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000