last executing test programs: 5.509281678s ago: executing program 0 (id=1913): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x3e, &(0x7f00000002c0)=r0, 0x161) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc00c5512, 0x0) write(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r4 = dup(r3) r5 = syz_io_uring_setup(0xc0d, &(0x7f00000000c0)={0x0, 0xadbb, 0x8, 0xffffffff, 0x215}, &(0x7f00000003c0)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r4, 0x0, 0x0, 0x0, 0x80000}) io_uring_enter(r5, 0x47f5, 0x0, 0x0, 0x0, 0x0) 5.345202111s ago: executing program 0 (id=1914): connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = socket$nl_rdma(0x10, 0x3, 0x14) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write$sndseq(r3, &(0x7f0000000180)=[{0x5, 0x50, 0xc7, 0xee, @time={0x80000000, 0x145}, {0x9, 0x7}, {0x1, 0x4}, @raw32={[0xffffffff, 0x10, 0x1ff]}}], 0x1c) splice(r0, 0x0, r3, 0x0, 0x2, 0x0) splice(r2, 0x0, r1, 0x0, 0x1c, 0xe) ioctl$sock_qrtr_TIOCINQ(r3, 0x541b, 0x0) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="00010000031401"], 0x100}, 0x1, 0x0, 0x0, 0x4040024}, 0x0) r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) mmap(&(0x7f0000731000/0x2000)=nil, 0x2000, 0x5, 0x12, r4, 0xdc050000) socket$nl_generic(0x10, 0x3, 0x10) 4.813851438s ago: executing program 1 (id=1915): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x8, 0x395, 0x5, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x2, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socket$igmp6(0xa, 0x3, 0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r3 = io_uring_setup(0x332, &(0x7f0000000080)={0x0, 0x21e, 0x10}) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) 4.811741923s ago: executing program 0 (id=1923): openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f00000001c0)) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f00000001c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d05c164a534308", 0x10) r5 = accept4(r4, 0x0, 0x0, 0x0) ioctl$int_in(r5, 0x5452, &(0x7f00000013c0)=0xc7f) recvmmsg(r5, &(0x7f0000004c00)=[{{0x0, 0x0, &(0x7f0000000240)}, 0x2ca998c3}], 0x4000032, 0x40000021, 0x0) 4.728220835s ago: executing program 2 (id=1918): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) socket$nl_generic(0x10, 0x3, 0x10) preadv(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x33, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, 0x0, 0x0) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002100)='/proc/mdstat\x00', 0x0, 0x0) read$FUSE(r2, &(0x7f0000000080)={0x2020}, 0x2020) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) 3.856007752s ago: executing program 2 (id=1920): r0 = socket$inet_smc(0x2b, 0x1, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000400), 0x202) fanotify_init(0x200, 0x40000) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=0x0, &(0x7f0000000280)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) io_uring_enter(r3, 0x47f6, 0x0, 0x4, 0x0, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200408c4, &(0x7f0000000200)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r0, &(0x7f0000001780)='%U', 0x2, 0x24000015, 0x0, 0x0) 2.978865896s ago: executing program 2 (id=1922): socket(0x2b, 0x80801, 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0x3, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x7c}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40010) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket(0x2c, 0x4, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setrlimit(0xc, 0x0) add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0xfffff, 0xffffffffffffffff) 2.977261836s ago: executing program 0 (id=1931): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000010"], 0x10}, 0x8000) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x844}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x4000000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x8400, 0x0) kexec_load(0x0, 0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x7ffdd000, 0x8000}], 0x320000) 2.972078465s ago: executing program 1 (id=1924): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) socket(0x11, 0x800000003, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x41480}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x5}, 0x0) 2.654710305s ago: executing program 3 (id=1926): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, &(0x7f0000000040)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) keyctl$reject(0x13, 0x0, 0x400, 0x8000000000000204, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b0000000800000020000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c3a00000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000080000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.164764948s ago: executing program 3 (id=1927): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket(0x400000000010, 0x3, 0x0) r6 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x2, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}, {0xd, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x220080c8}, 0x20008850) sendmsg$nl_route_sched(r5, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0xffffeffe, {0x0, 0x0, 0x0, r7, {0xf000, 0xffff}, {}, {0x2}}, [@filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x20000800) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 2.144287278s ago: executing program 3 (id=1928): openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, 0x0, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x24000045, 0x0, 0x0) quotactl$Q_SETQUOTA(0xffffffff80000802, 0x0, 0xffffffffffffffff, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000440)={'ip_vti0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x7800, 0x8, 0x400204, 0xfffffffd, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x4000, 0x0, 0x2, 0x4, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010102}}}}) 2.05276097s ago: executing program 2 (id=1929): r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffb]}, 0x8, 0x0) readv(r0, &(0x7f0000000ec0)=[{&(0x7f0000001380)=""/4096, 0x1000}], 0x1) r1 = socket$netlink(0x10, 0x3, 0x4) r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setsig(r2, 0xa, 0x13) fcntl$setlease(r2, 0x400, 0x0) timer_create(0x7, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f0000000280)) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = getpid() fcntl$setownex(r3, 0xf, &(0x7f0000000100)={0x2, r4}) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f00000001c0)=0x0) fcntl$setown(r2, 0x8, r5) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) close_range(r1, 0xffffffffffffffff, 0x0) write(0xffffffffffffffff, 0x0, 0x0) 1.81624928s ago: executing program 0 (id=1930): socket$pppoe(0x18, 0x1, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) write$RDMA_USER_CM_CMD_JOIN_MCAST(0xffffffffffffffff, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0x5452, &(0x7f0000001080)) r2 = socket$inet6(0xa, 0x3, 0x6) write(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e2b, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7ff}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x800008d, 0x0) 1.762040178s ago: executing program 1 (id=1932): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x7c}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) syz_init_net_socket$netrom(0x6, 0x5, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) keyctl$read(0x2, 0x0, &(0x7f00000003c0)=""/4096, 0x1000) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x4) socket$nl_generic(0x10, 0x3, 0x10) chdir(&(0x7f0000000300)='./file0\x00') bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000000c000000bca30000000000002403000020feffff620af8fff8ffffff71a4f8ff000000001f03000000000000e5000200000000002604fdffff02000014010000033800001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48) timer_settime(0x0, 0x0, 0x0, 0x0) 1.603865099s ago: executing program 1 (id=1933): r0 = getpgid(0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x0) semctl$GETALL(0x0, 0x0, 0xd, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000780)={r3, 0x20, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f00000006c0)=""/150, 0x96}}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_qrtr_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000340)) openat$dlm_plock(0xffffff9c, &(0x7f0000000000), 0x101800, 0x0) r4 = syz_io_uring_setup(0xc97, &(0x7f0000000700)={0x0, 0x6015, 0x800, 0xff7fffff, 0x11c}, &(0x7f00000003c0)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x4000, @fd_index=0x3, 0x5, 0x0, 0x0, 0x4}) io_uring_enter(r4, 0x47ba, 0x0, 0x0, 0x0, 0x0) 1.279733991s ago: executing program 3 (id=1934): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000001c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d05c164a534308", 0x10) r2 = accept4(r1, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f0000004c00)=[{{0x0, 0x0, &(0x7f0000000240)}, 0x2ca998c3}], 0x4000032, 0x40000021, 0x0) r3 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0) r4 = openat$vmci(0xffffff9c, 0x0, 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000180)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f00000001c0)={@hyper, 0x2}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x4005e, 0xfffffffffffffffd, 0x7}) 1.193717449s ago: executing program 2 (id=1935): setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000001c0)={@initdev, @dev, 0x0}, &(0x7f0000000280)=0xc) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1, 0xffffffffffffffff, 0x8, '\x00', r3}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r4, 0x0, 0xa002a0}, 0x38) 895.72191ms ago: executing program 0 (id=1936): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1800, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x40305839, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = userfaultfd(0x80001) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) r4 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20) ioctl$UFFDIO_COPY(r3, 0xc028aa05, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000013000/0x4000)=nil, 0x3000, 0x3}) read$FUSE(0xffffffffffffffff, 0x0, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_PRE_FAULT_MEMORY(r5, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000}) close_range(r0, 0xffffffffffffffff, 0x0) 715.291246ms ago: executing program 1 (id=1937): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom0\x00', 0x803, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, 0x0, 0x0) sendmsg$IPSET_CMD_TEST(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x4800) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x20000090) openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) 365.555843ms ago: executing program 3 (id=1938): socket(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x27, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a, 0x0, 0x0}, 0x40) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_tcp(0xa, 0x1, 0x0) signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x5]}, 0x8, 0x800) socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x10, 0xe, &(0x7f0000000b00)=ANY=[@ANYBLOB="b702000000000042bfa30000000000001602000000feffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000260404000100ff0f1704000001130a00b7040000050000006a0af2fe00000000850000005b000000b700000000000000950000000000000063e165cd844a954b26c933db8e175e097efb3f55bb2007ee51050512b5b42128aa090a79507df79f2d8129cf487130d5f24bf901115e17392ac66ad029d1c08a2c6146101e04aeacea799a22a2fa798b5adc436b27d53337e5003e4be7f8000000000000dbc2777df150b70639e25b7496cb8dcdd77b85b94109a314fd0840028f2ed1a4535550614e09d6378198a60978670838337af2abd55a87ac0394b2f82ffab7d153d62058d0a413b2173619ccf55520f22c9cb6712f3024b7041b1df65b3e1b9b31f154e89d485b1f7fc09a30f115646d14ce53d13d0cca00a1efc54fa737c28b994a8512c816fdcceaede3faedc51d29a47ffeffffff00f4c7a53ac271d6d6f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804dc5fa778100000000000000488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a7c2211fe4fd21a18986252a70f8f92eb6f0e8c7db35036865445971ff4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f8d791fa99dac06b57479321a0574fb304bc2a168aa43328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20faf791ec85821d0c48fb657c29b302b0d2277b44af326f36f3e2c25a61ec45c3af97a8f17da954a9b34f79908755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d4100d8bda74d66f47cc180f82c5f573c6d294d1665016ac59de637b30824d822133a7ac7fe13cab6692422a46e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da3239acad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c5f1e24d9f679e4fbe948dfb4cc4a389c69608241730459f0123fd383d5612ff0230dc6eb55e9d46de56ef907b059b905c0289afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5826236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d949a3564cb778f54334354ec2697a03aff14a9aa4bd908a99494a65044dd539f5096412b926b2e095b84000243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c3630eeaebde922320178b00cc6ed7966130b547dbf8b497af0a77fbcf2cd1d0000000000000001c80000000000000000000000091bee53595a779d243ac8cea769b10424d28804c026ab7f4a0281921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee8f8a836804ed3a1079b0282a12043408cd600087dc0dd22b634350761b9867682e11d94fff91af19f2f8df175d60a2892e456f5f4042bd13da2022f23daec61854f640f703db027665006e74f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfac92e6de9200000000a1f6c5572a9ee7f7c8a5098600000000009ec7eee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009d9c209644bb1cb603cd60a9e241435fe82d5a96b09c68c73de2f04f15d0053875732f2258aea65559eb00e76e9d092a2a60ca770663da451080cc36000906d5a9fad98c308e89bd5ffb6151d79c1cee1cdfba05e3633becd937d7a15762e5f5a3a0bc33fdbe28a0800000000000000c92fe7f791e8f6029309508e5bf024ed8f8a005f2bbf96c89739f5d81e750d50515a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd43758624600e78f4458542b14f29611f95d4a2aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6820b6ec96280000320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000000000000000000091e12aacf2ed9ee91cc82777c6a0da37e0219260f2944eb77cb7a20ab7ebcc2fbe2a986be27eacc454147267b05cba055cda2a57efefcb9a8761bc052bbb7f4167245753d31e7c1120a886bdf372ce255ca3c2aa8b0ebe42924db5d6d81e9b1514172e2f3fb1b46a1f7561b65c265b742d792d4f572d860718b5d9e94631657021612f6c974d10769e47575509bfe2d6ffa6cae835b0f492d32d12116c95e0b3b31713c20beae2dd340d7b67c3bed62b682a12363608d736289610fa01000000010000000d6f033f8438b57cedf532ee34e42b4041a682f54dc7b57200762d45724151014b733d497190f9ab3d5bab1f0635025ba9baa3a09b886e08c6bbd6e158f8e1c4ead2dc5bb4e2976a8383d8e415149455dc78439ae1b026ef03dfaa1f197a3b8ee7fcd1e39f5600a5c978584f97df1aed893821775c9b762f5acd2bf9a0eb18215ff90fe336bd75d3e8f704662d4084fa582afdd73d23546ae0abb118bdde3f4d08661e7937b8631e7439bf23618d3f7ab482dde3249f42e660496098f30e38e152ead80d7291b54da4a3b08b8fd7ddaa830ec5933a0a674334b8d4269e425b9fa0255f3ba988cfd9ae6ed8154b633a0f108f3245d3a0212586e6c5762db4076d9ee42836d3000000000033baf08867c22a29335ab8976219d500c855a5642fd6539bac21f429e40740cd4c5ba3cb49da499c1a2c6bfb6b0e2e8d168bcb79f8054de46aeaf1d44c1f0958f24a93b88ac8d146afb94977527721e16dcfe4e014ee5a503cfe6ea2ed7fad0e83056941507016489f38643c128f5f37b453d811b185551bbd08336abed54a0e2419b1a0e53214dd296d152cf82f42472bf1fd52a22efdd111977d3cf6f20e942df77792fda2c99bee3175defd519b4fae37fc1fe86ed99335ef2ed821c64af516ac03585ec43071f5cc6030cf855b7e5d725aa8e9b7bf6d7b27a4e4e2fb2ed2501e5ce4435f8cbc0ad746c1b60d60f23d892939c96f750cd71824142404c26992c49c916b82bbc81c8d93c537c3c38cd58d0b4a64ddf9c55a7506c8cce89ff51c8ad5e63d1e2d1fd945635c130b4ad0dbcead5ec8cb3be6a0a82cef44e31148d94bd7edc9e94a4e295f1743754a5ee9f444a10838"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffff4d}, 0x48) socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000080)=ANY=[@ANYRES64=r1], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r1, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$TIOCL_GETKMSGREDIRECT(r2, 0x541c, &(0x7f0000000000)) 301.801094ms ago: executing program 3 (id=1939): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r3, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 51.117619ms ago: executing program 2 (id=1940): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b85000000ae000000850000000700000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x90) signalfd(0xffffffffffffffff, 0x0, 0x0) read(r1, &(0x7f0000000140)=""/119, 0x77) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r2, 0x0) setpgid(0x0, r2) mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x10000, 0x0) r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) r4 = openat$hpet(0xffffff9c, &(0x7f00000009c0), 0x0, 0x0) preadv(r4, &(0x7f0000000c00)=[{&(0x7f0000000a00)=""/152, 0x98}], 0x1, 0xc096, 0x2) chmod(&(0x7f00000001c0)='./file0\x00', 0x9) ioctl$AUTOFS_IOC_CATATONIC(r3, 0x9362, 0x0) 0s ago: executing program 1 (id=1941): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20080, 0x100f9}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000100)={'batadv0\x00', 0x0}) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680)) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x4, &(0x7f0000000180)) r3 = epoll_create1(0x0) epoll_wait(r3, &(0x7f00000003c0)=[{}], 0x1, 0x0) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)={r0}) r6 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, &(0x7f00000000c0)={'c6xdigio\x00', [0x4f2b, 0x5, 0x3, 0x4, 0x5, 0xcc7, 0xf, 0xb, 0xa, 0x100, 0x2, 0x1, 0xfffffffd, 0x40, 0x6, 0x101, 0x0, 0x1a449, 0x2, 0x40000003, 0x99, 0xcaa7, 0x0, 0x20001e58, 0xa, 0xe69, 0x3f, 0x8, 0x2, 0x0, 0xfffffff8]}) setsockopt$bt_BT_CHANNEL_POLICY(r5, 0x112, 0xa, &(0x7f0000000140)=0xa, 0x4) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc0800034000000010400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d10300002c0000000e0a010200000000000000000a0000000900010073797a31000000000900020073797a31"], 0xd8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x24, r4, 0x209, 0x0, 0x0, {}, [@BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x24}}, 0x0) kernel console output (not intermixed with test programs): tered disabled state [ 96.789229][ T7503] bridge_slave_1: left allmulticast mode [ 96.791056][ T7503] bridge_slave_1: left promiscuous mode [ 96.793475][ T7503] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.797409][ T7503] bond0: (slave bond_slave_0): Releasing backup interface [ 96.801726][ T7503] bond0: (slave bond_slave_1): Releasing backup interface [ 96.811789][ T7503] team0: Port device team_slave_0 removed [ 96.817537][ T7503] team0: Port device team_slave_1 removed [ 96.819726][ T7503] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 96.822091][ T7503] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 96.825393][ T7503] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 96.827885][ T7503] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 97.006803][ T40] audit: type=1326 audit(1755690130.112:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7507 comm="syz.3.460" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f27579 code=0x0 [ 98.739919][ T63] Bluetooth: hci1: SCO packet for unknown connection handle 777 [ 98.958100][ T7550] tipc: Started in network mode [ 98.963742][ T7550] tipc: Node identity 080211000001, cluster identity 4711 [ 98.966693][ T7550] tipc: Enabled bearer , priority 0 [ 99.466481][ T7578] syzkaller0: entered promiscuous mode [ 99.468281][ T7578] syzkaller0: entered allmulticast mode [ 99.590257][ T7584] binder: 7582:7584 ioctl c0306201 80000080 returned -14 [ 99.594269][ T7584] binder: 7582:7584 ioctl c0306201 80000180 returned -11 [ 99.962523][ T5975] tipc: Node number set to 134418688 [ 100.845474][ T7615] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 100.927843][ T40] audit: type=1326 audit(1755690134.032:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7617 comm="syz.0.496" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f76579 code=0x0 [ 101.153960][ T7627] capability: warning: `syz.2.500' uses 32-bit capabilities (legacy support in use) [ 101.211405][ T63] Bluetooth: hci3: unexpected event for opcode 0x1003 [ 101.780558][ T7654] netlink: 24 bytes leftover after parsing attributes in process `syz.1.506'. [ 102.555161][ T7670] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer. [ 103.038222][ T7679] netlink: 4 bytes leftover after parsing attributes in process `syz.0.512'. [ 103.051108][ T7679] netlink: 173 bytes leftover after parsing attributes in process `syz.0.512'. [ 103.056387][ T7679] netlink: 277 bytes leftover after parsing attributes in process `syz.0.512'. [ 103.060219][ T7679] netlink: 277 bytes leftover after parsing attributes in process `syz.0.512'. [ 103.876200][ T7710] kvm: pic: single mode not supported [ 103.886723][ T40] audit: type=1804 audit(1755690136.992:29): pid=7712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.533" name="/newroot/139/bus/file1" dev="overlay" ino=804 res=1 errno=0 [ 104.280168][ T7733] netlink: 20 bytes leftover after parsing attributes in process `syz.2.531'. [ 104.287022][ T7733] vlan3: entered promiscuous mode [ 104.289212][ T7733] bridge0: entered promiscuous mode [ 104.402369][ T842] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 104.563176][ T842] usb 8-1: Using ep0 maxpacket: 16 [ 104.573109][ T842] usb 8-1: config 0 has no interfaces? [ 104.577332][ T842] usb 8-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28 [ 104.581204][ T842] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 104.585704][ T842] usb 8-1: Product: syz [ 104.587515][ T842] usb 8-1: Manufacturer: syz [ 104.591347][ T842] usb 8-1: SerialNumber: syz [ 104.594806][ T842] usb 8-1: config 0 descriptor?? [ 104.697130][ T7740] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 105.252835][ T63] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 105.255522][ T63] Bluetooth: hci3: Injecting HCI hardware error event [ 105.257923][ T63] Bluetooth: hci3: hardware error 0x00 [ 105.325467][ T9] usb 8-1: USB disconnect, device number 4 [ 105.615708][ T7755] netlink: 24 bytes leftover after parsing attributes in process `syz.2.541'. [ 107.332449][ T63] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 107.390440][ T40] audit: type=1326 audit(1755690140.492:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7800 comm="syz.3.556" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x0 [ 107.460666][ T7803] netlink: 'syz.1.557': attribute type 1 has an invalid length. [ 107.471297][ T7803] bond1: entered promiscuous mode [ 107.473147][ T7803] bond1: entered allmulticast mode [ 107.489555][ T7803] bond1: (slave erspan1): making interface the new active one [ 107.492598][ T7803] erspan1: entered promiscuous mode [ 107.494396][ T7803] erspan1: entered allmulticast mode [ 107.497764][ T7803] bond1: (slave erspan1): Enslaving as an active interface with an up link [ 107.507246][ T7803] netlink: 28 bytes leftover after parsing attributes in process `syz.1.557'. [ 107.510497][ T7803] bond1: left promiscuous mode [ 107.512061][ T7803] erspan1: left promiscuous mode [ 107.513859][ T7803] bond1: left allmulticast mode [ 107.515542][ T7803] erspan1: left allmulticast mode [ 107.517878][ T7803] 8021q: adding VLAN 0 to HW filter on device bond1 [ 107.552094][ T7807] syzkaller0: entered promiscuous mode [ 107.554713][ T7807] syzkaller0: entered allmulticast mode [ 107.733427][ T7819] Driver unsupported XDP return value 0 on prog (id 84) dev N/A, expect packet loss! [ 107.813912][ T7824] kvm: pic: single mode not supported [ 107.820977][ T7824] kvm: pic: single mode not supported [ 107.823309][ T7824] kvm: pic: level sensitive irq not supported [ 107.854815][ T7824] kvm: pic: single mode not supported [ 107.857128][ T7824] kvm: pic: level sensitive irq not supported [ 107.860587][ T7824] kvm: pic: single mode not supported [ 107.863342][ T7824] kvm: pic: level sensitive irq not supported [ 107.866711][ T7824] kvm: pic: single mode not supported [ 107.869284][ T7824] kvm: pic: level sensitive irq not supported [ 107.873838][ T7824] kvm: pic: single mode not supported [ 107.876554][ T7824] kvm: pic: level sensitive irq not supported [ 107.880309][ T7824] kvm: pic: single mode not supported [ 107.883217][ T7824] kvm: pic: level sensitive irq not supported [ 107.887386][ T7824] kvm: pic: single mode not supported [ 107.890109][ T7824] kvm: pic: level sensitive irq not supported [ 107.894077][ T7824] kvm: pic: single mode not supported [ 107.896888][ T7824] kvm: pic: level sensitive irq not supported [ 107.900058][ T7824] kvm: pic: level sensitive irq not supported [ 107.903486][ T7824] kvm: pic: level sensitive irq not supported [ 109.102369][ T7844] Process accounting resumed [ 109.435879][ T7873] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 110.284034][ T7888] netlink: 4 bytes leftover after parsing attributes in process `syz.3.588'. [ 110.772337][ T5985] Bluetooth: hci4: command 0xfc11 tx timeout [ 110.775157][ T63] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 110.828657][ T7909] netlink: 12 bytes leftover after parsing attributes in process `syz.2.594'. [ 111.534352][ T7905] comedi comedi2: reset error (fatal) [ 112.156317][ T40] audit: type=1326 audit(1755690145.262:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7944 comm="syz.1.606" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 112.157160][ T7945] netlink: 180 bytes leftover after parsing attributes in process `syz.1.606'. [ 112.164451][ T40] audit: type=1326 audit(1755690145.262:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7944 comm="syz.1.606" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 112.171184][ T7945] netlink: 180 bytes leftover after parsing attributes in process `syz.1.606'. [ 112.173328][ T40] audit: type=1326 audit(1755690145.262:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7944 comm="syz.1.606" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 112.173349][ T40] audit: type=1326 audit(1755690145.262:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7944 comm="syz.1.606" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 112.173365][ T40] audit: type=1326 audit(1755690145.262:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7944 comm="syz.1.606" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 112.173381][ T40] audit: type=1326 audit(1755690145.262:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7944 comm="syz.1.606" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 112.184165][ T40] audit: type=1326 audit(1755690145.262:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7944 comm="syz.1.606" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 112.184199][ T40] audit: type=1326 audit(1755690145.262:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7944 comm="syz.1.606" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 112.184216][ T40] audit: type=1326 audit(1755690145.262:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7944 comm="syz.1.606" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 112.207791][ T7945] netlink: 180 bytes leftover after parsing attributes in process `syz.1.606'. [ 112.209394][ T40] audit: type=1326 audit(1755690145.282:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7944 comm="syz.1.606" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 112.694171][ T7958] netlink: 4 bytes leftover after parsing attributes in process `syz.2.609'. [ 113.655468][ T7984] syz_tun: left allmulticast mode [ 113.657171][ T7984] syz_tun: left promiscuous mode [ 113.659048][ T7984] bridge0: port 1(syz_tun) entered disabled state [ 113.671615][ T7984] bond0: (slave bond_slave_0): Releasing backup interface [ 113.676654][ T7984] bond0: (slave bond_slave_1): Releasing backup interface [ 113.682703][ T7984] team0: Port device team_slave_0 removed [ 113.686310][ T7984] team0: Port device team_slave_1 removed [ 113.688673][ T7984] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 113.691078][ T7984] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 113.695697][ T7984] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 113.698040][ T7984] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 113.829391][ T7984] team0: Mode changed to "broadcast" [ 113.838225][ T7984] vlan0: entered promiscuous mode [ 113.846497][ T7984] team0: Port device vlan0 added [ 113.865849][ T7984] tipc: Started in network mode [ 113.868981][ T7984] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 113.877372][ T7984] tipc: Enabled bearer , priority 0 [ 114.599183][ T8001] netlink: 4 bytes leftover after parsing attributes in process `syz.0.621'. [ 114.882424][ T6094] tipc: Node number set to 11578026 [ 116.583871][ T8045] pic_ioport_write: 6 callbacks suppressed [ 116.583883][ T8045] kvm: pic: single mode not supported [ 116.636500][ T8045] kvm: pic: single mode not supported [ 116.638239][ T8045] pic_ioport_write: 4 callbacks suppressed [ 116.638248][ T8045] kvm: pic: level sensitive irq not supported [ 116.689045][ T8045] kvm: pic: single mode not supported [ 116.692812][ T8045] kvm: pic: level sensitive irq not supported [ 116.695329][ T8045] kvm: pic: single mode not supported [ 116.697325][ T8045] kvm: pic: level sensitive irq not supported [ 116.699318][ T8045] kvm: pic: single mode not supported [ 116.701238][ T8045] kvm: pic: level sensitive irq not supported [ 116.704121][ T8045] kvm: pic: single mode not supported [ 116.706100][ T8045] kvm: pic: level sensitive irq not supported [ 116.708383][ T8045] kvm: pic: single mode not supported [ 116.710326][ T8045] kvm: pic: level sensitive irq not supported [ 116.712924][ T8045] kvm: pic: single mode not supported [ 116.714906][ T8045] kvm: pic: level sensitive irq not supported [ 116.718147][ T8045] kvm: pic: single mode not supported [ 116.720449][ T8045] kvm: pic: level sensitive irq not supported [ 116.724673][ T8045] kvm: pic: single mode not supported [ 116.726723][ T8045] kvm: pic: level sensitive irq not supported [ 116.728992][ T8045] kvm: pic: level sensitive irq not supported [ 116.967906][ T63] Bluetooth: hci2: unexpected event for opcode 0x0401 [ 119.983624][ T8067] netlink: 24 bytes leftover after parsing attributes in process `syz.1.639'. [ 120.023551][ T8067] netlink: 4 bytes leftover after parsing attributes in process `syz.1.639'. [ 120.225740][ T8082] netlink: 'syz.1.643': attribute type 1 has an invalid length. [ 120.308850][ T8084] bond2: (slave veth7): Enslaving as an active interface with a down link [ 120.397561][ T8082] netlink: 28 bytes leftover after parsing attributes in process `syz.1.643'. [ 120.402605][ T8082] 8021q: adding VLAN 0 to HW filter on device bond2 [ 120.768681][ T8093] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 121.022502][ T63] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 121.025270][ T63] Bluetooth: hci2: Injecting HCI hardware error event [ 121.027582][ T63] Bluetooth: hci2: hardware error 0x00 [ 123.092437][ T63] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 123.094492][ T5975] usb 7-1: new low-speed USB device number 6 using dummy_hcd [ 123.257342][ T5975] usb 7-1: unable to get BOS descriptor or descriptor too short [ 123.261133][ T5975] usb 7-1: unable to read config index 0 descriptor/start: -71 [ 123.264027][ T5975] usb 7-1: can't read configurations, error -71 [ 123.833720][ T8134] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 123.836736][ T8134] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 124.105409][ T8142] binder_alloc: 8141: pid 8141 spamming oneway? 1 buffers allocated for a total size of 4096 [ 124.109363][ T8142] binder_alloc: 8141: pid 8141 spamming oneway? 2 buffers allocated for a total size of 5120 [ 124.362376][ T1150] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.365229][ T1150] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.368084][ T1150] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.370852][ T1150] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.816465][ T8159] netlink: 'syz.1.669': attribute type 1 has an invalid length. [ 124.824886][ T8159] 8021q: adding VLAN 0 to HW filter on device bond3 [ 124.847361][ T8159] bond3: (slave veth9): Enslaving as an active interface with a down link [ 124.869484][ T8159] bond3: (slave veth0_to_bond): Enslaving as an active interface with a down link [ 124.879941][ T8159] vlan4: entered allmulticast mode [ 124.881582][ T8159] bond3: entered allmulticast mode [ 124.884839][ T8159] bond3: (slave vlan4): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 125.911181][ T8196] netlink: 'syz.2.681': attribute type 1 has an invalid length. [ 125.926760][ T8196] 8021q: adding VLAN 0 to HW filter on device bond3 [ 125.949782][ T8196] bond3: (slave veth7): Enslaving as an active interface with a down link [ 125.997571][ T8196] bond3: (slave veth0_to_bond): making interface the new active one [ 126.001768][ T8196] veth0_to_bond: entered promiscuous mode [ 126.005279][ T8196] bond3: (slave veth0_to_bond): Enslaving as an active interface with an up link [ 126.043254][ T8196] vlan4: entered allmulticast mode [ 126.044916][ T8196] bond3: entered allmulticast mode [ 126.046674][ T8196] veth0_to_bond: entered allmulticast mode [ 126.049398][ T8196] bond3: (slave vlan4): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 127.067145][ T8215] tipc: Resetting bearer [ 127.115459][ T1154] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.118403][ T1154] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.121303][ T1154] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.124524][ T1154] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.332342][ T9] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 127.483511][ T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 127.486926][ T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 127.489922][ T9] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 127.498066][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.502693][ T9] usb 7-1: config 0 descriptor?? [ 128.103560][ T9] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 128.175788][ T8237] 8021q: adding VLAN 0 to HW filter on device bond4 [ 128.190913][ T8237] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 128.193990][ T8237] bond4: (slave macvlan2): Enslaving as a backup interface with a down link [ 128.689203][ T9] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 128.691811][ T9] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 128.694260][ T9] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 128.698478][ T9] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 128.708227][ T9] cm6533_jd 0003:0D8C:0022.0006: hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0 [ 128.722058][ T9] usb 7-1: USB disconnect, device number 8 [ 128.786693][ T8252] fido_id[8252]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb7/report_descriptor': No such file or directory [ 129.304000][ T8271] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 129.311474][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 129.311485][ T40] audit: type=1800 audit(1755690162.412:55): pid=8271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.704" name="file0" dev="overlay" ino=35913881 res=0 errno=0 [ 129.720466][ T8284] netlink: 16 bytes leftover after parsing attributes in process `syz.1.708'. [ 130.154609][ T6419] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 130.167408][ T8293] syzkaller0: entered promiscuous mode [ 130.169183][ T8293] syzkaller0: entered allmulticast mode [ 130.303513][ T6419] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 130.307043][ T6419] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 130.310121][ T6419] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 130.314476][ T6419] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 130.317367][ T6419] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.320651][ T6419] usb 5-1: config 0 descriptor?? [ 130.751750][ T6419] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 130.754483][ T6419] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 130.757588][ T6419] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 130.760674][ T6419] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 130.763633][ T6419] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 130.767330][ T6419] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 132.262374][ T24] usb 5-1: reset high-speed USB device number 6 using dummy_hcd [ 132.374336][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.376396][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.910492][ T8288] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 132.912621][ T8288] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 132.937103][ T8343] netlink: 'syz.0.726': attribute type 10 has an invalid length. [ 132.940232][ T8343] bond0: (slave wlan1): Opening slave failed [ 133.054111][ T8353] tipc: Enabled bearer , priority 0 [ 133.057536][ T8352] tipc: Resetting bearer [ 133.085036][ T8352] tipc: Disabling bearer [ 133.102559][ T63] Bluetooth: hci0: command 0x040f tx timeout [ 133.130446][ T8359] mac80211_hwsim hwsim9 syzkaller0: entered promiscuous mode [ 133.133346][ T8359] mac80211_hwsim hwsim9 syzkaller0: entered allmulticast mode [ 133.155057][ T8362] netlink: 'syz.1.733': attribute type 4 has an invalid length. [ 133.162926][ T8362] netlink: 'syz.1.733': attribute type 4 has an invalid length. [ 133.693020][ T6419] usb 5-1: USB disconnect, device number 6 [ 134.107407][ T8382] binder_alloc: 8381: pid 8381 spamming oneway? 1 buffers allocated for a total size of 4096 [ 134.236132][ T8390] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 134.236525][ T40] audit: type=1326 audit(1755690167.342:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8383 comm="syz.1.740" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x0 [ 134.240761][ T8390] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8) [ 134.248534][ T8390] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 134.252064][ T8390] vhci_hcd vhci_hcd.0: Device attached [ 134.522326][ T6419] usb 37-1: new high-speed USB device number 2 using vhci_hcd [ 134.527591][ T8391] vhci_hcd: connection reset by peer [ 134.529569][ T1154] vhci_hcd: stop threads [ 134.531032][ T1154] vhci_hcd: release socket [ 134.532922][ T1154] vhci_hcd: disconnect device [ 134.932367][ T63] Bluetooth: hci1: command 0x0c1a tx timeout [ 135.052019][ T8395] netlink: 'syz.0.743': attribute type 4 has an invalid length. [ 135.056918][ T8395] netlink: 'syz.0.743': attribute type 4 has an invalid length. [ 135.092707][ T8399] netlink: 12 bytes leftover after parsing attributes in process `syz.0.745'. [ 136.302306][ T24] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 136.472905][ T24] usb 7-1: Using ep0 maxpacket: 16 [ 136.475976][ T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 136.479385][ T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 136.483101][ T24] usb 7-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 136.486472][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.489720][ T24] usb 7-1: config 0 descriptor?? [ 136.754196][ T24] usbhid 7-1:0.0: can't add hid device: -71 [ 136.762365][ T24] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 136.765426][ T24] usb 7-1: USB disconnect, device number 9 [ 136.810395][ T8437] netlink: 36 bytes leftover after parsing attributes in process `syz.0.764'. [ 136.813860][ T8437] netlink: 16 bytes leftover after parsing attributes in process `syz.0.764'. [ 136.816871][ T8437] netlink: 36 bytes leftover after parsing attributes in process `syz.0.764'. [ 136.819731][ T8437] netlink: 36 bytes leftover after parsing attributes in process `syz.0.764'. [ 137.095580][ T1154] veth0_to_bond: left promiscuous mode [ 139.128867][ T8469] netlink: 4 bytes leftover after parsing attributes in process `syz.1.767'. [ 139.133630][ T8469] netlink: 4 bytes leftover after parsing attributes in process `syz.1.767'. [ 139.138261][ T8469] netlink: 4 bytes leftover after parsing attributes in process `syz.1.767'. [ 139.142907][ T8469] netlink: 4 bytes leftover after parsing attributes in process `syz.1.767'. [ 139.227237][ T8480] netlink: 4 bytes leftover after parsing attributes in process `syz.2.771'. [ 139.231465][ T8480] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 139.240602][ T8480] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 139.642328][ T6419] vhci_hcd: vhci_device speed not set [ 141.162416][ T6055] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 141.312313][ T6055] usb 5-1: Using ep0 maxpacket: 16 [ 141.322498][ T6055] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 141.342608][ T6055] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 141.354152][ T6055] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.357754][ T6055] usb 5-1: Product: syz [ 141.359071][ T6055] usb 5-1: Manufacturer: syz [ 141.360578][ T6055] usb 5-1: SerialNumber: syz [ 141.365933][ T6055] usb 5-1: config 0 descriptor?? [ 141.373406][ T6055] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 141.376481][ T6055] em28xx 5-1:0.0: DVB interface 0 found: bulk [ 141.997170][ T6055] em28xx 5-1:0.0: unknown em28xx chip ID (0) [ 142.408841][ T6055] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 142.411420][ T6055] em28xx 5-1:0.0: board has no eeprom [ 142.482718][ T6055] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 142.492152][ T6055] em28xx 5-1:0.0: dvb set to bulk mode. [ 142.494773][ T840] em28xx 5-1:0.0: Binding DVB extension [ 142.510992][ T6055] usb 5-1: USB disconnect, device number 7 [ 142.513582][ T840] em28xx 5-1:0.0: Registering input extension [ 142.517317][ T6055] em28xx 5-1:0.0: Disconnecting em28xx [ 142.520464][ T6055] em28xx 5-1:0.0: Closing input extension [ 142.528442][ T6561] udevd[6561]: setting mode of /dev/media28 to 020660 failed: No such file or directory [ 142.529930][ T6055] em28xx 5-1:0.0: Freeing device [ 142.542830][ T6561] udevd[6561]: setting owner of /dev/media28 to uid=0, gid=28 failed: No such file or directory [ 142.929833][ T8626] sch_tbf: burst 1023 is lower than device lo mtu (11337746) ! [ 143.173699][ T8633] netlink: 16 bytes leftover after parsing attributes in process `syz.3.798'. [ 143.290854][ T8637] tipc: Enabling of bearer rejected, already enabled [ 144.622419][ T8672] netlink: 12 bytes leftover after parsing attributes in process `syz.2.809'. [ 144.948935][ T9] libceph: connect (1)[c::]:6789 error -101 [ 144.951660][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 145.036730][ T6094] hid_parser_main: 10 callbacks suppressed [ 145.036748][ T6094] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 145.043704][ T6094] hid-generic 0000:0000:0000.0008: hidraw1: HID v0.00 Device [syz1] on syz0 [ 145.049451][ T8677] ceph: No mds server is up or the cluster is laggy [ 145.290202][ T8696] netlink: 36 bytes leftover after parsing attributes in process `syz.3.816'. [ 145.293176][ T8696] netlink: 16 bytes leftover after parsing attributes in process `syz.3.816'. [ 145.296107][ T8696] netlink: 36 bytes leftover after parsing attributes in process `syz.3.816'. [ 145.298932][ T8696] netlink: 36 bytes leftover after parsing attributes in process `syz.3.816'. [ 145.962728][ T9] libceph: connect (1)[c::]:6789 error -101 [ 145.965065][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 146.063308][ T8712] ceph: No mds server is up or the cluster is laggy [ 147.067652][ T40] audit: type=1326 audit(1755690180.172:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8734 comm="syz.1.828" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7fc00000 [ 147.332195][ T8742] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 147.736560][ T8752] syz_tun: entered allmulticast mode [ 147.739366][ T40] audit: type=1326 audit(1755690180.842:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8734 comm="syz.1.828" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf708e579 code=0x7fc00000 [ 147.741233][ T8752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.833'. [ 147.758764][ T40] audit: type=1326 audit(1755690180.842:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8734 comm="syz.1.828" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7fc00000 [ 147.776753][ T8752] syz_tun (unregistering): left allmulticast mode [ 148.004984][ T8765] lo speed is unknown, defaulting to 1000 [ 148.007050][ T8765] lo speed is unknown, defaulting to 1000 [ 148.009637][ T8765] lo speed is unknown, defaulting to 1000 [ 148.012987][ T8765] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 148.019040][ T8765] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 148.031229][ T8765] lo speed is unknown, defaulting to 1000 [ 148.036512][ T8765] lo speed is unknown, defaulting to 1000 [ 148.039242][ T8765] lo speed is unknown, defaulting to 1000 [ 148.042195][ T8765] lo speed is unknown, defaulting to 1000 [ 148.982342][ T840] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 149.154370][ T840] usb 6-1: config 0 has an invalid interface number: 20 but max is 0 [ 149.157898][ T840] usb 6-1: config 0 has no interface number 0 [ 149.161948][ T840] usb 6-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 149.165227][ T840] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 149.168209][ T840] usb 6-1: Product: syz [ 149.169717][ T840] usb 6-1: Manufacturer: syz [ 149.171330][ T840] usb 6-1: SerialNumber: syz [ 149.174465][ T840] usb 6-1: config 0 descriptor?? [ 149.177893][ T840] usb-storage 6-1:0.20: USB Mass Storage device detected [ 149.183183][ T840] usb-storage 6-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 149.196301][ T24] libceph: connect (1)[c::]:6789 error -101 [ 149.198489][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 149.263556][ T8808] netlink: 4 bytes leftover after parsing attributes in process `syz.2.849'. [ 149.290745][ T8810] netlink: 8 bytes leftover after parsing attributes in process `syz.2.850'. [ 149.295306][ T8810] netlink: 14 bytes leftover after parsing attributes in process `syz.2.850'. [ 149.296961][ T8799] ceph: No mds server is up or the cluster is laggy [ 149.304339][ T8810] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 149.308863][ T8810] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 149.313314][ T8810] bond0 (unregistering): Released all slaves [ 149.383932][ T8598] bond3: (slave veth0_to_bond): link status definitely down, disabling slave [ 149.387251][ T8598] veth0_to_bond: left allmulticast mode [ 149.387345][ T840] usb 6-1: USB disconnect, device number 5 [ 149.392399][ T8598] bond3: now running without any active interface! [ 150.767440][ T8831] syz.1.855 (8831) used greatest stack depth: 20144 bytes left [ 151.074378][ T8845] macsec1: entered promiscuous mode [ 151.076250][ T8845] macsec1: entered allmulticast mode [ 151.374558][ T8852] ceph: No mds server is up or the cluster is laggy [ 151.377827][ T5975] libceph: connect (1)[c::]:6789 error -101 [ 151.380492][ T5975] libceph: mon0 (1)[c::]:6789 connect error [ 151.507492][ T840] IPVS: starting estimator thread 0... [ 151.599730][ T8860] IPVS: using max 57 ests per chain, 136800 per kthread [ 151.666316][ T24] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 151.681843][ T24] hid-generic 0000:0000:0000.0009: hidraw1: HID v0.00 Device [syz1] on syz0 [ 152.119007][ T8871] fido_id[8871]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 152.123884][ T8876] netlink: 36 bytes leftover after parsing attributes in process `syz.2.866'. [ 152.127610][ T8876] netlink: 16 bytes leftover after parsing attributes in process `syz.2.866'. [ 152.130798][ T8876] netlink: 36 bytes leftover after parsing attributes in process `syz.2.866'. [ 152.138028][ T8876] netlink: 36 bytes leftover after parsing attributes in process `syz.2.866'. [ 152.172926][ T8878] lo speed is unknown, defaulting to 1000 [ 152.175488][ T8878] lo speed is unknown, defaulting to 1000 [ 152.178399][ T8878] lo speed is unknown, defaulting to 1000 [ 152.205233][ T8878] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 152.277321][ T8878] lo speed is unknown, defaulting to 1000 [ 152.283668][ T8878] lo speed is unknown, defaulting to 1000 [ 152.288805][ T8878] lo speed is unknown, defaulting to 1000 [ 152.295198][ T8878] lo speed is unknown, defaulting to 1000 [ 152.296629][ T8884] netlink: 16 bytes leftover after parsing attributes in process `syz.2.871'. [ 152.303052][ T8594] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 152.305968][ T8594] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 152.333014][ T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 152.472820][ T6094] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0 [ 152.475746][ T6094] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0 [ 152.478188][ T6094] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0 [ 152.480608][ T6094] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0 [ 152.483467][ T6094] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0 [ 152.485914][ T6094] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0 [ 152.488300][ T6094] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0 [ 152.490682][ T6094] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0 [ 152.493346][ T6094] hid-generic 0006:0004:0009.000A: unknown main item tag 0x0 [ 152.499734][ T6094] hid-generic 0006:0004:0009.000A: hidraw1: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 152.516433][ T8894] fido_id[8894]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 152.972402][ T24] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 153.130634][ T24] usb 7-1: config 0 has no interfaces? [ 153.135405][ T24] usb 7-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 153.138383][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.144589][ T24] usb 7-1: config 0 descriptor?? [ 153.172535][ T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 153.336766][ T24] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 153.370380][ T840] usb 7-1: USB disconnect, device number 10 [ 153.396347][ T8912] netlink: 36 bytes leftover after parsing attributes in process `syz.1.879'. [ 153.399805][ T8912] netlink: 16 bytes leftover after parsing attributes in process `syz.1.879'. [ 153.403805][ T8914] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 153.436641][ T8916] siw: device registration error -23 [ 153.472591][ T8914] team0: Device vlan0 failed to change mtu [ 153.709938][ T8934] xfrm0: entered promiscuous mode [ 153.713717][ T8934] xfrm0: entered allmulticast mode [ 154.763635][ T8954] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 154.840042][ T8956] netlink: 'syz.1.893': attribute type 16 has an invalid length. [ 154.843836][ T8956] netlink: 'syz.1.893': attribute type 17 has an invalid length. [ 154.852126][ T8956] 8021q: adding VLAN 0 to HW filter on device team0 [ 154.857299][ T8956] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 156.318083][ T8994] netlink: 'syz.2.905': attribute type 4 has an invalid length. [ 156.326766][ T8994] netlink: 'syz.2.905': attribute type 4 has an invalid length. [ 156.422496][ T9000] __nla_validate_parse: 2 callbacks suppressed [ 156.422512][ T9000] netlink: 24 bytes leftover after parsing attributes in process `syz.2.915'. [ 156.461112][ T9002] nbd: must specify a device to reconfigure [ 156.612421][ C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 158.291398][ T9020] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 158.301575][ T9020] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 158.739784][ T9029] ceph: No mds server is up or the cluster is laggy [ 159.403424][ T6419] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 159.483155][ T40] audit: type=1326 audit(1755690192.572:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9034 comm="syz.2.920" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7fc00000 [ 159.766088][ T9067] netlink: 44 bytes leftover after parsing attributes in process `syz.3.928'. [ 159.769879][ T9065] netlink: 44 bytes leftover after parsing attributes in process `syz.3.928'. [ 160.302330][ T5985] Bluetooth: hci0: command 0x040f tx timeout [ 160.372433][ T5985] Bluetooth: hci1: command 0x0c1a tx timeout [ 160.614585][ T9083] netlink: 24 bytes leftover after parsing attributes in process `syz.0.933'. [ 160.709964][ T9087] netlink: 4 bytes leftover after parsing attributes in process `syz.3.935'. [ 160.714451][ T9087] netlink: 12 bytes leftover after parsing attributes in process `syz.3.935'. [ 160.728222][ T9087] netlink: 4 bytes leftover after parsing attributes in process `syz.3.935'. [ 162.727125][ T40] audit: type=1800 audit(1755690195.832:61): pid=9114 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.944" name="/" dev="9p" ino=14355223812286978 res=0 errno=0 [ 162.878859][ T9121] binder_alloc: 9119: binder_alloc_buf, no vma [ 163.563859][ T40] audit: type=1326 audit(1755690196.672:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9164 comm="syz.3.953" exe="/syz-executor" sig=31 arch=40000003 syscall=20 compat=1 ip=0xf7f27579 code=0x0 [ 164.131167][ T9192] netlink: 12 bytes leftover after parsing attributes in process `syz.0.957'. [ 164.673200][ T9225] netlink: 'syz.2.968': attribute type 10 has an invalid length. [ 165.230777][ T9232] netlink: 4 bytes leftover after parsing attributes in process `syz.0.971'. [ 165.235343][ T9232] netlink: 4 bytes leftover after parsing attributes in process `syz.0.971'. [ 165.239406][ T9232] netlink: 4 bytes leftover after parsing attributes in process `syz.0.971'. [ 165.374828][ T9241] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 165.377887][ T9241] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 165.387945][ T9241] vhci_hcd vhci_hcd.0: Device attached [ 165.435876][ T5985] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 165.445273][ T9243] vhci_hcd: connection closed [ 165.445456][ T8568] vhci_hcd: stop threads [ 165.450295][ T8568] vhci_hcd: release socket [ 165.454069][ T8568] vhci_hcd: disconnect device [ 165.652375][ C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 166.712858][ T9269] netlink: 24 bytes leftover after parsing attributes in process `syz.3.984'. [ 166.737880][ T9269] sch_tbf: burst 88 is lower than device veth3 mtu (1514) ! [ 166.785728][ T9274] netlink: 12 bytes leftover after parsing attributes in process `syz.3.985'. [ 166.879789][ T9276] netlink: 'syz.3.986': attribute type 12 has an invalid length. [ 167.652722][ T9290] netlink: 12 bytes leftover after parsing attributes in process `syz.1.999'. [ 167.664570][ T9290] netlink: 4 bytes leftover after parsing attributes in process `syz.1.999'. [ 167.817276][ T9298] netlink: 12 bytes leftover after parsing attributes in process `syz.1.994'. [ 167.828379][ T9298] netlink: 8 bytes leftover after parsing attributes in process `syz.1.994'. [ 167.891451][ T9300] vxcan1: entered allmulticast mode [ 169.531348][ T9337] binder: 9336:9337 ioctl c0306201 80000680 returned -14 [ 170.333724][ T9346] bond1: entered allmulticast mode [ 170.335953][ T9346] 8021q: adding VLAN 0 to HW filter on device bond1 [ 170.518469][ T9372] netlink: 'syz.1.1022': attribute type 10 has an invalid length. [ 170.527196][ T9372] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 170.584835][ T9372] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 170.602759][ T8582] bond4: (slave macvlan2): failed to get link speed/duplex [ 170.664019][ T9375] __nla_validate_parse: 2 callbacks suppressed [ 170.664030][ T9375] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1023'. [ 170.722384][ T8582] bond4: (slave macvlan2): failed to get link speed/duplex [ 170.832347][ T8582] bond4: (slave macvlan2): failed to get link speed/duplex [ 170.942479][ T8575] bond4: (slave macvlan2): failed to get link speed/duplex [ 171.052367][ T8575] bond4: (slave macvlan2): failed to get link speed/duplex [ 171.162422][ T8575] bond4: (slave macvlan2): failed to get link speed/duplex [ 171.272418][ T8587] bond4: (slave macvlan2): failed to get link speed/duplex [ 171.383390][ T8575] bond4: (slave macvlan2): failed to get link speed/duplex [ 171.492657][ T8587] bond4: (slave macvlan2): failed to get link speed/duplex [ 171.680050][ T40] audit: type=1804 audit(1755690204.782:63): pid=9400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1032" name="/newroot/298/file1" dev="fuse" ino=1 res=1 errno=0 [ 171.687647][ T40] audit: type=1800 audit(1755690204.782:64): pid=9400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1032" name="/" dev="fuse" ino=1 res=0 errno=0 [ 172.859245][ T9423] binder: 9422:9423 ioctl c0306201 800003c0 returned -14 [ 172.914651][ T9423] syz.2.1039 (9423): drop_caches: 2 [ 173.281671][ T9428] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1041'. [ 173.323793][ T9432] netlink: 'syz.3.1043': attribute type 10 has an invalid length. [ 173.327524][ T9432] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 173.741345][ T9448] bond4: option mode: unable to set because the bond device has slaves [ 173.751106][ T9448] bond4: (slave macvlan3): Error -98 calling set_mac_address [ 174.110267][ T9461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1053'. [ 174.221148][ T9463] netlink: 220 bytes leftover after parsing attributes in process `syz.1.1054'. [ 175.382078][ T9494] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 175.384931][ T9494] overlayfs: failed to set xattr on upper [ 175.387119][ T9494] overlayfs: ...falling back to redirect_dir=nofollow. [ 175.389422][ T9494] overlayfs: ...falling back to index=off. [ 175.391338][ T9494] overlayfs: ...falling back to uuid=null. [ 175.459030][ T40] audit: type=1326 audit(1755690208.562:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9497 comm="syz.3.1066" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f27579 code=0x0 [ 175.662374][ T8587] net_ratelimit: 36 callbacks suppressed [ 175.662387][ T8587] bond4: (slave macvlan2): failed to get link speed/duplex [ 175.772663][ T8560] bond4: (slave macvlan2): failed to get link speed/duplex [ 175.882379][ T8600] bond4: (slave macvlan2): failed to get link speed/duplex [ 175.992402][ T46] bond4: (slave macvlan2): failed to get link speed/duplex [ 176.102379][ T8575] bond4: (slave macvlan2): failed to get link speed/duplex [ 176.158155][ T9506] 8021q: adding VLAN 0 to HW filter on device bond1 [ 176.172897][ T9506] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 176.175816][ T9506] bond1: (slave macvlan2): Enslaving as a backup interface with a down link [ 176.183394][ T9512] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1070'. [ 176.212658][ T46] bond4: (slave macvlan2): failed to get link speed/duplex [ 176.266505][ T9518] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1073'. [ 176.270948][ T9518] dummy0: entered promiscuous mode [ 176.274385][ T9518] dummy0: left promiscuous mode [ 176.322684][ T8575] bond4: (slave macvlan2): failed to get link speed/duplex [ 176.400171][ T9523] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 176.412652][ T5975] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 176.442373][ T8587] bond4: (slave macvlan2): failed to get link speed/duplex [ 176.562303][ T5975] usb 6-1: Using ep0 maxpacket: 32 [ 176.567052][ T5975] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 176.569900][ T5975] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 176.576913][ T5975] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 176.588041][ T5975] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 176.595371][ T8600] bond4: (slave macvlan2): failed to get link speed/duplex [ 176.601449][ T5975] usb 6-1: config 0 interface 0 has no altsetting 0 [ 176.611125][ T5975] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 176.616444][ T5975] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 176.627566][ T5975] usb 6-1: Product: syz [ 176.631512][ T5975] usb 6-1: Manufacturer: syz [ 176.636958][ T5975] usb 6-1: SerialNumber: syz [ 176.644025][ T5975] usb 6-1: config 0 descriptor?? [ 176.651993][ T5975] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 176.682351][ T5975] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 176.702970][ T8587] bond4: (slave macvlan2): failed to get link speed/duplex [ 176.986766][ T6055] usb 6-1: USB disconnect, device number 6 [ 176.987113][ C3] ldusb 6-1:0.0: usb_submit_urb failed (-19) [ 176.991511][ T9510] ldusb 6-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71 [ 176.996080][ T6055] ldusb 6-1:0.0: LD USB Device #0 now disconnected [ 177.899531][ T9572] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1084'. [ 177.927407][ T9574] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 177.966467][ T9576] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 178.021422][ T9576] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 178.813110][ T9604] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 178.817954][ T9605] netlink: 'syz.1.1094': attribute type 10 has an invalid length. [ 178.821080][ T9605] bond0: (slave wlan1): Opening slave failed [ 178.849178][ T9607] trusted_key: syz.3.1096 sent an empty control message without MSG_MORE. [ 178.854665][ T9606] ALSA: mixer_oss: invalid OSS volume 'PHONEIÎ' [ 178.856594][ T9606] ALSA: mixer_oss: invalid OSS volume '¢¢ð½ñL²Îýþ‰XTp0þ¥œý¦' [ 178.885688][ T9611] bridge: RTM_NEWNEIGH with invalid ether address [ 179.262357][ T6055] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 179.422403][ T6055] usb 6-1: Using ep0 maxpacket: 8 [ 179.426611][ T6055] usb 6-1: config 0 interface 0 has no altsetting 0 [ 179.432472][ T6055] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 179.435772][ T6055] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.440604][ T6055] usb 6-1: config 0 descriptor?? [ 179.488172][ T9632] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 180.225727][ T6055] mcp2221 0003:04D8:00DD.000B: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 180.473901][ T6055] lo speed is unknown, defaulting to 1000 [ 180.477365][ T6055] syz2: Port: 1 Link DOWN [ 180.762330][ T6419] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 180.762462][ T8600] net_ratelimit: 35 callbacks suppressed [ 180.762474][ T8600] bond4: (slave macvlan2): failed to get link speed/duplex [ 180.872799][ T8600] bond4: (slave macvlan2): failed to get link speed/duplex [ 180.922305][ T6419] usb 8-1: Using ep0 maxpacket: 32 [ 180.930582][ T6419] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 180.934801][ T6419] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 180.938249][ T6419] usb 8-1: New USB device found, idVendor=17ef, idProduct=6062, bcdDevice= 0.00 [ 180.941569][ T6419] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 180.945628][ T6419] usb 8-1: config 0 descriptor?? [ 180.982576][ T8568] bond4: (slave macvlan2): failed to get link speed/duplex [ 181.092748][ T46] bond4: (slave macvlan2): failed to get link speed/duplex [ 181.202636][ T8600] bond4: (slave macvlan2): failed to get link speed/duplex [ 181.312511][ T8587] bond4: (slave macvlan2): failed to get link speed/duplex [ 181.432521][ T8587] bond4: (slave macvlan2): failed to get link speed/duplex [ 181.513225][ T9671] 9pnet: p9_errstr2errno: server reported unknown error 184467440737095 [ 181.542460][ T46] bond4: (slave macvlan2): failed to get link speed/duplex [ 181.652447][ T8587] bond4: (slave macvlan2): failed to get link speed/duplex [ 181.762371][ T8568] bond4: (slave macvlan2): failed to get link speed/duplex [ 181.893490][ T6419] usbhid 8-1:0.0: can't add hid device: -71 [ 181.895750][ T6419] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 181.905148][ T6419] usb 8-1: USB disconnect, device number 5 [ 181.987051][ T9689] MPI: mpi too large (124808 bits) [ 181.989438][ T34] usb 6-1: USB disconnect, device number 7 [ 182.136655][ T9698] siw: device registration error -23 [ 182.155932][ T9700] netlink: 'syz.1.1125': attribute type 1 has an invalid length. [ 182.163984][ T9700] 8021q: adding VLAN 0 to HW filter on device bond5 [ 182.175095][ T9700] 8021q: adding VLAN 0 to HW filter on device bond5 [ 182.177990][ T9700] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address [ 182.181676][ T9700] bond5: (slave vxcan3): Error -95 calling set_mac_address [ 182.226014][ T9702] bond6: entered promiscuous mode [ 182.228543][ T9702] 8021q: adding VLAN 0 to HW filter on device bond6 [ 182.233229][ T9702] bond5: (slave bond6): Enslaving as an active interface with a down link [ 182.240536][ T9702] macvlan3: entered promiscuous mode [ 182.242359][ T9702] macvlan3: entered allmulticast mode [ 182.245251][ T9702] bond5: entered promiscuous mode [ 182.247216][ T9702] 8021q: adding VLAN 0 to HW filter on device macvlan3 [ 182.251435][ T9702] bond5: left promiscuous mode [ 182.620364][ T34] IPVS: starting estimator thread 0... [ 182.732342][ T9721] IPVS: using max 57 ests per chain, 136800 per kthread [ 183.202785][ T9726] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 183.260858][ T9726] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 183.373769][ T9729] wireguard0: entered promiscuous mode [ 183.376236][ T9729] wireguard0: entered allmulticast mode [ 183.572513][ C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 184.923053][ T40] audit: type=1326 audit(1755690218.032:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9748 comm="syz.2.1147" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf711e579 code=0x0 [ 185.503430][ T9772] netlink: 'syz.1.1146': attribute type 1 has an invalid length. [ 185.516043][ T9772] 8021q: adding VLAN 0 to HW filter on device bond7 [ 185.528517][ T9772] vlan4: entered allmulticast mode [ 185.530950][ T9772] veth1: entered allmulticast mode [ 185.535704][ T9772] bond7: (slave vlan4): making interface the new active one [ 185.539760][ T9772] bond7: (slave vlan4): Enslaving as an active interface with an up link [ 185.625005][ T9777] netlink: 'syz.1.1149': attribute type 1 has an invalid length. [ 185.644683][ T9777] 8021q: adding VLAN 0 to HW filter on device bond8 [ 185.684019][ T9777] vlan5: entered promiscuous mode [ 185.686353][ T9777] bond8: entered promiscuous mode [ 185.688549][ T9777] vlan5: entered allmulticast mode [ 185.690963][ T9777] bond8: entered allmulticast mode [ 185.706856][ T9777] bond8: (slave gretap1): making interface the new active one [ 185.709211][ T9777] gretap1: entered promiscuous mode [ 185.711079][ T9777] gretap1: entered allmulticast mode [ 185.713739][ T9777] bond8: (slave gretap1): Enslaving as an active interface with an up link [ 185.842564][ T46] net_ratelimit: 36 callbacks suppressed [ 185.842582][ T46] bond4: (slave macvlan2): failed to get link speed/duplex [ 185.953157][ T46] bond4: (slave macvlan2): failed to get link speed/duplex [ 186.062521][ T8600] bond4: (slave macvlan2): failed to get link speed/duplex [ 186.172483][ T8568] bond4: (slave macvlan2): failed to get link speed/duplex [ 186.292763][ T8600] bond4: (slave macvlan2): failed to get link speed/duplex [ 186.412867][ T46] bond4: (slave macvlan2): failed to get link speed/duplex [ 186.532649][ T8600] bond4: (slave macvlan2): failed to get link speed/duplex [ 186.642321][ T8600] bond4: (slave macvlan2): failed to get link speed/duplex [ 186.752460][ T8568] bond4: (slave macvlan2): failed to get link speed/duplex [ 186.862456][ T8587] bond4: (slave macvlan2): failed to get link speed/duplex [ 188.117863][ T9822] MPI: mpi too large (124808 bits) [ 188.149397][ T9824] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1162'. [ 188.162874][ T9824] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1162'. [ 188.516637][ T9835] binder_alloc: 9834: pid 9834 spamming oneway? 1 buffers allocated for a total size of 4096 [ 188.819039][ T9844] lo speed is unknown, defaulting to 1000 [ 189.280706][ T9859] team0: Port device vlan0 removed [ 189.286716][ T9859] bond0: (slave wlan1): Releasing backup interface [ 189.357714][ T9859] team0: Mode changed to "activebackup" [ 189.367014][ T9859] tipc: Enabling of bearer rejected, already enabled [ 190.331471][ T9877] kvm: kvm [9876]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0x11e) = 0xe40000000003 [ 190.952639][ T8568] net_ratelimit: 34 callbacks suppressed [ 190.952658][ T8568] bond4: (slave macvlan2): failed to get link speed/duplex [ 191.094568][ T8575] bond4: (slave macvlan2): failed to get link speed/duplex [ 191.147271][ T34] hid_parser_main: 8 callbacks suppressed [ 191.147289][ T34] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 191.159274][ T34] hid-generic 0000:0000:0000.000C: hidraw1: HID v0.00 Device [syz1] on syz0 [ 191.203132][ T8600] bond4: (slave macvlan2): failed to get link speed/duplex [ 191.312747][ T8575] bond4: (slave macvlan2): failed to get link speed/duplex [ 191.432670][ T8600] bond4: (slave macvlan2): failed to get link speed/duplex [ 191.543477][ T8582] bond4: (slave macvlan2): failed to get link speed/duplex [ 191.655558][ T8587] bond4: (slave macvlan2): failed to get link speed/duplex [ 191.762526][ T8587] bond4: (slave macvlan2): failed to get link speed/duplex [ 191.883528][ T8575] bond4: (slave macvlan2): failed to get link speed/duplex [ 191.994054][ T8568] bond4: (slave macvlan2): failed to get link speed/duplex [ 192.291819][ T8575] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.295967][ T8575] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.300430][ T8575] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.303619][ T8575] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.409616][ T63] Bluetooth: hci1: unexpected event for opcode 0x1408 [ 193.369942][ T9958] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1197'. [ 193.813598][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.853884][ T9983] netlink: 'syz.1.1204': attribute type 10 has an invalid length. [ 193.856810][ T9983] batman_adv: batadv0: Adding interface: team0 [ 193.858887][ T9983] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560. [ 193.865296][ T9983] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 193.871028][ T9983] netlink: 'syz.1.1204': attribute type 10 has an invalid length. [ 193.873830][ T9983] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1204'. [ 193.877252][ T9983] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.879753][ T9983] batman_adv: batadv0: Interface activated: team0 [ 193.882081][ T9983] batman_adv: batadv0: Interface deactivated: team0 [ 193.884512][ T9983] batman_adv: batadv0: Removing interface: team0 [ 193.887339][ T9983] bridge0: port 1(team0) entered blocking state [ 193.889493][ T9983] bridge0: port 1(team0) entered disabled state [ 194.438319][ T6055] libceph: connect (1)[c::]:6789 error -101 [ 194.440350][ T6055] libceph: mon0 (1)[c::]:6789 connect error [ 194.489320][ T9993] ceph: No mds server is up or the cluster is laggy [ 194.833054][T10014] wireguard0: entered promiscuous mode [ 194.835360][T10014] wireguard0: entered allmulticast mode [ 195.369539][T10018] siw: device registration error -23 [ 195.620543][T10029] Trying to write to read-only block-device nullb0 [ 195.672522][T10033] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 195.681207][T10033] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 195.685415][T10033] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 195.688807][T10033] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 195.694447][T10033] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 195.699008][T10033] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 195.703705][T10033] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 195.707348][T10033] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 195.711899][T10033] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 195.716554][T10033] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 195.978398][T10043] netlink: 'syz.0.1220': attribute type 13 has an invalid length. [ 195.981682][T10043] netlink: 'syz.0.1220': attribute type 17 has an invalid length. [ 196.033222][T10043] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.037071][T10043] 8021q: adding VLAN 0 to HW filter on device team0 [ 196.043602][T10043] net_ratelimit: 1 callbacks suppressed [ 196.043609][T10043] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 196.050676][ T5975] lo speed is unknown, defaulting to 1000 [ 196.052790][ T5975] syz2: Port: 1 Link ACTIVE [ 196.104067][T10045] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1221'. [ 196.142759][T10047] netlink: 'syz.0.1222': attribute type 1 has an invalid length. [ 196.452324][ T63] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 196.455895][ T63] Bluetooth: hci1: Injecting HCI hardware error event [ 196.652457][T10065] wireguard0: entered promiscuous mode [ 196.654808][T10065] wireguard0: entered allmulticast mode [ 196.662804][T10067] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1227'. [ 197.226669][T10085] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1231'. [ 198.205945][T10108] netlink: 'syz.1.1238': attribute type 1 has an invalid length. [ 198.209167][T10108] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1238'. [ 200.905137][T10147] input: syz1 as /devices/virtual/input/input11 [ 201.113115][ T40] audit: type=1804 audit(1755690234.212:67): pid=10152 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1246" name="file0" dev="ramfs" ino=31935 res=1 errno=0 [ 201.290617][T10157] netlink: 'syz.1.1248': attribute type 1 has an invalid length. [ 201.302210][T10157] 8021q: adding VLAN 0 to HW filter on device bond9 [ 201.326759][T10157] 8021q: adding VLAN 0 to HW filter on device bond9 [ 201.329203][T10157] bond9: (slave vxcan3): The slave device specified does not support setting the MAC address [ 201.358079][T10157] bond9: (slave vxcan3): Error -95 calling set_mac_address [ 201.393920][T10161] veth13: entered promiscuous mode [ 201.398346][T10161] bond9: (slave veth13): Enslaving as an active interface with a down link [ 201.457265][T10157] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1248'. [ 201.463272][T10157] 8021q: adding VLAN 0 to HW filter on device bond9 [ 202.851444][T10179] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.892103][T10181] infiniband syz1: set down [ 202.898828][T10181] infiniband syz1: added ipvlan0 [ 203.027719][T10181] RDS/IB: syz1: added [ 203.030538][T10181] smc: adding ib device syz1 with port count 1 [ 203.033144][T10181] smc: ib device syz1 port 1 has pnetid [ 203.302392][T10179] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.806125][T10179] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.857186][T10179] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.974439][ T8587] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.998359][ T8582] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.001414][ T8582] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.004749][ T8582] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.137521][T10198] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8) [ 204.140286][T10198] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 204.143851][T10198] vhci_hcd vhci_hcd.0: Device attached [ 204.401021][ T53] usb 37-1: new high-speed USB device number 3 using vhci_hcd [ 205.094997][T10199] vhci_hcd: connection reset by peer [ 205.097309][ T8575] vhci_hcd: stop threads [ 205.099820][ T8575] vhci_hcd: release socket [ 205.101673][ T8575] vhci_hcd: disconnect device [ 205.692785][ T63] Bluetooth: hci0: ACL packet for unknown connection handle 201 [ 206.025530][ T6419] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 206.235820][T10236] macsec0: entered promiscuous mode [ 207.472454][ T840] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 207.622350][ T840] usb 6-1: Using ep0 maxpacket: 16 [ 207.627206][ T840] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 207.630756][ T840] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 207.634920][ T840] usb 6-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 207.638553][ T840] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.645046][ T840] usb 6-1: config 0 descriptor?? [ 207.887961][ T840] usbhid 6-1:0.0: can't add hid device: -71 [ 207.889958][ T840] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 207.901837][ T840] usb 6-1: USB disconnect, device number 8 [ 209.482435][ T53] vhci_hcd: vhci_device speed not set [ 209.487076][T10310] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1292'. [ 209.543803][T10312] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1292'. [ 209.685398][ T40] audit: type=1326 audit(1755690242.792:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10304 comm="syz.2.1290" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf711e579 code=0x0 [ 210.882857][T10333] netlink: 'syz.1.1298': attribute type 4 has an invalid length. [ 211.149650][T10337] create_pit_timer: 10 callbacks suppressed [ 211.149666][T10337] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 211.202925][T10337] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 211.206581][T10337] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 211.211033][T10337] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 211.215076][T10337] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 211.219003][T10337] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 211.223342][T10337] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 211.227375][T10337] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 211.230967][T10337] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 211.235222][T10337] kvm: requested 838 ns i8254 timer period limited to 200000 ns [ 213.324487][T10395] overlayfs: failed to resolve './file1': -2 [ 213.852784][ T6419] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 214.360771][T10412] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1322'. [ 214.366182][T10412] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1322'. [ 214.370684][T10412] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1322'. [ 214.870680][T10431] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1329'. [ 214.910713][T10431] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1329'. [ 215.210794][T10440] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1331'. [ 216.565260][T10456] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1337'. [ 216.568138][T10456] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1337'. [ 216.611432][T10460] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1339'. [ 216.634626][T10462] overlayfs: failed to clone upperpath [ 216.684433][ T63] Bluetooth: hci0: unexpected event for opcode 0x0c05 [ 216.688140][T10466] veth0_to_hsr: entered allmulticast mode [ 216.690542][T10465] veth0_to_hsr: left allmulticast mode [ 217.389442][T10477] create_pit_timer: 38 callbacks suppressed [ 217.389458][T10477] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 217.403763][T10477] kvm: pic: non byte read [ 217.407471][T10477] pic_ioport_write: 4 callbacks suppressed [ 217.407493][T10477] kvm: pic: level sensitive irq not supported [ 217.410682][T10477] kvm: pic: non byte read [ 217.419284][T10477] kvm: pic: level sensitive irq not supported [ 217.420047][T10477] kvm: pic: non byte read [ 217.429662][T10477] kvm: pic: level sensitive irq not supported [ 217.430958][T10477] kvm: pic: non byte read [ 217.438863][T10477] kvm: pic: level sensitive irq not supported [ 217.439271][T10477] kvm: pic: non byte read [ 217.445679][T10477] kvm: pic: level sensitive irq not supported [ 217.446557][T10477] kvm: pic: non byte read [ 217.832044][ T5975] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 217.836250][ T5975] hid-generic 0000:0000:0000.000D: hidraw1: HID v0.00 Device [syz1] on syz0 [ 217.904733][T10490] netlink: 'syz.0.1350': attribute type 39 has an invalid length. [ 218.077344][T10498] vivid-000: ================= START STATUS ================= [ 218.079890][T10498] vivid-000: Test Pattern: 75% Colorbar [ 218.081977][T10498] vivid-000: Fill Percentage of Frame: 100 [ 218.084113][T10498] vivid-000: Horizontal Movement: No Movement [ 218.086088][T10498] vivid-000: Vertical Movement: No Movement [ 218.087931][T10498] vivid-000: OSD Text Mode: All [ 218.089452][T10498] vivid-000: Show Border: false [ 218.091007][T10498] vivid-000: Show Square: false [ 218.093005][T10498] vivid-000: Sensor Flipped Horizontally: false [ 218.095325][T10498] vivid-000: Sensor Flipped Vertically: false [ 218.097640][T10498] vivid-000: Insert SAV Code in Image: false [ 218.099818][T10498] vivid-000: Insert EAV Code in Image: false [ 218.102631][T10498] vivid-000: Insert Video Guard Band: false [ 218.104917][T10498] vivid-000: Reduced Framerate: true [ 218.106769][T10498] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 218.109645][T10498] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator [ 218.112889][T10498] vivid-000: Enable Capture Cropping: true [ 218.115115][T10498] vivid-000: Enable Capture Composing: true [ 218.117502][T10498] vivid-000: Enable Capture Scaler: true [ 218.119732][T10498] vivid-000: Timestamp Source: End of Frame [ 218.121916][T10498] vivid-000: Colorspace: sRGB [ 218.123862][T10498] vivid-000: Transfer Function: Default [ 218.125937][T10498] vivid-000: Y'CbCr Encoding: xvYCC 709 [ 218.128790][T10498] vivid-000: HSV Encoding: Hue 0-179 [ 218.130752][T10498] vivid-000: Quantization: Default [ 218.132845][T10498] vivid-000: Apply Alpha To Red Only: false [ 218.133354][ C2] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 218.135145][T10498] vivid-000: Standard Aspect Ratio: 4x3 [ 218.138982][T10498] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 218.141616][T10498] vivid-000: DV Timings: 640x480p59 inactive [ 218.143888][T10498] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 218.146360][T10498] vivid-000: Maximum EDID Blocks: 2 [ 218.148086][T10498] vivid-000: Limited RGB Range (16-235): false [ 218.150025][T10498] vivid-000: Rx RGB Quantization Range: Automatic [ 218.152015][T10498] vivid-000: Power Present: 0x00000001 [ 218.154129][T10498] tpg source WxH: 320x240 (Y'CbCr) [ 218.156165][T10498] tpg field: 1 [ 218.157274][T10498] tpg crop: (0,0)/320x240 [ 218.158652][T10498] tpg compose: (0,0)/320x240 [ 218.160082][T10498] tpg colorspace: 8 [ 218.161150][T10498] tpg transfer function: 0/0 [ 218.162719][T10498] tpg Y'CbCr encoding: 4/0 [ 218.164237][T10498] tpg quantization: 0/0 [ 218.165573][T10498] tpg RGB range: 0/2 [ 218.166793][T10498] vivid-000: ================== END STATUS ================== [ 218.207218][T10506] netfs: Couldn't get user pages (rc=-14) [ 221.051776][T10567] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1376'. [ 221.912153][T10581] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1379'. [ 221.915679][T10581] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1379'. [ 221.944710][T10586] netlink: 'syz.2.1380': attribute type 1 has an invalid length. [ 221.967558][T10586] 8021q: adding VLAN 0 to HW filter on device bond0 [ 221.988319][T10586] bond0: (slave geneve2): making interface the new active one [ 221.991317][T10586] bond0: (slave geneve2): Enslaving as an active interface with an up link [ 222.011816][T10586] bond0: entered promiscuous mode [ 222.013960][T10586] geneve2: entered promiscuous mode [ 222.709109][T10607] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 222.755199][T10607] kvm: pic: non byte read [ 222.760081][T10607] kvm: pic: level sensitive irq not supported [ 222.760682][T10607] kvm: pic: non byte read [ 222.766429][T10607] kvm: pic: level sensitive irq not supported [ 222.766824][T10607] kvm: pic: non byte read [ 222.773048][T10607] kvm: pic: level sensitive irq not supported [ 222.773627][T10607] kvm: pic: non byte read [ 222.779810][T10607] kvm: pic: level sensitive irq not supported [ 222.780278][T10607] kvm: pic: non byte read [ 222.789212][T10607] kvm: pic: level sensitive irq not supported [ 222.789653][T10607] kvm: pic: non byte read [ 223.146471][T10627] tipc: Failed to remove unknown binding: 66,1,1/0:3260556697/3260556699 [ 223.149962][T10627] tipc: Failed to remove unknown binding: 66,1,1/0:3260556697/3260556699 [ 223.153400][T10627] tipc: Failed to remove unknown binding: 66,1,1/0:3260556697/3260556699 [ 223.177216][T10628] bridge4: entered promiscuous mode [ 223.179713][T10628] bridge4: entered allmulticast mode [ 225.373803][T10649] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2147484288 (4294968576 ns) > initial count (34 ns). Using initial count to start timer. [ 225.862355][T10652] syz.3.1396 (10652) used greatest stack depth: 19960 bytes left [ 226.347578][T10664] netlink: 'syz.2.1401': attribute type 1 has an invalid length. [ 226.350171][T10664] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1401'. [ 227.805991][T10687] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1407'. [ 228.653258][T10695] overlayfs: bad index found (index=index/00fb210001b1c8f4e90633441688f5cb392d21a9678a789a4edc06000000000000, ftype=2000, origin ftype=8000). [ 229.193028][T10706] bridge2: entered promiscuous mode [ 229.195445][T10706] bridge2: entered allmulticast mode [ 229.249857][ T40] audit: type=1326 audit(1755690262.352:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 229.262350][ T40] audit: type=1326 audit(1755690262.352:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 229.276973][ T40] audit: type=1326 audit(1755690262.352:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 229.288797][ T40] audit: type=1326 audit(1755690262.352:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 229.295842][ T40] audit: type=1326 audit(1755690262.352:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 229.304919][ T40] audit: type=1326 audit(1755690262.352:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 229.315823][ T40] audit: type=1326 audit(1755690262.352:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 229.323362][ T40] audit: type=1326 audit(1755690262.352:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 229.341344][ T40] audit: type=1326 audit(1755690262.352:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 229.358507][ T40] audit: type=1326 audit(1755690262.362:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10707 comm="syz.2.1414" exe="/syz-executor" sig=0 arch=40000003 syscall=320 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 229.711848][T10716] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1417'. [ 229.726000][T10716] vlan2: entered allmulticast mode [ 229.727802][T10716] bridge0: entered allmulticast mode [ 229.933428][T10724] openvswitch: netlink: Flow key attr not present in new flow. [ 229.952029][T10724] ======================================================= [ 229.952029][T10724] WARNING: The mand mount option has been deprecated and [ 229.952029][T10724] and is ignored by this kernel. Remove the mand [ 229.952029][T10724] option from the mount to silence this warning. [ 229.952029][T10724] ======================================================= [ 230.145855][T10729] tipc: Enabled bearer , priority 0 [ 230.148374][T10729] syzkaller0: entered promiscuous mode [ 230.153783][T10729] syzkaller0: entered allmulticast mode [ 230.160597][T10729] tipc: Resetting bearer [ 230.163245][T10728] tipc: Resetting bearer [ 230.176388][T10728] tipc: Disabling bearer [ 230.502762][ T53] libceph: connect (1)[c::]:6789 error -101 [ 230.507320][ T53] libceph: mon0 (1)[c::]:6789 connect error [ 230.515651][T10741] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1424'. [ 230.526000][T10741] hsr_slave_1 (unregistering): left promiscuous mode [ 230.772471][ T53] libceph: connect (1)[c::]:6789 error -101 [ 230.775224][ T53] libceph: mon0 (1)[c::]:6789 connect error [ 231.104097][T10747] geneve2: entered promiscuous mode [ 231.107218][ T8568] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.111252][ T8568] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.116724][ T8568] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.120321][ T8568] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.131475][T10737] ceph: No mds server is up or the cluster is laggy [ 231.582383][ T5975] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 231.752810][ T5975] usb 6-1: Using ep0 maxpacket: 8 [ 231.757332][ T5975] usb 6-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b [ 231.760828][ T5975] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 231.763519][ T5975] usb 6-1: Product: syz [ 231.764913][ T5975] usb 6-1: Manufacturer: syz [ 231.766421][ T5975] usb 6-1: SerialNumber: syz [ 231.769600][ T5975] usb 6-1: config 0 descriptor?? [ 231.773182][ T5975] option 6-1:0.0: GSM modem (1-port) converter detected [ 232.009693][ T6419] usb 6-1: USB disconnect, device number 9 [ 232.012391][ T6419] option 6-1:0.0: device disconnected [ 232.566524][T10784] batman_adv: batadv0: Adding interface: dummy0 [ 232.568676][T10784] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active [ 232.862329][ T5985] Bluetooth: hci1: hardware error 0x00 [ 233.534882][T10796] veth0: entered promiscuous mode [ 233.682582][T10795] veth0: left promiscuous mode [ 234.179662][T10808] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1439'. [ 234.257104][ T40] kauditd_printk_skb: 236 callbacks suppressed [ 234.257157][ T40] audit: type=1326 audit(1755690267.362:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10810 comm="syz.0.1440" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 234.266248][ T40] audit: type=1326 audit(1755690267.362:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10810 comm="syz.0.1440" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f765a7 code=0x7ffc0000 [ 234.273014][ T40] audit: type=1326 audit(1755690267.362:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10810 comm="syz.0.1440" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 234.279900][ T40] audit: type=1326 audit(1755690267.362:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10810 comm="syz.0.1440" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 234.287023][ T40] audit: type=1326 audit(1755690267.362:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10810 comm="syz.0.1440" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f765a7 code=0x7ffc0000 [ 234.293934][ T40] audit: type=1326 audit(1755690267.362:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10810 comm="syz.0.1440" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 234.301105][ T40] audit: type=1326 audit(1755690267.372:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10810 comm="syz.0.1440" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 234.308344][ T40] audit: type=1326 audit(1755690267.372:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10810 comm="syz.0.1440" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f765a7 code=0x7ffc0000 [ 234.315326][ T40] audit: type=1326 audit(1755690267.372:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10810 comm="syz.0.1440" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 234.322630][ T40] audit: type=1326 audit(1755690267.382:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10810 comm="syz.0.1440" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 234.932326][ T5985] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 235.084362][T10819] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2147484288 (4294968576 ns) > initial count (34 ns). Using initial count to start timer. [ 235.090057][T10821] lo speed is unknown, defaulting to 1000 [ 235.574615][T10831] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 235.892403][ T5985] Bluetooth: hci0: command 0x040f tx timeout [ 236.358938][T10854] bridge5: entered promiscuous mode [ 236.361030][T10854] bridge5: entered allmulticast mode [ 238.467058][T10896] tipc: Started in network mode [ 238.468684][T10896] tipc: Node identity 7f000001, cluster identity 4711 [ 238.471207][T10896] tipc: Enabled bearer , priority 10 [ 238.479234][T10896] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 238.482183][T10896] tipc: Enabled bearer , priority 10 [ 238.753984][T10899] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1462'. [ 238.817437][T10903] tipc: Enabling of bearer rejected, failed to enable media [ 239.013023][T10912] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.095164][T10912] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.144646][T10912] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.206994][T10912] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.278177][ T8587] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.283223][ T8587] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.290207][ T8587] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.293309][ T8587] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.582466][ T24] tipc: Node number set to 2130706433 [ 241.807855][T10968] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 242.179168][ T40] kauditd_printk_skb: 236 callbacks suppressed [ 242.179181][ T40] audit: type=1326 audit(1755690275.282:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10975 comm="syz.2.1483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 242.189941][ T40] audit: type=1326 audit(1755690275.282:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10975 comm="syz.2.1483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 242.193235][T10976] overlayfs: failed to get inode (-116) [ 242.197461][ T40] audit: type=1326 audit(1755690275.282:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10975 comm="syz.2.1483" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 242.198926][T10976] overlayfs: failed to look up (bus) for ino (-116) [ 242.205712][ T40] audit: type=1326 audit(1755690275.282:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10975 comm="syz.2.1483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 242.215396][ T40] audit: type=1326 audit(1755690275.282:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10975 comm="syz.2.1483" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 242.221996][ T40] audit: type=1326 audit(1755690275.282:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10975 comm="syz.2.1483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 242.228964][ T40] audit: type=1326 audit(1755690275.282:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10975 comm="syz.2.1483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 242.238396][ T40] audit: type=1326 audit(1755690275.282:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10975 comm="syz.2.1483" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 242.245225][ T40] audit: type=1326 audit(1755690275.292:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10975 comm="syz.2.1483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 242.251902][ T40] audit: type=1326 audit(1755690275.292:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10975 comm="syz.2.1483" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf711e579 code=0x7ffc0000 [ 242.728092][T10985] 9p: Unknown Cache mode or invalid value fscach [ 243.216896][T11003] 9pnet_fd: Insufficient options for proto=fd [ 245.233719][T11030] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2147484288 (4294968576 ns) > initial count (34 ns). Using initial count to start timer. [ 249.277238][T11093] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1520'. [ 249.906053][ T40] kauditd_printk_skb: 31 callbacks suppressed [ 249.906071][ T40] audit: type=1326 audit(1755690283.012:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 249.919075][ T40] audit: type=1326 audit(1755690283.022:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 249.932140][ T40] audit: type=1326 audit(1755690283.022:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=275 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 249.942137][ T40] audit: type=1326 audit(1755690283.022:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 249.952621][ T40] audit: type=1326 audit(1755690283.022:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 249.954086][T11107] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1514'. [ 249.961817][ T40] audit: type=1326 audit(1755690283.022:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 249.973673][ T40] audit: type=1326 audit(1755690283.032:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 249.980516][ T40] audit: type=1326 audit(1755690283.032:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 249.987538][ T40] audit: type=1326 audit(1755690283.032:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 249.995269][ T40] audit: type=1326 audit(1755690283.032:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11106 comm="syz.1.1514" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708e579 code=0x7ffc0000 [ 251.457817][T11132] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 251.505686][ T53] lo speed is unknown, defaulting to 1000 [ 251.532279][ T53] syz2: Port: 1 Link DOWN [ 251.542407][ T34] usb 7-1: new full-speed USB device number 11 using dummy_hcd [ 251.693609][ T34] usb 7-1: config 0 has no interfaces? [ 251.695506][ T34] usb 7-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 251.698401][ T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 251.702020][ T34] usb 7-1: config 0 descriptor?? [ 251.927721][ T6419] usb 7-1: USB disconnect, device number 11 [ 252.259178][T11142] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1525'. [ 254.398434][T11169] lo speed is unknown, defaulting to 1000 [ 254.934819][T11169] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1534'. [ 258.274747][T11243] netlink: 'syz.0.1556': attribute type 1 has an invalid length. [ 258.286035][T11243] 8021q: adding VLAN 0 to HW filter on device bond2 [ 258.325679][T11243] bond2: (slave veth7): Enslaving as an active interface with a down link [ 258.363699][T11243] vlan2: entered allmulticast mode [ 258.365848][T11243] veth0_to_bond: entered allmulticast mode [ 258.368634][T11243] bond2: (slave vlan2): Opening slave failed [ 258.473470][T11249] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1554'. [ 260.715397][T11283] tipc: Bearer : already 2 bearers with priority 10 [ 260.717934][T11283] tipc: Bearer : trying with adjusted priority [ 260.720521][T11283] tipc: Enabled bearer , priority 9 [ 262.191391][T11303] vxcan1: entered allmulticast mode [ 262.238411][T11309] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1566'. [ 262.242421][ T9] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 262.412390][ T9] usb 8-1: Using ep0 maxpacket: 8 [ 262.417343][ T9] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 262.424892][ T9] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 262.432937][ T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 262.440660][ T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 262.448598][ T9] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 262.459243][ T9] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 262.466857][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.678288][ T9] usb 8-1: GET_CAPABILITIES returned 0 [ 262.680139][ T9] usbtmc 8-1:16.0: can't read capabilities [ 262.984982][T11293] usbtmc 8-1:16.0: usb_control_msg returned -71 [ 262.984971][ T9] usb 8-1: USB disconnect, device number 6 [ 262.993700][T11317] input: syz1 as /devices/virtual/input/input12 [ 263.197025][T11325] lo speed is unknown, defaulting to 1000 [ 263.261255][T11327] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1577'. [ 263.307662][T11330] netlink: 'syz.0.1578': attribute type 1 has an invalid length. [ 263.467916][T11333] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 263.865380][T11340] binder: 11339:11340 ioctl 4018620d 0 returned -22 [ 264.833394][T11361] lo speed is unknown, defaulting to 1000 [ 265.036217][T11361] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1587'. [ 265.307856][T11372] lo speed is unknown, defaulting to 1000 [ 265.912389][ T5975] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 266.072408][ T5975] usb 8-1: Using ep0 maxpacket: 8 [ 266.075655][ T5975] usb 8-1: config index 0 descriptor too short (expected 260, got 27) [ 266.079094][ T5975] usb 8-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 266.083389][ T5975] usb 8-1: config 2 has 0 interfaces, different from the descriptor's value: 1 [ 266.087032][ T5975] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 266.090726][ T5975] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.303756][T11395] tipc: Disabling bearer [ 266.352520][ T34] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 266.373392][ T5975] usb 8-1: string descriptor 0 read error: -71 [ 266.375651][ T5975] usb 8-1: USB disconnect, device number 7 [ 266.512622][ T34] usb 6-1: Using ep0 maxpacket: 32 [ 266.516282][ T34] usb 6-1: config 0 has an invalid interface number: 12 but max is 0 [ 266.519458][ T34] usb 6-1: config 0 has no interface number 0 [ 266.522087][ T34] usb 6-1: config 0 interface 12 has no altsetting 0 [ 266.526620][ T34] usb 6-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 266.530338][ T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.533765][ T34] usb 6-1: Product: syz [ 266.535377][ T34] usb 6-1: Manufacturer: syz [ 266.537352][ T34] usb 6-1: SerialNumber: syz [ 266.540907][ T34] usb 6-1: config 0 descriptor?? [ 266.986574][ T34] f81534 6-1:0.12: f81534_get_register: reg: 1003 failed: -71 [ 266.989052][ T34] f81534 6-1:0.12: f81534_find_config_idx: read failed: -71 [ 266.991449][ T34] f81534 6-1:0.12: f81534_calc_num_ports: find idx failed: -71 [ 266.994642][ T34] f81534 6-1:0.12: probe with driver f81534 failed with error -71 [ 266.998618][ T34] usb 6-1: USB disconnect, device number 10 [ 267.363848][T11411] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 267.517130][T11418] netlink: 'syz.1.1599': attribute type 1 has an invalid length. [ 267.525403][T11418] 8021q: adding VLAN 0 to HW filter on device bond10 [ 267.550160][T11418] bond10: (slave veth15): Enslaving as an active interface with a down link [ 267.764344][T11418] bond3: (slave veth0_to_bond): Releasing active interface [ 267.769212][T11418] bond10: (slave veth0_to_bond): Enslaving as an active interface with a down link [ 267.774358][T11421] vlan6: entered allmulticast mode [ 267.776030][T11421] veth0_to_bond: entered allmulticast mode [ 267.778281][T11421] veth0_to_bond: entered promiscuous mode [ 267.780346][T11421] veth0_to_bond: left promiscuous mode [ 267.782502][T11421] veth0_to_bond: entered promiscuous mode [ 267.784964][T11421] bond10: (slave vlan6): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 267.790223][T11421] veth0_to_bond: left promiscuous mode [ 268.427696][T11433] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370955 [ 269.024868][T11443] netlink: 'syz.3.1604': attribute type 5 has an invalid length. [ 269.028429][T11443] netlink: 'syz.3.1604': attribute type 7 has an invalid length. [ 269.054316][T11443] : entered promiscuous mode [ 270.006938][T11453] lo speed is unknown, defaulting to 1000 [ 270.201249][T11453] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1606'. [ 270.241119][T11471] fuse: Unknown parameter '18446744073709551615ÿ' [ 270.308856][T11474] xfrm0: left promiscuous mode [ 270.310839][T11474] xfrm0: left allmulticast mode [ 270.314685][T11474] vlan0: left promiscuous mode [ 270.630449][T11474] bond1: left allmulticast mode [ 270.632946][T11474] bridge2: left promiscuous mode [ 270.634774][T11474] bridge2: left allmulticast mode [ 270.918792][T11481] binder: 11480:11481 ioctl 4018620d 0 returned -22 [ 271.577749][T11485] tipc: Started in network mode [ 271.579450][T11485] tipc: Node identity ceabcbb0240c, cluster identity 4711 [ 271.582085][T11485] tipc: Enabled bearer , priority 0 [ 271.585373][T11485] syzkaller0: entered promiscuous mode [ 271.587505][T11485] syzkaller0: entered allmulticast mode [ 271.594759][T11485] tipc: Resetting bearer [ 271.598682][T11484] tipc: Resetting bearer [ 271.602942][T11484] tipc: Disabling bearer [ 271.675580][T11487] team_slave_0 (unregistering): left promiscuous mode [ 271.677853][T11487] team_slave_0 (unregistering): left allmulticast mode [ 271.680804][T11487] team0: Port device team_slave_0 removed [ 273.008359][T11516] tipc: Enabled bearer , priority 0 [ 273.011377][T11516] syzkaller0: entered promiscuous mode [ 273.013411][T11516] syzkaller0: entered allmulticast mode [ 273.023059][T11516] tipc: Resetting bearer [ 273.027822][T11515] tipc: Resetting bearer [ 273.040756][T11515] tipc: Disabling bearer [ 274.105522][T11542] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.175876][T11542] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.257307][T11542] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.344248][T11542] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.414152][ T46] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.421919][ T46] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.431702][ T8600] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 274.438801][ T8600] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.078625][T11559] vxcan1: left allmulticast mode [ 275.088357][T11559] wireguard0: left promiscuous mode [ 275.090201][T11559] wireguard0: left allmulticast mode [ 275.478955][T11572] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1642'. [ 276.738519][T11590] netlink: 'syz.0.1657': attribute type 12 has an invalid length. [ 276.750971][T11592] tipc: Enabling of bearer rejected, already enabled [ 276.784511][T11592] tipc: Resetting bearer [ 277.125900][T11602] netlink: 'syz.0.1650': attribute type 5 has an invalid length. [ 277.139197][T11602] netlink: 'syz.0.1650': attribute type 7 has an invalid length. [ 277.327733][T11602] : entered promiscuous mode [ 279.022619][T11622] bridge0: port 2(bridge_slave_1) entered disabled state [ 279.025583][T11622] bridge0: port 1(bridge_slave_0) entered disabled state [ 279.055561][T11622] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 279.071749][T11622] veth0_macvtap: left allmulticast mode [ 279.081278][T11622] vlan2: left allmulticast mode [ 279.083840][T11622] macvtap0: left allmulticast mode [ 279.085794][T11622] vlan3: left promiscuous mode [ 279.087311][T11622] bridge0: left promiscuous mode [ 279.091744][T11622] macsec1: left promiscuous mode [ 279.093659][T11622] macsec1: left allmulticast mode [ 279.096888][T11622] wireguard0: left promiscuous mode [ 279.098558][T11622] wireguard0: left allmulticast mode [ 279.101032][T11622] bond0: left promiscuous mode [ 279.102779][T11622] geneve2: left promiscuous mode [ 279.242356][ T8582] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.245875][ T8582] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.250261][ T8582] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.253294][ T8582] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 279.264322][T11634] netlink: 'syz.1.1660': attribute type 1 has an invalid length. [ 279.312714][T11634] 8021q: adding VLAN 0 to HW filter on device bond11 [ 279.365095][T11634] bond11: (slave veth17): Enslaving as an active interface with a down link [ 279.409099][T11634] vlan6: entered allmulticast mode [ 279.411798][T11634] veth0_to_bond: entered promiscuous mode [ 279.422579][T11634] veth0_to_bond: left promiscuous mode [ 279.430277][T11634] bond11: (slave vlan6): Enslaving as an active interface with a down link [ 279.581152][T11641] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1663'. [ 281.469528][T11675] tipc: Enabled bearer , priority 0 [ 281.473461][T11675] syzkaller0: entered promiscuous mode [ 281.476578][T11675] syzkaller0: entered allmulticast mode [ 281.857929][T11679] tipc: Resetting bearer [ 281.878305][T11678] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1672'. [ 281.925239][T11681] syz_tun: entered allmulticast mode [ 281.927753][T11683] netlink: 'syz.3.1673': attribute type 1 has an invalid length. [ 281.956952][T11683] 8021q: adding VLAN 0 to HW filter on device bond3 [ 281.963370][T11680] syz_tun: left allmulticast mode [ 282.000212][T11683] bond3: (slave veth5): Enslaving as an active interface with a down link [ 282.014881][T11688] netlink: 'syz.2.1675': attribute type 1 has an invalid length. [ 282.024820][T11688] 8021q: adding VLAN 0 to HW filter on device bond4 [ 282.040923][T11683] vlan2: entered allmulticast mode [ 282.043168][T11683] veth0_to_bond: entered allmulticast mode [ 282.046193][T11683] bond3: (slave vlan2): Opening slave failed [ 282.070066][T11688] bond4: (slave veth11): Enslaving as an active interface with a down link [ 282.105541][T11688] bond3: (slave veth0_to_bond): Releasing active interface [ 282.113831][T11688] bond4: (slave veth0_to_bond): Enslaving as an active interface with a down link [ 282.128365][T11688] vlan4: entered allmulticast mode [ 282.130158][T11688] veth0_to_bond: entered allmulticast mode [ 282.132135][T11688] veth0_to_bond: entered promiscuous mode [ 282.134445][T11688] veth0_to_bond: left promiscuous mode [ 282.136488][T11688] veth0_to_bond: entered promiscuous mode [ 282.138521][T11688] bond4: (slave vlan4): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 282.143965][T11688] veth0_to_bond: left promiscuous mode [ 282.892840][T11699] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1678'. [ 282.896264][T11699] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1678'. [ 282.899084][T11699] netlink: 50 bytes leftover after parsing attributes in process `syz.1.1678'. [ 283.078135][T11704] tipc: Enabling of bearer rejected, already enabled [ 283.109158][T11705] netlink: 'syz.2.1676': attribute type 5 has an invalid length. [ 283.121852][T11705] netlink: 'syz.2.1676': attribute type 7 has an invalid length. [ 283.126790][T11707] tipc: Enabling of bearer rejected, already enabled [ 283.159356][T11705] : entered promiscuous mode [ 283.193187][T11709] tipc: Enabling of bearer rejected, already enabled [ 283.230600][T11711] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9) [ 283.233481][T11711] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 283.239117][T11711] vhci_hcd vhci_hcd.0: Device attached [ 283.245769][T11712] vhci_hcd: connection closed [ 283.246042][ T8568] vhci_hcd: stop threads [ 283.252465][ T8568] vhci_hcd: release socket [ 283.254653][ T8568] vhci_hcd: disconnect device [ 283.845402][T11724] netlink: 'syz.3.1688': attribute type 1 has an invalid length. [ 283.857584][T11724] 8021q: adding VLAN 0 to HW filter on device bond4 [ 283.885315][T11724] bond4: (slave veth7): Enslaving as an active interface with a down link [ 283.913585][T11724] bond4: (slave veth0_to_bond): Enslaving as an active interface with a down link [ 283.922187][T11724] vlan2: entered allmulticast mode [ 283.924362][T11724] veth0_to_bond: entered promiscuous mode [ 283.926707][T11724] veth0_to_bond: left promiscuous mode [ 283.928517][T11724] veth0_to_bond: entered promiscuous mode [ 283.930497][T11724] bond4: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 283.936235][T11724] veth0_to_bond: left promiscuous mode [ 284.177839][T11734] tipc: Enabled bearer , priority 0 [ 284.182798][T11734] syzkaller0: entered promiscuous mode [ 284.185248][T11734] syzkaller0: entered allmulticast mode [ 284.191841][T11734] tipc: Resetting bearer [ 284.196571][T11733] tipc: Resetting bearer [ 284.199581][T11733] tipc: Disabling bearer [ 284.668726][T11740] tipc: Enabling of bearer rejected, already enabled [ 284.703622][T11740] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1693'. [ 284.810616][T11744] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1695'. [ 285.043317][ T63] Bluetooth: hci0: unexpected event for opcode 0x202d [ 285.966722][T11771] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1702'. [ 285.970535][T11771] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1702'. [ 285.976464][T11771] netlink: 50 bytes leftover after parsing attributes in process `syz.0.1702'. [ 286.031813][T11773] netlink: 'syz.1.1698': attribute type 5 has an invalid length. [ 286.041869][T11773] netlink: 'syz.1.1698': attribute type 7 has an invalid length. [ 286.079136][T11773] : entered promiscuous mode [ 287.104075][T11791] netlink: 4400 bytes leftover after parsing attributes in process `syz.2.1707'. [ 287.790038][T11808] tipc: Enabling of bearer rejected, already enabled [ 287.795084][T11808] netem: change failed [ 289.768552][T11827] mac80211_hwsim hwsim7 : renamed from wlan1 [ 290.071095][T11844] netlink: 'syz.1.1721': attribute type 1 has an invalid length. [ 290.085180][T11844] 8021q: adding VLAN 0 to HW filter on device bond12 [ 290.127065][T11844] bond12: (slave wlan0): Opening slave failed [ 290.134140][T11844] vlan7: entered allmulticast mode [ 290.136228][T11844] bond12: (slave vlan7): Opening slave failed [ 290.738423][T11852] netlink: 'syz.0.1723': attribute type 1 has an invalid length. [ 290.747257][T11852] 8021q: adding VLAN 0 to HW filter on device bond3 [ 290.770421][T11852] bond3: (slave veth9): Enslaving as an active interface with a down link [ 290.804534][T11852] bond3: (slave veth0_to_bond): Enslaving as an active interface with a down link [ 290.815523][T11852] vlan2: entered allmulticast mode [ 290.817612][T11852] veth0_to_bond: entered promiscuous mode [ 290.819754][T11852] veth0_to_bond: left promiscuous mode [ 290.821781][T11852] veth0_to_bond: entered promiscuous mode [ 290.824163][T11852] bond3: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 290.829532][T11852] veth0_to_bond: left promiscuous mode [ 291.630888][T11869] usb usb8: usbfs: process 11869 (syz.1.1726) did not claim interface 0 before use [ 292.400046][T11882] tipc: Enabling of bearer rejected, already enabled [ 292.467350][T11888] tipc: Enabled bearer , priority 0 [ 292.470863][T11888] syzkaller0: entered promiscuous mode [ 292.473987][T11888] syzkaller0: entered allmulticast mode [ 292.495159][T11888] tipc: Resetting bearer [ 292.500066][T11887] tipc: Resetting bearer [ 292.528890][T11887] tipc: Disabling bearer [ 292.606647][ T40] kauditd_printk_skb: 18 callbacks suppressed [ 292.606659][ T40] audit: type=1804 audit(1755690325.712:630): pid=11892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1734" name="/newroot/477/cgroup.controllers" dev="tmpfs" ino=2573 res=1 errno=0 [ 292.618286][ T40] audit: type=1800 audit(1755690325.712:631): pid=11892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1734" name="cgroup.controllers" dev="tmpfs" ino=2573 res=0 errno=0 [ 292.627116][ T40] audit: type=1800 audit(1755690325.712:632): pid=11892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1734" name="cgroup.controllers" dev="tmpfs" ino=2573 res=0 errno=0 [ 293.741978][T11912] tipc: Enabling of bearer rejected, already enabled [ 296.985510][T11968] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 297.443181][ T53] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 297.446278][ T53] hid-generic 0000:0000:0000.000E: hidraw1: HID v0.00 Device [syz1] on syz0 [ 298.347695][T11997] mac80211_hwsim hwsim5 : renamed from wlan1 [ 300.002122][T12022] tipc: Enabling of bearer rejected, already enabled [ 300.428546][T12031] netlink: 4400 bytes leftover after parsing attributes in process `syz.0.1768'. [ 300.464224][T12031] debugfs: 'Ç`]Š •Iöq¯!¾>Ýsó³Îú*Š®!)\Ç' already exists in 'ieee80211' [ 301.223742][T12054] usb usb8: usbfs: process 12054 (syz.2.1776) did not claim interface 0 before use [ 302.036752][ T40] audit: type=1804 audit(1755690335.142:633): pid=12065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1778" name="cgroup.controllers" dev="tmpfs" ino=2368 res=1 errno=0 [ 302.046821][ T40] audit: type=1800 audit(1755690335.142:634): pid=12065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1778" name="cgroup.controllers" dev="tmpfs" ino=2368 res=0 errno=0 [ 302.054842][ T40] audit: type=1800 audit(1755690335.142:635): pid=12065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1778" name="cgroup.controllers" dev="tmpfs" ino=2368 res=0 errno=0 [ 303.038303][ T40] audit: type=1326 audit(1755690336.142:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.0.1792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 303.063905][ T40] audit: type=1326 audit(1755690336.142:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.0.1792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 303.092358][ T40] audit: type=1326 audit(1755690336.142:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.0.1792" exe="/syz-executor" sig=0 arch=40000003 syscall=374 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 303.118819][ T40] audit: type=1326 audit(1755690336.142:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.0.1792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 303.138044][ T40] audit: type=1326 audit(1755690336.142:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.0.1792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 303.147628][ T40] audit: type=1326 audit(1755690336.142:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.0.1792" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 303.157501][ T40] audit: type=1326 audit(1755690336.142:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12086 comm="syz.0.1792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76579 code=0x7ffc0000 [ 303.248018][T12100] netlink: 4400 bytes leftover after parsing attributes in process `syz.1.1784'. [ 303.253672][T12100] debugfs: 'Ç`]Š •Iöq¯!¾>Ýsó³Îú*Š®!)\Ç' already exists in 'ieee80211' [ 303.385198][T12102] tipc: Enabled bearer , priority 0 [ 303.394393][T12102] syzkaller0: entered promiscuous mode [ 303.398442][T12102] syzkaller0: entered allmulticast mode [ 303.420805][T12102] tipc: Resetting bearer [ 303.427838][T12101] tipc: Resetting bearer [ 303.436965][T12101] tipc: Disabling bearer [ 304.427911][T12124] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 304.482951][T12129] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 305.326324][T12145] tipc: Enabling of bearer rejected, already enabled [ 305.570214][T12154] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.1802'. [ 305.583318][T12154] debugfs: 'Ç`]Š •Iöq¯!¾>Ýsó³Îú*Š®!)\Ç' already exists in 'ieee80211' [ 306.758847][T12182] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 306.896028][T12182] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 306.990055][T12187] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 306.992325][T12187] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 307.002421][T12187] vhci_hcd vhci_hcd.0: Device attached [ 307.076765][T12182] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 307.317251][T12182] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 307.393391][ T8588] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.398419][ T8588] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.404030][ T46] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.407010][ T46] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 307.543581][ T53] usb 44-1: SetAddress Request (2) to port 0 [ 307.580333][T12194] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 307.597598][ T53] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd [ 307.883693][T12188] vhci_hcd: connection reset by peer [ 307.894313][ T8582] vhci_hcd: stop threads [ 307.895686][ T8582] vhci_hcd: release socket [ 307.897283][ T8582] vhci_hcd: disconnect device [ 308.779371][T12215] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 308.861956][T12220] tipc: Enabled bearer , priority 0 [ 308.873175][T12220] syzkaller0: entered promiscuous mode [ 308.875577][T12220] syzkaller0: entered allmulticast mode [ 308.884443][T12220] tipc: Resetting bearer [ 308.888106][T12219] tipc: Resetting bearer [ 308.891080][T12219] tipc: Disabling bearer [ 311.399585][T12257] netlink: 'syz.3.1824': attribute type 5 has an invalid length. [ 311.402055][T12257] netlink: 'syz.3.1824': attribute type 7 has an invalid length. [ 312.185764][T12271] comedi comedi0: Minor -2147450880 is invalid! [ 312.692422][ T53] usb 44-1: device descriptor read/8, error -110 [ 312.946668][T12276] tipc: Enabled bearer , priority 0 [ 312.950312][T12276] syzkaller0: entered promiscuous mode [ 312.952911][T12276] syzkaller0: entered allmulticast mode [ 312.961639][T12276] tipc: Resetting bearer [ 312.968755][T12274] tipc: Resetting bearer [ 312.973432][T12274] tipc: Disabling bearer [ 313.025322][T12284] syz.3.1836 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 313.132980][ T53] usb usb44-port1: attempt power cycle [ 313.242848][T12292] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5) [ 313.245582][T12292] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 313.270218][T12292] vhci_hcd vhci_hcd.0: Device attached [ 313.602437][ T840] usb 40-1: SetAddress Request (2) to port 0 [ 313.606053][ T840] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd [ 313.692888][ T53] usb usb44-port1: unable to enumerate USB device [ 314.022309][T12294] vhci_hcd: connection reset by peer [ 314.024931][ T8558] vhci_hcd: stop threads [ 314.026869][ T8558] vhci_hcd: release socket [ 314.028952][ T8558] vhci_hcd: disconnect device [ 314.108015][T12303] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 314.204803][ T34] libceph: connect (1)[c::]:6789 error -101 [ 314.207227][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 314.358273][T12312] ceph: No mds server is up or the cluster is laggy [ 314.383535][T12322] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 314.519280][T12330] tipc: Enabling of bearer rejected, already enabled [ 314.587765][T12335] tipc: Enabling of bearer rejected, already enabled [ 314.747614][T12341] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.1846'. [ 314.752977][T12341] sysfs: cannot create duplicate filename '/class/ieee80211/Ç`]Š •Iöq¯!¾>Ýsó³Îú*Š®!)\Ç' [ 314.755976][T12341] CPU: 1 UID: 0 PID: 12341 Comm: syz.3.1846 Not tainted syzkaller #0 PREEMPT(full) [ 314.756004][T12341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 314.756012][T12341] Call Trace: [ 314.756016][T12341] [ 314.756021][T12341] dump_stack_lvl+0x16c/0x1f0 [ 314.756044][T12341] sysfs_warn_dup+0x7f/0xa0 [ 314.756058][T12341] sysfs_do_create_link_sd+0x124/0x140 [ 314.756072][T12341] sysfs_create_link+0x61/0xc0 [ 314.756086][T12341] device_add+0x62c/0x1aa0 [ 314.756098][T12341] ? __pfx_device_add+0x10/0x10 [ 314.756107][T12341] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 314.756124][T12341] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 314.756139][T12341] wiphy_register+0x1df4/0x29f0 [ 314.756152][T12341] ? netdev_run_todo+0x864/0x1320 [ 314.756167][T12341] ? __dev_printk+0x210/0x270 [ 314.756180][T12341] ? __pfx_wiphy_register+0x10/0x10 [ 314.756196][T12341] ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0 [ 314.756211][T12341] ieee80211_register_hw+0x24a9/0x4060 [ 314.756227][T12341] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 314.756242][T12341] ? net_generic+0xea/0x2a0 [ 314.756257][T12341] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 314.756272][T12341] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 314.756285][T12341] ? __hrtimer_setup+0x176/0x280 [ 314.756301][T12341] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 314.756315][T12341] ? trace_kmalloc+0x2b/0xd0 [ 314.756329][T12341] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 314.756343][T12341] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 314.756353][T12341] ? hwsim_new_radio_nl+0xa0e/0x12c0 [ 314.756363][T12341] ? __asan_memcpy+0x3c/0x60 [ 314.756379][T12341] hwsim_new_radio_nl+0xb51/0x12c0 [ 314.756394][T12341] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 314.756414][T12341] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 314.756440][T12341] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 314.756467][T12341] genl_family_rcv_msg_doit+0x206/0x2f0 [ 314.756491][T12341] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 314.756510][T12341] ? bpf_lsm_capable+0x9/0x10 [ 314.756521][T12341] ? security_capable+0x7e/0x260 [ 314.756531][T12341] ? ns_capable+0xd7/0x110 [ 314.756543][T12341] genl_rcv_msg+0x55c/0x800 [ 314.756558][T12341] ? __pfx_genl_rcv_msg+0x10/0x10 [ 314.756573][T12341] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 314.756612][T12341] ? __schedule+0x11a3/0x5de0 [ 314.756625][T12341] ? do_fast_syscall_32+0x32/0x80 [ 314.756640][T12341] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 314.756654][T12341] netlink_rcv_skb+0x155/0x420 [ 314.756668][T12341] ? __pfx_genl_rcv_msg+0x10/0x10 [ 314.756683][T12341] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 314.756699][T12341] ? netlink_deliver_tap+0x1ae/0xd30 [ 314.756711][T12341] ? is_vmalloc_addr+0x86/0xa0 [ 314.756724][T12341] genl_rcv+0x28/0x40 [ 314.756739][T12341] netlink_unicast+0x5aa/0x870 [ 314.756761][T12341] ? __pfx_netlink_unicast+0x10/0x10 [ 314.756784][T12341] ? security_netlink_send+0xe/0x210 [ 314.756802][T12341] netlink_sendmsg+0x8d1/0xdd0 [ 314.756823][T12341] ? __pfx_netlink_sendmsg+0x10/0x10 [ 314.756846][T12341] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 314.756866][T12341] ____sys_sendmsg+0xa95/0xc70 [ 314.756888][T12341] ? __pfx_____sys_sendmsg+0x10/0x10 [ 314.756903][T12341] ? get_compat_msghdr+0x11a/0x170 [ 314.756917][T12341] ? try_to_wake_up+0xa67/0x1870 [ 314.756927][T12341] ? rcu_is_watching+0x12/0xc0 [ 314.756938][T12341] ___sys_sendmsg+0x134/0x1d0 [ 314.756951][T12341] ? lock_release+0x201/0x2f0 [ 314.756965][T12341] ? __pfx____sys_sendmsg+0x10/0x10 [ 314.756977][T12341] ? futex_private_hash_put+0x11c/0x300 [ 314.756992][T12341] ? rcu_is_watching+0x12/0xc0 [ 314.757007][T12341] __sys_sendmsg+0x16d/0x220 [ 314.757020][T12341] ? __pfx___sys_sendmsg+0x10/0x10 [ 314.757041][T12341] ? __secure_computing+0x21c/0x320 [ 314.757054][T12341] __do_fast_syscall_32+0x7c/0x3a0 [ 314.757070][T12341] do_fast_syscall_32+0x32/0x80 [ 314.757084][T12341] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 314.757098][T12341] RIP: 0023:0xf7f27579 [ 314.757107][T12341] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 314.757117][T12341] RSP: 002b:00000000f4fe155c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 314.757138][T12341] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000100 [ 314.757145][T12341] RDX: 0000000000000084 RSI: 0000000000000000 RDI: 0000000000000000 [ 314.757151][T12341] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 314.757158][T12341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 314.757164][T12341] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 314.757175][T12341] [ 315.243384][T12346] tipc: Enabled bearer , priority 0 [ 315.246381][T12346] syzkaller0: entered promiscuous mode [ 315.248181][T12346] syzkaller0: entered allmulticast mode [ 315.255989][T12346] tipc: Resetting bearer [ 315.259600][T12345] tipc: Resetting bearer [ 315.262556][T12345] tipc: Disabling bearer [ 315.401119][T12351] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 315.514381][T12359] tipc: Enabling of bearer rejected, already enabled [ 315.543061][T12362] tipc: Enabling of bearer rejected, already enabled [ 316.727624][ T40] kauditd_printk_skb: 29 callbacks suppressed [ 316.727636][ T40] audit: type=1326 audit(1755690578.839:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12380 comm="syz.3.1861" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 316.738848][ T40] audit: type=1326 audit(1755690578.839:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12380 comm="syz.3.1861" exe="/syz-executor" sig=0 arch=40000003 syscall=321 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 316.746593][ T40] audit: type=1326 audit(1755690578.839:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12380 comm="syz.3.1861" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 316.751444][T12384] tipc: Enabling of bearer rejected, already enabled [ 316.754509][ T40] audit: type=1326 audit(1755690578.839:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12380 comm="syz.3.1861" exe="/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 316.765427][ T40] audit: type=1326 audit(1755690578.839:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12380 comm="syz.3.1861" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 316.774435][ T40] audit: type=1326 audit(1755690578.839:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12380 comm="syz.3.1861" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 316.784331][ T40] audit: type=1326 audit(1755690578.839:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12380 comm="syz.3.1861" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 316.793580][ T40] audit: type=1326 audit(1755690578.839:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12380 comm="syz.3.1861" exe="/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 316.798275][T12388] tipc: Enabling of bearer rejected, already enabled [ 316.802813][ T40] audit: type=1326 audit(1755690578.839:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12380 comm="syz.3.1861" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 316.815076][ T40] audit: type=1326 audit(1755690578.839:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12380 comm="syz.3.1861" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f27579 code=0x7ffc0000 [ 318.708207][ T840] usb 40-1: device descriptor read/8, error -110 [ 319.143026][ T840] usb usb40-port1: attempt power cycle [ 319.199712][T12443] tipc: Enabled bearer , priority 0 [ 319.228697][T12443] syzkaller0: entered promiscuous mode [ 319.231673][T12443] syzkaller0: entered allmulticast mode [ 319.236725][T12443] sch_tbf: burst 12 is lower than device syzkaller0 mtu (1514) ! [ 319.240166][T12443] tipc: Resetting bearer [ 319.243172][T12442] tipc: Resetting bearer [ 319.246137][T12442] tipc: Disabling bearer [ 319.346186][T12453] macsec0: entered promiscuous mode [ 319.347885][T12453] macsec0: entered allmulticast mode [ 319.434548][T12456] syz.2.1879 (12456): drop_caches: 2 [ 319.802877][ T840] usb usb40-port1: unable to enumerate USB device [ 320.395321][T12475] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 320.398067][T12475] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 320.401133][T12475] vhci_hcd vhci_hcd.0: Device attached [ 320.719875][T12483] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 320.772384][ T840] usb 42-1: SetAddress Request (2) to port 0 [ 320.774814][ T840] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd [ 320.829101][T12476] vhci_hcd: connection reset by peer [ 320.831220][ T12] vhci_hcd: stop threads [ 320.833371][ T12] vhci_hcd: release socket [ 320.835619][ T12] vhci_hcd: disconnect device [ 321.536826][T12491] tipc: Enabling of bearer rejected, already enabled [ 323.825518][T12521] tipc: Enabled bearer , priority 0 [ 323.829244][T12521] syzkaller0: entered promiscuous mode [ 323.831435][T12521] syzkaller0: entered allmulticast mode [ 323.835202][T12523] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 323.840406][T12521] tipc: Resetting bearer [ 323.844390][T12520] tipc: Resetting bearer [ 323.847839][T12520] tipc: Disabling bearer [ 324.859537][T12551] tipc: Enabling of bearer rejected, already enabled [ 325.081965][T12563] tipc: Enabling of bearer rejected, already enabled [ 325.087102][T12563] netem: change failed [ 325.811637][T12576] netlink: 240 bytes leftover after parsing attributes in process `syz.0.1914'. [ 325.812381][ T840] usb 42-1: device descriptor read/8, error -110 [ 326.058241][T12580] tipc: Enabling of bearer rejected, failed to enable media [ 326.324374][ T840] usb usb42-port1: attempt power cycle [ 326.912628][ T840] usb usb42-port1: unable to enumerate USB device [ 328.694904][T12627] tipc: Enabling of bearer rejected, already enabled [ 330.902402][ T79] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.906190][ T8582] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.909766][ T8582] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.932617][ T8582] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.939052][T12670] comedi comedi0: c6xdigio: I/O port conflict (0x4f2b,3) [ 330.941990][T12670] ================================================================== [ 330.944552][T12670] BUG: KASAN: slab-out-of-bounds in kernfs_root+0x290/0x2a0 [ 330.946900][T12670] Read of size 8 at addr ffff88806b3d34b0 by task syz.1.1941/12670 [ 330.951080][T12670] [ 330.952190][T12670] CPU: 3 UID: 0 PID: 12670 Comm: syz.1.1941 Not tainted syzkaller #0 PREEMPT(full) [ 330.952206][T12670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 330.952214][T12670] Call Trace: [ 330.952220][T12670] [ 330.952225][T12670] dump_stack_lvl+0x116/0x1f0 [ 330.952245][T12670] print_report+0xcd/0x630 [ 330.952260][T12670] ? __virt_addr_valid+0x81/0x610 [ 330.952275][T12670] ? __phys_addr+0xe8/0x180 [ 330.952288][T12670] ? kernfs_root+0x290/0x2a0 [ 330.952301][T12670] kasan_report+0xe0/0x110 [ 330.952315][T12670] ? kernfs_root+0x290/0x2a0 [ 330.952330][T12670] kernfs_root+0x290/0x2a0 [ 330.952343][T12670] kernfs_remove_by_name_ns+0x2e/0x110 [ 330.952361][T12670] driver_remove_file+0x4a/0x60 [ 330.952378][T12670] bus_remove_driver+0x224/0x2c0 [ 330.952394][T12670] driver_unregister+0x76/0xb0 [ 330.952410][T12670] comedi_device_detach_locked+0x12c/0xa50 [ 330.952426][T12670] comedi_device_detach+0x67/0xb0 [ 330.952463][T12670] comedi_device_attach+0x43d/0x900 [ 330.952479][T12670] do_devconfig_ioctl+0x1b1/0x710 [ 330.952489][T12670] ? __mutex_lock+0x1c5/0x1060 [ 330.952504][T12670] ? __pfx_do_devconfig_ioctl+0x10/0x10 [ 330.952518][T12670] ? kasan_save_stack+0x42/0x60 [ 330.952531][T12670] ? kasan_save_stack+0x33/0x60 [ 330.952542][T12670] ? kasan_save_track+0x14/0x30 [ 330.952554][T12670] ? kasan_save_free_info+0x3b/0x60 [ 330.952564][T12670] ? __kasan_slab_free+0x60/0x70 [ 330.952578][T12670] ? kfree+0x2b4/0x4d0 [ 330.952587][T12670] ? tomoyo_path_number_perm+0x470/0x580 [ 330.952602][T12670] comedi_unlocked_ioctl+0x165d/0x2f00 [ 330.952616][T12670] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 330.952632][T12670] ? rcu_is_watching+0x12/0xc0 [ 330.952643][T12670] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 330.952662][T12670] ? tomoyo_path_number_perm+0x295/0x580 [ 330.952674][T12670] ? rcu_is_watching+0x12/0xc0 [ 330.952684][T12670] ? lock_release+0x201/0x2f0 [ 330.952698][T12670] ? tomoyo_path_number_perm+0x18d/0x580 [ 330.952711][T12670] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 330.952724][T12670] comedi_compat_ioctl+0x1d0/0x990 [ 330.952736][T12670] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 330.952748][T12670] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 330.952764][T12670] ? do_vfs_ioctl+0x128/0x14f0 [ 330.952781][T12670] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 330.952798][T12670] ? rcu_is_watching+0x12/0xc0 [ 330.952808][T12670] ? __fget_files+0x204/0x3c0 [ 330.952819][T12670] ? hook_file_ioctl_common+0x145/0x410 [ 330.952834][T12670] ? __fget_files+0x20e/0x3c0 [ 330.952844][T12670] ? __might_fault+0xb0/0x190 [ 330.952857][T12670] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 330.952869][T12670] __ia32_compat_sys_ioctl+0x23f/0x370 [ 330.952886][T12670] __do_fast_syscall_32+0x7c/0x3a0 [ 330.952906][T12670] do_fast_syscall_32+0x32/0x80 [ 330.952920][T12670] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 330.952935][T12670] RIP: 0023:0xf708e579 [ 330.952944][T12670] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 330.952957][T12670] RSP: 002b:00000000f547e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 330.952968][T12670] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000040946400 [ 330.952975][T12670] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 330.952981][T12670] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 330.952987][T12670] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 330.952994][T12670] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 330.953003][T12670] [ 330.953007][T12670] [ 331.100099][T12670] Allocated by task 5969: [ 331.101723][T12670] kasan_save_stack+0x33/0x60 [ 331.103326][T12670] kasan_save_track+0x14/0x30 [ 331.104863][T12670] __kasan_kmalloc+0xaa/0xb0 [ 331.106518][T12670] mem_cgroup_css_online+0x5c/0x640 [ 331.108399][T12670] online_css+0xaf/0x350 [ 331.109970][T12670] cgroup_apply_control_enable+0x702/0xbb0 [ 331.111812][T12670] cgroup_mkdir+0x5e7/0x11f0 [ 331.113304][T12670] kernfs_iop_mkdir+0x111/0x190 [ 331.114846][T12670] vfs_mkdir+0x590/0x8c0 [ 331.116195][T12670] do_mkdirat+0x304/0x3e0 [ 331.117589][T12670] __ia32_sys_mkdirat+0x82/0xb0 [ 331.119123][T12670] __do_fast_syscall_32+0x7c/0x3a0 [ 331.121136][T12670] do_fast_syscall_32+0x32/0x80 [ 331.123397][T12670] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 331.125936][T12670] [ 331.126874][T12670] The buggy address belongs to the object at ffff88806b3d3480 [ 331.126874][T12670] which belongs to the cache kmalloc-64 of size 64 [ 331.132548][T12670] The buggy address is located 0 bytes to the right of [ 331.132548][T12670] allocated 48-byte region [ffff88806b3d3480, ffff88806b3d34b0) [ 331.138489][T12670] [ 331.139529][T12670] The buggy address belongs to the physical page: [ 331.142337][T12670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88806b3d3700 pfn:0x6b3d3 [ 331.146570][T12670] flags: 0x4fff00000000200(workingset|node=1|zone=1|lastcpupid=0x7ff) [ 331.150038][T12670] page_type: f5(slab) [ 331.151748][T12670] raw: 04fff00000000200 ffff88801b8428c0 ffffea0001bda990 ffffea0001bc6b90 [ 331.155370][T12670] raw: ffff88806b3d3700 0000000000200013 00000000f5000000 0000000000000000 [ 331.158690][T12670] page dumped because: kasan: bad access detected [ 331.161655][T12670] page_owner tracks the page as allocated [ 331.163988][T12670] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5970, tgid 5970 (syz-executor), ts 44191768923, free_ts 0 [ 331.171438][T12670] post_alloc_hook+0x1c0/0x230 [ 331.173503][T12670] get_page_from_freelist+0x132b/0x38e0 [ 331.175848][T12670] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 331.178661][T12670] alloc_pages_mpol+0x1fb/0x550 [ 331.180713][T12670] new_slab+0x247/0x330 [ 331.182478][T12670] ___slab_alloc+0xcf2/0x1740 [ 331.184571][T12670] __slab_alloc.constprop.0+0x56/0xb0 [ 331.186870][T12670] __kmalloc_noprof+0x2f2/0x510 [ 331.188936][T12670] kobject_get_path+0xd2/0x2a0 [ 331.190978][T12670] kobject_uevent_env+0x289/0x1870 [ 331.193137][T12670] __kobject_del+0x168/0x1f0 [ 331.194962][T12670] kobject_put+0x327/0x5a0 [ 331.196645][T12670] net_rx_queue_update_kobjects+0x54d/0x770 [ 331.198422][T12670] netif_set_real_num_rx_queues+0x216/0x3b0 [ 331.200647][T12670] veth_init_queues+0x151/0x190 [ 331.202365][T12670] veth_newlink+0x4ec/0xa00 [ 331.204043][T12670] page_owner free stack trace missing [ 331.206219][T12670] [ 331.207156][T12670] Memory state around the buggy address: [ 331.209510][T12670] ffff88806b3d3380: 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc fc [ 331.212825][T12670] ffff88806b3d3400: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 331.216695][T12670] >ffff88806b3d3480: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 331.221141][T12670] ^ [ 331.223652][T12670] ffff88806b3d3500: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 331.227058][T12670] ffff88806b3d3580: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 331.230468][T12670] ================================================================== [ 331.236709][T12670] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 331.239306][T12670] CPU: 2 UID: 0 PID: 12670 Comm: syz.1.1941 Not tainted syzkaller #0 PREEMPT(full) [ 331.242695][T12670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 331.246528][T12670] Call Trace: [ 331.247956][T12670] [ 331.249230][T12670] dump_stack_lvl+0x3d/0x1f0 [ 331.251195][T12670] vpanic+0x6e8/0x7a0 [ 331.252866][T12670] ? __pfx_vpanic+0x10/0x10 [ 331.254349][T12670] ? __pfx_vprintk_emit+0x10/0x10 [ 331.256035][T12670] ? kernfs_root+0x290/0x2a0 [ 331.257524][T12670] panic+0xca/0xd0 [ 331.258727][T12670] ? __pfx_panic+0x10/0x10 [ 331.260143][T12670] ? kernfs_root+0x290/0x2a0 [ 331.261726][T12670] ? preempt_schedule_common+0x44/0xc0 [ 331.264463][T12670] ? preempt_schedule_thunk+0x16/0x30 [ 331.267155][T12670] check_panic_on_warn+0xab/0xb0 [ 331.269780][T12670] end_report+0x107/0x170 [ 331.271651][T12670] kasan_report+0xee/0x110 [ 331.273458][T12670] ? kernfs_root+0x290/0x2a0 [ 331.275563][T12670] kernfs_root+0x290/0x2a0 [ 331.277576][T12670] kernfs_remove_by_name_ns+0x2e/0x110 [ 331.279885][T12670] driver_remove_file+0x4a/0x60 [ 331.281968][T12670] bus_remove_driver+0x224/0x2c0 [ 331.284106][T12670] driver_unregister+0x76/0xb0 [ 331.286145][T12670] comedi_device_detach_locked+0x12c/0xa50 [ 331.288359][T12670] comedi_device_detach+0x67/0xb0 [ 331.290625][T12670] comedi_device_attach+0x43d/0x900 [ 331.292694][T12670] do_devconfig_ioctl+0x1b1/0x710 [ 331.294364][T12670] ? __mutex_lock+0x1c5/0x1060 [ 331.295921][T12670] ? __pfx_do_devconfig_ioctl+0x10/0x10 [ 331.297679][T12670] ? kasan_save_stack+0x42/0x60 [ 331.299261][T12670] ? kasan_save_stack+0x33/0x60 [ 331.300825][T12670] ? kasan_save_track+0x14/0x30 [ 331.302773][T12670] ? kasan_save_free_info+0x3b/0x60 [ 331.304922][T12670] ? __kasan_slab_free+0x60/0x70 [ 331.306942][T12670] ? kfree+0x2b4/0x4d0 [ 331.308484][T12670] ? tomoyo_path_number_perm+0x470/0x580 [ 331.310866][T12670] comedi_unlocked_ioctl+0x165d/0x2f00 [ 331.313278][T12670] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 331.315778][T12670] ? rcu_is_watching+0x12/0xc0 [ 331.317956][T12670] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 331.320400][T12670] ? tomoyo_path_number_perm+0x295/0x580 [ 331.322606][T12670] ? rcu_is_watching+0x12/0xc0 [ 331.324173][T12670] ? lock_release+0x201/0x2f0 [ 331.325702][T12670] ? tomoyo_path_number_perm+0x18d/0x580 [ 331.327990][T12670] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 331.330512][T12670] comedi_compat_ioctl+0x1d0/0x990 [ 331.332754][T12670] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 331.334742][T12670] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 331.337358][T12670] ? do_vfs_ioctl+0x128/0x14f0 [ 331.339541][T12670] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 331.341821][T12670] ? rcu_is_watching+0x12/0xc0 [ 331.343796][T12670] ? __fget_files+0x204/0x3c0 [ 331.345362][T12670] ? hook_file_ioctl_common+0x145/0x410 [ 331.347182][T12670] ? __fget_files+0x20e/0x3c0 [ 331.348795][T12670] ? __might_fault+0xb0/0x190 [ 331.350386][T12670] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 331.352292][T12670] __ia32_compat_sys_ioctl+0x23f/0x370 [ 331.354660][T12670] __do_fast_syscall_32+0x7c/0x3a0 [ 331.356531][T12670] do_fast_syscall_32+0x32/0x80 [ 331.358296][T12670] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 331.360329][T12670] RIP: 0023:0xf708e579 [ 331.361746][T12670] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 331.368845][T12670] RSP: 002b:00000000f547e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 331.371500][T12670] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000040946400 [ 331.374580][T12670] RDX: 00000000800000c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 331.377187][T12670] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 331.379874][T12670] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 331.382600][T12670] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 331.385537][T12670] [ 331.387772][T12670] Kernel Offset: disabled [ 331.389573][T12670] Rebooting in 86400 seconds.. VM DIAGNOSIS: 11:46:04 Registers: info registers vcpu 0 CPU#0 RAX=fffffbfff2156ed2 RBX=fffffbfff2156ed3 RCX=ffffffff81c2f0af RDX=fffffbfff2156ed3 RSI=0000000000000008 RDI=ffffffff90ab7690 RBP=fffffbfff2156ed2 RSP=ffffc9000326f6f8 R8 =0000000000000000 R9 =fffffbfff2156ed2 R10=ffffffff90ab7697 R11=0000000000000000 R12=0000000000000000 R13=ffffc9000326f8a8 R14=ffff88805f65ab68 R15=ffffc9000326f8b8 RIP=ffffffff82206520 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880974c4000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7193b10 CR3=000000005f5d7000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055b3382e6c50 000055b3382e6c50 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe731a78e0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 202c315b20746573 6e75203a32687465 20316d6973766564 74656e206d697376 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2039373537326637 6678303d70692031 3d7461706d6f6320 31323d6c6c616373 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7973203330303030 3030343d68637261 20303d6769732022 726f747563657865 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2d7a79732f223d65 7865202231363831 2e332e7a7973223d 6d6d6f6320303833 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 32313d6469702064 656e69666e6f636e 753d6a6275732035 3932373639343932 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000098118c RBX=0000000000000001 RCX=ffffffff8b908bf9 RDX=ffffed1005666656 RSI=ffffffff8c162c80 RDI=ffffffff8190cca1 RBP=ffffed1003bdf488 RSP=ffffc9000046fdf8 R8 =0000000000000000 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000001 R12=0000000000000001 R13=ffff88801defa440 R14=ffffffff90ab7690 R15=0000000000000000 RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880975c4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000005f5d7000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000020 RCX=ffffffff84e8f814 RDX=ffff888022f64880 RSI=ffffffff84e8f823 RDI=0000000000000001 RBP=ffffc900037ef320 RSP=ffffc900037ef190 R8 =0000000000000001 R9 =0000000000000020 R10=0000000000000024 R11=0000000000000000 R12=0000000000000024 R13=ffffc900037ef300 R14=ffff8880255eca7e R15=00000000000000e2 RIP=ffffffff84e8f823 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fdd71f97300 ffffffff 00c00000 GS =0000 ffff8880976c4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055dfa6e24000 CR3=000000004bbb1000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000003400000012 0004000000080024 0028000000300038 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000000b 0000003800000000 0000000000000000 0000000000000017 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000000f 000000040000000a 0000000700000008 000000000000079d ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0dd8000800020800 0580020601439e00 30656c69662f2e01 ffffffffffffffff ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ef08058003000800 4082840800000206 01439e0030656c69 662f2e01ffffffff ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffef080003 000800018080d0c0 0800018002060140 f80030656c69662f ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e01ffffffffffff ffffef0801800320 0000027d00000003 0000000200000001 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0004000bc8030010 000bb8030008000b b0030008000ba803 0fffffffff020ba0 ZMM25=7a05a5bb7a05a5bb 7a05a5bb7a05a5bb 7a05a5bb7a05a5bb 7a05a5bb7a05a5bb 7a05a5bb7a05a5bb 7a05a5bb7a05a5bb 7a05a5bb7a05a5bb 7a05a5bb7a05a5bb ZMM26=1a6cedfd1a6cedfd 1a6cedfd1a6cedfd 1a6cedfd1a6cedfd 1a6cedfd1a6cedfd 1a6cedfd1a6cedfd 1a6cedfd1a6cedfd 1a6cedfd1a6cedfd 1a6cedfd1a6cedfd ZMM27=a6e31103a6e31103 a6e31103a6e31103 a6e31103a6e31103 a6e31103a6e31103 a6e31103a6e31103 a6e31103a6e31103 a6e31103a6e31103 a6e31103a6e31103 ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=2f1200002f120000 2f1200002f120000 2f1200002f120000 2f1200002f120000 2f1200002f120000 2f1200002f120000 2f1200002f120000 2f1200002f120000 info registers vcpu 3 CPU#3 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff85616c00 RDI=ffffffff9b0f8680 RBP=ffffffff9b0f8640 RSP=ffffc900032cf0f8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3630383838666666 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff361f122 R15=dffffc0000000000 RIP=ffffffff85616c27 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880977c4000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000031e09ff8 CR3=000000006e326000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000