last executing test programs: 7.789083461s ago: executing program 0 (id=380): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000002000)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e", @ANYRES8], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0x80015b1b, 0x0) 6.008801466s ago: executing program 0 (id=387): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x0, 0x24, &(0x7f0000000740)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ee2d010203010902"], 0x0) ioctl$EVIOCRMFF(r0, 0x40085503, &(0x7f0000000000)=0x1) 5.95013711s ago: executing program 2 (id=388): getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socket$igmp6(0xa, 0x3, 0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r3, 0x0, 0x0) r4 = socket$inet6(0xa, 0x80003, 0x6) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8) sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0x0) 4.558619604s ago: executing program 2 (id=394): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$usbfs(&(0x7f0000000100), 0x45e, 0x101701) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0) ioctl$TCSBRKP(r2, 0x5425, 0x0) r3 = io_uring_setup(0x28d5, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x211}) close(r3) ioctl$TCSETSW2(r2, 0x5425, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) close(r0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) ioperm(0x3, 0x2c3, 0xbc) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {0x9}}, './file0\x00'}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, &(0x7f00000003c0)={0x1, 0x4, 0x2, 0x0, 0xe}) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/profiling', 0x141b82, 0x180) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x47}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x64, 0x18, 0xa, 0x201, 0x0, 0x0, {0x5, 0x0, 0x7}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSETELEM={0x7c, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x54, 0x3, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_EXPRESSIONS={0x48, 0x6, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}, {0x30, 0x1, 0x0, 0x1, @fwd={{0x8}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0xb}]}}}]}]}]}]}], {0x14, 0x10}}, 0x144}}, 0x0) 4.044714774s ago: executing program 0 (id=397): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000540)={0x24, &(0x7f0000000200)={0x20, 0xb}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$FS_IOC_GETVERSION(r1, 0xc0145b0d, &(0x7f0000000040)) 3.969488516s ago: executing program 1 (id=398): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x3d, 0x800000, 0x8, 0x7, 0x2, 0x81}) write$bt_hci(r0, &(0x7f0000000080)=ANY=[], 0x6) 3.969132072s ago: executing program 1 (id=399): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$usbfs(&(0x7f0000000100), 0x45e, 0x101701) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0) ioctl$TCSBRKP(r2, 0x5425, 0x0) r3 = io_uring_setup(0x28d5, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x211}) close(r3) ioctl$TCSETSW2(r2, 0x5425, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) close(r0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) ioperm(0x3, 0x2c3, 0xbc) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {0x9}}, './file0\x00'}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, &(0x7f00000003c0)={0x1, 0x4, 0x2, 0x0, 0xe}) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x9, 0x12) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x47}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x64, 0x18, 0xa, 0x201, 0x0, 0x0, {0x5, 0x0, 0x7}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSETELEM={0x7c, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x54, 0x3, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_EXPRESSIONS={0x48, 0x6, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}, {0x30, 0x1, 0x0, 0x1, @fwd={{0x8}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0xb}]}}}]}]}]}]}], {0x14, 0x10}}, 0x144}}, 0x0) 3.52973197s ago: executing program 2 (id=400): socket$nl_generic(0x10, 0x3, 0x10) syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0xffffffffff600000) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES32=r0], 0x2) 3.029844277s ago: executing program 1 (id=402): getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socket$igmp6(0xa, 0x3, 0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r3, 0x0, 0x0) r4 = socket$inet6(0xa, 0x80003, 0x6) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8) sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0x0) 2.470223798s ago: executing program 3 (id=406): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7000000000003b00000008000300", @ANYRES32=r1, @ANYBLOB="26003300b0980300ffffffffffff08021100000050505050505057"], 0x44}, 0x1, 0x0, 0x0, 0x1668cc120eaba2da}, 0x0) 2.390171421s ago: executing program 3 (id=407): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote, 0x12}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1) 2.270090219s ago: executing program 0 (id=408): socket$nl_generic(0x10, 0x3, 0x10) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000640)={'filter\x00', 0x7, 0x4, 0x3c8, 0x10c, 0x10c, 0x0, 0x2e8, 0x2e8, 0x2e8, 0x4, 0x0, {[{{@uncond, 0xbc, 0x10c}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @loopback, @loopback, 0x2}}}, {{@uncond, 0xbc, 0xfc}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "53a145c767671fcf0c243d543b9d83f0863f3aac810f97fea80e1b838805"}}, {{@uncond, 0xbc, 0xe0}, @unspec=@NFQUEUE1={0x24, 'NFQUEUE\x00', 0x1, {0x9, 0x7}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x414) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000180)=ANY=[@ANYBLOB="01000000000000001b"]) sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000fdffff1e04000000400001802c0004001400010002000a00ac14140f00000000000002001400020002000000ffffffff00000000000000000d0001007564703a73797a32000000008e836e31801dd8fbd47c240d697e9377d47629f95b33cab4ace9b29d2022320414ccfc14c647108fee780f217cb442796fa6d40843af1b2b1f544a6d07debc2b61b6ed955206648370ab954e113d3aa87998391ad926838f5e53acb5ddf32a8a433ad4ebd8a9f02aeb068f6e05e42006cfa4b5bca1557f9eae3f07a0cf4d994a704b2a9064af9c072c13f8a578f22c50a4ce748eba83e67754e74e3d83"], 0x54}}, 0x0) add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2, 0xc3072, 0xffffffffffffffff, 0x200000) 2.108995s ago: executing program 2 (id=409): socket$nl_route(0x10, 0x3, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000002280)={0x2020}, 0x2020) syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$sndmidi(0x0, 0x2, 0x141101) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_BSS(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x2c, 0x0, 0x1, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x81}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40050}, 0x40) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000ffb000/0x2000)=nil) socket$nl_route(0x10, 0x3, 0x0) openat$cdrom(0xffffff9c, &(0x7f0000000140), 0x880, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') lseek(r4, 0x1000000, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000340)='net/snmp6\x00') preadv(r5, &(0x7f00000018c0)=[{&(0x7f00000004c0)=""/73, 0x49}], 0x1, 0x8081f3, 0x0) 1.99849402s ago: executing program 1 (id=410): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$usbfs(&(0x7f0000000100), 0x45e, 0x101701) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0) ioctl$TCSBRKP(r2, 0x5425, 0x0) r3 = io_uring_setup(0x28d5, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x211}) close(r3) ioctl$TCSETSW2(r2, 0x5425, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) close(r0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) ioperm(0x3, 0x2c3, 0xbc) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {0x9}}, './file0\x00'}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, &(0x7f00000003c0)={0x1, 0x4, 0x2, 0x0, 0xe}) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/profiling', 0x141b82, 0x180) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x47}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x64, 0x18, 0xa, 0x201, 0x0, 0x0, {0x5, 0x0, 0x7}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSETELEM={0x7c, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x54, 0x3, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_EXPRESSIONS={0x48, 0x6, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}, {0x30, 0x1, 0x0, 0x1, @fwd={{0x8}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0xb}]}}}]}]}]}]}], {0x14, 0x10}}, 0x144}}, 0x0) 1.48002235s ago: executing program 3 (id=411): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$usbfs(&(0x7f0000000100), 0x45e, 0x101701) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0) ioctl$TCSBRKP(r2, 0x5425, 0x0) r3 = io_uring_setup(0x28d5, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x211}) close(r3) ioctl$TCSETSW2(r2, 0x5425, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) close(r0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) ioperm(0x3, 0x2c3, 0xbc) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {0x9}}, './file0\x00'}) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/profiling', 0x141b82, 0x180) write$cgroup_int(r4, &(0x7f0000000040)=0x9, 0x12) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x47}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x64, 0x18, 0xa, 0x201, 0x0, 0x0, {0x5, 0x0, 0x7}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSETELEM={0x7c, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x54, 0x3, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_EXPRESSIONS={0x48, 0x6, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}, {0x30, 0x1, 0x0, 0x1, @fwd={{0x8}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0xb}]}}}]}]}]}]}], {0x14, 0x10}}, 0x144}}, 0x0) 1.054515937s ago: executing program 1 (id=412): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000000c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000200000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="2e003300d0000000ffffffffffff08021100000050505050505000000004"], 0x4c}}, 0x0) 960.338283ms ago: executing program 1 (id=413): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB="200617"], 0x0, 0x0, 0x0, 0x0}, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0) 959.99388ms ago: executing program 2 (id=414): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000000), 0x4) 959.817092ms ago: executing program 2 (id=415): bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$evdev(0x0, 0x0, 0x60000) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x1b, &(0x7f0000000200)={@loopback}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='reclaim_retry_zone\x00'}, 0x18) futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd) syz_open_procfs(0x0, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r3 = syz_open_dev$usbmon(&(0x7f0000000000), 0x1, 0x0) ioctl$MON_IOCX_GET(r3, 0x400c9206, &(0x7f0000000080)={0x0, 0x0}) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r4, 0x0, 0xc800) io_setup(0x6, &(0x7f0000001380)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$pmem0(0xffffffffffffff9c, &(0x7f0000002340), 0x80d01, 0x0) pwrite64(r5, &(0x7f0000000000)="a5", 0xfffffe8c, 0x2) 598.986568ms ago: executing program 3 (id=416): syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0xffff060e}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080) 598.771981ms ago: executing program 0 (id=417): capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040), 0x6) write$bt_hci(r0, &(0x7f0000000000)=ANY=[], 0x27) 509.671582ms ago: executing program 0 (id=418): getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x8f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socket$igmp6(0xa, 0x3, 0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r3, 0x0, 0x0) r4 = socket$inet6(0xa, 0x80003, 0x6) connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8) sendmmsg(r4, &(0x7f0000000480), 0x2e9, 0x0) 462.865µs ago: executing program 3 (id=419): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000600)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000640)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_MCAST_FLOOD={0x5}]}}}]}, 0x44}}, 0x0) 0s ago: executing program 3 (id=420): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$usbfs(&(0x7f0000000100), 0x45e, 0x101701) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0) ioctl$TCSBRKP(r2, 0x5425, 0x0) r3 = io_uring_setup(0x28d5, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x211}) close(r3) ioctl$TCSETSW2(r2, 0x5425, 0x0) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) close(r0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) ioperm(0x3, 0x2c3, 0xbc) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {0x9}}, './file0\x00'}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, &(0x7f00000003c0)={0x1, 0x4, 0x2, 0x0, 0xe}) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/profiling', 0x141b82, 0x180) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x47}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x64, 0x18, 0xa, 0x201, 0x0, 0x0, {0x5, 0x0, 0x7}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSETELEM={0x7c, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x54, 0x3, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_EXPRESSIONS={0x48, 0x6, 0x0, 0x1, [{0x14, 0x7, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}, {0x30, 0x1, 0x0, 0x1, @fwd={{0x8}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_FWD_SREG_ADDR={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_FWD_SREG_DEV={0x8, 0x1, 0x1, 0x0, 0xb}]}}}]}]}]}]}], {0x14, 0x10}}, 0x144}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:11977' (ED25519) to the list of known hosts. [ 41.743523][ T5852] cgroup: Unknown subsys name 'net' [ 41.869245][ T5852] cgroup: Unknown subsys name 'cpuset' [ 41.875466][ T5852] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 43.024643][ T5852] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 47.701402][ T5938] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 47.704426][ T5938] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 47.707194][ T5938] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 47.709951][ T5938] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 47.712541][ T5938] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 47.714223][ T5941] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 47.719658][ T5941] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 47.722331][ T5941] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 47.729690][ T5938] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 47.731407][ T63] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 47.733692][ T5938] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 47.736234][ T63] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 47.742319][ T5947] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 47.746883][ T5947] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 47.752129][ T5938] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 47.755064][ T5938] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 47.761045][ T5947] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 47.764135][ T5947] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 47.767486][ T5947] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 47.770639][ T5947] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 48.024925][ T5936] chnl_net:caif_netlink_parms(): no params data found [ 48.063337][ T5940] chnl_net:caif_netlink_parms(): no params data found [ 48.102448][ T5945] chnl_net:caif_netlink_parms(): no params data found [ 48.273431][ T5948] chnl_net:caif_netlink_parms(): no params data found [ 48.285709][ T5936] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.289740][ T5936] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.292133][ T5936] bridge_slave_0: entered allmulticast mode [ 48.294792][ T5936] bridge_slave_0: entered promiscuous mode [ 48.341423][ T5936] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.344342][ T5936] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.347619][ T5936] bridge_slave_1: entered allmulticast mode [ 48.351515][ T5936] bridge_slave_1: entered promiscuous mode [ 48.400623][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.402863][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.405263][ T5940] bridge_slave_0: entered allmulticast mode [ 48.408820][ T5940] bridge_slave_0: entered promiscuous mode [ 48.461975][ T5936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 48.467277][ T5936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 48.470160][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.472404][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.474800][ T5940] bridge_slave_1: entered allmulticast mode [ 48.477678][ T5940] bridge_slave_1: entered promiscuous mode [ 48.551088][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.554141][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.558507][ T5945] bridge_slave_0: entered allmulticast mode [ 48.561181][ T5945] bridge_slave_0: entered promiscuous mode [ 48.564351][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.566789][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.570084][ T5945] bridge_slave_1: entered allmulticast mode [ 48.573164][ T5945] bridge_slave_1: entered promiscuous mode [ 48.582980][ T5936] team0: Port device team_slave_0 added [ 48.661180][ T5936] team0: Port device team_slave_1 added [ 48.665056][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 48.670369][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 48.688554][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 48.691673][ T5948] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.694444][ T5948] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.697475][ T5948] bridge_slave_0: entered allmulticast mode [ 48.702114][ T5948] bridge_slave_0: entered promiscuous mode [ 48.733910][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 48.755021][ T5948] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.758255][ T5948] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.761270][ T5948] bridge_slave_1: entered allmulticast mode [ 48.765182][ T5948] bridge_slave_1: entered promiscuous mode [ 48.854272][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 48.858910][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.869171][ T5936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 48.876374][ T5940] team0: Port device team_slave_0 added [ 48.880846][ T5945] team0: Port device team_slave_0 added [ 48.884943][ T5948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 48.888634][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 48.891518][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.903197][ T5936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 48.908295][ T5940] team0: Port device team_slave_1 added [ 48.912722][ T5945] team0: Port device team_slave_1 added [ 48.916657][ T5948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 48.981277][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 48.983975][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.994570][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 49.040743][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 49.042935][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.051092][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 49.057635][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 49.060534][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.070776][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 49.076317][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 49.079196][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.091658][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 49.098550][ T5948] team0: Port device team_slave_0 added [ 49.164232][ T5948] team0: Port device team_slave_1 added [ 49.195321][ T5936] hsr_slave_0: entered promiscuous mode [ 49.198208][ T5936] hsr_slave_1: entered promiscuous mode [ 49.221580][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 49.223777][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.231861][ T5948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 49.311174][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 49.313611][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.324126][ T5948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 49.336831][ T5945] hsr_slave_0: entered promiscuous mode [ 49.339094][ T5945] hsr_slave_1: entered promiscuous mode [ 49.341565][ T5945] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 49.344457][ T5945] Cannot create hsr debugfs directory [ 49.350845][ T5940] hsr_slave_0: entered promiscuous mode [ 49.353998][ T5940] hsr_slave_1: entered promiscuous mode [ 49.357206][ T5940] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 49.360162][ T5940] Cannot create hsr debugfs directory [ 49.471003][ T5948] hsr_slave_0: entered promiscuous mode [ 49.473235][ T5948] hsr_slave_1: entered promiscuous mode [ 49.475322][ T5948] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 49.477800][ T5948] Cannot create hsr debugfs directory [ 49.767055][ T5301] Bluetooth: hci2: command tx timeout [ 49.767062][ T5938] Bluetooth: hci0: command tx timeout [ 49.768698][ T5947] Bluetooth: hci1: command tx timeout [ 49.846762][ T5947] Bluetooth: hci3: command tx timeout [ 49.884372][ T5936] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 49.891633][ T5936] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 49.895606][ T5936] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 49.908827][ T5936] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 49.938509][ T5945] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 49.944346][ T5945] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 49.949949][ T5945] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 49.954323][ T5945] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 49.991964][ T5940] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 49.997158][ T5940] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 50.002033][ T5940] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 50.006676][ T5940] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 50.054641][ T5948] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 50.060319][ T5948] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 50.064521][ T5948] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 50.069341][ T5948] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 50.111023][ T5936] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.127197][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.143650][ T5936] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.154950][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.158279][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.169748][ T226] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.172004][ T226] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.178756][ T5945] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.194432][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.200237][ T226] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.203355][ T226] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.213387][ T226] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.215727][ T226] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.242968][ T5940] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.257953][ T92] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.260798][ T92] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.298056][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.300520][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.319580][ T5948] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.340482][ T5948] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.357668][ T226] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.359950][ T226] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.363104][ T226] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.365336][ T226] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.399595][ T5936] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.427263][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.435302][ T5936] veth0_vlan: entered promiscuous mode [ 50.449045][ T5936] veth1_vlan: entered promiscuous mode [ 50.464979][ T5945] veth0_vlan: entered promiscuous mode [ 50.475112][ T5936] veth0_macvtap: entered promiscuous mode [ 50.480410][ T5936] veth1_macvtap: entered promiscuous mode [ 50.484592][ T5945] veth1_vlan: entered promiscuous mode [ 50.502185][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.510432][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 50.518568][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 50.528896][ T5936] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.531753][ T5936] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.534468][ T5936] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.537754][ T5936] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.552526][ T5945] veth0_macvtap: entered promiscuous mode [ 50.560045][ T5948] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.567905][ T5945] veth1_macvtap: entered promiscuous mode [ 50.594669][ T5940] veth0_vlan: entered promiscuous mode [ 50.605529][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 50.612579][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.615171][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.622124][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 50.625395][ T5940] veth1_vlan: entered promiscuous mode [ 50.642756][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.643421][ T5945] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.645291][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.649257][ T5945] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.654772][ T5945] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.658383][ T5945] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.695192][ T5948] veth0_vlan: entered promiscuous mode [ 50.699433][ T5940] veth0_macvtap: entered promiscuous mode [ 50.701539][ T5936] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 50.710938][ T5948] veth1_vlan: entered promiscuous mode [ 50.714244][ T5940] veth1_macvtap: entered promiscuous mode [ 50.719081][ T226] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.721524][ T226] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.743502][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 50.748496][ T226] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.750282][ T5948] veth0_macvtap: entered promiscuous mode [ 50.751087][ T226] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.755734][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 50.762562][ T5948] veth1_macvtap: entered promiscuous mode [ 50.767754][ T5940] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.770655][ T5940] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.773492][ T5940] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.777487][ T5940] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.791503][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 50.801690][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 50.809133][ T5948] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.812005][ T5948] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.814924][ T5948] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.818986][ T5948] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.872436][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.875102][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.905941][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.910981][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.949223][ T40] audit: type=1800 audit(1748789773.202:2): pid=6005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5" name="bus" dev="overlay" ino=32 res=0 errno=0 [ 50.957951][ T40] audit: type=1326 audit(1748789773.212:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6004 comm="syz.1.6" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 50.974561][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.983844][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.988343][ T40] audit: type=1326 audit(1748789773.232:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6004 comm="syz.1.6" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 50.994820][ T40] audit: type=1326 audit(1748789773.232:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6004 comm="syz.1.6" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 51.001800][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 51.002954][ T40] audit: type=1326 audit(1748789773.232:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6004 comm="syz.1.6" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 51.004328][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 51.010965][ T40] audit: type=1326 audit(1748789773.232:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6004 comm="syz.1.6" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 51.024470][ T40] audit: type=1326 audit(1748789773.232:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6004 comm="syz.1.6" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 51.034893][ T40] audit: type=1326 audit(1748789773.232:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6004 comm="syz.1.6" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 51.043482][ T40] audit: type=1326 audit(1748789773.242:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6004 comm="syz.1.6" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 51.055469][ T40] audit: type=1326 audit(1748789773.242:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6004 comm="syz.1.6" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 51.084296][ T6012] fuse: Bad value for 'fd' [ 51.456171][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 51.456230][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 51.763358][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 51.763395][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 51.763490][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 51.825935][ T6027] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 51.846717][ T5947] Bluetooth: hci2: command tx timeout [ 51.847234][ T5947] Bluetooth: hci1: command tx timeout [ 52.070594][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 52.070677][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 52.070779][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 52.070826][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 52.070930][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 52.070934][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 52.370981][ C1] Illegal XDP return value 16128 on prog (id 2) dev hsr_slave_1, expect packet loss! [ 52.565684][ T6033] netlink: 'syz.3.9': attribute type 2 has an invalid length. [ 52.636577][ T54] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 52.795702][ T54] usb 6-1: Using ep0 maxpacket: 8 [ 52.796690][ T226] Bluetooth: hci4: Frame reassembly failed (-84) [ 52.806268][ T5947] Bluetooth: hci0: command tx timeout [ 52.826302][ T54] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 52.828848][ T54] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 52.831812][ T54] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 52.834802][ T54] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 52.839854][ T54] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 52.844275][ T54] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 52.848590][ T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 53.022965][ T6047] syz.2.13: vmalloc error: size 34359742464, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 53.028278][ T6047] CPU: 3 UID: 0 PID: 6047 Comm: syz.2.13 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 53.028295][ T6047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 53.028303][ T6047] Call Trace: [ 53.028307][ T6047] [ 53.028311][ T6047] dump_stack_lvl+0x16c/0x1f0 [ 53.028332][ T6047] warn_alloc+0x248/0x3a0 [ 53.028349][ T6047] ? __pfx_warn_alloc+0x10/0x10 [ 53.028363][ T6047] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 53.028379][ T6047] ? stack_depot_save_flags+0x3e0/0xa40 [ 53.028403][ T6047] ? kasan_save_stack+0x42/0x60 [ 53.028416][ T6047] ? kasan_save_stack+0x33/0x60 [ 53.028428][ T6047] ? kasan_save_track+0x14/0x30 [ 53.028442][ T6047] ? xskq_create+0x52/0x1d0 [ 53.028455][ T6047] ? xsk_setsockopt+0x684/0x840 [ 53.028465][ T6047] ? do_sock_setsockopt+0x221/0x470 [ 53.028484][ T6047] ? xskq_create+0xfb/0x1d0 [ 53.028497][ T6047] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 53.028514][ T6047] ? xskq_create+0xfb/0x1d0 [ 53.028530][ T6047] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 53.028546][ T6047] ? xskq_create+0xfb/0x1d0 [ 53.028559][ T6047] vmalloc_user_noprof+0x9e/0xe0 [ 53.028570][ T6047] ? xskq_create+0xfb/0x1d0 [ 53.028583][ T6047] xskq_create+0xfb/0x1d0 [ 53.028596][ T6047] xsk_setsockopt+0x684/0x840 [ 53.028608][ T6047] ? __pfx_xsk_setsockopt+0x10/0x10 [ 53.028620][ T6047] ? __pfx_aa_sk_perm+0x10/0x10 [ 53.028635][ T6047] ? errseq_sample+0x53/0x70 [ 53.028648][ T6047] ? __pfx_xsk_setsockopt+0x10/0x10 [ 53.028660][ T6047] do_sock_setsockopt+0x221/0x470 [ 53.028677][ T6047] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 53.028704][ T6047] __sys_setsockopt+0x120/0x1a0 [ 53.028720][ T6047] __ia32_sys_setsockopt+0xbc/0x160 [ 53.028734][ T6047] ? lockdep_hardirqs_on+0x7c/0x110 [ 53.028750][ T6047] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 53.028765][ T6047] __do_fast_syscall_32+0x7c/0x3a0 [ 53.028782][ T6047] do_fast_syscall_32+0x32/0x80 [ 53.028798][ T6047] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 53.028812][ T6047] RIP: 0023:0xf702e579 [ 53.028821][ T6047] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 53.028831][ T6047] RSP: 002b:00000000f4ffd55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 53.028842][ T6047] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000011b [ 53.028849][ T6047] RDX: 0000000000000002 RSI: 0000000080000080 RDI: 0000000000000020 [ 53.028855][ T6047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 53.028861][ T6047] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 53.028867][ T6047] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 53.028880][ T6047] [ 53.028884][ T6047] Mem-Info: [ 53.128937][ T5947] Bluetooth: hci3: command tx timeout [ 53.132215][ T6047] active_anon:16226 inactive_anon:0 isolated_anon:0 [ 53.132215][ T6047] active_file:1194 inactive_file:39829 isolated_file:0 [ 53.132215][ T6047] unevictable:1768 dirty:308 writeback:0 [ 53.132215][ T6047] slab_reclaimable:10016 slab_unreclaimable:52196 [ 53.132215][ T6047] mapped:38075 shmem:12366 pagetables:1059 [ 53.132215][ T6047] sec_pagetables:300 bounce:0 [ 53.132215][ T6047] kernel_misc_reclaimable:0 [ 53.132215][ T6047] free:50081 free_pcp:17093 free_cma:0 [ 53.155190][ T6047] Node 0 active_anon:3824kB inactive_anon:0kB active_file:0kB inactive_file:14204kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:7528kB dirty:4kB writeback:0kB shmem:4364kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8140kB pagetables:1300kB sec_pagetables:1116kB all_unreclaimable? yes Balloon:0kB [ 53.165651][ T6047] Node 1 active_anon:61080kB inactive_anon:0kB active_file:4776kB inactive_file:145112kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:144772kB dirty:1228kB writeback:0kB shmem:45100kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4120kB pagetables:2936kB sec_pagetables:84kB all_unreclaimable? no Balloon:0kB [ 53.175443][ T6047] Node 0 DMA free:2424kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:332kB local_pcp:72kB free_cma:0kB [ 53.184951][ T6047] lowmem_reserve[]: 0 289 289 289 289 [ 53.186760][ T6047] Node 0 DMA32 free:19488kB boost:2048kB min:15380kB low:18712kB high:22044kB reserved_highatomic:4096KB free_highatomic:864KB active_anon:3824kB inactive_anon:0kB active_file:0kB inactive_file:14204kB unevictable:3536kB writepending:4kB present:1032196kB managed:296860kB mlocked:0kB bounce:0kB free_pcp:13152kB local_pcp:2028kB free_cma:0kB [ 53.197050][ T6047] lowmem_reserve[]: 0 0 0 0 0 [ 53.198685][ T6047] Node 1 DMA32 free:178412kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:61080kB inactive_anon:0kB active_file:4776kB inactive_file:145112kB unevictable:3536kB writepending:1228kB present:1048432kB managed:948268kB mlocked:0kB bounce:0kB free_pcp:54884kB local_pcp:5980kB free_cma:0kB [ 53.211096][ T6047] lowmem_reserve[]: 0 0 0 0 0 [ 53.213174][ T6047] Node 0 DMA: 28*4kB (U) 15*8kB (UE) 9*16kB (UE) 6*32kB (U) 1*64kB (E) 0*128kB 1*256kB (E) 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 2424kB [ 53.219271][ T6047] Node 0 DMA32: 596*4kB (UE) 56*8kB (UMEH) 63*16kB (UMEH) 245*32kB (UMEH) 84*64kB (UMEH) 17*128kB (UMEH) 1*256kB (E) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 19488kB [ 53.224386][ T6047] Node 1 DMA32: 0*4kB 1*8kB (M) 2*16kB (UE) 4*32kB (UME) 2*64kB (ME) 1*128kB (U) 3*256kB (UME) 0*512kB 3*1024kB (UME) 5*2048kB (UME) 40*4096kB (M) = 178344kB [ 53.229444][ T6047] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 53.232363][ T6047] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 53.235424][ T6047] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 53.238980][ T6047] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 53.241827][ T6047] 53386 total pagecache pages [ 53.243301][ T6047] 0 pages in swap cache [ 53.244606][ T6047] Free swap = 124996kB [ 53.245929][ T6047] Total swap = 124996kB [ 53.247554][ T6047] 524155 pages RAM [ 53.248918][ T6047] 0 pages HighMem/MovableOnly [ 53.250401][ T6047] 209033 pages reserved [ 53.251725][ T6047] 0 pages cma reserved [ 53.560460][ T6052] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 53.571401][ T6052] netlink: 120 bytes leftover after parsing attributes in process `syz.3.12'. [ 53.937160][ T5947] Bluetooth: hci1: command tx timeout [ 53.937891][ T5938] Bluetooth: hci2: command tx timeout [ 54.541228][ T54] usb 6-1: usb_control_msg returned -71 [ 54.544268][ T54] usbtmc 6-1:16.0: can't read capabilities [ 54.578820][ T54] usb 6-1: USB disconnect, device number 2 [ 54.806310][ T5301] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 54.806811][ T5938] Bluetooth: hci4: command 0x1003 tx timeout [ 54.896245][ T5301] Bluetooth: hci0: command tx timeout [ 55.206225][ T5301] Bluetooth: hci3: command tx timeout [ 55.622512][ T6068] netlink: 52 bytes leftover after parsing attributes in process `syz.1.16'. [ 56.006246][ T5301] Bluetooth: hci1: command tx timeout [ 56.006308][ T5938] Bluetooth: hci2: command tx timeout [ 56.198650][ T841] IPVS: starting estimator thread 0... [ 56.202909][ T6072] kvm: Disabled LAPIC found during irq injection [ 56.210615][ T6072] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685) [ 56.229212][ T6074] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 56.238394][ T6074] netlink: 224 bytes leftover after parsing attributes in process `syz.0.18'. [ 56.243790][ T6072] netlink: 60 bytes leftover after parsing attributes in process `syz.3.17'. [ 56.260594][ T6074] sp0: Synchronizing with TNC [ 56.266824][ T6074] [U] è [ 56.306577][ T6075] IPVS: using max 42 ests per chain, 100800 per kthread [ 56.320984][ T6078] Zero length message leads to an empty skb [ 56.344911][ T6073] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 56.626904][ T6084] netlink: 'syz.1.19': attribute type 4 has an invalid length. [ 56.629361][ T6084] netlink: 152 bytes leftover after parsing attributes in process `syz.1.19'. [ 56.650152][ T6084] : renamed from bond0 (while UP) [ 56.756068][ T6084] syz.1.19: attempt to access beyond end of device [ 56.756068][ T6084] nbd1: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 56.767862][ T6084] XFS (nbd1): SB validate failed with error -5. [ 56.937533][ T6096] capability: warning: `syz.2.22' uses 32-bit capabilities (legacy support in use) [ 58.342272][ T6126] e1000e 0000:00:02.0 eth1: NIC Link is Down [ 58.597981][ T6141] syz.0.29 uses obsolete (PF_INET,SOCK_PACKET) [ 59.116473][ T5938] Bluetooth: hci1: connection err: -111 [ 60.607202][ T6182] netlink: 8 bytes leftover after parsing attributes in process `syz.3.28'. [ 60.610613][ T6182] netlink: 'syz.3.28': attribute type 5 has an invalid length. [ 60.613664][ T6182] netlink: 20 bytes leftover after parsing attributes in process `syz.3.28'. [ 60.758121][ T6182] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 60.762137][ T6182] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 60.765228][ T6182] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 60.775213][ T6182] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 60.786758][ T6182] geneve2: entered promiscuous mode [ 60.788752][ T6182] geneve2: entered allmulticast mode [ 61.380752][ T6196] netlink: 24 bytes leftover after parsing attributes in process `syz.1.36'. [ 62.756466][ T6216] netlink: 'syz.1.39': attribute type 1 has an invalid length. [ 62.759959][ T6216] netlink: 224 bytes leftover after parsing attributes in process `syz.1.39'. [ 63.120677][ T6225] Bluetooth: MGMT ver 1.23 [ 63.154593][ T6215] mmap: syz.3.40 (6215) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 63.278553][ T6227] futex_wake_op: syz.2.41 tries to shift op by -33; fix this program [ 63.595211][ T6241] 9pnet_virtio: no channels available for device ./file0/file0 [ 63.932752][ T6246] netlink: 8 bytes leftover after parsing attributes in process `syz.3.44'. [ 64.185517][ T6240] team0 (unregistering): Port device team_slave_0 removed [ 64.195706][ T6240] team0 (unregistering): Port device team_slave_1 removed [ 64.244577][ T6247] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 64.774416][ T6272] lo speed is unknown, defaulting to 1000 [ 64.776635][ T6272] lo speed is unknown, defaulting to 1000 [ 64.779635][ T6272] lo speed is unknown, defaulting to 1000 [ 64.785321][ T6272] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 64.792272][ T6272] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 64.825734][ T6272] lo speed is unknown, defaulting to 1000 [ 64.829177][ T6272] lo speed is unknown, defaulting to 1000 [ 64.832928][ T6272] lo speed is unknown, defaulting to 1000 [ 64.835641][ T6272] lo speed is unknown, defaulting to 1000 [ 65.096291][ C2] hpet_rtc_timer_reinit: 25 callbacks suppressed [ 65.096304][ C2] hpet: Lost 1 RTC interrupts [ 65.137609][ T6271] ======================================================= [ 65.137609][ T6271] WARNING: The mand mount option has been deprecated and [ 65.137609][ T6271] and is ignored by this kernel. Remove the mand [ 65.137609][ T6271] option from the mount to silence this warning. [ 65.137609][ T6271] ======================================================= [ 65.155067][ T29] kernel write not supported for file /snd/seq (pid: 29 comm: kworker/1:0) [ 65.516451][ T29] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 65.678167][ T29] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 65.707819][ T29] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 65.727233][ T29] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 65.735973][ T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.764550][ T6275] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 66.020282][ T29] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 66.318042][ T6296] sp0: Synchronizing with TNC [ 66.962153][ T40] audit: type=1326 audit(1748789789.132:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.53" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000 [ 66.969161][ T40] audit: type=1326 audit(1748789789.132:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.53" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000 [ 66.975848][ T40] audit: type=1326 audit(1748789789.142:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.53" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70de579 code=0x7ffc0000 [ 66.986771][ T40] audit: type=1326 audit(1748789789.142:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.53" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000 [ 66.995421][ T40] audit: type=1326 audit(1748789789.142:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.53" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000 [ 67.005680][ T40] audit: type=1326 audit(1748789789.142:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.53" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70de579 code=0x7ffc0000 [ 67.014971][ T40] audit: type=1326 audit(1748789789.142:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.53" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000 [ 67.024363][ T40] audit: type=1326 audit(1748789789.142:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.53" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de579 code=0x7ffc0000 [ 67.033665][ T40] audit: type=1326 audit(1748789789.152:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6304 comm="syz.0.53" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf70de579 code=0x7ffc0000 [ 67.422010][ T6302] ALSA: mixer_oss: invalid OSS volume '' [ 67.574725][ T6320] netlink: 4 bytes leftover after parsing attributes in process `syz.1.55'. [ 67.581853][ T6320] netlink: 128 bytes leftover after parsing attributes in process `syz.1.55'. [ 67.691339][ T29] usb 7-1: USB disconnect, device number 2 [ 67.993113][ T6326] syz.3.56: vmalloc error: size 2003292160, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 67.998144][ T6326] CPU: 1 UID: 0 PID: 6326 Comm: syz.3.56 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 67.998172][ T6326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 67.998179][ T6326] Call Trace: [ 67.998183][ T6326] [ 67.998188][ T6326] dump_stack_lvl+0x16c/0x1f0 [ 67.998207][ T6326] warn_alloc+0x248/0x3a0 [ 67.998222][ T6326] ? __pfx_warn_alloc+0x10/0x10 [ 67.998235][ T6326] ? _raw_spin_unlock_irqrestore+0x61/0x80 [ 67.998250][ T6326] ? stack_depot_save_flags+0x3e0/0xa40 [ 67.998273][ T6326] ? kasan_save_stack+0x42/0x60 [ 67.998287][ T6326] ? kasan_save_stack+0x33/0x60 [ 67.998299][ T6326] ? kasan_save_track+0x14/0x30 [ 67.998312][ T6326] ? vb2_vmalloc_alloc+0xf9/0x3f0 [ 67.998324][ T6326] ? __vb2_queue_alloc+0x8c9/0x1280 [ 67.998333][ T6326] ? vb2_core_create_bufs+0x559/0xab0 [ 67.998344][ T6326] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 67.998368][ T6326] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 67.998379][ T6326] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 67.998398][ T6326] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 67.998412][ T6326] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 67.998428][ T6326] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 67.998439][ T6326] vmalloc_user_noprof+0x9e/0xe0 [ 67.998451][ T6326] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 67.998462][ T6326] vb2_vmalloc_alloc+0x135/0x3f0 [ 67.998474][ T6326] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 67.998485][ T6326] __vb2_queue_alloc+0x8c9/0x1280 [ 67.998502][ T6326] vb2_core_create_bufs+0x559/0xab0 [ 67.998514][ T6326] ? __pfx_vb2_core_create_bufs+0x10/0x10 [ 67.998532][ T6326] vb2_create_bufs+0x5e8/0x840 [ 67.998551][ T6326] ? __pfx_vb2_create_bufs+0x10/0x10 [ 67.998568][ T6326] ? v4l_sanitize_colorspace+0x213/0x400 [ 67.998587][ T6326] vb2_ioctl_create_bufs+0x244/0x3e0 [ 67.998604][ T6326] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 67.998619][ T6326] vidioc_create_bufs+0x7d/0xf0 [ 67.998637][ T6326] v4l_create_bufs+0x156/0x270 [ 67.998656][ T6326] __video_do_ioctl+0xb40/0xfc0 [ 67.998673][ T6326] ? __pfx___video_do_ioctl+0x10/0x10 [ 67.998688][ T6326] ? __kmalloc_noprof+0x242/0x510 [ 67.998705][ T6326] video_usercopy+0x47c/0x1440 [ 67.998722][ T6326] ? __pfx___video_do_ioctl+0x10/0x10 [ 67.998738][ T6326] ? __pfx_video_usercopy+0x10/0x10 [ 67.998759][ T6326] ? hook_file_ioctl_common+0x145/0x410 [ 67.998776][ T6326] v4l2_ioctl+0x1bd/0x250 [ 67.998790][ T6326] ? __ia32_compat_sys_openat+0x121/0x210 [ 67.998803][ T6326] v4l2_compat_ioctl32+0x214/0x2c0 [ 67.998816][ T6326] ? __pfx_v4l2_compat_ioctl32+0x10/0x10 [ 67.998829][ T6326] __ia32_compat_sys_ioctl+0x242/0x370 [ 67.998842][ T6326] __do_fast_syscall_32+0x7c/0x3a0 [ 67.998859][ T6326] do_fast_syscall_32+0x32/0x80 [ 67.998874][ T6326] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 67.998887][ T6326] RIP: 0023:0xf7f23579 [ 67.998896][ T6326] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 67.998907][ T6326] RSP: 002b:00000000f500455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 67.998917][ T6326] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00000000c0f8565c [ 67.998924][ T6326] RDX: 00000000800001c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 67.998930][ T6326] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 67.998936][ T6326] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 67.998942][ T6326] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 67.998955][ T6326] [ 67.999001][ T6326] Mem-Info: [ 68.115146][ T6326] active_anon:18325 inactive_anon:0 isolated_anon:0 [ 68.115146][ T6326] active_file:10881 inactive_file:40234 isolated_file:0 [ 68.115146][ T6326] unevictable:1768 dirty:569 writeback:0 [ 68.115146][ T6326] slab_reclaimable:10150 slab_unreclaimable:53221 [ 68.115146][ T6326] mapped:35222 shmem:13871 pagetables:1131 [ 68.115146][ T6326] sec_pagetables:301 bounce:0 [ 68.115146][ T6326] kernel_misc_reclaimable:0 [ 68.115146][ T6326] free:41586 free_pcp:11287 free_cma:0 [ 68.128843][ T6326] Node 0 active_anon:4388kB inactive_anon:0kB active_file:0kB inactive_file:14212kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:8188kB dirty:4kB writeback:0kB shmem:5020kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8172kB pagetables:1232kB sec_pagetables:1116kB all_unreclaimable? yes Balloon:0kB [ 68.138763][ T6326] Node 1 active_anon:68912kB inactive_anon:0kB active_file:43524kB inactive_file:146724kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:132700kB dirty:2272kB writeback:0kB shmem:50464kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4240kB pagetables:3292kB sec_pagetables:88kB all_unreclaimable? no Balloon:0kB [ 68.149342][ T6326] Node 0 DMA free:2424kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:332kB local_pcp:0kB free_cma:0kB [ 68.158362][ T6326] lowmem_reserve[]: 0 289 289 289 289 [ 68.160092][ T6326] Node 0 DMA32 free:19244kB boost:2048kB min:15380kB low:18712kB high:22044kB reserved_highatomic:4096KB free_highatomic:960KB active_anon:4388kB inactive_anon:0kB active_file:0kB inactive_file:14212kB unevictable:3536kB writepending:4kB present:1032196kB managed:296860kB mlocked:0kB bounce:0kB free_pcp:12480kB local_pcp:2956kB free_cma:0kB [ 68.169812][ T6326] lowmem_reserve[]: 0 0 0 0 0 [ 68.171344][ T6326] Node 1 DMA32 free:144676kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:68912kB inactive_anon:0kB active_file:43524kB inactive_file:146724kB unevictable:3536kB writepending:2272kB present:1048432kB managed:948268kB mlocked:0kB bounce:0kB free_pcp:32332kB local_pcp:2160kB free_cma:0kB [ 68.181010][ T6326] lowmem_reserve[]: 0 0 0 0 0 [ 68.182564][ T6326] Node 0 DMA: 28*4kB (U) 15*8kB (UE) 9*16kB (UE) 6*32kB (U) 1*64kB (E) 0*128kB 1*256kB (E) 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 2424kB [ 68.187118][ T6326] Node 0 DMA32: 517*4kB (UM) 41*8kB (UMEH) 75*16kB (UMEH) 241*32kB (UMEH) 82*64kB (UMEH) 13*128kB (UMEH) 4*256kB (UE) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 19244kB [ 68.192205][ T6326] Node 1 DMA32: 225*4kB (UME) 76*8kB (UE) 12*16kB (UE) 178*32kB (UE) 29*64kB (UME) 6*128kB (UME) 8*256kB (UM) 31*512kB (UME) 18*1024kB (UM) 8*2048kB (UME) 20*4096kB (UM) = 144676kB [ 68.197863][ T6326] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 68.200789][ T6326] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 68.203652][ T6326] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 68.206906][ T6326] Node 1 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 68.209741][ T6326] 64984 total pagecache pages [ 68.211214][ T6326] 0 pages in swap cache [ 68.212527][ T6326] Free swap = 124996kB [ 68.213832][ T6326] Total swap = 124996kB [ 68.215137][ T6326] 524155 pages RAM [ 68.216434][ T6326] 0 pages HighMem/MovableOnly [ 68.217940][ T6326] 209033 pages reserved [ 68.219287][ T6326] 0 pages cma reserved [ 68.683711][ T6335] 9pnet_virtio: no channels available for device syz [ 70.786805][ T6360] process 'syz.1.65' launched '/dev/fd/9' with NULL argv: empty string added [ 70.813491][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.819503][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.040241][ T6361] sp0: Synchronizing with TNC [ 71.701200][ T54] kernel write not supported for file /snd/seq (pid: 54 comm: kworker/2:1) [ 71.710603][ T6367] xt_CT: You must specify a L4 protocol and not use inversions on it [ 71.864672][ T6380] kernel profiling enabled (shift: 9) [ 72.066284][ T29] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 72.227735][ T29] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 72.231241][ T29] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 72.234517][ T29] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 72.237708][ T29] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 72.244132][ T6378] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 72.248942][ T29] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 73.333444][ T6385] ALSA: mixer_oss: invalid OSS volume '' [ 73.401084][ T6401] netlink: 4 bytes leftover after parsing attributes in process `syz.0.82'. [ 73.526218][ T5301] Bluetooth: hci3: command 0x0405 tx timeout [ 74.526868][ T29] usb 6-1: USB disconnect, device number 3 [ 75.678741][ T6432] netlink: 4 bytes leftover after parsing attributes in process `syz.3.84'. [ 75.740740][ T6432] team0: Port device team_slave_0 removed [ 75.998008][ T6442] futex_wake_op: syz.3.86 tries to shift op by -33; fix this program [ 76.054686][ T6441] netlink: 120 bytes leftover after parsing attributes in process `syz.1.83'. [ 76.344690][ T6451] futex_wake_op: syz.3.88 tries to shift op by -1; fix this program [ 77.897311][ T6467] futex_wake_op: syz.0.97 tries to shift op by -1; fix this program [ 78.087354][ T6464] sp0: Synchronizing with TNC [ 80.192035][ T6486] random: crng reseeded on system resumption [ 80.242954][ T6491] netlink: 148 bytes leftover after parsing attributes in process `syz.1.99'. [ 81.015081][ T6505] netlink: 'syz.3.102': attribute type 4 has an invalid length. [ 81.017879][ T6505] netlink: 152 bytes leftover after parsing attributes in process `syz.3.102'. [ 81.033682][ T6505] : renamed from bond0 (while UP) [ 81.068689][ T34] cfg80211: failed to load regulatory.db [ 81.217258][ T6505] syz.3.102: attempt to access beyond end of device [ 81.217258][ T6505] nbd3: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 81.221423][ T6505] XFS (nbd3): SB validate failed with error -5. [ 82.242395][ T6514] ALSA: mixer_oss: invalid OSS volume '' [ 82.438057][ T6535] futex_wake_op: syz.1.109 tries to shift op by -1; fix this program [ 84.061171][ T6549] netlink: 8 bytes leftover after parsing attributes in process `syz.3.110'. [ 84.087305][ T6553] sp0: Synchronizing with TNC [ 85.829260][ T6586] warn_alloc: 2 callbacks suppressed [ 85.829277][ T6586] syz.3.117: vmalloc error: size 34359742464, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 85.838728][ T6586] CPU: 0 UID: 0 PID: 6586 Comm: syz.3.117 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 85.838767][ T6586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.838778][ T6586] Call Trace: [ 85.838785][ T6586] [ 85.838793][ T6586] dump_stack_lvl+0x16c/0x1f0 [ 85.838823][ T6586] warn_alloc+0x248/0x3a0 [ 85.838850][ T6586] ? __pfx_warn_alloc+0x10/0x10 [ 85.838873][ T6586] ? __pfx_stack_trace_save+0x10/0x10 [ 85.838901][ T6586] ? stack_depot_save_flags+0x28/0xa40 [ 85.838938][ T6586] ? kasan_save_stack+0x42/0x60 [ 85.838959][ T6586] ? kasan_save_stack+0x33/0x60 [ 85.838980][ T6586] ? kasan_save_track+0x14/0x30 [ 85.839002][ T6586] ? xskq_create+0x52/0x1d0 [ 85.839021][ T6586] ? xsk_setsockopt+0x684/0x840 [ 85.839038][ T6586] ? do_sock_setsockopt+0x221/0x470 [ 85.839069][ T6586] ? xskq_create+0xfb/0x1d0 [ 85.839090][ T6586] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 85.839121][ T6586] ? xskq_create+0xfb/0x1d0 [ 85.839149][ T6586] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 85.839179][ T6586] ? xskq_create+0xfb/0x1d0 [ 85.839201][ T6586] vmalloc_user_noprof+0x9e/0xe0 [ 85.839245][ T6586] ? xskq_create+0xfb/0x1d0 [ 85.839267][ T6586] xskq_create+0xfb/0x1d0 [ 85.839291][ T6586] xsk_setsockopt+0x684/0x840 [ 85.839311][ T6586] ? __pfx_xsk_setsockopt+0x10/0x10 [ 85.839331][ T6586] ? __pfx_aa_sk_perm+0x10/0x10 [ 85.839364][ T6586] ? __pfx_xsk_setsockopt+0x10/0x10 [ 85.839383][ T6586] do_sock_setsockopt+0x221/0x470 [ 85.839411][ T6586] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 85.839456][ T6586] __sys_setsockopt+0x120/0x1a0 [ 85.839485][ T6586] __ia32_sys_setsockopt+0xbc/0x160 [ 85.839508][ T6586] ? lockdep_hardirqs_on+0x7c/0x110 [ 85.839531][ T6586] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 85.839557][ T6586] __do_fast_syscall_32+0x7c/0x3a0 [ 85.839585][ T6586] do_fast_syscall_32+0x32/0x80 [ 85.839610][ T6586] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 85.839632][ T6586] RIP: 0023:0xf7f23579 [ 85.839653][ T6586] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 85.839671][ T6586] RSP: 002b:00000000f502555c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 85.839689][ T6586] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 000000000000011b [ 85.839701][ T6586] RDX: 0000000000000002 RSI: 0000000080000080 RDI: 0000000000000020 [ 85.839712][ T6586] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 85.839723][ T6586] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 85.839734][ T6586] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 85.839759][ T6586] [ 85.839841][ T6586] Mem-Info: [ 85.958081][ T6586] active_anon:12581 inactive_anon:0 isolated_anon:0 [ 85.958081][ T6586] active_file:10833 inactive_file:40384 isolated_file:0 [ 85.958081][ T6586] unevictable:1768 dirty:496 writeback:0 [ 85.958081][ T6586] slab_reclaimable:10492 slab_unreclaimable:53801 [ 85.958081][ T6586] mapped:31357 shmem:8133 pagetables:1120 [ 85.958081][ T6586] sec_pagetables:302 bounce:0 [ 85.958081][ T6586] kernel_misc_reclaimable:0 [ 85.958081][ T6586] free:42686 free_pcp:14119 free_cma:0 [ 85.976661][ T6586] Node 0 active_anon:3728kB inactive_anon:0kB active_file:0kB inactive_file:14212kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:7528kB dirty:4kB writeback:0kB shmem:4360kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:8140kB pagetables:1224kB sec_pagetables:1116kB all_unreclaimable? yes Balloon:0kB [ 85.990145][ T6586] Node 1 active_anon:46596kB inactive_anon:0kB active_file:43332kB inactive_file:147324kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:117900kB dirty:1980kB writeback:0kB shmem:28172kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4212kB pagetables:3256kB sec_pagetables:92kB all_unreclaimable? no Balloon:0kB [ 86.003810][ T6586] Node 0 DMA free:2424kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:332kB local_pcp:112kB free_cma:0kB [ 86.015681][ T6586] lowmem_reserve[]: 0 289 289 289 289 [ 86.018178][ T6586] Node 0 DMA32 free:19244kB boost:2048kB min:15380kB low:18712kB high:22044kB reserved_highatomic:4096KB free_highatomic:960KB active_anon:3728kB inactive_anon:0kB active_file:0kB inactive_file:14212kB unevictable:3536kB writepending:4kB present:1032196kB managed:296860kB mlocked:0kB bounce:0kB free_pcp:14104kB local_pcp:3088kB free_cma:0kB [ 86.031098][ T6586] lowmem_reserve[]: 0 0 0 0 0 [ 86.033173][ T6586] Node 1 DMA32 free:149076kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:46596kB inactive_anon:0kB active_file:43332kB inactive_file:147324kB unevictable:3536kB writepending:1980kB present:1048432kB managed:948268kB mlocked:0kB bounce:0kB free_pcp:41972kB local_pcp:9064kB free_cma:0kB [ 86.046197][ T6586] lowmem_reserve[]: 0 0 0 0 0 [ 86.048240][ T6586] Node 0 DMA: 28*4kB (U) 15*8kB (UE) 9*16kB (UE) 6*32kB (U) 1*64kB (E) 0*128kB 1*256kB (E) 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 2424kB [ 86.054375][ T6586] Node 0 DMA32: 517*4kB (UM) 41*8kB (UMEH) 75*16kB (UMEH) 241*32kB (UMEH) 82*64kB (UMEH) 13*128kB (UMEH) 4*256kB (UE) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 19244kB [ 86.061261][ T6586] Node 1 DMA32: 13*4kB (ME) 18*8kB (UE) 3*16kB (UME) 3*32kB (UE) 271*64kB (UME) 34*128kB (UME) 28*256kB (UME) 28*512kB (UM) 15*1024kB (ME) 6*2048kB (UM) 19*4096kB (UM) = 149012kB [ 86.068988][ T6586] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 86.072905][ T6586] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 86.076765][ T6586] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 86.080679][ T6586] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 86.084472][ T6586] 59346 total pagecache pages [ 86.086667][ T6586] 0 pages in swap cache [ 86.088425][ T6586] Free swap = 124996kB [ 86.090010][ T6586] Total swap = 124996kB [ 86.091607][ T6586] 524155 pages RAM [ 86.093247][ T6586] 0 pages HighMem/MovableOnly [ 86.095237][ T6586] 209033 pages reserved [ 86.097053][ T6586] 0 pages cma reserved [ 87.187415][ T6604] futex_wake_op: syz.0.123 tries to shift op by -1; fix this program [ 87.360869][ T6606] netlink: 4 bytes leftover after parsing attributes in process `syz.2.122'. [ 87.573881][ T6606] team0: Port device team_slave_0 removed [ 88.177423][ T6621] sp0: Synchronizing with TNC [ 89.019587][ T5975] usb 8-1: new full-speed USB device number 2 using dummy_hcd [ 89.229630][ T5975] usb 8-1: config 1 interface 0 altsetting 2 endpoint 0x82 has invalid maxpacket 1023, setting to 64 [ 89.233707][ T5975] usb 8-1: config 1 interface 0 has no altsetting 0 [ 91.468783][ T5975] usb 8-1: string descriptor 0 read error: -71 [ 91.471259][ T5975] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 91.474240][ T5975] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 91.475661][ T6669] netlink: 4 bytes leftover after parsing attributes in process `syz.3.139'. [ 91.479132][ T5975] usb 8-1: can't set config #1, error -71 [ 91.483908][ T5975] usb 8-1: USB disconnect, device number 2 [ 91.700686][ T6671] netlink: 8 bytes leftover after parsing attributes in process `syz.1.138'. [ 91.862685][ T6683] siw: device registration error -23 [ 92.029354][ T6685] netlink: 20 bytes leftover after parsing attributes in process `syz.2.143'. [ 92.363358][ T6679] lo speed is unknown, defaulting to 1000 [ 92.862122][ T6693] lo speed is unknown, defaulting to 1000 [ 93.005481][ T6702] netlink: 20 bytes leftover after parsing attributes in process `syz.1.154'. [ 94.266823][ T6718] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 94.278885][ T6718] netlink: 'syz.0.147': attribute type 10 has an invalid length. [ 94.287963][ T6718] netlink: 40 bytes leftover after parsing attributes in process `syz.0.147'. [ 94.476525][ T6718] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 94.610829][ T6726] lo speed is unknown, defaulting to 1000 [ 95.035016][ T6731] netlink: 4 bytes leftover after parsing attributes in process `syz.2.150'. [ 95.298570][ T6737] lo speed is unknown, defaulting to 1000 [ 95.941347][ T6748] netlink: 4 bytes leftover after parsing attributes in process `syz.2.161'. [ 96.638049][ T40] kauditd_printk_skb: 21 callbacks suppressed [ 96.638060][ T40] audit: type=1326 audit(1748789818.832:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.156" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 96.647589][ T40] audit: type=1326 audit(1748789818.832:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.156" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 96.654256][ T40] audit: type=1326 audit(1748789818.832:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.156" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 96.662386][ T40] audit: type=1326 audit(1748789818.832:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.156" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 96.677707][ T40] audit: type=1326 audit(1748789818.832:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.156" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 96.722650][ T40] audit: type=1326 audit(1748789818.832:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.156" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 96.765833][ T40] audit: type=1326 audit(1748789818.842:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.156" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 96.790719][ T40] audit: type=1326 audit(1748789818.842:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.156" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 96.827577][ T40] audit: type=1326 audit(1748789818.842:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.156" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 96.867330][ T40] audit: type=1326 audit(1748789818.842:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6758 comm="syz.1.156" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 96.924593][ T13] Bluetooth: hci4: Frame reassembly failed (-84) [ 96.935803][ T6767] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 97.140771][ T6774] netlink: 8 bytes leftover after parsing attributes in process `syz.2.155'. [ 97.327501][ T839] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 97.498036][ T1140] Bluetooth: hci5: Frame reassembly failed (-84) [ 97.500461][ T13] Bluetooth: hci5: Frame reassembly failed (-84) [ 97.539358][ T839] usb 5-1: Using ep0 maxpacket: 8 [ 97.552357][ T839] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 97.560869][ T839] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 97.577217][ T839] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 97.589401][ T839] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 97.603892][ T839] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 97.624145][ T839] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 97.632317][ T839] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.950834][ T6777] lo speed is unknown, defaulting to 1000 [ 98.966275][ T5938] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 98.966532][ T5947] Bluetooth: hci4: command 0x1003 tx timeout [ 99.526342][ T5938] Bluetooth: hci5: command 0x1003 tx timeout [ 99.530684][ T5301] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 100.037107][ T839] usb 5-1: usb_control_msg returned -71 [ 100.039525][ T839] usbtmc 5-1:16.0: can't read capabilities [ 100.050087][ T839] usb 5-1: USB disconnect, device number 2 [ 100.073778][ T6794] netlink: 4 bytes leftover after parsing attributes in process `syz.2.164'. [ 100.685871][ T6810] Can't find a SQUASHFS superblock on nullb0 [ 101.599660][ T6824] netlink: 8 bytes leftover after parsing attributes in process `syz.0.168'. [ 101.694113][ T6823] loop6: detected capacity change from 0 to 524287999 [ 101.862730][ T6826] lo speed is unknown, defaulting to 1000 [ 102.575374][ T6835] lo speed is unknown, defaulting to 1000 [ 102.771195][ T6848] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 104.898521][ T6857] hub 2-0:1.0: USB hub found [ 104.900672][ T6857] hub 2-0:1.0: 2 ports detected [ 105.288029][ T29] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 105.436431][ T29] usb 8-1: Using ep0 maxpacket: 8 [ 105.649916][ T29] usb 8-1: unable to read config index 0 descriptor/start: -71 [ 105.655538][ T29] usb 8-1: can't read configurations, error -71 [ 105.736400][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 105.736411][ T40] audit: type=1326 audit(1748789827.982:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.2.177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 105.746673][ T40] audit: type=1326 audit(1748789827.982:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.2.177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 105.754239][ T40] audit: type=1326 audit(1748789827.982:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.2.177" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 105.761849][ T40] audit: type=1326 audit(1748789827.982:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.2.177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 105.769600][ T40] audit: type=1326 audit(1748789827.982:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.2.177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 105.781087][ T40] audit: type=1326 audit(1748789827.992:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.2.177" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 105.788390][ T40] audit: type=1326 audit(1748789827.992:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.2.177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 105.795711][ T40] audit: type=1326 audit(1748789827.992:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.2.177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 105.803614][ T40] audit: type=1326 audit(1748789827.992:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.2.177" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 105.811455][ T40] audit: type=1326 audit(1748789827.992:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.2.177" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 106.026227][ T6874] 9pnet_virtio: no channels available for device ./file0/file0 [ 106.270901][ T6877] netlink: 8 bytes leftover after parsing attributes in process `syz.3.180'. [ 107.029071][ T6883] Can't find a SQUASHFS superblock on nullb0 [ 107.056052][ T6886] sp0: Synchronizing with TNC [ 109.281343][ T92] Bluetooth: hci4: Frame reassembly failed (-84) [ 109.287305][ T1140] Bluetooth: hci4: Frame reassembly failed (-84) [ 109.695868][ T6917] lo speed is unknown, defaulting to 1000 [ 110.285899][ T6918] hpfs: hpfs_map_sector(): read error [ 110.511766][ T6927] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 111.286247][ T5938] Bluetooth: hci4: command 0x1003 tx timeout [ 111.289057][ T5301] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 111.466584][ T6933] netlink: 4 bytes leftover after parsing attributes in process `syz.0.193'. [ 114.930129][ T6992] netlink: 4 bytes leftover after parsing attributes in process `syz.1.213'. [ 115.058863][ T6992] team0: Port device team_slave_0 removed [ 118.009188][ T7050] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.233' sets config #1 [ 118.110421][ T7056] usb usb1: usbfs: process 7056 (syz.0.236) did not claim interface 0 before use [ 120.596732][ T7091] futex_wake_op: syz.1.245 tries to shift op by -1; fix this program [ 125.405459][ T7180] futex_wake_op: syz.1.279 tries to shift op by -1; fix this program [ 125.812145][ T7193] pimreg: entered allmulticast mode [ 125.819281][ T7193] pimreg: left allmulticast mode [ 127.398488][ T7218] hid-generic 0003:0627:0001.0001: pid 7218 passed too short report [ 127.700416][ T7228] futex_wake_op: syz.1.295 tries to shift op by -1; fix this program [ 130.536466][ T60] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 130.620556][ T7259] 9pnet_fd: Insufficient options for proto=fd [ 130.627863][ T7259] loop6: detected capacity change from 0 to 524287999 [ 130.726434][ T60] usb 5-1: Using ep0 maxpacket: 32 [ 130.760635][ T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11 [ 130.779027][ T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 130.796053][ T60] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 130.832503][ T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 130.848841][ T60] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 130.890854][ T60] usb 5-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68 [ 130.900599][ T60] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 130.903350][ T60] usb 5-1: Product: syz [ 130.904904][ T60] usb 5-1: Manufacturer: syz [ 130.910607][ T60] usb 5-1: SerialNumber: syz [ 130.934654][ T60] usb 5-1: config 0 descriptor?? [ 130.937373][ T7248] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 130.967005][ T60] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input8 [ 130.982260][ T5335] xpad 5-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90 [ 131.148417][ T6876] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 131.220718][ T5335] xpad 5-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90 [ 131.225997][ T60] usb 5-1: USB disconnect, device number 3 [ 131.226037][ C0] xpad 5-1:0.0: xpad_irq_in - usb_submit_urb failed with result -19 [ 131.495295][ T6876] usb 6-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb [ 131.519723][ T6876] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201 [ 131.522651][ T6876] usb 6-1: Product: syz [ 131.524237][ T6876] usb 6-1: Manufacturer: syz [ 131.526330][ T6876] usb 6-1: SerialNumber: syz [ 131.529611][ T6876] usb 6-1: config 0 descriptor?? [ 131.537065][ T6876] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state. [ 131.541544][ T6876] dvb-usb: bulk message failed: -22 (2/0) [ 131.560738][ T6876] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 131.565935][ T6876] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB) [ 131.568881][ T6876] usb 6-1: media controller created [ 131.594601][ T6876] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 131.750114][ T7268] dvb-usb: bulk message failed: -22 (5/0) [ 131.755752][ T6876] cxusb: set interface failed [ 131.757502][ T6876] dvb-usb: bulk message failed: -22 (1/0) [ 131.783248][ T6876] DVB: Unable to find symbol mt352_attach() [ 131.786421][ T6876] dvb-usb: bulk message failed: -22 (5/0) [ 131.788872][ T6876] zl10353_read_register: readreg error (reg=127, ret==-121) [ 131.792357][ T6876] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB' [ 131.856231][ T6876] rc_core: IR keymap rc-dvico-mce not found [ 131.858804][ T6876] Registered IR keymap rc-empty [ 131.862523][ T6876] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0 [ 131.868120][ T6876] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0/input9 [ 131.874918][ T6876] dvb-usb: schedule remote query interval to 100 msecs. [ 131.878140][ T6876] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected. [ 131.884727][ T6876] usb 6-1: USB disconnect, device number 4 [ 131.908820][ T7283] futex_wake_op: syz.0.312 tries to shift op by -1; fix this program [ 131.947229][ T6876] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected. [ 132.248266][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.266356][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.755981][ T92] Bluetooth: hci4: Frame reassembly failed (-84) [ 132.776388][ T6876] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 132.946221][ T6876] usb 8-1: Using ep0 maxpacket: 32 [ 132.952165][ T6876] usb 8-1: config index 0 descriptor too short (expected 156, got 27) [ 132.955370][ T6876] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 132.966966][ T6876] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 132.971256][ T6876] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 132.986167][ T6876] usb 8-1: config 0 interface 0 has no altsetting 0 [ 132.990733][ T6876] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 132.994294][ T6876] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 133.006173][ T6876] usb 8-1: Product: syz [ 133.007862][ T6876] usb 8-1: Manufacturer: syz [ 133.009348][ T6876] usb 8-1: SerialNumber: syz [ 133.014847][ T6876] usb 8-1: config 0 descriptor?? [ 133.027893][ T6876] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 133.032436][ T6876] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 133.286158][ T839] usb 8-1: USB disconnect, device number 5 [ 133.322698][ T839] ldusb 8-1:0.0: LD USB Device #0 now disconnected [ 134.807500][ T5938] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 134.807611][ T5301] Bluetooth: hci4: command 0x1003 tx timeout [ 135.146319][ T839] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 135.216280][ T5975] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 135.306260][ T839] usb 7-1: Using ep0 maxpacket: 16 [ 135.310483][ T839] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 135.315394][ T839] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C [ 135.320240][ T839] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 7 [ 135.325347][ T839] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 135.334556][ T839] usb 7-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f [ 135.338442][ T839] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.341573][ T839] usb 7-1: Product: syz [ 135.343798][ T839] usb 7-1: Manufacturer: syz [ 135.345710][ T839] usb 7-1: SerialNumber: syz [ 135.350222][ T839] usb 7-1: config 0 descriptor?? [ 135.386305][ T5975] usb 8-1: Using ep0 maxpacket: 8 [ 135.391289][ T5975] usb 8-1: config 179 has an invalid interface number: 65 but max is 0 [ 135.394591][ T5975] usb 8-1: config 179 has no interface number 0 [ 135.397451][ T5975] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 135.401950][ T5975] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 135.406166][ T839] rc_core: IR keymap rc-xbox-dvd not found [ 135.406691][ T5975] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9 [ 135.408298][ T839] Registered IR keymap rc-empty [ 135.412660][ T5975] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024 [ 135.418984][ T839] rc rc0: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0 [ 135.419854][ T5975] usb 8-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 135.425825][ T839] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input10 [ 135.428093][ T5975] usb 8-1: config 179 interface 65 has no altsetting 0 [ 135.435760][ T5975] usb 8-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 135.440266][ T5975] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.501448][ T5975] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:179.65/input/input11 [ 135.556519][ T5335] input input11: unable to receive magic message: -110 [ 135.578220][ T5335] input input11: unable to receive magic message: -32 [ 135.581798][ T840] usb 7-1: USB disconnect, device number 3 [ 135.581909][ C2] xbox_remote 7-1:0.0: xbox_remote_irq_in: usb_submit_urb()=-19 [ 135.611287][ T5335] input input11: unable to receive magic message: -32 [ 135.621034][ T5335] input input11: unable to receive magic message: -32 [ 135.636547][ T5335] input input11: unable to receive magic message: -32 [ 135.901428][ T5972] usb 8-1: USB disconnect, device number 6 [ 135.901613][ C0] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 136.055996][ T5972] xpad 8-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 137.101450][ T7364] hub 2-0:1.0: USB hub found [ 137.103995][ T7364] hub 2-0:1.0: 2 ports detected [ 138.494929][ T1249] Bluetooth: hci4: Frame reassembly failed (-84) [ 138.503193][ T7394] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 138.702892][ T7398] hub 2-0:1.0: USB hub found [ 138.723076][ T7398] hub 2-0:1.0: 2 ports detected [ 139.056220][ T840] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 139.064862][ T7403] futex_wake_op: syz.0.347 tries to shift op by -1; fix this program [ 139.106209][ T54] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 139.206373][ T840] usb 7-1: Using ep0 maxpacket: 8 [ 139.209343][ T840] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 139.213399][ T840] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 139.216692][ T840] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 139.221320][ T840] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 139.225069][ T840] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 139.231300][ T840] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 139.235067][ T840] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.267520][ T54] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 139.270780][ T54] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 139.274626][ T54] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 139.277229][ T54] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 139.282219][ T54] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 139.285716][ T54] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 139.289766][ T54] usb 8-1: Product: syz [ 139.291456][ T54] usb 8-1: Manufacturer: syz [ 139.297463][ T54] cdc_wdm 8-1:1.0: skipping garbage [ 139.299439][ T54] cdc_wdm 8-1:1.0: skipping garbage [ 139.302879][ T54] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 139.304776][ T54] cdc_wdm 8-1:1.0: Unknown control protocol [ 139.513633][ T5979] usb 8-1: USB disconnect, device number 7 [ 139.676316][ T841] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 139.826265][ T841] usb 6-1: Using ep0 maxpacket: 8 [ 139.830423][ T841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 139.834863][ T841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 139.839343][ T841] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 139.843132][ T841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.856914][ T841] usb 6-1: config 0 descriptor?? [ 140.082454][ T841] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 140.279876][ T7410] iowarrior 6-1:0.0: Error -90 while submitting URB [ 140.288434][ T60] usb 6-1: USB disconnect, device number 5 [ 140.316202][ T5975] usb 8-1: new full-speed USB device number 8 using dummy_hcd [ 140.474544][ T5975] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 140.479284][ T5975] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 140.483183][ T5975] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 140.487142][ T5975] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.506615][ T5975] usb 8-1: config 0 descriptor?? [ 140.541217][ T5975] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 140.543553][ T5975] dvb-usb: bulk message failed: -22 (3/0) [ 140.562978][ T5975] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 140.566512][ T5301] Bluetooth: hci4: command 0x1003 tx timeout [ 140.568795][ T5975] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 140.569159][ T5938] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 140.571929][ T5975] usb 8-1: media controller created [ 140.599155][ T5975] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 140.623913][ T5975] dvb-usb: bulk message failed: -22 (6/0) [ 140.627177][ T5975] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 140.653917][ T5975] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input12 [ 140.678102][ T5975] dvb-usb: schedule remote query interval to 150 msecs. [ 140.682306][ T5975] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 140.732928][ T5975] usb 8-1: USB disconnect, device number 8 [ 140.771248][ T5975] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 141.633701][ T840] usb 7-1: usb_control_msg returned -71 [ 141.641061][ T840] usbtmc 7-1:16.0: can't read capabilities [ 141.707945][ T840] usb 7-1: USB disconnect, device number 4 [ 141.757401][ T7430] virtio-fs: tag not found [ 141.757872][ T54] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 141.907529][ T54] usb 8-1: config 1 interface 0 altsetting 253 has 2 endpoint descriptors, different from the interface descriptor's value: 14 [ 141.911604][ T54] usb 8-1: config 1 interface 0 has no altsetting 0 [ 141.914431][ T54] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 141.917722][ T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 141.920661][ T54] usb 8-1: SerialNumber: syz [ 142.111524][ T7436] hub 2-0:1.0: USB hub found [ 142.115664][ T7436] hub 2-0:1.0: 2 ports detected [ 142.146433][ T840] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 142.297210][ T840] usb 7-1: Using ep0 maxpacket: 8 [ 142.300515][ T840] usb 7-1: config index 0 descriptor too short (expected 5924, got 36) [ 142.303072][ T840] usb 7-1: config 250 has an invalid interface number: 228 but max is -1 [ 142.305619][ T840] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 142.308779][ T840] usb 7-1: config 250 has no interface number 0 [ 142.310780][ T840] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 142.314308][ T840] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 142.317516][ T840] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 142.320887][ T840] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 142.324058][ T840] usb 7-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 142.328267][ T840] usb 7-1: config 250 interface 228 has no altsetting 0 [ 142.336627][ T840] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 142.339514][ T840] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 142.342062][ T840] usb 7-1: Product: syz [ 142.343396][ T840] usb 7-1: SerialNumber: syz [ 142.358252][ T840] hub 7-1:250.228: bad descriptor, ignoring hub [ 142.360274][ T840] hub 7-1:250.228: probe with driver hub failed with error -5 [ 142.597302][ T840] usblp 7-1:250.228: usblp0: USB Bidirectional printer dev 5 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 142.750060][ T7444] netlink: 'syz.1.363': attribute type 1 has an invalid length. [ 142.753102][ T7444] netlink: 32 bytes leftover after parsing attributes in process `syz.1.363'. [ 142.887237][ T841] usb 7-1: USB disconnect, device number 5 [ 142.893355][ T841] usblp0: removed [ 143.170350][ T54] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -71 [ 143.306412][ T54] usb 8-1: USB disconnect, device number 9 [ 144.066919][ T5996] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 144.216290][ T5996] usb 7-1: Using ep0 maxpacket: 32 [ 144.231227][ T5996] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 144.249134][ T5996] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 144.252845][ T5996] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 144.255957][ T5996] usb 7-1: Product: syz [ 144.265928][ T5996] usb 7-1: Manufacturer: syz [ 144.277728][ T5996] usb 7-1: SerialNumber: syz [ 144.305657][ T5996] usb 7-1: config 0 descriptor?? [ 144.318140][ T7460] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 144.352908][ T5996] hub 7-1:0.0: bad descriptor, ignoring hub [ 144.355148][ T5996] hub 7-1:0.0: probe with driver hub failed with error -5 [ 144.636490][ T5996] usb 7-1: USB disconnect, device number 6 [ 144.641343][ T6063] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 144.735612][ T7482] input: syz1 as /devices/virtual/input/input13 [ 144.787872][ T6063] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 144.796222][ T6063] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 144.800842][ T6063] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 144.804248][ T6063] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 144.808005][ T6063] usb 6-1: Manufacturer: syz [ 144.812821][ T6063] usb 6-1: config 0 descriptor?? [ 144.876317][ T6063] rc_core: IR keymap rc-hauppauge not found [ 144.879088][ T6063] Registered IR keymap rc-empty [ 144.909534][ T6063] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0 [ 144.940039][ T6063] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input14 [ 145.047582][ T29] usb 6-1: USB disconnect, device number 6 [ 145.166930][ T5975] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 145.336744][ T5975] usb 5-1: Using ep0 maxpacket: 8 [ 145.346622][ T5975] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 145.351990][ T5975] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 145.355145][ T5975] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255 [ 145.362381][ T5975] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 145.367774][ T5975] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 145.370530][ T5975] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.626420][ T5975] usb 5-1: GET_CAPABILITIES returned 0 [ 145.629270][ T5975] usbtmc 5-1:16.0: can't read capabilities [ 145.900059][ T5975] usb 5-1: USB disconnect, device number 4 [ 146.193048][ T7506] ipvlan2: entered promiscuous mode [ 146.208696][ T7506] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 146.218309][ T7506] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 147.256225][ T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 147.634351][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 147.767181][ T10] usb 5-1: config 0 has no interfaces? [ 147.770865][ T10] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 147.773673][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.786228][ T10] usb 5-1: Product: syz [ 147.787555][ T10] usb 5-1: Manufacturer: syz [ 147.805442][ T10] usb 5-1: SerialNumber: syz [ 147.829636][ T10] usb 5-1: config 0 descriptor?? [ 148.066445][ T6063] usb 5-1: USB disconnect, device number 5 [ 148.946373][ T840] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 149.356734][ T840] usb 5-1: Using ep0 maxpacket: 8 [ 149.382450][ T840] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 149.399537][ T840] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 149.404442][ T840] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 149.406226][ T5975] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 149.415387][ T840] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 149.421615][ T840] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 149.426030][ T840] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.673730][ T840] usb 5-1: GET_CAPABILITIES returned 0 [ 149.675474][ T840] usbtmc 5-1:16.0: can't read capabilities [ 149.876048][ T840] usb 5-1: USB disconnect, device number 6 [ 150.047075][ T5938] Bluetooth: hci1: ISO packet too small [ 150.047667][ T5975] usb 7-1: string descriptor 0 read error: -71 [ 150.050711][ T5975] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 150.058697][ T5975] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 150.067750][ T5975] usb 7-1: can't set config #1, error -71 [ 150.072291][ T5975] usb 7-1: USB disconnect, device number 7 [ 150.090752][ T7562] warning: `syz.3.403' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 151.845863][ T7602] futex_wake_op: syz.2.415 tries to shift op by -1; fix this program [ 151.980127][ T841] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 152.164824][ T841] usb 6-1: Using ep0 maxpacket: 16 [ 152.179832][ T841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 152.269094][ T841] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 152.272362][ T841] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 152.276469][ T841] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 152.279295][ T841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.284100][ T841] usb 6-1: config 0 descriptor?? [ 152.696354][ T841] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 152.698576][ T841] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 152.700700][ T841] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 152.702902][ T841] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 152.705019][ T841] shield 0003:0955:7214.0002: unknown main item tag 0x0 [ 152.715508][ T841] input: HID 0955:7214 Haptics as /devices/virtual/input/input15 [ 152.745524][ T841] shield 0003:0955:7214.0002: Registered Thunderstrike controller [ 152.751567][ T841] shield 0003:0955:7214.0002: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0 [ 152.893748][ T7597] random: crng reseeded on system resumption [ 152.902746][ T5982] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 152.903133][ T6876] usb 6-1: USB disconnect, device number 7 [ 152.907147][ T5982] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 152.907188][ T5982] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 152.917510][ T5982] shield 0003:0955:7214.0002: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 152.922441][ T6876] ------------[ cut here ]------------ [ 152.924602][ T6876] workqueue: work disable count underflowed [ 152.927081][ T6876] WARNING: CPU: 1 PID: 6876 at kernel/workqueue.c:4328 enable_work+0x2f8/0x340 [ 152.930284][ T6876] Modules linked in: [ 152.932790][ T6876] CPU: 1 UID: 0 PID: 6876 Comm: kworker/1:4 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 152.938652][ T6876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 152.942853][ T6876] Workqueue: usb_hub_wq hub_event [ 152.944891][ T6876] RIP: 0010:enable_work+0x2f8/0x340 [ 152.947049][ T6876] Code: 89 ee e8 5b f7 37 00 45 84 ed 0f 85 29 fe ff ff e8 6d fc 37 00 c6 05 5f 8f ec 0e 01 90 48 c7 c7 80 f7 8b 8b e8 d9 1f f7 ff 90 <0f> 0b 90 90 e9 06 fe ff ff 48 89 ef e8 97 e9 9d 00 e9 aa fe ff ff [ 152.954810][ T6876] RSP: 0018:ffffc90025dff3c0 EFLAGS: 00010086 [ 152.957298][ T6876] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a92c8 [ 152.960517][ T6876] RDX: ffff888023c4a440 RSI: ffffffff817a92d5 RDI: 0000000000000001 [ 152.963875][ T6876] RBP: ffff888025f6c730 R08: 0000000000000001 R09: 0000000000000000 [ 152.966984][ T6876] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92004bbfe79 [ 152.970104][ T6876] R13: 0000000000000000 R14: ffff888025f6c728 R15: ffffffff8fc62c20 [ 152.973251][ T6876] FS: 0000000000000000(0000) GS:ffff888097875000(0000) knlGS:0000000000000000 [ 152.976562][ T6876] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.979153][ T6876] CR2: 000000002ec1cff8 CR3: 000000006afb8000 CR4: 0000000000352ef0 [ 152.982265][ T6876] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 152.985374][ T6876] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 152.988506][ T6876] Call Trace: [ 152.989859][ T6876] [ 152.991078][ T6876] ? __pfx_enable_work+0x10/0x10 [ 152.993146][ T6876] ? __thermal_zone_cdev_unbind+0x6c/0x6a0 [ 152.995470][ T6876] __cancel_work_sync+0xe7/0x130 [ 152.997438][ T6876] thermal_zone_device_unregister+0x239/0x450 [ 152.999873][ T6876] ? __pfx_shield_remove+0x10/0x10 [ 153.001929][ T6876] power_supply_unregister+0x10a/0x150 [ 153.004129][ T6876] shield_remove+0x75/0x130 [ 153.005979][ T6876] ? __pfx_shield_remove+0x10/0x10 [ 153.008028][ T6876] hid_device_remove+0xd1/0x260 [ 153.010001][ T6876] ? __pfx_hid_device_remove+0x10/0x10 [ 153.012202][ T6876] device_remove+0xcb/0x170 [ 153.014069][ T6876] device_release_driver_internal+0x44b/0x620 [ 153.016505][ T6876] bus_remove_device+0x22f/0x420 [ 153.018479][ T6876] device_del+0x396/0x9f0 [ 153.020242][ T6876] ? __pfx_device_del+0x10/0x10 [ 153.022184][ T6876] ? do_raw_spin_lock+0x12c/0x2b0 [ 153.024293][ T6876] ? find_held_lock+0x2b/0x80 [ 153.026234][ T6876] hid_destroy_device+0x19c/0x240 [ 153.028300][ T6876] usbhid_disconnect+0xa0/0xe0 [ 153.030292][ T6876] usb_unbind_interface+0x1da/0x9a0 [ 153.032466][ T6876] ? kernfs_remove_by_name_ns+0xbe/0x110 [ 153.034777][ T6876] ? __pfx_usb_unbind_interface+0x10/0x10 [ 153.037093][ T6876] device_remove+0x122/0x170 [ 153.038844][ T6876] device_release_driver_internal+0x44b/0x620 [ 153.040741][ T6876] bus_remove_device+0x22f/0x420 [ 153.042276][ T6876] device_del+0x396/0x9f0 [ 153.043615][ T6876] ? __pfx_device_del+0x10/0x10 [ 153.045184][ T6876] ? kobject_put+0x210/0x5a0 [ 153.046612][ T6876] usb_disable_device+0x355/0x7d0 [ 153.048178][ T6876] usb_disconnect+0x2e1/0x920 [ 153.049620][ T6876] hub_event+0x1c57/0x4fa0 [ 153.051005][ T6876] ? __lock_acquire+0xb8a/0x1c90 [ 153.052547][ T6876] ? __pfx_hub_event+0x10/0x10 [ 153.054033][ T6876] ? assoc_array_insert+0x8d0/0x3970 [ 153.055681][ T6876] ? finish_task_switch.isra.0+0x221/0xc10 [ 153.057455][ T6876] ? rcu_is_watching+0x12/0xc0 [ 153.058991][ T6876] process_one_work+0x9cf/0x1b70 [ 153.060544][ T6876] ? __pfx_process_one_work+0x10/0x10 [ 153.062173][ T6876] ? assign_work+0x1a0/0x250 [ 153.063594][ T6876] worker_thread+0x6c8/0xf10 [ 153.065041][ T6876] ? __kthread_parkme+0x19e/0x250 [ 153.066590][ T6876] ? __pfx_worker_thread+0x10/0x10 [ 153.068183][ T6876] kthread+0x3c2/0x780 [ 153.069480][ T6876] ? __pfx_kthread+0x10/0x10 [ 153.070873][ T6876] ? rcu_is_watching+0x12/0xc0 [ 153.072349][ T6876] ? __pfx_kthread+0x10/0x10 [ 153.073791][ T6876] ret_from_fork+0x5d4/0x6f0 [ 153.075225][ T6876] ? __pfx_kthread+0x10/0x10 [ 153.076671][ T6876] ret_from_fork_asm+0x1a/0x30 [ 153.078156][ T6876] [ 153.079123][ T6876] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 153.081326][ T6876] CPU: 1 UID: 0 PID: 6876 Comm: kworker/1:4 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 153.084809][ T6876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 153.088031][ T6876] Workqueue: usb_hub_wq hub_event [ 153.089586][ T6876] Call Trace: [ 153.090642][ T6876] [ 153.091554][ T6876] dump_stack_lvl+0x3d/0x1f0 [ 153.093008][ T6876] panic+0x71c/0x800 [ 153.094212][ T6876] ? __pfx_panic+0x10/0x10 [ 153.095627][ T6876] ? show_trace_log_lvl+0x29b/0x3e0 [ 153.097200][ T6876] ? check_panic_on_warn+0x1f/0xb0 [ 153.098749][ T6876] ? enable_work+0x2f8/0x340 [ 153.100217][ T6876] check_panic_on_warn+0xab/0xb0 [ 153.101800][ T6876] __warn+0xf6/0x3c0 [ 153.103057][ T6876] ? __pfx_vprintk_emit+0x10/0x10 [ 153.104660][ T6876] ? enable_work+0x2f8/0x340 [ 153.106126][ T6876] report_bug+0x3c3/0x580 [ 153.107398][ T6876] ? enable_work+0x2f8/0x340 [ 153.108863][ T6876] handle_bug+0x184/0x210 [ 153.110255][ T6876] exc_invalid_op+0x17/0x50 [ 153.111716][ T6876] asm_exc_invalid_op+0x1a/0x20 [ 153.113249][ T6876] RIP: 0010:enable_work+0x2f8/0x340 [ 153.114912][ T6876] Code: 89 ee e8 5b f7 37 00 45 84 ed 0f 85 29 fe ff ff e8 6d fc 37 00 c6 05 5f 8f ec 0e 01 90 48 c7 c7 80 f7 8b 8b e8 d9 1f f7 ff 90 <0f> 0b 90 90 e9 06 fe ff ff 48 89 ef e8 97 e9 9d 00 e9 aa fe ff ff [ 153.120623][ T6876] RSP: 0018:ffffc90025dff3c0 EFLAGS: 00010086 [ 153.122461][ T6876] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a92c8 [ 153.124850][ T6876] RDX: ffff888023c4a440 RSI: ffffffff817a92d5 RDI: 0000000000000001 [ 153.127226][ T6876] RBP: ffff888025f6c730 R08: 0000000000000001 R09: 0000000000000000 [ 153.129626][ T6876] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92004bbfe79 [ 153.132052][ T6876] R13: 0000000000000000 R14: ffff888025f6c728 R15: ffffffff8fc62c20 [ 153.134449][ T6876] ? __warn_printk+0x198/0x350 [ 153.135942][ T6876] ? __warn_printk+0x1a5/0x350 [ 153.137386][ T6876] ? __pfx_enable_work+0x10/0x10 [ 153.138975][ T6876] ? __thermal_zone_cdev_unbind+0x6c/0x6a0 [ 153.140744][ T6876] __cancel_work_sync+0xe7/0x130 [ 153.142194][ T6876] thermal_zone_device_unregister+0x239/0x450 [ 153.143963][ T6876] ? __pfx_shield_remove+0x10/0x10 [ 153.145531][ T6876] power_supply_unregister+0x10a/0x150 [ 153.147176][ T6876] shield_remove+0x75/0x130 [ 153.148601][ T6876] ? __pfx_shield_remove+0x10/0x10 [ 153.150184][ T6876] hid_device_remove+0xd1/0x260 [ 153.151688][ T6876] ? __pfx_hid_device_remove+0x10/0x10 [ 153.153357][ T6876] device_remove+0xcb/0x170 [ 153.154826][ T6876] device_release_driver_internal+0x44b/0x620 [ 153.156699][ T6876] bus_remove_device+0x22f/0x420 [ 153.158209][ T6876] device_del+0x396/0x9f0 [ 153.159530][ T6876] ? __pfx_device_del+0x10/0x10 [ 153.160973][ T6876] ? do_raw_spin_lock+0x12c/0x2b0 [ 153.162516][ T6876] ? find_held_lock+0x2b/0x80 [ 153.163969][ T6876] hid_destroy_device+0x19c/0x240 [ 153.165513][ T6876] usbhid_disconnect+0xa0/0xe0 [ 153.166992][ T6876] usb_unbind_interface+0x1da/0x9a0 [ 153.168550][ T6876] ? kernfs_remove_by_name_ns+0xbe/0x110 [ 153.170314][ T6876] ? __pfx_usb_unbind_interface+0x10/0x10 [ 153.172050][ T6876] device_remove+0x122/0x170 [ 153.173451][ T6876] device_release_driver_internal+0x44b/0x620 [ 153.175374][ T6876] bus_remove_device+0x22f/0x420 [ 153.176940][ T6876] device_del+0x396/0x9f0 [ 153.178318][ T6876] ? __pfx_device_del+0x10/0x10 [ 153.179880][ T6876] ? kobject_put+0x210/0x5a0 [ 153.181354][ T6876] usb_disable_device+0x355/0x7d0 [ 153.182946][ T6876] usb_disconnect+0x2e1/0x920 [ 153.184439][ T6876] hub_event+0x1c57/0x4fa0 [ 153.185904][ T6876] ? __lock_acquire+0xb8a/0x1c90 [ 153.187475][ T6876] ? __pfx_hub_event+0x10/0x10 [ 153.189000][ T6876] ? assoc_array_insert+0x8d0/0x3970 [ 153.190665][ T6876] ? finish_task_switch.isra.0+0x221/0xc10 [ 153.192522][ T6876] ? rcu_is_watching+0x12/0xc0 [ 153.194044][ T6876] process_one_work+0x9cf/0x1b70 [ 153.195619][ T6876] ? __pfx_process_one_work+0x10/0x10 [ 153.197276][ T6876] ? assign_work+0x1a0/0x250 [ 153.198733][ T6876] worker_thread+0x6c8/0xf10 [ 153.200221][ T6876] ? __kthread_parkme+0x19e/0x250 [ 153.201821][ T6876] ? __pfx_worker_thread+0x10/0x10 [ 153.203407][ T6876] kthread+0x3c2/0x780 [ 153.204723][ T6876] ? __pfx_kthread+0x10/0x10 [ 153.206179][ T6876] ? rcu_is_watching+0x12/0xc0 [ 153.207664][ T6876] ? __pfx_kthread+0x10/0x10 [ 153.209075][ T6876] ret_from_fork+0x5d4/0x6f0 [ 153.210516][ T6876] ? __pfx_kthread+0x10/0x10 [ 153.211951][ T6876] ret_from_fork_asm+0x1a/0x30 [ 153.213424][ T6876] [ 153.215052][ T6876] Kernel Offset: disabled [ 153.216381][ T6876] Rebooting in 86400 seconds.. VM DIAGNOSIS: 14:57:55 Registers: info registers vcpu 0 CPU#0 RAX=000000000038f877 RBX=0000000000000000 RCX=ffffffff8b799c79 RDX=0000000000000000 RSI=ffffffff8dc02c0a RDI=ffffffff8bf52ee0 RBP=fffffbfff1c12ef0 RSP=ffffffff8e007e08 R8 =0000000000000001 R9 =ffffed100564663d R10=ffff88802b2331eb R11=0000000000000001 R12=0000000000000000 R13=ffffffff8e097780 R14=ffffffff9087ad50 R15=0000000000000000 RIP=ffffffff8b7987df RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097775000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c41a0c5 CR3=0000000068937000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85562565 RDI=ffffffff9ae599c0 RBP=ffffffff9ae59980 RSP=ffffc90025dfed30 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000035 R14=ffffffff9ae59980 R15=ffffffff85562500 RIP=ffffffff8556258f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097875000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002ec1cff8 CR3=000000006afb8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000001 RBX=0000000000000002 RCX=ffffffff81c33c2f RDX=fffffbfff210f5ab RSI=0000000000000008 RDI=ffffffff9087ad50 RBP=ffffc900046f7840 RSP=ffffc900046f77d0 R8 =0000000000000000 R9 =fffffbfff210f5aa R10=ffffffff9087ad57 R11=0000000000000001 R12=ffff88802b43bd80 R13=ffff88802214c880 R14=0000000000000001 R15=ffff88802b43cbf0 RIP=ffffffff8221538c RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097975000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000080001000 CR3=0000000051159000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000001 RBX=ffff88802b43bd80 RCX=0000000000000100 RDX=0000000000000001 RSI=0000000000000002 RDI=ffff88802b43bd82 RBP=dffffc0000000000 RSP=ffffc9000048f918 R8 =0000000000000001 R9 =ffff88802b53cd14 R10=ffff88802b43bd83 R11=0000000000000001 R12=0000000000007f9d R13=0000000000000000 R14=ffff88802b53cd00 R15=ffffed10056877b0 RIP=ffffffff8b7c4d58 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097a75000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000560780579000 CR3=0000000050852000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a 0000003000000012 0004000000080024 0000000000280034 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001ac 0000001400000000 0000000000000000 0000000000000015 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 080006026fd40008 0006080020080006 006f9a08000000e0 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000460802b0 0301000004080602 a803000000070000 0000000000000a29 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0013000002702808 0280030280020180 0301800210030008 0008030fffffffff ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 020003080da00405 0d800204a4e60800 0100000208060601 3a800000305f6576 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 616c735f65676469 726201ffffffffff ffffffdf080d8003 0290080004080004 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 a803000000070000 0000000000000a29 0013000002702808 0280030280020180 ZMM25=29af68e129af68e1 29af68e129af68e1 29af68e129af68e1 29af68e129af68e1 29af68e129af68e1 29af68e129af68e1 29af68e129af68e1 29af68e129af68e1 ZMM26=c05fc6d7c05fc6d7 c05fc6d7c05fc6d7 c05fc6d7c05fc6d7 c05fc6d7c05fc6d7 c05fc6d7c05fc6d7 c05fc6d7c05fc6d7 c05fc6d7c05fc6d7 c05fc6d7c05fc6d7 ZMM27=438a8488438a8488 438a8488438a8488 438a8488438a8488 438a8488438a8488 438a8488438a8488 438a8488438a8488 438a8488438a8488 438a8488438a8488 ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=4105000041050000 4105000041050000 4105000041050000 4105000041050000 4105000041050000 4105000041050000 4105000041050000 4105000041050000