last executing test programs: 9m8.204571488s ago: executing program 32 (id=526): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) 3m10.303336473s ago: executing program 33 (id=7900): set_mempolicy(0x2002, &(0x7f0000000000)=0x9, 0x9) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x3, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0xa, 0x5, 0x1, 0x4, 0x2}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7a1f, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='cubic', 0x9) setsockopt$inet_tcp_TLS_RX(r1, 0x6, 0x2, &(0x7f0000000340)=@gcm_128={{0x304}, "934a64527cdd4996", "7fedfa8ae30ab4754f861cdb2cda82a1", "fc497d88", "2b7071c695368184"}, 0x28) setsockopt$inet_int(r1, 0x0, 0x18, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0) ftruncate(r3, 0x8800000) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000000c0)={&(0x7f0000000080)="2fceea6d79d1750f73b3bb41d9602949322115e6fe03a1e1d6256bb4cfb4db781aaee4de3538489ad0807f7a7ae250c63372", &(0x7f0000000300)=""/110, &(0x7f0000000540)="cb6b16301243b9ab39df1b465c1fb4324cbd2701c0670faa66afb3e4b11a3d40bad461f0975b0210bd1d456f53b3f6c277f2db90bf4eab976cd13a483237c6aeef3c630d74b582837326a1886978a6c8c982b0ca00985546f788c36b6215a5dee53b7578c13d7bcaca5029695493b6b27a07438f722a8bd38ccf3206fe4e5f13483d2fc36f02edc8e2465f2d1f1465ad370210cc31fd907844471cd8532b64aa69aa6fd14a50107829295bd24662b44a802341241932d7ea9df7f5c20e8e2762748ef810af01b399d3220ca054a4208abab1dc281b77520301598fbcc621f8cdc2ac95f157e7e005651ea16d32eda24e6dc34671b04e23a12880cc1b43f83afc8266a4e9c39c6ba0634da6745c1ac966acf9a4952d41782532fead990d95b6379d80ee63c19510285455a6aad375caec25fb68b899fee572843b5fd7652b61f451729e0ec3cfdfc6b07743b90d41987b86da4c65fc77b6d22f05021b569b3520b268cc620e163d258150d432af0498b53f8123fa2635262e7eeeef979d9d9861809a8ce201bf2f467f1fc40ab214b77877bd483b008f6c0d94d06ca163649ac4ce6e81efa73ff2a0bd0967e25644c51e233bbaa504b9682b1a309fb176c254737744e557e8c3fb531629a087ccaa78c2e94c64833fad9eb10589bafbd4175a16d24046a4ece6f286f346db51118558be75766bf91b15836d2cad34658839157f61daeff95db457053ff582989f9298f4274a20a60438f4ed3de138685bf728ca9d417508085774a7f41d6b276b82a52aea59c1c8c3ebde434a693ca4ae7556a11290af376c75760021691a940faec63274d0ec19f11396123912bfb1fda37864e79c0b5fa8b622efb24b4c5e3a0ace82deda6a8dca1dc0a3d43434854dec45538aa171bb552845e34cc35e434b945f0f545b2b4b31ac569b18ba68f74179c3a6b5dbcbbdf18213df343659d5190a2c63467f398188fd86e9298175c9f7fc23aa5a98b47ce28084327b4399f4442c75cf7bbad3578173968723492f9fd52cbdc1ff180fd3852d7581f765b6d9103ac49119e30d78a27c5e37cd101f2e7c7630c268e448b5492b8eac9788807ac73c8395a3a3ff092c359ff4fd35b79126c6f50c82205ad0a7b8d2c8104a818d0c7c82e27b796990805b5a750183d93148634f67d7804a18afa4f04461ecd66e9151c3c4645901608590169f80ed855d8d4aab489919bab0b55cb3fa60df861cccc609245e8c3238a120dc55ee60e459f4f1426b02cc3d2c22da4614f97adf08fb18d86a4ef25a0bb93a9bca1eac9bc46ead88b081f369ef1b107307135b737539daf549810140c734a75542e53651af704f2adecb13e14798c522073afdb424cd90b2622b7d92dab108af03216bdb3691dc8ef56a079dd517b1b916a7e754e2b38da4357e48541063f13a095264061a3daaff93009ad2b4b7941d1c4035f27572419554fd23894d6fb256a8dc3739f63d1cb0fbda88fae7cc2789b51e9dbc843c9f88de58e7a39a7d466ad752ca4556a466925523c11e557672e14ebcdcd5ebb7a122c4de4279652e32121df296515ea8a7d0259e54535f14dd955694038624f0253fd293b9c0bee9aa4af1db9947e113f491a765d3943b9015c8d072598750dc991c2cc4c3940117011d907e351f8e7d51baebfafe2ac781303bbc343840ab7235dffd816e0c5b02b123ac19d20c7118b13fdce68c60e87d5697078d32958bba3fd109b836a0ab655969f63c6e83021012e33c049d38e803f6ecfbc77fae26cbf1ece2519553ce826e4dd2d010df965b763359114905459377d16f40ab3a20246a0d4512391c5bb13d7e479eb5feea7295ecefedb19f6bcdf3e4d2ec752b7d23b3eb2bb5addf7c5a63afacff4d3c92b0fa6088f668bb28c7f3c7623c09a4569169f8ab383039c0d2d5aaaf5edb0a5162e7638aa826f8c390bcdfa9a67211189b2c3d73c89d5d7f94b4d2928c4c94adeae532c2f2ed8a6777bb725b3b5d26545d96d60c20cf641596ea8bc9544c8bd0b32b00f3ac0edc44a508457f7d55a4b1df41151e44fc5eb05798cfbba9b996cef51e7e78173b1ec2b8b6ac838c9feed93822d59d6819c5020859ac8668728c897dfcaad3d5f662c386ab6e63711c777e1ae97d322e5fa9f1239ec10ba762431dd453a26dd6ba846edff575602d4485187050c0b55b511139ede8b9b7a6915bab704f48d959f480b520d445b84452d9cc7a24f8176c7f8b50747cf7063ec8acbd5ab1a855335383f72d14795794532ff01f542fded04a781f1a02fd1ac64323e10090fdf9460be5f155f0f2eae451517d93f73c60ad31736776e765bbe0df694e344b2717fbc38429a61d6af03048d0d14c73c38ba9968807ade193c52681b4cbbaf0ebface3f24db88783847a529384371d6f0df3626740a76b8263716ceb44d58af66b472985c728decef63bf30dd86f435f01132d7fa076d02a7881cd48102cec9c93b71fd545517d02a1edfefc2682299296f976af77ac4a43ced9990aaf4cfd4d4783059272a225e5af544e80db653b35124dce216872002a28f333ab69ec9b02da642bc3a8e8f85f047e93c1d15ea4158010ff99fe60e8aca8127c855eadf5e60fdb4a5688f476077be85ecef77ae4794f9ea862105657be64a6773e98a6753ae4028d5900b96ec713dc60064484c0ed60f326266972ed33790a0e33bc31380e729124c9d415b5aba52310c5d8c011f76ddc5db40df8d56ca693d6cda81cbacfbbaf365bf50fb7543d0cecad74535b39b232a0800f7b032279723b07b9a2bd56099052fea04c75661ccaa27e74f7a96232f51cf17f0275f7f7bb053ddc86b26f7e3ffbc3f71c3e05ee3e54328de99a5d6ea0ad512eb40a29a7e6b6bc07694238dd67e73af9d820923b9423d428935e5f319748e097ec2f11a04aedab603d4d12c685ffaa5ce3dcc862f2e2213eec09f4e96c008be43e83c0b59ba75c59a1294152ef871bc26917ded3c9e9f466fd35c908f5d5d978b2d086b1f20c90ac3cb51b56ab46ff501fadadb148fec8c5adb28080992390e7df450a318ce21abd49794e72f04b318876b748c7ce379b0b6e80c9754a99e9d11bd5261f81addcab83daa74aa3048d26ef406ad5fbd6d5df9d6fa8bcc056b84d953f8900913f1acd8d632ace22e10f955e7a31c0ce8742d0f9267360ecb799760ec2d1142ac13761b9aa1ad1ef3d6f9be0e9150afc38124293b2fb1a17987c4ec5356a585659a0fe3cf849fa5292fb09a6378ea3fa7a3ae324c8402c3fdf27e2655a9413a87f68b9b399c9965b1d001976bb155d9348c61ab38c5e25f405a0212d0e554a303b025e1b88adabf93145ed514125aeb487cdde8333b04ac99f0eb81cacd6a87cd48931644a8d4c0e88488b9ea88fdb0072e805d761c75914dcbf616049d690e4e458b550b08ce4bc5ccc89e02e5978d54eb379515f096f629a399261136f6b44438648f14490a4cf9112de4713511e7e5095578ffd2a45f31524d38e9db5115d2a7f8c54c843bb4a195771bc6c536560a7739f8e6ac42df4594a828291e34bcef2438418f7990485b68baf3bba67f424f099f783b117f72fa33b68614d8fb8e1c9e02f0d637e9a50638d8c0629626734f3de044966aa8caad292761cd8b0f0def223ed907ad1e08f3e7f7467cb776ec616e4505315ccceb35c9c128f7eb2c052d1154ccd12fa9e21c7fccc5f22fc93ae62b8ebe868e74e595a6009e78ae91c55608f3720cc0118220488d6e8bee86acc40fd2c9fc38c2494ef1034aaa048cac8abe31552fa385d58cf29934e38acc983162334bf4599e8e538410b1da0d3e51021a86492a2a1e8f67e6ca2ba3ff7394538aa837eca5d867aa909d5beddd5532b0efcc20cab43d59cf26544812c4efe0025f02d3ed558eceeeb0136c6b69dd0578b54bd18dcddc46935d1b139cb59b1736a0db204d26ce39e7f87a78451c9e9a2019c1dd23b0bbb0bbcda1aa8dc237b8fb7998d8ea6203ee108b122bb8f2a03a64fc15b677434dd6daa67f0e05e997f8821d31d1413ebbe9828a48e3738dfa22ffd78ae0a7df7bbfc22f87cfb9479af087523b90fc83d0236ae16c1f1c97b42ed5f50e5d4226339e154541631663ed3869053a40f70f840e749e6ee318cd280ea250ab0b66969e731a4f896efcffddc038eb696a1b1203c52f8e046a19382dcf485643ebd5cf1832a3b15a24c435f987cee002b9842ed7b87f536794f90e8640dde7a1ede0c165c0eb324988e3eb8d5c60314d433c3f458a24c53d58e57cd33e258db40ddcbca0549ab64f165102f631f1af4a61c224c405ea2d842d4a926adf509a30f0695773c74b14dcebae570484a47592c0b0c70fec0208058a86dfd70a5ff33ee55d2616a48488a6d8f0ef49aab19ef5fc62ba23926b82cea82d39a6871cba5ec14ad18716523c7d048af3d0492b9f4fc5f1265175f378b69ba8b4d5b68e894211c7e528d75b42a1cfb6420a046cb53aa5c8ebf0e1c83ca70eee2671dd5ba7df42ed151777f66ce4eb9a8eb9897de855dc673281d33ddb77805929050ad28db83b99c4f42045fb54f699e37314fbd714ca7a4ab5add9a34fd2d255fb4f90c2520f7996b0f7010cc2f38280ba4b50afb09d25a20bb4b2ee7df38c6f97181b92867de7c214d17cbdfa21e3b11504a059d8a9667b4af4d8ab6729249054f94b77f8748ce1b32cecb458272cbd27bd6af8d21c9542bf1d57e86fc9c90389b47471965c75ed21de135650184f76bfd96961c72c3aecf4055598f41142cdf4c15ffd7083ca3e00b6ef87966b5dc851dd27f7dbace7190b6e0fccb5c320298df163ed7d7375add60d439423445de06dd03026622c74cad439626e6d5ac2567c6f01816bb1e915c1ca87474aacf8851ef3fa8c792080a9fe9a023e4f577994b0b96107c8fcbbe2f24302c4ab31c7f4198c5c0d1db4bf6ae75e01b11a708e4e124809093557f0aee8caf31b076636c08d6455cb02491efea525966ff0dac0aa8e5d9bfbba1733c31625043b5d79f36a30d00385fca18fea8744608128145911815d5be445ae787faeee", &(0x7f0000000400)="83abbd84d2107b707f004de20c7f5a25060f09162f866ac7a06ee0f820a3995c3b620ebfc273e7767ca8b979f20a301d0776604e9a4a6e6ddbcf6a0fb3f1f7478868f21c7300780dce871df5ec762cb2cba36907833984", 0xc19f, r3, 0x4}, 0x38) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r4, &(0x7f0000000180)=@abs={0x1, 0x0, 0x4e21}, 0x6e) recvmmsg(0xffffffffffffffff, &(0x7f0000000240)=[{{0x0, 0x0, 0x0}}], 0x1, 0x700, 0x0) sendfile(0xffffffffffffffff, r3, 0x0, 0x578410eb) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3) 2m7.833232805s ago: executing program 34 (id=8200): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000040)={&(0x7f0000000300)=[0x0, 0x0, 0x0], &(0x7f0000000040), 0x3, r1, 0xcccccccc}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f0000000240)=[r1], &(0x7f0000000200), &(0x7f00000000c0)=[r2], &(0x7f0000000040), 0x0, 0x300}) 2m4.44974039s ago: executing program 35 (id=8300): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x7f, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x5, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_usbip_server_init(0x6) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r3, 0x560a, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x4}) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) ptrace$ARCH_SHSTK_UNLOCK(0x1e, r0, 0x0, 0x5004) getpid() bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="300000002000010000000000000000000200000000000000000000001400110076657468305f6d6163767461700000009b0bc89274c0b206ee2370d3366f6dbd1721e2a28b4ef7f14306fd7930691580142b18edbe3f6f78c85c027362fc7cf5d8861fed860539bc5baaac1c0b3daa152f3891f190cd7695c9201ce7cc8be77e555879a6c694aba6050fd166928e93bba39b432552922651ba66d0d8614b44dd165dab3f02718fe5e55654bd3479c7ae48c1b2ed24e2885a2b4e9ce80d29baccb443d72594f8ca6cd4e0ea3360dc075246702c0fd865ec369f023c6dc7f73a52831a910e39408ee7a554abe2b96c19bfdbc8880cf4f2f56848c6e8a047f40164ab87a5ba7c513201bee4b3504bc888844f773172e3dea353795e2ee5e0f770f7475b719b51e8c638cfe54560c59643526b449a6f10f6891d22c4c016e8a35d8c72a444d25ae5b4af546490b298d1e392c75b3c2d3edddd8c514dd0"], 0x30}}, 0x48850) r6 = openat$cdrom(0xffffff9c, &(0x7f00000013c0), 0x4, 0x0) ioctl$CDROMREADTOCENTRY(r6, 0x5306, &(0x7f0000001400)={0xe, 0x7, 0x9, 0x1, @msf={0x3, 0x84, 0xf}, 0xc}) syz_open_dev$video(&(0x7f0000000040), 0x8, 0x0) socket$netlink(0x10, 0x3, 0x0) 2m2.113293367s ago: executing program 1 (id=8307): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000005c0)=@generic={&(0x7f0000000080)='./mnt\x00'}, 0x14) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xf, 0x38, &(0x7f0000000300)=ANY=[@ANYRESHEX=r0, @ANYRES8=r1], 0x0, 0x8001, 0x16, &(0x7f0000000200)=""/22, 0x41100, 0x54, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0xffffffffffffffff, 0x10, 0x2}, 0x94) sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) r3 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2) writev(r3, &(0x7f0000000480), 0x0) r4 = socket$netlink(0x10, 0x3, 0x15) writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600a60025000000190004000400000007fd17e5ffff0800040000000000", 0x36}], 0x1) recvmmsg(r4, &(0x7f0000000680), 0x0, 0x40010000, 0x0) keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x71) fsopen(0x0, 0x0) unshare(0x40000080) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000002) socketpair$unix(0x1, 0x1, 0x0, 0x0) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) readlinkat(0xffffffffffffffff, &(0x7f0000000140)='./mnt\x00', 0x0, 0x0) r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) close_range(r5, 0xffffffffffffffff, 0x200000000000000) 2m1.181805824s ago: executing program 1 (id=8310): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r0, &(0x7f0000000200)={0x18, 0x2, {0xfeff, @local}}, 0x1e) fcntl$setlease(r0, 0x400, 0x0) connect$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0xffff, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x1e) r1 = openat$ppp(0xffffffffffffff9c, 0x0, 0x1a01, 0x0) ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246) writev(r1, &(0x7f0000000a40)=[{&(0x7f0000000640)="5e1d", 0x2}], 0x1) 2m0.99277052s ago: executing program 1 (id=8311): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bond0\x00'}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=@newlink={0x5c, 0x10, 0x401, 0x20001, 0x2000000, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_FLAGS={0x6, 0x2, 0x1}, @IFLA_IPVLAN_FLAGS={0x6}, @IFLA_IPVLAN_MODE={0x6, 0x1, 0x1}, @IFLA_IPVLAN_MODE={0x6}, @IFLA_IPVLAN_FLAGS={0x6, 0x2, 0x2}]}}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054) 2m0.902446994s ago: executing program 1 (id=8312): r0 = getpgid(0x0) syz_pidfd_open(r0, 0x0) setns(0xffffffffffffffff, 0x66020000) syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 2m0.821988295s ago: executing program 1 (id=8313): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x14, 0x9, 0x6, 0x201}, 0x14}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4) 2m0.58273007s ago: executing program 1 (id=8314): syz_usb_connect(0x0, 0x2d, 0x0, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000580), 0x4, 0x0) ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000000080)={0x73, 0x18, 0x4, 0x0, "d80004000000000000957f00003d4a100a000000000020020661e6e66b8b37ff"}) 2m0.502624118s ago: executing program 36 (id=8314): syz_usb_connect(0x0, 0x2d, 0x0, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000580), 0x4, 0x0) ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000000080)={0x73, 0x18, 0x4, 0x0, "d80004000000000000957f00003d4a100a000000000020020661e6e66b8b37ff"}) 1m59.009856438s ago: executing program 6 (id=8288): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000001811ff000000000000"], 0x52) 1m58.875356774s ago: executing program 6 (id=8316): set_mempolicy(0x2002, &(0x7f0000000000)=0x9, 0x9) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x3, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0xa, 0x5, 0x1, 0x4, 0x2}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7a1f, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='cubic', 0x9) setsockopt$inet_tcp_TLS_RX(r1, 0x6, 0x2, &(0x7f0000000340)=@gcm_128={{0x304}, "934a64527cdd4996", "7fedfa8ae30ab4754f861cdb2cda82a1", "fc497d88", "2b7071c695368184"}, 0x28) setsockopt$inet_int(r1, 0x0, 0x18, 0x0, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000000c0)={&(0x7f0000000080)="2fceea6d79d1750f73b3bb41d9602949322115e6fe03a1e1d6256bb4cfb4db781aaee4de3538489ad0807f7a7ae250c63372", &(0x7f0000000300)=""/110, &(0x7f0000000540)="cb6b16301243b9ab39df1b465c1fb4324cbd2701c0670faa66afb3e4b11a3d40bad461f0975b0210bd1d456f53b3f6c277f2db90bf4eab976cd13a483237c6aeef3c630d74b582837326a1886978a6c8c982b0ca00985546f788c36b6215a5dee53b7578c13d7bcaca5029695493b6b27a07438f722a8bd38ccf3206fe4e5f13483d2fc36f02edc8e2465f2d1f1465ad370210cc31fd907844471cd8532b64aa69aa6fd14a50107829295bd24662b44a802341241932d7ea9df7f5c20e8e2762748ef810af01b399d3220ca054a4208abab1dc281b77520301598fbcc621f8cdc2ac95f157e7e005651ea16d32eda24e6dc34671b04e23a12880cc1b43f83afc8266a4e9c39c6ba0634da6745c1ac966acf9a4952d41782532fead990d95b6379d80ee63c19510285455a6aad375caec25fb68b899fee572843b5fd7652b61f451729e0ec3cfdfc6b07743b90d41987b86da4c65fc77b6d22f05021b569b3520b268cc620e163d258150d432af0498b53f8123fa2635262e7eeeef979d9d9861809a8ce201bf2f467f1fc40ab214b77877bd483b008f6c0d94d06ca163649ac4ce6e81efa73ff2a0bd0967e25644c51e233bbaa504b9682b1a309fb176c254737744e557e8c3fb531629a087ccaa78c2e94c64833fad9eb10589bafbd4175a16d24046a4ece6f286f346db51118558be75766bf91b15836d2cad34658839157f61daeff95db457053ff582989f9298f4274a20a60438f4ed3de138685bf728ca9d417508085774a7f41d6b276b82a52aea59c1c8c3ebde434a693ca4ae7556a11290af376c75760021691a940faec63274d0ec19f11396123912bfb1fda37864e79c0b5fa8b622efb24b4c5e3a0ace82deda6a8dca1dc0a3d43434854dec45538aa171bb552845e34cc35e434b945f0f545b2b4b31ac569b18ba68f74179c3a6b5dbcbbdf18213df343659d5190a2c63467f398188fd86e9298175c9f7fc23aa5a98b47ce28084327b4399f4442c75cf7bbad3578173968723492f9fd52cbdc1ff180fd3852d7581f765b6d9103ac49119e30d78a27c5e37cd101f2e7c7630c268e448b5492b8eac9788807ac73c8395a3a3ff092c359ff4fd35b79126c6f50c82205ad0a7b8d2c8104a818d0c7c82e27b796990805b5a750183d93148634f67d7804a18afa4f04461ecd66e9151c3c4645901608590169f80ed855d8d4aab489919bab0b55cb3fa60df861cccc609245e8c3238a120dc55ee60e459f4f1426b02cc3d2c22da4614f97adf08fb18d86a4ef25a0bb93a9bca1eac9bc46ead88b081f369ef1b107307135b737539daf549810140c734a75542e53651af704f2adecb13e14798c522073afdb424cd90b2622b7d92dab108af03216bdb3691dc8ef56a079dd517b1b916a7e754e2b38da4357e48541063f13a095264061a3daaff93009ad2b4b7941d1c4035f27572419554fd23894d6fb256a8dc3739f63d1cb0fbda88fae7cc2789b51e9dbc843c9f88de58e7a39a7d466ad752ca4556a466925523c11e557672e14ebcdcd5ebb7a122c4de4279652e32121df296515ea8a7d0259e54535f14dd955694038624f0253fd293b9c0bee9aa4af1db9947e113f491a765d3943b9015c8d072598750dc991c2cc4c3940117011d907e351f8e7d51baebfafe2ac781303bbc343840ab7235dffd816e0c5b02b123ac19d20c7118b13fdce68c60e87d5697078d32958bba3fd109b836a0ab655969f63c6e83021012e33c049d38e803f6ecfbc77fae26cbf1ece2519553ce826e4dd2d010df965b763359114905459377d16f40ab3a20246a0d4512391c5bb13d7e479eb5feea7295ecefedb19f6bcdf3e4d2ec752b7d23b3eb2bb5addf7c5a63afacff4d3c92b0fa6088f668bb28c7f3c7623c09a4569169f8ab383039c0d2d5aaaf5edb0a5162e7638aa826f8c390bcdfa9a67211189b2c3d73c89d5d7f94b4d2928c4c94adeae532c2f2ed8a6777bb725b3b5d26545d96d60c20cf641596ea8bc9544c8bd0b32b00f3ac0edc44a508457f7d55a4b1df41151e44fc5eb05798cfbba9b996cef51e7e78173b1ec2b8b6ac838c9feed93822d59d6819c5020859ac8668728c897dfcaad3d5f662c386ab6e63711c777e1ae97d322e5fa9f1239ec10ba762431dd453a26dd6ba846edff575602d4485187050c0b55b511139ede8b9b7a6915bab704f48d959f480b520d445b84452d9cc7a24f8176c7f8b50747cf7063ec8acbd5ab1a855335383f72d14795794532ff01f542fded04a781f1a02fd1ac64323e10090fdf9460be5f155f0f2eae451517d93f73c60ad31736776e765bbe0df694e344b2717fbc38429a61d6af03048d0d14c73c38ba9968807ade193c52681b4cbbaf0ebface3f24db88783847a529384371d6f0df3626740a76b8263716ceb44d58af66b472985c728decef63bf30dd86f435f01132d7fa076d02a7881cd48102cec9c93b71fd545517d02a1edfefc2682299296f976af77ac4a43ced9990aaf4cfd4d4783059272a225e5af544e80db653b35124dce216872002a28f333ab69ec9b02da642bc3a8e8f85f047e93c1d15ea4158010ff99fe60e8aca8127c855eadf5e60fdb4a5688f476077be85ecef77ae4794f9ea862105657be64a6773e98a6753ae4028d5900b96ec713dc60064484c0ed60f326266972ed33790a0e33bc31380e729124c9d415b5aba52310c5d8c011f76ddc5db40df8d56ca693d6cda81cbacfbbaf365bf50fb7543d0cecad74535b39b232a0800f7b032279723b07b9a2bd56099052fea04c75661ccaa27e74f7a96232f51cf17f0275f7f7bb053ddc86b26f7e3ffbc3f71c3e05ee3e54328de99a5d6ea0ad512eb40a29a7e6b6bc07694238dd67e73af9d820923b9423d428935e5f319748e097ec2f11a04aedab603d4d12c685ffaa5ce3dcc862f2e2213eec09f4e96c008be43e83c0b59ba75c59a1294152ef871bc26917ded3c9e9f466fd35c908f5d5d978b2d086b1f20c90ac3cb51b56ab46ff501fadadb148fec8c5adb28080992390e7df450a318ce21abd49794e72f04b318876b748c7ce379b0b6e80c9754a99e9d11bd5261f81addcab83daa74aa3048d26ef406ad5fbd6d5df9d6fa8bcc056b84d953f8900913f1acd8d632ace22e10f955e7a31c0ce8742d0f9267360ecb799760ec2d1142ac13761b9aa1ad1ef3d6f9be0e9150afc38124293b2fb1a17987c4ec5356a585659a0fe3cf849fa5292fb09a6378ea3fa7a3ae324c8402c3fdf27e2655a9413a87f68b9b399c9965b1d001976bb155d9348c61ab38c5e25f405a0212d0e554a303b025e1b88adabf93145ed514125aeb487cdde8333b04ac99f0eb81cacd6a87cd48931644a8d4c0e88488b9ea88fdb0072e805d761c75914dcbf616049d690e4e458b550b08ce4bc5ccc89e02e5978d54eb379515f096f629a399261136f6b44438648f14490a4cf9112de4713511e7e5095578ffd2a45f31524d38e9db5115d2a7f8c54c843bb4a195771bc6c536560a7739f8e6ac42df4594a828291e34bcef2438418f7990485b68baf3bba67f424f099f783b117f72fa33b68614d8fb8e1c9e02f0d637e9a50638d8c0629626734f3de044966aa8caad292761cd8b0f0def223ed907ad1e08f3e7f7467cb776ec616e4505315ccceb35c9c128f7eb2c052d1154ccd12fa9e21c7fccc5f22fc93ae62b8ebe868e74e595a6009e78ae91c55608f3720cc0118220488d6e8bee86acc40fd2c9fc38c2494ef1034aaa048cac8abe31552fa385d58cf29934e38acc983162334bf4599e8e538410b1da0d3e51021a86492a2a1e8f67e6ca2ba3ff7394538aa837eca5d867aa909d5beddd5532b0efcc20cab43d59cf26544812c4efe0025f02d3ed558eceeeb0136c6b69dd0578b54bd18dcddc46935d1b139cb59b1736a0db204d26ce39e7f87a78451c9e9a2019c1dd23b0bbb0bbcda1aa8dc237b8fb7998d8ea6203ee108b122bb8f2a03a64fc15b677434dd6daa67f0e05e997f8821d31d1413ebbe9828a48e3738dfa22ffd78ae0a7df7bbfc22f87cfb9479af087523b90fc83d0236ae16c1f1c97b42ed5f50e5d4226339e154541631663ed3869053a40f70f840e749e6ee318cd280ea250ab0b66969e731a4f896efcffddc038eb696a1b1203c52f8e046a19382dcf485643ebd5cf1832a3b15a24c435f987cee002b9842ed7b87f536794f90e8640dde7a1ede0c165c0eb324988e3eb8d5c60314d433c3f458a24c53d58e57cd33e258db40ddcbca0549ab64f165102f631f1af4a61c224c405ea2d842d4a926adf509a30f0695773c74b14dcebae570484a47592c0b0c70fec0208058a86dfd70a5ff33ee55d2616a48488a6d8f0ef49aab19ef5fc62ba23926b82cea82d39a6871cba5ec14ad18716523c7d048af3d0492b9f4fc5f1265175f378b69ba8b4d5b68e894211c7e528d75b42a1cfb6420a046cb53aa5c8ebf0e1c83ca70eee2671dd5ba7df42ed151777f66ce4eb9a8eb9897de855dc673281d33ddb77805929050ad28db83b99c4f42045fb54f699e37314fbd714ca7a4ab5add9a34fd2d255fb4f90c2520f7996b0f7010cc2f38280ba4b50afb09d25a20bb4b2ee7df38c6f97181b92867de7c214d17cbdfa21e3b11504a059d8a9667b4af4d8ab6729249054f94b77f8748ce1b32cecb458272cbd27bd6af8d21c9542bf1d57e86fc9c90389b47471965c75ed21de135650184f76bfd96961c72c3aecf4055598f41142cdf4c15ffd7083ca3e00b6ef87966b5dc851dd27f7dbace7190b6e0fccb5c320298df163ed7d7375add60d439423445de06dd03026622c74cad439626e6d5ac2567c6f01816bb1e915c1ca87474aacf8851ef3fa8c792080a9fe9a023e4f577994b0b96107c8fcbbe2f24302c4ab31c7f4198c5c0d1db4bf6ae75e01b11a708e4e124809093557f0aee8caf31b076636c08d6455cb02491efea525966ff0dac0aa8e5d9bfbba1733c31625043b5d79f36a30d00385fca18fea8744608128145911815d5be445ae787faeee", &(0x7f0000000400)="83abbd84d2107b707f004de20c7f5a25060f09162f866ac7a06ee0f820a3995c3b620ebfc273e7767ca8b979f20a301d0776604e9a4a6e6ddbcf6a0fb3f1f7478868f21c7300780dce871df5ec762cb2cba36907833984", 0xc19f, r3, 0x4}, 0x38) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r4, &(0x7f0000000180)=@abs={0x1, 0x0, 0x4e21}, 0x6e) listen(r4, 0x0) sendfile(0xffffffffffffffff, r3, 0x0, 0x578410eb) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3) 1m57.519501141s ago: executing program 6 (id=8318): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bond0\x00'}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=@newlink={0x5c, 0x10, 0x401, 0x20001, 0x2000000, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_FLAGS={0x6, 0x2, 0x1}, @IFLA_IPVLAN_FLAGS={0x6}, @IFLA_IPVLAN_MODE={0x6, 0x1, 0x1}, @IFLA_IPVLAN_MODE={0x6}, @IFLA_IPVLAN_FLAGS={0x6, 0x2, 0x2}]}}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054) 1m57.402226516s ago: executing program 6 (id=8319): r0 = getpgid(0x0) syz_pidfd_open(r0, 0x0) setns(0xffffffffffffffff, 0x66020000) syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 1m57.401828379s ago: executing program 6 (id=8320): sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x14, 0x9, 0x6, 0x201}, 0x14}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4) 1m57.081929712s ago: executing program 6 (id=8324): set_mempolicy(0x2002, &(0x7f0000000000)=0x9, 0x9) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x3, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0xa, 0x5, 0x1, 0x4, 0x2}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7a1f, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='cubic', 0x9) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0) ftruncate(r3, 0x8800000) listen(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r3, 0x0, 0x578410eb) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3) 1m57.007404031s ago: executing program 37 (id=8324): set_mempolicy(0x2002, &(0x7f0000000000)=0x9, 0x9) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$unix(0x1, 0x3, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0xa, 0x5, 0x1, 0x4, 0x2}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7a1f, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='cubic', 0x9) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0) ftruncate(r3, 0x8800000) listen(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r3, 0x0, 0x578410eb) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3) 1m48.404313877s ago: executing program 9 (id=8325): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000005c0)=@generic={&(0x7f0000000080)='./mnt\x00'}, 0x14) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xf, 0x38, &(0x7f0000000300)=ANY=[@ANYRESHEX=r0, @ANYRES8=r1], 0x0, 0x8001, 0x16, &(0x7f0000000200)=""/22, 0x41100, 0x54, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0xffffffffffffffff, 0x10, 0x2}, 0x94) sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0) mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='./mnt\x00', &(0x7f0000000280)='nfs4\x00', 0x2100803, &(0x7f00000002c0)='+{=%:\x00') syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) r3 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2) writev(r3, &(0x7f0000000480), 0x0) r4 = socket$netlink(0x10, 0x3, 0x15) writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000180)}], 0x1) recvmmsg(r4, &(0x7f0000000680), 0x0, 0x40010000, 0x0) keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x71) fsopen(0x0, 0x0) unshare(0x40000080) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000002) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) socket$nl_route(0x10, 0x3, 0x0) readlinkat(0xffffffffffffffff, &(0x7f0000000140)='./mnt\x00', 0x0, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000140)={0xb4, 0x516f}, 0x0) r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) close_range(r5, 0xffffffffffffffff, 0x200000000000000) 1m47.530189612s ago: executing program 8 (id=8356): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000380)=@abs, 0x6e) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) getsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, 0x0, &(0x7f0000000340)) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000002c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x81b}}, './file0\x00'}) r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, 0x0) mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r5}, 0x10) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={0x30, 0x3e, 0x107, 0xfffffffe, 0x0, {0xe, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x29, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x2d}}]}, @nested={0xc, 0x2, 0x0, 0x1, [@nested={0x8, 0x14, 0x0, 0x1, [@nested={0x4, 0x14}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4048011}, 0xc084) ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f00000001c0)=0x3) syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x20, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x4}) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="4c0000001200ff09ff3a150099a283ff07b8008000f0ffff000000060040150024001d00120511a09798bc593ab6821148a730cc33a49868c62b2ca654a6613b6aab9d25bf46050d3c3a2b04", 0x4c}], 0x1}, 0x4008000) 1m47.306871896s ago: executing program 9 (id=8350): r0 = syz_pidfd_open(0x0, 0x0) r1 = pidfd_getfd(r0, r0, 0x0) setns(r1, 0x66020000) syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 1m47.110758777s ago: executing program 9 (id=8351): r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x6242, 0x32) r1 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000040)={0x4, 0xfffffffffffffd80, 0xfa00, {0xffffffffffffffff, 0xd}}, 0xfffffe01) fchmod(r1, 0xcc) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x10, &(0x7f0000006680)) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) bind$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @none, 0x100, 0x1}, 0xe) epoll_create(0x4004a1) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x10, r0, 0x8000000) syz_io_uring_complete(r3) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) mknod(&(0x7f0000000000)='./file0\x00', 0x6000, 0x77b) mount(&(0x7f00000000c0)=@filename='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='btrfs\x00', 0x0, 0x0) r4 = socket$kcm(0x2d, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000000000)={r4}) ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc01cf509, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffff, 0x6f0, 0x5}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 1m46.51246119s ago: executing program 8 (id=8352): syz_usb_connect(0x0, 0x2d, 0x0, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000580), 0x4, 0x0) mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1) ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000000080)={0x73, 0x18, 0x4, 0x0, "d80004000000000000957f00003d4a100a000000000020020661e6e66b8b37ff"}) 1m46.354728886s ago: executing program 9 (id=8354): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000005c0)=@generic={&(0x7f0000000080)='./mnt\x00'}, 0x14) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xf, 0x38, &(0x7f0000000300)=ANY=[@ANYRESHEX=r0, @ANYRES8=r1], 0x0, 0x8001, 0x16, &(0x7f0000000200)=""/22, 0x41100, 0x54, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0xffffffffffffffff, 0x10, 0x2}, 0x94) sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0) mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='./mnt\x00', &(0x7f0000000280)='nfs4\x00', 0x2100803, &(0x7f00000002c0)='+{=%:\x00') syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) r3 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2) writev(r3, &(0x7f0000000480), 0x0) r4 = socket$netlink(0x10, 0x3, 0x15) writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600a60025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) recvmmsg(r4, &(0x7f0000000680), 0x0, 0x40010000, 0x0) keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x71) fsopen(0x0, 0x0) unshare(0x40000080) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000002) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) socket$nl_route(0x10, 0x3, 0x0) readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000140)={0xb4, 0x516f}, 0x0) r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) close_range(r5, 0xffffffffffffffff, 0x200000000000000) 1m46.273324126s ago: executing program 38 (id=8354): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000005c0)=@generic={&(0x7f0000000080)='./mnt\x00'}, 0x14) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xf, 0x38, &(0x7f0000000300)=ANY=[@ANYRESHEX=r0, @ANYRES8=r1], 0x0, 0x8001, 0x16, &(0x7f0000000200)=""/22, 0x41100, 0x54, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0xffffffffffffffff, 0x10, 0x2}, 0x94) sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0) mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='./mnt\x00', &(0x7f0000000280)='nfs4\x00', 0x2100803, &(0x7f00000002c0)='+{=%:\x00') syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) r3 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2) writev(r3, &(0x7f0000000480), 0x0) r4 = socket$netlink(0x10, 0x3, 0x15) writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600a60025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) recvmmsg(r4, &(0x7f0000000680), 0x0, 0x40010000, 0x0) keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x71) fsopen(0x0, 0x0) unshare(0x40000080) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000002) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) socket$nl_route(0x10, 0x3, 0x0) readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000140)={0xb4, 0x516f}, 0x0) r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) close_range(r5, 0xffffffffffffffff, 0x200000000000000) 1m45.89251091s ago: executing program 8 (id=8358): r0 = socket$nl_rdma(0x10, 0x3, 0x14) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r3, &(0x7f0000000180)={0x2, 0x4e23, @multicast2}, 0x10) connect$inet(r3, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) writev(r3, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x11) shutdown(r3, 0x1) ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0) connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) preadv2(0xffffffffffffffff, 0x0, 0x0, 0x4b5, 0x1, 0x12) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r5], 0x44}}, 0x0) r6 = socket(0x10, 0x3, 0x0) sendmmsg(r6, &(0x7f0000000000), 0x4000000000001f2, 0x0) r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3000000, 0x4000010, 0xffffffffffffffff, 0x8000000) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x0, &(0x7f0000000300)=0xa, 0x0, 0x4) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="20210600000000000000000843099b80000000080f030002008e00000000"], 0x20}, 0x1, 0x0, 0x0, 0xf0fff7bf}, 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f0000000080)='./file0\x00') mount$overlay(0x0, &(0x7f00000004c0)='./file1\x00', &(0x7f0000000480), 0x2008000, 0x0) 1m45.475756078s ago: executing program 7 (id=8359): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000380)=@abs, 0x6e) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) getsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, 0x0, &(0x7f0000000340)) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000002c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x81b}}, './file0\x00'}) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xfffd, 0x3}, 0x6) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={0x30, 0x3e, 0x107, 0xfffffffe, 0x0, {0xe, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x29, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x2d}}]}, @nested={0xc, 0x2, 0x0, 0x1, [@nested={0x8, 0x14, 0x0, 0x1, [@nested={0x4, 0x14}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4048011}, 0xc084) ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f00000001c0)=0x3) syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x20, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x4}) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="4c0000001200ff09ff3a150099a283ff07b8008000f0ffff000000060040150024001d00120511a09798bc593ab6821148a730cc33a49868c62b2ca654a6613b6aab9d25bf46050d3c3a2b04", 0x4c}], 0x1}, 0x4008000) 1m44.862383949s ago: executing program 8 (id=8360): r0 = syz_pidfd_open(0x0, 0x0) r1 = pidfd_getfd(r0, r0, 0x0) setns(r1, 0x66020000) syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 1m44.859676466s ago: executing program 8 (id=8361): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000005c0)=@generic={&(0x7f0000000080)='./mnt\x00'}, 0x14) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xf, 0x38, &(0x7f0000000300)=ANY=[@ANYRESHEX=r0, @ANYRES8=r1], 0x0, 0x8001, 0x16, &(0x7f0000000200)=""/22, 0x41100, 0x54, '\x00', 0x0, @cgroup_device, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0xffffffffffffffff, 0x10, 0x2}, 0x94) sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) r3 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2) writev(r3, &(0x7f0000000480), 0x0) r4 = socket$netlink(0x10, 0x3, 0x15) writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000180)}], 0x1) recvmmsg(r4, &(0x7f0000000680), 0x0, 0x40010000, 0x0) keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x71) fsopen(0x0, 0x0) unshare(0x40000080) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000002) socketpair$unix(0x1, 0x1, 0x0, 0x0) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) readlinkat(0xffffffffffffffff, &(0x7f0000000140)='./mnt\x00', 0x0, 0x0) r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) close_range(r5, 0xffffffffffffffff, 0x200000000000000) 1m44.512698381s ago: executing program 7 (id=8362): set_mempolicy(0x2002, &(0x7f0000000000)=0x9, 0x9) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0xa, 0x5, 0x1, 0x4, 0x2}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7a1f, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='cubic', 0x9) setsockopt$inet_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000340)=@gcm_128={{0x304}, "934a64527cdd4996", "7fedfa8ae30ab4754f861cdb2cda82a1", "fc497d88", "2b7071c695368184"}, 0x28) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0) ftruncate(r2, 0x8800000) listen(0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x578410eb) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3) 1m44.512441844s ago: executing program 8 (id=8363): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x401, 0x20001, 0x2000000, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054) 1m44.362849771s ago: executing program 39 (id=8363): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x401, 0x20001, 0x2000000, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054) 1m43.30233119s ago: executing program 7 (id=8366): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x4000) sendmsg$NFT_BATCH(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_MATCH_INFO={0x5, 0x3, '\x00'}, @NFTA_MATCH_NAME={0xb, 0x1, 'socket\x00'}]}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x80}, 0x1, 0x0, 0x0, 0x24044800}, 0x0) 1m43.252483406s ago: executing program 7 (id=8368): r0 = syz_pidfd_open(0x0, 0x0) r1 = pidfd_getfd(r0, r0, 0x0) setns(r1, 0x66020000) syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 1m43.252104791s ago: executing program 7 (id=8369): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000380)=@abs, 0x6e) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) getsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, 0x0, &(0x7f0000000340)) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000002c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x81b}}, './file0\x00'}) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xfffd, 0x3}, 0x6) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={0x30, 0x3e, 0x107, 0xfffffffe, 0x0, {0xe, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x29, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x2d}}]}, @nested={0xc, 0x2, 0x0, 0x1, [@nested={0x8, 0x14, 0x0, 0x1, [@nested={0x4, 0x14}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4048011}, 0xc084) ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f00000001c0)=0x3) syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x20, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x4}) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="4c0000001200ff09ff3a150099a283ff07b8008000f0ffff000000060040150024001d00120511a09798bc593ab6821148a730cc33a49868c62b2ca654a6613b6aab9d25bf46050d3c3a2b04", 0x4c}], 0x1}, 0x4008000) 1m42.062515739s ago: executing program 7 (id=8372): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000380)=@abs, 0x6e) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) getsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, 0x0, &(0x7f0000000340)) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000002c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x81b}}, './file0\x00'}) r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, 0x0) mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r5}, 0x10) bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xfffd, 0x3}, 0x6) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={0x30, 0x3e, 0x107, 0xfffffffe, 0x0, {0xe, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x29, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x2d}}]}, @nested={0xc, 0x2, 0x0, 0x1, [@nested={0x8, 0x14, 0x0, 0x1, [@nested={0x4, 0x14}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4048011}, 0xc084) ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f00000001c0)=0x3) syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x20, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x4}) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="4c0000001200ff09ff3a150099a283ff07b8008000f0ffff000000060040150024001d00120511a09798bc593ab6821148a730cc33a49868c62b2ca654a6613b6aab9d25bf46050d3c3a2b04", 0x4c}], 0x1}, 0x4008000) 1m41.963784985s ago: executing program 40 (id=8372): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000380)=@abs, 0x6e) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) getsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, 0x0, &(0x7f0000000340)) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000002c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x81b}}, './file0\x00'}) r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, 0x0) mknod(&(0x7f0000000080)='./bus\x00', 0x1000, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r5}, 0x10) bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xfffd, 0x3}, 0x6) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={0x30, 0x3e, 0x107, 0xfffffffe, 0x0, {0xe, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x29, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x2d}}]}, @nested={0xc, 0x2, 0x0, 0x1, [@nested={0x8, 0x14, 0x0, 0x1, [@nested={0x4, 0x14}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4048011}, 0xc084) ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f00000001c0)=0x3) syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x20, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x4}) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="4c0000001200ff09ff3a150099a283ff07b8008000f0ffff000000060040150024001d00120511a09798bc593ab6821148a730cc33a49868c62b2ca654a6613b6aab9d25bf46050d3c3a2b04", 0x4c}], 0x1}, 0x4008000) 1m4.292061081s ago: executing program 3 (id=8841): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_MCAST_LEAVE_GROUP(r0, 0x29, 0x2d, &(0x7f0000000380)={0x4, {{0xa, 0x4e22, 0x1, @remote, 0x23}}}, 0x88) 1m4.232045295s ago: executing program 3 (id=8842): r0 = fsopen(&(0x7f00000014c0)='proc\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0xa) fchdir(r1) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85) lseek(r2, 0xeb9, 0x1) getdents64(r2, 0x0, 0x4f) 1m4.231857378s ago: executing program 3 (id=8843): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, 0x0) ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f00000000c0)={'pcmda12\x00', [0x8001, 0x6, 0x1, 0x0, 0x0, 0xcc7, 0xc, 0x7, 0x200a, 0x100, 0x7, 0x0, 0x7, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x2, 0x40000003, 0x89, 0x4000002, 0xf27, 0xfffc, 0x7, 0x8, 0x5, 0x8, 0x4, 0x10000, 0xfffffff8]}) 1m4.16114635s ago: executing program 3 (id=8844): mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0) mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0) unshare(0x6020400) 1m4.161024432s ago: executing program 3 (id=8845): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000002c0), 0x4000, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',dfltgid=', @ANYRESHEX, @ANYBLOB=',']) 1m3.852196405s ago: executing program 3 (id=8849): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000080)=0x5, 0x4) 1m3.756371057s ago: executing program 41 (id=8849): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000080)=0x5, 0x4) 5.029563435s ago: executing program 2 (id=10450): r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000600)={0x5c, 0x12, 0x905, 0x70bd28, 0x25dfdbfe, {0x21, 0x9, 0xb, 0x0, {0x4e22, 0x4e26, [0xfffffffc, 0x923, 0x0, 0x6], [0x401, 0x4, 0x3, 0x2], 0x0, [0x10000, 0x2005]}, 0x31, 0x4}, [@INET_DIAG_REQ_BYTECODE={0x10, 0x1, "0714140002209c9523f92b00"}]}, 0x5c}, 0x1, 0x0, 0x0, 0x2000010}, 0x20000000) 4.983227201s ago: executing program 2 (id=10452): socket(0x2a, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x3f, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000e5373526a01edb"], 0x1c}, 0x1, 0x0, 0x0, 0x48050}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) recvmmsg$unix(r2, &(0x7f0000002380)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f00000002c0)=""/4096, 0x1000}], 0x1}}], 0x4000000000003b9, 0x26022, 0x0) 4.116161498s ago: executing program 2 (id=10458): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r0, 0x78, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0], 0x0, 0x5c, &(0x7f0000000480), 0x48, 0x10, &(0x7f0000000380), &(0x7f0000000500), 0x8, 0x70, 0x8, 0x8, &(0x7f0000000540)}}, 0x10) 4.086068795s ago: executing program 2 (id=10460): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000010000100feffffff00010000fe880000000000000000000000000001fc010000000000000000000000000001000107144e230005000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c0000007f000001000000000000000000000000000000000000000092010000000000000600000000000000ffff0000000000001c250800000000000200000000000000f8ff07000000ffff0000000000000000ffffffffffffffff00000000000000001f00000000000000feffffffffffffff02000000fcffffff000000002abd700004350000020001002000000000000000480003006465666c617465"], 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newsa={0x140, 0x1a, 0x1, 0xfffffffe, 0x100, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x71c, 0x4e23, 0x9, 0x0, 0x0, 0x80, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@rand_addr=0x64010102, {0x8000000000000004, 0x192, 0x9ba3, 0xffff, 0x8251c, 0x5, 0x1}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0xfffffffa, 0x3fc}, 0x80, 0x3500, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @XFRMA_SET_MARK={0x8, 0x1d, 0xfffffeff}]}, 0x140}}, 0x844) 4.025841917s ago: executing program 2 (id=10464): r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1f, 0x0, &(0x7f0000000000)) 3.973549798s ago: executing program 2 (id=10467): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) unlinkat(0xffffffffffffffff, 0x0, 0x200) 2.258813356s ago: executing program 4 (id=10528): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0xfffffffd, 0xa, 0x34324152, 0x7, 0x1, [{0x1fc, 0x4}, {0xdc5, 0x7ff}, {0x0, 0x5}, {0x8, 0x10000}, {0x1000, 0xcf}, {0x5, 0x6}, {0x1, 0x80000004}, {0x8003, 0x8000}], 0x27, 0x7, 0x2, 0x2, 0x1}}) 2.258669865s ago: executing program 4 (id=10529): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) keyctl$clear(0x3, 0xfffffffffffffffc) request_key(&(0x7f0000000080)='asymmetric\x00', &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)='@\x00', 0x0) 2.161740519s ago: executing program 4 (id=10530): sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000440)="7d717c1f8428", 0x6}], 0x1}}], 0x1, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40186f40, &(0x7f0000000440)=0x20000) 2.160948135s ago: executing program 4 (id=10532): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'wlan1\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={@loopback={0xfec0ffffffffffff}, 0x46, r4}) 1.543062126s ago: executing program 0 (id=10533): r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r0, 0x0, 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4) pipe(0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) shutdown(r1, 0x1) 1.458619645s ago: executing program 0 (id=10534): r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$restrict_keyring(0xa, r0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000280)='ed:\x00\x00\x00\x00') 1.458497775s ago: executing program 0 (id=10535): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000005c0)={0x24, 0x10, 0x1, 0x0, 0x25dfdbfe, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\x13\x00\x00'}, @typed={0x8, 0x0, 0x0, 0x0, @fd}, @nested={0x4, 0x12}]}, 0x24}], 0x1}, 0x0) 332.90653ms ago: executing program 4 (id=10536): write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) write$binfmt_script(r1, &(0x7f0000000000), 0x4) r4 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') openat$binfmt(0xffffffffffffff9c, r4, 0x42, 0x1ff) splice(r0, 0x0, r3, 0x0, 0x100000004, 0x0) 332.742587ms ago: executing program 5 (id=10537): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000bc0)=@updsa={0x13c, 0x1a, 0x1, 0x0, 0x0, {{@in=@dev={0xac, 0x14, 0x14, 0x35}, @in6=@empty}, {@in=@local, 0xfffffffe, 0x33}, @in6=@rand_addr=' \x01\x00', {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth_trunc={0x4c, 0x14, {{'crc32c-generic\x00'}, 0x0, 0x60}}]}, 0x13c}}, 0x0) 332.677908ms ago: executing program 0 (id=10538): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2241829, 0x0) 332.614955ms ago: executing program 4 (id=10539): r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000580)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000480)={0x44, &(0x7f00000000c0)={0x20, 0x11, 0x4, '.#,J'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 271.049105ms ago: executing program 5 (id=10540): write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='pstore\x00', 0x40, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) lstat(&(0x7f000000a5c0)='./file0\x00', &(0x7f000000a600)) 270.872821ms ago: executing program 0 (id=10541): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000001c08000640ffffff000800034000000028580000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000002c0003802800008008000340000000021c000280180002800800"], 0xec}}, 0x0) 217.706469ms ago: executing program 5 (id=10542): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r2 = syz_clone(0x2000100, 0x0, 0x0, 0x0, 0x0, 0x0) ioprio_set$pid(0x2, r2, 0x6000) 144.12107ms ago: executing program 5 (id=10543): write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4) r0 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000080)=@name={0x1e, 0x2, 0x2, {{0x42, 0x4000002}, 0x2}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000140)={0x42, 0xf5, 0x1}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r2, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10) close(r0) 144.003374ms ago: executing program 5 (id=10544): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000880), r0) sendmsg$IEEE802154_LLSEC_GETPARAMS(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000980)={0x20, r1, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4040000}, 0x4012) 49.28217ms ago: executing program 5 (id=10545): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket$packet(0x11, 0x2, 0x300) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_rx_ring(r1, 0x107, 0x5, 0x0, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x3, 0x8001}, 0x4) r3 = socket$netlink(0x10, 0x3, 0x4) write(r3, &(0x7f0000000040)='\'\x00\x00\x00', 0x4) 0s ago: executing program 0 (id=10546): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) socket$inet_tcp(0x2, 0x1, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0) sendmsg$IEEE802154_LLSEC_GETPARAMS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0x2800) ioctl$KVM_RUN(r3, 0xae80, 0x0) kernel console output (not intermixed with test programs): set [1, 0] type 2 family 0 port 6081 - 0 [ 502.313955][ T82] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 502.317067][ T82] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 502.372489][T25789] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 502.400518][ T5989] usb 12-1: new high-speed USB device number 2 using dummy_hcd [ 502.400895][ T1141] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.417632][T25789] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 502.435440][T25789] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 502.441598][T25789] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 502.459423][ T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 502.463811][ T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 502.502879][ T1141] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.510747][ T82] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 502.514050][ T82] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 502.557233][T25789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 502.559630][ T5989] usb 12-1: config index 0 descriptor too short (expected 23569, got 27) [ 502.575317][ T5989] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 502.576254][ T1141] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.582319][ T5989] usb 12-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 502.587989][ T5989] usb 12-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 502.596618][ T5989] usb 12-1: Manufacturer: syz [ 502.678060][ T5989] usb 12-1: config 0 descriptor?? [ 502.745921][ T1141] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 502.752924][T25789] 8021q: adding VLAN 0 to HW filter on device team0 [ 502.754203][ T5989] rc_core: IR keymap rc-hauppauge not found [ 502.760126][ T5989] Registered IR keymap rc-empty [ 502.762811][ T82] bridge0: port 1(bridge_slave_0) entered blocking state [ 502.765628][ T82] bridge0: port 1(bridge_slave_0) entered forwarding state [ 502.768953][ T5989] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/rc/rc0 [ 502.770678][ T82] bridge0: port 2(bridge_slave_1) entered blocking state [ 502.775560][ T82] bridge0: port 2(bridge_slave_1) entered forwarding state [ 502.776739][ T5989] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/rc/rc0/input112 [ 502.890048][ T5947] Bluetooth: hci3: command tx timeout [ 502.890218][ T6003] usb 12-1: USB disconnect, device number 2 [ 503.134260][T25789] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 503.245152][ T1141] bridge_slave_1: left allmulticast mode [ 503.248222][ T1141] bridge_slave_1: left promiscuous mode [ 503.251217][ T1141] bridge0: port 2(bridge_slave_1) entered disabled state [ 503.272790][ T1141] bridge_slave_0: left allmulticast mode [ 503.276788][ T1141] bridge_slave_0: left promiscuous mode [ 503.279057][ T1141] bridge0: port 1(bridge_slave_0) entered disabled state [ 503.736946][ T1141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 503.747700][ T1141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 503.756461][ T1141] bond0 (unregistering): Released all slaves [ 503.770113][ T5947] Bluetooth: hci0: command tx timeout [ 503.842481][T25789] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 504.770355][T25938] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(6) [ 504.773579][T25938] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 504.779399][T25938] vhci_hcd vhci_hcd.0: Device attached [ 504.809461][ T1141] hsr_slave_0: left promiscuous mode [ 504.813272][ T1141] hsr_slave_1: left promiscuous mode [ 504.816262][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 504.819529][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 504.848543][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 504.848567][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 504.897407][ T1141] veth1_macvtap: left promiscuous mode [ 504.900369][ T1141] veth0_macvtap: left promiscuous mode [ 504.902366][ T1141] veth1_vlan: left promiscuous mode [ 504.904689][ T1141] veth0_vlan: left promiscuous mode [ 504.981899][ T5947] Bluetooth: hci3: command tx timeout [ 505.039988][ T29] usb 52-1: SetAddress Request (2) to port 0 [ 505.042581][ T29] usb 52-1: new SuperSpeed USB device number 2 using vhci_hcd [ 505.223248][ T5989] usb 13-1: new high-speed USB device number 2 using dummy_hcd [ 505.432149][ T5989] usb 13-1: config index 0 descriptor too short (expected 23569, got 27) [ 505.436008][ T5989] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 505.441668][ T5989] usb 13-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 505.445867][ T5989] usb 13-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 505.449524][ T5989] usb 13-1: Manufacturer: syz [ 505.465409][ T5989] usb 13-1: config 0 descriptor?? [ 505.509962][ T5989] rc_core: IR keymap rc-hauppauge not found [ 505.512874][ T5989] Registered IR keymap rc-empty [ 505.516915][ T5989] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/rc/rc0 [ 505.525446][ T5989] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/rc/rc0/input113 [ 505.676172][ T6075] usb 13-1: USB disconnect, device number 2 [ 505.865836][ T1141] team0 (unregistering): Port device team_slave_1 removed [ 505.982390][ T1141] team0 (unregistering): Port device team_slave_0 removed [ 506.427208][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.429656][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.823998][T25789] veth0_vlan: entered promiscuous mode [ 506.830636][T25789] veth1_vlan: entered promiscuous mode [ 506.904848][T25789] veth0_macvtap: entered promiscuous mode [ 506.909317][T25789] veth1_macvtap: entered promiscuous mode [ 506.921286][T25789] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 506.934556][T25789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 506.942495][T23984] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.947597][T23984] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.963770][T23984] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 506.984422][T23984] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 507.037601][T23984] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 507.047866][T23984] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 507.051356][ T5946] Bluetooth: hci3: command tx timeout [ 507.104094][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 507.107294][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 507.619948][T25939] vhci_hcd: connection reset by peer [ 507.621931][ T82] vhci_hcd: stop threads [ 507.623521][ T82] vhci_hcd: release socket [ 507.625055][ T82] vhci_hcd: disconnect device [ 508.338469][T26014] netlink: 'syz.8.8356': attribute type 29 has an invalid length. [ 508.341992][T26014] netlink: 8 bytes leftover after parsing attributes in process `syz.8.8356'. [ 508.490031][ T5946] Bluetooth: hci2: command 0x0406 tx timeout [ 509.251672][ T1141] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 509.502757][ T1141] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 509.509755][ T5947] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 509.515895][ T5947] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 509.520325][ T5947] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 509.530746][ T5947] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 509.540106][ T5947] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 509.628293][ T1141] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 509.771790][ T1141] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 510.112343][ T29] usb 52-1: device descriptor read/8, error -110 [ 510.141769][T26053] chnl_net:caif_netlink_parms(): no params data found [ 510.285217][ T1141] bridge_slave_1: left allmulticast mode [ 510.287674][ T1141] bridge_slave_1: left promiscuous mode [ 510.291043][ T1141] bridge0: port 2(bridge_slave_1) entered disabled state [ 510.311107][ T1141] bridge_slave_0: left allmulticast mode [ 510.312988][ T1141] bridge_slave_0: left promiscuous mode [ 510.314936][ T1141] bridge0: port 1(bridge_slave_0) entered disabled state [ 510.605078][ T1141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 510.611574][ T1141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 510.616987][ T1141] bond0 (unregistering): Released all slaves [ 510.654974][T26085] netlink: 'syz.7.8359': attribute type 29 has an invalid length. [ 510.657723][T26085] netlink: 8 bytes leftover after parsing attributes in process `syz.7.8359'. [ 510.682221][ T29] usb usb52-port1: attempt power cycle [ 510.786704][T26053] bridge0: port 1(bridge_slave_0) entered blocking state [ 510.789620][T26053] bridge0: port 1(bridge_slave_0) entered disabled state [ 510.792705][T26053] bridge_slave_0: entered allmulticast mode [ 510.795474][T26053] bridge_slave_0: entered promiscuous mode [ 510.798760][T26053] bridge0: port 2(bridge_slave_1) entered blocking state [ 510.803145][T26053] bridge0: port 2(bridge_slave_1) entered disabled state [ 510.805765][T26053] bridge_slave_1: entered allmulticast mode [ 510.808599][T26053] bridge_slave_1: entered promiscuous mode [ 510.907155][T26053] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 510.917410][T26053] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 510.960163][T26053] team0: Port device team_slave_0 added [ 510.973020][T26053] team0: Port device team_slave_1 added [ 511.025686][T26053] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 511.028839][T26053] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 511.040756][T26053] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 511.050097][T26053] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 511.053603][T26053] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 511.066358][T26053] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 511.201108][T26053] hsr_slave_0: entered promiscuous mode [ 511.204820][T26053] hsr_slave_1: entered promiscuous mode [ 511.207904][T26053] debugfs: 'hsr0' already exists in 'hsr' [ 511.211157][T26053] Cannot create hsr debugfs directory [ 511.255357][ T1141] hsr_slave_0: left promiscuous mode [ 511.258356][ T1141] hsr_slave_1: left promiscuous mode [ 511.264663][ T29] usb usb52-port1: unable to enumerate USB device [ 511.268741][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 511.284031][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 511.290832][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 511.296274][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 511.425822][ T1141] veth1_macvtap: left promiscuous mode [ 511.427731][ T1141] veth0_macvtap: left promiscuous mode [ 511.429648][ T1141] veth1_vlan: left promiscuous mode [ 511.431788][ T1141] veth0_vlan: left promiscuous mode [ 511.509686][ T5946] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 511.515071][ T5946] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 511.518846][ T5946] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 511.522228][ T5946] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 511.524883][ T5946] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 511.610153][ T5947] Bluetooth: hci3: command tx timeout [ 512.442309][ T1141] team0 (unregistering): Port device team_slave_1 removed [ 512.558496][ T1141] team0 (unregistering): Port device team_slave_0 removed [ 513.523258][T26109] chnl_net:caif_netlink_parms(): no params data found [ 513.611704][ T5947] Bluetooth: hci0: command tx timeout [ 513.686487][T26109] bridge0: port 1(bridge_slave_0) entered blocking state [ 513.689254][T26109] bridge0: port 1(bridge_slave_0) entered disabled state [ 513.690188][ T5947] Bluetooth: hci3: command tx timeout [ 513.692429][T26109] bridge_slave_0: entered allmulticast mode [ 513.696701][T26109] bridge_slave_0: entered promiscuous mode [ 513.700632][T26109] bridge0: port 2(bridge_slave_1) entered blocking state [ 513.703539][T26109] bridge0: port 2(bridge_slave_1) entered disabled state [ 513.706029][T26109] bridge_slave_1: entered allmulticast mode [ 513.721652][T26109] bridge_slave_1: entered promiscuous mode [ 513.837299][T26109] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 513.852193][T26109] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 513.864355][ T5946] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 513.869704][ T5946] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 513.879412][ T5946] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 513.884430][ T5946] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 513.887637][ T5946] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 513.908360][T26109] team0: Port device team_slave_0 added [ 513.944145][T26109] team0: Port device team_slave_1 added [ 514.003386][T26109] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 514.006553][T26109] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 514.017793][T26109] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 514.024232][T26109] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 514.027247][T26109] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 514.038391][T26109] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 514.134162][T26109] hsr_slave_0: entered promiscuous mode [ 514.137494][T26109] hsr_slave_1: entered promiscuous mode [ 514.140816][T26109] debugfs: 'hsr0' already exists in 'hsr' [ 514.143327][T26109] Cannot create hsr debugfs directory [ 514.213201][ T1141] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 514.332539][ T1141] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 514.363218][T26053] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 514.412617][T26053] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 514.416920][T26053] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 514.422458][T26053] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 514.436876][ T1141] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 514.559596][ T1141] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 514.578314][T26150] chnl_net:caif_netlink_parms(): no params data found [ 514.811316][T26150] bridge0: port 1(bridge_slave_0) entered blocking state [ 514.814607][T26150] bridge0: port 1(bridge_slave_0) entered disabled state [ 514.817848][T26150] bridge_slave_0: entered allmulticast mode [ 514.823906][T26150] bridge_slave_0: entered promiscuous mode [ 514.828859][T26150] bridge0: port 2(bridge_slave_1) entered blocking state [ 514.837329][T26150] bridge0: port 2(bridge_slave_1) entered disabled state [ 514.840715][T26150] bridge_slave_1: entered allmulticast mode [ 514.845023][T26150] bridge_slave_1: entered promiscuous mode [ 514.943461][T26150] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 514.950500][T26150] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 515.014814][T26150] team0: Port device team_slave_0 added [ 515.018893][T26150] team0: Port device team_slave_1 added [ 515.076578][T26150] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 515.079654][T26150] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 515.091415][T26150] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 515.117781][ T1141] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 515.125040][T26150] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 515.128103][T26150] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 515.139521][T26150] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 515.195453][T26150] hsr_slave_0: entered promiscuous mode [ 515.197824][T26150] hsr_slave_1: entered promiscuous mode [ 515.200723][T26150] debugfs: 'hsr0' already exists in 'hsr' [ 515.203331][T26150] Cannot create hsr debugfs directory [ 515.222340][ T1141] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 515.328878][ T1141] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 515.362453][T26053] 8021q: adding VLAN 0 to HW filter on device bond0 [ 515.419471][T26053] 8021q: adding VLAN 0 to HW filter on device team0 [ 515.428698][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 515.431854][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 515.459282][ T1141] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 515.475851][T23984] bridge0: port 2(bridge_slave_1) entered blocking state [ 515.479097][T23984] bridge0: port 2(bridge_slave_1) entered forwarding state [ 515.631660][ T1141] bridge_slave_1: left allmulticast mode [ 515.636841][ T1141] bridge_slave_1: left promiscuous mode [ 515.639462][ T1141] bridge0: port 2(bridge_slave_1) entered disabled state [ 515.655753][ T1141] bridge_slave_0: left allmulticast mode [ 515.657912][ T1141] bridge_slave_0: left promiscuous mode [ 515.665431][ T1141] bridge0: port 1(bridge_slave_0) entered disabled state [ 515.687084][ T1141] bridge_slave_1: left allmulticast mode [ 515.690057][ T1141] bridge_slave_1: left promiscuous mode [ 515.690214][ T5947] Bluetooth: hci0: command tx timeout [ 515.692976][ T1141] bridge0: port 2(bridge_slave_1) entered disabled state [ 515.705353][ T1141] bridge_slave_0: left allmulticast mode [ 515.709782][ T1141] bridge_slave_0: left promiscuous mode [ 515.712156][ T1141] bridge0: port 1(bridge_slave_0) entered disabled state [ 515.770611][ T5947] Bluetooth: hci3: command tx timeout [ 515.930047][ T5947] Bluetooth: hci1: command tx timeout [ 516.039424][ T1141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 516.045711][ T1141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 516.051313][ T1141] bond0 (unregistering): Released all slaves [ 516.414342][ T1141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 516.424353][ T1141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 516.429144][ T1141] bond0 (unregistering): Released all slaves [ 516.456768][T26053] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 516.571962][T26053] veth0_vlan: entered promiscuous mode [ 516.587064][T26249] fuse: Bad value for 'fd' [ 516.622006][T26053] veth1_vlan: entered promiscuous mode [ 516.695248][T26109] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 516.705908][T26109] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 516.749312][T26109] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 516.760591][T26109] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 516.770513][T26053] veth0_macvtap: entered promiscuous mode [ 516.791410][T26053] veth1_macvtap: entered promiscuous mode [ 516.805928][T26053] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 516.818248][T26053] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 516.835958][T23984] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 516.838932][T23984] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 516.858630][T23984] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 516.866536][T23984] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 516.940249][T23984] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 516.944627][T23984] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 516.951317][T26109] 8021q: adding VLAN 0 to HW filter on device bond0 [ 516.964566][T23984] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 516.967442][T23984] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 516.969672][T26109] 8021q: adding VLAN 0 to HW filter on device team0 [ 516.983804][ T82] bridge0: port 1(bridge_slave_0) entered blocking state [ 516.986323][ T82] bridge0: port 1(bridge_slave_0) entered forwarding state [ 517.020647][T23984] bridge0: port 2(bridge_slave_1) entered blocking state [ 517.023638][T23984] bridge0: port 2(bridge_slave_1) entered forwarding state [ 517.106732][ T1141] hsr_slave_0: left promiscuous mode [ 517.108935][ T1141] hsr_slave_1: left promiscuous mode [ 517.113596][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 517.116146][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 517.118977][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 517.121817][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 517.128548][ T1141] hsr_slave_0: left promiscuous mode [ 517.136018][ T1141] hsr_slave_1: left promiscuous mode [ 517.138217][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 517.140927][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 517.146014][ T1141] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 517.148831][ T1141] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 517.199603][ T1141] veth1_macvtap: left promiscuous mode [ 517.201957][ T1141] veth0_macvtap: left promiscuous mode [ 517.204116][ T1141] veth1_vlan: left promiscuous mode [ 517.206130][ T1141] veth0_vlan: left promiscuous mode [ 517.209182][ T1141] veth1_macvtap: left promiscuous mode [ 517.211649][ T1141] veth0_macvtap: left promiscuous mode [ 517.213631][ T1141] veth1_vlan: left promiscuous mode [ 517.215835][ T1141] veth0_vlan: left promiscuous mode [ 517.771336][ T5947] Bluetooth: hci0: command tx timeout [ 517.852663][ T5947] Bluetooth: hci3: command tx timeout [ 518.010117][ T5947] Bluetooth: hci1: command tx timeout [ 518.096742][ T1141] team0 (unregistering): Port device team_slave_1 removed [ 518.176896][ T1141] team0 (unregistering): Port device team_slave_0 removed [ 519.650076][ T1141] team0 (unregistering): Port device team_slave_1 removed [ 519.753305][ T1141] team0 (unregistering): Port device team_slave_0 removed [ 519.851475][ T5947] Bluetooth: hci0: command tx timeout [ 520.089996][ T5947] Bluetooth: hci1: command tx timeout [ 520.462305][T26280] netlink: 'syz.3.8378': attribute type 29 has an invalid length. [ 520.465233][T26280] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8378'. [ 520.813154][T26109] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 520.822809][T26314] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 520.826044][T26314] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 520.836756][T26314] vhci_hcd vhci_hcd.0: Device attached [ 520.865690][T26109] veth0_vlan: entered promiscuous mode [ 520.876669][T26109] veth1_vlan: entered promiscuous mode [ 521.002646][T26150] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 521.009293][T26150] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 521.017947][T26150] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 521.025887][T26150] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 521.058344][T26109] veth0_macvtap: entered promiscuous mode [ 521.073789][T26109] veth1_macvtap: entered promiscuous mode [ 521.086357][T26109] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 521.092473][T26109] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 521.109684][ T433] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.109978][T20675] usb 44-1: SetAddress Request (2) to port 0 [ 521.115084][T20675] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd [ 521.117983][ T433] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.141262][ T433] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.144288][ T433] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.264223][ T433] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 521.267695][ T433] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 521.292711][T26150] 8021q: adding VLAN 0 to HW filter on device bond0 [ 521.299451][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 521.303249][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 521.311304][T26150] 8021q: adding VLAN 0 to HW filter on device team0 [ 521.319871][ T433] bridge0: port 1(bridge_slave_0) entered blocking state [ 521.322245][ T433] bridge0: port 1(bridge_slave_0) entered forwarding state [ 521.331129][ T82] bridge0: port 2(bridge_slave_1) entered blocking state [ 521.333521][ T82] bridge0: port 2(bridge_slave_1) entered forwarding state [ 521.494940][T26150] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 521.525765][T26150] veth0_vlan: entered promiscuous mode [ 521.532132][T26150] veth1_vlan: entered promiscuous mode [ 521.551035][T26315] vhci_hcd: connection reset by peer [ 521.572571][ T13] vhci_hcd: stop threads [ 521.573971][ T13] vhci_hcd: release socket [ 521.575422][ T13] vhci_hcd: disconnect device [ 521.588467][T26150] veth0_macvtap: entered promiscuous mode [ 521.596710][T26150] veth1_macvtap: entered promiscuous mode [ 521.625337][T26150] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 521.632841][T26150] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 521.641898][ T433] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.650142][ T1141] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.655989][ T1141] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.660499][ T1141] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 521.698849][T23984] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 521.708599][T23984] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 521.731893][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 521.734985][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 521.746048][T26357] fuse: Bad value for 'fd' [ 521.803657][T26360] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 521.805883][T26360] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 521.809315][T26360] vhci_hcd vhci_hcd.0: Device attached [ 522.180043][ T5947] Bluetooth: hci1: command tx timeout [ 522.257711][ T29] usb 38-1: SetAddress Request (6) to port 0 [ 522.280077][ T29] usb 38-1: new SuperSpeed USB device number 6 using vhci_hcd [ 523.208238][T26396] netlink: 'syz.2.8384': attribute type 29 has an invalid length. [ 523.212130][T26396] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8384'. [ 523.355137][ T40] kauditd_printk_skb: 10 callbacks suppressed [ 523.355157][ T40] audit: type=1326 audit(1763568427.166:3327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26397 comm="syz.3.8385" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x0 [ 523.728466][T26363] vhci_hcd: connection reset by peer [ 523.731530][ T1141] vhci_hcd: stop threads [ 523.733466][ T1141] vhci_hcd: release socket [ 523.739888][ T1141] vhci_hcd: disconnect device [ 524.121837][T26422] netlink: 'syz.2.8386': attribute type 29 has an invalid length. [ 524.125906][T26422] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8386'. [ 526.302401][T20675] usb 44-1: device descriptor read/8, error -110 [ 526.707446][ T40] audit: type=1326 audit(1763568430.526:3328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26501 comm="syz.4.8397" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x0 [ 526.810921][T20675] usb usb44-port1: attempt power cycle [ 527.339136][T26530] netlink: 'syz.3.8402': attribute type 29 has an invalid length. [ 527.341898][T26530] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8402'. [ 527.401318][T20675] usb usb44-port1: unable to enumerate USB device [ 528.010690][ T29] usb 38-1: device descriptor read/8, error -110 [ 528.430356][ T29] usb usb38-port1: attempt power cycle [ 529.210711][ T29] usb usb38-port1: unable to enumerate USB device [ 530.401998][T26636] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 530.404961][T26636] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 530.410838][T26636] vhci_hcd vhci_hcd.0: Device attached [ 530.701906][ T29] usb 42-1: SetAddress Request (14) to port 0 [ 530.705115][T26657] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8422'. [ 530.731424][ T29] usb 42-1: new SuperSpeed USB device number 14 using vhci_hcd [ 530.779264][T26663] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8424'. [ 530.982828][T26638] vhci_hcd: connection reset by peer [ 530.985914][ T1145] vhci_hcd: stop threads [ 530.987700][ T1145] vhci_hcd: release socket [ 530.989730][ T1145] vhci_hcd: disconnect device [ 531.619183][ T40] audit: type=1326 audit(1763568435.436:3329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26730 comm="syz.4.8440" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 531.631533][ T40] audit: type=1326 audit(1763568435.436:3330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26730 comm="syz.4.8440" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 531.642456][ T40] audit: type=1326 audit(1763568435.436:3331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26730 comm="syz.4.8440" exe="/syz-executor" sig=0 arch=40000003 syscall=71 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 531.647672][T26734] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8441'. [ 531.649598][ T40] audit: type=1326 audit(1763568435.436:3332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26730 comm="syz.4.8440" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 532.551611][T26816] tipc: Failed to remove unknown binding: 66,1,1/0:4139607381/4139607383 [ 532.556070][T26816] tipc: Failed to remove unknown binding: 66,1,1/0:4139607381/4139607383 [ 532.558902][T26816] tipc: Failed to remove unknown binding: 66,1,1/0:4139607381/4139607383 [ 534.955806][T26923] netlink: 48 bytes leftover after parsing attributes in process `syz.4.8502'. [ 535.071769][T26938] netlink: 32 bytes leftover after parsing attributes in process `syz.4.8510'. [ 535.075927][T26938] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8510'. [ 535.078905][T26938] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8510'. [ 535.603833][T26958] bridge0: entered allmulticast mode [ 535.606802][T26958] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8519'. [ 535.609713][T26958] bridge_slave_1: left allmulticast mode [ 535.612366][T26958] bridge_slave_1: left promiscuous mode [ 535.614723][T26958] bridge0: port 2(bridge_slave_1) entered disabled state [ 535.619380][T26958] bridge_slave_0: left allmulticast mode [ 535.621728][T26958] bridge_slave_0: left promiscuous mode [ 535.623681][T26958] bridge0: port 1(bridge_slave_0) entered disabled state [ 535.639069][T26958] bridge0 (unregistering): left allmulticast mode [ 535.770109][ T29] usb 42-1: device descriptor read/8, error -110 [ 535.908892][T26972] netlink: 'syz.0.8526': attribute type 33 has an invalid length. [ 535.913033][T26972] netlink: 152 bytes leftover after parsing attributes in process `syz.0.8526'. [ 536.109268][T26990] netlink: 160 bytes leftover after parsing attributes in process `syz.4.8535'. [ 536.113500][T26990] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 536.183033][ T29] usb usb42-port1: attempt power cycle [ 536.298103][T26998] Device name cannot be null; rc = [-22] [ 536.762354][ T29] usb usb42-port1: unable to enumerate USB device [ 537.235979][T27031] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8550'. [ 537.599484][ T40] audit: type=1326 audit(1763568441.416:3333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27050 comm="syz.4.8559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 537.608219][ T40] audit: type=1326 audit(1763568441.416:3334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27050 comm="syz.4.8559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 537.617185][ T40] audit: type=1326 audit(1763568441.426:3335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27050 comm="syz.4.8559" exe="/syz-executor" sig=0 arch=40000003 syscall=281 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 537.624795][ T40] audit: type=1326 audit(1763568441.426:3336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27050 comm="syz.4.8559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 537.631973][ T40] audit: type=1326 audit(1763568441.426:3337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27050 comm="syz.4.8559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 538.031361][T27079] sctp: [Deprecated]: syz.2.8570 (pid 27079) Use of int in maxseg socket option. [ 538.031361][T27079] Use struct sctp_assoc_value instead [ 539.054901][ T40] audit: type=1326 audit(1763568442.876:3338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27131 comm="syz.2.8594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 539.063407][ T40] audit: type=1326 audit(1763568442.876:3339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27131 comm="syz.2.8594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 539.072390][ T40] audit: type=1326 audit(1763568442.876:3340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27131 comm="syz.2.8594" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 539.081672][ T40] audit: type=1326 audit(1763568442.876:3341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27131 comm="syz.2.8594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 539.090783][ T40] audit: type=1326 audit(1763568442.876:3342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27131 comm="syz.2.8594" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 539.689782][T27155] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8603'. [ 540.493044][T27176] overlayfs: failed to clone upperpath [ 541.320880][T27202] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check. [ 541.538342][T27216] netlink: 264 bytes leftover after parsing attributes in process `syz.4.8630'. [ 542.228367][T27260] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8642'. [ 542.616847][T27297] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8653'. [ 543.771469][ T5947] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 543.775262][ T5947] Bluetooth: hci1: Injecting HCI hardware error event [ 543.780307][ T5947] Bluetooth: hci1: hardware error 0x00 [ 543.849285][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 543.849300][ T40] audit: type=1326 audit(1763568447.666:3357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27352 comm="syz.2.8659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 543.864001][ T40] audit: type=1326 audit(1763568447.666:3358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27352 comm="syz.2.8659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 543.874706][ T40] audit: type=1326 audit(1763568447.686:3359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27352 comm="syz.2.8659" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 543.884248][ T40] audit: type=1326 audit(1763568447.686:3360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27352 comm="syz.2.8659" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 544.231908][T27387] overlayfs: failed to clone upperpath [ 544.236042][T27387] overlayfs: failed to clone upperpath [ 544.603473][T27431] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 544.676928][T27442] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8689'. [ 544.681047][T27442] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 544.683801][T27442] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 544.687862][T27442] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 544.691177][T27442] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 544.967003][ T40] audit: type=1326 audit(1763568448.786:3361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27476 comm="syz.3.8700" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 544.975954][ T40] audit: type=1326 audit(1763568448.786:3362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27476 comm="syz.3.8700" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 544.986213][ T40] audit: type=1326 audit(1763568448.786:3363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27476 comm="syz.3.8700" exe="/syz-executor" sig=0 arch=40000003 syscall=47 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 544.993635][ T40] audit: type=1326 audit(1763568448.786:3364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27476 comm="syz.3.8700" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 544.995530][T27482] netlink: 184 bytes leftover after parsing attributes in process `syz.3.8702'. [ 545.004179][T27482] netlink: 180 bytes leftover after parsing attributes in process `syz.3.8702'. [ 545.113038][T27499] netlink: 96 bytes leftover after parsing attributes in process `syz.3.8707'. [ 545.860341][ T5947] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 545.929353][T27546] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8724'. [ 545.933477][T27546] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 545.936009][T27546] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 545.939253][T27546] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 545.946356][T27546] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 546.322311][ T5946] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 546.332695][ T5946] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 546.336116][ T5946] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 546.340509][ T5946] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 546.344239][ T5946] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 546.468647][T27557] chnl_net:caif_netlink_parms(): no params data found [ 546.522361][T27581] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8737'. [ 546.571363][T27581] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 546.574559][T27581] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 546.578459][T27581] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 546.582039][T27581] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 546.606659][T27557] bridge0: port 1(bridge_slave_0) entered blocking state [ 546.610116][T27557] bridge0: port 1(bridge_slave_0) entered disabled state [ 546.613360][T27557] bridge_slave_0: entered allmulticast mode [ 546.618200][T27557] bridge_slave_0: entered promiscuous mode [ 546.650662][ T46] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 546.664199][T27557] bridge0: port 2(bridge_slave_1) entered blocking state [ 546.667448][T27557] bridge0: port 2(bridge_slave_1) entered disabled state [ 546.673905][T27557] bridge_slave_1: entered allmulticast mode [ 546.677808][T27557] bridge_slave_1: entered promiscuous mode [ 546.746253][T27595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8743'. [ 546.751163][T27557] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 546.758780][T27557] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 546.847232][ T46] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 546.857738][T27557] team0: Port device team_slave_0 added [ 546.875300][T27557] team0: Port device team_slave_1 added [ 546.945747][T27557] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 546.948822][T27557] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 546.962442][T27557] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 546.978182][ T46] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 546.985046][T27557] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 546.988153][T27557] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 546.998690][T27557] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 547.055184][T27618] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 547.065128][T27557] hsr_slave_0: entered promiscuous mode [ 547.068510][T27557] hsr_slave_1: entered promiscuous mode [ 547.072670][T27557] debugfs: 'hsr0' already exists in 'hsr' [ 547.075168][T27557] Cannot create hsr debugfs directory [ 547.088696][ T46] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 547.206154][T27637] netlink: 392 bytes leftover after parsing attributes in process `syz.2.8762'. [ 547.351938][T27651] netlink: 100 bytes leftover after parsing attributes in process `syz.2.8768'. [ 547.396830][T27653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8769'. [ 547.401134][T27653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8769'. [ 547.405777][T27653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8769'. [ 548.215791][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 548.220482][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 548.224463][ T46] bond0 (unregistering): Released all slaves [ 548.326133][T27677] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8779'. [ 548.331117][T27680] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8780'. [ 548.334503][T27677] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8779'. [ 548.373281][ T46] tipc: Disabling bearer [ 548.381082][ T46] tipc: Left network mode [ 548.420323][ T5947] Bluetooth: hci4: command tx timeout [ 548.638822][ T46] hsr_slave_0: left promiscuous mode [ 548.643333][ T46] hsr_slave_1: left promiscuous mode [ 548.669537][ T46] veth1_macvtap: left promiscuous mode [ 548.673246][ T46] veth0_macvtap: left promiscuous mode [ 548.675201][ T46] veth1_vlan: left promiscuous mode [ 548.677078][ T46] veth0_vlan: left promiscuous mode [ 549.546622][ T46] team0 (unregistering): Port device team_slave_1 removed [ 549.652654][ T46] team0 (unregistering): Port device team_slave_0 removed [ 549.784856][T27736] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 549.787934][T27736] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 549.850947][T27743] tmpfs: Bad value for 'mpol' [ 549.882077][ T40] audit: type=1326 audit(1763568453.706:3365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27745 comm="syz.0.8806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000 [ 549.889452][ T40] audit: type=1326 audit(1763568453.706:3366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27745 comm="syz.0.8806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000 [ 549.896671][ T40] audit: type=1326 audit(1763568453.706:3367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27745 comm="syz.0.8806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000 [ 549.904056][ T40] audit: type=1326 audit(1763568453.706:3368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27745 comm="syz.0.8806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000 [ 549.912035][ T40] audit: type=1326 audit(1763568453.706:3369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27745 comm="syz.0.8806" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f67579 code=0x7ffc0000 [ 549.919800][ T40] audit: type=1326 audit(1763568453.706:3370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27745 comm="syz.0.8806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000 [ 549.928387][ T40] audit: type=1326 audit(1763568453.706:3371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27745 comm="syz.0.8806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000 [ 549.939921][ T40] audit: type=1326 audit(1763568453.706:3372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27745 comm="syz.0.8806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000 [ 549.947134][ T40] audit: type=1326 audit(1763568453.706:3373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27745 comm="syz.0.8806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f67579 code=0x7ffc0000 [ 549.954830][ T40] audit: type=1326 audit(1763568453.706:3374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27745 comm="syz.0.8806" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f67579 code=0x7ffc0000 [ 550.384159][T27754] bridge0: port 3(erspan0) entered blocking state [ 550.387162][T27754] bridge0: port 3(erspan0) entered disabled state [ 550.390020][T27754] erspan0: entered allmulticast mode [ 550.393747][T27754] erspan0: entered promiscuous mode [ 550.490029][ T5947] Bluetooth: hci4: command tx timeout [ 550.519655][T27557] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 550.524127][T27557] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 550.529151][T27557] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 550.543951][T27557] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 550.550678][T25671] IPVS: starting estimator thread 0... [ 550.600539][T27557] 8021q: adding VLAN 0 to HW filter on device bond0 [ 550.608769][T27557] 8021q: adding VLAN 0 to HW filter on device team0 [ 550.617121][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state [ 550.620229][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 550.636733][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 550.639912][T27777] IPVS: using max 44 ests per chain, 105600 per kthread [ 550.639963][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 550.680660][T27557] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 550.775156][T27557] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 550.931220][T27557] veth0_vlan: entered promiscuous mode [ 550.937900][T27819] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8825'. [ 550.938228][T27557] veth1_vlan: entered promiscuous mode [ 550.959502][T27557] veth0_macvtap: entered promiscuous mode [ 550.965111][T27557] veth1_macvtap: entered promiscuous mode [ 550.978609][T27557] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 550.988272][T27557] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 550.994875][ T1145] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 550.998333][ T1145] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 551.002174][ T1145] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 551.005875][ T1145] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 551.042552][ T1145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 551.045174][ T1145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 551.058526][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 551.062686][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 551.530059][T25798] usb 9-1: new high-speed USB device number 98 using dummy_hcd [ 551.680080][T25798] usb 9-1: Using ep0 maxpacket: 16 [ 551.683304][T25798] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 551.687114][T25798] usb 9-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 551.690367][T25798] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 551.696154][T25798] usb 9-1: config 0 descriptor?? [ 551.739354][ T82] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 551.830138][ T82] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 551.883252][ T82] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 551.964583][ T5946] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 551.968638][ T5946] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 551.973790][ T5946] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 551.978703][ T5946] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 551.981350][ T5946] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 551.986631][ T82] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 552.103005][T25798] usbhid 9-1:0.0: can't add hid device: -71 [ 552.105738][T25798] usbhid 9-1:0.0: probe with driver usbhid failed with error -71 [ 552.107822][T27871] chnl_net:caif_netlink_parms(): no params data found [ 552.109305][T25798] usb 9-1: USB disconnect, device number 98 [ 552.133286][T27879] netlink: 'syz.0.8852': attribute type 10 has an invalid length. [ 552.180104][ T82] bridge_slave_1: left allmulticast mode [ 552.182275][ T82] bridge_slave_1: left promiscuous mode [ 552.184286][ T82] bridge0: port 2(bridge_slave_1) entered disabled state [ 552.187995][ T82] bridge_slave_0: left allmulticast mode [ 552.191205][ T82] bridge_slave_0: left promiscuous mode [ 552.193149][ T82] bridge0: port 1(bridge_slave_0) entered disabled state [ 552.476571][ T82] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 552.484622][ T82] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 552.489719][ T82] bond0 (unregistering): Released all slaves [ 552.551657][T27871] bridge0: port 1(bridge_slave_0) entered blocking state [ 552.554340][T27871] bridge0: port 1(bridge_slave_0) entered disabled state [ 552.556773][T27871] bridge_slave_0: entered allmulticast mode [ 552.563019][T27871] bridge_slave_0: entered promiscuous mode [ 552.573591][T27871] bridge0: port 2(bridge_slave_1) entered blocking state [ 552.576788][T27871] bridge0: port 2(bridge_slave_1) entered disabled state [ 552.580173][ T5947] Bluetooth: hci4: command tx timeout [ 552.582792][T27871] bridge_slave_1: entered allmulticast mode [ 552.586774][T27871] bridge_slave_1: entered promiscuous mode [ 552.632685][T27912] __nla_validate_parse: 1 callbacks suppressed [ 552.632698][T27912] netlink: 20 bytes leftover after parsing attributes in process `syz.0.8867'. [ 552.668801][T27871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 552.674654][T27871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 552.719464][T27871] team0: Port device team_slave_0 added [ 552.726468][T27871] team0: Port device team_slave_1 added [ 552.846214][T27871] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 552.848580][T27871] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 552.858036][T27871] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 552.864271][T27871] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 552.866765][T27871] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 552.876752][T27871] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 552.907944][ T82] hsr_slave_0: left promiscuous mode [ 552.912219][ T82] hsr_slave_1: left promiscuous mode [ 552.962134][ T82] veth1_macvtap: left promiscuous mode [ 552.964072][ T82] veth0_macvtap: left promiscuous mode [ 552.966086][ T82] veth1_vlan: left promiscuous mode [ 552.968052][ T82] veth0_vlan: left promiscuous mode [ 553.739927][ T82] team0 (unregistering): Port device team_slave_1 removed [ 553.817450][ T82] team0 (unregistering): Port device team_slave_0 removed [ 554.020556][ T5947] Bluetooth: hci2: command tx timeout [ 554.398861][T27957] kthread_run failed with err -4 [ 554.447449][T27871] hsr_slave_0: entered promiscuous mode [ 554.449762][T27871] hsr_slave_1: entered promiscuous mode [ 554.453830][T27871] debugfs: 'hsr0' already exists in 'hsr' [ 554.455863][T27871] Cannot create hsr debugfs directory [ 554.648603][T27987] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8898'. [ 554.650073][ T5947] Bluetooth: hci4: command tx timeout [ 554.673653][ T82] IPVS: stop unused estimator thread 0... [ 554.889134][T28013] loop5: detected capacity change from 0 to 7 [ 554.955035][ T40] kauditd_printk_skb: 20 callbacks suppressed [ 554.955046][ T40] audit: type=1326 audit(1763568458.776:3395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27997 comm="syz.2.8901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 554.965053][ T40] audit: type=1326 audit(1763568458.776:3396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27997 comm="syz.2.8901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 554.979931][ T40] audit: type=1326 audit(1763568458.776:3397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27997 comm="syz.2.8901" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 554.986895][ T40] audit: type=1326 audit(1763568458.776:3398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27997 comm="syz.2.8901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 554.994473][ T40] audit: type=1326 audit(1763568458.776:3399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27997 comm="syz.2.8901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 555.001801][ T40] audit: type=1326 audit(1763568458.776:3400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27997 comm="syz.2.8901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 555.009755][ T40] audit: type=1326 audit(1763568458.776:3401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27997 comm="syz.2.8901" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 555.022843][ T40] audit: type=1326 audit(1763568458.776:3402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27997 comm="syz.2.8901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 555.030264][ T40] audit: type=1326 audit(1763568458.776:3403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27997 comm="syz.2.8901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 555.037293][ T40] audit: type=1326 audit(1763568458.776:3404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27997 comm="syz.2.8901" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 555.055077][T28013] Dev loop5: unable to read RDB block 7 [ 555.062002][T28013] loop5: unable to read partition table [ 555.065077][T28013] loop5: partition table beyond EOD, truncated [ 555.070115][T28013] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5) [ 555.277327][T27871] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 555.283764][T27871] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 555.287974][T27871] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 555.299195][T27871] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 555.371070][T27871] 8021q: adding VLAN 0 to HW filter on device bond0 [ 555.394151][T27871] 8021q: adding VLAN 0 to HW filter on device team0 [ 555.405260][ T82] bridge0: port 1(bridge_slave_0) entered blocking state [ 555.407651][ T82] bridge0: port 1(bridge_slave_0) entered forwarding state [ 555.416735][ T82] bridge0: port 2(bridge_slave_1) entered blocking state [ 555.419135][ T82] bridge0: port 2(bridge_slave_1) entered forwarding state [ 555.615417][T27871] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 555.621218][T28035] 9pnet_fd: Insufficient options for proto=fd [ 555.786572][T27871] veth0_vlan: entered promiscuous mode [ 555.791696][T27871] veth1_vlan: entered promiscuous mode [ 555.806862][T27871] veth0_macvtap: entered promiscuous mode [ 555.813042][T27871] veth1_macvtap: entered promiscuous mode [ 555.821780][T27871] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 555.828165][T27871] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 555.835398][ T1141] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 555.838388][ T1141] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 555.842411][ T1141] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 555.845530][ T1141] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 555.888368][ T82] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 555.898744][ T82] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 555.913590][ T82] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 555.916252][ T82] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 556.071507][T28106] trusted_key: encrypted_key: master key parameter '' is invalid [ 556.089912][ T5947] Bluetooth: hci2: command tx timeout [ 556.121948][T28114] netlink: 'syz.0.8924': attribute type 10 has an invalid length. [ 556.273810][T28141] netlink: 24 bytes leftover after parsing attributes in process `syz.2.8934'. [ 556.338250][T28151] netlink: 64 bytes leftover after parsing attributes in process `syz.4.8935'. [ 556.456631][T28165] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8941'. [ 556.459740][T28165] netlink: 52 bytes leftover after parsing attributes in process `syz.0.8941'. [ 556.593004][T28179] sp0: Synchronizing with TNC [ 556.959099][T28225] bond1: option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 556.965167][T28225] bond1 (unregistering): Released all slaves [ 557.660546][T28271] mac80211_hwsim hwsim48 wlan0: entered promiscuous mode [ 557.981870][T28313] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8998'. [ 558.180035][ T5947] Bluetooth: hci2: command tx timeout [ 558.214028][T28338] batadv_slave_1: entered promiscuous mode [ 558.216376][T28337] batadv_slave_1: left promiscuous mode [ 558.250245][T28340] fuse: Bad value for 'user_id' [ 558.251848][T28340] fuse: Bad value for 'user_id' [ 558.352075][T28350] bpf: Bad value for 'uid' [ 558.739371][T28386] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9033'. [ 558.871210][T28402] 9pnet_fd: Insufficient options for proto=fd [ 559.000035][T25795] usb 9-1: new high-speed USB device number 99 using dummy_hcd [ 559.169917][T25795] usb 9-1: Using ep0 maxpacket: 8 [ 559.180745][T25795] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 559.184088][T25795] usb 9-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 559.190060][T25795] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 559.193061][T25795] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 559.195643][T25795] usb 9-1: SerialNumber: syz [ 559.211213][T25795] usb 9-1: bad CDC descriptors [ 559.213164][T25795] usb-storage 9-1:1.0: USB Mass Storage device detected [ 559.216940][T25795] usb-storage 9-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 559.414218][T25671] usb 9-1: USB disconnect, device number 99 [ 560.054851][T28444] netlink: 120 bytes leftover after parsing attributes in process `syz.2.9057'. [ 560.058857][T28444] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9057'. [ 560.135499][T28453] bridge0: port 3(erspan0) entered blocking state [ 560.137899][T28453] bridge0: port 3(erspan0) entered forwarding state [ 560.163389][T28453] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 560.176132][T28454] IPVS: Error connecting to the multicast addr [ 560.220221][T25671] usb 9-1: new high-speed USB device number 100 using dummy_hcd [ 560.250134][ T5947] Bluetooth: hci2: command tx timeout [ 560.389908][T25671] usb 9-1: Using ep0 maxpacket: 32 [ 560.393091][T25671] usb 9-1: config 8 has an invalid interface number: 203 but max is 0 [ 560.395757][T25671] usb 9-1: config 8 has no interface number 0 [ 560.397779][T25671] usb 9-1: config 8 interface 203 has no altsetting 0 [ 560.401619][T25671] usb 9-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a [ 560.404604][T25671] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 560.407215][T25671] usb 9-1: Product: syz [ 560.408609][T25671] usb 9-1: Manufacturer: syz [ 560.411066][T25671] usb 9-1: SerialNumber: syz [ 560.619948][T25671] port100 9-1:8.203: NFC: Could not find bulk-in or bulk-out endpoint [ 560.625490][T25671] usb 9-1: USB disconnect, device number 100 [ 561.293962][T28500] netlink: 392 bytes leftover after parsing attributes in process `syz.5.9080'. [ 561.619950][T25671] usb 5-1: new full-speed USB device number 92 using dummy_hcd [ 561.774021][T25671] usb 5-1: unable to get BOS descriptor or descriptor too short [ 561.782917][T25671] usb 5-1: not running at top speed; connect to a high speed hub [ 561.788593][T25671] usb 5-1: config 1 has an invalid descriptor of length 152, skipping remainder of the config [ 561.803095][T25671] usb 5-1: config 1 interface 0 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 561.821606][T25671] usb 5-1: config 1 interface 0 has no altsetting 0 [ 561.832988][T25671] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 561.837241][T25671] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 561.841074][T25671] usb 5-1: Product: á [ 561.842919][T25671] usb 5-1: Manufacturer: Щ [ 562.054043][T25671] usb 5-1: bad CDC descriptors [ 562.059285][T25671] usb 5-1: USB disconnect, device number 92 [ 562.313850][T28531] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9093'. [ 562.533184][T28552] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9102'. [ 562.656847][T28566] 9p: Unknown uid 00000000004294967295 [ 562.719548][T28573] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9112'. [ 562.945888][ T56] kernel write not supported for file [eventfd] (pid: 56 comm: kworker/3:1) [ 563.509876][T28625] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9134'. [ 563.887968][T28648] Unsupported ieee802154 address type: 0 [ 563.896480][T28652] macvlan0: entered promiscuous mode [ 563.929128][T28654] netlink: 52 bytes leftover after parsing attributes in process `syz.2.9148'. [ 564.129123][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 564.129134][ T40] audit: type=1326 audit(1763568467.946:3407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28676 comm="syz.4.9157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 564.143050][ T40] audit: type=1326 audit(1763568467.946:3408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28676 comm="syz.4.9157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 564.154959][ T40] audit: type=1326 audit(1763568467.956:3409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28676 comm="syz.4.9157" exe="/syz-executor" sig=0 arch=40000003 syscall=168 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 564.162129][ T40] audit: type=1326 audit(1763568467.966:3410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28676 comm="syz.4.9157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 564.175443][ T40] audit: type=1326 audit(1763568467.966:3411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28676 comm="syz.4.9157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 564.184988][ T40] audit: type=1326 audit(1763568467.966:3412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28676 comm="syz.4.9157" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 564.195043][ T40] audit: type=1326 audit(1763568467.966:3413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28676 comm="syz.4.9157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 564.204586][ T40] audit: type=1326 audit(1763568467.966:3414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28676 comm="syz.4.9157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 564.214988][ T40] audit: type=1326 audit(1763568467.966:3415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28676 comm="syz.4.9157" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 564.224093][ T40] audit: type=1326 audit(1763568467.966:3416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28676 comm="syz.4.9157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 564.928431][T28751] .N: renamed from veth0_to_bond (while UP) [ 565.154933][T28782] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9206'. [ 565.379896][ T6002] usb 5-1: new full-speed USB device number 93 using dummy_hcd [ 565.471970][T28810] macsec0: entered promiscuous mode [ 565.473853][T28810] macsec0: entered allmulticast mode [ 565.475591][T28810] veth1_macvtap: entered allmulticast mode [ 565.531028][ T6002] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 565.535203][ T6002] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 565.539492][ T6002] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64 [ 565.543426][ T6002] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 565.548727][ T6002] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 565.552303][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 565.562254][T28776] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 565.574109][ T6002] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 565.578755][ T6002] usb 5-1: invalid MIDI out EP 0 [ 565.652851][ T6002] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 565.770744][T25798] usb 5-1: USB disconnect, device number 93 [ 565.948375][T28842] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9233'. [ 566.021569][T28849] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 566.056156][T28851] netlink: 80 bytes leftover after parsing attributes in process `syz.5.9237'. [ 566.135183][T28857] GUP no longer grows the stack in syz.4.9240 (28857): 80005000-80008000 (80004000) [ 566.139726][T28857] CPU: 3 UID: 0 PID: 28857 Comm: syz.4.9240 Not tainted syzkaller #0 PREEMPT(full) [ 566.139753][T28857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 566.139765][T28857] Call Trace: [ 566.139773][T28857] [ 566.139781][T28857] dump_stack_lvl+0x16c/0x1f0 [ 566.139827][T28857] gup_vma_lookup+0x1d2/0x220 [ 566.139855][T28857] fixup_user_fault+0x26e/0x540 [ 566.139882][T28857] ? futex_lock_pi+0x678/0x7c0 [ 566.139914][T28857] fault_in_user_writeable+0x70/0xe0 [ 566.139940][T28857] futex_lock_pi+0x681/0x7c0 [ 566.139973][T28857] ? __pfx_futex_lock_pi+0x10/0x10 [ 566.139998][T28857] ? preempt_schedule_common+0x44/0xc0 [ 566.140023][T28857] ? preempt_schedule_thunk+0x16/0x30 [ 566.140063][T28857] ? __pfx_try_to_wake_up+0x10/0x10 [ 566.140088][T28857] ? futex_private_hash_put+0xd5/0x190 [ 566.140116][T28857] ? __pfx_futex_wake_mark+0x10/0x10 [ 566.140150][T28857] ? __pfx_userfaultfd_unmap_complete+0x10/0x10 [ 566.140181][T28857] do_futex+0x11a/0x350 [ 566.140206][T28857] ? __pfx_do_futex+0x10/0x10 [ 566.140235][T28857] ? __vm_munmap+0x1d2/0x380 [ 566.140261][T28857] __ia32_sys_futex_time32+0x1d9/0x460 [ 566.140293][T28857] ? __pfx___ia32_sys_futex_time32+0x10/0x10 [ 566.140320][T28857] ? xfd_validate_state+0x61/0x180 [ 566.140352][T28857] ? rcu_is_watching+0x12/0xc0 [ 566.140377][T28857] __do_fast_syscall_32+0x7c/0x300 [ 566.140406][T28857] do_fast_syscall_32+0x32/0x80 [ 566.140436][T28857] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 566.140459][T28857] RIP: 0023:0xf708d579 [ 566.140475][T28857] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 566.140493][T28857] RSP: 002b:00000000f547d55c EFLAGS: 00000296 ORIG_RAX: 00000000000000f0 [ 566.140514][T28857] RAX: ffffffffffffffda RBX: 0000000080004000 RCX: 000000000000008d [ 566.140526][T28857] RDX: 00000000fffffffd RSI: 0000000000000000 RDI: 0000000000000000 [ 566.140537][T28857] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 566.140546][T28857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 566.140556][T28857] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 566.140597][T28857] [ 566.733904][T28925] netlink: 'syz.0.9269': attribute type 12 has an invalid length. [ 567.853374][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 567.856138][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 567.893485][T28998] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9293'. [ 568.093522][ T6022] usb 5-1: new high-speed USB device number 94 using dummy_hcd [ 568.249909][ T6022] usb 5-1: Using ep0 maxpacket: 8 [ 568.253045][ T6022] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 568.259326][ T6022] usb 5-1: config 179 has no interface number 0 [ 568.262181][ T6022] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 568.266584][ T6022] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 568.270977][ T6022] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 568.274716][ T6022] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 568.280815][ T6022] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 568.285175][ T6022] usb 5-1: config 179 interface 65 has no altsetting 0 [ 568.287513][ T6022] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 568.290537][ T6022] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 568.304672][ T6022] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:179.65/input/input115 [ 568.379694][T29008] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9298'. [ 568.385208][T29008] veth1_macvtap: left promiscuous mode [ 568.508997][ T6075] usb 5-1: USB disconnect, device number 94 [ 568.631501][T29013] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9300'. [ 569.007585][T29034] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9310'. [ 569.156748][T29043] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9314'. [ 569.214054][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 569.214065][ T40] audit: type=1326 audit(1763568473.036:3434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29048 comm="syz.2.9317" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 569.225538][ T40] audit: type=1326 audit(1763568473.036:3435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29048 comm="syz.2.9317" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 569.227368][T29043] team0: Port device team_slave_1 removed [ 569.236168][ T40] audit: type=1326 audit(1763568473.036:3436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29048 comm="syz.2.9317" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 569.246166][ T40] audit: type=1326 audit(1763568473.036:3437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29048 comm="syz.2.9317" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 569.255035][ T40] audit: type=1326 audit(1763568473.036:3438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29048 comm="syz.2.9317" exe="/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 569.263556][ T40] audit: type=1326 audit(1763568473.046:3439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29048 comm="syz.2.9317" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 569.271399][ T40] audit: type=1326 audit(1763568473.046:3440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29048 comm="syz.2.9317" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 569.279731][ T40] audit: type=1326 audit(1763568473.056:3441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29048 comm="syz.2.9317" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 569.288426][ T40] audit: type=1326 audit(1763568473.056:3442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29048 comm="syz.2.9317" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 569.405484][T29067] tipc: Enabling of bearer rejected, failed to enable media [ 569.674759][T29095] netlink: 'syz.0.9339': attribute type 6 has an invalid length. [ 569.678017][T29095] netlink: 'syz.0.9339': attribute type 7 has an invalid length. [ 569.681675][T29095] netlink: 'syz.0.9339': attribute type 8 has an invalid length. [ 571.949772][T29181] netlink: 964 bytes leftover after parsing attributes in process `syz.2.9375'. [ 572.230718][T29198] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 572.234397][T29198] overlayfs: missing 'lowerdir' [ 572.787792][ T40] audit: type=1326 audit(1763568476.606:3443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29233 comm="syz.4.9397" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 572.925882][ T6075] usb 5-1: new high-speed USB device number 95 using dummy_hcd [ 573.097067][ T6075] usb 5-1: Using ep0 maxpacket: 32 [ 573.100448][ T6075] usb 5-1: config 11 has an invalid interface number: 28 but max is 0 [ 573.103197][ T6075] usb 5-1: config 11 has an invalid descriptor of length 110, skipping remainder of the config [ 573.106891][ T6075] usb 5-1: config 11 has no interface number 0 [ 573.108943][ T6075] usb 5-1: config 11 interface 28 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 573.113569][ T6075] usb 5-1: config 11 interface 28 has no altsetting 0 [ 573.119057][ T6075] usb 5-1: New USB device found, idVendor=05f9, idProduct=ffff, bcdDevice=a8.08 [ 573.122856][ T6075] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 573.126471][ T6075] usb 5-1: Product: syz [ 573.128256][ T6075] usb 5-1: Manufacturer: syz [ 573.129986][ T6075] usb 5-1: SerialNumber: syz [ 573.331451][ T6075] usbserial_generic 5-1:11.28: The "generic" usb-serial driver is only for testing and one-off prototypes. [ 573.336112][ T6075] usbserial_generic 5-1:11.28: Tell linux-usb@vger.kernel.org to add your device to a proper driver. [ 573.339805][ T6075] usbserial_generic 5-1:11.28: device has no bulk endpoints [ 573.342526][ T6075] safe_serial 5-1:11.28: safe_serial converter detected [ 573.345137][ T6075] safe_serial 5-1:11.28: probe with driver safe_serial failed with error -22 [ 573.352303][ T6075] usb 5-1: USB disconnect, device number 95 [ 573.361554][T29255] netlink: 'syz.5.9405': attribute type 5 has an invalid length. [ 573.467759][T29263] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9409'. [ 573.498438][T29267] fuse: Bad value for 'rootmode' [ 573.682724][T29279] netlink: 136 bytes leftover after parsing attributes in process `syz.2.9417'. [ 573.699956][T29281] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9418'. [ 573.823496][T29295] fuse: Bad value for 'user_id' [ 573.825140][T29295] fuse: Bad value for 'user_id' [ 573.861553][T29299] netlink: 'syz.2.9427': attribute type 4 has an invalid length. [ 573.864800][T29299] netlink: 'syz.2.9427': attribute type 5 has an invalid length. [ 573.868006][T29299] netlink: 'syz.2.9427': attribute type 1 has an invalid length. [ 574.011864][ T6075] usb 10-1: new full-speed USB device number 7 using dummy_hcd [ 574.014635][T29314] overlayfs: missing 'lowerdir' [ 574.043932][T29318] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9436'. [ 574.075106][T29321] 9pnet_fd: Insufficient options for proto=fd [ 574.156332][ T6075] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 574.160534][ T6075] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C [ 574.165583][ T6075] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 10 [ 574.169926][ T6075] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8C has invalid wMaxPacketSize 0 [ 574.174184][ T6075] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 574.181208][ T6075] usb 10-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f [ 574.185864][ T6075] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 574.189218][ T6075] usb 10-1: Product: syz [ 574.191063][ T6075] usb 10-1: Manufacturer: syz [ 574.193437][ T6075] usb 10-1: SerialNumber: syz [ 574.197480][ T6075] usb 10-1: config 0 descriptor?? [ 574.203530][ T6075] xbox_remote_probe: endpoint_in message size==0? [ 574.398759][T24294] usb 10-1: USB disconnect, device number 7 [ 574.453282][T29332] netlink: 96 bytes leftover after parsing attributes in process `syz.0.9441'. [ 574.806573][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 574.806584][ T40] audit: type=1326 audit(1763569246.728:3447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29382 comm="syz.4.9467" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 574.815822][ T40] audit: type=1326 audit(1763569246.728:3448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29382 comm="syz.4.9467" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 574.823307][ T40] audit: type=1326 audit(1763569246.728:3449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29382 comm="syz.4.9467" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 574.830323][ T40] audit: type=1326 audit(1763569246.728:3450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29382 comm="syz.4.9467" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 575.055472][T29409] netlink: 'syz.0.9478': attribute type 2 has an invalid length. [ 575.091895][T29414] Bluetooth: MGMT ver 1.23 [ 575.127040][T29418] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9483'. [ 575.225028][T29422] tmpfs: Bad value for 'mpol' [ 575.345065][T25664] usb 10-1: new high-speed USB device number 8 using dummy_hcd [ 575.499295][T25664] usb 10-1: Using ep0 maxpacket: 32 [ 575.504349][T25664] usb 10-1: config index 0 descriptor too short (expected 29220, got 36) [ 575.509067][T25664] usb 10-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 575.512861][T25664] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 575.518013][T25664] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 575.522802][T25664] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 575.527543][T25664] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 575.533271][T25664] usb 10-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 575.538478][T25664] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 575.549855][T25664] usb 10-1: config 0 descriptor?? [ 575.556566][ T6075] usb 9-1: new high-speed USB device number 101 using dummy_hcd [ 575.700220][ T6075] usb 9-1: Using ep0 maxpacket: 32 [ 575.703281][ T6075] usb 9-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 575.706220][ T6075] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 575.711262][ T6075] usb 9-1: config 0 descriptor?? [ 575.746562][T25664] usblp 10-1:0.0: usblp0: USB Bidirectional printer dev 8 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 575.753533][T25664] usb 10-1: USB disconnect, device number 8 [ 575.762686][T25664] usblp0: removed [ 576.099922][ C0] raw-gadget.1 gadget.4: ignoring, device is not running [ 576.102547][ C0] raw-gadget.1 gadget.4: ignoring, device is not running [ 576.105263][ T6075] usbhid 9-1:0.0: can't add hid device: -71 [ 576.112524][ T6075] usbhid 9-1:0.0: probe with driver usbhid failed with error -71 [ 576.117128][ T6075] usb 9-1: USB disconnect, device number 101 [ 576.183804][T25664] usb 10-1: new high-speed USB device number 9 using dummy_hcd [ 576.326820][T25664] usb 10-1: Using ep0 maxpacket: 32 [ 576.330237][T25664] usb 10-1: config index 0 descriptor too short (expected 29220, got 36) [ 576.333054][T25664] usb 10-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 576.336075][T25664] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 576.338992][T25664] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 576.342119][T25664] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 576.345284][T25664] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 576.350220][T25664] usb 10-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 576.353352][T25664] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 576.357893][T25664] usb 10-1: config 0 descriptor?? [ 576.559061][T25664] usblp 10-1:0.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 576.795710][T29480] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9510'. [ 576.799190][T29480] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9510'. [ 576.894823][ T56] usb 10-1: USB disconnect, device number 9 [ 577.004717][ T40] audit: type=1326 audit(1763569249.038:3451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29501 comm="syz.2.9521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 577.011819][ T40] audit: type=1326 audit(1763569249.038:3452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29501 comm="syz.2.9521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 577.019949][ T40] audit: type=1326 audit(1763569249.038:3453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29501 comm="syz.2.9521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 577.027907][ T40] audit: type=1326 audit(1763569249.038:3454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29501 comm="syz.2.9521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 577.036843][ T40] audit: type=1326 audit(1763569249.038:3455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29501 comm="syz.2.9521" exe="/syz-executor" sig=0 arch=40000003 syscall=226 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 577.046165][ T40] audit: type=1326 audit(1763569249.038:3456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29501 comm="syz.2.9521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 577.098554][T29415] usblp0: removed [ 577.283974][T29540] random: crng reseeded on system resumption [ 577.329111][T29545] loop2: detected capacity change from 0 to 3 [ 577.336963][T29545] Dev loop2: unable to read RDB block 3 [ 577.338954][T29545] loop2: AHDI p1 p2 p3 [ 577.340492][T29545] loop2: partition table partially beyond EOD, truncated [ 577.343361][T29545] loop2: p1 start 1601398130 is beyond EOD, truncated [ 577.347306][T29545] loop2: p2 start 1702059890 is beyond EOD, truncated [ 577.380092][T29548] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9543'. [ 577.474005][T29559] netlink: 'syz.4.9548': attribute type 16 has an invalid length. [ 577.477309][T29559] netlink: 64122 bytes leftover after parsing attributes in process `syz.4.9548'. [ 577.511150][T29562] netlink: 128 bytes leftover after parsing attributes in process `syz.0.9549'. [ 577.911509][T29594] veth0_macvtap: left promiscuous mode [ 578.219692][T29622] sit0: entered promiscuous mode [ 578.230686][T29622] netlink: 'syz.2.9579': attribute type 1 has an invalid length. [ 578.303048][ T5947] Bluetooth: hci2: unexpected event 0x09 length: 4 > 3 [ 579.636035][T29662] __nla_validate_parse: 5 callbacks suppressed [ 579.636047][T29662] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9595'. [ 579.692445][T29669] usb 1-1: USB disconnect, device number 2 [ 580.058594][T29698] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9610'. [ 580.101125][T29699] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9609'. [ 580.107295][T29699] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9609'. [ 580.584501][ T6004] usb 10-1: new full-speed USB device number 10 using dummy_hcd [ 580.756255][ T6004] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 580.761194][ T6004] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 580.766592][ T6004] usb 10-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 580.773134][ T6004] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40 [ 580.777828][ T6004] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 580.781196][ T6004] usb 10-1: SerialNumber: syz [ 580.787861][ T6004] cdc_ether 10-1:1.0: probe with driver cdc_ether failed with error -22 [ 580.790704][ T6004] usb-storage 10-1:1.0: USB Mass Storage device detected [ 580.795290][ T6004] usb-storage 10-1:1.0: Quirks match for vid 0525 pid a4a5: 10000 [ 580.980019][T25664] usb 10-1: USB disconnect, device number 10 [ 581.085232][T29749] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9632'. [ 581.327388][ T56] usb 9-1: new high-speed USB device number 102 using dummy_hcd [ 581.332300][T29760] sit0: left promiscuous mode [ 581.373529][T29760] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 581.469918][ T56] usb 9-1: Using ep0 maxpacket: 32 [ 581.474253][ T56] usb 9-1: config index 0 descriptor too short (expected 29220, got 36) [ 581.489088][ T56] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 581.492881][ T56] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 581.497543][ T56] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 581.505462][ T56] usb 9-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 581.510596][ T56] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 581.516571][ T56] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 581.522333][ T56] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 581.535822][ T56] usb 9-1: config 0 descriptor?? [ 581.741765][ T56] usb 9-1: USB disconnect, device number 102 [ 581.929513][T29799] netem: change failed [ 581.952309][T29801] overlayfs: overlapping lowerdir path [ 582.184336][ T56] usb 9-1: new high-speed USB device number 103 using dummy_hcd [ 582.318714][T29825] tipc: Failed to obtain node identity [ 582.321176][T29825] tipc: Enabling of bearer rejected, failed to enable media [ 582.327202][ T56] usb 9-1: Using ep0 maxpacket: 32 [ 582.330791][ T56] usb 9-1: config index 0 descriptor too short (expected 29220, got 36) [ 582.333847][ T56] usb 9-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 582.346822][ T56] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 582.349999][ T56] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 582.352971][ T56] usb 9-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 582.361150][ T56] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 582.366458][ T56] usb 9-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 582.369364][ T56] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 582.377181][ T56] usb 9-1: config 0 descriptor?? [ 582.575397][ T6075] usb 9-1: USB disconnect, device number 103 [ 582.739355][T29842] netlink: 424 bytes leftover after parsing attributes in process `syz.0.9672'. [ 582.869877][T29854] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 583.313597][T29916] netlink: 9 bytes leftover after parsing attributes in process `syz.0.9708'. [ 583.748383][T29976] netlink: 36 bytes leftover after parsing attributes in process `syz.5.9734'. [ 583.751440][T29976] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9734'. [ 583.757347][T29976] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9734'. [ 584.185888][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 584.185904][ T40] audit: type=1326 audit(1763569256.575:3460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30007 comm="syz.5.9749" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 584.201092][ T40] audit: type=1326 audit(1763569256.596:3461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30007 comm="syz.5.9749" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 584.211165][ T40] audit: type=1326 audit(1763569256.607:3462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30007 comm="syz.5.9749" exe="/syz-executor" sig=0 arch=40000003 syscall=434 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 584.220754][ T40] audit: type=1326 audit(1763569256.607:3463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30007 comm="syz.5.9749" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 584.234504][ T40] audit: type=1326 audit(1763569256.607:3464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30007 comm="syz.5.9749" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 584.254897][ T40] audit: type=1326 audit(1763569256.628:3465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30007 comm="syz.5.9749" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 584.264459][ T40] audit: type=1326 audit(1763569256.628:3466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30007 comm="syz.5.9749" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 584.272513][ T40] audit: type=1326 audit(1763569256.628:3467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30007 comm="syz.5.9749" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 584.281766][ T40] audit: type=1326 audit(1763569256.638:3468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30007 comm="syz.5.9749" exe="/syz-executor" sig=0 arch=40000003 syscall=442 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 584.290844][ T40] audit: type=1326 audit(1763569256.638:3469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30007 comm="syz.5.9749" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 584.606658][T30026] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9758'. [ 584.778206][T30032] netlink: 136 bytes leftover after parsing attributes in process `syz.2.9761'. [ 584.781983][T30032] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check. [ 584.959652][T30039] netlink: 104 bytes leftover after parsing attributes in process `syz.2.9764'. [ 584.962696][T30039] netlink: 104 bytes leftover after parsing attributes in process `syz.2.9764'. [ 585.295853][T30055] netlink: 72 bytes leftover after parsing attributes in process `syz.0.9770'. [ 586.164909][T30077] netlink: 'syz.5.9779': attribute type 4 has an invalid length. [ 586.178731][T30077] netlink: 'syz.5.9779': attribute type 4 has an invalid length. [ 586.428846][T30101] tipc: Failed to remove unknown binding: 66,1,1/0:699089080/699089082 [ 586.431708][T30101] tipc: Failed to remove unknown binding: 66,1,1/0:699089080/699089082 [ 586.642880][T30112] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9794'. [ 586.766308][T25664] usb 5-1: new full-speed USB device number 96 using dummy_hcd [ 586.921433][T25664] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 586.925248][T25664] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 586.930190][T25664] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 586.934483][T25664] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 586.940188][T25664] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 586.944286][T25664] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 586.954578][T25664] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 586.959235][T25664] usb 5-1: invalid MIDI out EP 0 [ 587.028703][T25664] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 587.147656][ T56] usb 5-1: USB disconnect, device number 96 [ 587.227992][T30126] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9799'. [ 587.972209][T30172] binder: 30171:30172 ioctl c00c620f 80000140 returned -22 [ 588.090800][ T56] usb 5-1: new high-speed USB device number 97 using dummy_hcd [ 588.233669][ T56] usb 5-1: Using ep0 maxpacket: 16 [ 588.238111][ T56] usb 5-1: config 0 has an invalid interface number: 28 but max is 0 [ 588.241725][ T56] usb 5-1: config 0 has no interface number 0 [ 588.244632][ T56] usb 5-1: config 0 interface 28 altsetting 8 endpoint 0xD has invalid maxpacket 512, setting to 64 [ 588.250384][ T56] usb 5-1: config 0 interface 28 has no altsetting 0 [ 588.255669][ T56] usb 5-1: Dual-Role OTG device on HNP port [ 588.258558][ T56] usb 5-1: New USB device found, idVendor=12d1, idProduct=937e, bcdDevice=af.67 [ 588.262202][ T56] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 588.265262][ T56] usb 5-1: Product: syz [ 588.266893][ T56] usb 5-1: Manufacturer: syz [ 588.268814][ T56] usb 5-1: SerialNumber: syz [ 588.273326][ T56] usb 5-1: config 0 descriptor?? [ 588.277123][ T56] hub 5-1:0.28: bad descriptor, ignoring hub [ 588.279696][ T56] hub 5-1:0.28: probe with driver hub failed with error -5 [ 588.283862][ T56] option 5-1:0.28: GSM modem (1-port) converter detected [ 588.576856][ T9] usb 5-1: USB disconnect, device number 97 [ 588.580438][ T9] option 5-1:0.28: device disconnected [ 588.836045][T30203] netlink: 80 bytes leftover after parsing attributes in process `syz.2.9833'. [ 588.983614][T30217] overlayfs: failed to clone lowerpath [ 589.015693][T30223] netlink: 'syz.2.9843': attribute type 1 has an invalid length. [ 589.019551][T30223] netlink: 'syz.2.9843': attribute type 2 has an invalid length. [ 589.083495][T30229] netlink: 7 bytes leftover after parsing attributes in process `syz.4.9846'. [ 589.087786][T30229] netlink: 68 bytes leftover after parsing attributes in process `syz.4.9846'. [ 589.514455][T30256] vlan2: entered allmulticast mode [ 589.522445][T30256] bond0: entered allmulticast mode [ 589.524327][T30256] bond_slave_0: entered allmulticast mode [ 589.526508][T30256] bond_slave_1: entered allmulticast mode [ 590.268552][T30272] __nla_validate_parse: 1 callbacks suppressed [ 590.268571][T30272] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9863'. [ 590.860685][T30308] veth2: entered promiscuous mode [ 590.863250][T30308] veth2: entered allmulticast mode [ 590.946025][T30312] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 591.074941][T30321] tmpfs: Bad value for 'nr_inodes' [ 591.368183][T30351] netlink: 44 bytes leftover after parsing attributes in process `syz.0.9900'. [ 591.512713][T30365] serio: Serial port ptm0 [ 591.910356][ T6002] usb 5-1: new high-speed USB device number 98 using dummy_hcd [ 592.062481][ T6002] usb 5-1: Using ep0 maxpacket: 32 [ 592.066804][ T6002] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 592.071308][ T6002] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 592.076146][ T6002] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 592.080775][ T6002] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 592.085067][ T6002] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 592.091216][ T6002] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 592.095698][ T6002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 592.103045][ T6002] usb 5-1: config 0 descriptor?? [ 592.298957][ T6002] usb 5-1: USB disconnect, device number 98 [ 592.881829][T30425] tipc: Failed to remove unknown binding: 66,1,1/0:1644399242/1644399244 [ 592.933973][T30429] tipc: Failed to remove unknown binding: 66,1,1/0:1644399242/1644399244 [ 592.937560][T30429] tipc: Failed to remove unknown binding: 66,1,1/0:1644399242/1644399244 [ 593.156455][T30445] tipc: Enabling of bearer rejected, failed to enable media [ 593.194469][T30450] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9942'. [ 593.232390][T30455] netlink: 'syz.4.9944': attribute type 13 has an invalid length. [ 593.572743][T30462] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9947'. [ 593.609240][ T6075] usb 9-1: new full-speed USB device number 104 using dummy_hcd [ 593.773317][ T6075] usb 9-1: config 0 has an invalid interface number: 231 but max is 0 [ 593.776914][ T6075] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 593.781665][ T6075] usb 9-1: config 0 has no interface number 0 [ 593.784244][ T6075] usb 9-1: config 0 interface 231 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 593.792394][ T6075] usb 9-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=b0.9b [ 593.795704][ T6075] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 593.796906][T30474] netlink: 'syz.5.9953': attribute type 28 has an invalid length. [ 593.799204][ T6075] usb 9-1: Product: syz [ 593.803205][ T6075] usb 9-1: Manufacturer: syz [ 593.804782][ T6075] usb 9-1: SerialNumber: syz [ 593.807909][ T6075] usb 9-1: config 0 descriptor?? [ 593.813676][ T6075] plusb 9-1:0.231: probe with driver plusb failed with error -22 [ 593.972426][T30488] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9960'. [ 594.011193][T30492] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9962'. [ 594.013012][ T6075] usb 9-1: USB disconnect, device number 104 [ 594.015222][T30492] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9962'. [ 594.065808][T30498] JFS: discard option not supported on device [ 594.069945][T30498] Mount JFS Failure: -5 [ 594.115473][T30501] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9965'. [ 594.580675][T30518] netlink: 'syz.4.9972': attribute type 4 has an invalid length. [ 595.200672][T30558] netlink: 392 bytes leftover after parsing attributes in process `syz.0.9991'. [ 595.210746][T30562] netlink: 156 bytes leftover after parsing attributes in process `syz.2.9993'. [ 595.250215][T30568] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9996'. [ 595.326824][T30582] binder: 30581:30582 ioctl c0306201 80000080 returned -14 [ 595.537265][T30603] fuse: Bad value for 'group_id' [ 595.539041][T30603] fuse: Bad value for 'group_id' [ 596.008303][T30652] overlayfs: failed to clone upperpath [ 596.476163][T30680] netlink: 'syz.5.10046': attribute type 13 has an invalid length. [ 596.621537][T30683] bond0: Caught tx_queue_len zero misconfig [ 596.685928][T30688] overlayfs: conflicting lowerdir path [ 596.757796][T30694] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10053'. [ 597.047023][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 597.047034][ T40] audit: type=1326 audit(1763569270.076:3472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30709 comm="syz.4.10059" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf708d579 code=0x0 [ 598.402339][T30777] netlink: 16 bytes leftover after parsing attributes in process `syz.4.10089'. [ 599.013008][T30813] netlink: 'syz.4.10103': attribute type 16 has an invalid length. [ 599.016986][T30813] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.10103'. [ 599.133803][T30820] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10105'. [ 599.138366][T30820] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10105'. [ 599.334459][T30838] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10115'. [ 599.436950][ T40] audit: type=1326 audit(1763569272.595:3473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30852 comm="syz.2.10123" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x0 [ 599.661601][T30883] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 599.754768][T30889] sctp: [Deprecated]: syz.0.10140 (pid 30889) Use of struct sctp_assoc_value in delayed_ack socket option. [ 599.754768][T30889] Use struct sctp_sack_info instead [ 599.945435][T30906] netlink: 108 bytes leftover after parsing attributes in process `syz.0.10148'. [ 600.070877][T30919] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10154'. [ 600.112637][ T40] audit: type=1326 audit(1763569273.299:3474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30911 comm="syz.4.10151" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 600.131736][ T40] audit: type=1326 audit(1763569273.320:3475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30911 comm="syz.4.10151" exe="/syz-executor" sig=0 arch=40000003 syscall=283 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 600.144006][ T40] audit: type=1326 audit(1763569273.320:3476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30911 comm="syz.4.10151" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 600.153029][ T40] audit: type=1326 audit(1763569273.330:3477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30911 comm="syz.4.10151" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 600.161986][ T40] audit: type=1326 audit(1763569273.330:3478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30911 comm="syz.4.10151" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 600.169280][ T40] audit: type=1326 audit(1763569273.330:3479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30911 comm="syz.4.10151" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 600.176733][ T40] audit: type=1326 audit(1763569273.330:3480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30911 comm="syz.4.10151" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 600.184014][ T40] audit: type=1326 audit(1763569273.330:3481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30911 comm="syz.4.10151" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf708d579 code=0x7ffc0000 [ 600.286384][T30936] netlink: 304 bytes leftover after parsing attributes in process `syz.2.10163'. [ 600.982649][ C3] vcan0: j1939_tp_rxtimer: 0xffff8880771f7000: rx timeout, send abort [ 600.987205][ C3] vcan0: j1939_tp_rxtimer: 0xffff8880771f7400: rx timeout, send abort [ 600.991522][ C3] vcan0: j1939_xtp_rx_abort_one: 0xffff8880771f7000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 600.998357][ C3] vcan0: j1939_xtp_rx_abort_one: 0xffff8880771f7400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 601.389658][T30998] netlink: 'syz.4.10189': attribute type 33 has an invalid length. [ 601.392837][T30998] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10189'. [ 601.507784][T31007] overlayfs: unescaped trailing colons in lowerdir mount option. [ 601.970310][T31032] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10205'. [ 602.250340][ T46] bridge_slave_1: left allmulticast mode [ 602.253069][ T46] bridge_slave_1: left promiscuous mode [ 602.257032][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 602.262635][ T46] bridge_slave_0: left allmulticast mode [ 602.265811][ T46] bridge_slave_0: left promiscuous mode [ 602.268843][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 602.457405][T31067] netlink: 92 bytes leftover after parsing attributes in process `syz.5.10220'. [ 602.526302][T31074] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10223'. [ 602.707053][T31084] kAFS: No cell specified [ 603.071037][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 603.076365][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 603.080929][ T46] bond0 (unregistering): Released all slaves [ 603.185129][ T46] tipc: Disabling bearer [ 603.187628][ T46] tipc: Left network mode [ 603.310948][ T46] hsr_slave_0: left promiscuous mode [ 603.315120][ T46] hsr_slave_1: left promiscuous mode [ 603.364997][ T46] veth1_macvtap: left promiscuous mode [ 603.368075][ T46] veth0_macvtap: left promiscuous mode [ 603.372014][ T46] veth1_vlan: left promiscuous mode [ 603.374254][ T46] veth0_vlan: left promiscuous mode [ 604.180602][T31163] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10264'. [ 604.229207][ T46] team0 (unregistering): Port device team_slave_1 removed [ 604.344987][ T46] team0 (unregistering): Port device team_slave_0 removed [ 604.501565][T31176] fuse: Bad value for 'group_id' [ 604.503880][T31176] fuse: Bad value for 'group_id' [ 605.353574][T31212] mac80211_hwsim hwsim52 wlan0: entered promiscuous mode [ 606.105456][T31246] netlink: 96 bytes leftover after parsing attributes in process `syz.4.10297'. [ 606.159886][T31250] netlink: 100 bytes leftover after parsing attributes in process `syz.4.10299'. [ 606.217019][T31255] netlink: 24 bytes leftover after parsing attributes in process `syz.5.10301'. [ 606.943019][T31318] binfmt_misc: register: failed to install interpreter file ./file1 [ 607.685908][T31404] netlink: 9 bytes leftover after parsing attributes in process `syz.2.10369'. [ 607.690494][T31404] gretap0: entered promiscuous mode [ 607.768997][T31410] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10371'. [ 608.236514][T31426] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10377'. [ 608.239771][T31426] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10377'. [ 608.980097][ T6002] usb 9-1: new full-speed USB device number 105 using dummy_hcd [ 609.009573][T25797] usb 5-1: new full-speed USB device number 99 using dummy_hcd [ 609.124463][ T6002] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 609.128784][ T6002] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 609.135160][ T6002] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 609.139286][ T6002] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 609.143287][ T6002] usb 9-1: Product: syz [ 609.145257][ T6002] usb 9-1: Manufacturer: syz [ 609.147360][ T6002] usb 9-1: SerialNumber: syz [ 609.163203][T25797] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 609.172564][T25797] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 609.176789][T25797] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 609.180150][T25797] usb 5-1: SerialNumber: syz [ 609.187961][T25797] cdc_acm 5-1:1.0: skipping garbage [ 609.192640][T25797] cdc_acm 5-1:1.0: probe with driver cdc_acm failed with error -12 [ 609.350630][ T6002] usb 9-1: 0:2 : does not exist [ 609.355642][ T6002] usb 9-1: 5:0: failed to get current value for ch 0 (-22) [ 609.366253][ T6002] usb 9-1: USB disconnect, device number 105 [ 609.378596][ T6004] usb 5-1: USB disconnect, device number 99 [ 609.383458][T31481] udevd[31481]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 609.526740][T31499] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10407'. [ 609.532271][T31499] netlink: 12 bytes leftover after parsing attributes in process `syz.5.10407'. [ 609.641425][T31505] netlink: 56 bytes leftover after parsing attributes in process `syz.2.10410'. [ 609.717602][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 609.717617][ T40] audit: type=1326 audit(1763569283.377:3499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31508 comm="syz.2.10412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 609.729876][ T40] audit: type=1326 audit(1763569283.377:3500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31508 comm="syz.2.10412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 609.739008][ T40] audit: type=1326 audit(1763569283.377:3501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31508 comm="syz.2.10412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 609.747351][ T40] audit: type=1326 audit(1763569283.377:3502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31508 comm="syz.2.10412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 609.754893][ T40] audit: type=1326 audit(1763569283.377:3503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31508 comm="syz.2.10412" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 609.762978][ T40] audit: type=1326 audit(1763569283.377:3504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31508 comm="syz.2.10412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 609.772062][ T40] audit: type=1326 audit(1763569283.377:3505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31508 comm="syz.2.10412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 609.781428][ T40] audit: type=1326 audit(1763569283.377:3506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31508 comm="syz.2.10412" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 609.791897][ T40] audit: type=1326 audit(1763569283.377:3507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31508 comm="syz.2.10412" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 609.801374][ T40] audit: type=1326 audit(1763569283.440:3508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31508 comm="syz.2.10412" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf706d579 code=0x7ffc0000 [ 609.975894][T31520] @: renamed from vlan0 (while UP) [ 610.024599][T31525] QAT: failed to copy from user cfg_data. [ 610.337627][T31557] bridge_slave_1: left allmulticast mode [ 610.339778][T31557] bridge_slave_1: left promiscuous mode [ 610.341661][T31557] bridge0: port 2(bridge_slave_1) entered disabled state [ 610.348495][T31557] bridge_slave_0: left allmulticast mode [ 610.350496][T31557] bridge_slave_0: left promiscuous mode [ 610.354077][T31557] bridge0: port 1(bridge_slave_0) entered disabled state [ 610.375928][T31564] overlayfs: failed to clone upperpath [ 610.665687][T31603] netlink: 'syz.4.10449': attribute type 4 has an invalid length. [ 610.875540][T25671] usb 10-1: new high-speed USB device number 11 using dummy_hcd [ 611.027918][T25671] usb 10-1: Using ep0 maxpacket: 32 [ 611.032064][T25671] usb 10-1: config 0 has an invalid interface number: 196 but max is 0 [ 611.035847][T25671] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 611.040468][T25671] usb 10-1: config 0 has no interface number 0 [ 611.043331][T25671] usb 10-1: config 0 interface 196 altsetting 1 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 611.048203][T25671] usb 10-1: config 0 interface 196 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 611.053964][T25671] usb 10-1: config 0 interface 196 has no altsetting 0 [ 611.059123][T25671] usb 10-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 611.063167][T25671] usb 10-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 611.066958][T25671] usb 10-1: Product: syz [ 611.068948][T25671] usb 10-1: Manufacturer: syz [ 611.071152][T25671] usb 10-1: SerialNumber: syz [ 611.075802][T25671] usb 10-1: config 0 descriptor?? [ 611.274848][T25671] ipheth 10-1:0.196: Unable to find endpoints [ 611.282434][T25671] usb 10-1: USB disconnect, device number 11 [ 611.500015][T31616] __nla_validate_parse: 9 callbacks suppressed [ 611.500028][T31616] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10459'. [ 611.506259][T31616] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10459'. [ 611.509019][T31619] netlink: 76 bytes leftover after parsing attributes in process `syz.2.10460'. [ 611.515977][T31619] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10460'. [ 611.588436][T31628] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 611.592526][T31628] overlayfs: overlapping lowerdir path [ 611.703871][T31644] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10473'. [ 611.708797][T31644] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10473'. [ 611.759801][T31649] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10476'. [ 611.764753][T31649] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10476'. [ 611.767781][T31649] netlink: 'syz.4.10476': attribute type 15 has an invalid length. [ 611.770218][T31649] netlink: 'syz.4.10476': attribute type 18 has an invalid length. [ 611.805630][ T5946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 611.818671][ T5946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 611.824109][ T5946] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 611.827080][ T5946] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 611.830965][ T5946] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 611.970193][T31652] chnl_net:caif_netlink_parms(): no params data found [ 612.104894][ T62] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 612.151409][T31652] bridge0: port 1(bridge_slave_0) entered blocking state [ 612.155646][T31652] bridge0: port 1(bridge_slave_0) entered disabled state [ 612.159181][T31652] bridge_slave_0: entered allmulticast mode [ 612.164439][T31652] bridge_slave_0: entered promiscuous mode [ 612.167955][T31652] bridge0: port 2(bridge_slave_1) entered blocking state [ 612.170510][T31652] bridge0: port 2(bridge_slave_1) entered disabled state [ 612.173823][T31652] bridge_slave_1: entered allmulticast mode [ 612.178285][T31652] bridge_slave_1: entered promiscuous mode [ 612.210076][ T62] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 612.266625][T31652] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 612.272047][T31652] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 612.324576][ T62] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 612.335453][T31652] team0: Port device team_slave_0 added [ 612.340679][T31652] team0: Port device team_slave_1 added [ 612.368505][T31712] XFS (nullb0): Invalid superblock magic number [ 612.478942][ T62] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 612.489805][T31652] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 612.492789][T31652] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 612.504223][T31652] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 612.510845][T31652] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 612.513974][T31652] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 612.526622][T31652] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 612.612607][T31652] hsr_slave_0: entered promiscuous mode [ 612.615802][T31652] hsr_slave_1: entered promiscuous mode [ 612.727513][ T62] erspan0: left allmulticast mode [ 612.729171][ T62] erspan0: left promiscuous mode [ 612.730927][ T62] bridge0: port 3(erspan0) entered disabled state [ 612.735101][ T62] bridge_slave_1: left allmulticast mode [ 612.737676][ T62] bridge_slave_1: left promiscuous mode [ 612.740446][ T62] bridge0: port 2(bridge_slave_1) entered disabled state [ 612.746417][ T62] bridge_slave_0: left allmulticast mode [ 612.748887][ T62] bridge_slave_0: left promiscuous mode [ 612.751058][ T62] bridge0: port 1(bridge_slave_0) entered disabled state [ 613.109219][ T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 613.116214][ T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 613.122502][ T62] bond0 (unregistering): Released all slaves [ 613.269459][T31773] Bluetooth: hci0: Opcode 0x0c20 failed: -22 [ 613.491304][ T62] hsr_slave_0: left promiscuous mode [ 613.494330][ T62] hsr_slave_1: left promiscuous mode [ 613.498405][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 613.501697][ T62] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 613.505815][ T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 613.509331][ T62] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 613.551999][ T62] veth1_macvtap: left allmulticast mode [ 613.554800][ T62] veth1_macvtap: left promiscuous mode [ 613.556723][ T62] veth0_macvtap: left promiscuous mode [ 613.558937][ T62] veth1_vlan: left promiscuous mode [ 613.560901][ T62] veth0_vlan: left promiscuous mode [ 613.813592][ T5946] Bluetooth: hci3: command tx timeout [ 614.421465][ T62] team0 (unregistering): Port device team_slave_1 removed [ 614.506727][ T62] team0 (unregistering): Port device team_slave_0 removed [ 615.191075][ T5946] Bluetooth: hci0: command tx timeout [ 615.265277][T31802] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10537'. [ 615.516682][T24294] usb 9-1: new high-speed USB device number 106 using dummy_hcd [ 615.523128][T31652] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 615.530483][T31652] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 615.537722][T31652] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 615.545601][T31652] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 615.622187][T31652] 8021q: adding VLAN 0 to HW filter on device bond0 [ 615.639581][T31652] 8021q: adding VLAN 0 to HW filter on device team0 [ 615.645539][ T1145] bridge0: port 1(bridge_slave_0) entered blocking state [ 615.648060][ T1145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 615.657206][T23984] bridge0: port 2(bridge_slave_1) entered blocking state [ 615.659892][T23984] bridge0: port 2(bridge_slave_1) entered forwarding state [ 615.669394][T24294] usb 9-1: config index 0 descriptor too short (expected 23569, got 27) [ 615.672835][T24294] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 615.682331][T24294] usb 9-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 615.689413][T24294] usb 9-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 615.695597][T24294] usb 9-1: Manufacturer: syz [ 615.699836][T24294] usb 9-1: config 0 descriptor?? [ 615.716597][ T62] ------------[ cut here ]------------ [ 615.718872][ T62] WARNING: CPU: 2 PID: 62 at net/xfrm/xfrm_state.c:3306 xfrm_state_fini+0x289/0x310 [ 615.722403][ T62] Modules linked in: [ 615.724547][ T62] CPU: 2 UID: 0 PID: 62 Comm: kworker/u32:3 Not tainted syzkaller #0 PREEMPT(full) [ 615.730480][ T62] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 615.734408][ T62] Workqueue: netns cleanup_net [ 615.736634][ T62] RIP: 0010:xfrm_state_fini+0x289/0x310 [ 615.738738][ T62] Code: c3 f7 90 0f 0b 90 e9 e7 fe ff ff e8 e1 f0 c3 f7 90 0f 0b 90 e9 39 ff ff ff e8 d3 f0 c3 f7 90 0f 0b 90 eb 8a e8 c8 f0 c3 f7 90 <0f> 0b 90 e9 d5 fd ff ff e8 ba 9d 2b f8 e9 f8 fd ff ff e8 e0 9d 2b [ 615.745619][ T62] RSP: 0018:ffffc900009efa90 EFLAGS: 00010293 [ 615.747743][ T62] RAX: 0000000000000000 RBX: ffff88806289c900 RCX: fffff5200013df23 [ 615.750499][ T62] RDX: ffff8880200b4900 RSI: ffffffff89f866b8 RDI: ffff8880200b4d84 [ 615.753498][ T62] RBP: ffff88806289ddc0 R08: 0000000000000001 R09: 0000000000000000 [ 615.756396][ T62] R10: 0000000000000001 R11: 0000000000000001 R12: ffffc900009efbd8 [ 615.759189][ T62] R13: dffffc0000000000 R14: fffffbfff2055d80 R15: ffffffff902aebe0 [ 615.762482][ T62] FS: 0000000000000000(0000) GS:ffff888097a0d000(0000) knlGS:0000000000000000 [ 615.762868][ T62] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 615.769814][ T62] CR2: 00007f60d6c58048 CR3: 0000000024fe6000 CR4: 0000000000352ef0 [ 615.772827][ T62] DR0: 0000000000000008 DR1: 0000000000000002 DR2: 0000000000000081 [ 615.772838][ T62] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 615.772846][ T62] Call Trace: [ 615.772850][ T62] [ 615.772856][ T62] ? __pfx_xfrm_net_exit+0x10/0x10 [ 615.772877][ T62] xfrm_net_exit+0x2d/0x70 [ 615.772894][ T62] ops_undo_list+0x2ee/0xab0 [ 615.772912][ T62] ? __pfx_ops_undo_list+0x10/0x10 [ 615.772925][ T62] ? cleanup_net+0x347/0x8b0 [ 615.772938][ T62] ? idr_destroy+0x62/0x2e0 [ 615.772961][ T62] cleanup_net+0x41b/0x8b0 [ 615.772976][ T62] ? __pfx_cleanup_net+0x10/0x10 [ 615.772991][ T62] ? rcu_is_watching+0x12/0xc0 [ 615.773007][ T62] process_one_work+0x9cf/0x1b70 [ 615.773249][ T62] ? __pfx_process_one_work+0x10/0x10 [ 615.773285][ T62] ? assign_work+0x1a0/0x250 [ 615.773313][ T62] worker_thread+0x6c8/0xf10 [ 615.773333][ T62] ? __kthread_parkme+0x19e/0x250 [ 615.773349][ T62] ? __pfx_worker_thread+0x10/0x10 [ 615.773367][ T62] kthread+0x3c5/0x780 [ 615.773392][ T62] ? __pfx_kthread+0x10/0x10 [ 615.773417][ T62] ? rcu_is_watching+0x12/0xc0 [ 615.773435][ T62] ? __pfx_kthread+0x10/0x10 [ 615.773453][ T62] ret_from_fork+0x675/0x7d0 [ 615.773477][ T62] ? __pfx_kthread+0x10/0x10 [ 615.773502][ T62] ret_from_fork_asm+0x1a/0x30 [ 615.773537][ T62] [ 615.773545][ T62] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 615.773556][ T62] CPU: 2 UID: 0 PID: 62 Comm: kworker/u32:3 Not tainted syzkaller #0 PREEMPT(full) [ 615.773576][ T62] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 615.773588][ T62] Workqueue: netns cleanup_net [ 615.773608][ T62] Call Trace: [ 615.773615][ T62] [ 615.773622][ T62] dump_stack_lvl+0x3d/0x1f0 [ 615.773643][ T62] vpanic+0x640/0x6f0 [ 615.773665][ T62] ? xfrm_state_fini+0x289/0x310 [ 615.773688][ T62] panic+0xca/0xd0 [ 615.773716][ T62] ? __pfx_panic+0x10/0x10 [ 615.773743][ T62] ? check_panic_on_warn+0x1f/0xb0 [ 615.773768][ T62] check_panic_on_warn+0xab/0xb0 [ 615.773792][ T62] __warn+0xf6/0x3c0 [ 615.773815][ T62] ? xfrm_state_fini+0x289/0x310 [ 615.773839][ T62] report_bug+0x3c3/0x580 [ 615.773855][ T62] ? xfrm_state_fini+0x289/0x310 [ 615.773878][ T62] handle_bug+0x184/0x210 [ 615.773901][ T62] exc_invalid_op+0x17/0x50 [ 615.773924][ T62] asm_exc_invalid_op+0x1a/0x20 [ 615.773940][ T62] RIP: 0010:xfrm_state_fini+0x289/0x310 [ 615.773962][ T62] Code: c3 f7 90 0f 0b 90 e9 e7 fe ff ff e8 e1 f0 c3 f7 90 0f 0b 90 e9 39 ff ff ff e8 d3 f0 c3 f7 90 0f 0b 90 eb 8a e8 c8 f0 c3 f7 90 <0f> 0b 90 e9 d5 fd ff ff e8 ba 9d 2b f8 e9 f8 fd ff ff e8 e0 9d 2b [ 615.773978][ T62] RSP: 0018:ffffc900009efa90 EFLAGS: 00010293 [ 615.773991][ T62] RAX: 0000000000000000 RBX: ffff88806289c900 RCX: fffff5200013df23 [ 615.774017][ T62] RDX: ffff8880200b4900 RSI: ffffffff89f866b8 RDI: ffff8880200b4d84 [ 615.774030][ T62] RBP: ffff88806289ddc0 R08: 0000000000000001 R09: 0000000000000000 [ 615.774038][ T62] R10: 0000000000000001 R11: 0000000000000001 R12: ffffc900009efbd8 [ 615.774048][ T62] R13: dffffc0000000000 R14: fffffbfff2055d80 R15: ffffffff902aebe0 [ 615.774067][ T62] ? xfrm_state_fini+0x288/0x310 [ 615.774094][ T62] ? __pfx_xfrm_net_exit+0x10/0x10 [ 615.774118][ T62] xfrm_net_exit+0x2d/0x70 [ 615.774138][ T62] ops_undo_list+0x2ee/0xab0 [ 615.774161][ T62] ? __pfx_ops_undo_list+0x10/0x10 [ 615.774181][ T62] ? cleanup_net+0x347/0x8b0 [ 615.774200][ T62] ? idr_destroy+0x62/0x2e0 [ 615.774233][ T62] cleanup_net+0x41b/0x8b0 [ 615.774257][ T62] ? __pfx_cleanup_net+0x10/0x10 [ 615.774278][ T62] ? rcu_is_watching+0x12/0xc0 [ 615.774299][ T62] process_one_work+0x9cf/0x1b70 [ 615.774329][ T62] ? __pfx_process_one_work+0x10/0x10 [ 615.774362][ T62] ? assign_work+0x1a0/0x250 [ 615.774387][ T62] worker_thread+0x6c8/0xf10 [ 615.774407][ T62] ? __kthread_parkme+0x19e/0x250 [ 615.774427][ T62] ? __pfx_worker_thread+0x10/0x10 [ 615.774452][ T62] kthread+0x3c5/0x780 [ 615.774476][ T62] ? __pfx_kthread+0x10/0x10 [ 615.774501][ T62] ? rcu_is_watching+0x12/0xc0 [ 615.774515][ T62] ? __pfx_kthread+0x10/0x10 [ 615.774539][ T62] ret_from_fork+0x675/0x7d0 [ 615.774560][ T62] ? __pfx_kthread+0x10/0x10 [ 615.774583][ T62] ret_from_fork_asm+0x1a/0x30 [ 615.774614][ T62] [ 615.775945][ T62] Kernel Offset: disabled VM DIAGNOSIS: 16:06:30 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff95a96420 RDX=0000000000000004 RSI=0000000000000001 RDI=0000000000000000 RBP=ffff88801fe8a480 RSP=ffffc9000327f288 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000028 R11=0000000000000001 R12=ffff88801fe8afb0 R13=ffff88801fe8afd8 R14=0000000000000001 R15=0000000000000004 RIP=ffffffff81983126 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809780d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f09cfb69a10 CR3=00000000128e1000 CR4=00352ef0 DR0=0000000000000008 DR1=0000000000000002 DR2=0000000000000081 DR3=ffffffffefffff15 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 637062696c2f3436 62696c2f7273752f ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000570 0000000000060a90 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffffffffffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001da0 0000000000033260 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=ffffffff91c8e60e RBX=ffffffff910a828c RCX=dffffc0000000000 RDX=ffffffff8b5d2641 RSI=0000000000000000 RDI=ffffffff910a8280 RBP=ffffffff910a828c RSP=ffffc900032ef980 R8 =ffffffff91c8e62c R9 =0000000000000000 R10=0000000000000000 R11=00000000000a5d26 R12=ffffffff910a8290 R13=ffffffff8b5d26bb R14=ffffffff910a8280 R15=ffffffff910a8288 RIP=ffffffff816ba94d RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88809790d000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f97d72c4286 CR3=000000004c0f0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7416ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff85269e10 RDI=ffffffff9adc5de0 RBP=ffffffff9adc5da0 RSP=ffffc900009ef3a8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff35b8c0e R15=dffffc0000000000 RIP=ffffffff85269e37 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097a0d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f60d6c58048 CR3=0000000024fe6000 CR4=00352ef0 DR0=0000000000000008 DR1=0000000000000002 DR2=0000000000000081 DR3=ffffffffefffff15 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000248 0000000000007db8 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffffffffffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000001da0 0000000000033260 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=ffffea0001c2cb08 RBX=ffffea0001c2cac0 RCX=ffffffff82103b68 RDX=1ffffd4000385959 RSI=ffffffff82103b96 RDI=0000000000000000 RBP=0000000000000001 RSP=ffffc900215577c8 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=ffffea0001c2cac0 R13=ffff888059546a00 R14=ffffea0001c2cac0 R15=0000000000000000 RIP=ffffffff82103bc7 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097b0d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f311e454e9c CR3=0000000025fcb000 CR4=00352ef0 DR0=0000000000000008 DR1=0000000000000002 DR2=0000000000000081 DR3=ffffffffefffff15 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008000 Opmask01=0000000001002044 Opmask02=00000000fff7ffdf Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f311e7c48f0 00007f311e7c4310 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f311e785050 00007f311e7840c0 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f311e785580 00007f311e784b20 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f311e4870c0 00007f311e785ab0 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f311e7c3da0 00007f311e7845f0 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f311e4876b0 00007f311e4870c0 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f311e785ab0 00007f311e785580 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f311e784b20 00007f311e785050 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c6f7365722f6574 6174732d6b6f6f68 2f6463706368642f 6e75722f7261762f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e766c6f7365722f 65746174732d6b6f 6f682f6463706368 642f6e75722f7261 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 72743d6465727567 69666e6f635f6669 006b6e696c2e3431 6874652e666e6f63 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000