last executing test programs: 2m8.229399366s ago: executing program 1 (id=559): r0 = add_key$user(&(0x7f0000000340), &(0x7f0000002180)={'syz', 0x3}, &(0x7f0000000440)="28302d78540021019411ec4b58893bd96c61968d7a12a7a31e1fda6bdbebdea5372a1a20781860b79d77e299a40375bfc7d171c836268b7ab56753e2cc336775cfdb46a63ca4879770a68d155a2fa269c15305ac8deb2e7c308fdb76fdf8f1aeab4aaed6af22ec144397d0c664b3e96a7d38c2edf69139dedb56b371744a9c9c61", 0x81, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000002300), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000380)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c12863045265bcbc2c9426ac3f614746b436fe86a72dc642dd67d970604a69b4f22cd0076beedc18056ab4bea4c825b69a7a77adcd5488684872b1bb9eb84586549e11b080468668e8fd0e52ce0705a", 0xc0, 0xffffffffffffffff) keyctl$dh_compute(0x17, &(0x7f0000000080)={r1, r1, r0}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={'streebog256-generic\x00'}}) 2m8.093242734s ago: executing program 1 (id=560): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000880), r0) sendmsg$TIPC_NL_MON_GET(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000d80)={0x14, r1, 0x301, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x10) 2m8.09241716s ago: executing program 1 (id=562): sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="98000000", @ANYRES16, @ANYBLOB="000425bd7000fddbdf2504000000050005000800000048000180080006000000000014000400fe8000000000000000000000000000aa08000300640101020800060032000000060001000a000000050002"], 0x98}, 0x1, 0x0, 0x0, 0x5}, 0x4040) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfffffe84, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c00810ce00f80ecdb4cb9f207c804a00d000000020006fb0a0002000a0ada1b40d805481100c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0) 2m8.012712379s ago: executing program 1 (id=563): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), r0) sendmsg$NL80211_CMD_SET_REG(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x1c, r1, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48405}, 0x8090) 2m8.01203846s ago: executing program 1 (id=565): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) 2m7.955605679s ago: executing program 1 (id=566): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000100)) 1m52.677553998s ago: executing program 32 (id=566): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000100)) 56.805017074s ago: executing program 2 (id=2851): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) getsockopt$bt_hci(r0, 0x84, 0x1, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006) 56.72428129s ago: executing program 2 (id=2852): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000f00), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x80, r1, 0x1, 0x0, 0x0, {}, [{@pci={{0x8, 0x8e}, {0x11}}, {0xd}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0x80}}, 0x0) 56.724035556s ago: executing program 2 (id=2853): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x1, 0x4, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x3}]}}}]}, 0x40}}, 0x0) 56.72390556s ago: executing program 2 (id=2854): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0xc) 56.673497697s ago: executing program 2 (id=2855): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000100001005d790000000000000500000a60000000060a0b0400000000000000000200000234000480300001800b00010074617267657400002000028008000240000000010800030002b511120c0001004e465155455545000900010073797a30000000000900020073797a32"], 0x88}}, 0x0) 56.335226155s ago: executing program 2 (id=2857): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000500), 0x80, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000240)={0xfffffffd, "340b788cced600000000000000800000002300", 0xffffffffffffffff}) ppoll(&(0x7f0000000340)=[{r0, 0x5}, {r1, 0x208}], 0x2, 0x0, 0x0, 0x0) 56.300138474s ago: executing program 33 (id=2857): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000500), 0x80, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000240)={0xfffffffd, "340b788cced600000000000000800000002300", 0xffffffffffffffff}) ppoll(&(0x7f0000000340)=[{r0, 0x5}, {r1, 0x208}], 0x2, 0x0, 0x0, 0x0) 41.075157399s ago: executing program 5 (id=3501): getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x1, 0x0, 0x8}, 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100)) 41.01350397s ago: executing program 5 (id=3504): timer_create(0x2, 0x0, &(0x7f0000000040)=0x0) timer_settime(0x0, 0x5, &(0x7f00000001c0)={{0x0, 0x989680}, {0x77359400}}, 0x0) timer_settime(r0, 0x1, &(0x7f00000000c0)={{}, {0x77359400}}, &(0x7f0000000100)) 40.930166137s ago: executing program 5 (id=3509): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) getsockopt$bt_hci(r0, 0x84, 0x1, &(0x7f0000000000)=""/4102, &(0x7f0000001040)=0x1006) 40.850631218s ago: executing program 5 (id=3511): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0xc) 40.848467302s ago: executing program 5 (id=3513): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) r0 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42) ioctl$LOOP_SET_STATUS(r0, 0xc01070ce, 0x0) 40.553690771s ago: executing program 5 (id=3516): r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, @dev, @dev={0xfe, 0x80, '\x00', 0x37}, 0x10, 0x0, 0x0, 0x5}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x0, 0x0, 0x0, 0x4007}}) 40.490245212s ago: executing program 34 (id=3516): r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, @dev, @dev={0xfe, 0x80, '\x00', 0x37}, 0x10, 0x0, 0x0, 0x5}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, 0x0, 0x0, 0x0, 0x4007}}) 28.385605148s ago: executing program 4 (id=3836): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="11000000040000000400000002"], 0x50) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') read$eventfd(r0, &(0x7f0000000100), 0xfffffd79) 28.376871865s ago: executing program 4 (id=3840): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe8381, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, 0x0) 28.242320643s ago: executing program 4 (id=3845): r0 = socket(0x840000000002, 0x3, 0x100) connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r0, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0) 27.713253165s ago: executing program 4 (id=3857): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) bind$nfc_llcp(r0, &(0x7f0000000100)={0x27, 0x0, 0xffffffff, 0x3, 0x0, 0x6, "750538d1ee602ec4802a04ea7cdcd151bb2cd9893bc31f80718336d9bd3517076db9ad1f6a120d8be6d7f81cd81ec275000386e7d95f0669b740a5418d69d0", 0x10000000000001}, 0x58) getsockname(r0, 0x0, &(0x7f0000000080)) 27.655902296s ago: executing program 4 (id=3861): mkdir(&(0x7f0000005800)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 27.582632758s ago: executing program 4 (id=3863): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0xc) getsockopt$bt_hci(r0, 0x84, 0x1f, &(0x7f0000000080)=""/4057, &(0x7f0000001180)=0xfd9) 11.62772106s ago: executing program 35 (id=3863): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0xc) getsockopt$bt_hci(r0, 0x84, 0x1f, &(0x7f0000000080)=""/4057, &(0x7f0000001180)=0xfd9) 1.27370166s ago: executing program 3 (id=4344): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000540)='maps\x00') exit(0x7000000000000) preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/248, 0xf8}], 0x1, 0x6f9, 0x3f7d727b) 922.97338ms ago: executing program 0 (id=4362): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_OSF_TTL={0x5}, @NFTA_OSF_FLAGS={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x4048010) 839.832308ms ago: executing program 0 (id=4355): timer_create(0xb, 0x0, &(0x7f0000000100)=0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) timer_gettime(r0, &(0x7f0000000600)) 837.383019ms ago: executing program 0 (id=4357): r0 = syz_open_dev$radio(&(0x7f0000000080), 0x1, 0x2) ioctl$VIDIOC_DQEVENT(r0, 0x80785659, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1}) 773.320577ms ago: executing program 0 (id=4364): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, r1, 0xc05, 0x70bd26, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x20040004) 717.963242ms ago: executing program 0 (id=4366): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0x4f}, @NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x38}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x1}]}}}, {0x24, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_REDIR_REG_PROTO_MIN={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_REDIR_REG_PROTO_MAX={0x8, 0x2, 0x1, 0x0, 0x8}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xb0}, 0x1, 0x0, 0x0, 0x40}, 0x24000800) 629.335284ms ago: executing program 0 (id=4369): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_int(r0, 0x29, 0x48, &(0x7f0000000380)=0x9, 0x4) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e21, 0x0, @private1, 0x400}, 0x1c) 436.389885ms ago: executing program 7 (id=4379): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x5, &(0x7f0000000e80)={0xffffffffffffffff}, 0x13f, 0x5}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000200)={0x13, 0x10, 0x8, {0x0, r1}}, 0x18) 374.65529ms ago: executing program 3 (id=4371): r0 = syz_open_dev$vbi(&(0x7f00000002c0), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x2) preadv(r0, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/83, 0x53}, {&(0x7f00000001c0)=""/244, 0xf4}, {&(0x7f0000000340)=""/105, 0x69}], 0x3, 0x80000001, 0x5) 374.140009ms ago: executing program 7 (id=4374): sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000010001fff001201000006000043be4354", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a00010076786c616e00000004000280080004"], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0) r0 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0) 323.093012ms ago: executing program 3 (id=4375): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x2}}]}, 0x1c}}, 0x0) 322.711034ms ago: executing program 6 (id=4376): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000400), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000580)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r1, @ANYBLOB="01002bbd7000fbdbdf250100000008000100010000000400048008000200010000002c000480050003ffffff80000550030002000000050003000200000005000300000000000500030002000000540008"], 0xa8}, 0x1, 0x0, 0x0, 0x1}, 0x48084) 322.492189ms ago: executing program 7 (id=4377): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0) 262.323716ms ago: executing program 3 (id=4378): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) listen(r0, 0xc) connect$x25(r0, 0x0, 0x0) 260.413695ms ago: executing program 6 (id=4380): eventfd2(0xe61, 0x80801) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00') read$FUSE(r0, &(0x7f00000000c0)={0x2020}, 0x2020) 257.579546ms ago: executing program 3 (id=4381): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0) 183.656769ms ago: executing program 6 (id=4382): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x8, 0x4, 0x4, 0x9}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xa, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7030000070000008500000021000000b70000000000000095"], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f0800", 0x0, 0xe8a2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 183.269302ms ago: executing program 7 (id=4383): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETTXFILTER(r0, 0x400454ca, &(0x7f0000000100)=ANY=[@ANYBLOB="2e42000c371303ed6a33f2ff8689b3f60e"]) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f00000004c0)={0x1, 0x9, [@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, @empty, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @multicast, @local, @multicast]}) 127.226911ms ago: executing program 6 (id=4384): r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x4, @remote, 0xb}, 0x1c) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x3, @mcast2, 0x8000}, 0x1c) 52.864542ms ago: executing program 7 (id=4385): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xfffa}, 0xe) bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @none}, 0xe) 52.295406ms ago: executing program 6 (id=4386): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) ptrace$cont(0x13, r0, 0xffffffffffffffff, 0x3) 51.058196ms ago: executing program 7 (id=4387): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$net_dm(&(0x7f0000001140), r0) sendmsg$NET_DM_CMD_STOP(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r1, 0x1, 0x70bd2a, 0x8001}, 0x14}, 0x1, 0x0, 0x0, 0x20000004}, 0x0) 6.026622ms ago: executing program 6 (id=4388): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_TOKEN={0x8}]}, 0x1c}}, 0x0) 0s ago: executing program 3 (id=4389): syz_open_dev$dvb_frontend(&(0x7f0000000040), 0x0, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5) add_key$user(&(0x7f0000000040), &(0x7f0000002340)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) kernel console output (not intermixed with test programs): Number: syz [ 125.238800][ T54] usb 5-1: config 0 descriptor?? [ 125.245395][ T54] uvcvideo 5-1:0.105: Found UVC 0.00 device syz (046d:08f3) [ 125.249106][ T54] uvcvideo 5-1:0.105: No valid video chain found. [ 125.435903][ T9649] pim6reg99999999: entered allmulticast mode [ 125.454127][ T828] usb 5-1: USB disconnect, device number 6 [ 125.829259][ T9702] netlink: 67 bytes leftover after parsing attributes in process `syz.4.1627'. [ 125.913752][ T9711] mkiss: ax0: crc mode is auto. [ 125.956437][ T9715] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1633'. [ 126.065112][ T9728] netlink: 16410 bytes leftover after parsing attributes in process `syz.0.1639'. [ 126.201451][ T41] audit: type=1326 audit(2000000056.139:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9743 comm="syz.0.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 126.211698][ T41] audit: type=1326 audit(2000000056.139:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9743 comm="syz.0.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 126.218948][ T41] audit: type=1326 audit(2000000056.139:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9743 comm="syz.0.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 126.228086][ T41] audit: type=1326 audit(2000000056.139:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9743 comm="syz.0.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 126.241095][ T41] audit: type=1326 audit(2000000056.139:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9743 comm="syz.0.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=444 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 126.256216][ T41] audit: type=1326 audit(2000000056.139:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9743 comm="syz.0.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 126.264112][ T41] audit: type=1326 audit(2000000056.139:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9743 comm="syz.0.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 126.271635][ T41] audit: type=1326 audit(2000000056.139:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9743 comm="syz.0.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 126.281013][ T41] audit: type=1326 audit(2000000056.139:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9743 comm="syz.0.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 126.288614][ T41] audit: type=1326 audit(2000000056.139:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9743 comm="syz.0.1647" exe="/syz-executor" sig=0 arch=40000003 syscall=446 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 126.363887][ T9771] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1660'. [ 126.425802][ T9780] random: crng reseeded on system resumption [ 126.435472][ T9780] Restarting kernel threads ... [ 126.439747][ T9780] Done restarting kernel threads. [ 126.474778][ T9786] netlink: 'syz.3.1667': attribute type 1 has an invalid length. [ 126.479261][ T9786] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1667'. [ 126.483368][ T9786] netlink: 'syz.3.1667': attribute type 1 has an invalid length. [ 126.486402][ T9786] netlink: 'syz.3.1667': attribute type 8 has an invalid length. [ 127.160115][ T9839] netlink: 'syz.2.1692': attribute type 1 has an invalid length. [ 128.223026][ T9898] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 128.223384][ T9899] program syz.0.1723 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 128.235723][ T828] kernel read not supported for file /bluetooth/6lowpan_control (pid: 828 comm: kworker/2:2) [ 128.424024][ T9928] vim2m vim2m.0: vidioc_s_fmt queue busy [ 128.491605][ T90] bond0: (slave bond_slave_0): interface is now down [ 128.493924][ T90] bond0: (slave bond_slave_1): interface is now down [ 128.506646][ T90] bond0: now running without any active interface! [ 128.789863][ T9969] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 129.033726][ T9987] sg_read: process 493 (syz.4.1764) changed security contexts after opening file descriptor, this is not allowed. [ 129.150410][T10001] input: syz1 as /devices/virtual/input/input10 [ 129.646276][T10046] __nla_validate_parse: 6 callbacks suppressed [ 129.646291][T10046] netlink: 11 bytes leftover after parsing attributes in process `syz.3.1793'. [ 129.738345][T10059] sp0: Synchronizing with TNC [ 129.779820][T10065] Dead loop on virtual device ip6_vti0, fix it urgently! [ 129.785649][T10067] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1802'. [ 129.822277][T10071] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1804'. [ 129.966447][T10088] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1811'. [ 129.975633][T10088] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1811'. [ 130.079396][T10104] netlink: 7060 bytes leftover after parsing attributes in process `syz.3.1819'. [ 130.231439][T10125] sctp: [Deprecated]: syz.3.1829 (pid 10125) Use of int in max_burst socket option. [ 130.231439][T10125] Use struct sctp_assoc_value instead [ 130.287918][ T5956] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 130.398229][T10143] sp0: Synchronizing with TNC [ 130.736901][ T5998] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 130.896921][ T5998] usb 5-1: Using ep0 maxpacket: 32 [ 130.901368][ T5998] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 130.904361][ T5998] usb 5-1: config 0 has no interface number 0 [ 130.910972][ T5998] usb 5-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8 [ 130.915123][ T5998] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 130.918944][ T5998] usb 5-1: Product: syz [ 130.920730][ T5998] usb 5-1: Manufacturer: syz [ 130.923010][ T5998] usb 5-1: SerialNumber: syz [ 130.927770][ T5998] usb 5-1: config 0 descriptor?? [ 130.934247][ T5998] usb 5-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 130.938011][ T5998] usb 5-1: selecting invalid altsetting 1 [ 130.940618][ T5998] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 130.946467][ T5998] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 130.952606][ T5998] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 130.956301][ T5998] usb 5-1: media controller created [ 130.965674][ T5998] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 131.000529][T10179] netlink: 'syz.4.1855': attribute type 14 has an invalid length. [ 131.043568][T10181] vim2m vim2m.0: vidioc_s_fmt queue busy [ 131.046906][ T3249] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 131.206978][ T3249] usb 7-1: Using ep0 maxpacket: 32 [ 131.210949][ T3249] usb 7-1: config index 0 descriptor too short (expected 156, got 27) [ 131.213747][ T3249] usb 7-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 131.217266][ T3249] usb 7-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 131.221045][ T3249] usb 7-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 131.226051][ T3249] usb 7-1: config 0 interface 0 has no altsetting 0 [ 131.230311][ T3249] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 131.233391][ T3249] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 131.236221][ T3249] usb 7-1: Product: syz [ 131.238119][ T3249] usb 7-1: Manufacturer: syz [ 131.240260][ T3249] usb 7-1: SerialNumber: syz [ 131.246573][ T3249] usb 7-1: config 0 descriptor?? [ 131.250863][ T3249] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 131.256840][ T3249] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 131.293445][T10187] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1867'. [ 131.376815][T10197] sctp: [Deprecated]: syz.4.1862 (pid 10197) Use of int in max_burst socket option. [ 131.376815][T10197] Use struct sctp_assoc_value instead [ 131.460916][ T6013] usb 7-1: USB disconnect, device number 5 [ 131.471106][ T6013] ldusb 7-1:0.0: LD USB Device #0 now disconnected [ 132.013935][T10215] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1871'. [ 132.037011][ T5998] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-110 [ 132.041074][T10152] usb 5-1: dvb_usb_ce6230: I2C read not implemented [ 132.046761][ T5998] zl10353_read_register: readreg error (reg=127, ret==-110) [ 132.049541][ T5998] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 132.078464][ T5998] usb 5-1: USB disconnect, device number 7 [ 132.548712][T10250] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 132.549531][T10251] sp0: Synchronizing with TNC [ 132.741316][T10264] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1898'. [ 133.160062][T10329] netlink: 'syz.4.1927': attribute type 11 has an invalid length. [ 133.163565][T10329] netlink: 199788 bytes leftover after parsing attributes in process `syz.4.1927'. [ 133.454681][T10368] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 133.457063][T10368] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 133.461112][T10368] vhci_hcd vhci_hcd.0: Device attached [ 133.472946][T10370] vhci_hcd: connection closed [ 133.473864][ T1175] vhci_hcd vhci_hcd.3: stop threads [ 133.486789][ T1175] vhci_hcd vhci_hcd.3: release socket [ 133.489035][ T1175] vhci_hcd vhci_hcd.3: disconnect device [ 133.580273][T10382] input: syz1 as /devices/virtual/input/input12 [ 133.662214][T10390] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 134.164045][T10413] netlink: 'syz.3.1967': attribute type 6 has an invalid length. [ 134.168230][T10413] netlink: 'syz.3.1967': attribute type 5 has an invalid length. [ 134.171660][T10413] netlink: 'syz.3.1967': attribute type 4 has an invalid length. [ 134.502768][T10442] vivid-007: disconnect [ 134.505160][T10439] vivid-007: reconnect [ 134.977182][T10494] __nla_validate_parse: 2 callbacks suppressed [ 134.977200][T10494] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2005'. [ 135.029791][T10502] netlink: 67 bytes leftover after parsing attributes in process `syz.3.2009'. [ 135.031843][T10501] netlink: 16410 bytes leftover after parsing attributes in process `syz.2.2008'. [ 135.184224][T10520] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2023'. [ 135.656959][T10569] netlink: 'syz.3.2040': attribute type 16 has an invalid length. [ 135.660864][T10569] netlink: 'syz.3.2040': attribute type 2 has an invalid length. [ 135.664043][T10569] netlink: 64102 bytes leftover after parsing attributes in process `syz.3.2040'. [ 135.665765][T10571] random: crng reseeded on system resumption [ 135.679988][T10571] Restarting kernel threads ... [ 135.683547][T10571] Done restarting kernel threads. [ 136.025020][ T41] kauditd_printk_skb: 17 callbacks suppressed [ 136.025037][ T41] audit: type=1326 audit(2000000065.959:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10607 comm="syz.3.2060" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 136.040420][ T41] audit: type=1326 audit(2000000065.959:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10607 comm="syz.3.2060" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 136.053600][ T41] audit: type=1326 audit(2000000065.969:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10607 comm="syz.3.2060" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 136.082407][ T41] audit: type=1326 audit(2000000065.969:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10607 comm="syz.3.2060" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 136.095163][ T41] audit: type=1326 audit(2000000065.969:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10607 comm="syz.3.2060" exe="/syz-executor" sig=0 arch=40000003 syscall=444 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 136.104700][T10617] program syz.3.2063 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 136.110674][ T41] audit: type=1326 audit(2000000065.969:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10607 comm="syz.3.2060" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 136.120777][ T41] audit: type=1326 audit(2000000065.969:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10607 comm="syz.3.2060" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 136.130022][ T41] audit: type=1326 audit(2000000065.969:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10607 comm="syz.3.2060" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 136.132942][T10619] netlink: 'syz.2.2065': attribute type 1 has an invalid length. [ 136.145224][T10619] netlink: 96 bytes leftover after parsing attributes in process `syz.2.2065'. [ 136.146258][ T41] audit: type=1326 audit(2000000065.969:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10607 comm="syz.3.2060" exe="/syz-executor" sig=0 arch=40000003 syscall=446 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 136.154522][T10619] netlink: 'syz.2.2065': attribute type 1 has an invalid length. [ 136.164106][ T41] audit: type=1326 audit(2000000065.969:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10607 comm="syz.3.2060" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 136.167275][T10619] netlink: 'syz.2.2065': attribute type 8 has an invalid length. [ 136.175841][T10619] netlink: 606 bytes leftover after parsing attributes in process `syz.2.2065'. [ 136.369723][ T5998] kernel write not supported for file /radio1 (pid: 5998 comm: kworker/1:3) [ 136.410937][T10657] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2084'. [ 136.416835][T10657] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2084'. [ 136.478270][T10665] pim6reg99999999: entered allmulticast mode [ 136.618014][T10677] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2099'. [ 136.991741][T10720] netlink: 'syz.3.2114': attribute type 3 has an invalid length. [ 137.150597][T10735] program syz.3.2119 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 137.315401][T10764] mkiss: ax0: crc mode is auto. [ 137.722877][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.725816][ T1413] ieee802154 phy1 wpan1: encryption failed: -22 [ 137.758473][T10807] smc: net device bond0 applied user defined pnetid SYZ2 [ 137.849067][ T6029] kernel read not supported for file /bluetooth/6lowpan_control (pid: 6029 comm: kworker/3:4) [ 138.188775][T10852] netlink: 'syz.2.2173': attribute type 3 has an invalid length. [ 138.434766][ T6013] kernel write not supported for file /radio5 (pid: 6013 comm: kworker/0:3) [ 139.194639][T10890] smc: net device bond0 applied user defined pnetid SYZ2 [ 139.285526][T10903] program syz.0.2194 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 139.400920][ T1175] bond0: (slave bond_slave_0): interface is now down [ 139.405687][ T1175] bond0: (slave bond_slave_1): interface is now down [ 139.412690][ T1175] bond0: now running without any active interface! [ 139.517145][ T1465] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 139.669171][ T1465] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 139.672922][ T1465] usb 8-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 139.678425][ T1465] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 139.683215][ T1465] usb 8-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 139.691038][ T1465] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 139.695950][ T1465] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 139.704240][ T1465] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 139.708308][ T1465] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 139.711736][ T1465] usb 8-1: Product: syz [ 139.713570][ T1465] usb 8-1: Manufacturer: syz [ 139.719693][T10904] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 139.724237][ T1465] cdc_wdm 8-1:1.0: skipping garbage [ 139.727190][ T1465] cdc_wdm 8-1:1.0: skipping garbage [ 139.733722][ T1465] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 139.736606][ T1465] cdc_wdm 8-1:1.0: Unknown control protocol [ 139.935068][ C3] cdc_wdm 8-1:1.0: nonzero urb status received: -71 [ 139.938362][ C3] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes [ 139.943598][ C3] cdc_wdm 8-1:1.0: nonzero urb status received: -71 [ 139.946800][ C3] cdc_wdm 8-1:1.0: wdm_int_callback - 0 bytes [ 139.949187][ C3] cdc_wdm 8-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1 [ 139.954941][ T5998] usb 8-1: USB disconnect, device number 6 [ 140.782690][T10966] __nla_validate_parse: 3 callbacks suppressed [ 140.782709][T10966] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2228'. [ 140.791501][T10966] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2228'. [ 140.899093][T10982] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2234'. [ 140.963585][T10988] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2237'. [ 140.967037][T10988] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2237'. [ 140.970811][T10988] netlink: 'syz.0.2237': attribute type 15 has an invalid length. [ 141.079664][T11002] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2244'. [ 141.455449][T11043] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2263'. [ 141.459823][T11043] bridge_slave_1: entered promiscuous mode [ 141.641178][T11066] CIFS: Unable to determine destination address [ 141.697168][T11076] [U] [ 141.698303][T11076] [U] [ 141.699176][T11076] [U] [ 141.700219][T11076] [U] [ 141.701173][T11076] [U] [ 141.702086][T11076] [U] [ 141.703022][T11076] [U] [ 141.703992][T11076] [U] [ 141.705088][T11076] [U] [ 141.706110][T11076] [U] [ 141.707394][T11076] [U] [ 141.711492][T11075] [U] [ 141.851983][T11096] netlink: 'syz.0.2290': attribute type 11 has an invalid length. [ 141.855147][T11096] netlink: 'syz.0.2290': attribute type 4 has an invalid length. [ 141.866647][T11096] netlink: 199768 bytes leftover after parsing attributes in process `syz.0.2290'. [ 142.099142][T11131] UHID_CREATE from different security context by process 1215 (syz.2.2306), this is not allowed. [ 142.229653][ T5991] kernel write not supported for file /input/mouse0 (pid: 5991 comm: kworker/2:3) [ 142.331989][T11163] sp0: Synchronizing with TNC [ 143.327641][T11198] netlink: 'syz.4.2336': attribute type 11 has an invalid length. [ 143.328992][T11199] [U] [ 143.330780][T11198] netlink: 'syz.4.2336': attribute type 4 has an invalid length. [ 143.331891][T11199] [U] [ 143.334405][T11198] netlink: 199768 bytes leftover after parsing attributes in process `syz.4.2336'. [ 143.335269][T11199] [U] [ 143.339182][T11199] [U] [ 143.340122][T11199] [U] [ 143.341112][T11199] [U] [ 143.342233][T11199] [U] [ 143.343398][T11199] [U] [ 143.346603][T11199] [U] [ 143.347740][T11199] [U] [ 143.348766][T11199] [U] [ 143.363741][T11195] [U] [ 143.490450][T11217] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2346'. [ 143.696863][ T5991] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 143.857451][ T3249] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 143.867219][ T5991] usb 8-1: Using ep0 maxpacket: 32 [ 143.872317][ T5991] usb 8-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f [ 143.877028][ T5991] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 143.881360][ T5991] usb 8-1: Product: syz [ 143.883204][ T5991] usb 8-1: Manufacturer: syz [ 143.885071][ T5991] usb 8-1: SerialNumber: syz [ 143.890088][ T5991] usb 8-1: config 0 descriptor?? [ 143.896141][ T5991] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state. [ 143.899836][ T5991] dvb-usb: bulk message failed: -22 (4/0) [ 143.902470][ T5991] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 143.906414][ T5991] dvb-usb: bulk message failed: -22 (5/0) [ 143.908462][ T5991] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 143.913619][ T5991] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 143.917707][ T5991] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0) [ 143.923599][ T5991] usb 8-1: media controller created [ 143.931888][ T5991] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 143.947313][ T5991] usb 8-1: selecting invalid altsetting 3 [ 143.949162][ T5991] ttusb2: set interface to alts=3 failed [ 143.971440][ T5991] DVB: Unable to find symbol tda10086_attach() [ 143.973455][ T5991] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0' [ 143.977887][ T5991] dvb-usb: bulk message failed: -22 (4/0) [ 143.980444][ T5991] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 143.984294][ T5991] dvb-usb: bulk message failed: -22 (5/0) [ 143.986097][ T5991] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 143.989378][ T5991] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected. [ 144.038950][ T3249] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 144.042951][ T3249] usb 9-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 144.048396][ T3249] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 144.052027][ T3249] usb 9-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 144.057100][ T3249] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 144.062792][ T3249] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 144.070708][ T3249] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 144.074546][ T3249] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 144.078115][ T3249] usb 9-1: Product: syz [ 144.079915][ T3249] usb 9-1: Manufacturer: syz [ 144.084015][T11233] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22 [ 144.088889][ T3249] cdc_wdm 9-1:1.0: skipping garbage [ 144.091214][ T3249] cdc_wdm 9-1:1.0: skipping garbage [ 144.095434][ T3249] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device [ 144.098304][ T3249] cdc_wdm 9-1:1.0: Unknown control protocol [ 144.101675][T11214] dvb-usb: bulk message failed: -22 (7/0) [ 144.104186][T11214] ttusb2: there might have been an error during control message transfer. (rlen = 3, was 0) [ 144.116874][T11214] ttusb2: i2c transfer failed. [ 144.119927][ T1465] usb 8-1: USB disconnect, device number 7 [ 144.138077][ T1465] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected. [ 144.293134][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 144.295486][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 144.298226][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 144.300365][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 144.302608][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 144.304744][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 144.307322][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 144.310108][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 144.312470][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 144.314588][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 144.316693][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 144.318820][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 144.321184][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 144.323234][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 144.325404][ C2] cdc_wdm 9-1:1.0: nonzero urb status received: -71 [ 144.328139][ C2] cdc_wdm 9-1:1.0: wdm_int_callback - 0 bytes [ 144.332403][ T5991] usb 9-1: USB disconnect, device number 4 [ 144.908383][T11288] random: crng reseeded on system resumption [ 145.287624][ T5998] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 145.288393][T11343] : entered promiscuous mode [ 145.438177][ T5998] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 145.441882][ T5998] usb 5-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 145.445238][ T5998] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 145.449871][ T5998] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 145.454067][ T5998] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 145.458999][ T5998] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 145.463895][ T5998] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 145.467445][ T5998] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 145.470518][ T5998] usb 5-1: Product: syz [ 145.472127][ T5998] usb 5-1: Manufacturer: syz [ 145.476397][T11311] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 145.480782][ T5998] cdc_wdm 5-1:1.0: skipping garbage [ 145.482915][ T5998] cdc_wdm 5-1:1.0: skipping garbage [ 145.487009][ T5998] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 145.489387][ T5998] cdc_wdm 5-1:1.0: Unknown control protocol [ 145.690961][ C3] wdm_int_callback: 4 callbacks suppressed [ 145.690988][ C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 145.696712][ C3] wdm_int_callback: 4 callbacks suppressed [ 145.696733][ C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 145.702234][ C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 145.704902][ C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 145.707803][ C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 145.710781][ C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 145.714303][ C3] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 145.716612][ C3] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 145.719104][ C3] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1 [ 145.723715][ T5998] usb 5-1: USB disconnect, device number 8 [ 145.921357][T11388] netlink: 'syz.2.2429': attribute type 83 has an invalid length. [ 146.926033][T11515] : entered promiscuous mode [ 146.962542][T11519] netlink: 'syz.4.2490': attribute type 83 has an invalid length. [ 147.583371][T11571] random: crng reseeded on system resumption [ 147.850164][T11593] overlayfs: conflicting lowerdir path [ 147.898562][ T41] kauditd_printk_skb: 5 callbacks suppressed [ 147.898579][ T41] audit: type=1326 audit(2000000077.829:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11531 comm="syz.3.2499" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7fc00000 [ 148.201570][T11637] overlayfs: conflicting lowerdir path [ 148.321353][T11659] netlink: 260 bytes leftover after parsing attributes in process `syz.2.2560'. [ 148.324952][T11659] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2560'. [ 148.503078][T11683] netlink: 260 bytes leftover after parsing attributes in process `syz.0.2571'. [ 148.506406][T11683] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2571'. [ 148.610401][T11697] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2578'. [ 148.718982][T11714] netlink: 'syz.3.2587': attribute type 1 has an invalid length. [ 148.822379][ T41] audit: type=1326 audit(2000000078.759:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11721 comm="syz.3.2591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 148.831807][ T41] audit: type=1326 audit(2000000078.759:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11721 comm="syz.3.2591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 148.839572][ T41] audit: type=1326 audit(2000000078.759:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11721 comm="syz.3.2591" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 148.847723][ T41] audit: type=1326 audit(2000000078.759:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11721 comm="syz.3.2591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 148.854501][ T41] audit: type=1326 audit(2000000078.759:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11721 comm="syz.3.2591" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 148.908495][ T6029] kernel write not supported for file /uhid (pid: 6029 comm: kworker/3:4) [ 149.131238][T11755] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0 [ 149.197899][T11765] can0: slcan on ttyS3. [ 149.221957][T11767] nbd: must specify a device to reconfigure [ 149.276996][T11764] can0 (unregistered): slcan off ttyS3. [ 149.432027][ T1465] kernel write not supported for file /uinput (pid: 1465 comm: kworker/3:2) [ 149.938288][ T6013] hid-generic 0103:0004:0000.0006: unknown main item tag 0x0 [ 149.940812][ T6013] hid-generic 0103:0004:0000.0006: unknown main item tag 0x0 [ 149.944526][ T6013] hid-generic 0103:0004:0000.0006: unknown main item tag 0x0 [ 149.947442][ T6013] hid-generic 0103:0004:0000.0006: unknown main item tag 0x0 [ 149.950029][ T6013] hid-generic 0103:0004:0000.0006: unknown main item tag 0x0 [ 149.952451][ T6013] hid-generic 0103:0004:0000.0006: unknown main item tag 0x0 [ 149.955195][ T6013] hid-generic 0103:0004:0000.0006: unknown main item tag 0x0 [ 149.958558][ T6013] hid-generic 0103:0004:0000.0006: unknown main item tag 0x0 [ 149.961899][ T6013] hid-generic 0103:0004:0000.0006: unknown main item tag 0x0 [ 149.965087][ T6013] hid-generic 0103:0004:0000.0006: unknown main item tag 0x0 [ 149.971747][ T6013] hid-generic 0103:0004:0000.0006: hidraw1: HID v0.02 Device [syz0] on syz1 [ 150.003362][T11817] fido_id[11817]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 150.023504][ T41] audit: type=1326 audit(2000000079.959:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11761 comm="syz.4.2610" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05f6c code=0x7fc00000 [ 150.023558][ T41] audit: type=1326 audit(2000000079.959:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11761 comm="syz.4.2610" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f05f6c code=0x7fc00000 [ 150.023593][ T41] audit: type=1326 audit(2000000079.959:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11761 comm="syz.4.2610" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05f6c code=0x7fc00000 [ 150.023630][ T41] audit: type=1326 audit(2000000079.959:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11761 comm="syz.4.2610" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05f6c code=0x7fc00000 [ 150.259125][T11847] ebtables: wrong size: *len 168, entries_size 48, replsz 48 [ 150.392391][T11869] trusted_key: encrypted_key: key trusted:syz not found [ 150.502914][T11885] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.582022][T11885] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.659984][ T5998] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 150.665667][T11885] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.743829][T11885] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.773244][T11918] tipc: Enabled bearer , priority 10 [ 150.842313][ T5998] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 150.846579][ T5998] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 150.852918][ T5998] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 150.858278][ T5998] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 150.862047][ T5998] usb 9-1: SerialNumber: syz [ 150.871786][ T130] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.875938][ T130] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.887604][ T130] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.903141][ T1175] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 151.081706][ T5998] usb 9-1: 0:2 : does not exist [ 151.107768][ T5998] usb 9-1: USB disconnect, device number 5 [ 151.138422][ T7549] udevd[7549]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 151.158240][T11960] netlink: 'syz.3.2704': attribute type 2 has an invalid length. [ 151.243547][T11970] netlink: 'syz.2.2709': attribute type 10 has an invalid length. [ 151.253363][T11970] team0: Port device dummy0 added [ 151.255881][T11972] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2710'. [ 151.263333][T11970] netlink: 'syz.2.2709': attribute type 10 has an invalid length. [ 151.267900][T11972] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2710'. [ 151.318358][T11970] team0: Port device dummy0 removed [ 151.324883][T11970] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 151.440357][T11982] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2715'. [ 151.527083][ T1140] bond0: (slave dummy0): interface is now down [ 151.529289][ T1140] bond0: now running without any active interface! [ 151.641590][T11993] netlink: 'syz.4.2720': attribute type 3 has an invalid length. [ 151.644482][T11993] netlink: 'syz.4.2720': attribute type 1 has an invalid length. [ 151.647718][T11993] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2720'. [ 151.925338][T12009] sp0: Synchronizing with TNC [ 152.234964][T12039] dummy0: entered promiscuous mode [ 152.237917][T12038] dummy0: left promiscuous mode [ 152.303521][T12049] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2747'. [ 152.314029][T12049] dummy0: entered promiscuous mode [ 152.317099][T12049] macsec1: entered promiscuous mode [ 152.323047][T12049] macsec1: entered allmulticast mode [ 152.325547][T12049] dummy0: entered allmulticast mode [ 152.331801][T12049] dummy0: left allmulticast mode [ 152.334511][T12049] dummy0: left promiscuous mode [ 152.403881][T12060] IPVS: sync thread started: state = BACKUP, mcast_ifn = bridge_slave_0, syncid = 0, id = 0 [ 152.550712][ T5991] libceph: connect (1)[c::]:6789 error -101 [ 152.553231][ T5991] libceph: mon0 (1)[c::]:6789 connect error [ 152.613448][T12090] netlink: 'syz.4.2766': attribute type 2 has an invalid length. [ 152.809311][ T5991] libceph: connect (1)[c::]:6789 error -101 [ 152.812308][ T5991] libceph: mon0 (1)[c::]:6789 connect error [ 152.881165][T12110] [U]  [ 152.882676][T12110] [U] K{ [ 152.884411][T12110] [U] t 1ŠFfˊ`GJgo/mC [ 152.887636][T12110] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!" (5Ob̓J [ 152.893821][T12110] [U] k\&}66XHX .`a$40|϶9ި U4Vbz}wMTQΦr 4 [ 152.898708][T12110] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_< ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq [ 152.912999][T12110] [U] +wG?]'a: )' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj ;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿B ٜNy"vI2 [ 152.924790][T12110] [U] T_K5tYJ9c$brLNul 9w|G"ʃ%C؝q 3qN^HP*$ .7yӱ2 [ 152.929920][T12110] [U] ? h*37鍾^#Q"0~ (oX Lb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ [ 152.935986][T12110] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<>{q_՝LX8U{Z)7?rR;crhײڣ1>)Măt(aϝ}9ڥJ*Mќġ'Lq DW=|q ÆW;5Ž!dBx`/E`ƦMX"\ [ 152.972963][T12110] [U] {; ٘_o2)o.2W2yx_ HPϱSD:]{ [ 152.976372][T12110] [U] I,> 51^1N4oǶ'0?֒i9w._.WaV`)Zc6GiӹaXL[F*OW)+'\n[K@2Ǭp"^` [ 152.981782][T12110] [U] 22Ʃx?0;3u [ 152.983352][T12110] [U] ޜsObx8W4(~/KUԖoQe+G-ygY_>v3.hә]̈́2)D, D~d+w; A\FPȘ|$)KؐIɿkYT^R癵A=#ܜ aet1ݯ4K.e"RS|s:>p r"z#P!KY"}FN84hޱosߙ̫%Dlwm [ 152.993520][T12110] [U] [['xn' ,mr/1D=!Dx91BwRlfKZ#` l؛˜b~m [ 152.996850][T12110] [U] L>d+d"5h3<iR=F^fnvDOIO:U>Y [ 152.999698][T12110] [U] 'B6v20瞥׌"t8{9FW]쩍 [ 153.001831][T12110] [U] 72uC6τI]8ctۨQSkYI |V'TV/g$[ 9kh`"}[^=0]%̂TF_v4C [ 153.005838][T12110] [U] ec [ 153.007032][T12110] [U] |<:^3$7nK~-@?/mtl۾Iw@g~t{P+$jp| IRipm Y 8tV,l, [ 153.020948][T12109] [U] K)0~ʪiP'fzr @B]5{ʼ'8ƥFUTqUdǩK;70c[yYCذmL8T͚5rxW xoQhVi'8L [ 153.317164][ T5991] libceph: connect (1)[c::]:6789 error -101 [ 153.319434][ T5991] libceph: mon0 (1)[c::]:6789 connect error [ 153.358766][T12078] ceph: No mds server is up or the cluster is laggy [ 153.450723][T12133] __nla_validate_parse: 1 callbacks suppressed [ 153.450740][T12133] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2787'. [ 153.541031][ T41] kauditd_printk_skb: 6 callbacks suppressed [ 153.541051][ T41] audit: type=1326 audit(2000000083.479:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12142 comm="syz.3.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 153.553801][ T41] audit: type=1326 audit(2000000083.479:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12142 comm="syz.3.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 153.563512][ T41] audit: type=1326 audit(2000000083.479:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12142 comm="syz.3.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 153.577084][ T41] audit: type=1326 audit(2000000083.479:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12142 comm="syz.3.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 153.586624][ T41] audit: type=1326 audit(2000000083.479:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12142 comm="syz.3.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 153.596933][ T41] audit: type=1326 audit(2000000083.479:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12142 comm="syz.3.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 153.606220][ T41] audit: type=1326 audit(2000000083.479:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12142 comm="syz.3.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 153.615452][ T41] audit: type=1326 audit(2000000083.479:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12142 comm="syz.3.2792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 153.736824][ T3249] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 153.753542][T12161] netlink: 810 bytes leftover after parsing attributes in process `syz.3.2801'. [ 153.819192][T12165] netem: change failed [ 153.920013][ T3249] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 153.923356][ T3249] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.926794][ T3249] usb 5-1: Product: syz [ 153.928742][ T3249] usb 5-1: Manufacturer: syz [ 153.931140][ T3249] usb 5-1: SerialNumber: syz [ 153.939423][ T3249] usb 5-1: config 0 descriptor?? [ 154.145816][ T10] usb 5-1: USB disconnect, device number 9 [ 154.277202][ T5956] Bluetooth: hci1: command 0x0406 tx timeout [ 154.295689][T12212] netlink: 'syz.2.2826': attribute type 4 has an invalid length. [ 154.299573][T12212] netlink: 17 bytes leftover after parsing attributes in process `syz.2.2826'. [ 154.397114][ T1465] usb 8-1: new full-speed USB device number 8 using dummy_hcd [ 154.538296][T12222] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2831'. [ 154.549162][ T1465] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 154.553506][ T1465] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 154.556473][ T1465] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 154.560314][ T1465] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.566310][ T1465] usb 8-1: config 0 descriptor?? [ 154.571228][ T1465] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 154.573360][ T1465] dvb-usb: bulk message failed: -22 (3/0) [ 154.587946][ T1465] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 154.591479][ T1465] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 154.594393][ T1465] usb 8-1: media controller created [ 154.598101][ T1465] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 154.614622][ T1465] dvb-usb: bulk message failed: -22 (6/0) [ 154.618423][ T1465] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 154.624307][ T1465] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input15 [ 154.634452][ T1465] dvb-usb: schedule remote query interval to 150 msecs. [ 154.638553][ T1465] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 154.777550][ T10] usb 8-1: USB disconnect, device number 8 [ 154.797781][ T10] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 155.053593][ T41] audit: type=1326 audit(2000000084.989:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12258 comm="syz.2.2849" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 155.066667][ T41] audit: type=1326 audit(2000000084.989:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12258 comm="syz.2.2849" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf700ef6c code=0x7ffc0000 [ 155.227588][ T10] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 155.402765][ T10] usb 5-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb [ 155.406849][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201 [ 155.410412][ T10] usb 5-1: Product: syz [ 155.412233][ T10] usb 5-1: Manufacturer: syz [ 155.414132][ T10] usb 5-1: SerialNumber: syz [ 155.418171][ T10] usb 5-1: config 0 descriptor?? [ 155.426486][ T10] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state. [ 155.430276][ T10] dvb-usb: bulk message failed: -22 (2/0) [ 155.434545][ T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 155.439015][ T10] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB) [ 155.442220][ T10] usb 5-1: media controller created [ 155.451942][ T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 155.565058][ T1175] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.629611][T12254] cxusb: i2c wr: len=80 is too big! [ 155.629611][T12254] [ 155.634017][ T10] cxusb: set interface failed [ 155.635724][ T10] dvb-usb: bulk message failed: -22 (1/0) [ 155.655374][ T10] DVB: Unable to find symbol mt352_attach() [ 155.659853][ T10] dvb-usb: bulk message failed: -22 (5/0) [ 155.661822][ T10] zl10353_read_register: readreg error (reg=127, ret==-121) [ 155.664800][ T10] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB' [ 155.673598][ T1175] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.706880][ T10] rc_core: IR keymap rc-dvico-mce not found [ 155.708915][ T10] Registered IR keymap rc-empty [ 155.711090][ T10] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0 [ 155.715028][ T10] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0/input16 [ 155.722086][ T10] dvb-usb: schedule remote query interval to 100 msecs. [ 155.724532][ T10] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected. [ 155.732877][ T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 155.736842][ T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 155.741011][ T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 155.744418][ T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 155.745389][ T10] usb 5-1: USB disconnect, device number 10 [ 155.749263][ T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 155.776490][ T1175] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.801758][ T10] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected. [ 155.886326][ T1175] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.045601][T12276] chnl_net:caif_netlink_parms(): no params data found [ 156.051948][ T1175] bridge_slave_1: left allmulticast mode [ 156.054260][ T1175] bridge_slave_1: left promiscuous mode [ 156.057388][ T1175] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.062866][ T1175] bridge_slave_0: left allmulticast mode [ 156.064755][ T1175] bridge_slave_0: left promiscuous mode [ 156.074178][ T1175] bridge0: port 1(bridge_slave_0) entered disabled state [ 156.241667][T12310] sock: sock_timestamping_bind_phc: sock not bind to device [ 156.255532][ T1175] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 156.262974][ T1175] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 156.271166][ T1175] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 156.275761][ T1175] bond0 (unregistering): Released all slaves [ 156.331168][T12315] overlayfs: conflicting options: nfs_export=on,index=off [ 156.356223][T12276] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.359693][T12276] bridge0: port 1(bridge_slave_0) entered disabled state [ 156.362224][T12276] bridge_slave_0: entered allmulticast mode [ 156.364963][T12276] bridge_slave_0: entered promiscuous mode [ 156.368890][T12276] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.372204][T12276] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.375149][T12276] bridge_slave_1: entered allmulticast mode [ 156.378511][T12276] bridge_slave_1: entered promiscuous mode [ 156.410781][T12276] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 156.422926][T12276] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 156.454277][T12276] team0: Port device team_slave_0 added [ 156.458619][T12276] team0: Port device team_slave_1 added [ 156.473996][T12276] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 156.476175][T12276] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 156.485567][T12276] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 156.491438][T12276] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 156.493516][T12276] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 156.501998][T12276] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 156.556243][T12276] hsr_slave_0: entered promiscuous mode [ 156.559479][T12276] hsr_slave_1: entered promiscuous mode [ 156.562717][T12276] debugfs: 'hsr0' already exists in 'hsr' [ 156.565115][T12276] Cannot create hsr debugfs directory [ 156.713927][T12354] netlink: 'syz.0.2888': attribute type 10 has an invalid length. [ 156.725662][T12354] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.728848][T12354] bridge0: port 1(bridge_slave_0) entered disabled state [ 156.736202][T12354] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.739424][T12354] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.742808][T12354] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.745372][T12354] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.750997][T12354] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 156.818750][ T1175] hsr_slave_0: left promiscuous mode [ 156.839119][ T1175] hsr_slave_1: left promiscuous mode [ 156.841258][ T1175] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 156.843644][ T1175] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 156.846603][ T1175] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 156.850776][ T1175] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 156.862020][ T1175] veth1_macvtap: left promiscuous mode [ 156.865001][ T1175] veth0_macvtap: left promiscuous mode [ 156.867239][ T1175] veth1_vlan: left promiscuous mode [ 156.869459][ T1175] veth0_vlan: left promiscuous mode [ 156.912968][T12377] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2897'. [ 156.915828][T12377] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2897'. [ 156.926417][T12377] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2897'. [ 156.951206][ T1175] pim6reg99999999 (unregistering): left allmulticast mode [ 157.051961][ T1175] team0 (unregistering): Port device team_slave_1 removed [ 157.061445][ T1175] team0 (unregistering): Port device team_slave_0 removed [ 157.255711][T12276] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 157.260625][T12276] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 157.264967][T12276] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 157.271763][T12276] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 157.358612][ T6013] hid_parser_main: 2 callbacks suppressed [ 157.358625][ T6013] hid-generic 000F:FFFFFFFA:0009.0007: unknown main item tag 0x5 [ 157.370138][T12276] 8021q: adding VLAN 0 to HW filter on device bond0 [ 157.382458][ T6013] hid-generic 000F:FFFFFFFA:0009.0007: hidraw1: HID v0.02 Device [syz0] on syz1 [ 157.387928][T12276] 8021q: adding VLAN 0 to HW filter on device team0 [ 157.394525][ T1140] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.397197][ T1140] bridge0: port 1(bridge_slave_0) entered forwarding state [ 157.398416][T12410] netlink: 'syz.4.2907': attribute type 1 has an invalid length. [ 157.405105][T12410] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2907'. [ 157.408336][T12410] netlink: 1 bytes leftover after parsing attributes in process `syz.4.2907'. [ 157.411227][T12410] netlink: 'syz.4.2907': attribute type 1 has an invalid length. [ 157.413789][T12410] netlink: 634 bytes leftover after parsing attributes in process `syz.4.2907'. [ 157.431488][ T1140] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.435010][ T1140] bridge0: port 2(bridge_slave_1) entered forwarding state [ 157.453931][T12411] fido_id[12411]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 157.515224][ T1175] IPVS: stop unused estimator thread 0... [ 157.692454][T12276] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 157.809463][ T5956] Bluetooth: hci0: command tx timeout [ 157.946085][T12276] veth0_vlan: entered promiscuous mode [ 157.963206][T12276] veth1_vlan: entered promiscuous mode [ 157.985432][T12276] veth0_macvtap: entered promiscuous mode [ 157.991212][T12276] veth1_macvtap: entered promiscuous mode [ 158.000820][T12276] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 158.007386][T12276] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 158.014635][ T188] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.019846][ T188] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.025064][ T188] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.029946][ T188] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.102799][ T130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.105314][ T130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.118002][ T188] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 158.122283][ T188] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 158.199043][T12489] nbd: must specify a size in bytes for the device [ 158.236936][ T6013] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 158.256307][T12498] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 158.267200][T12502] netlink: 'syz.0.2940': attribute type 1 has an invalid length. [ 158.309215][T12506] mkiss: ax0: crc mode is auto. [ 158.427369][ T6013] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 158.432188][ T6013] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 158.436833][ T6013] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 158.440879][ T6013] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.450199][T12473] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 158.455932][ T6013] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 158.581679][T12526] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 158.607609][ T10] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 158.642432][ T41] kauditd_printk_skb: 6 callbacks suppressed [ 158.642451][ T41] audit: type=1326 audit(2000000088.579:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12527 comm="syz.5.2954" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf701ef6c code=0x0 [ 158.674373][ T6029] usb 9-1: USB disconnect, device number 6 [ 158.780210][ T10] usb 8-1: config index 0 descriptor too short (expected 23569, got 27) [ 158.784491][ T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 158.790513][ T10] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 158.794325][ T10] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 158.799003][ T10] usb 8-1: Manufacturer: syz [ 158.804346][ T10] usb 8-1: config 0 descriptor?? [ 158.876875][ T10] rc_core: IR keymap rc-hauppauge not found [ 158.881143][ T10] Registered IR keymap rc-empty [ 158.884799][ T10] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0 [ 158.891689][ T10] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input17 [ 159.012349][ T5998] usb 8-1: USB disconnect, device number 9 [ 159.611841][T12557] netlink: 'syz.0.2963': attribute type 1 has an invalid length. [ 159.814014][T12587] tipc: Started in network mode [ 159.816165][T12587] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 159.822382][T12587] tipc: Enabling of bearer rejected, failed to enable media [ 159.889185][ T5956] Bluetooth: hci0: command tx timeout [ 159.935791][T12606] netlink: 52 bytes leftover after parsing attributes in process `syz.5.2987'. [ 160.031187][T12618] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2995'. [ 160.035415][T12618] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2995'. [ 160.044358][T12618] geneve2: entered promiscuous mode [ 160.046171][T12618] geneve2: entered allmulticast mode [ 160.088103][T12624] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2998'. [ 160.217930][T12636] Bluetooth: MGMT ver 1.23 [ 160.758606][ T188] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 161.161379][T12739] ptrace attach of "/syz-executor exec"[12742] was attempted by "/syz-executor exec"[12739] [ 161.310869][T12758] bridge_slave_1: vlans aren't supported yet for dev_uc|mc_add() [ 161.349309][ T41] audit: type=1326 audit(2000000091.289:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12760 comm="syz.3.3062" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 161.355789][ T41] audit: type=1326 audit(2000000091.289:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12760 comm="syz.3.3062" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 161.364167][ T41] audit: type=1326 audit(2000000091.289:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12760 comm="syz.3.3062" exe="/syz-executor" sig=0 arch=40000003 syscall=278 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 161.372421][ T41] audit: type=1326 audit(2000000091.289:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12760 comm="syz.3.3062" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 161.379700][ T41] audit: type=1326 audit(2000000091.289:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12760 comm="syz.3.3062" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 161.678022][ T10] usb 8-1: new full-speed USB device number 10 using dummy_hcd [ 161.838770][ T10] usb 8-1: config 0 has an invalid interface number: 8 but max is 0 [ 161.838928][T12791] tipc: Enabling of bearer rejected, failed to enable media [ 161.841618][ T10] usb 8-1: config 0 has no interface number 0 [ 161.847873][ T10] usb 8-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F [ 161.851537][ T10] usb 8-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 161.855743][ T10] usb 8-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 161.862125][ T10] usb 8-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 161.865176][ T10] usb 8-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 161.868574][ T10] usb 8-1: Product: syz [ 161.869969][ T10] usb 8-1: SerialNumber: syz [ 161.878181][ T10] usb 8-1: config 0 descriptor?? [ 161.882473][ T10] cm109 8-1:0.8: invalid payload size 0, expected 4 [ 161.886515][ T10] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.8/input/input20 [ 161.930372][T12801] netlink: 220 bytes leftover after parsing attributes in process `syz.4.3080'. [ 161.934645][T12801] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3080'. [ 161.968313][ T5956] Bluetooth: hci0: command tx timeout [ 162.086874][ C0] cm109 8-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 162.090430][ C0] cm109 8-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 162.093233][ C0] cm109 8-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 162.096560][ C0] cm109 8-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 162.099060][ C0] cm109 8-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 162.101340][ T10] usb 8-1: USB disconnect, device number 10 [ 162.103209][ C0] cm109 8-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 162.103221][ C0] cm109 8-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 162.114714][ T10] cm109 8-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 162.270295][ T6013] kernel read not supported for file /media0 (pid: 6013 comm: kworker/0:3) [ 162.484171][ T5956] Bluetooth: hci1: Malformed LE Event: 0x0d [ 162.581020][ T41] audit: type=1800 audit(2000000092.519:102): pid=12870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.0.3114" name="/newroot/766/bus/#3883//deleted" dev="tmpfs" ino=3883 res=0 errno=0 [ 162.728584][T12885] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3120'. [ 163.623834][T12932] netlink: 292 bytes leftover after parsing attributes in process `syz.4.3143'. [ 163.628158][ T6029] IPVS: starting estimator thread 0... [ 163.727989][T12934] IPVS: using max 43 ests per chain, 103200 per kthread [ 163.782253][T12952] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 163.891808][ T1465] kernel write not supported for file /dsp1 (pid: 1465 comm: kworker/3:2) [ 164.037072][ T5956] Bluetooth: hci0: command tx timeout [ 164.578925][T13049] netlink: 'syz.4.3195': attribute type 1 has an invalid length. [ 164.836228][T13077] netlink: 'syz.5.3209': attribute type 1 has an invalid length. [ 165.031701][ T1465] kernel write not supported for file /uhid (pid: 1465 comm: kworker/3:2) [ 165.179315][ T41] audit: type=1326 audit(2000000095.119:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13118 comm="syz.5.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 165.195402][ T41] audit: type=1326 audit(2000000095.119:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13118 comm="syz.5.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 165.205918][ T41] audit: type=1326 audit(2000000095.119:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13118 comm="syz.5.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 165.216312][ T41] audit: type=1326 audit(2000000095.119:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13118 comm="syz.5.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 165.227832][ T41] audit: type=1326 audit(2000000095.119:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13118 comm="syz.5.3228" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000 [ 165.381247][T13139] can0: slcan on ttyS3. [ 165.459169][T13138] can0 (unregistered): slcan off ttyS3. [ 165.552494][ T41] audit: type=1326 audit(2000000095.489:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13152 comm="syz.4.3242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05f6c code=0x7ffc0000 [ 165.565056][ T41] audit: type=1326 audit(2000000095.489:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13152 comm="syz.4.3242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05f6c code=0x7ffc0000 [ 165.579533][ T41] audit: type=1326 audit(2000000095.499:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13152 comm="syz.4.3242" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf7f05f6c code=0x7ffc0000 [ 165.588337][ T41] audit: type=1326 audit(2000000095.499:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13152 comm="syz.4.3242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05f6c code=0x7ffc0000 [ 165.770246][T13175] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0 [ 165.790348][T13177] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3249'. [ 165.987626][T13197] nbd: must specify a device to reconfigure [ 166.129028][ T6029] kernel write not supported for file /uinput (pid: 6029 comm: kworker/3:4) [ 166.204415][ T5998] hid-generic 0103:0004:0000.0008: unknown main item tag 0x0 [ 166.207840][ T5998] hid-generic 0103:0004:0000.0008: unknown main item tag 0x0 [ 166.211183][ T5998] hid-generic 0103:0004:0000.0008: unknown main item tag 0x0 [ 166.214504][ T5998] hid-generic 0103:0004:0000.0008: unknown main item tag 0x0 [ 166.217561][ T5998] hid-generic 0103:0004:0000.0008: unknown main item tag 0x0 [ 166.219829][ T5998] hid-generic 0103:0004:0000.0008: unknown main item tag 0x0 [ 166.222128][ T5998] hid-generic 0103:0004:0000.0008: unknown main item tag 0x0 [ 166.224944][ T5998] hid-generic 0103:0004:0000.0008: unknown main item tag 0x0 [ 166.229460][ T5998] hid-generic 0103:0004:0000.0008: unknown main item tag 0x0 [ 166.232802][ T5998] hid-generic 0103:0004:0000.0008: unknown main item tag 0x0 [ 166.247038][ T5998] hid-generic 0103:0004:0000.0008: hidraw1: HID v0.02 Device [syz0] on syz1 [ 166.273901][T13227] fido_id[13227]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 166.495276][T13249] ebtables: wrong size: *len 168, entries_size 48, replsz 48 [ 166.529177][ T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 166.853128][T13277] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3299'. [ 166.901535][ T6013] kernel write not supported for file /uhid (pid: 6013 comm: kworker/0:3) [ 167.144517][T13308] trusted_key: encrypted_key: key trusted:syz not found [ 167.365721][T13333] netlink: 'syz.5.3325': attribute type 10 has an invalid length. [ 167.379403][T13333] team0: Port device dummy0 added [ 167.395423][T13333] netlink: 'syz.5.3325': attribute type 10 has an invalid length. [ 167.403829][T13333] team0: Port device dummy0 removed [ 167.407874][T13333] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 167.500666][T13346] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3332'. [ 167.505288][T13346] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3332'. [ 167.700363][T13370] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3344'. [ 167.754953][T13376] netlink: 'syz.3.3347': attribute type 3 has an invalid length. [ 167.759761][T13376] netlink: 'syz.3.3347': attribute type 1 has an invalid length. [ 167.762738][T13376] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3347'. [ 167.814127][T13386] tipc: Enabled bearer , priority 10 [ 167.865588][T13392] netlink: 'syz.5.3355': attribute type 2 has an invalid length. [ 168.341893][T13441] syz.3.3376 (13441): drop_caches: 2 [ 168.627566][T13478] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3389'. [ 168.774561][T13498] netlink: 216 bytes leftover after parsing attributes in process `syz.3.3403'. [ 168.778006][T13498] netlink: 'syz.3.3403': attribute type 2 has an invalid length. [ 168.779560][T13500] [U]  [ 168.781633][T13500] [U] K{ [ 168.782678][T13500] [U] t 1ŠFfˊ`GJgo/mC [ 168.784915][T13500] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!" (5Ob̓J [ 168.794253][T13500] [U] k\&}66XHX .`a$40|϶9ި U4Vbz}wMTQΦr 4 [ 168.799264][T13500] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_< ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq [ 168.812239][T13500] [U] +wG?]'a: )' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj ;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿B ٜNy"vI2 [ 168.820036][T13500] [U] T_K5tYJ9c$brLNul 9w|G"ʃ%C؝q 3qN^HP*$ .7yӱ2 [ 168.823766][T13500] [U] ? h*37鍾^#Q"0~ (oX Lb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ [ 168.828536][T13500] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<>{q_՝LX8U{Z)7?rR;crhײڣ1>)Măt(aϝ}9ڥJ*Mќġ'Lq DW=|q ÆW;5Ž!dBx`/E`ƦMX"\ [ 168.859476][T13500] [U] {; ٘_o2)o.2W2yx_ HPϱSD:]{ [ 168.862821][T13500] [U] I,> 51^1N4oǶ'0?֒i9w._.WaV`)Zc6GiӹaXL[F*OW)+'\n[K@2Ǭp"^` [ 168.868269][T13500] [U] 22Ʃx?0;3u [ 168.870278][T13500] [U] ޜsObx8W4(~/KUԖoQe+G-ygY_>v3.hә]̈́2)D, D~d+w; A\FPȘ|$)KؐIɿkYT^R癵A=#ܜ aet1ݯ4K.e"RS|s:>p r"z#P!KY"}FN84hޱosߙ̫%Dlwm [ 168.878942][T13500] [U] [['xn' ,mr/1D=!Dx91BwRlfKZ#` l؛˜b~m [ 168.881978][T13500] [U] L>d+d"5h3<iR=F^fnvDOIO:U>Y [ 168.884805][T13500] [U] 'B6v20瞥׌"t8{9FW]쩍 [ 168.887172][T13500] [U] 72uC6τI]8ctۨQSkYI |V'TV/g$[ 9kh`"}[^=0]%̂TF_v4C [ 168.891636][T13500] [U] ec [ 168.892893][T13500] [U] |<:^3$7nK~-@?/mtl۾Iw@g~t{P+$jp| IRipm Y 8tV,l, [ 168.907934][T13499] [U] K)0~ʪiP'fzr @B]5{ʼ'8ƥFUTqUdǩK;70c[yYCذmL8T͚5rxW xoQhVi'8L [ 168.926931][ T828] tipc: Node number set to 1 [ 168.937714][T13515] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 786440, id = 0 [ 168.938218][T13514] IPVS: stopping backup sync thread 13515 ... [ 169.044648][T13529] sp0: Synchronizing with TNC [ 169.180222][T13539] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.271377][T13539] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.355180][T13558] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3428'. [ 169.389036][T13539] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.398933][T13560] dummy0: entered promiscuous mode [ 169.401811][T13559] dummy0: left promiscuous mode [ 169.454495][T13539] netdevsim netdevsim3 netdevsim0 (unregistering): left allmulticast mode [ 169.460909][T13539] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.589464][ T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.593338][ T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.614892][ T12] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.622603][ T12] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.684285][T13587] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3440'. [ 169.853935][T13611] IPVS: sync thread started: state = BACKUP, mcast_ifn = bridge_slave_0, syncid = 0, id = 0 [ 170.027345][T13634] sp0: Synchronizing with TNC [ 170.030688][T13634] sp0: Found TNC [ 170.192644][T13654] netlink: 'syz.0.3472': attribute type 7 has an invalid length. [ 170.195511][T13654] netlink: 'syz.0.3472': attribute type 8 has an invalid length. [ 170.319338][T13669] netlink: 'syz.3.3480': attribute type 4 has an invalid length. [ 170.678323][ T6013] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 170.849147][ T6013] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 170.854070][ T6013] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 170.866786][ T6013] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 170.870394][ T6013] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 170.874590][ T6013] usb 5-1: SerialNumber: syz [ 171.070047][ T5991] libceph: connect (1)[c::]:6789 error -101 [ 171.072405][ T5991] libceph: mon0 (1)[c::]:6789 connect error [ 171.110153][ T6013] usb 5-1: 0:2 : does not exist [ 171.138225][T13744] sock: sock_timestamping_bind_phc: sock not bind to device [ 171.142607][ T6013] usb 5-1: USB disconnect, device number 11 [ 171.183346][ T7549] udevd[7549]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 171.317098][ T5956] Bluetooth: hci1: command 0x0406 tx timeout [ 171.347467][ T24] libceph: connect (1)[c::]:6789 error -101 [ 171.350301][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 171.426968][ T5991] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 171.528939][ T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 171.534809][ T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 171.538432][ T63] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 171.542658][ T63] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 171.554747][ T63] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 171.579881][ T5991] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 171.583016][ T5991] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 171.586470][ T5991] usb 8-1: Product: syz [ 171.590945][ T5991] usb 8-1: Manufacturer: syz [ 171.592625][ T5991] usb 8-1: SerialNumber: syz [ 171.596546][ T5991] usb 8-1: config 0 descriptor?? [ 171.719108][T13748] chnl_net:caif_netlink_parms(): no params data found [ 171.779570][T13748] bridge0: port 1(bridge_slave_0) entered blocking state [ 171.782848][T13748] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.785518][T13748] bridge_slave_0: entered allmulticast mode [ 171.788479][T13748] bridge_slave_0: entered promiscuous mode [ 171.791733][T13748] bridge0: port 2(bridge_slave_1) entered blocking state [ 171.794195][T13748] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.796633][T13748] bridge_slave_1: entered allmulticast mode [ 171.799823][T13748] bridge_slave_1: entered promiscuous mode [ 171.815219][ T3249] usb 8-1: USB disconnect, device number 11 [ 171.818631][T13748] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 171.824243][T13748] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 171.857399][ T5991] libceph: connect (1)[c::]:6789 error -101 [ 171.859701][ T5991] libceph: mon0 (1)[c::]:6789 connect error [ 171.864496][T13748] team0: Port device team_slave_0 added [ 171.869734][T13748] team0: Port device team_slave_1 added [ 171.923806][T13740] ceph: No mds server is up or the cluster is laggy [ 172.039682][ T130] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.052156][T13748] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 172.066891][T13748] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.075193][T13748] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 172.082660][T13748] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 172.086239][T13748] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 172.097667][T13748] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 172.136607][T13748] hsr_slave_0: entered promiscuous mode [ 172.140560][T13748] hsr_slave_1: entered promiscuous mode [ 172.143501][T13748] debugfs: 'hsr0' already exists in 'hsr' [ 172.146330][T13748] Cannot create hsr debugfs directory [ 172.163203][ T130] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.235979][ T130] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.278600][ T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 172.316831][ T130] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.357793][T13748] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 172.369452][T13782] overlayfs: conflicting options: nfs_export=on,index=off [ 172.369819][T13748] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 172.385827][T13748] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 172.394787][T13748] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 172.429571][T13748] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.431921][T13748] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.434903][T13748] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.438049][T13748] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.448869][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.453549][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.487101][ T1465] usb 5-1: new full-speed USB device number 12 using dummy_hcd [ 172.555081][ T130] bridge_slave_1: left allmulticast mode [ 172.560354][ T130] bridge_slave_1: left promiscuous mode [ 172.563189][ T130] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.570073][ T130] bridge_slave_0: left allmulticast mode [ 172.572113][ T130] bridge_slave_0: left promiscuous mode [ 172.575234][ T130] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.638763][ T1465] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 172.642924][ T1465] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 172.646592][ T1465] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 172.651376][ T1465] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.658171][ T1465] usb 5-1: config 0 descriptor?? [ 172.664176][ T1465] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 172.667530][ T1465] dvb-usb: bulk message failed: -22 (3/0) [ 172.673146][ T1465] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 172.678769][ T1465] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 172.681070][ T1465] usb 5-1: media controller created [ 172.683505][ T1465] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 172.692996][ T1465] dvb-usb: bulk message failed: -22 (6/0) [ 172.695937][ T1465] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 172.702084][ T1465] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb5/5-1/input/input23 [ 172.710461][ T1465] dvb-usb: schedule remote query interval to 150 msecs. [ 172.714429][ T1465] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 172.856143][ T130] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 172.869415][ T1465] dvb-usb: bulk message failed: -22 (1/0) [ 172.872958][ T1465] dvb-usb: error while querying for an remote control event. [ 172.878435][ T130] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 172.878886][ T54] usb 5-1: USB disconnect, device number 12 [ 172.888227][ T130] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 172.895097][ T130] bond0 (unregistering): Released all slaves [ 172.903437][ T54] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 172.915339][T13748] 8021q: adding VLAN 0 to HW filter on device bond0 [ 172.930475][T13748] 8021q: adding VLAN 0 to HW filter on device team0 [ 172.940178][ T1175] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.943486][ T1175] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.953317][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.956788][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.994350][ T130] tipc: Disabling bearer [ 173.024087][ T130] tipc: Left network mode [ 173.035844][ T130] IPVS: stopping backup sync thread 13611 ... [ 173.216498][T13748] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 173.238827][ T130] hsr_slave_0: left promiscuous mode [ 173.241199][ T130] hsr_slave_1: left promiscuous mode [ 173.243455][ T130] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 173.246119][ T130] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 173.249508][ T130] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 173.252189][ T130] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 173.258188][ T130] veth1_macvtap: left promiscuous mode [ 173.260414][ T130] veth0_macvtap: left promiscuous mode [ 173.262395][ T130] veth1_vlan: left promiscuous mode [ 173.264230][ T130] veth0_vlan: left promiscuous mode [ 173.410816][ T130] team0 (unregistering): Port device team_slave_1 removed [ 173.428018][ T130] team0 (unregistering): Port device team_slave_0 removed [ 173.636957][ T5956] Bluetooth: hci0: command tx timeout [ 173.682142][T13748] veth0_vlan: entered promiscuous mode [ 173.702205][T13748] veth1_vlan: entered promiscuous mode [ 173.716664][T13748] veth0_macvtap: entered promiscuous mode [ 173.741248][T13748] veth1_macvtap: entered promiscuous mode [ 173.747101][ T6029] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 173.764759][T13748] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 173.780515][T13748] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 173.781059][T13849] nbd: must specify a size in bytes for the device [ 173.794716][ T61] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.802385][ T61] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.805682][ T61] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.828216][ T61] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.910886][T13855] __nla_validate_parse: 3 callbacks suppressed [ 173.910900][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 173.910902][T13855] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3547'. [ 173.910918][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 173.931889][ T6029] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 173.936076][ T6029] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 173.944065][ T6029] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 173.952709][ T6029] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 173.955488][ T6029] usb 5-1: Manufacturer: syz [ 173.958638][ T130] IPVS: stop unused estimator thread 0... [ 173.962678][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 173.965451][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 173.969819][ T6029] usb 5-1: config 0 descriptor?? [ 174.037383][ T6029] rc_core: IR keymap rc-hauppauge not found [ 174.039479][ T6029] Registered IR keymap rc-empty [ 174.044110][ T6029] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 174.051742][ T6029] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input24 [ 174.191705][ T6029] usb 5-1: USB disconnect, device number 13 [ 174.433045][T13885] netlink: 'syz.6.3555': attribute type 10 has an invalid length. [ 174.436075][T13885] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.439347][T13885] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.446987][T13885] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.449415][T13885] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.451942][T13885] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.454741][T13885] bridge0: port 1(bridge_slave_0) entered forwarding state [ 174.459619][T13885] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 174.671727][T13896] netlink: 'syz.6.3561': attribute type 10 has an invalid length. [ 174.680785][T13896] team0: Port device dummy0 added [ 174.690261][T13896] netlink: 'syz.6.3561': attribute type 10 has an invalid length. [ 174.706908][T13896] team0: Port device dummy0 removed [ 174.718959][T13896] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 174.878900][ T41] audit: type=1326 audit(2000000104.819:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.0.3567" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 174.890384][ T41] audit: type=1326 audit(2000000104.819:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.0.3567" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 174.901174][ T41] audit: type=1326 audit(2000000104.819:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.0.3567" exe="/syz-executor" sig=0 arch=40000003 syscall=278 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 174.911698][ T41] audit: type=1326 audit(2000000104.819:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.0.3567" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 174.922640][ T41] audit: type=1326 audit(2000000104.819:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13907 comm="syz.0.3567" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f83f6c code=0x7ffc0000 [ 174.971893][T13910] ptrace attach of "/syz-executor exec"[13911] was attempted by "/syz-executor exec"[13910] [ 175.236972][ T5991] usb 11-1: new high-speed USB device number 2 using dummy_hcd [ 175.247164][ T828] usb 9-1: new high-speed USB device number 7 using dummy_hcd [ 175.388513][ T5991] usb 11-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 175.393062][ T5991] usb 11-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 175.398308][ T5991] usb 11-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 175.402595][ T5991] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.413843][ T828] usb 9-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb [ 175.418402][ T828] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201 [ 175.422005][ T828] usb 9-1: Product: syz [ 175.425706][T13915] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 175.436174][ T828] usb 9-1: Manufacturer: syz [ 175.441233][ T5991] usb 11-1: Quirk or no altset; falling back to MIDI 1.0 [ 175.446979][ T828] usb 9-1: SerialNumber: syz [ 175.453969][ T828] usb 9-1: config 0 descriptor?? [ 175.463693][ T828] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state. [ 175.467551][ T828] dvb-usb: bulk message failed: -22 (2/0) [ 175.475326][ T828] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 175.485711][ T828] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB) [ 175.489946][ T828] usb 9-1: media controller created [ 175.518671][ T828] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 175.519831][ T41] audit: type=1800 audit(2000000105.459:117): pid=13922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.3.3573" name="/newroot/914/bus/#4634//deleted" dev="tmpfs" ino=4634 res=0 errno=0 [ 175.655957][ T54] usb 11-1: USB disconnect, device number 2 [ 175.682824][T13918] cxusb: i2c wr: len=80 is too big! [ 175.682824][T13918] [ 175.692702][ T828] cxusb: set interface failed [ 175.695001][ T828] dvb-usb: bulk message failed: -22 (1/0) [ 175.716959][ T5956] Bluetooth: hci0: command tx timeout [ 175.723248][ T828] DVB: Unable to find symbol mt352_attach() [ 175.725833][ T828] dvb-usb: bulk message failed: -22 (5/0) [ 175.738935][ T828] zl10353_read_register: readreg error (reg=127, ret==-121) [ 175.741500][ T828] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB' [ 175.803192][ T3249] hid_parser_main: 2 callbacks suppressed [ 175.803212][ T3249] hid-generic 0103:0004:0000.0009: unknown main item tag 0x0 [ 175.806849][ T828] rc_core: IR keymap rc-dvico-mce not found [ 175.810729][ T3249] hid-generic 0103:0004:0000.0009: unknown main item tag 0x0 [ 175.811644][ T828] Registered IR keymap rc-empty [ 175.814607][ T3249] hid-generic 0103:0004:0000.0009: unknown main item tag 0x0 [ 175.814629][ T3249] hid-generic 0103:0004:0000.0009: unknown main item tag 0x0 [ 175.814644][ T3249] hid-generic 0103:0004:0000.0009: unknown main item tag 0x0 [ 175.814659][ T3249] hid-generic 0103:0004:0000.0009: unknown main item tag 0x0 [ 175.814674][ T3249] hid-generic 0103:0004:0000.0009: unknown main item tag 0x0 [ 175.818928][ T828] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0 [ 175.819486][ T3249] hid-generic 0103:0004:0000.0009: unknown main item tag 0x0 [ 175.830459][ T828] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0/input26 [ 175.831311][ T3249] hid-generic 0103:0004:0000.0009: unknown main item tag 0x0 [ 175.838274][ T828] dvb-usb: schedule remote query interval to 100 msecs. [ 175.840503][ T3249] hid-generic 0103:0004:0000.0009: unknown main item tag 0x0 [ 175.843440][ T828] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected. [ 175.851064][T13944] netlink: 'syz.0.3580': attribute type 10 has an invalid length. [ 175.854565][ T3249] hid-generic 0103:0004:0000.0009: hidraw1: HID v0.02 Device [syz0] on syz1 [ 175.857642][ T828] usb 9-1: USB disconnect, device number 7 [ 175.867157][T13944] team0: Port device dummy0 added [ 175.885189][T13944] netlink: 'syz.0.3580': attribute type 10 has an invalid length. [ 175.897316][T13944] team0: Port device dummy0 removed [ 175.904050][T13945] fido_id[13945]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 175.906165][T13944] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 175.935769][ T828] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected. [ 176.076339][T13957] sp0: Synchronizing with TNC [ 176.087868][T13957] sp0: Found TNC [ 176.292353][T13973] netlink: 'syz.4.3593': attribute type 10 has an invalid length. [ 176.305170][T13973] team0: Port device dummy0 added [ 176.319046][T13973] netlink: 'syz.4.3593': attribute type 10 has an invalid length. [ 176.331705][T13973] team0: Port device dummy0 removed [ 176.335982][T13973] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 176.388447][T13978] netlink: 'syz.4.3596': attribute type 7 has an invalid length. [ 176.391502][T13978] netlink: 'syz.4.3596': attribute type 8 has an invalid length. [ 176.483763][T13984] sp0: Synchronizing with TNC [ 176.493891][T13984] sp0: Found TNC [ 176.593367][T13997] Bluetooth: MGMT ver 1.23 [ 176.618061][ T130] bond0: (slave dummy0): interface is now down [ 176.621514][ T130] bond0: now running without any active interface! [ 176.638567][T14001] netlink: 'syz.3.3609': attribute type 10 has an invalid length. [ 176.648854][T14001] team0: Port device dummy0 added [ 176.659320][T14001] netlink: 'syz.3.3609': attribute type 10 has an invalid length. [ 176.666620][T14001] team0: Port device dummy0 removed [ 176.670925][T14001] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 176.885088][T14029] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3622'. [ 176.945673][T14033] netlink: 'syz.6.3625': attribute type 10 has an invalid length. [ 176.954792][T14033] bond0: (slave dummy0): Releasing backup interface [ 176.964969][T14033] team0: Port device dummy0 added [ 176.976566][T14033] netlink: 'syz.6.3625': attribute type 10 has an invalid length. [ 176.992271][T14033] team0: Port device dummy0 removed [ 176.997706][T14033] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 177.148798][ T34] libceph: connect (1)[c::]:6789 error -101 [ 177.151437][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 177.231762][T14062] bond0: (slave dummy0): Releasing backup interface [ 177.237964][T14062] team0: Port device dummy0 added [ 177.248948][T14064] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3638'. [ 177.253168][T14062] team0: Port device dummy0 removed [ 177.262390][T14062] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 177.352020][T14070] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 177.407410][ T34] libceph: connect (1)[c::]:6789 error -101 [ 177.411098][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 177.477196][ T1140] bond0: (slave dummy0): interface is now down [ 177.480467][ T1140] bond0: now running without any active interface! [ 177.593493][T14088] bond0: (slave dummy0): Releasing backup interface [ 177.600217][T14088] team0: Port device dummy0 added [ 177.619176][T14088] team0: Port device dummy0 removed [ 177.623203][T14088] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 177.797154][ T5956] Bluetooth: hci0: command tx timeout [ 177.897102][ T12] bond0: (slave dummy0): interface is now down [ 177.899973][ T12] bond0: now running without any active interface! [ 177.919406][ T34] libceph: connect (1)[c::]:6789 error -101 [ 177.921398][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 177.970225][T14052] ceph: No mds server is up or the cluster is laggy [ 178.038076][ T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 178.403791][T14159] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3684'. [ 178.458387][T14167] netlink: 292 bytes leftover after parsing attributes in process `syz.0.3687'. [ 178.947032][ T828] usb 9-1: new full-speed USB device number 8 using dummy_hcd [ 179.128626][ T828] usb 9-1: config 0 has an invalid interface number: 8 but max is 0 [ 179.131957][ T828] usb 9-1: config 0 has no interface number 0 [ 179.134201][ T828] usb 9-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F [ 179.138911][ T828] usb 9-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 179.142880][ T828] usb 9-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 179.147530][ T828] usb 9-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 179.150865][ T828] usb 9-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 179.153701][ T828] usb 9-1: Product: syz [ 179.154984][ T828] usb 9-1: SerialNumber: syz [ 179.157991][ T828] usb 9-1: config 0 descriptor?? [ 179.162980][ T828] cm109 9-1:0.8: invalid payload size 0, expected 4 [ 179.166408][ T828] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.8/input/input29 [ 179.387058][ C2] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 179.391009][ C2] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 179.394515][ T54] usb 9-1: USB disconnect, device number 8 [ 179.394627][ C2] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 179.399954][ C2] cm109 9-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 179.429827][ T54] cm109 9-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 179.490921][ T6029] kernel read not supported for file /media0 (pid: 6029 comm: kworker/3:4) [ 179.550504][T14205] netlink: 220 bytes leftover after parsing attributes in process `syz.3.3706'. [ 179.554814][T14205] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3706'. [ 179.725924][T14220] tipc: Started in network mode [ 179.729079][T14220] tipc: Node identity aaaaaaaaaa3, cluster identity 4711 [ 179.734114][T14220] tipc: Enabled bearer , priority 10 [ 179.859806][T14234] bridge: RTM_NEWNEIGH with unconfigured vlan 2 on bridge_slave_1 [ 179.876958][ T5956] Bluetooth: hci0: command tx timeout [ 180.289539][T14283] [U]  [ 180.290696][T14283] [U] K{ [ 180.291804][T14283] [U] t 1ŠFfˊ`GJgo/mC [ 180.293957][T14283] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!" (5Ob̓J [ 180.299569][T14283] [U] k\&}66XHX .`a$40|϶9ި U4Vbz}wMTQΦr 4 [ 180.304943][T14283] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_< ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq [ 180.320118][T14283] [U] +wG?]'a: )' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj ;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿B ٜNy"vI2 [ 180.327851][T14283] [U] T_K5tYJ9c$brLNul 9w|G"ʃ%C؝q 3qN^HP*$ .7yӱ2 [ 180.332794][T14283] [U] ? h*37鍾^#Q"0~ (oX Lb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ [ 180.337570][T14283] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<>{q_՝LX8U{Z)7?rR;crhײڣ1>)Măt(aϝ}9ڥJ*Mќġ'Lq DW=|q ÆW;5Ž!dBx`/E`ƦMX"\ [ 180.378469][T14283] [U] {; ٘_o2)o.2W2yx_ HPϱSD:]{ [ 180.383000][T14283] [U] I,> 51^1N4oǶ'0?֒i9w._.WaV`)Zc6GiӹaXL[F*OW)+'\n[K@2Ǭp"^` [ 180.389076][T14283] [U] 22Ʃx?0;3u [ 180.390891][T14283] [U] ޜsObx8W4(~/KUԖoQe+G-ygY_>v3.hә]̈́2)D, D~d+w; A\FPȘ|$)KؐIɿkYT^R癵A=#ܜ aet1ݯ4K.e"RS|s:>p r"z#P!KY"}FN84hޱosߙ̫%Dlwm [ 180.402299][T14283] [U] [['xn' ,mr/1D=!Dx91BwRlfKZ#` l؛˜b~m [ 180.405999][T14283] [U] L>d+d"5h3<iR=F^fnvDOIO:U>Y [ 180.408925][T14283] [U] 'B6v20瞥׌"t8{9FW]쩍 [ 180.411031][T14283] [U] 72uC6τI]8ctۨQSkYI |V'TV/g$[ 9kh`"}[^=0]%̂TF_v4C [ 180.416447][T14283] [U] ec [ 180.418296][T14283] [U] |<:^3$7nK~-@?/mtl۾Iw@g~t{P+$jp| IRipm Y 8tV,l, [ 180.433459][T14282] [U] K)0~ʪiP'fzr @B]5{ʼ'8ƥFUTqUdǩK;70c[yYCذmL8T͚5rxW xoQhVi'8L [ 180.438766][T14295] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3756'. [ 180.599589][ T1140] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 180.628765][T14315] netem: change failed [ 180.725554][T14319] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.787844][T14328] sp0: Synchronizing with TNC [ 180.851049][T14319] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.868434][ T828] tipc: Node number set to 10136234 [ 180.924664][ T10] libceph: connect (1)[c::]:6789 error -101 [ 180.927009][ T10] libceph: mon0 (1)[c::]:6789 connect error [ 180.974655][T14319] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 180.978726][T14340] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3768'. [ 181.056078][T14319] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.145120][ T188] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.165474][ T12] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.179651][ T188] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.186538][ T188] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 181.187339][ T10] libceph: connect (1)[c::]:6789 error -101 [ 181.191848][ T10] libceph: mon0 (1)[c::]:6789 connect error [ 181.697405][ T10] libceph: connect (1)[c::]:6789 error -101 [ 181.700364][ T10] libceph: mon0 (1)[c::]:6789 connect error [ 181.756021][T14334] ceph: No mds server is up or the cluster is laggy [ 182.089878][T14401] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3800'. [ 182.146781][T14407] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3808'. [ 183.001004][T14452] IPVS: stopping backup sync thread 12060 ... [ 183.430314][T14471] syz.4.3839 (14471): drop_caches: 2 [ 183.564163][T14484] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 786440, id = 0 [ 183.574630][T14483] IPVS: stopping backup sync thread 14484 ... [ 183.705262][T14497] syz.6.3844 (14497): drop_caches: 2 [ 183.790751][T14503] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 183.798517][ T130] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 183.931917][T14511] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3858'. [ 184.098851][T14519] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3854'. [ 184.382958][T14545] program syz.6.3865 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 184.501328][T14556] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3872'. [ 185.580692][ T24] kernel read not supported for file /media0 (pid: 24 comm: kworker/2:0) [ 185.717645][ T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 186.007318][T14664] netlink: 96 bytes leftover after parsing attributes in process `syz.6.3915'. [ 186.152425][T14668] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3920'. [ 186.379722][T14687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3926'. [ 186.425010][T14687] veth3: entered promiscuous mode [ 186.848236][T14730] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3945'. [ 186.863318][T14734] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3946'. [ 186.935509][T14742] xt_l2tp: invalid flags combination: 8 [ 187.803942][T14802] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3981'. [ 189.196262][T14852] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4006'. [ 189.199206][ T41] audit: type=1326 audit(2000000119.139:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14849 comm="syz.0.4005" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f83f6c code=0x0 [ 189.557537][ T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 190.459291][ T41] audit: type=1326 audit(2000000120.399:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14876 comm="syz.6.4016" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8f6c code=0x7fc00000 [ 191.487222][ T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 194.677614][ T13] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 196.119216][ T63] Bluetooth: hci3: command 0x0406 tx timeout [ 197.237541][ T61] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 199.159121][ T24] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 199.168794][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.171489][ T1413] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.447318][ T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 200.468927][ T63] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 200.474063][ T63] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 200.478808][ T63] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 200.482752][ T63] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 200.486395][ T63] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 200.512649][T14899] validate_nla: 6 callbacks suppressed [ 200.512663][T14899] netlink: 'syz.3.4024': attribute type 3 has an invalid length. [ 200.556277][T14904] tipc: Started in network mode [ 200.558186][T14904] tipc: Node identity aaaaaaaaaa33, cluster identity 4711 [ 200.568409][T14904] tipc: Enabled bearer , priority 0 [ 200.597091][T14908] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 200.600335][T14908] overlayfs: missing 'lowerdir' [ 200.617900][T14906] netlink: 457 bytes leftover after parsing attributes in process `syz.0.4028'. [ 200.666490][T14917] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4033'. [ 200.720999][T14923] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4035'. [ 200.739517][T14896] chnl_net:caif_netlink_parms(): no params data found [ 200.865008][ T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 200.934392][T14896] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.938424][T14896] bridge0: port 1(bridge_slave_0) entered disabled state [ 200.940930][T14896] bridge_slave_0: entered allmulticast mode [ 200.943638][T14896] bridge_slave_0: entered promiscuous mode [ 200.948090][T14896] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.950437][T14896] bridge0: port 2(bridge_slave_1) entered disabled state [ 200.952849][T14896] bridge_slave_1: entered allmulticast mode [ 200.956153][T14896] bridge_slave_1: entered promiscuous mode [ 200.974016][T14896] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 201.711936][ T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.724514][T14896] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 201.761263][ T1465] tipc: Node number set to 10070698 [ 201.810855][ T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.826629][T14896] team0: Port device team_slave_0 added [ 201.831084][T14896] team0: Port device team_slave_1 added [ 201.846468][T14896] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 201.851513][T14896] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 201.861134][T14896] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 201.867246][T14896] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 201.869604][T14896] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 201.877875][T14896] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 201.943010][ T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 201.955281][T14896] hsr_slave_0: entered promiscuous mode [ 201.958905][T14896] hsr_slave_1: entered promiscuous mode [ 201.961173][T14896] debugfs: 'hsr0' already exists in 'hsr' [ 201.963399][T14896] Cannot create hsr debugfs directory [ 202.122227][ T13] bridge_slave_1: left allmulticast mode [ 202.136585][ T13] bridge_slave_1: left promiscuous mode [ 202.139622][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.145676][ T13] bridge_slave_0: left allmulticast mode [ 202.149016][ T13] bridge_slave_0: left promiscuous mode [ 202.152747][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.360650][ T13] smc: removing net device bond0 with user defined pnetid SYZ2 [ 202.364581][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 202.370843][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 202.375392][ T13] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 202.379706][ T13] bond0 (unregistering): Released all slaves [ 202.407072][T14896] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 202.418694][T14896] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 202.423490][T14896] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 202.428314][T14896] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 202.514908][T14896] 8021q: adding VLAN 0 to HW filter on device bond0 [ 202.516900][ T63] Bluetooth: hci2: command tx timeout [ 202.524551][T14896] 8021q: adding VLAN 0 to HW filter on device team0 [ 202.558734][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.562091][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 202.569250][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.572342][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 202.839062][ T13] hsr_slave_0: left promiscuous mode [ 202.843032][ T13] hsr_slave_1: left promiscuous mode [ 202.846256][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 202.850255][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 202.917744][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 202.920606][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 202.928471][ T13] veth1_macvtap: left promiscuous mode [ 202.930625][ T13] veth0_macvtap: left promiscuous mode [ 202.933035][ T13] veth1_vlan: left promiscuous mode [ 202.935417][ T13] veth0_vlan: left promiscuous mode [ 203.751665][ T13] pim6reg99999999 (unregistering): left allmulticast mode [ 203.924709][ T13] team0 (unregistering): Port device team_slave_1 removed [ 203.937566][ T13] team0 (unregistering): Port device team_slave_0 removed [ 204.048221][T14896] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 204.242069][T14896] veth0_vlan: entered promiscuous mode [ 204.256236][T14896] veth1_vlan: entered promiscuous mode [ 204.290064][T14896] veth0_macvtap: entered promiscuous mode [ 204.303316][T14896] veth1_macvtap: entered promiscuous mode [ 204.314643][T14896] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 204.323616][T14896] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 204.335438][ T1175] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.347585][ T1175] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.379371][ T1175] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.384200][ T1175] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 204.469741][ T130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 204.472225][ T130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 204.523388][T15060] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4078'. [ 204.524800][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 204.526560][ T13] IPVS: stop unused estimator thread 0... [ 204.530362][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 204.607206][ T63] Bluetooth: hci2: command tx timeout [ 204.763172][ T41] audit: type=1326 audit(2000000134.699:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15084 comm="syz.3.4088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 204.777794][ T41] audit: type=1326 audit(2000000134.699:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15084 comm="syz.3.4088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 204.786537][ T41] audit: type=1326 audit(2000000134.699:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15084 comm="syz.3.4088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 204.796177][ T41] audit: type=1326 audit(2000000134.699:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15084 comm="syz.3.4088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 204.806019][ T41] audit: type=1326 audit(2000000134.709:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15084 comm="syz.3.4088" exe="/syz-executor" sig=0 arch=40000003 syscall=270 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 204.813533][ T41] audit: type=1326 audit(2000000134.709:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15084 comm="syz.3.4088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 204.822693][ T41] audit: type=1326 audit(2000000134.709:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15084 comm="syz.3.4088" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 204.830798][ T41] audit: type=1326 audit(2000000134.709:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15084 comm="syz.3.4088" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 204.838895][ T41] audit: type=1326 audit(2000000134.709:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15084 comm="syz.3.4088" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 205.339524][T15144] binder: 15143:15144 ioctl c0306201 80000680 returned -14 [ 205.389534][T15150] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 205.452085][ T41] audit: type=1326 audit(2000000135.389:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15156 comm="syz.6.4121" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb8f6c code=0x7ffc0000 [ 205.671764][T15193] ptrace attach of "/syz-executor exec"[5954] was attempted by ""[15193] [ 205.817535][T15215] tmpfs: Cannot change global quota limit on remount [ 206.105967][ T54] kernel write not supported for file /sg0 (pid: 54 comm: kworker/1:1) [ 206.197793][ T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 206.467193][ T54] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 206.628354][ T54] usb 8-1: too many configurations: 9, using maximum allowed: 8 [ 206.637674][ T54] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.641336][ T54] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.645246][ T54] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.650002][ T54] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.653822][ T54] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.658717][ T54] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.667356][ T54] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.671532][ T54] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.675932][ T54] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.676913][ T63] Bluetooth: hci2: command tx timeout [ 206.680985][ T54] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.686183][ T54] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.690702][ T54] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.694515][ T54] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.698957][ T54] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.703662][ T54] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.707584][ T54] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.713125][ T54] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.721564][ T54] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.727567][ T54] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.731722][ T54] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.736018][ T54] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.739982][ T54] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.744179][ T54] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.749445][ T54] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.755010][ T54] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 206.759666][ T54] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 206.763586][ T54] usb 8-1: Product: syz [ 206.765648][ T54] usb 8-1: Manufacturer: syz [ 206.767833][ T54] usb 8-1: SerialNumber: syz [ 206.772170][ T54] usb 8-1: config 0 descriptor?? [ 206.787663][ T54] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0 [ 206.998808][ T10] usb 8-1: USB disconnect, device number 12 [ 207.005945][ T10] yurex 8-1:0.0: USB YUREX #0 now disconnected [ 207.081177][T15289] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4178'. [ 208.226049][T15385] netlink: 39 bytes leftover after parsing attributes in process `syz.3.4225'. [ 208.234478][T15385] netlink: 1 bytes leftover after parsing attributes in process `syz.3.4225'. [ 208.275048][T15392] tipc: Disabling bearer [ 208.460601][T15403] netlink: 'syz.3.4232': attribute type 3 has an invalid length. [ 208.514787][T15409] bond0: option ad_user_port_key: mode dependency failed, not supported in mode balance-rr(0) [ 208.766905][ T63] Bluetooth: hci2: command tx timeout [ 208.989832][T15460] netlink: 40 bytes leftover after parsing attributes in process `syz.0.4260'. [ 209.334480][T15511] binder: 15509:15511 ioctl 4018620d 0 returned -22 [ 209.339911][T15511] binder: 15509:15511 ioctl c0306201 80000180 returned -11 [ 209.416515][T15517] loop2: detected capacity change from 0 to 7 [ 209.426552][ C3] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 209.430918][ C3] Buffer I/O error on dev loop2, logical block 0, async page read [ 209.448388][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 209.452131][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 209.457232][ C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 209.461177][ C0] Buffer I/O error on dev loop2, logical block 0, async page read [ 209.466587][ C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 209.470277][ C0] Buffer I/O error on dev loop2, logical block 0, async page read [ 209.474913][ C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 209.478436][ C0] Buffer I/O error on dev loop2, logical block 0, async page read [ 209.485188][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 209.489522][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 209.493514][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 209.497778][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 209.500942][T14903] ldm_validate_partition_table(): Disk read failed. [ 209.504403][ C2] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 209.508765][ C2] Buffer I/O error on dev loop2, logical block 0, async page read [ 209.513069][ C2] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 209.517425][ C2] Buffer I/O error on dev loop2, logical block 0, async page read [ 209.524211][ C2] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 209.528307][ C2] Buffer I/O error on dev loop2, logical block 0, async page read [ 209.532636][T14903] Dev loop2: unable to read RDB block 0 [ 209.544571][T14903] loop2: unable to read partition table [ 209.552348][T14903] loop2: partition table beyond EOD, truncated [ 209.570188][T15517] ldm_validate_partition_table(): Disk read failed. [ 209.573801][T15517] Dev loop2: unable to read RDB block 0 [ 209.576499][T15517] loop2: unable to read partition table [ 209.584903][T15530] ipvlan3: entered promiscuous mode [ 209.592801][T15517] loop2: partition table beyond EOD, truncated [ 209.595515][T15517] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 209.626477][T15533] binder: 15531:15533 ioctl 541b 0 returned -22 [ 209.795558][T15552] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4301'. [ 209.808225][T15555] syz.7.4295 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 210.048717][T15582] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4313'. [ 210.119744][T15591] binder: 15590:15591 ioctl 541b 0 returned -22 [ 210.216462][ T34] IPVS: starting estimator thread 0... [ 210.256246][T15606] [U] [ 210.318052][T15603] IPVS: using max 44 ests per chain, 105600 per kthread [ 210.494776][T15628] loop2: detected capacity change from 0 to 7 [ 210.507999][T15628] ldm_validate_partition_table(): Disk read failed. [ 210.512412][T15628] Dev loop2: unable to read RDB block 0 [ 210.515298][T15628] loop2: unable to read partition table [ 210.524286][T15628] loop2: partition table beyond EOD, truncated [ 210.527526][T15628] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 210.578133][T15635] PKCS7: Unknown OID: [5] (bad) [ 210.579970][T15635] PKCS7: Only support pkcs7_signedData type [ 211.073736][T15678] netlink: 'syz.6.4356': attribute type 3 has an invalid length. [ 211.288578][T15702] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4368'. [ 211.615796][T15720] netlink: 80 bytes leftover after parsing attributes in process `syz.6.4376'. [ 211.620263][T15720] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4376'. [ 211.942364][T15746] ================================================================== [ 211.945381][T15746] BUG: KASAN: global-out-of-bounds in dvb_device_open+0x398/0x3b0 [ 211.948262][T15746] Read of size 8 at addr ffffffff8cff1d80 by task syz.3.4389/15746 [ 211.952712][T15746] [ 211.954359][T15746] CPU: 3 UID: 0 PID: 15746 Comm: syz.3.4389 Tainted: G L syzkaller #0 PREEMPT(full) [ 211.954381][T15746] Tainted: [L]=SOFTLOCKUP [ 211.954386][T15746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 211.954394][T15746] Call Trace: [ 211.954400][T15746] [ 211.954406][T15746] dump_stack_lvl+0x100/0x190 [ 211.954427][T15746] print_report+0x156/0x4c9 [ 211.954446][T15746] ? __virt_addr_valid+0x81/0x620 [ 211.954464][T15746] ? __phys_addr+0xe8/0x180 [ 211.954482][T15746] ? dvb_device_open+0x398/0x3b0 [ 211.954494][T15746] kasan_report+0xdf/0x1e0 [ 211.954507][T15746] ? dvb_device_open+0x398/0x3b0 [ 211.954520][T15746] dvb_device_open+0x398/0x3b0 [ 211.954534][T15746] ? __pfx_dvb_device_open+0x10/0x10 [ 211.954547][T15746] chrdev_open+0x234/0x6a0 [ 211.954560][T15746] ? __pfx_apparmor_file_open+0x10/0x10 [ 211.954573][T15746] ? __pfx_chrdev_open+0x10/0x10 [ 211.954587][T15746] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 211.954602][T15746] do_dentry_open+0x6d8/0x1660 [ 211.954614][T15746] ? __pfx_chrdev_open+0x10/0x10 [ 211.954628][T15746] vfs_open+0x82/0x3f0 [ 211.954644][T15746] path_openat+0x208c/0x31a0 [ 211.954658][T15746] ? asm_int80_emulation+0x1a/0x20 [ 211.954672][T15746] ? __pfx_path_openat+0x10/0x10 [ 211.954690][T15746] do_file_open+0x20e/0x430 [ 211.954703][T15746] ? __pfx_do_file_open+0x10/0x10 [ 211.954720][T15746] ? _raw_spin_unlock+0x28/0x50 [ 211.954738][T15746] ? alloc_fd+0x476/0x790 [ 211.954752][T15746] do_sys_openat2+0x10d/0x1e0 [ 211.954767][T15746] ? __pfx_do_sys_openat2+0x10/0x10 [ 211.954784][T15746] ? kcov_ioctl+0x16a/0x720 [ 211.954795][T15746] ? rcu_is_watching+0x12/0xc0 [ 211.954813][T15746] ? kcov_ioctl+0x16a/0x720 [ 211.954826][T15746] __ia32_compat_sys_openat+0x12d/0x210 [ 211.954846][T15746] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 211.954863][T15746] ? kcov_ioctl+0x16a/0x720 [ 211.954876][T15746] do_int80_emulation+0x141/0x6b0 [ 211.954890][T15746] asm_int80_emulation+0x1a/0x20 [ 211.954901][T15746] RIP: 0023:0xf7115cab [ 211.954912][T15746] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 211.954924][T15746] RSP: 002b:00000000f53cd03c EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 211.954936][T15746] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f53cd100 [ 211.954943][T15746] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 211.954950][T15746] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 211.954957][T15746] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 211.954963][T15746] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 211.954974][T15746] [ 211.954978][T15746] [ 211.988236][ T188] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 211.988837][T15746] The buggy address belongs to the variable: [ 212.067927][T15746] sctp_events+0xf40/0xf80 [ 212.069377][T15746] [ 212.070207][T15746] The buggy address belongs to the physical page: [ 212.072329][T15746] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xcff1 [ 212.075396][T15746] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 212.077984][T15746] raw: 00fff00000002000 ffffea000033fc48 ffffea000033fc48 0000000000000000 [ 212.081071][T15746] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 212.084200][T15746] page dumped because: kasan: bad access detected [ 212.086581][T15746] page_owner info is not present (never set?) [ 212.088681][T15746] [ 212.089498][T15746] Memory state around the buggy address: [ 212.091324][T15746] ffffffff8cff1c80: 05 f9 f9 f9 f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 [ 212.093816][T15746] ffffffff8cff1d00: 05 f9 f9 f9 f9 f9 f9 f9 00 00 00 07 f9 f9 f9 f9 [ 212.096412][T15746] >ffffffff8cff1d80: 04 f9 f9 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9 [ 212.099357][T15746] ^ [ 212.100859][T15746] ffffffff8cff1e00: 00 00 00 00 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 212.104419][T15746] ffffffff8cff1e80: 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 212.107348][T15746] ================================================================== [ 212.112211][T15746] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 212.114566][T15746] CPU: 1 UID: 0 PID: 15746 Comm: syz.3.4389 Tainted: G L syzkaller #0 PREEMPT(full) [ 212.117810][T15746] Tainted: [L]=SOFTLOCKUP [ 212.119214][T15746] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 212.122576][T15746] Call Trace: [ 212.123705][T15746] [ 212.124933][T15746] dump_stack_lvl+0x100/0x190 [ 212.126767][T15746] vpanic+0x552/0x970 [ 212.128093][T15746] ? __pfx_vpanic+0x10/0x10 [ 212.129441][T15746] ? dvb_device_open+0x398/0x3b0 [ 212.130936][T15746] panic+0xd1/0xe0 [ 212.132045][T15746] ? __pfx_panic+0x10/0x10 [ 212.133357][T15746] ? dvb_device_open+0x398/0x3b0 [ 212.134795][T15746] ? preempt_schedule_common+0x42/0xc0 [ 212.136362][T15746] check_panic_on_warn.cold+0x19/0x34 [ 212.137966][T15746] end_report.part.0+0x3a/0x90 [ 212.140264][T15746] kasan_report.cold+0xe/0x18 [ 212.141890][T15746] ? dvb_device_open+0x398/0x3b0 [ 212.143669][T15746] dvb_device_open+0x398/0x3b0 [ 212.145605][T15746] ? __pfx_dvb_device_open+0x10/0x10 [ 212.147766][T15746] chrdev_open+0x234/0x6a0 [ 212.150262][T15746] ? __pfx_apparmor_file_open+0x10/0x10 [ 212.152830][T15746] ? __pfx_chrdev_open+0x10/0x10 [ 212.154994][T15746] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 212.157771][T15746] do_dentry_open+0x6d8/0x1660 [ 212.159857][T15746] ? __pfx_chrdev_open+0x10/0x10 [ 212.162006][T15746] vfs_open+0x82/0x3f0 [ 212.163813][T15746] path_openat+0x208c/0x31a0 [ 212.166050][T15746] ? asm_int80_emulation+0x1a/0x20 [ 212.168543][T15746] ? __pfx_path_openat+0x10/0x10 [ 212.171068][T15746] do_file_open+0x20e/0x430 [ 212.172920][T15746] ? __pfx_do_file_open+0x10/0x10 [ 212.174862][T15746] ? _raw_spin_unlock+0x28/0x50 [ 212.176704][T15746] ? alloc_fd+0x476/0x790 [ 212.178324][T15746] do_sys_openat2+0x10d/0x1e0 [ 212.180115][T15746] ? __pfx_do_sys_openat2+0x10/0x10 [ 212.182090][T15746] ? kcov_ioctl+0x16a/0x720 [ 212.184001][T15746] ? rcu_is_watching+0x12/0xc0 [ 212.186178][T15746] ? kcov_ioctl+0x16a/0x720 [ 212.188166][T15746] __ia32_compat_sys_openat+0x12d/0x210 [ 212.190471][T15746] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 212.192995][T15746] ? kcov_ioctl+0x16a/0x720 [ 212.194725][T15746] do_int80_emulation+0x141/0x6b0 [ 212.196619][T15746] asm_int80_emulation+0x1a/0x20 [ 212.198549][T15746] RIP: 0023:0xf7115cab [ 212.200250][T15746] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 212.208370][T15746] RSP: 002b:00000000f53cd03c EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 212.211510][T15746] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f53cd100 [ 212.214404][T15746] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 212.217371][T15746] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 212.220332][T15746] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 212.223607][T15746] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 212.227324][T15746] [ 212.229339][T15746] Kernel Offset: disabled [ 212.230787][T15746] Rebooting in 86400 seconds.. VM DIAGNOSIS: 09:07:03 Registers: info registers vcpu 0 CPU#0 RAX=0000000000183e41 RBX=ffffffff8e4975c0 RCX=ffffffff8b8e4c75 RDX=0000000000000000 RSI=ffffffff8de826d5 RDI=ffffffff8c1b19a0 RBP=0000000000000000 RSP=ffffffff8e407e00 R8 =0000000000000001 R9 =ffffed100564679d R10=ffff88802b233ceb R11=0000000000000000 R12=0000000000000000 R13=fffffbfff1c92eb8 R14=0000000000000000 R15=ffffffff90d9f310 RIP=ffffffff8b8e35df RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097143000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f74432f0 CR3=000000004a1d6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000128493 RBX=ffff88801c73a4c0 RCX=ffffffff8b8e4c75 RDX=0000000000000000 RSI=ffffffff8de826d5 RDI=ffffffff8c1b19a0 RBP=0000000000000000 RSP=ffffc9000046fdf0 R8 =0000000000000001 R9 =ffffed100566679d R10=ffff88802b333ceb R11=0000000000000000 R12=0000000000000001 R13=ffffed10038e7498 R14=0000000000000001 R15=ffffffff90d9f310 RIP=ffffffff8b8e35df RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097243000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f73d6288 CR3=000000002b0ed000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000004 Opmask01=0000000000000000 Opmask02=00000000effffdff Opmask03=0000000000000000 Opmask04=00000000ffffffdf Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055e7b6b9d450 000055e7b6b9d450 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055e7b6b75360 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055e7b6b714a0 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fefce3f1b20 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffff0000 ffffff00000000ff ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000ff00 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737373 73732694c5c53a63 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737372a2 73732694c5ca0f13 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6961660064657373 65636f727020756c 6c2520716573006e 6f69746974726170 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 30302c443230302c 433230302c423230 302c393230003237 3d5145534b534944 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0d0d11440f0d0d11 430f0d0d11420f0d 0d11040f0d000f0a 005145534b534944 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1b647af116dcca24 000055e2e8cc26ed 00000000000001b1 000000000000302e ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7766736c6d61722c 4142312c4339312c 3739312c3539312c 3339312c3239312c ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3139312c3039312c 4638312c4538312c 4238312c3938312c 3838312c3538312c ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3438312c3138312c 3937312c3737312c 3437312c4436312c 4336312c3636312c ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3336312c3136312c 3036312c30462c46 442c30442c46432c 38412c37412c4639 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000046 RBX=0000000000000002 RCX=0000000000000001 RDX=0000000000000000 RSI=ffffffff8de5c59f RDI=ffffffff8c1b19a0 RBP=ffffffff8e7e7760 RSP=ffffc90003fe6f78 R8 =0000000001544c20 R9 =0000000000000007 R10=0000000000000001 R11=0000000000000000 R12=0000000000000002 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8b8e540c RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f6742d41300 ffffffff 00c00000 GS =0000 ffff888097343000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000560883924f40 CR3=000000002a730000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000035 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85781095 RDI=ffffffff9b495680 RBP=ffffffff9b495640 RSP=ffffc90002d872e8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3866666666666666 R12=0000000000000000 R13=0000000000000035 R14=0000000000000010 R15=ffffffff85781030 RIP=ffffffff857810bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097443000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f53ccff4 CR3=000000005a5d1000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffff000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000