last executing test programs: 9.487609376s ago: executing program 1 (id=4501): sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020800000100000000000001000000000100140003"], 0x18}}, 0x0) io_setup(0x8, &(0x7f0000000600)=0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)) r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002) io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24}]) 9.323880225s ago: executing program 1 (id=4504): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00'}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)="d8000000190081054e81f782db4cb9040a1d080006007c02e8fe55a10a0015000900142603600e1208000f4f1b000401a8001600200005400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0) 9.171836561s ago: executing program 1 (id=4508): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="180000000800000000"], &(0x7f0000000440)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000540)=ANY=[@ANYBLOB="2c0000002d000100000000000000000008000000", @ANYBLOB="0b000080976b640868c2f8"], 0x2c}], 0x1}, 0x0) 9.171423496s ago: executing program 1 (id=4509): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x198, [], 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="000000000000000000000000004ff8d978fa7ef9850000000000e5ffffffffffffff000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000040000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000000000000000000000799e3b3c00000001000000000000000000ffffffff01000000110000000000000000000300736630b08d4a395bd1d6febe0dc24d5fe679000011000000000008000064756d6d793000000000000000000000010000000000000000000000000000006c6f00000000200000000000f8ffffffffffff000000000000000070000000a8000000d8000000646e6174000000000000200000000000000000000002000000000000000000586a2fb10000000000aaaaaaaaaaaa000001"]}, 0x1b1) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.numa_stat\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f00000001c0), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x800001, 0x28011, r1, 0x0) r2 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r2, 0x0, 0x81, &(0x7f00000004c0)={'nat\x00', 0x0, 0x0, 0x0, [], 0x1, 0x0, 0x0, [{}]}, 0x88) 8.976177301s ago: executing program 1 (id=4514): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x9, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x2, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x4}, 0x38) 8.912713406s ago: executing program 1 (id=4516): pipe2$9p(&(0x7f0000000240), 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r1) sendmsg$NL80211_CMD_SET_POWER_SAVE(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0}}, 0x8000) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESOCT=r1]) 1.486172053s ago: executing program 0 (id=4632): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.kill\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000080), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r1 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r1, 0x10d, 0x10, &(0x7f00000002c0)="031670d5", 0x4) 1.412814361s ago: executing program 0 (id=4633): socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6(0xa, 0x2, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000002c0)=ANY=[@ANYRES8=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETKMSGREDIRECT(r2, 0x541c, &(0x7f0000000000)) 1.33351005s ago: executing program 0 (id=4634): bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b703000000001b008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00'}, 0x80) r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) r5 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r2, r4}, 0x10) bpf$ITER_CREATE(0x1d, &(0x7f0000000040)={r5, 0x7}, 0x8) 1.314088989s ago: executing program 0 (id=4635): ftruncate(0xffffffffffffffff, 0x0) syz_usb_connect$cdc_ecm(0x2, 0x56, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000020000102505a1a4400000000101090244000101000000090400001602020000052406000005240000000d240f0100000000000000000009058103"], 0x0) 1.177462897s ago: executing program 3 (id=4638): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(0xffffffffffffffff, 0xc1004110, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) map_shadow_stack(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) 1.163067433s ago: executing program 3 (id=4640): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x25, &(0x7f0000000040)) fcntl$lock(r0, 0x5, &(0x7f0000000100)) 1.106233515s ago: executing program 2 (id=4641): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000e40), r0) sendmsg$NFC_CMD_DEP_LINK_UP(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_COMM_MODE={0x5, 0xa, 0x2}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}}, 0x0) 1.105760439s ago: executing program 3 (id=4642): socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6(0xa, 0x2, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000002c0)=ANY=[@ANYRES8=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETKMSGREDIRECT(r2, 0x541c, &(0x7f0000000000)) 1.103130017s ago: executing program 3 (id=4643): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @match={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8}, @NFTA_MATCH_INFO={0x4}, @NFTA_MATCH_NAME={0xa, 0x1, 'quota\x00'}]}}}]}], {0x14, 0x10}}, 0xb0}}, 0x0) 1.052771891s ago: executing program 2 (id=4644): r0 = openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000040)={0xdff}) 1.052044726s ago: executing program 3 (id=4645): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "810000cc2b000000000000fa25ffff00ffffff"}) r2 = syz_open_pts(r1, 0x141601) fcntl$setstatus(r1, 0x4, 0x186c00) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect(0x0, 0x218, 0x0, 0x0) ioctl$HIDIOCGSTRING(0xffffffffffffffff, 0x81044804, &(0x7f0000000580)={0xe6, "93c531801eba4bd2a83333d2104ec0852f7c61981266f02bc054052b7b462855e58434366a4438ddf08c3128acd528865ca40b07662dc280e736461c25eb0de98b382b06cfc9283fb46f9b19e30ecc3d8dc3e92a5fb352d29c07767c811056ce62956e59cc09afc67442541eb4b76d866276588d4ef98660ae3966c0a96ca865b4a82e908196e4e789025bd8726eab3edf543762781726d8ba82ffa42ce9c2044b0285d94a865514b1071437800c771a5f1afce2439593120aed374836ce6ccebbfb5350e65351e69f71745eb2c46b9aff039f14d9497962b62e556771bda6b78c4ff17643ca"}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) r5 = eventfd(0x0) ioctl$KVM_IRQFD(r4, 0x4020ae76, &(0x7f0000000100)={r5, 0x4}) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, &(0x7f0000000040)={r5, 0x0, 0x1}) write(r2, &(0x7f0000000000)="d5", 0xfffffedf) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)=0x1b) close_range(r0, 0xffffffffffffffff, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000d00)={'ip6_vti0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000ec0)={'ip_vti0\x00', &(0x7f0000005c00)={'gre0\x00', 0x0, 0x20, 0x7800, 0x5, 0x8, {{0x49, 0x4, 0x2, 0x3c, 0x124, 0x65, 0x0, 0x28, 0x29, 0x0, @loopback, @multicast2, {[@timestamp_prespec={0x44, 0x1c, 0xd0, 0x3, 0x6, [{@broadcast, 0x400}, {@rand_addr=0x64010100, 0x7fffffff}, {@remote, 0x3f}]}, @timestamp_prespec={0x44, 0x4c, 0xda, 0x3, 0xa, [{@multicast2, 0x8}, {@loopback}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xfffeffff}, {@multicast1, 0x9}, {@initdev={0xac, 0x1e, 0x1, 0x0}}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x80000000}, {@local, 0x8001}, {@broadcast, 0x3}, {@dev={0xac, 0x14, 0x14, 0x37}, 0x40}]}, @timestamp_prespec={0x44, 0x44, 0xbb, 0x3, 0x1, [{@multicast1, 0x9}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x6}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x400}, {@empty, 0xfffffffe}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x81}, {@local, 0x401}, {@loopback, 0x7}, {@private=0xa010100, 0x4}]}, @timestamp_prespec={0x44, 0x4c, 0xb2, 0x3, 0x2, [{@dev={0xac, 0x14, 0x14, 0xd}}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9f}, {@dev={0xac, 0x14, 0x14, 0x25}, 0x20}, {@broadcast, 0x6e}, {@multicast2, 0x5}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3}, {@multicast1, 0x8}, {@multicast1, 0x10001}, {@multicast1, 0xfffffffc}]}, @ssrr={0x89, 0xb, 0x0, [@multicast2, @private=0xa010101]}, @rr={0x7, 0xb, 0xc1, [@dev={0xac, 0x14, 0x14, 0x28}, @private=0xa010102]}]}}}}}) r7 = socket$inet_tcp(0x2, 0x1, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180200000000000000000000000000008500000008000000950000000000000076d5030174950f1a688c67406e5ee79d2dcb75cc370c483357716247f417"], &(0x7f0000000040)='GPL\x00', 0x5, 0xbf, &(0x7f00000020c0)=""/191}, 0x80) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r8, r9, 0x25, 0x0, @val=@tcx}, 0x40) sendmmsg$inet(r0, &(0x7f0000005840)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000680)="173d384c1f005b9099dfea204b8aea38c2766b5b494061202eb8ffa915356c09d421ae5837c2de92fc90eefe2d6eec2d3ccf7319a634d0f643ea640271a4b99d3502d7faa823e49ee2530c9beee9f5126f354f4af047fd8966217e5176edfe9b5c611a4fea70cf47c5d05f7380e8e9f1", 0x70}, {&(0x7f0000001cc0)="bd4eb1b4519e2cbabca0127ed2936bb5ced60b466c95ddc46388382dfb1780fe75fa062b1bf6749b0e8b61969d11a8f936ef316e961cedd96280136a5acc8a7353cba0087729d04b5318f7462cd0b3a86050c5ba753e0e4577a2d2badd6dc6c01f3cec4e6850fb5080b84f9147dc44593aa5f80ba840b61609e3319cc30ed0c84a6eac41c4ac95f66fbbf83a21afe5fa5cc2ab09923c0c89a032bb3403db0768e1410c016ad5e9becf2b7ffeb0456ae68e20919b0461564ce63cda67ec288f6c81006af6b0a34b51742ea9cf8540a2bf9ed9fa39fb718a13bae7f6d9ef077a3ab4eb35540c4ab87c92f793f5fd789cf8d031278e19ae512f67ddae19056b268959035a0ce82bd49d9d0044d114512d84065a552830d2ae82881f3680d89f9d1b7b43195f64214d4b4bc5fe91bb4910065f24346debc5621c00c33490271ea88ce0c0f28c46088a981741d54bccd2e4b14b0e4d9fada31293509e1b7c20775609bc1158d9f2f64a8660d7bccf9c200359d2292a23979e1f681e3bb3a2e12d2f963fd9166d6a5a0421b008e6d0b09c57492b019c02a9356a3baefc0aeab064799875a8f1f487dae8dc70d312ad11e85654bff24d77f6da516c9da1256b2b3a195e88597533bc4ea53e1a966e61bf8eefef94c0768164ad2d7ac5e2576766fff70eb2ac060e33e0919786b2ef67f02d3fc659b546c6eeec34d8c81de1cbb773e4f742109348bcd2aefa449d4ab8ee26197ec01ce2ec08791ad3ca0bed720ee3c4462a3a2a4c6b1b36b0f42dd8d3b5da7698c39f27b742b82de83a34bb1100f0995af7a722bdd30d43b492eec2cfed8839f87751903a521668fd19ff2bc7c5fe07a1fffcc29e3dd95dcf34621ced108b2c25e0c858c46fd0baad0e9804b7e61c1f7854d955461a0b392ef380d150b48a2766867048ad89573366a2c472419d3b10ab15cb09132c7981bd54a54337bb640dd9e93a63663395205f7e438eef1bd7a87591ab40b6c8f22ad125ed326c476f93530381651d737364ae214b32316f8f57395e40013a2dfaa49d35be1c78164bf953d05eb6994a406931ca41e7f242f895200865b6b09bd8aa0304471c9211215a7218d3ab98a9131e94371e0436e07d939b7f2b13938f54ca8e0274da72b2b1a36320247426bdf52ef098eb06c8da2f142b83f8f43401fb35c0e0cd29b88a9de9698c1e353b6c243cab924108c73a131193fbd15d796527b405fe5ed14018f3830efc5525f371eb5be6ee6ae2f48daea6a868f927bce5bc1b05730d2abf01f6237f9d8846410c7d283af12710f86f5d17072678fd8eb514f04ba8780f3f1481ec5bb9626ab6b73f0cd15b6f2263af126ec9eb4114555c7e1b80373a122b101e317b9fbccfd854e85b480cd98f149a7705d32d1aeecf77779515b7081ce2cec7d9823afa43ab709836529940a9cddd90e46efcc1523d74331cda05dceff8db984c541255ddad8aec4548a529b247cc2a80e2cc8d0668e64f51382ba67fc3c5d06d275bf5ac7741bdce8f7159db4171a9bf56102733a7064f8db5a38752f7f51af66ee1c9bee22036d4fdddc299e12b6e942b792066f20d1b1f8048dcfaf6ee5492d1b0debe66f27ffa7e10ebd0df23dd3aad4926a1910fa79b4f13c73e98ce0446694890b06a7512a5553a2e1e2ab09a511a26bf46194e4f32ba28b3f7fd80a9558f59b6b24fa51d120a4ad43fd53e1c23ec587c01a78f150e4133775d32eedc374e9243058425172c2a193bf2f8472f978554f502eae38d164fc8dd2a449fc1de8c4375c77827abde37d92a4ab91edf73ee4e440e6f24f1558af7dd786431eb6acea95f2886d294939a1d93cb0acf830ede00530ba6a0b5bd6a35d896fab7607d846431ab79db4bfd73835dd8ef531d0acc685d30da71e55b044d8ed2f28d6bfc8fb4c6c07ee8708057f78a7a94ef8a3afed3977a5abbcb3ad844f954aa0386e1adfe25b80f052caf579f4d13da7482ef11fcc4714ebabc0efdf2eb5e8290c7415ad1bd4d5f873e98343a198f19c7e22fc9623cc4b265aad3852364e7a9c79903de385cfbb33e8afbc4fc307b3111913c5161b62f1876592210681c1458c8c12a1f427e6f7293ebfbfdab166ceae09485a048b900eb41411d9f3743fbf4ef6bae340e9b360e670cc80777d9d699a2b6c9050441047d8d17f687b0e9695f3a0b3b2c51b8fbc5af31c2b1fa1a4027769fb4560fbeb58504ee15cad530bedb2801feae9ad02b608efbfdca43c5ed3172bd33ab9f520123f17060b47b9f40a6b72ca045c7ac08a072a838f545f65bb08272daf951070435b1044a8634e683552d3bdf4d54b14505460014df02f74121d48368ad3b058d9f5e5664dafe1f10d9abe2aa4b07a93cb20b894b7f56ce2dd02b4f1d5281056553ae14f33cbb8d118433be511193201fe5e839a7b047bc4512175cc47dfe9f4e09ce5e0b43a1f6276a85a363ec301f1c229871d833fc38fb3736026f7346e40f7e1a2f3b0fc4eaae3aee27fecd30f82475fee69657ce566eac8f4186d5f454b4845e9ac6f0bb6ed65643f74622bbb790a99a9f21415bf0bea87b5df794a852608adbbd73f629584c2e04aeee47991542da9c31182f06c828060bbf8753a39dba0feea44ac6a76d0a8cf35049772167cb29cecfa83adec6595e862a1aee89d61c2d92c83230d2be5b8d9bec408358798dd7ca449f681a00f052d83c1ae0a16057e5ba046b49b899f1f9825208ccdfe67f68ea5cc9e838d60f64f6b5af12a83783ae98678e990e29c0ba3b28dfd11942834dc42f6cebc73521000f6ebc24a90d7bdab12312ecaa9c674898f80ac3a2b6ae54357db6aa90b5d19cec75b460b1a16dd7dea66ecb1e5abb8cfe775c4130934396bcb36375295303761d1ef06009f5ab8920d16cbabbb5ff3646931fbf32f008f30f595fc321369fe8e87f49a7d9ebcf0703bdb08a5e6f48866aa57d3a1218c5f476d6ba1f0c95432dc3894e36019a01831cb9d0507202bd1872baf495eedaac221bb6acc19f7e07ac43bc554db825e45840c557592448259369c1576ba7849ccb5f55792d4a12e6d12d504250410eff92c5df0e7598d9db1954d7eab4b0ccc0e5e1b8ceae0fa5ca64b6b5fea71fe10970d94a114587787dc69096fa76bfb1d8f656d05cd4906ad9422d152131d91d7834520fb6a1d24a8b4f3cefbb10d5ee12c1dac50214e4ecbe3bcb01a645c92f550daa9a58b4caa18e7c7f97c0bb09ed5479612a26c5994c2be6dc1cc9de4696e7f2abb0ef1e033ad836346e30848129db94c3c882b37600c817920b101d5e80f9d6521a9d00b949a1258b4b6c79c6f60d6779dbf0adc259a77e89d919c31e2196e023b1e67f09bbd03154c2567f2f2510ff6ab3119fa7e1ae4c59f98fe9eaa35e0bbce2a7672f76d44ba489df110449cf7ff86207b249e2f1a1f16155ffbe070f7788d24ba3859641ea7f1c97dc6584e99cc3de0e143ec1e0e7d8db2a8e516adcaf8a2b7e761c1932bdb4ff2d1f0eeb0ad8408285ef0ce1d703f1ab84844cdbde6abe88002e92ebf7752f6d997aab66f44278f277d0a1c29d638b56cf5c712dd4cdc6450fbbaed6e5408ed3ce862b499840697482908ad90585312eaa69f38d9bede0f0c334ef5a06660fbbeee321c9e4ab22189bb754243ae7a5f093d991fc038cb7d5b52c50dd4961109cceb2d40dd42f5308c52eb68ae58e9b40ab1d1b34ceec0de8a60f087de5a6f6e61b495662b7539486270fd20c31ee5045226074dbaf31d1d66dcd55a717f4df78b8c1d9f2966e651ba5c89ecf5ebccaee30b8fdd450d23ca8ec652292695c466f9c671784fb864d43f15838c8c40473ce52987766070556942f8116fbd953a1cd701868fd8cf86536ed1ef424c6757a094de644f2444b9d97dba938327441c448172b09e8a63dbf38b54a4078bd25c571bedb89aaf8ba21876810aa7cdcf13b760a7f293212b58594f41e60793a9bf68c7bee6835b9718b7bba0a09089f961b2ca4691acb83f1bd3cc4549ec99c347c31ecc70099fd37bad8b96d01df7477d6610169c8a4bede52baea99180e191463b7e298e22a1b7fc9acbd8fcf440664255bfbb40b70ad2f1633ad405b3364c1c3c0c461e03e55620384a42a4aab43655d81c9a4894f6f72f95389e3cd1dbeaafff0961742d3c8e989021c5f113ff5e9083767f7af0a3bc9ae2d56afbfca10f3366032ba88ae641f3734c2fa1309fa18c6c94d82bd876672b86733d763c548334c31b65bbbc70949da0c9d1d95c96f6aff5a1b522f14723caea54a248c2ad366a31948d533195f2f0f0bdc3ae181623c415d4d235f7246bc98309ba6d28a64b5cc65045ce906e19de1030b11379236ee9b23ac89d9720dfaf4106bc6ebe00b9041a0b0f144f8354279be6a573f963ecba116ac982df4db762932a95a309e43ffcda5bd73969d7184246175996ffe4ea8e8313d0de17a6a84f44b3c4868d5ca3893cfc4ee41a65d8e20da689d9a629a747db1a3e62ac4e9787a9f3bf94f8592e856f05a5ba18ddc2648ae80dac1167fcf47cea36a2517021cf24f30d3eaf7cd9029b355832b7df749b1543d5e2da57107d951aa891d4001f9a55e43950744f74b5ee92ac25d6cb837482534897e7ab928ab05f28f4e52356e6580d53bedf3863a582f13182680e6afe59a0b6db6f6861ad53f815f5a2f9fad7201631403a586d60b94f5c48a67779c50c8b2b2a1acdd05823d7e6c5a76fe47d3cf220035fd08b1f8e909f17c1ebeab92cfb9a3f86022d0d859ccb9d9eb36f47b2f08abd0fcbc043d5ff1354226affdfd914353d70c907e75d825e7a5a953f6191880d512aa9944356420a5429becf500ae564550086be5643838dfb9c5971acbe42f0766379617a66a78a37f28fba351340d3dd8c3fc6949585a23005f6b2fe0334799e8db2be286296785944097ccc8afde0018f15cf2ec256860f3d9ac0e7d5f959991926634c79db28ac772a3057d4a898d404aaa54cc288eb312ccdfb28ad20902a63d25b918411d3563163cbf7082e0e67ae2dd8e72c026c223624994dd3b4aca37c7e9bc7a08fa0a0ebf4ed6e135fb761dfdbe4da05817b34cf1d92f04849f1577e9df29363899393363c0d95471ecb7c9a568070b143b3905ee5a6c50ddf446ceccc6c5ea202effd2391a4600576aea2d3339fd618b8351a889e2482e993715de3bc25de37a340eee864634fa242ab76849983568e2edfa185096e0066b7541265b98ad8614297dd7ef0711d8363c6e9da503382d5202a6985b9f25d6fa8e3ddb1bc3c90f07cbf0c071e48f9155ccb79736841414c33748fffec58b1805f747d5e229efc1b014aa075067cde9e5fd2ffc2b06e4e66b84dd4fb1eb1ea4b843d812d333014526842f40eef327600baccb19260c6d88bbac424c65332e0ea155cade48720742c74352", 0xf00}, {&(0x7f0000000700)="fcdeeda16dbb3a3a5f2dab28372bec29285b7eb42a0ad6de9660c0ae5a8aee15353dbeb30c4d65691445c57e2d41ffb7b3", 0x31}, {&(0x7f0000002cc0)="b45cb6eb2acd4c5e2bfec82842a73a1028bc89de52815de150c403807a7b51268272251161a5ff758e487d48c8c243d98a6b4e01a99da90a9cff934e2ab7b0f6c3c3a1e5777d349b1af245c6228cf0d4ee051d7706a65aabd85873424b05a306dd3a680e16923552a03c8254e4daabcb0f3fa4570ccb1c7130ceaf908836ee2e2ca10cc97eb2d643ddf8e1486222d2c89327fa66e49c662f81ca7accfa30aeb072a3e9ef4ea2507767bd78b04469ee868a0969cc70ff5105a75fa5702b36e1efd1375fd84d84258f09f5733baf2927603bcb2b591d56ce38403f486f4a02d635774fe529fc1042562f8793b9120d58adb15610bac402e49efe0b750cb9ed8197c6df8066ae3bc9f4be1b352718bea02954da692373e5798eab9132f737e3fc05ee702f91211ac5b0206b70ff699515c9962b41e81f853716c09e00707eed8d46959fb36b3973b81e2aa228b5a363c5cf87f5d42c14a1451b2884c46a204b39ca803ee5dfae25d2bd64c4f5b349a7504e42312005128113bf8112230f9c4746195bc349e9ea631b2b2a50f3e3a06983c8f0e7e25064df9965c8cac6fb4c7f47327e03228c85566fd04858c6a27cba3f1c52bacf5bf6a07054e076a1fbf1264bfbf1e3b3aa658f8896d2f0b84327448547393dd297798173972a1c5e71e4c05405c26c47e5d252bf491c2c330da8b84d1e85b8177351f6a010c6cef3c76b2afabc144499bd092411e8a44960b15f6be39d33d41dfdc04e854e836a3a0982c16235d099e3fbba6226ba118fc32ed6248469c128aa8ebfcd42fcdc0c94985ae84940d46c0ad848df3491a1aeb335ae3ca19994fa09c8b1fef1e5602a5adba9029e792b3ee0fffa60ff711af0ac06125b5c61860a1c38610c0623826844702f9bced2c0684382aa11f7a207fe5becd2e021d185a9c5f287936eb82abe9f1e9b5160468b91cd5ace987bb4580d90e8873d5436389c7a2832e0024828bb9a11a820c01c56bbc9e5ed2bf2119062ca86d69df25a3a963bc0758100b9648280407a1673b1e94607504a4fc5508f0b65c094b789e72dbcd22b823881411396f92e3d5769bfc26ea86615a26e07ce3e7e38305ab184c67e1109bd5a29b9474ab98be8405ab4d492ad6a81e6dd8f44f7a6e932aa229d01fcf30052889a67f959fe0d30ac59fbb9a652a69e012372846fc6a6a6b396fb96e427cfda2c7d329d17bb6d2330d467791461b8037bf3b0019652739a4a2bf254946153e474efab024ce8e4e90e604ad2b59c3e5226bc278ef267ae06446564fe02506207e228b841076fd9da6026b6703815fe6640b2995b527343816020e83c60bee1fb13b4a3381c78b034c107d5741e7b284e059d670c1e6fe4b9f96e034e77c0db6700ea7424b47267cd1db64d1d8480252391ac2b09586620aafdde6399cb976b30e4b58d1a5607b140dbe907eb4f495782f108ca99d93975e87d73bb7a92c99e0686f64e7d70396f5e7b55a2687a28769846f0fca9008de0cf6d8794f2a62a27ecf47d08aca2688ba987afe40948e2c55212d1b7932d66a7c57ecbdeb4d119a49d3e12e940773632d0a070aa3f2fa230f3eb14227bfdc91ad806cd073c9712210688c9761b3b9fd535fd7ffc8c37901bb60b2e003ac57abe086e7821737d435b0b95239834228ac1964f8439d108da98423c74ca66f53d1e167bf9bbb17901c6fc582513c3b52e1d451fda4b261d5fb942fb84ce94e5228a0b90238edf9156dc34552820cf518e9e8087cb2f6c91f96bed5fa3f27280a14447efee3bf7e27607b9914ad7e9a87601720a446af566266503ab980d9baa3f8fee951122a465787b38853a318534ebe295a999ca764378b7caf99887b048f60f0c50d59039a33a9ef899ff547f294107f6431f70daf9f77476b1450c131163fc42336fdca1dc7464fdd453e54d8d5ca4fe2f3e8e4d5c372f460b46e028beaf678c812436285038608b1ca45c6d3588b15b33bba299e9019307e4170d6ec224d27f579b81f87f38e2a45172285939d2ab6b616932c8c624e25d2e07a708fac830752d4a1b1ef8d7b4c5c06f11e12262614eeae273d012320441ef0927aa1628c96771122ee08770442d31a6871a7dc90c996cdbf5447ccfa903f17cb612360094e2e6ecca32bcf4014e1617e4fae25a7ba56ea55e740ce0dd476c2aa52a5debf76192f280cbb4482179b84fd129145b7351f66b86411f8ec780d5ec464ff419a5db04ade742371fe0b8b56ebc3b23b0c42dc39ef214bac85d2fa5c509ade54aeb04d5a7b93c716527592c3f60621bc2a4d82c3a5a2cea34f756069eedbf8703452172eab82017fa3eb53c59c450612e0ee2e1248db150c7d1a77b194e5cfa15581fe2c7ad48c310ee8884ecc4b0d64dce592f3ca5cadb458bf476090656c0e0982936401e03e16ac1206f18481f3f2c99d1e5d78a4ac129caa0dae2eb0eaa3c3b681bf11e0ae234388d0b66246249eb5ec6e76d9f6670a3274f5c31e14c953bd27a118d4e7388d7db3e2789b0d89df897e4671fbdd20c55363ec2e07ed9380070f69e2956d875d3dc356d7fee5b597a30163bde189d2a6e8a1cfe86e4b74c9e670474854b1797fcc31ca9f5bc98de93992ca73419793ba20d3f5ba7e03cdc68f7b31bff95d58bc181ef7a7caeb123e6bcf5493f9c1f62d669d2f239db0ba1abb13aea4edec0a5666c7c90372421ab6999eebb3d61fc99cec5374dc40a0d46713b5eb8725e30ebeebf6aa6d098779d020c9b3f53a1a73f3887a0cd9100d513d38f01c80cde813e3f4360485c5693b265dfc767c48e7a3a10b0cc664f4007cfa6b91af51bffdb8322b4e745364f20975c986e23bd8b070c753c1ca519d4e7871b6ab56168661e9e524879c2848b1a1f40a633e4445515976a340a45ce91aba1cd6dc42f823eb5aac11bf6add4c1a03b994e5bd812fa680a7a15cc3f9529048322e1a1296abea00e6f9cbbc385a061805937d3df6ac9c7e74000b5985f08f29873767f187166d66d3df123563fa1c296580d66587a74a2b56809ed1a20a70c9d1a474fe8c90a516784502122c463ef6615fca7a5708ffe4f6ce74269d787193a50459d9ca37f981c79867aa60a002dbd0b9ffefdaa8618f8491e6430b07e7ec28907e142f890120c6791b3df2ef41b97b7abbc3c2338c8b5369649fe351bde96f78751b220e5a57578c6ed262ba0a235de899a3f82cc50a254c9300194934a35ef7c7a35d1064e18fbfdc10869c9ab3456759af2063241632a47be82c8da4cfab86add740247377f588aa3228eeed1d73a9e539bbaccffdf7562f5d998e26cdd7701694df71ddc9d4308203364f873f0e2e8c80fc8d02e4336bff8eda4d2369d52d349602edd519ec27f273e4938a5eb2f58dd9fd544732ba47bb303d418d9c2074eac90af53ea76929e776d087b0086ce31832d006735c0f2a14ea7067baf8ecd1a702cf08727fb13889038256f65acd47decd2b51cbb3b29b8e1218647dd95b5bebafe938012da7a3899e1df61a1647f7f5020df17f3e9753984ecba3996c748f1950b1be3dd2e22b327812357c7482fe6428f131d7e733ab013b13038e714703c410d9db3b83f61bf70019a0b304d418bbbced67846869f9bcb52093edc7ec4573da6d0887181a68a901ad95c8db2d97fd1a1027d82473025f1f36395be779155946f9b955022935da82b29b87ac875e52427d8ff2a52d95fad39074b7f8f5b974a3075e76f818caf817c79bef1764486b78db64475bbd3ccc5f6d0f4d97359f3885fdd8bef35469b2988c5745473116327be8a185e648b5fde0c970dff22676f5bedeba075a45cad64d34867fc08c5a1fadbf5b76f68fbc821ef401807d92254955e398b8af82c4c0f21c349dd35a21b16347335357be36853b988ebfebcacce671a2b317f7839965c484faaa0abc3f097059a19334a16641dfe083c92178dcd82e50eab39f7fab5561db15ef5f2b36f3aec94b5ac015ec6ef207f18ceba5422cdb35fe985ad18527af94624d69429819360de993ea718f089c636b7f385392b32f286a7f3fb0e1d4c1d9305ca9c002b94173cec38a4ebc45e3cbe73ee6944f01bf62d2617254f9a671702b280d604f58a5163b74b99c94a324a57c5b9a9e021fbbad5edc3ce4676ef53e5a1cc1412ac8e422cdd6b64973b74c16b3151cc747bb01fdc66b5a16cab9242040bfee10b307f24be1ae4ab64549b09a57e054fdc0f0129b8475632e722076b28e5043731fff36ba2adb72e74e04fe33a9d0ce5844fabc5885dabc81a5bd55c348871ccee30fb688160f17119883e62c3ff386ec6331c878dc21446d2a69c426e6ee966947aa03802c9e662b0dcd7dd648ef3abb06d6ecd6ca690263af7a7ce82217d4d39a543adca52d3fae79c3f3533ddec1e86bf8caf44bcc8605b3f71ac1dfeff236b7bba450f041b2eab21cf7c557a193bd9413932cbf42b9a645cc6f948efc130f5ffbff26e74adb6c01bec7156df31452d419b5ad9d439f22359650ba6e5789329b2c3fd375735f4f3386a52e8a3195d69a71c2ad87cffffc23f679e7ae5fac7b199a2891e06b88e001ae4998d849a5a795661f50b2d9b705be5d114c797f549d6949db86d2d0229ffac19d76002585d2ab95fd1f792e2fdc99d6814588f101d48ab0e36dde6c23627f8676d6a33aad93c4a1ee708f6054d1f7e5b86cabf08fe0fc00e123ffd2a100ef496dd5b75470bba2ad8d9c38cc213afbffd9b2642c396c6c7a2e102a221748f8eb02fba81de2a1ba0bf6ede4aca0d9043e48fe0d388af0f1ec527c87706dec5783d7ae9af158df1ee61c9f048fc15e3023f81da4b6cccaa132ecde877f68960547c461216aa1653c2b21edcf321c5093b1533962c745bc6c1a27af4177c51e2ac1f9cc39a6ab1be5ba549a52a5243124055fd58b2401a89febf58161121ebc3217c2612694f3fb7cd8fd0af352b08286831e74c0d5a9e4f03a7c4ac56c664bb8d3028da8140d66ad14e72a631fb49a0eefffe792d166b0ab9fc8baf62f67a393e5fd346aa5b8598f9cbea9d93872ee2b93a6c786814b609bc6edc01eda269a1ba870105cf0fe40d11e9c759962f1133155fbec260ad780bae967b867aba37f3ffa23838322848e6728d2a3eae6b3bcf65eae4b82b4ecc5b170840cfcfbce495cfa5a88e18424fe32ba653e9ddbdd98461bbabe8d216aa0791266392d7abacf1bae0a40fcef61c3a18e09a73789e31810723ff678f63e3bb96707d71afee086248714810824bfb1a5270e737bc77d79054593d9ac2bdd62d79a0b44ec158fe65e1bcab7771ee195cc2308a4d42ab85478a1ac416d399443e76bffe445deceb2415d988c77e5288e0eb5e8098e548e9be2199d70e52146a892ecf85cadb25ef810a41e7a2938b801227e4d507af61b8baa1dcdab940710d1f3b82e9f056218849c753c7f012c28e0c6ab179099c5efd4f73ce4f98fa19e578abc956f55cc02ebe4cedc0c01bbed7326a808e0d697884d55c13fac7495071f3f4a96a1100e5923337d2541862048b1779fe1137d41ddb62f15570689716510ff13ee55013eeccce1a3e17212fded0d5e06beaf055ea5a6cef5506e7d365bde3ddfae33d95ec2dbf3137dd8046ba7f837b044ec73bbd7f4b46d8511c99315a19e079395f3e9a3d50cecf42edb050aec48e4291fd4bd73c01a56297f7e43e982d8a90180143cc0bd9c4d02cdac0e9ec07f1949bf26523f52739486fb43bd919498266529815372a96debd5c717803d2c52e7775b01d1f372fd708999ae2ad147ed17ffae628", 0x1000}, {&(0x7f0000000740)="36c7ee43087f28daaf0b321f1b5f49f07baea0d54bb11291b32e5ecfd0011a8b7f9ca9d0d9d184b6c61e6f87f1a5601dbd4a67edd786c8912ef630f104e3b2c235305aa423cfe86bbfde46fe982fc74c6da44bbc2d190e478555ffffda3ebf95e9f35a3f777b2463f8b9977c802521e22ed90177cea8ea7f6c5cf264aa8dde590e278e39101b4b3070073892a8d0bc92a916ef08ce1316968cbcd41e8320534ef1ef67695fe81486bf3363171d181f9e0c7ab715035a5840eaf2d569a8f8c8f6e1497266ee0179b10e2503909f754d13fcc338bc3ea3a48277", 0xd9}, {&(0x7f0000000840)="e16e853e988259f10037f46cba6a9e0f10edc77fef1b581f2f4e304c66e2c636091b8518ec83800b88fc0ad7ae5bcc3d91aee2aff4fadec1dc4cbe9f99ad4f900b07835fca03761e28d391", 0x4b}, {&(0x7f00000008c0)="c74318babf3b2457aafbe4435ab2864ce84bace1276b5ea5ecfa785799ef7503fedf53bd9d539e0fe99a1630ee23eea8ce9c1f20", 0x34}, {&(0x7f0000000900)="35955e7fbb2578f8fe5f9c5dd78e3264398b55595cf4cf2c4eaff33caee46dcfee9a1d35a6da54fffa6a5bdd2e623b6d09efd889810f3fd9db1939773a04f364fe2f520d592a8f959df3a93c5f8245a36157fe7fb1f706c4a5847705e9e63add239be7f3d33038acd4e22b530364b84ce83145ccabe456acf262987ccd357f4ad9437e76bd272087c537410860bacb16e99ff3225a50d4e5f4c9dcaa4d3d954e", 0xa0}, {&(0x7f00000009c0)="6fde13bf8ff7df11", 0x8}], 0x9, &(0x7f0000000ac0)}}, {{0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000b00)="21299468c65d10099c87a77f20d59eabc954b03435a0b4b3012ebda739b7b2f8411d136542ccdc7b43509df980c822ffb7098829fbfd066be311ff74f740cfa88dd56a6f70ea277a7897", 0x4a}, {&(0x7f0000000b80)="53f21a3f0a9d2e20c7eafb6911f43d400ae00f914dd9a756ce2f9d78630ece0d096526dd13bbee9cd6a0999dcba2b836db71a4fe37084b2fec6f3f8ff0976bc7ae12a772ecce1d1fd9b1693f877297b0ba5c6b1ba1afe5959ccde8fbf56c38fea1ce79a414f0bf5c22059c26cb1413df9a6a8fdd539c959e398db8325d73e0db21416117dc555ee5840a69385f", 0x8d}], 0x2, &(0x7f0000005ac0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010101, @loopback}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_ttl={{0x14, 0x0, 0x2, 0x4}}, @ip_ttl={{0x14, 0x0, 0x2, 0x7}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8000}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @local}}}, @ip_ttl={{0x14, 0x0, 0x2, 0xff}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x200}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x24}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @loopback}}}], 0x108}}, {{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000e00)="8f9907d7e78282c1092a47a53154c83dedad0c490f3f2cdde38fa75562c5429695db77ecbcf9d2e2ce27a72c0e3a1890949aae4431faa5762e5aa5c454fa2b6e73403e6f505eb381949a02adfdcf1169325297fffa17bc1a6dca7cd0b3abc37057b531771efc456e2cc4ddc48cf06cbb1ce951d005201ae4a1520d127cd3afd3", 0x80}], 0x1, &(0x7f0000003dc0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x40}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @dev={0xac, 0x14, 0x14, 0x43}, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xfa}}], 0xa0}}, {{&(0x7f0000003e80)={0x2, 0x4e21, @remote}, 0x10, &(0x7f00000040c0)=[{&(0x7f0000003ec0)="e2a04104113362a2fb1a6d93352d416ea583e9bd6585d988871d50ba94d03ceb403231b40d27f816ece968440f839f089488870e43337edd696e628419500180f5a3ecb119d62b902ebe5a650f2cc9c50ec3977e237848afce4352c7554f42fac12b17bc14556e2ec50b93711132f00ecc9a2ee5a5d5086b4c1887ad3ee0a0397f57a225896e4a2c4d7f7edd311e7ea8b96ed3e0e105e9adc0ec38f45be31b50eaa89fabec0e916e3ad32eb09e06dd39fc0383f2ba0cfb0ed9bea675ee85d5e1ec80e0bb9a28db4fe97b45d40cf6acfa4665f90e9d0c334017b7567846fe9e4e623c62f6cd852d", 0xe7}, {&(0x7f0000003fc0)="7bd6b537065ef565b489e8271941e5d130930d99b3b55582ebb34defc1d5eab9b1c6022299583c9f9303da8fad9a9a135ea5878dd4d7724b4e368a61fd009ec85e7391d81e2a63099cd01de4d9597dd3ccd94c4443f064be482fcdb21fae15a150f9801252f84aafff9e69e57c325c3bcf00fa06de55b7f42578d754cb7f5cd89d6d5e055dddac05e25022ccb147462ceb4870c50556169b9b59ed2880eadd28cec07a011c59b88b7a21fc243c03b47adaaba4f55d337271b7fe63ca306a24e39a2d9060796c3c0991af859f4e34a17dacfb27adeb9b3a55a7a3e7e2fb37f39b0f9a47c77c146d423bed989420c081", 0xef}], 0x2, &(0x7f0000004100)=ANY=[@ANYBLOB="14000000000000000200000007000000000000000000000011000000000000000000000001000000fd00000000000000140000000000000000000000020000000000008000000000"], 0x48}}, {{&(0x7f0000004180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10, &(0x7f0000005780)=[{&(0x7f00000041c0)="e2796a2edd97f0b23b10b6f377a072b91ee3d1f015997ecdbaaf422a4d15658e774718215064c7d5e554a8b3d8ba197cde06708b7a75506d2d1e795abd9c5f53497b0e868f58c234ada9192bb86f2dc3d52d3a6d6dd747df61541df935988bb311d1cc87784dc9cf052e3c7584d9a1b18afeb1dc539dad93313d9bf19d0fddb9ef771ae29d30af70fbcb10ce9adf9eaade8d6b06ea5940ade7117b8112fda53d93f727b46ac20fdfe9d76dba6bf70aefdb77ac79ffae76abef7dd25a3b9754c6a505f3ce133f34efbe2d17bbb736683a4c78ef4e474f7b484e7be801fb6c", 0xde}, {&(0x7f00000042c0)="5ce2c16d40ff925f5b908205c85ce6a8639fae273857f1a7e72a6f069b2cf96654ebbb23b69b7e60df0e9459b4c9c599ee7479089b3e66a1c1e597e0f8812d5346bf20da91de53dab05b3c71b20f732c837b583908bb3f1be4f3f615151d0f4a6433f53a69f127236424d74f2350e93b7095506b60885642465dce813a5be110c5ef0f5827890ee184ed7536d42b8f8da17e67228cab6f56920314e8cf27d73cebfbb17b1bfb20250a5cc555a6acadd7d450736070fc88bd3f0f00335827cd7791ac1a1c8ba93a2ef96473cbc1fd43a778745a10a59110daf0b5c3725f1c83c72f432bd6d84ce309f5dab007407aa4e871b63b153f2b7d5f84336ed153d1c22775f9da2c6f1d3bc24f9741b987e63064e898e676e71aab3655b9c4f5767f5b4a73940ad20bd28481076197ab102cdb7e05a31f5da16397a50dcaaaceae5b6cac7ce9ab6da3abd8ad683efa0422346fc6e86680a18fc01c65b4fdb5c5787a6d292deac7773654c04f3a01e583638f6369984d1762092bca587dc1d51d21023262a69e72e85c13c367f83ad56ff3f379c5e1b605a8d6f443bd24af3b8b9c62a3d6a6c2cfcce96191c4ff45dcce014c06ddac777527cb89293e9e641962b5f9f529e55ae0cb22a5aa32d66bc770601cfdfab2ff1af1636b0b8f4bf3990c57750e157300eda8da74963e16663a9c1311a681780c96c8836b7d20a5e778bfe5fa6a1c0354546bc4b026497052cd4d6ffdb04f937ce4336d1d044d3ed0a93f5ec57a288b9d02a885c60482a41024bbff665ad2f6ec93b948b6c20254629c2f00d6d2e072d4b75e929021c4bcc982e037e9a8e59cca30fbe9ebf953956a3a66148af8cba8a9d4c0a1212077f537027d225e23d0c9dc12ffcf28fba879a90781af5df5b8555470cefe878ba967121b89e7e69b21d620a70d26c2b4854c8f1acdf02147c084019196872acff4186020ed9a108f2651fffcd887297d76b7f55bf1eb11966a11a2b2df18f3ac8e6375b43cb29e3565be36c6405478e7f18fa5ec02cb412cc3e9c157417b714d907cc12a6d38e603b094db2379534acb28422b4e09c4ea4d927c2987b2c4a490877c6b3c1f6b93d13e6c77b4c4684d6e6658708626753c7542fbad986fdda74bfdb1b19c6b3ca16cf39de6aea83a95a0f538678284d7822d8a1522c36b052cc0b7dc0469dca9a5bf4497ade9f78a0ff0a5f82b9ad5b2f9111edf76f7a01825ad48ebd723c24d45efe1638f1fbbdb4c577531b92c79fd7da99764d3ae1dd253aa0309105517ad8bdbfa5b75b11232952c997411e1cae55393170a828e4ab8ff6f1dc347943d0260e72f2704a32057a38f83f2cd2698680739bc111877332c4778b8779d78bf804f7a2fb72804bb0ae24b2a503993d53ee500dc04301e225417dfe02c6414dff545060e79ef6a2e36bf2e7140b74cc6d0dbbda97363a70cdbe50eca6e1ef94f55cac8fa0af250533ceee32eec96cdf11960bcb7994d42d76a137f45d120e0e64272372741169ffcdae93696f14abef3e04bb6e0f38a8e881dd0d4b75b720395957e04a597abeb47d6824c659f55c44ed713c1c298eb19aea7b05860f8c5780ad36249a49ac3aa64bd1d72eb1995168187c76d7b7f6537a582dfcefc8555752ce0584fa083f78df7d39555fe65a53f56ee7f6c4ecf12d344a2535ae962f6f218b38d392fe23b7d7735b1530587fdaea8c8fb2b8fd9fcc54442771b85bbf44b48f78cd803982318465b27eff2627f1e281c7507d08328f70342958cb23d6bc27bbcda06d7fcab3d45e4089d2c70473205003d068b100a85f25805b447d160a5e7d65f010fa96f3b2e36595bc6c0c90fe560ec34d99dbcd16946e87c46a4a0d3808f4ec67aed5f8d965051050feabd22ac286f3521e998571a6e2779b3571bb8f6d9e3fb4abc1604e2d3e8f917e2aa7bc87fe31180cf1e5eafeb670ac9d1db742fe1a8522e394db081fb1616b1d07eecee4749a545523333880b091b239db5005323f4ba0b612d0d713b23d5076307d94caf0de365c247639223944c3203cf81e9fbadc403fbb8095e5393f95214fdcca412c5ab19a6d9db969ce3fa3edcaabffbedb7dd8e1ff9b8a09199ed4c3fe86e48c6a1233cd74741ea9a052bf802b896ccb4f8706245353a29986f2f00c41e35a7ce4ff210598af5f6445426607404843465e76d2d90b32bdd95e889a615f7f90eef101c132720a26875ae12d26339889034db1bec01a178db4c9213cd7f38761265902acaaa0c81e2ae30323173ff9d18f12f7eaf1053c78ed99d98ba6ba4e189d1978d6eae6323e0c7e1b36735dcf9d19247dd1b7320729a9ece96f6609ecc8d909e60eb7b7c241a957a5be8d1b1652f607f70e65bf12f0e7142a00c6e5ba8e19edad5ae96efb62a4210da3179679d6ecbb3b37a11ad8e3a1570faec87c71e59fcbd705cef1466b10eacf3f2188d08a0075b6a46dc503d99b30ecf14d4f32c47c25b325cf4579f3a805f9673a2b4154ea11641a734643e1480f004909d420f854c20463f75197add7cf25891f7b637e935087ed44cd7022ba89759ae5e22ad4d309177462956f86d54b16d449b6040f19ac713b5374067fe9064a075518262a5053bab9f15f9a4ba71d844513842b332ec6b672775e85266eb4b5ca279a6059d55f7bb8eb996451f938de46a1a118bb8e9d2a636deea91593a22a7743145c159bdc7207ad8448ab9821b153a97331e5cdc56184e4a0913746c9a8a46a6f35d8d9e96a1597fb30c9e35ebf5f828275182c59a2491c59ad189133b27bddbf52f1c52dc3483996f5d7aa11f3acbc7fbf600024febaaaa9f9662c7255dc471047b50e9aca1bc7910d949a3cf326cc9d546503b7d67938902c9da5d5567f97b7b01c45c847b03ee97f661a9cd2207601f2b0a33102441f87f77cd7076446d8fc35a49aee02124ae276e9e0ea3d636591e1e9b040d1f9640e2f6890642fead2d09a90692be03eafc782b0104bb5ca32de84f169d769ef0d550223d2aa0d9086f6dea8282de7cc1b26bde96ba11acd1a6fddb6b85c2254c41e473db071d34fa62141f7ac905e6ce57815207084cf50badb9d5f635d9b4221c5020d64b96e895730d4584ec0621c25bccebc2a49eccfe45430c4ebd1c45b1ad4641e53bcea5619c0ab0221a5308d3f4e87b996ac7a35c99d5c6c26430f7a8a40b09fb4837169a6a9389879e623a6626ceb92bdd230e2f75d633dccf5993fcaea91e4b8b43dca1c872b6e42a102bfd833f2d0beb3887e06118eacc7810ff8cb17dd10cd2a3b9aace7e7828c7a36d13565e30867a64695dfb976462a51827fe75ebc121addeb7aa298565e0f6366914eddf1c76e99db5a06142584b1cd365384f3a8dabf1084bfae53d6e9b37e3b513094f2e9e2f8232d0bea7561f8b01b3c899b496862e14bf0bf4544a0bfcfd094fa23a51c88d7562cf5ba206ba42ddba1e0ebe7fe26ca8c1478e105fdb32e078c91bc10b92ae8fe720d8264032ef542e96abad32d60e014145a44be1614678abff48f266d5732039c07228c29af5c089e7bd8642b5bb123bd4a25a2f838985abd0ec2ec48c175e72adce88f065deb6b184703a4326c56769b423d364d27270b312b0ba485336813b04c81af57c7e4ea2f09755c8414712f563d690353ca9ad9398fb0ef7732b0c6e80a6c57e7a77b34e17b2ecc0f8abd828da6177e84d0e47d5a10e4e3564f1df4b817f6fd5a15d5dcaf216b6ba7acc5096311b6207b4d098d754cf459c3678140fac191147a1ab5b25ad93811d9e1574f0c29419f00500ac2661f00753a529044a182912ef4f181c934a3198c3580b8b228fd804a9987846c7b6963ac0839dc94cef30dd26fc51d0d14e1a3dfe35338798578ec2a9c2116c16e0018943ede8bad3e7437fb666246bc4ede4bcce6ef2a71a9bd591a38c9fdc8fe1680f8e4a01b11de98e7750645d3da8c7200d040f23fff4e6ba140cdd6cff790c515bfce8c59265aff72f2222efb8226059f1a08422dce2d80e793c0fcf872196d813ee3208ea6f8e389c53996ca15538a4050a40ab42a6d8142f4c1cdcb21a74e66c189d1bb9079eb19553b7a7a244844a2c9ac0a8cd8013f33654ffb2895b4e3143c2a6b35331f849062f7fc4cf2488d1a1516ed931bfde2a913a0f45196f7c0cc30798037fd1ec5af87b961e27ab9c4db2290083e1af739e8ff3e5868130812a4d0eadf5c12b84d13150c56cdd7e16f123e5b28be9c3322c9e785de006e4db9d48dc2eb8655757fee4e234c4c535b09598107201a8c5c73b8e8bb3632eba662735855be35477753edb4be5695afa9da0e7f2faf3c3f8abf9ed528245d507c4892b9fb39f0b20cc0cfb46fc319a9624b984320aea06d709fad891689a9ab76b53bfc714a45b9d5400d01332d0596edf1d1bc8aa4444be11e96720dc1f177142666991219e1eef746104942bd38d378aaf2a93dd05856e2a721668c6285ab5f43e9380d041e3d1492de9b3d34e5479f3a3fa8409b8a8b707897f42d82d58672097c8147d7b48b165a3a90bb2c393302269cdbbb2702c59336342458addf3c8b9eb82171adfce622fe37431504351744638e5c8dbfd8cf247e7d8e5205e43314d5c8e5a5dc69b95dd44744024b906b4775cbbe7f2a3a828ec70efe9e2e0ea2626b8e83d3a764bc1efd92adda3cff778ebffeb8e90e606e4507ae774c32b311191d7606b90c33fb3298820e9a353162422018861d23a3762ae8fb5bd5869487a98aefd711bc5bdee1a89b13fb5d35f879b27222db9bbbff772e5a45cb30e5f3ad6efab65c95b622d4d893acc7d1ac7df914f6b78b4219304aa886ee1002a4c9a88e6ab1258706a34655a9438587f4bbb0ee6de17a2ad23bcdfc36af8835a70eb5206922c8df42837efa3dc18af7982900b26a208c0bf2120c695f0c6e864dd08178e816ad76c77cb0bc8b7faed2c217713e68542bfe860e155663774e3da9e9fa68afb8b7b2f2f853c4d1758aaef82cc02efaefd338f8679c06e7e84863d2882c03b6353ea71749582e4ec86070a8c8674d8e1e8c01b25bf5f7ecc106425ff79a2390e988451118bb581caade0a1a94803b5bd12f7798771e0c8017dcaaa38f1c16adeb71938928e619372ea821d9ef91030be6f73c38b8429a91464a3e38ec6afd1ad7d110e3335354e3189c60d09fddbbee1a5588d540e273adcbd1153228b69bdee1e18bf415f10a5cf6b139bc170530c19b6fc5e47732e3eebfcd2f237b60fceadf2bbfe4a77bcb0d79dc9dcc94f086dce3c71d1b33a2157c4b837c7ebc5f774b7c4a7deaf9682ca291c99769b68b741225f6f5cdaa23d21317e2247e216b6a6665684a2b9aa0f3f190bc338539143a00e044324e6360ebb8fef850256a364cb042c787c41eb1d697a30481a6e4aeb8df715c316cba8f8c5297764fbd34572f6effcc88e7d55a3d4af1d54b59a46b18802e996114459738e67ea0b24d2f7a4910f1bd9920f64b554082637d05eaf4d7d51d15ac2607eff517d54cb6c43c4b1f86ef9e6bf847b5d5486b7349a5c7ac59a603d6418f283af1cc2f4b5f71f9ad53b29716997407d97472380112777448df11fc1595022f0efc66327d45c16591f517e347cba4c62fde07ea1d0327ad2de32fc66ae7bf5bd5d600d8bac2817a03eb4d29898d3ff00c35c2341d3ffa77d1462ed6ce53ae25a1ef0ac2a47e510244e63537acfda9040fdd15a89fd6d03f1fc95bd0903a75e996e7a389c663324a697d5cd9cf86c5cd5daead43f69089362c906d3c4ec9a9d07810e2f6395252385d9", 0x1000}, {&(0x7f00000052c0)="823be1d770b0bf16a38673e62bf739aee42870d3bbdb4893f7f35440d0ac137e18c59680a68ae611da8ef1d5e7538f43aa5f0ccfd334d98f6460521eeab0d03c43cf57e363ecd8855f57f3b89d92e02e140c7fe4f92a65eadd3313ffb3d332e48f76a4a8047acaa2955f3f224f924e20ebf109214598c5ee2a491839af6ca839f9ebde848361b1e5447355268addc1f2f7083f760b114521855ef82aa48baf0e75e2b02a0b8eead398b526f25f20592b25ede1273aa0193494f68a103a0380062c279af300ee5bc0c50856643167", 0xce}, {&(0x7f00000053c0)="164dbf7fe8ce2c7c352413bfa98879084e1f1b49451701792f832d1366123e6daca67e2c9ea30c0754cd8ad781cb7ba29b301fd2aa2ac8d9318ddac6fbcb682b5dde1ff8a22ee15e869c2a8d924dbe519ed38013d4e60ccc4b8597e1dfb157a2fefba43c367a6c14303255a0eb7f08bfeb4b29394e6521a9d2ab3eace1c694520f7750a88d633c80329c65af8c8fa9bd926122b8a947b9a07779c587b6bdc8f6d3cf17376b65d6c76857e4b35eae27b3fa56be764ebefdbe89f966b6003d03fb596aded600b67c528838061ef8d6a8b17b839ccb92c979bb", 0xd8}, {&(0x7f00000054c0)="c404c9142668656047cd829fcab750fb2e8992c3c2666a786e5e202b5c0b3a17025ac4d9564e1789ba6415301ddb6275b6af9c960b25794aa0fd8a9f5ff6080245bb1037f5fd0c7c7c56d0c42a91d0c2e1e6feaa126dac6ada50df760baed1e2ecc5edb1b585f64f107fd571aeea55dc3e1a769a42bc9ddbf0522b2c4f627798bf4b9c5065b03741fa4b714c40f0f11d6dae7baac3ffd4d58e1075e375a793fc5c74b06ba25cf3cc3769b1fa47cc5785aba4b049d034e6e80067a407c2f4", 0xbe}, {&(0x7f0000005580)="e83b73d22d661cfd013c3eadf4b849729a34d58d8c5475a11e7d3f64b83e3e3743a25887bfca29f34fdd225d11a7e417873c81d2533dcdcaae8515d34640d599ff27ebb431607cc7307da6accfe08c91f7e9588bca106adb127018fe0a", 0x5d}, {0x0}, {&(0x7f0000005700)="8a328c992824f2d7", 0x8}, {&(0x7f0000005740)="90ab1b8a9170960ede29b74b6144d3e90478587187f5094f53c5dd1c8f9049a4e55b2deb064770acef6228a8e47e1653", 0x30}], 0x9}}], 0x5, 0x3) ioctl$TIOCGPKT(r1, 0x80045438, &(0x7f0000000ac0)) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r0) sendmsg$NL80211_CMD_DISCONNECT(r0, &(0x7f0000000540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="01002ecb00fddbdf2559efebcc08000300", @ANYRES32=0x0, @ANYBLOB="0c009900020000001d000000060036003d00000006003600110000000600360019000000060036002c000000060036001c00000006003600070000000600360022000000060036000000000006003600140000000600360007000000"], 0x78}, 0x1, 0x0, 0x0, 0x804}, 0x4885) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) 1.051875049s ago: executing program 2 (id=4646): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x12, 0x0, 0x0) 1.011014246s ago: executing program 2 (id=4647): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000010000e1250000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4) sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0) 963.65235ms ago: executing program 2 (id=4648): r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) shutdown(r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010800000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) connect$llc(r1, &(0x7f0000000380)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x10) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) sendmsg$sock(r0, &(0x7f00000034c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x45}, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = fsopen(&(0x7f0000000200)='nfsd\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/4\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) r4 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r4, 0x0, 0x1490) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043e0a03"], 0xd) fsopen(&(0x7f0000000200)='nfsd\x00', 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 946.678905ms ago: executing program 2 (id=4649): creat(&(0x7f0000000000)='./bus\x00', 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000580)) syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000440), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) r3 = socket$inet6(0xa, 0x3, 0x8000000003c) sendmsg(r3, &(0x7f00000000c0)={0x0, 0x952c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) 365.731601ms ago: executing program 3 (id=4650): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000100)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='contention_end\x00', r0}, 0x10) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r1 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') writev(r1, &(0x7f0000000780)=[{&(0x7f00000004c0)='4', 0x1}], 0x1) 33.398153ms ago: executing program 0 (id=4651): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_open_dev$sndpcmc(0x0, 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(0xffffffffffffffff, 0xc1004110, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) map_shadow_stack(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0) 0s ago: executing program 0 (id=4652): mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x32, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000, 0x0, &(0x7f0000001000/0x1000)=nil) madvise(&(0x7f0000001000/0x3000)=nil, 0x3000, 0xa) socket(0x10, 0x3, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000150001000000000000000000e0000002000000000000000000000000ffffffff00000000000000000000000000000000000000000a00000000000040", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/112], 0xb8}}, 0x0) kernel console output (not intermixed with test programs): own main item tag 0x0 [ 238.602079][ T5210] usb 8-1: Using ep0 maxpacket: 8 [ 238.603703][ T5261] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 238.610086][ T5261] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 238.611530][ T5210] usb 8-1: config index 0 descriptor too short (expected 5924, got 36) [ 238.613015][ T5261] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 238.613037][ T5261] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 238.613053][ T5261] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 238.613069][ T5261] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 238.613087][ T5261] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 238.613104][ T5261] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 238.614723][ T5261] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving [ 238.617082][ T5210] usb 8-1: config 250 has an invalid interface number: 228 but max is -1 [ 238.625121][ T5261] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 238.628302][ T5210] usb 8-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 238.656277][ T5210] usb 8-1: config 250 has no interface number 0 [ 238.659246][ T5210] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 238.664556][ T5210] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 238.669650][ T5210] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 238.675687][ T5210] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 238.680227][ T5210] usb 8-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 238.686620][ T5210] usb 8-1: config 250 interface 228 has no altsetting 0 [ 238.691909][ T5210] usb 8-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 238.695416][ T5210] usb 8-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 238.698949][ T5210] usb 8-1: Product: syz [ 238.700718][ T5210] usb 8-1: SerialNumber: syz [ 238.707226][ T5210] hub 8-1:250.228: bad descriptor, ignoring hub [ 238.710005][ T5210] hub 8-1:250.228: probe with driver hub failed with error -5 [ 238.759630][ T25] usb 7-1: USB disconnect, device number 3 [ 238.820246][T12147] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2691'. [ 238.859008][ T5261] usb 6-1: USB disconnect, device number 4 [ 238.943406][ T5210] usblp 8-1:250.228: usblp0: USB Bidirectional printer dev 5 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 239.283381][ T969] usb 8-1: USB disconnect, device number 5 [ 239.288354][ T969] usblp0: removed [ 239.348778][ T5261] libceph: connect (1)[c::]:6789 error -101 [ 239.352240][ T5261] libceph: mon0 (1)[c::]:6789 connect error [ 239.601436][T12179] fuse: Bad value for 'fd' [ 239.622928][ T5261] libceph: connect (1)[c::]:6789 error -101 [ 239.626184][ T5261] libceph: mon0 (1)[c::]:6789 connect error [ 239.667238][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 239.896242][T12193] dccp_xmit_packet: Payload too large (65475) for featneg. [ 240.046335][ T39] audit: type=1326 audit(1719426127.051:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12198 comm="syz.1.2711" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e0579 code=0x0 [ 240.080474][T12201] fuse: Bad value for 'fd' [ 240.119177][T12165] ceph: No mds server is up or the cluster is laggy [ 240.142717][ T5261] libceph: connect (1)[c::]:6789 error -101 [ 240.144966][ T5261] libceph: mon0 (1)[c::]:6789 connect error [ 240.198348][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 240.623250][ T4639] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 240.629397][ T4639] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 240.633662][ T4639] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 240.636982][ T4639] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 240.640415][ T4639] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 240.644291][ T4639] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 240.808636][T12222] chnl_net:caif_netlink_parms(): no params data found [ 240.909324][ T1142] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.989667][ T5426] libceph: connect (1)[c::]:6789 error -101 [ 240.991884][ T5426] libceph: mon0 (1)[c::]:6789 connect error [ 240.996757][T12222] bridge0: port 1(bridge_slave_0) entered blocking state [ 241.000563][T12222] bridge0: port 1(bridge_slave_0) entered disabled state [ 241.004461][T12222] bridge_slave_0: entered allmulticast mode [ 241.008959][T12222] bridge_slave_0: entered promiscuous mode [ 241.032995][ T1142] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.043951][T12222] bridge0: port 2(bridge_slave_1) entered blocking state [ 241.047167][T12222] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.050449][T12222] bridge_slave_1: entered allmulticast mode [ 241.064206][T12222] bridge_slave_1: entered promiscuous mode [ 241.104346][ C2] IPv4: Oversized IP packet from 172.20.20.24 [ 241.112453][ T1142] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.176755][T12222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 241.253998][ T5426] libceph: connect (1)[c::]:6789 error -101 [ 241.256815][ T5426] libceph: mon0 (1)[c::]:6789 connect error [ 241.261735][ T1142] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.272930][ T4639] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 241.295293][T12222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 241.411264][T12222] team0: Port device team_slave_0 added [ 241.424769][T12222] team0: Port device team_slave_1 added [ 241.556964][T12222] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 241.560231][T12222] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 241.572800][T12222] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 241.581356][T12222] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 241.585514][T12222] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 241.599439][T12222] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 241.757064][T12222] hsr_slave_0: entered promiscuous mode [ 241.761385][T12241] ceph: No mds server is up or the cluster is laggy [ 241.762365][ T5426] libceph: connect (1)[c::]:6789 error -101 [ 241.765507][T12222] hsr_slave_1: entered promiscuous mode [ 241.767933][ T5426] libceph: mon0 (1)[c::]:6789 connect error [ 241.775286][T12222] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 241.778722][T12222] Cannot create hsr debugfs directory [ 241.824777][ T1142] bridge_slave_1: left allmulticast mode [ 241.829181][ T1142] bridge_slave_1: left promiscuous mode [ 241.831483][ T1142] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.843114][ T1142] bridge_slave_0: left allmulticast mode [ 241.845145][ T1142] bridge_slave_0: left promiscuous mode [ 241.847821][ T1142] bridge0: port 1(bridge_slave_0) entered disabled state [ 242.327267][ T1142] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 242.340098][ T1142] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 242.359538][ T1142] bond0 (unregistering): Released all slaves [ 242.682960][ T4639] Bluetooth: hci0: command tx timeout [ 242.727453][T12277] dccp_xmit_packet: Payload too large (65475) for featneg. [ 242.784049][ T5261] libceph: connect (1)[c::]:6789 error -101 [ 242.786547][ T5261] libceph: mon0 (1)[c::]:6789 connect error [ 243.048389][ T5261] libceph: connect (1)[c::]:6789 error -101 [ 243.051301][ T5261] libceph: mon0 (1)[c::]:6789 connect error [ 243.212819][ T1142] hsr_slave_0: left promiscuous mode [ 243.220075][ T1142] hsr_slave_1: left promiscuous mode [ 243.230661][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 243.234303][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 243.238741][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 243.242800][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 243.299659][ T1142] veth1_macvtap: left promiscuous mode [ 243.304315][ T1142] veth0_macvtap: left promiscuous mode [ 243.307020][ T1142] veth1_vlan: left promiscuous mode [ 243.309545][ T1142] veth0_vlan: left promiscuous mode [ 243.517022][T12284] ceph: No mds server is up or the cluster is laggy [ 243.859126][ T39] audit: type=1326 audit(1719426130.861:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12328 comm="syz.2.2756" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x0 [ 244.592349][ T1142] team0 (unregistering): Port device team_slave_1 removed [ 244.712058][ T1142] team0 (unregistering): Port device team_slave_0 removed [ 244.762052][ T4639] Bluetooth: hci0: command tx timeout [ 245.555942][T12302] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2743'. [ 245.766648][T12371] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2772'. [ 245.961575][T12222] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 245.991059][ T5210] libceph: connect (1)[c::]:6789 error -22 [ 245.991323][T12222] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 245.993630][ T5210] libceph: mon0 (1)[c::]:6789 connect error [ 246.006407][T12222] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 246.015694][T12384] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2776'. [ 246.020717][T12222] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 246.166651][T12222] 8021q: adding VLAN 0 to HW filter on device bond0 [ 246.196620][T12222] 8021q: adding VLAN 0 to HW filter on device team0 [ 246.206442][ T55] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.209819][ T55] bridge0: port 1(bridge_slave_0) entered forwarding state [ 246.262236][ T5210] libceph: connect (1)[c::]:6789 error -22 [ 246.267630][ T5210] libceph: mon0 (1)[c::]:6789 connect error [ 246.295433][ T55] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.298684][ T55] bridge0: port 2(bridge_slave_1) entered forwarding state [ 246.527033][ T65] Bluetooth: hci2: unexpected event for opcode 0x201c [ 246.541093][T12222] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 246.588013][T12222] veth0_vlan: entered promiscuous mode [ 246.592845][T12435] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2786'. [ 246.597095][T12222] veth1_vlan: entered promiscuous mode [ 246.624604][T12222] veth0_macvtap: entered promiscuous mode [ 246.630785][T12222] veth1_macvtap: entered promiscuous mode [ 246.645945][T12222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.650697][T12222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.657184][T12222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.661400][T12222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.665397][T12222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.670288][T12222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.675811][T12222] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 246.685179][T12222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.689109][T12222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.692824][T12222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.696702][T12222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.700931][T12222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 246.705215][T12222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.713550][T12222] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 246.722110][T12222] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.723817][T12388] ceph: No mds server is up or the cluster is laggy [ 246.726703][T12222] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.737445][T12222] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.740794][T12222] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 246.852609][ T65] Bluetooth: hci0: command tx timeout [ 246.863821][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.872948][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.898308][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 246.902783][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 246.996304][ T13] Bluetooth: hci4: Frame reassembly failed (-84) [ 247.014029][T12457] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 248.190474][T12504] dccp_xmit_packet: Payload too large (65475) for featneg. [ 248.209293][T12499] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2809'. [ 248.921920][ T4639] Bluetooth: hci0: command tx timeout [ 249.012443][ T65] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 249.570409][T12539] fuse: Bad value for 'group_id' [ 249.767066][T12550] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2829'. [ 250.295630][T12573] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2839'. [ 250.720337][ T39] audit: type=1326 audit(1719426137.721:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12592 comm="syz.3.2847" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741c579 code=0x0 [ 250.839839][ T39] audit: type=1804 audit(1719426137.841:365): pid=12601 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2852" name="/syzkaller.skvzIG/637/bus" dev="sda1" ino=1969 res=1 errno=0 [ 252.446271][T12660] dccp_xmit_packet: Payload too large (65475) for featneg. [ 252.633906][T12668] sctp: [Deprecated]: syz.0.2878 (pid 12668) Use of int in maxseg socket option. [ 252.633906][T12668] Use struct sctp_assoc_value instead [ 253.060353][ T39] audit: type=1326 audit(1719426140.061:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12682 comm="syz.3.2884" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf741c579 code=0x0 [ 253.296501][T12688] dccp_xmit_packet: Payload too large (65475) for featneg. [ 254.222907][T12715] dccp_xmit_packet: Payload too large (65475) for featneg. [ 254.472689][T12724] fuse: Unknown parameter 'grou00000000000000000000' [ 254.585858][T12726] evm: overlay not supported [ 255.222015][T12740] dccp_xmit_packet: Payload too large (65475) for featneg. [ 255.353508][ T39] audit: type=1326 audit(1719426142.361:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12745 comm="syz.1.2911" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e0579 code=0x0 [ 255.551361][T12756] fuse: Unknown parameter 'group_i00000000000000000000' [ 255.797668][T12767] mmap: syz.0.2920 (12767) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 256.372415][ T5223] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 256.505255][ T39] audit: type=1326 audit(1719426143.511:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12803 comm="syz.3.2938" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741c579 code=0x0 [ 256.552185][ T5223] usb 5-1: Using ep0 maxpacket: 8 [ 256.563188][ T5223] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 256.566559][ T5223] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 256.572541][ T5223] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 256.577132][ T5223] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 256.583610][ T5223] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 256.587100][ T5223] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 256.595758][ T5223] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 256.612045][ T5223] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 256.631386][ T5223] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 256.638572][ T5223] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 256.643379][ T5223] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 256.648457][ T5223] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 256.663022][ T5223] usb 5-1: string descriptor 0 read error: -22 [ 256.666565][ T5223] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 256.671436][ T5223] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 256.690640][ T5223] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 256.708985][T12806] dccp_xmit_packet: Payload too large (65475) for featneg. [ 257.042341][ T5223] usb 5-1: USB disconnect, device number 5 [ 257.561450][T12824] fuse: Unknown parameter 'group_i00000000000000000000' [ 257.909332][T12835] netlink: 164 bytes leftover after parsing attributes in process `syz.0.2950'. [ 258.014405][T12842] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 258.104725][T12849] fuse: Unknown parameter 'group_id00000000000000000000' [ 258.373191][ T4639] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 258.642774][ T39] audit: type=1804 audit(1719426145.641:369): pid=12864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2959" name="/syzkaller.fB8IZz/32/bus" dev="sda1" ino=1968 res=1 errno=0 [ 259.244107][ T65] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 260.325071][T12904] netlink: 164 bytes leftover after parsing attributes in process `syz.3.2974'. [ 260.563006][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port [::1]:20002. Sending cookies. [ 260.967424][ T39] audit: type=1326 audit(1719426147.971:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12923 comm="syz.1.2982" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e0579 code=0x0 [ 261.087891][ T1354] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.090955][ T1354] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.099373][T12930] netlink: 164 bytes leftover after parsing attributes in process `syz.0.2984'. [ 261.513718][T12948] netlink: 164 bytes leftover after parsing attributes in process `syz.2.2993'. [ 261.718498][T12959] dccp_xmit_packet: Payload too large (65475) for featneg. [ 261.751922][ T5259] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 261.766822][T12956] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2997'. [ 261.796679][T12964] fuse: Bad value for 'fd' [ 261.901468][T12972] netlink: 164 bytes leftover after parsing attributes in process `syz.3.3003'. [ 261.931915][ T5259] usb 5-1: Using ep0 maxpacket: 32 [ 261.937231][ T5259] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 261.941084][ T5259] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 261.949424][ T5259] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 261.957784][ T5259] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.961013][ T5259] usb 5-1: Product: syz [ 261.968209][ T5259] usb 5-1: Manufacturer: syz [ 261.970058][ T5259] usb 5-1: SerialNumber: syz [ 262.184121][ T39] audit: type=1326 audit(1719426149.191:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12982 comm="syz.1.3008" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e0579 code=0x0 [ 262.222018][ T5259] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 262.305543][T12989] dccp_xmit_packet: Payload too large (65475) for featneg. [ 262.434739][ T5259] usb 5-1: USB disconnect, device number 6 [ 262.441322][ T5259] usblp0: removed [ 262.697839][T13003] fuse: Bad value for 'fd' [ 263.860769][T13034] x_tables: ip_tables: ah match: only valid for protocol 51 [ 263.888601][T13033] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3027'. [ 263.928523][T13038] dccp_xmit_packet: Payload too large (65475) for featneg. [ 263.963016][ T39] audit: type=1326 audit(1719426150.971:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13040 comm="syz.3.3031" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741c579 code=0x0 [ 264.773114][T13066] fuse: Invalid rootmode [ 264.791852][T13064] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3041'. [ 265.071704][ T39] audit: type=1326 audit(1719426152.061:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13087 comm="syz.0.3052" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x0 [ 265.094397][T13090] fuse: Invalid rootmode [ 265.851938][ T5210] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 266.072050][ T5210] usb 6-1: Using ep0 maxpacket: 32 [ 266.082608][ T5210] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 266.089668][ T5210] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 266.101721][ T5210] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 266.111626][ T5210] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.115221][ T5210] usb 6-1: Product: syz [ 266.117751][ T5210] usb 6-1: Manufacturer: syz [ 266.121646][ T5210] usb 6-1: SerialNumber: syz [ 266.201041][T13131] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3071'. [ 266.208380][T13131] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3071'. [ 266.263658][T13135] trusted_key: encrypted_key: key user:syz not found [ 266.424294][ T5210] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 266.505737][T13146] dccp_xmit_packet: Payload too large (65475) for featneg. [ 266.629581][ T5210] usb 6-1: USB disconnect, device number 5 [ 266.638660][ T5210] usblp0: removed [ 266.810604][T13171] fuse: Bad value for 'rootmode' [ 266.993230][T13181] dccp_xmit_packet: Payload too large (65475) for featneg. [ 267.574623][T13211] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3104'. [ 267.578830][T13211] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3104'. [ 267.612002][ T5426] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 267.797276][ T5426] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 267.803238][ T5426] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 267.808147][ T5426] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 9382, setting to 64 [ 267.813374][ T5426] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 267.827866][ T5426] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 267.832103][ T5426] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 267.836336][ T5426] usb 7-1: SerialNumber: syz [ 267.842700][T13198] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 267.847073][ T5426] cdc_acm 7-1:1.0: Control and data interfaces are not separated! [ 267.850547][ T5426] cdc_acm 7-1:1.0: probe with driver cdc_acm failed with error -12 [ 267.890795][T13227] trusted_key: encrypted_key: key user:syz not found [ 268.070648][ T5426] usb 7-1: USB disconnect, device number 4 [ 268.118891][ T4639] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 268.581184][T13239] [U]  [ 268.819880][T13247] x_tables: ip_tables: set.3 match: invalid size 48 (kernel) != (user) 32 [ 269.191110][T13272] [U]  [ 269.699296][T13294] [U]  [ 269.906187][ C2] vkms_vblank_simulate: vblank timer overrun [ 270.437814][ T39] audit: type=1800 audit(1719426157.441:374): pid=13316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3149" name="file2" dev="sda1" ino=1960 res=0 errno=0 [ 270.448644][T13313] dccp_xmit_packet: Payload too large (65475) for featneg. [ 270.520969][ T39] audit: type=1326 audit(1719426157.521:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13319 comm="syz.2.3151" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x0 [ 270.711333][T13334] fuse: Unknown parameter 'user_i00000000000000000000' [ 270.818070][T13340] netlink: 'syz.3.3159': attribute type 11 has an invalid length. [ 270.933479][T13344] dccp_xmit_packet: Payload too large (65475) for featneg. [ 270.952069][T13349] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3162'. [ 271.000985][T13353] fuse: Unknown parameter 'user_id00000000000000000000' [ 271.116627][T13365] x_tables: ip_tables: set.3 match: invalid size 48 (kernel) != (user) 32 [ 271.200208][T13367] netlink: 'syz.0.3171': attribute type 11 has an invalid length. [ 271.285179][T13375] fuse: Unknown parameter 'user_id00000000000000000000' [ 271.684789][ T4639] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 271.759560][T13412] fuse: Bad value for 'fd' [ 271.759639][T13405] dccp_xmit_packet: Payload too large (65475) for featneg. [ 271.890641][T13418] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3193'. [ 271.894646][T13418] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3193'. [ 272.134720][ T4639] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 272.455782][ T39] audit: type=1804 audit(1719426159.461:376): pid=13436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3200" name="/syzkaller.fB8IZz/103/bus" dev="sda1" ino=1970 res=1 errno=0 [ 272.650874][T13455] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3206'. [ 272.658465][T13455] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3206'. [ 272.760411][T13457] netlink: 'syz.1.3207': attribute type 11 has an invalid length. [ 273.326935][ T65] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 273.634561][ T39] audit: type=1804 audit(1719426160.641:377): pid=13488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3217" name="/syzkaller.fB8IZz/108/bus" dev="sda1" ino=1967 res=1 errno=0 [ 274.662295][ T5221] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 274.946720][ T39] audit: type=1804 audit(1719426161.951:378): pid=13519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3230" name="/syzkaller.fB8IZz/114/bus" dev="sda1" ino=1970 res=1 errno=0 [ 275.527619][T13538] fuse: Unknown parameter '0x0000000000000003' [ 275.961952][ T5280] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 276.165847][ T5280] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 276.170631][ T5280] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 276.182677][ T5280] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 9382, setting to 64 [ 276.193794][ T5280] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 276.203080][ T5280] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 276.206953][ T5280] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 276.210823][ T5280] usb 6-1: SerialNumber: syz [ 276.215090][T13542] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 276.219622][ T5280] cdc_acm 6-1:1.0: Control and data interfaces are not separated! [ 276.223952][ T5280] cdc_acm 6-1:1.0: probe with driver cdc_acm failed with error -12 [ 276.246693][T13555] dccp_xmit_packet: Payload too large (65475) for featneg. [ 276.398574][T13561] fuse: Unknown parameter '0x0000000000000003' [ 276.426740][ T5280] usb 6-1: USB disconnect, device number 6 [ 276.728861][T13577] netlink: 128 bytes leftover after parsing attributes in process `syz.0.3254'. [ 276.806590][T13581] fuse: Unknown parameter '0x0000000000000003' [ 277.271057][T13599] fuse: Unknown parameter '0x0000000000000003' [ 277.384814][ T5221] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 277.664158][ T39] audit: type=1804 audit(1719426164.671:379): pid=13615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3268" name="/syzkaller.fB8IZz/131/bus" dev="sda1" ino=1970 res=1 errno=0 [ 278.055338][T13620] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3271'. [ 278.069042][T13620] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3271'. [ 278.076698][T13620] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3271'. [ 278.090788][T13620] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 278.365743][T13630] fuse: Unknown parameter '0x0000000000000003' [ 279.649684][T13655] fuse: Unknown parameter 'fd0x0000000000000003' [ 280.059579][ T39] audit: type=1326 audit(1719426167.061:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13673 comm="syz.0.3292" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x0 [ 280.651344][T13696] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3302'. [ 280.655425][T13696] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3302'. [ 281.178489][ T825] libceph: connect (1)[c::]:6789 error -101 [ 281.181660][ T825] libceph: mon0 (1)[c::]:6789 connect error [ 281.235447][ T39] audit: type=1804 audit(1719426168.241:381): pid=13713 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3306" name="/syzkaller.skvzIG/725/bus" dev="sda1" ino=1955 res=1 errno=0 [ 281.444600][ T825] libceph: connect (1)[c::]:6789 error -101 [ 281.452044][ T825] libceph: mon0 (1)[c::]:6789 connect error [ 281.925531][T13722] ceph: No mds server is up or the cluster is laggy [ 282.001921][ T55] usb 7-1: new full-speed USB device number 5 using dummy_hcd [ 282.001937][ T5259] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 282.193577][ T55] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 282.198097][ T55] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 282.212201][ T55] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 9382, setting to 64 [ 282.216750][ T55] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 282.218166][ T5259] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 282.230175][ T55] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 282.230651][ T5259] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 282.234320][ T55] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 282.245069][ T5259] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 282.251892][ T55] usb 7-1: SerialNumber: syz [ 282.252066][ T5259] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 282.257846][ T5259] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 282.261098][T13727] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 282.271318][ T5259] usb 6-1: config 0 descriptor?? [ 282.273356][ T55] cdc_acm 7-1:1.0: Control and data interfaces are not separated! [ 282.277429][ T55] cdc_acm 7-1:1.0: probe with driver cdc_acm failed with error -12 [ 282.283875][T13729] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 282.385535][ T39] audit: type=1326 audit(1719426169.391:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13735 comm="syz.0.3316" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x0 [ 282.490683][ T55] usb 7-1: USB disconnect, device number 5 [ 282.680273][T13739] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3317'. [ 282.684024][T13739] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3317'. [ 282.688401][T13739] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3317'. [ 282.727026][ T5259] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 282.730306][ T5259] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 282.733630][ T5259] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 282.736905][ T5259] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 282.740639][ T5259] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 282.748002][ T5259] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 282.751700][ T5259] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 282.756327][ T5259] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 282.759638][ T5259] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 282.764857][ T5259] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 282.768307][ T5259] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 282.772731][ T5259] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving [ 282.779618][ T5259] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 283.018121][ T8] usb 6-1: USB disconnect, device number 7 [ 283.316619][ T4639] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 284.708724][ T39] audit: type=1326 audit(1719426171.711:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13773 comm="syz.3.3331" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741c579 code=0x0 [ 284.902221][ T5210] usb 5-1: new full-speed USB device number 7 using dummy_hcd [ 285.096356][ T5210] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 285.101351][ T5210] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 285.113792][ T5210] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 9382, setting to 64 [ 285.118610][ T5210] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 285.137527][ T5210] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 285.141689][ T5210] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 285.146010][ T5210] usb 5-1: SerialNumber: syz [ 285.156251][T13772] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 285.160973][ T5210] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 285.166716][ T5210] cdc_acm 5-1:1.0: probe with driver cdc_acm failed with error -12 [ 285.193833][T13788] dccp_xmit_packet: Payload too large (65475) for featneg. [ 285.367200][ T5210] usb 5-1: USB disconnect, device number 7 [ 286.015219][ T825] libceph: connect (1)[c::]:6789 error -22 [ 286.018854][ T825] libceph: mon0 (1)[c::]:6789 connect error [ 286.251578][ T39] audit: type=1326 audit(1719426173.251:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13818 comm="syz.0.3348" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x0 [ 286.292363][ T825] libceph: connect (1)[c::]:6789 error -22 [ 286.295061][ T825] libceph: mon0 (1)[c::]:6789 connect error [ 286.767108][T13798] ceph: No mds server is up or the cluster is laggy [ 286.802286][ T55] libceph: connect (1)[c::]:6789 error -22 [ 286.805001][ T55] libceph: mon0 (1)[c::]:6789 connect error [ 289.825742][T13834] sctp: [Deprecated]: syz.1.3355 (pid 13834) Use of int in max_burst socket option deprecated. [ 289.825742][T13834] Use struct sctp_assoc_value instead [ 290.022065][ T5210] usb 7-1: new full-speed USB device number 6 using dummy_hcd [ 290.224054][ T5210] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 290.232088][ T5210] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 290.242067][ T5210] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 9382, setting to 64 [ 290.249526][ T5210] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 290.263605][ T5210] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 290.269474][ T5210] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 290.278949][ T5210] usb 7-1: SerialNumber: syz [ 290.291173][T13826] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 290.301313][ T5210] cdc_acm 7-1:1.0: Control and data interfaces are not separated! [ 290.308200][ T5210] cdc_acm 7-1:1.0: probe with driver cdc_acm failed with error -12 [ 290.511947][ T5210] usb 7-1: USB disconnect, device number 6 [ 291.502489][T13885] dccp_xmit_packet: Payload too large (65475) for featneg. [ 291.504133][T13883] netfs: Couldn't get user pages (rc=-14) [ 292.283083][T13910] dccp_xmit_packet: Payload too large (65475) for featneg. [ 293.219414][T13940] overlayfs: failed to resolve './file2': -2 [ 293.688260][ T5259] libceph: connect (1)[c::]:6789 error -101 [ 293.690681][ T5259] libceph: mon0 (1)[c::]:6789 connect error [ 293.883678][T13969] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3409'. [ 293.889782][T13969] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3409'. [ 293.967355][ T5259] libceph: connect (1)[c::]:6789 error -101 [ 293.970719][ T5259] libceph: mon0 (1)[c::]:6789 connect error [ 294.412983][T13957] ceph: No mds server is up or the cluster is laggy [ 294.924096][T13984] dccp_xmit_packet: Payload too large (65475) for featneg. [ 295.154456][ T10] libceph: connect (1)[c::]:6789 error -22 [ 295.157169][ T10] libceph: mon0 (1)[c::]:6789 connect error [ 295.412311][ T8] libceph: connect (1)[c::]:6789 error -22 [ 295.417779][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 295.912415][T14003] ceph: No mds server is up or the cluster is laggy [ 296.136403][T14018] overlayfs: failed to resolve './file2': -2 [ 296.388680][ T5210] libceph: connect (1)[c::]:6789 error -22 [ 296.392087][ T5210] libceph: mon0 (1)[c::]:6789 connect error [ 296.654638][ T5210] libceph: connect (1)[c::]:6789 error -22 [ 296.657580][ T5210] libceph: mon0 (1)[c::]:6789 connect error [ 296.874575][T14043] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3434'. [ 296.879109][T14043] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3434'. [ 297.158681][T14037] ceph: No mds server is up or the cluster is laggy [ 297.178327][ T25] libceph: connect (1)[c::]:6789 error -22 [ 297.181254][ T25] libceph: mon0 (1)[c::]:6789 connect error [ 297.264481][ T39] audit: type=1326 audit(1719426184.271:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14050 comm="syz.3.3438" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741c579 code=0x0 [ 297.805108][T14085] netfs: Couldn't get user pages (rc=-14) [ 297.835886][T14085] syz.1.3451 (14085) used greatest stack depth: 19984 bytes left [ 297.962862][T14091] netlink: 'syz.3.3454': attribute type 11 has an invalid length. [ 298.128133][T14101] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3458'. [ 298.133432][T14101] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3458'. [ 298.461995][ T39] audit: type=1326 audit(1719426185.461:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14106 comm="syz.3.3461" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741c579 code=0x0 [ 299.213628][T14130] netlink: 'syz.3.3467': attribute type 11 has an invalid length. [ 299.834599][ T39] audit: type=1326 audit(1719426186.841:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14146 comm="syz.1.3473" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e0579 code=0x0 [ 300.358473][ T5426] libceph: connect (1)[c::]:6789 error -101 [ 300.361573][ T5426] libceph: mon0 (1)[c::]:6789 connect error [ 300.379807][ T5221] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 300.632432][ T5426] libceph: connect (1)[c::]:6789 error -101 [ 300.635439][ T5426] libceph: mon0 (1)[c::]:6789 connect error [ 301.128546][T14158] ceph: No mds server is up or the cluster is laggy [ 301.143548][ T5426] libceph: connect (1)[c::]:6789 error -101 [ 301.150225][ T5426] libceph: mon0 (1)[c::]:6789 connect error [ 301.401478][T14188] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3486'. [ 301.453045][T14191] netlink: 'syz.3.3487': attribute type 11 has an invalid length. [ 302.314099][ T35] usb 6-1: new full-speed USB device number 8 using dummy_hcd [ 302.514534][ T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 302.520636][ T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 302.529618][ T35] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 9382, setting to 64 [ 302.534515][ T35] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 302.541234][ T35] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 302.544356][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 302.547253][ T35] usb 6-1: SerialNumber: syz [ 302.556638][T14209] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 302.564717][ T35] cdc_acm 6-1:1.0: Control and data interfaces are not separated! [ 302.571330][ T35] cdc_acm 6-1:1.0: probe with driver cdc_acm failed with error -12 [ 302.785378][ T35] usb 6-1: USB disconnect, device number 8 [ 302.788409][T14230] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3499'. [ 303.176672][T14250] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3508'. [ 303.305368][ T5221] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 303.559382][T14272] netlink: 80 bytes leftover after parsing attributes in process `syz.1.3518'. [ 303.844339][ T39] audit: type=1326 audit(1719426190.851:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14273 comm="syz.1.3519" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e0579 code=0x0 [ 303.981690][T14296] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3527'. [ 304.041983][ T55] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 304.224039][ T55] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 304.228873][ T55] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 304.233352][ T55] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 9382, setting to 64 [ 304.238139][ T55] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 304.245548][ T55] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 304.249663][ T55] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 304.253286][ T55] usb 5-1: SerialNumber: syz [ 304.258591][T14282] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 304.262265][ T55] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 304.265414][ T55] cdc_acm 5-1:1.0: probe with driver cdc_acm failed with error -12 [ 304.467515][ T5210] usb 5-1: USB disconnect, device number 8 [ 306.131982][ T5210] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 306.334451][ T5210] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 306.339218][ T5210] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 306.352215][ T5210] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 9382, setting to 64 [ 306.357149][ T5210] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 306.368060][ T5210] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 306.372414][ T5210] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 306.375290][ T5210] usb 5-1: SerialNumber: syz [ 306.381067][T14343] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 306.387049][ T5210] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 306.391436][ T5210] cdc_acm 5-1:1.0: probe with driver cdc_acm failed with error -12 [ 306.590067][ T5210] usb 5-1: USB disconnect, device number 9 [ 306.806458][ T39] audit: type=1326 audit(1719426193.811:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14365 comm="syz.2.3556" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x0 [ 307.223313][ T8] libceph: connect (1)[c::]:6789 error -101 [ 307.230507][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 307.502876][ T8] libceph: connect (1)[c::]:6789 error -101 [ 307.506060][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 307.669972][T14418] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3573'. [ 307.674155][T14418] netlink: 'syz.1.3573': attribute type 30 has an invalid length. [ 307.980574][T14403] ceph: No mds server is up or the cluster is laggy [ 308.408433][ T45] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 308.451942][ T8] usb 5-1: new full-speed USB device number 10 using dummy_hcd [ 308.541360][ T45] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 308.636806][ T45] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 308.658188][ T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 308.671351][ T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 308.676945][ T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 9382, setting to 64 [ 308.681908][ T8] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 308.690750][ T8] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 308.702460][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 308.715759][ T8] usb 5-1: SerialNumber: syz [ 308.729711][ T4639] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 308.740281][ T4639] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 308.742943][T14427] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 308.744450][ T4639] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 308.752862][ T4639] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 308.762501][ T4639] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 308.763312][ T8] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 308.769855][ T4639] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 308.773382][ T8] cdc_acm 5-1:1.0: probe with driver cdc_acm failed with error -12 [ 308.804579][ T45] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 308.960481][T14441] chnl_net:caif_netlink_parms(): no params data found [ 308.973209][ T5280] usb 5-1: USB disconnect, device number 10 [ 309.190046][T14441] bridge0: port 1(bridge_slave_0) entered blocking state [ 309.209427][T14441] bridge0: port 1(bridge_slave_0) entered disabled state [ 309.225153][T14441] bridge_slave_0: entered allmulticast mode [ 309.243191][T14441] bridge_slave_0: entered promiscuous mode [ 309.253326][T14441] bridge0: port 2(bridge_slave_1) entered blocking state [ 309.256945][T14441] bridge0: port 2(bridge_slave_1) entered disabled state [ 309.260218][T14441] bridge_slave_1: entered allmulticast mode [ 309.270769][T14441] bridge_slave_1: entered promiscuous mode [ 309.287878][ T5221] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 309.297648][ T5221] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 309.302963][ T5221] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 309.316450][ T5221] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 309.334475][ T5221] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 309.341478][ T5221] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 309.349778][ T45] bridge_slave_1: left allmulticast mode [ 309.356933][ T45] bridge_slave_1: left promiscuous mode [ 309.360535][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 309.369616][ T45] bridge_slave_0: left allmulticast mode [ 309.373933][ T45] bridge_slave_0: left promiscuous mode [ 309.377389][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 309.657896][ T5221] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 309.902501][ T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 309.923793][ T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 309.948035][ T45] bond0 (unregistering): Released all slaves [ 309.975188][T14441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 310.015588][T14441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 310.171077][T14441] team0: Port device team_slave_0 added [ 310.214779][T14441] team0: Port device team_slave_1 added [ 310.340653][T14441] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 310.349045][T14441] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 310.362444][T14441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 310.396766][T14441] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 310.399560][T14441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 310.415173][T14441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 310.553728][T14441] hsr_slave_0: entered promiscuous mode [ 310.557732][T14441] hsr_slave_1: entered promiscuous mode [ 310.563986][T14441] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 310.566964][T14441] Cannot create hsr debugfs directory [ 310.762928][ T39] audit: type=1326 audit(1719426197.771:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14459 comm="syz.0.3592" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x0 [ 310.852164][ T5221] Bluetooth: hci1: command tx timeout [ 310.972159][T14450] chnl_net:caif_netlink_parms(): no params data found [ 311.000280][ T45] hsr_slave_0: left promiscuous mode [ 311.012679][ T45] hsr_slave_1: left promiscuous mode [ 311.021691][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 311.025358][ T45] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 311.030725][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 311.038762][ T45] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 311.079941][ T45] veth1_macvtap: left promiscuous mode [ 311.082321][ T45] veth0_macvtap: left promiscuous mode [ 311.085247][ T45] veth1_vlan: left promiscuous mode [ 311.087511][ T45] veth0_vlan: left promiscuous mode [ 311.407358][ T5221] Bluetooth: hci2: command tx timeout [ 311.591926][ T35] usb 7-1: new full-speed USB device number 7 using dummy_hcd [ 311.790558][ T35] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 311.795350][ T35] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 311.799367][ T35] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 9382, setting to 64 [ 311.804219][ T35] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 311.817149][ T35] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 311.821167][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 311.825956][ T35] usb 7-1: SerialNumber: syz [ 311.830365][T14485] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 311.835186][ T35] cdc_acm 7-1:1.0: Control and data interfaces are not separated! [ 311.839854][ T35] cdc_acm 7-1:1.0: probe with driver cdc_acm failed with error -12 [ 312.037746][ T35] usb 7-1: USB disconnect, device number 7 [ 312.225473][ T45] team0 (unregistering): Port device team_slave_1 removed [ 312.347466][ T45] team0 (unregistering): Port device team_slave_0 removed [ 312.922673][ T5221] Bluetooth: hci1: command tx timeout [ 313.482982][ T5221] Bluetooth: hci2: command tx timeout [ 313.748571][T14507] afs: Bad value for 'source' [ 313.827377][T14450] bridge0: port 1(bridge_slave_0) entered blocking state [ 313.830625][T14450] bridge0: port 1(bridge_slave_0) entered disabled state [ 313.836754][T14450] bridge_slave_0: entered allmulticast mode [ 313.841557][T14450] bridge_slave_0: entered promiscuous mode [ 313.848173][T14450] bridge0: port 2(bridge_slave_1) entered blocking state [ 313.854488][T14450] bridge0: port 2(bridge_slave_1) entered disabled state [ 313.858134][T14450] bridge_slave_1: entered allmulticast mode [ 313.863427][T14450] bridge_slave_1: entered promiscuous mode [ 313.997312][T14450] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 314.009793][T14450] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 314.104912][T14450] team0: Port device team_slave_0 added [ 314.117773][T14450] team0: Port device team_slave_1 added [ 314.190665][T14450] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 314.196585][T14450] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 314.207561][T14450] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 314.214938][T14450] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 314.217967][T14450] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 314.229402][T14450] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 314.369448][T14441] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 314.403716][T14450] hsr_slave_0: entered promiscuous mode [ 314.407728][T14450] hsr_slave_1: entered promiscuous mode [ 314.412297][T14450] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 314.415323][T14450] Cannot create hsr debugfs directory [ 314.418508][T14441] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 314.477925][ T45] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 314.528520][T14441] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 314.596534][T14441] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 314.631945][ T45] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 314.750125][ T45] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 314.839061][ T45] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 314.999756][ T45] bridge_slave_1: left allmulticast mode [ 315.004559][ T5221] Bluetooth: hci1: command tx timeout [ 315.010510][ T45] bridge_slave_1: left promiscuous mode [ 315.020938][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 315.043366][ T45] bridge_slave_0: left allmulticast mode [ 315.046033][ T45] bridge_slave_0: left promiscuous mode [ 315.059688][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 315.491657][ T39] audit: type=1326 audit(1719426202.491:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.0.3605" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x0 [ 315.562040][ T5221] Bluetooth: hci2: command tx timeout [ 315.605367][ T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 315.617973][ T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 315.626310][ T45] bond0 (unregistering): Released all slaves [ 315.636149][ T45] bond1 (unregistering): Released all slaves [ 315.684201][T14441] 8021q: adding VLAN 0 to HW filter on device bond0 [ 315.717344][T14441] 8021q: adding VLAN 0 to HW filter on device team0 [ 315.725129][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 315.727725][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 315.736234][T14534] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3607'. [ 315.753647][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 315.756243][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 316.136300][ T45] hsr_slave_0: left promiscuous mode [ 316.144668][ T45] hsr_slave_1: left promiscuous mode [ 316.149521][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 316.154283][ T45] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 316.159171][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 316.163627][ T45] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 316.248858][ T45] veth1_macvtap: left promiscuous mode [ 316.251427][ T45] veth0_macvtap: left promiscuous mode [ 316.254569][ T45] veth1_vlan: left promiscuous mode [ 316.259383][ T45] veth0_vlan: left promiscuous mode [ 316.520423][T14554] afs: Bad value for 'source' [ 316.815935][T14563] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3612'. [ 317.082228][ T5221] Bluetooth: hci1: command tx timeout [ 317.471043][ T45] team0 (unregistering): Port device team_slave_1 removed [ 317.577075][ T45] team0 (unregistering): Port device team_slave_0 removed [ 317.652238][ T5221] Bluetooth: hci2: command tx timeout [ 318.333422][T14559] netlink: 'syz.0.3610': attribute type 10 has an invalid length. [ 318.354017][T14559] team0: Port device netdevsim0 added [ 318.385808][T14441] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 318.415519][T14567] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3614'. [ 318.487581][T14441] veth0_vlan: entered promiscuous mode [ 318.506969][ T39] audit: type=1326 audit(1719426205.511:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14568 comm="syz.0.3615" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x0 [ 318.518718][T14571] netlink: 52 bytes leftover after parsing attributes in process `syz.2.3616'. [ 318.521041][T14441] veth1_vlan: entered promiscuous mode [ 318.529300][T14450] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 318.543384][T14450] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 318.566681][T14450] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 318.573677][T14450] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 318.627908][T14441] veth0_macvtap: entered promiscuous mode [ 318.636250][T14441] veth1_macvtap: entered promiscuous mode [ 318.668304][T14441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 318.673101][T14441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.676637][T14441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 318.681067][T14441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.688042][T14441] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 318.701390][T14441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 318.706445][T14441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.710886][T14441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 318.715951][T14441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 318.722915][T14441] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 318.741587][T14441] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.745706][T14441] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.749877][T14441] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.754300][T14441] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.820400][T14450] 8021q: adding VLAN 0 to HW filter on device bond0 [ 318.856630][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 318.859495][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 318.870577][T14450] 8021q: adding VLAN 0 to HW filter on device team0 [ 318.894192][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 318.897823][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 318.898791][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 318.904543][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 318.929101][ T5280] bridge0: port 2(bridge_slave_1) entered blocking state [ 318.932420][ T5280] bridge0: port 2(bridge_slave_1) entered forwarding state [ 319.044052][ T5223] libceph: connect (1)[c::]:6789 error -101 [ 319.046953][ T5223] libceph: mon0 (1)[c::]:6789 connect error [ 319.117721][T14600] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3625'. [ 319.140405][T14450] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 319.180039][T14450] veth0_vlan: entered promiscuous mode [ 319.191669][T14450] veth1_vlan: entered promiscuous mode [ 319.238074][T14450] veth0_macvtap: entered promiscuous mode [ 319.245600][T14450] veth1_macvtap: entered promiscuous mode [ 319.264501][T14450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 319.268968][T14450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 319.274909][T14450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 319.279258][T14450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 319.283661][T14450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 319.288243][T14450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 319.294595][T14450] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 319.303099][ T5223] libceph: connect (1)[c::]:6789 error -101 [ 319.306171][ T5223] libceph: mon0 (1)[c::]:6789 connect error [ 319.308077][T14450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 319.317302][T14450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 319.323104][T14450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 319.327766][T14450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 319.333876][T14450] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 319.339537][T14450] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 319.348006][T14450] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 319.363702][T14450] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.367899][T14450] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.372336][T14450] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.376225][T14450] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.439678][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 319.444693][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 319.465135][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 319.467857][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 319.613805][ T39] audit: type=1326 audit(1719426206.621:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14625 comm="syz.0.3636" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x0 [ 319.803424][T14591] ceph: No mds server is up or the cluster is laggy [ 319.822507][ T5223] libceph: connect (1)[c::]:6789 error -101 [ 319.824813][ T5223] libceph: mon0 (1)[c::]:6789 connect error [ 320.254144][T14646] EXT4-fs warning (device sda1): verify_group_input:136: Cannot add at group 0 (only 8 groups) [ 320.308576][T14646] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3644'. [ 321.312107][ T8] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 321.503900][ T8] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 321.508308][ T8] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 321.513039][ T8] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 321.516625][ T8] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 321.522221][ T8] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 321.526106][ T8] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 321.529579][ T8] usb 5-1: Product: syz [ 321.531420][ T8] usb 5-1: Manufacturer: syz [ 321.536319][ T8] cdc_wdm 5-1:1.0: skipping garbage [ 321.538730][ T8] cdc_wdm 5-1:1.0: skipping garbage [ 321.542542][ T8] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 321.544976][ T8] cdc_wdm 5-1:1.0: Unknown control protocol [ 321.759186][ T35] usb 5-1: USB disconnect, device number 11 [ 321.820043][T14700] EXT4-fs warning (device sda1): verify_group_input:136: Cannot add at group 0 (only 8 groups) [ 321.867366][T14700] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3663'. [ 322.536799][ T1354] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.546505][ T1354] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.382089][ T5259] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 323.479293][T14743] netlink: 84 bytes leftover after parsing attributes in process `syz.1.3679'. [ 323.580220][T14745] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3680'. [ 323.594079][ T5259] usb 7-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 323.597385][ T5259] usb 7-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 323.602598][ T5259] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 323.606405][ T5259] usb 7-1: config 1 has no interface number 1 [ 323.609445][ T5259] usb 7-1: too many endpoints for config 1 interface 2 altsetting 2: 139, using maximum allowed: 30 [ 323.614411][ T5259] usb 7-1: config 1 interface 2 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 139 [ 323.619365][ T5259] usb 7-1: config 1 interface 2 has no altsetting 0 [ 323.624058][ T5259] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 323.627660][ T5259] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 323.630774][ T5259] usb 7-1: Product: ఉ [ 323.632729][ T5259] usb 7-1: Manufacturer: 㴶磬ꋽ顥ꆰ뽁ꤿ澈怖꽎믿䌇뇫㫎㞎ꭋ먬댘惙冋ⅆ褅ﰊڭ漛⬁ŀ⫱嚬㯽x纇㍦穅쐗䧦貝㣮ꭼ滂巭갸쀫獉➚殹桵꠆傲惿ᆂ耰䍳ᒾᣯ픶䀇즨뵗䵩됓싵㰾㵒⽽镳 [ 323.642307][ T5259] usb 7-1: SerialNumber: Ў [ 324.122949][ T5221] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 324.126946][ T5221] Bluetooth: hci1: Injecting HCI hardware error event [ 324.132190][ T4639] Bluetooth: hci1: hardware error 0x00 [ 324.484445][ T5259] usb 7-1: USB disconnect, device number 8 [ 324.713380][ T5227] udevd[5227]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 325.170567][T14806] sg_read: process 60 (syz.3.3706) changed security contexts after opening file descriptor, this is not allowed. [ 325.533843][T14819] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3711'. [ 326.202225][ T4639] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 326.366190][T14866] Driver unsupported XDP return value 0 on prog (id 689) dev N/A, expect packet loss! [ 326.389712][T14851] fscrypt: Adiantum using implementation "adiantum(xchacha12-simd,aes-aesni,nhpoly1305-avx2)" [ 326.525464][ T5210] kernel write not supported for file /snd/seq (pid: 5210 comm: kworker/2:2) [ 326.821065][T14894] dccp_xmit_packet: Payload too large (65475) for featneg. [ 327.104365][ T35] kernel write not supported for file /snd/seq (pid: 35 comm: kworker/3:0) [ 327.504185][T14921] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3750'. [ 327.748548][T14933] EXT4-fs warning (device sda1): verify_group_input:136: Cannot add at group 0 (only 8 groups) [ 327.790388][T14933] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3755'. [ 327.912302][T14943] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3760'. [ 328.090602][T14961] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3768'. [ 328.279224][ T39] audit: type=1326 audit(1719426215.281:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14973 comm="syz.1.3773" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7492579 code=0x0 [ 328.877268][T14977] netlink: 96 bytes leftover after parsing attributes in process `syz.3.3774'. [ 329.367699][ T39] audit: type=1326 audit(1719426216.371:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15017 comm="syz.1.3792" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7492579 code=0x0 [ 329.652516][T15026] random: crng reseeded on system resumption [ 330.361855][T15050] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3805'. [ 330.410552][T15056] __vm_enough_memory: pid: 15056, comm: syz.1.3808, bytes: 4294963200 not enough memory for the allocation [ 330.537660][T15062] EXT4-fs warning (device sda1): verify_group_input:136: Cannot add at group 0 (only 8 groups) [ 330.567446][T15062] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3811'. [ 330.851333][T15084] EXT4-fs warning (device sda1): verify_group_input:136: Cannot add at group 0 (only 8 groups) [ 330.880056][T15084] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3822'. [ 330.949563][T15089] netlink: 2 bytes leftover after parsing attributes in process `syz.1.3824'. [ 331.044348][T15103] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 331.112282][T15109] EXT4-fs warning (device sda1): verify_group_input:136: Cannot add at group 0 (only 8 groups) [ 331.143462][T15109] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3833'. [ 331.228737][T15111] dccp_xmit_packet: Payload too large (65475) for featneg. [ 332.035840][T15134] EXT4-fs warning (device sda1): verify_group_input:136: Cannot add at group 0 (only 8 groups) [ 333.747439][ T39] audit: type=1326 audit(1719426220.751:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15161 comm="syz.3.3853" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749a579 code=0x7fc00000 [ 334.103442][T15204] random: crng reseeded on system resumption [ 334.113545][T15207] EXT4-fs warning (device sda1): verify_group_input:136: Cannot add at group 0 (only 8 groups) [ 334.162111][T15207] __nla_validate_parse: 1 callbacks suppressed [ 334.162129][T15207] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3871'. [ 334.527045][T15214] dccp_xmit_packet: Payload too large (65475) for featneg. [ 335.057782][T15239] ptrace attach of "/syz-executor exec"[14450] was attempted by "/syz-executor exec"[15239] [ 336.264359][T15279] netlink: 'syz.3.3896': attribute type 23 has an invalid length. [ 336.657242][ T39] audit: type=1326 audit(1719426223.661:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15267 comm="syz.2.3892" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7fc00000 [ 336.800935][T15318] Cannot find add_set index 0 as target [ 337.642131][ T4639] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 337.646638][ T4639] Bluetooth: hci0: Injecting HCI hardware error event [ 337.652233][ T5221] Bluetooth: hci0: hardware error 0x00 [ 337.745995][ T39] audit: type=1326 audit(1719426224.751:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15324 comm="syz.2.3916" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf745e579 code=0x7fc00000 [ 337.767496][T15354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3926'. [ 337.824270][T15360] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3929'. [ 337.827739][ T39] audit: type=1804 audit(1719426224.831:399): pid=15359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3930" name="/syzkaller.fB8IZz/285/bus" dev="sda1" ino=1977 res=1 errno=0 [ 337.843845][ T39] audit: type=1804 audit(1719426224.851:400): pid=15359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.3930" name="/syzkaller.fB8IZz/285/bus" dev="sda1" ino=1977 res=1 errno=0 [ 337.874056][ T39] audit: type=1804 audit(1719426224.881:401): pid=15359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.3930" name="/syzkaller.fB8IZz/285/bus" dev="sda1" ino=1977 res=1 errno=0 [ 338.028427][T15381] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3938'. [ 338.073847][T15383] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3941'. [ 338.206390][T15399] ptrace attach of "/syz-executor exec"[14441] was attempted by "/syz-executor exec"[15399] [ 338.219852][T15400] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3949'. [ 338.263874][T15404] netlink: 88 bytes leftover after parsing attributes in process `syz.1.3951'. [ 338.496220][T15425] syzkaller1: entered promiscuous mode [ 338.498766][T15425] syzkaller1: entered allmulticast mode [ 338.689622][T15430] netlink: 88 bytes leftover after parsing attributes in process `syz.1.3962'. [ 338.993171][ T5259] usb 6-1: new full-speed USB device number 9 using dummy_hcd [ 339.142173][ T5259] usb 6-1: device descriptor read/64, error -71 [ 339.422013][ T5259] usb 6-1: new full-speed USB device number 10 using dummy_hcd [ 339.538347][ T39] audit: type=1804 audit(1719426226.541:402): pid=15462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3977" name="/syzkaller.n4ywT3/111/bus" dev="sda1" ino=1977 res=1 errno=0 [ 339.552522][ T39] audit: type=1804 audit(1719426226.541:403): pid=15462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.3977" name="/syzkaller.n4ywT3/111/bus" dev="sda1" ino=1977 res=1 errno=0 [ 339.562188][ T39] audit: type=1804 audit(1719426226.551:404): pid=15462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.3977" name="/syzkaller.n4ywT3/111/bus" dev="sda1" ino=1977 res=1 errno=0 [ 339.571999][ T5259] usb 6-1: device descriptor read/64, error -71 [ 339.703281][ T5259] usb usb6-port1: attempt power cycle [ 339.722077][ T5221] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 340.111934][ T5259] usb 6-1: new full-speed USB device number 11 using dummy_hcd [ 340.142594][ T5259] usb 6-1: device descriptor read/8, error -71 [ 340.412011][ T5259] usb 6-1: new full-speed USB device number 12 using dummy_hcd [ 340.443135][ T5259] usb 6-1: device descriptor read/8, error -71 [ 340.562290][ T5259] usb usb6-port1: unable to enumerate USB device [ 341.194388][T15520] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3996'. [ 341.634797][ T39] audit: type=1800 audit(1719426228.641:405): pid=15538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4004" name="file1" dev="sda1" ino=1976 res=0 errno=0 [ 341.647884][ T39] audit: type=1804 audit(1719426228.651:406): pid=15538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.4004" name="/syzkaller.n4ywT3/124/file1" dev="sda1" ino=1976 res=1 errno=0 [ 342.379769][ T39] audit: type=1326 audit(1719426229.381:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15558 comm="syz.0.4014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x7fc00000 [ 342.407277][ T39] audit: type=1326 audit(1719426229.411:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15558 comm="syz.0.4014" exe="/syz-executor" sig=0 arch=40000003 syscall=329 compat=1 ip=0xf7488579 code=0x7fc00000 [ 342.423045][ T39] audit: type=1326 audit(1719426229.421:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15558 comm="syz.0.4014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x7fc00000 [ 342.887684][ T39] audit: type=1804 audit(1719426229.891:410): pid=15593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.4028" name="/syzkaller.skvzIG/901/bus/file0" dev="overlay" ino=1981 res=1 errno=0 [ 344.334715][ T39] audit: type=1326 audit(1719426231.341:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15645 comm="syz.0.4050" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x0 [ 344.716523][ T39] audit: type=1326 audit(1719426231.721:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15657 comm="syz.1.4055" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7492579 code=0x7fc00000 [ 344.814863][ T39] audit: type=1326 audit(1719426231.821:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15657 comm="syz.1.4055" exe="/syz-executor" sig=0 arch=40000003 syscall=329 compat=1 ip=0xf7492579 code=0x7fc00000 [ 344.829078][ T39] audit: type=1326 audit(1719426231.831:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15657 comm="syz.1.4055" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7492579 code=0x7fc00000 [ 344.943096][T15682] netlink: 209800 bytes leftover after parsing attributes in process `syz.3.4063'. [ 344.977498][T15676] kernel profiling enabled (shift: 9) [ 345.701431][ T39] audit: type=1326 audit(1719426232.701:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15713 comm="syz.1.4074" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7492579 code=0x0 [ 346.681777][T15734] dccp_xmit_packet: Payload too large (65475) for featneg. [ 347.201970][ T8] usb 6-1: new full-speed USB device number 13 using dummy_hcd [ 347.384787][ T8] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 347.388751][ T8] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22 [ 347.397513][ T8] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 347.401394][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 347.405344][ T8] usb 6-1: SerialNumber: syz [ 347.413358][ T8] cdc_acm 6-1:1.0: Control and data interfaces are not separated! [ 347.416794][ T8] cdc_acm 6-1:1.0: This needs exactly 3 endpoints [ 347.419373][ T8] cdc_acm 6-1:1.0: probe with driver cdc_acm failed with error -22 [ 347.617347][ T25] usb 6-1: USB disconnect, device number 13 [ 347.983130][T15789] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4107'. [ 348.041315][T15796] gfs2: not a GFS2 filesystem [ 348.116977][T15804] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4109'. [ 348.167162][T15807] UBIFS error (pid: 15807): cannot open "ubifs", error -22 [ 348.522249][T15839] wireguard0: entered promiscuous mode [ 348.528188][T15839] wireguard0: entered allmulticast mode [ 348.569577][T15841] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4119'. [ 349.200230][T15844] UBIFS error (pid: 15844): cannot open "ubifs", error -22 [ 349.338699][T15854] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4126'. [ 350.084243][ T4639] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 350.092385][ T4639] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 350.096475][ T4639] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 350.102333][ T4639] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 350.109488][ T4639] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 350.114293][ T4639] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 350.285379][ T1142] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.349550][T15894] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4144'. [ 350.376581][ T1142] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.406184][T15896] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4145'. [ 350.437240][T15884] chnl_net:caif_netlink_parms(): no params data found [ 350.484430][T15898] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4146'. [ 350.607446][ T1142] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.724783][T15884] bridge0: port 1(bridge_slave_0) entered blocking state [ 350.724912][T15915] dccp_xmit_packet: Payload too large (65475) for featneg. [ 350.729242][T15884] bridge0: port 1(bridge_slave_0) entered disabled state [ 350.733688][T15884] bridge_slave_0: entered allmulticast mode [ 350.737030][T15884] bridge_slave_0: entered promiscuous mode [ 350.763343][ T1142] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.770631][T15884] bridge0: port 2(bridge_slave_1) entered blocking state [ 350.774739][T15884] bridge0: port 2(bridge_slave_1) entered disabled state [ 350.777794][T15884] bridge_slave_1: entered allmulticast mode [ 350.781735][T15884] bridge_slave_1: entered promiscuous mode [ 350.863909][T15884] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 350.867218][T15927] netlink: 45 bytes leftover after parsing attributes in process `syz.0.4158'. [ 350.878669][T15884] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 350.953459][T15884] team0: Port device team_slave_0 added [ 350.960268][T15884] team0: Port device team_slave_1 added [ 351.027784][T15884] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 351.030976][T15884] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 351.044164][T15884] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 351.099905][ T39] audit: type=1800 audit(1719426238.101:416): pid=15939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4162" name="/" dev="fuse" ino=1 res=0 errno=0 [ 351.118255][T15884] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 351.121386][T15884] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 351.135993][T15884] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 351.200263][T15941] team0: Port device virt_wifi0 added [ 351.309116][T15884] hsr_slave_0: entered promiscuous mode [ 351.318267][T15884] hsr_slave_1: entered promiscuous mode [ 351.330413][ T1142] bridge_slave_1: left allmulticast mode [ 351.334140][ T1142] bridge_slave_1: left promiscuous mode [ 351.336650][ T1142] bridge0: port 2(bridge_slave_1) entered disabled state [ 351.354915][ T1142] bridge_slave_0: left allmulticast mode [ 351.357300][ T1142] bridge_slave_0: left promiscuous mode [ 351.359638][ T1142] bridge0: port 1(bridge_slave_0) entered disabled state [ 351.851313][ T1142] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 351.859748][ T1142] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 351.869029][ T1142] bond0 (unregistering): Released all slaves [ 351.993721][T15960] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4171'. [ 352.202000][ T5221] Bluetooth: hci2: command tx timeout [ 352.440692][ T1142] hsr_slave_0: left promiscuous mode [ 352.445849][ T1142] hsr_slave_1: left promiscuous mode [ 352.448847][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 352.451990][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 352.455419][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 352.459113][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 352.499064][ T1142] veth1_macvtap: left promiscuous mode [ 352.501565][ T1142] veth0_macvtap: left promiscuous mode [ 352.504225][ T1142] veth1_vlan: left promiscuous mode [ 352.506773][ T1142] veth0_vlan: left promiscuous mode [ 352.674581][T15979] IPv6: addrconf: prefix option has invalid lifetime [ 353.814226][ T1142] team0 (unregistering): Port device team_slave_1 removed [ 353.944305][ T1142] team0 (unregistering): Port device team_slave_0 removed [ 354.291955][ T5221] Bluetooth: hci2: command tx timeout [ 355.188720][T15884] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 355.203856][T15884] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 355.217204][T15884] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 355.247845][T15884] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 355.360799][T15884] 8021q: adding VLAN 0 to HW filter on device bond0 [ 355.377472][T16028] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4191'. [ 355.384669][T15884] 8021q: adding VLAN 0 to HW filter on device team0 [ 355.396148][ T825] bridge0: port 1(bridge_slave_0) entered blocking state [ 355.399185][ T825] bridge0: port 1(bridge_slave_0) entered forwarding state [ 355.413543][ T825] bridge0: port 2(bridge_slave_1) entered blocking state [ 355.416867][ T825] bridge0: port 2(bridge_slave_1) entered forwarding state [ 355.610465][T15884] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 355.679000][T15884] veth0_vlan: entered promiscuous mode [ 355.690991][T15884] veth1_vlan: entered promiscuous mode [ 355.721012][T15884] veth0_macvtap: entered promiscuous mode [ 355.729613][T15884] veth1_macvtap: entered promiscuous mode [ 355.748078][T15884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 355.754500][T15884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.758507][T15884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 355.764623][T15884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.772191][T15884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 355.777063][T15884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.783100][T15884] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 355.792508][T15884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.796753][T15884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.800588][T15884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.810789][T15884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.815537][T15884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.820014][T15884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.829514][T15884] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 355.838738][T15884] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.838949][T16050] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 355.844127][T15884] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.854520][T15884] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.858899][T15884] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.929210][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 355.936992][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 355.963154][ T1142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 355.968262][ T1142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 356.205638][T16065] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4200'. [ 356.372096][ T5221] Bluetooth: hci2: command tx timeout [ 357.200848][T16119] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4212'. [ 357.672044][ T55] usb 5-1: new full-speed USB device number 12 using dummy_hcd [ 357.873480][ T55] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 357.878173][ T55] usb 5-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 357.884235][ T55] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 22 [ 357.892587][ T55] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 357.896637][ T55] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 357.899880][ T55] usb 5-1: SerialNumber: syz [ 357.908711][ T55] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 357.914771][ T55] cdc_acm 5-1:1.0: This needs exactly 3 endpoints [ 357.917628][ T55] cdc_acm 5-1:1.0: probe with driver cdc_acm failed with error -22 [ 358.119281][ T25] usb 5-1: USB disconnect, device number 12 [ 358.282903][T16155] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4238'. [ 358.320753][T16158] tc_dump_action: action bad kind [ 358.443510][ T5221] Bluetooth: hci2: command tx timeout [ 358.598764][T16178] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4247'. [ 358.823022][T16199] netlink: 1038 bytes leftover after parsing attributes in process `syz.0.4256'. [ 358.871142][ T39] audit: type=1800 audit(1719426245.871:417): pid=16202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4260" name="bus" dev="sda1" ino=1970 res=0 errno=0 [ 359.064221][T16219] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4267'. [ 359.092215][ T5261] usb 6-1: new full-speed USB device number 14 using dummy_hcd [ 359.283498][ T5261] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 359.287846][ T5261] usb 6-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 359.292307][ T5261] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 22 [ 359.298950][ T5261] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 359.302875][ T5261] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 359.306080][ T5261] usb 6-1: SerialNumber: syz [ 359.310742][ T5261] cdc_acm 6-1:1.0: Control and data interfaces are not separated! [ 359.315209][ T5261] cdc_acm 6-1:1.0: This needs exactly 3 endpoints [ 359.318467][ T5261] cdc_acm 6-1:1.0: probe with driver cdc_acm failed with error -22 [ 359.385616][T16243] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4278'. [ 359.520383][ T55] usb 6-1: USB disconnect, device number 14 [ 360.356242][T16274] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4290'. [ 360.411956][ T5210] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 360.412908][T16276] 9pnet: p9_errstr2errno: server reported unknown error 18446744 [ 360.434795][T16278] block nbd2: not configured, cannot reconfigure [ 360.613016][ T5210] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 360.621462][ T5210] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 360.625859][ T5210] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 360.630700][ T5210] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.637455][T16264] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 360.892174][ T35] usb 6-1: USB disconnect, device number 15 [ 360.996135][T16317] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4309'. [ 361.313520][T16337] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4318'. [ 361.449071][T16346] block nbd1: not configured, cannot reconfigure [ 361.823523][T16377] block nbd1: not configured, cannot reconfigure [ 361.882068][ T5259] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 362.063818][ T5259] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 362.068506][ T5259] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 362.074851][ T5259] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 362.081889][ T5259] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 362.089150][T16365] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 362.277861][T16399] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4348'. [ 362.331911][ T55] usb 5-1: USB disconnect, device number 13 [ 362.795015][T16426] netlink: 'syz.1.4359': attribute type 2 has an invalid length. [ 362.807088][T16426] 9pnet_fd: Insufficient options for proto=fd [ 362.813481][T16426] bad cache= option: none [ 362.813481][T16426] [ 362.816899][T16426] CIFS: VFS: bad cache= option: none [ 363.377885][T16451] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 363.383757][T16451] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 363.387909][T16451] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 363.391748][T16451] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 363.413201][T16451] vxlan0: entered promiscuous mode [ 363.416168][T16451] vxlan0: entered allmulticast mode [ 363.431924][T16451] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 363.435920][T16451] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 363.439836][T16451] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 363.445021][T16451] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 363.650955][T16473] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4381'. [ 363.655618][T16473] netlink: 56 bytes leftover after parsing attributes in process `syz.2.4381'. [ 363.659779][T16473] netlink: 'syz.2.4381': attribute type 10 has an invalid length. [ 363.944511][ T4639] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 363.949380][ T4639] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 363.968518][ T4639] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 363.978143][ T4639] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 363.982948][ T4639] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 363.990328][ T4639] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 364.005246][T16490] netlink: 'syz.2.4389': attribute type 27 has an invalid length. [ 364.021622][T16490] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4389'. [ 364.031300][T16490] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4389'. [ 364.040639][T16490] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4389'. [ 364.044282][T16490] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4389'. [ 364.139368][ T1142] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.306829][ T1142] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.324325][T16483] chnl_net:caif_netlink_parms(): no params data found [ 364.416276][ T1142] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.519678][ T1142] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.649480][T16483] bridge0: port 1(bridge_slave_0) entered blocking state [ 364.657456][T16483] bridge0: port 1(bridge_slave_0) entered disabled state [ 364.661011][T16483] bridge_slave_0: entered allmulticast mode [ 364.666321][T16483] bridge_slave_0: entered promiscuous mode [ 364.681293][T16483] bridge0: port 2(bridge_slave_1) entered blocking state [ 364.689401][T16483] bridge0: port 2(bridge_slave_1) entered disabled state [ 364.696098][T16483] bridge_slave_1: entered allmulticast mode [ 364.700414][T16483] bridge_slave_1: entered promiscuous mode [ 364.762404][T16483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 364.770096][T16483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 364.875190][T16483] team0: Port device team_slave_0 added [ 364.887426][T16483] team0: Port device team_slave_1 added [ 364.923188][ T1142] bridge_slave_1: left allmulticast mode [ 364.925771][ T1142] bridge_slave_1: left promiscuous mode [ 364.928542][ T1142] bridge0: port 2(bridge_slave_1) entered disabled state [ 364.937699][ T1142] bridge_slave_0: left allmulticast mode [ 364.940071][ T1142] bridge_slave_0: left promiscuous mode [ 364.944296][ T1142] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.496174][ T1142] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 365.502682][ T1142] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 365.515297][ T1142] bond0 (unregistering): Released all slaves [ 365.627681][T16483] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 365.636684][T16483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 365.650596][T16483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 365.657981][T16483] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 365.661142][T16483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 365.676717][T16483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 365.857267][T16483] hsr_slave_0: entered promiscuous mode [ 365.861446][T16483] hsr_slave_1: entered promiscuous mode [ 365.864385][T16483] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 365.867321][T16483] Cannot create hsr debugfs directory [ 366.043012][ T4639] Bluetooth: hci1: command tx timeout [ 366.136925][T16550] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4407'. [ 366.144292][ T1142] hsr_slave_0: left promiscuous mode [ 366.149378][ T1142] hsr_slave_1: left promiscuous mode [ 366.162001][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 366.166931][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 366.173392][ T1142] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 366.176789][ T1142] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 366.251901][ T1142] veth1_macvtap: left promiscuous mode [ 366.254506][ T1142] veth0_macvtap: left promiscuous mode [ 366.257017][ T1142] veth1_vlan: left promiscuous mode [ 366.259344][ T1142] veth0_vlan: left promiscuous mode [ 366.889338][ T1142] team0 (unregistering): Port device virt_wifi0 removed [ 367.237193][T16587] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4423'. [ 367.241448][T16587] netlink: 56 bytes leftover after parsing attributes in process `syz.0.4423'. [ 367.245836][T16587] netlink: 'syz.0.4423': attribute type 10 has an invalid length. [ 367.765670][ T1142] team0 (unregistering): Port device team_slave_1 removed [ 367.895156][ T1142] team0 (unregistering): Port device team_slave_0 removed [ 368.131993][ T4639] Bluetooth: hci1: command tx timeout [ 368.907004][T16601] syzkaller0: entered promiscuous mode [ 368.909749][T16601] syzkaller0: entered allmulticast mode [ 370.202123][ T4639] Bluetooth: hci1: command tx timeout [ 370.410825][ T39] audit: type=1804 audit(1719426257.411:418): pid=16608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.4430" name="/syzkaller.fB8IZz/429/bus" dev="sda1" ino=1974 res=1 errno=0 [ 370.422226][ T39] audit: type=1804 audit(1719426257.421:419): pid=16608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.4430" name="/syzkaller.fB8IZz/429/bus" dev="sda1" ino=1974 res=1 errno=0 [ 370.555298][ T39] audit: type=1804 audit(1719426257.551:420): pid=16610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.4430" name="/syzkaller.fB8IZz/429/bus" dev="sda1" ino=1974 res=1 errno=0 [ 370.620365][ T39] audit: type=1804 audit(1719426257.621:421): pid=16608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.4430" name="/syzkaller.fB8IZz/429/bus" dev="sda1" ino=1974 res=1 errno=0 [ 370.641490][ T39] audit: type=1804 audit(1719426257.641:422): pid=16608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.4430" name="/syzkaller.fB8IZz/429/bus" dev="sda1" ino=1974 res=1 errno=0 [ 370.652913][ T39] audit: type=1804 audit(1719426257.641:423): pid=16608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.4430" name="/syzkaller.fB8IZz/429/bus" dev="sda1" ino=1974 res=1 errno=0 [ 370.662750][ T39] audit: type=1804 audit(1719426257.641:424): pid=16608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.4430" name="/syzkaller.fB8IZz/429/bus" dev="sda1" ino=1974 res=1 errno=0 [ 371.290797][T16483] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 371.297417][T16483] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 371.303713][T16483] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 371.334755][T16483] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 371.565657][T16483] 8021q: adding VLAN 0 to HW filter on device bond0 [ 371.586929][T16483] 8021q: adding VLAN 0 to HW filter on device team0 [ 371.615407][ T825] bridge0: port 1(bridge_slave_0) entered blocking state [ 371.618658][ T825] bridge0: port 1(bridge_slave_0) entered forwarding state [ 371.677542][ T55] bridge0: port 2(bridge_slave_1) entered blocking state [ 371.693493][ T55] bridge0: port 2(bridge_slave_1) entered forwarding state [ 371.941017][T16483] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 371.943347][T16647] sctp: [Deprecated]: syz.1.4437 (pid 16647) Use of struct sctp_assoc_value in delayed_ack socket option. [ 371.943347][T16647] Use struct sctp_sack_info instead [ 371.974246][T16483] veth0_vlan: entered promiscuous mode [ 371.985925][T16483] veth1_vlan: entered promiscuous mode [ 372.009979][ T39] audit: type=1326 audit(1719426259.011:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16649 comm="syz.0.4438" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x0 [ 372.018343][T16483] veth0_macvtap: entered promiscuous mode [ 372.027128][T16483] veth1_macvtap: entered promiscuous mode [ 372.040186][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 372.050689][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.055169][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 372.055744][T16654] netlink: 'syz.1.4439': attribute type 1 has an invalid length. [ 372.059924][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.059961][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 372.059987][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.062777][T16483] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 372.064040][T16654] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4439'. [ 372.077412][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 372.091350][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.096334][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 372.100906][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.107548][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 372.112928][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 372.119104][T16483] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 372.128226][T16483] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.132835][T16483] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.136676][T16483] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.140618][T16483] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 372.225215][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 372.228939][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 372.255055][ T94] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 372.258827][ T94] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 372.292059][ T5221] Bluetooth: hci1: command tx timeout [ 372.421091][T16671] tc_dump_action: action bad kind [ 372.474319][T16673] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4446'. [ 373.084327][T16695] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4455'. [ 373.195698][T16699] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 373.199984][T16699] overlayfs: failed to set xattr on upper [ 373.214836][T16699] overlayfs: ...falling back to redirect_dir=nofollow. [ 373.217973][T16699] overlayfs: ...falling back to index=off. [ 373.220744][T16699] overlayfs: ...falling back to uuid=null. [ 373.226771][T16701] trusted_key: syz.1.4458 sent an empty control message without MSG_MORE. [ 373.244653][ T5221] Bluetooth: hci2: command 0x0406 tx timeout [ 373.793816][T16723] netlink: 'syz.1.4466': attribute type 1 has an invalid length. [ 373.798391][T16723] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4466'. [ 374.625859][T16747] netlink: 'syz.0.4477': attribute type 21 has an invalid length. [ 374.799286][ T39] audit: type=1326 audit(1719426261.801:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16755 comm="syz.1.4481" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7434579 code=0x7ffc0000 [ 374.807795][ T39] audit: type=1326 audit(1719426261.801:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16755 comm="syz.1.4481" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7434579 code=0x7ffc0000 [ 375.690116][T16774] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4487'. [ 375.832743][T16787] netlink: 'syz.1.4493': attribute type 21 has an invalid length. [ 376.214624][T16812] netlink: 'syz.1.4504': attribute type 21 has an invalid length. [ 376.228131][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 376.228149][ T39] audit: type=1326 audit(1719426263.231:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16813 comm="syz.0.4505" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x7ffc0000 [ 376.240084][ T39] audit: type=1326 audit(1719426263.231:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16813 comm="syz.0.4505" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x7ffc0000 [ 376.256173][ T39] audit: type=1326 audit(1719426263.231:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16813 comm="syz.0.4505" exe="/syz-executor" sig=0 arch=40000003 syscall=123 compat=1 ip=0xf7488579 code=0x7ffc0000 [ 376.272370][ T39] audit: type=1326 audit(1719426263.231:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16813 comm="syz.0.4505" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x7ffc0000 [ 376.287176][ T39] audit: type=1326 audit(1719426263.241:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16813 comm="syz.0.4505" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x7ffc0000 [ 376.313198][T16817] netlink: 'syz.0.4506': attribute type 10 has an invalid length. [ 376.316796][T16817] netlink: 55 bytes leftover after parsing attributes in process `syz.0.4506'. [ 376.327280][T16820] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4508'. [ 376.445913][ T39] audit: type=1800 audit(1719426263.451:436): pid=16826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4511" name="file1" dev="sda1" ino=1980 res=0 errno=0 [ 376.495180][ T5221] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 376.503204][ T5221] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 376.507868][ T5221] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 376.517585][ T5221] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 376.521555][ T5221] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 376.525724][ T5221] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 376.611334][T16838] netlink: 'syz.0.4515': attribute type 27 has an invalid length. [ 376.617755][T16838] netlink: 104 bytes leftover after parsing attributes in process `syz.0.4515'. [ 376.621767][T16838] netlink: 104 bytes leftover after parsing attributes in process `syz.0.4515'. [ 376.665463][T16845] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4517'. [ 376.677776][T16828] chnl_net:caif_netlink_parms(): no params data found [ 376.809142][T16828] bridge0: port 1(bridge_slave_0) entered blocking state [ 376.812622][T16828] bridge0: port 1(bridge_slave_0) entered disabled state [ 376.816135][T16828] bridge_slave_0: entered allmulticast mode [ 376.819614][T16828] bridge_slave_0: entered promiscuous mode [ 376.824992][T16828] bridge0: port 2(bridge_slave_1) entered blocking state [ 376.827870][T16828] bridge0: port 2(bridge_slave_1) entered disabled state [ 376.830754][T16828] bridge_slave_1: entered allmulticast mode [ 376.834459][T16828] bridge_slave_1: entered promiscuous mode [ 376.901160][T16828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 376.909088][T16828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 377.019188][T16828] team0: Port device team_slave_0 added [ 377.026905][T16828] team0: Port device team_slave_1 added [ 377.087746][T16828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 377.090925][T16828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 377.102660][T16828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 377.109373][T16828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 377.112603][T16828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 377.126937][T16828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 377.202944][T16828] hsr_slave_0: entered promiscuous mode [ 377.207950][T16828] hsr_slave_1: entered promiscuous mode [ 377.217111][T16828] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 377.220387][T16828] Cannot create hsr debugfs directory [ 377.397716][T16828] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 377.480109][T16828] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 377.561756][T16828] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 377.673487][T16828] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 377.767001][ T39] audit: type=1326 audit(1719426264.771:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16858 comm="syz.0.4521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x7ffc0000 [ 377.780656][ T39] audit: type=1326 audit(1719426264.771:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16858 comm="syz.0.4521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x7ffc0000 [ 377.794896][ T39] audit: type=1326 audit(1719426264.791:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16858 comm="syz.0.4521" exe="/syz-executor" sig=0 arch=40000003 syscall=440 compat=1 ip=0xf7488579 code=0x7ffc0000 [ 377.803983][ T39] audit: type=1326 audit(1719426264.791:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16858 comm="syz.0.4521" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7488579 code=0x7ffc0000 [ 377.915553][T16828] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 377.921195][T16828] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 377.939270][T16828] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 377.954395][T16828] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 378.066309][T16828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 378.092875][T16828] 8021q: adding VLAN 0 to HW filter on device team0 [ 378.102591][ T55] bridge0: port 1(bridge_slave_0) entered blocking state [ 378.105381][ T55] bridge0: port 1(bridge_slave_0) entered forwarding state [ 378.147259][ T55] bridge0: port 2(bridge_slave_1) entered blocking state [ 378.150821][ T55] bridge0: port 2(bridge_slave_1) entered forwarding state [ 378.328001][T16828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 378.368428][T16828] veth0_vlan: entered promiscuous mode [ 378.384074][T16828] veth1_vlan: entered promiscuous mode [ 378.414727][T16828] veth0_macvtap: entered promiscuous mode [ 378.444980][T16828] veth1_macvtap: entered promiscuous mode [ 378.462751][T16828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 378.467602][T16828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.472422][T16828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 378.478123][T16828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.482401][T16828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 378.488189][T16828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.493030][T16828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 378.499587][T16828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.506331][T16828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 378.517708][T16828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 378.523600][T16828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.527625][T16828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 378.533512][T16828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.538495][T16828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 378.543401][T16828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.547634][T16828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 378.552486][T16828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.559516][T16828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 378.569293][T16828] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 378.573445][T16828] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 378.578531][T16828] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 378.583394][T16828] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 378.602376][ T4639] Bluetooth: hci4: command tx timeout [ 378.688699][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 378.695707][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 378.720552][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 378.726972][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 379.149419][T16921] syz.3.4546[16921] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 379.149672][T16921] syz.3.4546[16921] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 379.318028][T16926] CIFS mount error: No usable UNC path provided in device string! [ 379.318028][T16926] [ 379.327825][T16926] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 379.379954][T16932] sg_write: data in/out 808464396/120 bytes for SCSI command 0x0-- guessing data in; [ 379.379954][T16932] program syz.2.4552 not setting count and/or reply_len properly [ 379.524962][T16940] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4556'. [ 379.831240][T16953] sg_write: data in/out 808464396/120 bytes for SCSI command 0x0-- guessing data in; [ 379.831240][T16953] program syz.0.4563 not setting count and/or reply_len properly [ 379.897050][T16959] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4565'. [ 380.346699][T16998] CIFS mount error: No usable UNC path provided in device string! [ 380.346699][T16998] [ 380.351757][T16998] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 380.606772][T17014] syzkaller1: entered promiscuous mode [ 380.609378][T17014] syzkaller1: entered allmulticast mode [ 380.682472][ T4639] Bluetooth: hci4: command tx timeout [ 382.416503][ T39] kauditd_printk_skb: 16 callbacks suppressed [ 382.416520][ T39] audit: type=1804 audit(1719426269.421:457): pid=17055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4609" name="/syzkaller.GUBSsn/8/bus" dev="sda1" ino=1984 res=1 errno=0 [ 382.528954][T17060] syzkaller1: entered promiscuous mode [ 382.531402][T17060] syzkaller1: entered allmulticast mode [ 382.772063][ T4639] Bluetooth: hci4: command tx timeout [ 383.020390][T17075] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4618'. [ 383.024533][T17075] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4618'. [ 383.125614][T17080] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4620'. [ 383.133840][T17080] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4620'. [ 383.139256][T17080] usb usb9: usbfs: interface 0 claimed by hub while 'syz.3.4620' resets device [ 383.176387][ T39] audit: type=1326 audit(1719426270.181:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17081 comm="syz.3.4621" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ab579 code=0x7ffc0000 [ 383.185506][ T39] audit: type=1326 audit(1719426270.181:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17081 comm="syz.3.4621" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ab579 code=0x7ffc0000 [ 383.196789][ T39] audit: type=1326 audit(1719426270.181:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17081 comm="syz.3.4621" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73ab579 code=0x7ffc0000 [ 383.205755][ T39] audit: type=1326 audit(1719426270.181:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17081 comm="syz.3.4621" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ab579 code=0x7ffc0000 [ 383.213634][ T39] audit: type=1326 audit(1719426270.181:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17081 comm="syz.3.4621" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ab579 code=0x7ffc0000 [ 383.222920][ T39] audit: type=1326 audit(1719426270.181:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17081 comm="syz.3.4621" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ab579 code=0x7ffc0000 [ 383.230749][ T39] audit: type=1326 audit(1719426270.181:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17081 comm="syz.3.4621" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ab579 code=0x7ffc0000 [ 383.238615][ T39] audit: type=1326 audit(1719426270.181:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17081 comm="syz.3.4621" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf73ab579 code=0x7ffc0000 [ 383.246848][ T39] audit: type=1326 audit(1719426270.181:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17081 comm="syz.3.4621" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ab579 code=0x7ffc0000 [ 383.504335][T17094] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4627'. [ 383.507646][T17094] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4627'. [ 383.960036][T17104] overlayfs: failed to get index nlink (file1/bus, err=-61) [ 383.974511][ T1354] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.977462][ T1354] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.375120][T17121] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4639'. [ 384.512058][ T5210] usb 5-1: new full-speed USB device number 14 using dummy_hcd [ 384.697250][ T5210] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 384.701614][ T5210] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 384.706747][ T5210] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 384.711161][ T5210] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 22 [ 384.722196][ T5210] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 384.725580][ T5210] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 384.728758][ T5210] usb 5-1: SerialNumber: syz [ 384.743335][ T5210] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 384.746681][ T5210] cdc_acm 5-1:1.0: This needs exactly 3 endpoints [ 384.749323][ T5210] cdc_acm 5-1:1.0: probe with driver cdc_acm failed with error -22 [ 384.852093][ T4639] Bluetooth: hci4: command tx timeout [ 384.947354][ T8] usb 5-1: USB disconnect, device number 14 [ 385.541831][ C0] ================================================================== [ 385.546521][ C0] BUG: KASAN: stack-out-of-bounds in profile_pc+0x186/0x1a0 [ 385.549730][ C0] Read of size 8 at addr ffffc9000d087b90 by task syz-executor/16828 [ 385.555309][ C0] [ 385.556576][ C0] CPU: 0 PID: 16828 Comm: syz-executor Not tainted 6.10.0-rc5-syzkaller-00018-g55027e689933 #0 [ 385.560974][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 385.565553][ C0] Call Trace: [ 385.566997][ C0] [ 385.568247][ C0] dump_stack_lvl+0x116/0x1f0 [ 385.570296][ C0] print_report+0xc3/0x620 [ 385.572207][ C0] ? __virt_addr_valid+0x5e/0x580 [ 385.574332][ C0] kasan_report+0xd9/0x110 [ 385.576187][ C0] ? profile_pc+0x186/0x1a0 [ 385.578140][ C0] ? profile_pc+0x186/0x1a0 [ 385.580080][ C0] ? queued_read_lock_slowpath+0x131/0x2b1 [ 385.582528][ C0] profile_pc+0x186/0x1a0 [ 385.584378][ C0] profile_tick+0xd3/0x140 [ 385.586295][ C0] tick_nohz_handler+0x380/0x530 [ 385.588398][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 385.590680][ C0] __hrtimer_run_queues+0x657/0xcc0 [ 385.592874][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 385.595279][ C0] ? ktime_get_update_offsets_now+0x201/0x310 [ 385.597851][ C0] hrtimer_interrupt+0x31b/0x800 [ 385.599956][ C0] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 385.602497][ C0] sysvec_apic_timer_interrupt+0x90/0xb0 [ 385.604909][ C0] [ 385.606186][ C0] [ 385.607441][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 385.609881][ C0] RIP: 0010:queued_read_lock_slowpath+0x131/0x2b1 [ 385.612294][ C0] Code: 85 45 01 00 00 8b 03 84 c0 74 36 48 b8 00 00 00 00 00 fc ff df 49 89 de 48 89 dd 49 c1 ee 03 83 e5 07 49 01 c6 83 c5 03 f3 90 <41> 0f b6 06 40 38 c5 7c 08 84 c0 0f 85 1f 01 00 00 8b 03 84 c0 75 [ 385.620173][ C0] RSP: 0018:ffffc9000d087b88 EFLAGS: 00000286 [ 385.622818][ C0] RAX: 00000000000002ff RBX: ffffffff8d80a080 RCX: ffffffff8adfc32b [ 385.626248][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff8d80a080 [ 385.629675][ C0] RBP: 0000000000000003 R08: 0000000000000001 R09: fffffbfff1b01410 [ 385.633053][ C0] R10: ffffffff8d80a083 R11: 0000000000000000 R12: 1ffff92001a10f72 [ 385.636738][ C0] R13: ffffffff8d80a084 R14: fffffbfff1b01410 R15: ffffffff8152a979 [ 385.640304][ C0] ? do_wait+0x1e9/0x570 [ 385.642115][ C0] ? queued_read_lock_slowpath+0xdb/0x2b1 [ 385.644524][ C0] ? queued_read_lock_slowpath+0xdb/0x2b1 [ 385.646946][ C0] ? __pfx_queued_read_lock_slowpath+0x10/0x10 [ 385.649537][ C0] __do_wait+0x105/0x890 [ 385.651300][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 385.653652][ C0] ? do_wait+0x1e9/0x570 [ 385.655409][ C0] do_wait+0x219/0x570 [ 385.657098][ C0] kernel_wait4+0x16c/0x280 [ 385.659023][ C0] ? __pfx_kernel_wait4+0x10/0x10 [ 385.661135][ C0] ? __pfx_child_wait_callback+0x10/0x10 [ 385.663469][ C0] ? __pfx_hrtimer_nanosleep+0x10/0x10 [ 385.665788][ C0] ? __might_fault+0xe3/0x190 [ 385.667878][ C0] __do_compat_sys_wait4+0x159/0x170 [ 385.670335][ C0] ? __pfx___do_compat_sys_wait4+0x10/0x10 [ 385.672957][ C0] ? __pfx_get_old_timespec32+0x10/0x10 [ 385.675319][ C0] ? __pfx___ia32_sys_clock_nanosleep_time32+0x10/0x10 [ 385.678158][ C0] __do_fast_syscall_32+0x73/0x120 [ 385.680337][ C0] do_fast_syscall_32+0x32/0x80 [ 385.682469][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 385.685217][ C0] RIP: 0023:0xf746b579 [ 385.687033][ C0] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 385.695390][ C0] RSP: 002b:00000000ffc677b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000072 [ 385.699060][ C0] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00000000ffc678d0 [ 385.702395][ C0] RDX: 0000000040000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 385.706066][ C0] RBP: 00000000ffc678d0 R08: 0000000000000000 R09: 0000000000000000 [ 385.709676][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 385.713002][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 385.716326][ C0] [ 385.717647][ C0] [ 385.718677][ C0] The buggy address belongs to stack of task syz-executor/16828 [ 385.721981][ C0] and is located at offset 0 in frame: [ 385.724635][ C0] queued_read_lock_slowpath+0x0/0x2b1 [ 385.727071][ C0] [ 385.728082][ C0] This frame has 1 object: [ 385.729947][ C0] [32, 36) 'val' [ 385.729955][ C0] [ 385.732556][ C0] The buggy address belongs to the virtual mapping at [ 385.732556][ C0] [ffffc9000d080000, ffffc9000d089000) created by: [ 385.732556][ C0] kernel_clone+0xfd/0x980 [ 385.739790][ C0] [ 385.740838][ C0] The buggy address belongs to the physical page: [ 385.743560][ C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x4 pfn:0x56cd1 [ 385.747526][ C0] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 385.750819][ C0] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 385.754622][ C0] raw: 0000000000000004 0000000000000000 00000001ffffffff 0000000000000000 [ 385.757592][ C0] page dumped because: kasan: bad access detected [ 385.759851][ C0] page_owner tracks the page as allocated [ 385.762273][ C0] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 16819, tgid 16819 (syz.1.4508), ts 376323872595, free_ts 374852134257 [ 385.769962][ C0] post_alloc_hook+0x2d1/0x350 [ 385.771716][ C0] get_page_from_freelist+0x136a/0x2e50 [ 385.773908][ C0] __alloc_pages_noprof+0x22b/0x2460 [ 385.775853][ C0] alloc_pages_mpol_noprof+0x275/0x610 [ 385.777922][ C0] __vmalloc_node_range_noprof+0xa6a/0x1520 [ 385.780061][ C0] copy_process+0x29f5/0x6f50 [ 385.782155][ C0] kernel_clone+0xfd/0x980 [ 385.784127][ C0] __do_sys_clone3+0x1f5/0x270 [ 385.786270][ C0] do_int80_emulation+0x104/0x200 [ 385.788471][ C0] asm_int80_emulation+0x1a/0x20 [ 385.790724][ C0] page last free pid 0 tgid 0 stack trace: [ 385.793466][ C0] free_unref_page+0x64a/0xe40 [ 385.795817][ C0] __folio_put+0x239/0x360 [ 385.797912][ C0] free_page_and_swap_cache+0x249/0x2c0 [ 385.800391][ C0] tlb_remove_table_rcu+0x89/0xe0 [ 385.802677][ C0] rcu_core+0x828/0x16b0 [ 385.804758][ C0] handle_softirqs+0x216/0x8f0 [ 385.806819][ C0] irq_exit_rcu+0xbb/0x120 [ 385.808450][ C0] sysvec_apic_timer_interrupt+0x95/0xb0 [ 385.810369][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 385.812543][ C0] [ 385.813581][ C0] Memory state around the buggy address: [ 385.815887][ C0] ffffc9000d087a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 385.819307][ C0] ffffc9000d087b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 385.822684][ C0] >ffffc9000d087b80: 00 00 f1 f1 f1 f1 04 f3 f3 f3 00 00 00 00 00 00 [ 385.826045][ C0] ^ [ 385.827840][ C0] ffffc9000d087c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 385.830839][ C0] ffffc9000d087c80: 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00 [ 385.833958][ C0] ================================================================== [ 385.836937][ C0] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 385.839510][ C0] CPU: 0 PID: 16828 Comm: syz-executor Not tainted 6.10.0-rc5-syzkaller-00018-g55027e689933 #0 [ 385.843299][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 385.847213][ C0] Call Trace: [ 385.848413][ C0] [ 385.849458][ C0] dump_stack_lvl+0x3d/0x1f0 [ 385.851222][ C0] panic+0x6f5/0x7a0 [ 385.852684][ C0] ? __pfx_panic+0x10/0x10 [ 385.854293][ C0] ? rcu_is_watching+0x12/0xc0 [ 385.856017][ C0] ? __pfx_lock_release+0x10/0x10 [ 385.857833][ C0] ? check_panic_on_warn+0x1f/0xb0 [ 385.859732][ C0] check_panic_on_warn+0xab/0xb0 [ 385.861580][ C0] end_report+0x117/0x180 [ 385.863286][ C0] kasan_report+0xe9/0x110 [ 385.864953][ C0] ? profile_pc+0x186/0x1a0 [ 385.866570][ C0] ? profile_pc+0x186/0x1a0 [ 385.868078][ C0] ? queued_read_lock_slowpath+0x131/0x2b1 [ 385.870164][ C0] profile_pc+0x186/0x1a0 [ 385.871742][ C0] profile_tick+0xd3/0x140 [ 385.873383][ C0] tick_nohz_handler+0x380/0x530 [ 385.875218][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 385.877121][ C0] __hrtimer_run_queues+0x657/0xcc0 [ 385.879007][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 385.881169][ C0] ? ktime_get_update_offsets_now+0x201/0x310 [ 385.883440][ C0] hrtimer_interrupt+0x31b/0x800 [ 385.885289][ C0] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 385.887579][ C0] sysvec_apic_timer_interrupt+0x90/0xb0 [ 385.889683][ C0] [ 385.890791][ C0] [ 385.891842][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 385.894143][ C0] RIP: 0010:queued_read_lock_slowpath+0x131/0x2b1 [ 385.896519][ C0] Code: 85 45 01 00 00 8b 03 84 c0 74 36 48 b8 00 00 00 00 00 fc ff df 49 89 de 48 89 dd 49 c1 ee 03 83 e5 07 49 01 c6 83 c5 03 f3 90 <41> 0f b6 06 40 38 c5 7c 08 84 c0 0f 85 1f 01 00 00 8b 03 84 c0 75 [ 385.903582][ C0] RSP: 0018:ffffc9000d087b88 EFLAGS: 00000286 [ 385.905862][ C0] RAX: 00000000000002ff RBX: ffffffff8d80a080 RCX: ffffffff8adfc32b [ 385.908906][ C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff8d80a080 [ 385.912196][ C0] RBP: 0000000000000003 R08: 0000000000000001 R09: fffffbfff1b01410 [ 385.914712][ C0] R10: ffffffff8d80a083 R11: 0000000000000000 R12: 1ffff92001a10f72 [ 385.917085][ C0] R13: ffffffff8d80a084 R14: fffffbfff1b01410 R15: ffffffff8152a979 [ 385.919439][ C0] ? do_wait+0x1e9/0x570 [ 385.920736][ C0] ? queued_read_lock_slowpath+0xdb/0x2b1 [ 385.922780][ C0] ? queued_read_lock_slowpath+0xdb/0x2b1 [ 385.925085][ C0] ? __pfx_queued_read_lock_slowpath+0x10/0x10 [ 385.927574][ C0] __do_wait+0x105/0x890 [ 385.929562][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 385.932161][ C0] ? do_wait+0x1e9/0x570 [ 385.933539][ C0] do_wait+0x219/0x570 [ 385.934787][ C0] kernel_wait4+0x16c/0x280 [ 385.936427][ C0] ? __pfx_kernel_wait4+0x10/0x10 [ 385.938261][ C0] ? __pfx_child_wait_callback+0x10/0x10 [ 385.940119][ C0] ? __pfx_hrtimer_nanosleep+0x10/0x10 [ 385.942140][ C0] ? __might_fault+0xe3/0x190 [ 385.943955][ C0] __do_compat_sys_wait4+0x159/0x170 [ 385.946239][ C0] ? __pfx___do_compat_sys_wait4+0x10/0x10 [ 385.948452][ C0] ? __pfx_get_old_timespec32+0x10/0x10 [ 385.950383][ C0] ? __pfx___ia32_sys_clock_nanosleep_time32+0x10/0x10 [ 385.952632][ C0] __do_fast_syscall_32+0x73/0x120 [ 385.954345][ C0] do_fast_syscall_32+0x32/0x80 [ 385.956323][ C0] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 385.958984][ C0] RIP: 0023:0xf746b579 [ 385.960757][ C0] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 385.969030][ C0] RSP: 002b:00000000ffc677b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000072 [ 385.971994][ C0] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00000000ffc678d0 [ 385.975450][ C0] RDX: 0000000040000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 385.978877][ C0] RBP: 00000000ffc678d0 R08: 0000000000000000 R09: 0000000000000000 [ 385.982303][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 385.985450][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 385.988119][ C0] [ 387.069927][ C0] Shutting down cpus with NMI [ 387.072471][ C0] Kernel Offset: disabled [ 387.074301][ C0] Rebooting in 86400 seconds.. VM DIAGNOSIS: 16:58:36 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84f95405 RDI=ffffffff94d5c040 RBP=ffffffff94d5c000 RSP=ffffc90000007868 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3064303030396552 R12=0000000000000000 R13=0000000000000030 R14=ffffffff84f953a0 R15=0000000000000000 RIP=ffffffff84f9542f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000056ac04a8 CR3=0000000047572000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000ffffffffffff ffffffffffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88802b626c00 RCX=ffff888021354910 RDX=0000000000000000 RSI=0000000000000000 RDI=ffff88802b626c48 RBP=ffff888000700800 RSP=ffffc900005982c0 R8 =ffff888000700810 R9 =0000000000000001 R10=ffff8880007fc147 R11=0000000000000000 R12=dffffc0000000000 R13=0000000000000000 R14=ffff88802c13ebc0 R15=0000000000000001 RIP=ffffffff8164d413 RFL=00000802 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f4fb8c95d00 ffffffff 00c00000 GS =0000 ffff88802c100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7475230 CR3=000000001c6a2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=645a9dc2645a9dc2 645a9dc2645a9dc2 645a9dc2645a9dc2 645a9dc2645a9dc2 645a9dc2645a9dc2 645a9dc2645a9dc2 645a9dc2645a9dc2 645a9dc2645a9dc2 ZMM22=47ae048147ae0481 47ae048147ae0481 47ae048147ae0481 47ae048147ae0481 47ae048147ae0481 47ae048147ae0481 47ae048147ae0481 47ae048147ae0481 ZMM23=ec5b4e06ec5b4e06 ec5b4e06ec5b4e06 ec5b4e06ec5b4e06 ec5b4e06ec5b4e06 ec5b4e06ec5b4e06 ec5b4e06ec5b4e06 ec5b4e06ec5b4e06 ec5b4e06ec5b4e06 ZMM24=e813aac6e813aac6 e813aac6e813aac6 e813aac6e813aac6 e813aac6e813aac6 e813aac6e813aac6 e813aac6e813aac6 e813aac6e813aac6 e813aac6e813aac6 ZMM25=10e9e97710e9e977 10e9e97710e9e977 10e9e97710e9e977 10e9e97710e9e977 10e9e97710e9e977 10e9e97710e9e977 10e9e97710e9e977 10e9e97710e9e977 ZMM26=d7290accd7290acc d7290accd7290acc d7290accd7290acc d7290accd7290acc d7290accd7290acc d7290accd7290acc d7290accd7290acc d7290accd7290acc ZMM27=be7663afbe7663af be7663afbe7663af be7663afbe7663af be7663afbe7663af be7663afbe7663af be7663afbe7663af be7663afbe7663af be7663afbe7663af ZMM28=000000b0000000af 000000ae000000ad 000000ac000000ab 000000aa000000a9 000000a8000000a7 000000a6000000a5 000000a4000000a3 000000a2000000a1 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=3b2f00003b2f0000 3b2f00003b2f0000 3b2f00003b2f0000 3b2f00003b2f0000 3b2f00003b2f0000 3b2f00003b2f0000 3b2f00003b2f0000 3b2f00003b2f0000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=00fff60000004020 RCX=ffffffff81c7f7a9 RDX=ffff88801b370000 RSI=0000000000000000 RDI=0000000000000001 RBP=ffffea00004602c0 RSP=ffffc90000e5f300 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000002 R12=00fff80000004001 R13=0000000000000002 R14=ffff8880154b4000 R15=0000000000000000 RIP=ffffffff818e8e60 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000005698899c CR3=000000001c6a2000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 ZMM17=4af321f6b5bdfded 493e9ea43ed1d02c 4af321f6b5bdfded 493e9ea43ed1d02c 4af321f6b5bdfded 493e9ea43ed1d02c 4af321f6b5bdfded 493e9ea43ed1d02c ZMM18=91af05bd5f3f895a 2f58269a1af65897 91af05bd5f3f895a 2f58269a1af65897 91af05bd5f3f895a 2f58269a1af65897 91af05bd5f3f895a 2f58269a1af65897 ZMM19=c51e000000000000 0000000000000008 c51e000000000000 0000000000000007 c51e000000000000 0000000000000006 c51e000000000000 0000000000000005 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=645a9dc2645a9dc2 645a9dc2645a9dc2 645a9dc2645a9dc2 645a9dc2645a9dc2 645a9dc2645a9dc2 645a9dc2645a9dc2 645a9dc2645a9dc2 645a9dc2645a9dc2 ZMM22=47ae048147ae0481 47ae048147ae0481 47ae048147ae0481 47ae048147ae0481 47ae048147ae0481 47ae048147ae0481 47ae048147ae0481 47ae048147ae0481 ZMM23=ec5b4e06ec5b4e06 ec5b4e06ec5b4e06 ec5b4e06ec5b4e06 ec5b4e06ec5b4e06 ec5b4e06ec5b4e06 ec5b4e06ec5b4e06 ec5b4e06ec5b4e06 ec5b4e06ec5b4e06 ZMM24=e813aac6e813aac6 e813aac6e813aac6 e813aac6e813aac6 e813aac6e813aac6 e813aac6e813aac6 e813aac6e813aac6 e813aac6e813aac6 e813aac6e813aac6 ZMM25=10e9e97710e9e977 10e9e97710e9e977 10e9e97710e9e977 10e9e97710e9e977 10e9e97710e9e977 10e9e97710e9e977 10e9e97710e9e977 10e9e97710e9e977 ZMM26=d7290accd7290acc d7290accd7290acc d7290accd7290acc d7290accd7290acc d7290accd7290acc d7290accd7290acc d7290accd7290acc d7290accd7290acc ZMM27=be7663afbe7663af be7663afbe7663af be7663afbe7663af be7663afbe7663af be7663afbe7663af be7663afbe7663af be7663afbe7663af be7663afbe7663af ZMM28=000001b0000001af 000001ae000001ad 000001ac000001ab 000001aa000001a9 000001a8000001a7 000001a6000001a5 000001a4000001a3 000001a2000001a1 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=372f0000372f0000 372f0000372f0000 372f0000372f0000 372f0000372f0000 372f0000372f0000 372f0000372f0000 372f0000372f0000 372f0000372f0000 info registers vcpu 3 CPU#3 RAX=0000000000000007 RBX=00000000000001c2 RCX=ffffffff816bc8ae RDX=0000000000000000 RSI=0000000000000008 RDI=ffffffff941f52f8 RBP=ffffc90006c272e8 RSP=ffffc90006c27198 R8 =0000000000000000 R9 =0000000000000001 R10=ffffffff8fe2a217 R11=0000000000000003 R12=ffff888020422440 R13=0000000000000008 R14=0000000000000003 R15=1ffff92000d84e3c RIP=ffffffff81ebaa10 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002f90dff8 CR3=000000000d97a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000ffffffffffff ffffffffffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000