last executing test programs: 5.336173917s ago: executing program 2 (id=1005): getpid() r0 = socket(0x200000100000011, 0x803, 0x0) bind$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14) write$binfmt_aout(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="09000010000000af6fb89ff03306e662828dd018db06fa9ff3483c5ecb6c320cbc2f09611b265d97125c6d0bd7e7b2bb0410ed2f4b94edd22f3dda02500b758281e5d50a1748404d071c781970dca4151b472068020f3a65611a94277a48878d631e41b8058f6528e4e3d6740e84c1ab67ce013f4254b82e5b75967d20e0bad83cf92de2691ec5905287d3a0d4c91cce1910522b2a7bef7d112d7f9ff2033886aa19214a24a48e4991afde1adcdcd3acf5a329c3bf05ae247ce2d9d87ad7b1", @ANYBLOB="a9689051ffeccdb07abdc9ec557a24dcd4ea2dc938b961a1ffb0241ef99eb3b3b4253b3afb7f7ac606e28ddee03b72543d61b580aeab2aec84e972122578a28a1aba475580d688790a19b73aa6bad1510b879cc817ffbe532cb54dc471e5dd5829735b4d6b9f037d7cd8349896972e5c7b77b04425d8fa1d05b74cce59faf572644ead6f0cd469716d37352848c6878c0d4b71ebddb39319f58feba6099fcdac6fc4a7cf5e66de7d8373f1cc582d50634156f9337570e9c01fd08a1454133e529c25c845c57d56b00fc2b0c72d128fdd"], 0x120) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000001800)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000980)="000000c8320100"/16, 0x10) r2 = accept4(r0, 0x0, 0x0, 0x80000) read$alg(r2, &(0x7f0000000140)=""/136, 0x88) add_key$user(&(0x7f0000000140), &(0x7f0000000280)={'syz', 0x2}, &(0x7f00000002c0)="fb", 0x1, 0xfffffffffffffffb) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x8001, 0x3, 0x4, 0x1818, 0xffffffffffffffff, 0xfffff800, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x4, 0xa}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) r5 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r5, &(0x7f0000000080)='./file1\x00', 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700) splice(r8, 0x0, r10, 0x0, 0x800ff06, 0x0) write$binfmt_misc(r7, &(0x7f0000000040)=ANY=[], 0xfffffc8f) splice(r6, 0x0, r9, 0x0, 0x800, 0x0) 4.309362725s ago: executing program 3 (id=1012): mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file3\x00', 0xc1c0, 0x0) r0 = landlock_create_ruleset(&(0x7f0000000180)={0x803}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./file1\x00') bind$inet6(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=0x0, @ANYBLOB="36bc80dd63971e6b37"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=@newqdisc={0x4c, 0x14, 0x0, 0x0, 0x0, {0x2}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x4c}}, 0x0) mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103) lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), &(0x7f0000000240)=ANY=[], 0xfe37, 0x0) 4.099212261s ago: executing program 3 (id=1014): syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c4000000000010902"], 0x0) syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[], 0x0) 3.750324895s ago: executing program 2 (id=1015): sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x6a2080, 0x0) ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000040)={0x0, 0x10, {0x0, 0x0, 0x10, 0x200021c, 0x0, 0x7fff, 0x0, 0xb3}}) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) munlockall() read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ipvlan0\x00'}) socket$inet(0x2, 0x0, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x0) r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r3, 0xc1205531, &(0x7f0000000040)=""/112) read$FUSE(0xffffffffffffffff, &(0x7f0000002c00)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x1f) sendfile(0xffffffffffffffff, r0, 0x0, 0x200000) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r5, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r5, 0x84, 0x16, &(0x7f0000000040)=ANY=[@ANYBLOB="03"], 0xa) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket$packet(0x11, 0x0, 0x300) r6 = socket(0x0, 0x0, 0x0) sendmsg$nl_generic(r6, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) r7 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r7, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001700)="d80000001e0081064e81f782db44b9040a02080006007c09e8fe78190a0015c00200142603600e120800080024000000a80009001100014003000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef40900d1001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}, {&(0x7f0000000300)="f4c90c707675ece53332dcba2f96f6b784e54e072b695fb03b1fdd220ac7c0c7e2a025b32f4769580ab600c98d3b3b842ec8ec10a6fc43bf1101019c160898b0104a32ce1c5fc00b02713a9092b32883ac0e85af356ee52a3cfc6e6b05bded78d69d60190c41dc4da384c98d6daa6c9f6b7d1737c2787ea1b132126a26543a9101cf4d44d271e38e112a3b4797ec1c996a2a94ed726787b126678c07bb365f", 0x9f}, {&(0x7f00000003c0)="1af84b47a6e28fba279ad99e9abcba48c7a75129f40033655ebcfdd02a8d53f5040c39badc6a85316ba25eea2456ad196326610eb184d04a13786d476382340728d87fee5a5e67f94c21f07e2e6d", 0x4e}, {&(0x7f0000000540)="8e52a602c95038c85ed903e7b7c6bfffdaab309d5fddf63e540dd8a74268821e6d83b15463bd9ac355c4c8ef9057f54a322ec9a1f6d819f5e453dceb5940f3d2193ba4937c97ec33c33db4aa98e6a49aaa798c96b0b32a76f4393c97b2f2a966dcf22a0a22c53524caa89d71a333615b6f08dbf16d4af3d75b9c8a906af98efb030e672f83c3f6a12042adbacdab52e7dda19b", 0x93}, {&(0x7f0000000480)="4f8e8893f9bf24e3c1c51d93e5642c3c7d95d15f021fb0502d26ac64a8fb8e36f0fc4779bca7801f29cd1c2d62b65b16ca726a1bdfaf992ba38a7b5e070174f01db96bad6c9687f6387cad3d281a449b8fc221e840a38a5df51d11851b894b1a258c2aab2bd57f9c05dacd482c4781dbb481346d3002bc4cfd6a206ab54488b2279e2a52dd084178cd7b06f4daa97848f6e880f8e1e95814b3fcd3", 0x9b}], 0x5}, 0x8051) 3.13988917s ago: executing program 0 (id=1018): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'veth0_macvtap\x00', &(0x7f0000000040)=@ethtool_gstrings={0x1b, 0x1}}) socket(0x25, 0x5, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r2, &(0x7f0000000340), 0x11000) io_setup(0x3ff, &(0x7f0000000500)=0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) setsockopt$sock_int(r1, 0x1, 0x27, &(0x7f0000000180)=0x3f, 0x4) io_submit(r3, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x0, r2, &(0x7f0000000080)="4e8fc38e71", 0x5}]) io_submit(r3, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'pimreg\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@ipv4_delroute={0x24, 0x19, 0x1, 0x0, 0x0, {}, [@RTA_OIF={0x8, 0x4, r5}]}, 0x24}}, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={0x0}}, 0x0) socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'tunl0\x00'}) r7 = socket$key(0xf, 0x3, 0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$key(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0), 0x40000, 0x0) 2.86464834s ago: executing program 3 (id=1020): syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000140)={0x0, 0x1, 0x4}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x8000}}) read$FUSE(r2, &(0x7f0000006580)={0x2020, 0x0, 0x0}, 0x2020) truncate(&(0x7f0000000080)='./file0\x00', 0x408) write$FUSE_INIT(r2, &(0x7f0000006500)={0x50, 0x0, r3}, 0x50) 2.809940399s ago: executing program 0 (id=1021): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) r3 = socket$kcm(0x10, 0x3, 0x10) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x4a0, 0x4e8, 0x340, 0xc0, 0xc0, 0x340, 0x4e8, 0x4e8, 0x4e8, 0x4e8, 0x4e8, 0x6, 0x0, {[{{@ip={@multicast1, @local, 0x0, 0x0, 'nicvf0\x00', 'gretap0\x00'}, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @ECN={0x28}}, {{@ip={@rand_addr, @private, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pimreg0\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@inet=@esp={{0x30}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr, 0x0, 0x0, 'bond_slave_1\x00', 'veth0_virt_wifi\x00'}, 0x0, 0x128, 0x150, 0x0, {}, [@common=@unspec=@conntrack1={{0xb8}, {{@ipv6=@mcast1, [], @ipv6=@dev, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], @ipv6=@remote}}}]}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 'gretap0\x00', 'syzkaller0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x500) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r4, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4) recvmmsg(r4, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) setsockopt$inet6_int(r4, 0x29, 0x42, &(0x7f0000000100)=0x1e79, 0x4) sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) write$cgroup_int(0xffffffffffffffff, &(0x7f00000005c0), 0x12) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb0100180000000000000200000000000011240000000000ae282714803944720000003ff5f5fc9a0d1a4cb2000000000200000000000008020000000000"], 0x0, 0x54}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000a00)=@raw={'raw\x00', 0x4001, 0x3, 0x488, 0x0, 0xb, 0x148, 0x0, 0x148, 0x3f0, 0x240, 0x240, 0x3f0, 0x215, 0x3, 0x0, {[{{@ip={@local, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth0\x00', {}, {}, 0x11}, 0x2e8, 0x2d0, 0x338, 0x0, {0xff0f000000000000}, [@common=@inet=@udp={{0x30}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x21, './file0\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}, {{@ip={@broadcast, @broadcast, 0x0, 0x0, 'team0\x00', 'netpci0\x00'}, 0xec010000, 0x98, 0xb8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4e8) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)}, 0x0) r5 = socket$kcm(0x10, 0x3, 0x10) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x23, &(0x7f0000000100)=0x1, 0x4) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0xa, &(0x7f0000000080)=ANY=[@ANYBLOB="1808000000000000000000000000000085100000e03a0200000018000000000000000000000000000090cd58562a15002c000064a6693bad89000000000018000000000000"], 0x0}, 0x90) r6 = socket$inet(0x2, 0x80001, 0x84) r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000580)=ANY=[@ANYRESHEX=r6], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, &(0x7f00000000c0)='\x00', 0x0, 0x2}, 0x48) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90524fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) unshare(0x0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000680)={0x1d8, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x1bc, 0x33, @reassoc_resp={{{0x0, 0x0, 0x8}, {}, @broadcast, @device_a, @random="f7ab87594b3f"}, 0x0, 0x0, @random, @val, @void, [{0xdd, 0x76, "d8a062cc132f8c370fffcfbf6c255947985b88cb9f22e02d96f87d9c0a6796487053adb1a2d1f8ed33d6ef7faf4ba99f81c72edefbc742d2d897c0fb6eb2289c22b03871ec6ddb7398d4b5509078903c634145233d8a7a9a2fc09946ff1a847d43452a17ee7a24318e4ed910599f7ebc8291d4dd5285"}, {0xdd, 0xb4, "95e79490e4be3bd5f39a64947fd4f137cfd9c5eca413775fff8b403d1c6824961df673862737c366f53984496ea72bc7f78d843ce303b67336957356a02e1c5bdcbd4acf120d5d44f07910bdee6eabe82f6c76ecc7c98d5a107f6eab471672d7179671906048fe7622486b35f02bac5c2f9f0c923711e82767b10da5a68b7e74d5ed8477aa43553caa8a6a5244b329c5ea5d533697643fd5f3fa33ac9b1eac2c7f88c0d5c6c9594a701e79960dd7d5ab4df31389"}, {0xdd, 0x6, "85251095238f"}, {0xdd, 0x60, "a83d63f0d27aa001676fcb9ee526e68baeaffb47b1c3feb502aa94cc0c02fa026b0843067418e349a066eb39770717f632173e6bf4be46c03a8b7d4a3e7be2dd21f3c139c233576a6580ed5368fc27caead9239899776d594603177acb5662b5"}]}}]}, 0x1d8}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x11, 0x4, 0x4, 0x8, 0x250}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x2, 0x4, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x16}]}, &(0x7f0000000a00)='syzkaller\x00'}, 0x90) 2.521635937s ago: executing program 2 (id=1022): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) socket$inet_smc(0x2b, 0x1, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) r2 = dup2(r1, r1) setsockopt$CAN_RAW_FD_FRAMES(r2, 0x65, 0x5, &(0x7f0000000080)=0x1, 0x4) r3 = socket$igmp6(0xa, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth0\x00', 0x0}) sendmsg$can_bcm(r2, &(0x7f0000000800)={&(0x7f0000000000)={0x1d, r4}, 0x10, &(0x7f00000007c0)={&(0x7f0000000740)={0x0, 0x651, 0x0, {}, {0x0, 0x2710}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "d97ee91851f2ae1b"}}, 0x48}}, 0x0) r5 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r5, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002200)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10}, 0x0) recvmmsg(r5, &(0x7f00000051c0)=[{{0x0, 0x5, &(0x7f0000001c00)=[{&(0x7f0000000b40)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r5) 1.97956285s ago: executing program 3 (id=1024): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) r3 = socket$kcm(0x10, 0x3, 0x10) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x4a0, 0x4e8, 0x340, 0xc0, 0xc0, 0x340, 0x4e8, 0x4e8, 0x4e8, 0x4e8, 0x4e8, 0x6, 0x0, {[{{@ip={@multicast1, @local, 0x0, 0x0, 'nicvf0\x00', 'gretap0\x00'}, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @ECN={0x28}}, {{@ip={@rand_addr, @private, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pimreg0\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@inet=@esp={{0x30}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr, 0x0, 0x0, 'bond_slave_1\x00', 'veth0_virt_wifi\x00'}, 0x0, 0x128, 0x150, 0x0, {}, [@common=@unspec=@conntrack1={{0xb8}, {{@ipv6=@mcast1, [], @ipv6=@dev, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], @ipv6=@remote}}}]}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 'gretap0\x00', 'syzkaller0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x500) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r4, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4) bind$inet6(r4, &(0x7f0000f5dfe4)={0xa, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0xb}, 0x9}, 0xffffff1b) recvmmsg(r4, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) write$cgroup_int(0xffffffffffffffff, &(0x7f00000005c0), 0x12) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb0100180000000000000200000000000011240000000000ae282714803944720000003ff5f5fc9a0d1a4cb2000000000200000000000008020000000000"], 0x0, 0x54}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000a00)=@raw={'raw\x00', 0x4001, 0x3, 0x488, 0x0, 0xb, 0x148, 0x0, 0x148, 0x3f0, 0x240, 0x240, 0x3f0, 0x215, 0x3, 0x0, {[{{@ip={@local, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth0\x00', {}, {}, 0x11}, 0x2e8, 0x2d0, 0x338, 0x0, {0xff0f000000000000}, [@common=@inet=@udp={{0x30}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x21, './file0\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}, {{@ip={@broadcast, @broadcast, 0x0, 0x0, 'team0\x00', 'netpci0\x00'}, 0xec010000, 0x98, 0xb8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4e8) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)}, 0x0) r5 = socket$kcm(0x10, 0x3, 0x10) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x23, &(0x7f0000000100)=0x1, 0x4) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0xa, &(0x7f0000000080)=ANY=[@ANYBLOB="1808000000000000000000000000000085100000e03a0200000018000000000000000000000000000090cd58562a15002c000064a6693bad89000000000018000000000000"], 0x0}, 0x90) r6 = socket$inet(0x2, 0x80001, 0x84) r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000580)=ANY=[@ANYRESHEX=r6], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, &(0x7f00000000c0)='\x00', 0x0, 0x2}, 0x48) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90524fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) unshare(0x0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000680)={0x1d8, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x1bc, 0x33, @reassoc_resp={{{0x0, 0x0, 0x8}, {}, @broadcast, @device_a, @random="f7ab87594b3f"}, 0x0, 0x0, @random, @val, @void, [{0xdd, 0x76, "d8a062cc132f8c370fffcfbf6c255947985b88cb9f22e02d96f87d9c0a6796487053adb1a2d1f8ed33d6ef7faf4ba99f81c72edefbc742d2d897c0fb6eb2289c22b03871ec6ddb7398d4b5509078903c634145233d8a7a9a2fc09946ff1a847d43452a17ee7a24318e4ed910599f7ebc8291d4dd5285"}, {0xdd, 0xb4, "95e79490e4be3bd5f39a64947fd4f137cfd9c5eca413775fff8b403d1c6824961df673862737c366f53984496ea72bc7f78d843ce303b67336957356a02e1c5bdcbd4acf120d5d44f07910bdee6eabe82f6c76ecc7c98d5a107f6eab471672d7179671906048fe7622486b35f02bac5c2f9f0c923711e82767b10da5a68b7e74d5ed8477aa43553caa8a6a5244b329c5ea5d533697643fd5f3fa33ac9b1eac2c7f88c0d5c6c9594a701e79960dd7d5ab4df31389"}, {0xdd, 0x6, "85251095238f"}, {0xdd, 0x60, "a83d63f0d27aa001676fcb9ee526e68baeaffb47b1c3feb502aa94cc0c02fa026b0843067418e349a066eb39770717f632173e6bf4be46c03a8b7d4a3e7be2dd21f3c139c233576a6580ed5368fc27caead9239899776d594603177acb5662b5"}]}}]}, 0x1d8}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x11, 0x4, 0x4, 0x8, 0x250}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x2, 0x4, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x16}]}, &(0x7f0000000a00)='syzkaller\x00'}, 0x90) 1.928672757s ago: executing program 0 (id=1025): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000140)={0x0, 0x1, 0x4}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x8000}}) read$FUSE(r2, &(0x7f0000002380)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r2, &(0x7f00000004c0)={0x50, 0x0, r3, {0x7, 0x9}}, 0x50) read$FUSE(r2, &(0x7f0000006580)={0x2020, 0x0, 0x0}, 0x2020) truncate(&(0x7f0000000080)='./file0\x00', 0x408) syz_fuse_handle_req(r2, &(0x7f000000b1c0)="02cbda572ec32cf73bdbc52bfa4e157261eb6cbd0d1d50c9d937a19739fcb9f8697bf69c0e2e526012185f1b86989056f9c2d38906e8a47b9b5fde55a777a6357ac40c211de6325f496fd86dac09bb38b62b37d715d06e3c61b172aa4a662cefc7810ba37161c637a9b56a7c7b022426826076f1d2bf3c3b6f92ab9c27d691385c3efc354f1423d01d6a49d534fca3f2bf518cd645cf18b4ac2d2ac4c5c29ba487c9d27bb488a73146d5b9e21427af37dee4a276646eb2519e4f6c76cce2f7bf7e708d5180959f71d3797220101849c5144ef8338a5a2079ecce466000cf290d4df42e82865512fb5fb01fb655613cf1c469682edd86a4bef86aa23240ca6a2ff38b59339f7530e8a8027aee0628e0f81b2f5c661b149d780f20ec54c8d3d42c0c49f83b1c0d4bec94bc9221e6fc7c75ebd3b68081df207721584055baeaf6429616d57cb35d2977d45971d209e4c45dfe3c5c105e0e2b49fc8685b4945f31c9468f3c950fcf70a8f45e5a3be62f73c228a6a34a99b6f584b42c50506a6c14187f44887270011cc98d7e5e258df533411c8d39bfa9e27014912ed9e9696fd4074fbefcd4817a344be5ea348f4a7a34733a5bc5674b1bcd39404d5a458d1e19b6d4bdb4e23403154249b5798dea7b60bbf0c09c25027a4efd49d36cbe65b7450c0bde580d356ad4e3cc7a9a57e6ac0b542592617869e57d9bed28f0590241bdeb51fa775aa8806a55df2c795a61146bdbe38eb7a716180bb9b728696bb0e78ff11f89b17c7e7fe9b14ea976ccd9991f01f5d0c4620053d0b5ce42af76591fd0706494b91a6dfc43560f9a9538ada19825ffe3a7cc7a56b755d46ae1189b1f1ac729d9938ad48a066624c1b28003a9d193b4b34c4ab2609949df96f693389f27dd3e1f42b178eb17079c1448d7e9fac30ddb53ce8e5a157db8296cd3069d332bad0528ae56a6db41ba84699b85f225a78a33879512a5f0b795fc58957ef6766afcf546fe36c8125276eeaac9d647b2459c164aae86a2703e85d4f552a0647cb4bdfaecf6ec3a264a6b6892a9a1ba08a9055e98b49edc4e1f8010f63f601a8251921df70e15011116c471a70a0580b1789bcff471dcc95ad209a44ca2453d58d3ea4c71e0383db68adf332a497a84faada33f18bd3cd79ff9d6809409769b02a66cf524534ab7134e3066eef904d8961195d9cdc396a012bb3bc1b1ccd60317d08cb059174642aa3f60584e58e7417c1736f6863fae9e7103158711167a53d7d5deddacee6958fd4c2e0672b8dd90b41512b1f59fc49099633860dd6902c1df3d5924b1cf81ec848d51129b3eddea619129e961390d65d2243d400a1e30e524eeee1a701da5e21598acf457947bad693892a2989097ecbe9607a33ffb33425ccac5e19ebd1f88bf3acc03331adf9697bed04b33ac9fceaa3bdc9a417b12108e10f9c45b6d36181099056a448689da4ef68beee35f5930ce4a5712cbed98239a674c5883d6a5e0df9c1cbe1eda8dc19d14c4abe896e3b28bb3d4b2a0e9ae31ca07b9819825f3a6ab82c5501becf023a656cbff569dbc3035ae3c585747fb459581629051286b170b679b683a0b2eea6ef3b41a68012e5f4d64f689c2b909cfd06d37c0a802be2d882351bffeddef1373d8cbafa10fefbc28b31a70b6e912fc61257aa76a0f0dc1d3ef72d2f61517a359053c3dcb7d49d8a4da61bcf3b3dafc0528bb037cec0d986b3949fff38a21dab6b8a3a167bacf067c5f7842ebebcc1bd54776b2e54a098303c6331beb16e42d0669a518af2d173405786439d739b813c145c4f9f98a537b1065bf4636c76e38b71943815a6d1227d0a6965dffc37c00444aebd2ec19286b83443902dba1354a69377e97070a79151e64711111bf3e0a755b0fb1a1d5d009fdf61b665b41a3b7dbd0655236360141c52b93bc907b0672743973c30d6c9ece47fa1fe3625cc8acbe305156012ef1c5ea140be70b804887be593f25faa13ee4ea2d9821d23c3e047d74ad4f7de4d95d275ea3e6c87479f1badfcef002ebc7020b581a096abac1a80ef6ff476a01b01f7c0fb1239fcc182f74e5b5965412c0f4170432af15daf457143b1f41422b8a7f9b81c15a156ddef9af95955090d013cd52aa66ebfbc87c8030e7f86b52aadaa2e63c261185eed7c46b5f8d56e8301a9cc1578aff77b42419a5eb2e263207ef259f4da6ca6466ac9326a633b39e005028c07c9aedf17a70e638d7ed84638406e6028be879fd0fe491152e181d5527933950eb67a52cf155d5c845a6425e41a47b44d9905de26e5132c8d594c1bf6d4f12dbcb96d7431a56546800275623679d6c189e0cebd1fb8063140b89d42da60ed06206d329c29841e69c820428bcde53c998bee0380a816d080b36f64574718b84e0ecafbfd2b9981f4886df258dbf1cfdb148b171516500572a7086516fd519bc861878ec2fceb6872229ff1e9782720e590d8ef4691fa9c4c54bfcc843015913a2ed40bf37048151d17b44365f7f8d3b816d1b1cd40dc5dda6ab8f637b5f6bae92580f1c269c9231c9a79d58d43208be7622147db352b1294260eeab12409f5b5ee94d99548640634bc9479a6e6e06cc8838bf85d9bd95452eaf8ad3cf6c070aac36a7d38fe23cebfaba46c74a6c5c98b1b5243edfe405161b8c3ea0cdb1bcb4e1041fc62451a6094b0c56ee2ed29520b87228959bc01a9a9f54d214704bd321b152a0e88d0646e99a92a390dfa6bc2c34d418e5e900a3b641ab34a5fd8de751bfb3253b7aae3948d871892d7b76b351b073a93f3ad82b0c59bc49ed922c8d63f8d12c14ce1912bf877bc7877f619b03d09200836c775675e0614efabfd5665c3bf12e6131a7232639729b79ac1c5e807246d30934b0f63b31a06c4722278299949c7785d796b6d3d4a5f2fa652b7fe8be447cafe93fcb07167f3ef16b94261fc3a9d22a57a7aac56562a231d79dbf3bdc1f436206337ff0f8e019d76b823c5976ee23ba4e553ec62d261bdc7da90fee46d3472cc267a7a74b88112ef765091df03bb59cf303feaa0149b371a7bdd75c0187ce842dd1e4cdaf7fc0f5ef7ffb559c535f19100ba653728cd936987731d5ac99cb9ef772975b17b2aff8b872df0d189c7944d63ed66cfce8ee92e7a1082c2a501007aacbe0011e6c32489bcb888e1c464bec59902d940d81136c543098a60104bcfd0f4e7c27cb114ff42e8d31fe09a4bcc21cae5ef2f8e4890bd8139fff1b1b2a39e29eaf2e5d2fb810ea37a13e6d2105a6c2ccd03fc110c6f9063e2433e1450dc8ebd8ede0445af662cf7ee705003630ab7d9fc6ed30169ed674dda2802d519e3b49016c6f11612ae53230b062281ddf7a678784516c3d177857f8bdbec7910af8c81333e471bd8a973ce858a14756ef6ec85498714fe8e1e6600023804004b968eea42c410bf0f5c5b2471835454f20230a6d342f96f71a2e64f54b838e5cd939d7a651d402fd60a8a2a081de0c536d5b81345d92165e79fa65140b91c23cdb5829db55f1f93b88bb43a355e9304a17355851d52c0d745b611a30eb400044dce6ac742bcce9df9583b827514af8a2ed4a04553817ba6ea22e9beaba65d32189a5c2bf65a09d2c8a8798c0645fb24157a4e71be7889fe65c34869d8852b21661407feed92afb0bfe582693a21c050e5adce1fe97755b0be276c36b81b89700b99d23d315a64f7e115eacdb3ade725cb3cfe36c27a5e2addad60290b022a9fc26132b5ec3b5f1d884399fd992525a3e17e18e7ee6078a64b7efc3bbd116e5c305d8ad935baff18ed94c7a8720e729132e110f986991a3ad21cc637282f55588b12756895e2d10afce85b1a04fc271b217278f156c7ffb1ed9dd52b18fc8b153802fc329dca81b278d715f6e31fbcc77d8ce5c2786573bacac30791aff5771fece44063d1e84abcd6a4ae016858893605eecf253c79e59c2152efbe9fdfee3c441e4bc9cb14fc96a675aa17bf7d2024d665fe3982b61888bbe7129a1ec8fafc3480170c71d05f5d22ef7ff0e2ca598fd02bbd0ad82e6ab0e775388bf3aa421c20b6a2a5e256386abff1103f46a8b5c54c2d54b81c50d8bd98aea724bda55f99d95956e939b85d59abdc50ea4cf1d44afa3e8dffc9d84c6b7d28b78c40d7498670602b97c5e2a6281c7876dabc1d14d156e827873818bc590644d2a1d084d39c84e78127b087bf2cd9353fd13d4ab12350318aedadaca6a2728267e6f5f16547caadf3ac2fade3c86b516c6ab53d61ea1c148835b9a2c91fd0ded7283ef720086dfc7728968924731715f78915045a69122d8b23a6db47cc6fccf402b9913e46c9a36924327ca9bba6bb8cf7cc80952501fc2181a2ec7ae4364cc6eac0cba0edda68f3b398a249d114702147f8b1cd9c7f8a15345f42a7a50334928eb4e2de974e4ae2ffb796bc640922f7ada0933460e0c0fc06276dfd228da9bfbbe5a3eade6f98594b0226339156022aad7aa8c9650417cb1551b3b6b31ce436396f68134a6ef23d6b926988fc410f81e1ae01282f244e70051f1b93644f78af3ef6359d106b291568e1ad00ad6ee102964fb7aaaec9732e43a21ea28cda496e4ae367ea738482e777290cca2ef61c8ff10c1b9546b5d395d21c98542f37578d297c13899247a6fdcdf0b8cba6b498875926a19852f97ef60dc1a0c4069fdd4d1fb87a6cd58b8786210687d644a4bad6f8fee0bc5fb94294cffc323e97597be6a5e457a5dd27fe2ebf5c34aef3bb5c43ba0a7d931e7ab02b7c290c5d04a41c01d14d6fc1ba80bfedf71caa0f7e59b135fad73e28d4861d601f79ad32edc6f8d1978d8ecf787f3c9ac71b2404939827b16f3915c8b1445dd1ec012aaeff88789c396665a50df52b244ce5b100d9a29ce52903b8f7f3662c0d0599fd1a7071798b759be02d58e5c6e4626b477653655fb7f5d7bc0ad94dbfe131c9ba5a994c1605c03b9f5173f8205c580bff685e693b23ab4cc7b2e4b21282b14f65684747ad98c0d855a205a6e17b5bb4c2b07097ae32393690e4e07a7f3e25d6bd01c1fb973a67edfa4e1d4a7a96b68570dd9d3bdfbe8a5a69adbd17167533ddbd2a58d70ca1ccea6428770dbcfeb47ddffa99e8b5e69bd34641c1f1a033e86215447fd2927482b12a85f11ae1d8b2054d7f642a9ba526e5a7d8e3d81bd394c264666f4b4dc3ff9c1584f277ff31a29c1358d9a953e0ae2822a3d174a0ce3da386083ae06f02723aea03931a38116a8e4afbc36fb9c094eb340214881a6f838f8d66141e451b9a1bd250363e591bc4ac566123a379272c08c0511e29e1dd1bc06869f3fd151bada9b28a6a71970ae3580d5bb0ab76b38068f504659bc335be1bb2a285329f749303600211d6ef7e151ad861b946d99f36d20074d65426f68a6758270ff946dd387ed3b150199fd81fd2e76a70a2fe2d7a2f8899079068ce48c5380db7e69a1a91f244ed32400e8d9e3097ec2065570dbde88faaee4a938f0b4cc20f31f175df62bf6cd88968ef7e24912dbbf91869eb9b34498d7f6000ef9a62c9441f4177ab5da1428d647b6e3cea1ca8a91b1a1246c2e048654e350cbf3dd4daaaa2558ff9c505ce0fcbcf93601a725289c38724290cffddf87e5345b43a66eb5f9fef718b0df4bcfe82c466017c3d8f0bbfd5544ff2d834a6e653ae789561df44281c8510b4bad838d04ab4a8e84fc4fc022bbe8454b36273cec843731c1df6fce42947a029f61e030990c0002b6f2c9c552227c8785c0b53683de3e518123b270f595aad389951d1edbb9c6fb14cb4e479acff1ffac191da3d80a696b8be5919710c9137ecc0ca383d8666e30a356759a5299f44c2bfcd03a8df33de0e27d6038a9551cfc5ff43de0d42a6d033bf15f3a44d52f8a71554d1a2efb78042c1c9957256d7ea06b7751b40668feefff205c74f0f947ae0920aa746f17027bbef312708bf72fb23c12d0dcf6493584c1bdd0b5780017c038bc23fb6c25c560bb6da3775cf03502c07b987e64f8a2b84a870b5dd90c6aea7fad3d0a3ee46fda953dc085d272ee5855104b8bab8ed8bfd3338e75eb9ad8118f25c7e580fec613e30cf3eb7059e06d9be015709ba6c9de9dc9b6df8228b13f0439fa8d530aa9a4dc1d44abc3191c159a8816e7368fc5c6a0e57eb881d734c7a5459ba3be1b8a17b5ee6777ee42e962aee199f35ee2c2d4a39275e1dd6a8546daadc7ceab2c90667ad48c75bc7008ec2d7daa57562260d6d4509e67850e988b640569c050d3bedbd6c2de9b4f466e2d0c6f83c3c2392a5adcce1523e89f730a84f8cad28f84d1a0991f44aa4714f93088ec2a2836766d73569c7b0c1f70a067a3f0dff1d01661937aecb39e3d0f8e0ea282cffebbfdac63196eb13c4e53f144fc66a82cc0590f1d6d249c333420c24db92177c89cf0869346c34147dab6c3b94c325ef635d0e6d75c23906e71a7940e13364aef81b97108a4b209d372558d3bb0424ecb6a9a9ee28f7d1585c8af6f1256c812eb48515feda309a08f1a2954039ff0a60a2ab75717d2eb93024586837e552942eb63e0d6735d01258eb4dac6209370c109c1a1763dd742f3551276768648919f9093fd4e0cedff9442ac404e463eaea0ffe58a5085c987c093fd30e121218123457916ced3a7250a796a40451a4729125bce2ba5b6406e6626ecfb1d3f16287ba238feb575f60eba96443c60252d5927b81b73574ff1b7d424623b6cff5ce0d1b31b3d199c85da27f8736d990063f09dfef93402d880b2c5d7a9cdf45cbb4d1baf95be490f3dc9998c2c7ccfcc6e6395e7e09e6c44865834cd3e0968ffcc1d0f54406b55a8952cd8096e8968cdca3632b71546192c76472a66c4a8584eb748c1b3c30d52e8699adbef91329aefbf94d251d0b82bf42a648f73020881a914ea7c529802772b4b60617e9c1d9712a31d0ec3e92af4b97f50ec96e794486101a9e15daf8b7f13078d22767dc3b57bc0431ef39b3ca12b2932aa585bc856e8cf5496d78eaa50f06b483f416b31f78767bd25e260042e84c10e9cf9bb53a3f4fce11d703e90004949b55044907242f8eddef627cfc9642f4a828476074c298ea2d7b07ddb7b4a2b9f8f1e5a32fac7d105c5a12186da19ef5f6475763ee19aa670e7b45f37248fdfa796d6ae761dd77955851faa33675ee22e8174e0a126ac58b9998ccb5e4d12c3e00165533ddf710bf0ab0edf6ba1fecf9548ca1618fd980a4f9a35eeb5c1aa329a288378b9b5ed54b56075810cd22abf0c06ce0f1054805410375d6e41564b71b86cab6929c5c1cedb72e0b1237fdad44edbcfd326312caa49ed0c8f7c5a33986c89245fec75d0f9a34f744bf74d6e0f901c12ea25edd60c43d22f6644fa294534cac1c581b0cbf5d9765fc18fe6c223dcff4a85c7eeaf4cb1a9a889c236778b85e69d50d482743664bdeade11b4ced78c3d0b62ba07f98a898c6e89241ed6522fdfc430b75593673d43d695082b0114b25f231c8a141be953290b1a3855adc0146adee0b784fce2cf8243838bdcdbcf4e0dbcc2a9945deea1d02858a9e9dc54f0e818b81d024bd9b2e052a73fb59d037ab526c78faadfcdecc15f2a1d843e84aabc403e84b2fefbfbec982f22b89a2be560002d45ae12a8a2d00f0a3f55e26789a593fb8bdf20efb8a51e3d0dad9ad2caec39ea7392c58eebebc7201c78276f0127e43d5c8efe0200000022d69586a9e096efe80844c38841640238584936d8a96c0ba41dc0dc96a11623ff1e70ef54a9c43ec3cd0359dfdf55c8f8c306110d833d7de7a35f015369bf6d92b3b6f0f7dc717c84e51ce475df451b9a6a91c8d564aeb389267082b9cea77f09c6c6490084da3820f80d3e62bbd41a6540591c6c5cf2a18e4e829b82a6780b6b1f66d96fcfb1639a335a78f8c3ecf381148b2625859e514d35eb8c4acc98f7f8220e1827d7745f1f054691eeb1625e2d238ae03c93991058c1567be4938de2e60537749ee81f327f1f1e586ee3af4ccf53b29741c1bb0e774a1d27672ec27b43719d3710e9fd8634213738d98844717c8b1f707bd42f4077c9e59eb539f9cb32c11b47bcb7cb3efd3bf4994e90166a5ae380c821d2640fa99df59978e9b7e50f0b830943de787b1bf99e14edcdfe8565556ae2a8c0552d67898fd13551c007eb779edb60e85210a418cf0a4a41764fe9ece74f5d8000d168fab61588c5549113e8d8a059f17699d976fc7dc68cfd0ec404ef0c7eca459fbad1c40317d81b95a94b037cf96ba677697cfdce4c2c4e02cea296f25e556c02381ca891ddb6adcb0535e262b26290000c542e7616d63b211c16f86048079ca5167598aece3288f86658249e939cb6b59b6cdd3fce0e9ea81a3bb3f88908c600ea031b0028f12632d7ac2f81e54f7e7eb70ba70bc937571b242c4ef228f801b6a4376d11eabadaebb1322823eb30faf6cf21a8b38a769824e8b7009ff278f80ac2af39f0943a29458d127eabae81d2915557b09e3c49f8c22564edea93e8717306fb198dcc92eb3c9212f03dac94fa3fa1fa4e1dbd2119e024639f0ddc87cd906d3317c6ebc6e698257f73912ff46fe8d9adbd3f57ecc78cea5c1eb04ac5fd1bb79a53921fddaffd2d34f444b54208096cbd2aa3e26ca01359b05c10ff36e98e1ac97d51380c99e1b685928eced0d2f1e754001e7023d2473596feb7c7601619277dd7e844bd5544e7e360f8e4223fbd9e24b3fb69a34ced39bf7590fb853e44031d075fe647190ac7811522c73a6c6033457c14c415e4a84663d2540784a1cbb4a398f1d8612f4f3d334576c99d5721bbeac95cc34d18080e3b1365b6844152b8259c8d4618597f291f2b9e8812ab7729e108a8d44487f8993faabf6c6a8f49db727f17cdfec43b34c39cfdd3916fa6953e34f316100368c7b2836c11dcd4710986980356b7ec4ba23fab5cc5a8c6cacb61cc65570231407ca647946393031986cf4736280ed2d7976d66618fc240191455ae405f1d62145297179c040a707093fb8f60f5a3738b8bf78bbdf952478da7e9d3c892af5b83cd9dd4f00fcfa13beb9e6988e3c4b4e5300e3757a93efaef9023fb9d7442cb1a49d7efdec32ac1f98e6227cad38538f6383c3b6efca2fda7c101ec548c3549e7ac5e737478343ca47cdcd65acb71e0eade28c684b69785ae1fe31aaec713834b6635938d7d66426e965498978e4b467f6132daa6026c39dcbf95656b9be5c074badc18b5a74e12967b45e23099fa765ea5c8c18f0feae94755827e494f251ae96882b5c5f6d54713de02501faef1fcb59bf0d66f9d0cd3a493b139237aefdbd402a3df9dd5beb2887a055261a08047be52fa51f61636255870366e837f20d0f83b8557fa4a003647152ee27bd34b5af52743d4c431ff4a116ae1184c810e8397ef2a056845c6e3b5c0beafbf8f78488102412e04e47fb87be9a9ddc075ab519f424ebf821da659b18ae3b61a7b243ff94e3d1ba420cb342db7b8060937749892a7954d3ba5e63017703f5224602616ff6d3fec42444b2524f97dfa467d9db91681dce08de5ccb1ac2bf6cb5e6c1d586b2fc62e78b0bc23e1924a4f023adb39803fd6c3d52c40b13df9c6f54bb2b4ef88f5d0ffdfef13ae46dbf75aa6457da3bdc1781dc814b0b69debee7456aa7f75571caef87f624ef703fea75f136cc7f90af0ae558cf3de5e8cc92f3e803bd46e05f42e4167af8136db6982ad26a52778e1fefcbabe61a57f00cbf04e3c82445c04bbd8832b8bb9a7cb854a22f98cd7b422a7abafe6a00571539802e56f036d5a26d79a86cb100b90ae168d2406c2c0b9c5274ad69298e7983f4b30e006cf4882e90ca8af4e445dc06d0639231638dd39929065d920af913cc7284619fcacab0023893352468eec73d7014407e5d4bca9e49d412ffb12e68610c26206de0b3282e925b83389cbdfbc41cf279440a13838a1431ea4f1a371b6b143b914238773d171bc7b44c07729e8723fe51b8180fc9c9be6694477132cb82b22b2512518266781e687fcd460995ed581059d3c692ecbdc8daf3c76e5a5bc8e57973fed5fb3465a3dcb5557f92dba1e212f9bda66fc4829e10ce3e8b6c117b1214cb246211c861eaabf8ccaa94aedd58349399e619c2dc587719d7901d2cd85ced669d0ea898c4f127d1a4cf274aa0405d225605edf425dc9b7375c8ac2940bb369eec586097f0cc07940ecc8bd400976b9b36027a040be6e64a2fa4f7ba5d59ce9b4f76192d260d665290b20faa3a6a941939a0b3042ef4d8f9b980c71a13496b104965e1c3dab25cb46147bca6b70baa0237c8a5cd1c437e43a50302490462585410f65e03186df5fc2c5bcd89f6d6a4ac34c971f0579070ab6e9a6a84159b2910a7ba797fb09dbd3ab88c23951b1a91df8cfc2d13de85dc715e2a111458acc4d640a59c199faa2bb28ec3309864fd8a6997ac89833853101a08198aa6ab3e5167b4e8e55843efae1ecd3fc6507f3a97bf2f8c4c4da4896c788a17a5fe8d8c3f79fe41dd7f4497380f1ffc8f8d6cc2c2dead697e4947cfe680a0e2b5100743444536134cde4378b0b1fe6ddc09dfe8d618f93edffeb7d097a37a19248be0bf9c4f536a484a5fc96f18f2eb4f6462b20bee241ce16b4790c854bca10914e3ba98eb0970765571a8ad45baba39d20b8c1bbb7c65717e265f5fc5edefb130aada09aa7f2c50c45de6de7327faef192977f499b7aed9e73c2ecb97f7256f89fc8b4834670f798438fac5a5045d61a7f429eba77de37517b984b0acfbd6f494a1414b0fc040244bb62a19150e0c15e5315b2618d05429263dd1847accc5de9baca08edc921ed9a0af00175c118ab801da9980098fc4a2bf16ba73e580000b49129a5fba00a1f2c45c0d0939be83ad93569dd61330913e8b381f9aff6d6a584862d636c1a4989dd3fd14853bf033be56f21a3cf1eb95d7df7c6436ff3d5a8f472bf4a3fa8b0b0741d953d9644e0ec801d4154336357d2d1492c6d336b9101827c1401898ecdca5a66c6f727d23d3ebb95530ecfee0f7649c221d2c131e56d37a8d422b0803ed0d623a2de36e9279c3c1c806654fbce9305cbb44210e282fa53c72f813440fd0cbfff492716c4a06cf99f4809481d51a03a88911f48f25db6784e16f3a251d5fb75fca164911e4a88d1b904b5372d8660d309f347dce2810552a4789af371f3e67418433cdb0d69a4fc562514cb396141f31312fab85f68c1ecd9d03ba37b40934535cc3e53c71a3a51663a479eca63dc5c15a387e5753cfa806402b6426b8dcaace2553d219b2ae02bd45fd4fde6e3e1bd6370d3e8d558aea69854381f1dad0fe2bbf1a73043f03aafe81c3a3d386c758abcb45cc537bf40d459e138f418802ec61abcad5e333389d74ea941eb5f26b25ed7642e0135fd8e3e2fc998613023dd5b804e2cf1a80ea60b353535b1446e3ebb542c1c15d87c6f5a4716455c8a9f52380161a5d23e9678417fe7ed64760e14c1390bcf73e1d531bb3548d7b9df25b6f85512667af396fad73110d1ab69a8ecdddaf29dc3701a5d927e599f5c2af293a6b276da7a5c917298ea24c2366d5e91593605fcbc4d646200", 0x2000, &(0x7f000000d8c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f000000d540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0xee00}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_INIT(r2, &(0x7f0000006500)={0x50, 0x0, r4}, 0x50) 1.599723372s ago: executing program 2 (id=1026): unshare(0x68040200) syz_open_dev$usbmon(0x0, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)}, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCADDRT(r0, 0x400448c9, &(0x7f0000004f80)={0x0, @l2tp={0x2, 0x0, @local}, @in={0x2, 0x0, @remote}, @nl, 0x7, 0x0, 0x0, 0x0, 0x3}) 1.500505683s ago: executing program 2 (id=1027): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[], &(0x7f0000000440)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x10) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="4f00030007"], 0xd) 1.450268652s ago: executing program 2 (id=1028): syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c4000"], 0x0) syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[], 0x0) 1.111254523s ago: executing program 3 (id=1031): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0x44}, {0x6}]}) r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_int(r0, 0x0, 0x21, &(0x7f0000000080)=0x200, 0x4) syz_emit_ethernet(0x66, &(0x7f0000000580)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd60cb653e00303a00000000000000051d316c2d4f341aed8305a1527001000000000000001414bbff020000000001000000000000000001a1009078000009000060257a5400000000ff010000000000000000000000000001fe8000000000000000000010000000"], 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000400)={0x0, 0x0, 0x10, 0xfffffffe}, 0x0, 0x0) r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92}) pwritev2(0xffffffffffffffff, &(0x7f00000012c0)=[{&(0x7f0000000100)="7270aa3f0c63ef31716980d71af481e691d156e5c690c37493c965008b713ed133a85027d43b49d05b8ec0e538f674752205f76fb42632a5233a7d64e1cea692029b6a", 0x43}], 0x1, 0x0, 0x0, 0x0) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000ac0)={0x1, 0x0, [{0x0, 0xd3, &(0x7f0000000780)=""/211}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f00000000c0)=0x1) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=""/253, 0x0, &(0x7f0000000600)=""/91}) ioctl$VHOST_VSOCK_SET_GUEST_CID(r3, 0x4008af60, &(0x7f0000000040)={@my=0x1}) r4 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r4, &(0x7f00000001c0)={0x28, 0x0, 0x0, @my=0x1}, 0x10) ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000b00)={0x0, "abacd211119ca94c63377526aeb5ab2c7b9ca5fa07558139ede6dc06270ee042", 0xffffffffffffffff}) ioctl$SYNC_IOC_FILE_INFO(r5, 0xc0383e04, &(0x7f0000000180)={""/32, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000480)=[{}]}) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='gre0\x00', 0x10) sendto$inet(r1, &(0x7f00000000c0)="929c", 0xfdef, 0x4, &(0x7f0000000140)={0x2, 0x0, @multicast1}, 0x10) accept4(r2, &(0x7f0000000500)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, &(0x7f00000002c0)=0x80, 0x100000) r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="58000000020601040000000000000000000000000500040000000000050005000210000005000100070000000c00078005001500020000000900020073797a300000000013000300686173683a6e65742c69666163650000"], 0x58}}, 0x0) r8 = fsmount(0xffffffffffffffff, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r8, 0x7, 0x0, 0x0, 0x0) ioctl$KDADDIO(r8, 0x4b34, 0xffff) 1.107882781s ago: executing program 1 (id=1032): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x0, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x8000}}) read$FUSE(r3, &(0x7f0000006580)={0x2020, 0x0, 0x0}, 0x2020) truncate(&(0x7f0000000080)='./file0\x00', 0x408) write$FUSE_INIT(r3, &(0x7f0000006500)={0x50, 0x0, r4}, 0x50) 1.093130478s ago: executing program 0 (id=1033): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) r3 = socket$kcm(0x10, 0x3, 0x10) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000080)=@mangle={'mangle\x00', 0x1f, 0x6, 0x4a0, 0x4e8, 0x340, 0xc0, 0xc0, 0x340, 0x4e8, 0x4e8, 0x4e8, 0x4e8, 0x4e8, 0x6, 0x0, {[{{@ip={@multicast1, @local, 0x0, 0x0, 'nicvf0\x00', 'gretap0\x00'}, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @ECN={0x28}}, {{@ip={@rand_addr, @private, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pimreg0\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@inet=@esp={{0x30}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr, 0x0, 0x0, 'bond_slave_1\x00', 'veth0_virt_wifi\x00'}, 0x0, 0x128, 0x150, 0x0, {}, [@common=@unspec=@conntrack1={{0xb8}, {{@ipv6=@mcast1, [], @ipv6=@dev, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], @ipv6=@remote}}}]}, @ECN={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, 0x0, 0x0, 'gretap0\x00', 'syzkaller0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x500) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r4, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4) recvmmsg(r4, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) setsockopt$inet6_int(r4, 0x29, 0x42, &(0x7f0000000100)=0x1e79, 0x4) sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) write$cgroup_int(0xffffffffffffffff, &(0x7f00000005c0), 0x12) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb0100180000000000000200000000000011240000000000ae282714803944720000003ff5f5fc9a0d1a4cb2000000000200000000000008020000000000"], 0x0, 0x54}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000a00)=@raw={'raw\x00', 0x4001, 0x3, 0x488, 0x0, 0xb, 0x148, 0x0, 0x148, 0x3f0, 0x240, 0x240, 0x3f0, 0x215, 0x3, 0x0, {[{{@ip={@local, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth0\x00', {}, {}, 0x11}, 0x2e8, 0x2d0, 0x338, 0x0, {0xff0f000000000000}, [@common=@inet=@udp={{0x30}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x21, './file0\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}, {{@ip={@broadcast, @broadcast, 0x0, 0x0, 'team0\x00', 'netpci0\x00'}, 0xec010000, 0x98, 0xb8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4e8) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)}, 0x0) r5 = socket$kcm(0x10, 0x3, 0x10) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x23, &(0x7f0000000100)=0x1, 0x4) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0xa, &(0x7f0000000080)=ANY=[@ANYBLOB="1808000000000000000000000000000085100000e03a0200000018000000000000000000000000000090cd58562a15002c000064a6693bad89000000000018000000000000"], 0x0}, 0x90) r6 = socket$inet(0x2, 0x80001, 0x84) r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000580)=ANY=[@ANYRESHEX=r6], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, &(0x7f00000000c0)='\x00', 0x0, 0x2}, 0x48) sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90524fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) unshare(0x0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000680)={0x1d8, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x1bc, 0x33, @reassoc_resp={{{0x0, 0x0, 0x8}, {}, @broadcast, @device_a, @random="f7ab87594b3f"}, 0x0, 0x0, @random, @val, @void, [{0xdd, 0x76, "d8a062cc132f8c370fffcfbf6c255947985b88cb9f22e02d96f87d9c0a6796487053adb1a2d1f8ed33d6ef7faf4ba99f81c72edefbc742d2d897c0fb6eb2289c22b03871ec6ddb7398d4b5509078903c634145233d8a7a9a2fc09946ff1a847d43452a17ee7a24318e4ed910599f7ebc8291d4dd5285"}, {0xdd, 0xb4, "95e79490e4be3bd5f39a64947fd4f137cfd9c5eca413775fff8b403d1c6824961df673862737c366f53984496ea72bc7f78d843ce303b67336957356a02e1c5bdcbd4acf120d5d44f07910bdee6eabe82f6c76ecc7c98d5a107f6eab471672d7179671906048fe7622486b35f02bac5c2f9f0c923711e82767b10da5a68b7e74d5ed8477aa43553caa8a6a5244b329c5ea5d533697643fd5f3fa33ac9b1eac2c7f88c0d5c6c9594a701e79960dd7d5ab4df31389"}, {0xdd, 0x6, "85251095238f"}, {0xdd, 0x60, "a83d63f0d27aa001676fcb9ee526e68baeaffb47b1c3feb502aa94cc0c02fa026b0843067418e349a066eb39770717f632173e6bf4be46c03a8b7d4a3e7be2dd21f3c139c233576a6580ed5368fc27caead9239899776d594603177acb5662b5"}]}}]}, 0x1d8}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x11, 0x4, 0x4, 0x8, 0x250}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x2, 0x4, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x16}]}, &(0x7f0000000a00)='syzkaller\x00'}, 0x90) 266.982986ms ago: executing program 3 (id=1034): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) socket$inet_smc(0x2b, 0x1, 0x0) r1 = socket$can_raw(0x1d, 0x3, 0x1) r2 = dup2(r1, r1) setsockopt$CAN_RAW_FD_FRAMES(r2, 0x65, 0x5, &(0x7f0000000080)=0x1, 0x4) r3 = socket$igmp6(0xa, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth0\x00', 0x0}) sendmsg$can_bcm(r2, &(0x7f0000000800)={&(0x7f0000000000)={0x1d, r4}, 0x10, &(0x7f00000007c0)={&(0x7f0000000740)={0x0, 0x651, 0x0, {}, {0x0, 0x2710}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "d97ee91851f2ae1b"}}, 0x48}}, 0x0) r5 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r5, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, &(0x7f0000002200)=[@op={0x10, 0x117, 0x3, 0x1}], 0x10}, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r5) 210.013638ms ago: executing program 1 (id=1035): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_PMKSA(r0, &(0x7f00000001c0)={0x0, 0x30, &(0x7f0000000180)={&(0x7f00000007c0)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0) 209.60206ms ago: executing program 0 (id=1036): r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x0) syz_open_dev$mouse(&(0x7f0000000100), 0x1, 0x46800) mmap(&(0x7f0000f51000/0x1000)=nil, 0x1000, 0x3000006, 0x28011, 0xffffffffffffffff, 0x0) mincore(&(0x7f00003fd000/0xc00000)=nil, 0xc00000, &(0x7f00000000c0)=""/83) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0186405, &(0x7f0000000180)={0x5, 0x40, {0xffffffffffffffff}, {0xee00}, 0x1000, 0x2}) r1 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) 209.390613ms ago: executing program 1 (id=1037): bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x63, 0x11, 0x18}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x16}, 0x70) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x1, 0x9, 0xe9d, 0x0, 0x1}, 0x48) syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/4\x00') socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$TIPC_IMPORTANCE(r1, 0x10f, 0x8a, &(0x7f0000000040)=0x8001, 0x4) r2 = socket(0x200000100000011, 0x803, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000400)=ANY=[@ANYRESHEX=r2], 0x14}}, 0x4000000) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000000c0)) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000003c0)={{}, &(0x7f0000000000), &(0x7f00000000c0)='%pS \x00'}, 0x20) open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000040)=ANY=[@ANYRES16=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffe9c}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r5, 0x89f1, &(0x7f00000002c0)={'bond0\x00', @local}) r6 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000c40), 0x2, 0x0) write$6lowpan_control(r6, &(0x7f0000000c80)='connect aa:aa:aa:aa:aa:11 1', 0x1b) 99.446737ms ago: executing program 1 (id=1038): syz_open_procfs$namespace(0x0, &(0x7f0000000000)) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000300)={'erspan0\x00', &(0x7f0000000280)={'syztnl2\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x6, 0x4, 0x1, 0x0, 0x18, 0x66, 0x0, 0x0, 0x2f, 0x0, @rand_addr=0x64010101, @loopback, {[@noop]}}}}}) r1 = fsopen(&(0x7f00000001c0)='devtmpfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x4000, 0x0, 0x0) fsmount(r1, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000004900), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000040)={'wg1\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f00000027c0)=ANY=[@ANYBLOB="e0050000", @ANYRES16=r3, @ANYBLOB="01002dbd7000fedbdf2501000000b402088048000080240002000a34424d49218578c6248e5094783398e387df9cd07040520d15adc7bed4b300200004000a004e2200000003ff01000000000000000000000000000100000000080200800800030000000000240002000811e5fe58799effa2a1b294dcc72fb9171471b5a6c5685ef39df1b9997f6d2ebc01098004000080b8000080060001000a00000014000200200100000000000000000000000000000500030000000000060001000200000008000200e00000020500030000000000060001000a00000014000200000000000000000000000000000000000500030000000000060001000200000008000200ac1414000500030000000000060001000a00000014000200fe88000000000000000000000000010105000300000000000600010002000000080002000000000005000300000000001c000080060001000200000008000200ac14142a0500030000000000b8000080060001000200000008000200e00000010500030001000000060001000a00000014000200fe8800000000000000000000000001010500030002000000060001000a00000014000200fe8800000000000000000000000001010500030003000000060001000200000008000200ac1e01010500030002000000060001000200000008000200ac1414bb0500030044000000060001000a0000001400020000000000000000000000000000000000050003000200000028000080060001000a00000014000200fe8000000000000000000000000000aa05000300000000001400040002004e207f000001000000000000000008000a0001000000040000802800008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b2800008024000200a7a30ca530db4d1febf3da821d1c78c0b6b670b90534f14048dbf547e5fc20a70c000080080003000100000024000300b08073e8d44e91e3da922c22438244bb885c69e269c8e9d835b114293a4ddc6ec802088044020080d401098028000080060001000a00000014000200ff010000000000000000000000000001050003000000000040000080060001000a00000014000200fc0000000000000000000000000000010500030000000000060001000200000008000200ac1414aa050003000300000028000080060001000a00000014000200fe800000000000000000000000000029050003000000000058000080060001000200000008000200640101020500030001000000060001000a00000014000200fe8800000000000000000000000001010500030001000000060001000200000008000200ac1e0101050003000000000034000080060001000200000008000200ac1414bb0500030000000000060001000200000008000200ac1414bb05000300010000004c000080060001000a00000014000200000000000000000000000000000000010500030003000000060001000a00000014000200fc01000000000000000000000000000005000300030000001c0000800600010002000000080002006401010205000300ff0000004c000080060001000a00000014000200200100000000000000000000000000010500030001000000060001000a00000014000200fc0100000000000000000000000000fd050003000100000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff200004000a004e2200000003ff010000000000000000000000000001070000000600050000000000200004000a004e210000000720010000000000000000000000000002000000003000008024000100000000000000000000000000000000000000000000000000000000000000000008000300010000002800008024000100dbffffffffffffffffffffffffffffffffffffff", @ANYRES32=r5], 0x5e0}}, 0x0) r6 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r6, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4) bind$inet6(r6, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r6, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001b80)=""/248, 0xf8}}], 0x1, 0x0, 0x0) setsockopt$inet6_int(r6, 0x29, 0x46, 0x0, 0x0) setsockopt$inet6_int(r6, 0x29, 0x42, 0x0, 0x0) setsockopt$inet6_mtu(r6, 0x29, 0x17, &(0x7f0000000000)=0x2, 0x4) sendto$inet6(r6, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 98.975224ms ago: executing program 0 (id=1039): r0 = socket$inet6(0xa, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'veth0_macvtap\x00', &(0x7f0000000040)=@ethtool_gstrings={0x1b, 0x1}}) socket(0x25, 0x5, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r2, &(0x7f0000000340), 0x11000) io_setup(0x3ff, &(0x7f0000000500)=0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) setsockopt$sock_int(r1, 0x1, 0x27, &(0x7f0000000180)=0x3f, 0x4) io_submit(r3, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x0, r2, &(0x7f0000000080)="4e8fc38e71", 0x5}]) io_submit(r3, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'pimreg\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=@ipv4_delroute={0x24, 0x19, 0x1, 0x0, 0x0, {}, [@RTA_OIF={0x8, 0x4, r5}]}, 0x24}}, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={0x0}}, 0x0) r7 = socket$key(0xf, 0x3, 0x2) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$key(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0xa, 0x0, 0x0, 0x2}, 0x10}}, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0), 0x40000, 0x0) 259.697µs ago: executing program 1 (id=1040): mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file3\x00', 0xc1c0, 0x0) r0 = landlock_create_ruleset(&(0x7f0000000180)={0x803}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0) chdir(&(0x7f0000000140)='./file1\x00') bind$inet6(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=0x0, @ANYBLOB="36bc80dd63971e6b37"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103) lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), &(0x7f0000000240)=ANY=[], 0xfe37, 0x0) 0s ago: executing program 1 (id=1041): r0 = openat$sequencer2(0xffffff9c, &(0x7f0000000200), 0x0, 0x0) (async) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYRESOCT=r1, @ANYRESDEC=r1, @ANYBLOB="704245381489a3bbb264bbf0dc40e325a3ba79337c6f755212f3c45b494312d22c86a7e9be073a93516b13f6fe92f3cce42202d1dfb90d7a26"], 0x50}, 0x1, 0x0, 0x0, 0x440c0}, 0x1) (async) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r2) (async) ptrace$PTRACE_SETSIGMASK(0x420b, r2, 0x8, &(0x7f0000000100)={[0x7, 0x8c0]}) ptrace$setregs(0xf, r2, 0x0, &(0x7f00000003c0)) (async) ioctl$SNDCTL_TMR_SELECT(r0, 0x40045408) kernel console output (not intermixed with test programs): 51.609684][ T5421] __nla_validate_parse: 3 callbacks suppressed [ 51.609702][ T5421] netlink: 4 bytes leftover after parsing attributes in process `syz.0.44'. [ 51.645610][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.649156][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.658822][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.662298][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.694047][ T63] hsr_slave_0: left promiscuous mode [ 51.698799][ T63] hsr_slave_1: left promiscuous mode [ 51.702163][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 51.713444][ T63] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 51.725920][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 51.731537][ T63] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 51.772871][ T63] veth1_macvtap: left promiscuous mode [ 51.775789][ T63] veth0_macvtap: left promiscuous mode [ 51.778200][ T63] veth1_vlan: left promiscuous mode [ 51.780806][ T63] veth0_vlan: left promiscuous mode [ 51.968859][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 51.993514][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 52.494602][ T5196] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 52.506081][ T5196] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 52.611477][ T63] team0 (unregistering): Port device team_slave_1 removed [ 52.720837][ T63] team0 (unregistering): Port device team_slave_0 removed [ 53.323547][ T5196] Bluetooth: hci4: command tx timeout [ 53.584406][ T5371] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.639298][ T5371] veth0_vlan: entered promiscuous mode [ 53.656318][ T5371] veth1_vlan: entered promiscuous mode [ 53.719660][ T5371] veth0_macvtap: entered promiscuous mode [ 53.729460][ T5371] veth1_macvtap: entered promiscuous mode [ 53.758607][ T5371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 53.764777][ T5371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.769047][ T5371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 53.774203][ T5371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.779037][ T5371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 53.784992][ T5371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.791106][ T5371] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 53.800630][ T5371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 53.808262][ T5371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.812606][ T5371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 53.817970][ T5371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.821690][ T5371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 53.826885][ T5371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 53.832794][ T5371] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 53.839129][ T5371] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.844004][ T5371] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.848193][ T5371] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.851924][ T5371] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.919701][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.927047][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 53.952546][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 53.955897][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.034414][ T5457] 9p: Unknown Cache mode or invalid value fscach [ 54.045598][ T39] audit: type=1804 audit(1719631411.839:8): pid=5457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.34" name="/syzkaller.KDedqT/0/file0/bus" dev="sda1" ino=1962 res=1 errno=0 [ 54.149858][ T5460] netlink: 'syz.3.56': attribute type 9 has an invalid length. [ 54.153595][ T5460] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.56'. [ 54.175668][ T5460] netlink: 'syz.3.56': attribute type 9 has an invalid length. [ 54.178245][ T5460] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.56'. [ 54.386708][ T5196] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 54.404425][ T5196] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 54.626065][ T5196] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 54.715647][ T5479] netlink: 'syz.1.60': attribute type 9 has an invalid length. [ 54.719013][ T5479] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.60'. [ 54.765812][ T5479] netlink: 'syz.1.60': attribute type 9 has an invalid length. [ 54.769065][ T5479] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.60'. [ 54.990840][ T5488] 9p: Unknown Cache mode or invalid value fscach [ 54.998639][ T39] audit: type=1804 audit(1719631412.789:9): pid=5488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.64" name="/syzkaller.kH13Af/12/file0/bus" dev="sda1" ino=1961 res=1 errno=0 [ 55.088944][ T5486] Zero length message leads to an empty skb [ 55.098754][ T5491] netlink: 'syz.2.65': attribute type 9 has an invalid length. [ 55.102071][ T5491] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.65'. [ 55.182732][ T5491] netlink: 'syz.2.65': attribute type 9 has an invalid length. [ 55.186556][ T5196] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 55.187145][ T5491] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.65'. [ 55.198236][ T5196] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 55.413258][ T5196] Bluetooth: hci4: command tx timeout [ 55.580349][ T5196] Bluetooth: hci0: ACL packet for unknown connection handle 100 [ 56.042450][ T5518] netlink: 'syz.2.72': attribute type 9 has an invalid length. [ 56.046276][ T5518] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.72'. [ 56.094730][ T5518] netlink: 'syz.2.72': attribute type 9 has an invalid length. [ 56.097171][ T5518] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.72'. [ 56.146533][ T5196] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 56.169591][ T5196] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 56.720425][ T5196] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 56.965205][ T39] audit: type=1326 audit(1719631414.759:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5544 comm="syz.3.80" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x0 [ 57.079355][ T5550] netlink: 4 bytes leftover after parsing attributes in process `syz.3.80'. [ 57.556329][ T5197] Bluetooth: hci0: ACL packet for unknown connection handle 100 [ 57.582101][ T5197] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 57.648605][ T5567] netlink: 76 bytes leftover after parsing attributes in process `syz.1.86'. [ 57.693757][ T5197] Bluetooth: hci0: unexpected event for opcode 0x0803 [ 58.219036][ T5581] netlink: 'syz.0.89': attribute type 9 has an invalid length. [ 58.233246][ T5581] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.89'. [ 58.273730][ T5581] netlink: 'syz.0.89': attribute type 9 has an invalid length. [ 58.280171][ T5581] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.89'. [ 59.081704][ T5196] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 59.101110][ T5196] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 59.154592][ T5600] netlink: 76 bytes leftover after parsing attributes in process `syz.0.95'. [ 59.330557][ T39] audit: type=1326 audit(1719631417.119:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5601 comm="syz.3.96" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x0 [ 59.403435][ T5196] Bluetooth: hci1: command 0x0406 tx timeout [ 59.435950][ T5611] netlink: 4 bytes leftover after parsing attributes in process `syz.3.96'. [ 59.460622][ T5616] netlink: 'syz.0.100': attribute type 9 has an invalid length. [ 59.465302][ T5616] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.100'. [ 59.513041][ T5616] netlink: 'syz.0.100': attribute type 9 has an invalid length. [ 59.516716][ T5616] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.100'. [ 60.243047][ T5194] Bluetooth: hci2: unexpected event for opcode 0x0803 [ 60.278016][ T5194] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 60.298515][ T5194] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 60.854899][ T39] audit: type=1326 audit(1719631418.649:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5645 comm="syz.2.109" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c6579 code=0x0 [ 60.937410][ T5653] netlink: 'syz.0.111': attribute type 9 has an invalid length. [ 60.939932][ T5653] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.111'. [ 60.962717][ T5652] netlink: 4 bytes leftover after parsing attributes in process `syz.2.109'. [ 61.033051][ T5653] netlink: 'syz.0.111': attribute type 9 has an invalid length. [ 61.434624][ T5194] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 61.477996][ T5194] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 62.216219][ T5194] Bluetooth: hci0: ACL packet for unknown connection handle 100 [ 62.295618][ T5194] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 63.101485][ T39] audit: type=1326 audit(1719631420.889:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5706 comm="syz.3.126" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x0 [ 63.392770][ T5717] __nla_validate_parse: 1 callbacks suppressed [ 63.392793][ T5717] netlink: 76 bytes leftover after parsing attributes in process `syz.1.130'. [ 63.490577][ T5194] Bluetooth: hci0: ACL packet for unknown connection handle 100 [ 63.512965][ T5194] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 64.448562][ T5750] netlink: 76 bytes leftover after parsing attributes in process `syz.1.139'. [ 64.558586][ T5194] Bluetooth: hci0: ACL packet for unknown connection handle 100 [ 64.577675][ T5194] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 64.623116][ T39] audit: type=1326 audit(1719631422.409:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5758 comm="syz.1.142" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 65.507728][ T5778] netlink: 76 bytes leftover after parsing attributes in process `syz.1.148'. [ 66.120859][ T5196] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 66.154876][ T5196] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 66.470367][ T5798] netlink: 'syz.0.151': attribute type 9 has an invalid length. [ 66.486808][ T5798] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.151'. [ 66.569985][ T5798] netlink: 'syz.0.151': attribute type 9 has an invalid length. [ 66.573112][ T5798] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.151'. [ 67.105595][ T39] audit: type=1326 audit(1719631424.899:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5812 comm="syz.0.156" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 67.109774][ T5814] netlink: 76 bytes leftover after parsing attributes in process `syz.2.157'. [ 68.133464][ T5197] Bluetooth: hci4: command 0x0406 tx timeout [ 68.291663][ T5843] netlink: 'syz.2.164': attribute type 9 has an invalid length. [ 68.303261][ T5843] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.164'. [ 68.377459][ T5843] netlink: 'syz.2.164': attribute type 9 has an invalid length. [ 68.380473][ T5843] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.164'. [ 68.470996][ T5851] netlink: 'syz.0.167': attribute type 9 has an invalid length. [ 68.474618][ T5851] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.167'. [ 68.521696][ T5853] netlink: 'syz.0.167': attribute type 9 has an invalid length. [ 68.530211][ T5853] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.167'. [ 69.076537][ T5856] netlink: 76 bytes leftover after parsing attributes in process `syz.2.168'. [ 69.969017][ T5194] Bluetooth: hci1: command 0x0406 tx timeout [ 70.158546][ T5196] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 70.184547][ T5196] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 70.204315][ T5196] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 70.204970][ T5194] Bluetooth: hci2: command 0x0406 tx timeout [ 71.170606][ T1350] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.173999][ T1350] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.360079][ T5891] netlink: 76 bytes leftover after parsing attributes in process `syz.3.177'. [ 71.582258][ T5894] netlink: 'syz.3.178': attribute type 9 has an invalid length. [ 71.588077][ T5894] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.178'. [ 71.709599][ T5894] netlink: 'syz.3.178': attribute type 9 has an invalid length. [ 71.714674][ T5894] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.178'. [ 72.082804][ T5194] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 72.119064][ T5904] netlink: 'syz.1.181': attribute type 9 has an invalid length. [ 72.130129][ T5904] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.181'. [ 72.182604][ T5904] netlink: 'syz.1.181': attribute type 9 has an invalid length. [ 72.189306][ T5904] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.181'. [ 72.880538][ T5194] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 72.885077][ T5194] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 72.890281][ T5194] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 73.008342][ T5923] netlink: 76 bytes leftover after parsing attributes in process `syz.2.186'. [ 73.324071][ T5194] Bluetooth: hci0: command 0x0406 tx timeout [ 74.145213][ T39] audit: type=1804 audit(1719631431.939:16): pid=5938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.190" name="/syzkaller.kH13Af/40/file0/bus" dev="9p" ino=35922748 res=1 errno=0 [ 74.891847][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 74.895632][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 74.901294][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 74.986430][ T5959] netlink: 76 bytes leftover after parsing attributes in process `syz.0.197'. [ 75.767279][ T39] audit: type=1804 audit(1719631433.559:17): pid=5971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.201" name="/syzkaller.kH13Af/44/file0/bus" dev="9p" ino=35922748 res=1 errno=0 [ 76.098267][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 76.202287][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 76.209179][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 76.228172][ T39] audit: type=1326 audit(1719631434.019:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5987 comm="syz.3.206" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x0 [ 76.235575][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 76.407397][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 77.200768][ T6001] netlink: 'syz.3.209': attribute type 9 has an invalid length. [ 77.208504][ T6001] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.209'. [ 77.282489][ T6001] netlink: 'syz.3.209': attribute type 9 has an invalid length. [ 77.286543][ T6001] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.209'. [ 77.669016][ T39] audit: type=1804 audit(1719631435.459:19): pid=6007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.211" name="/syzkaller.41UIqA/60/file0/bus" dev="9p" ino=35922748 res=1 errno=0 [ 77.881419][ T6015] netlink: 'syz.0.214': attribute type 9 has an invalid length. [ 77.885405][ T6015] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.214'. [ 77.918859][ T6015] netlink: 'syz.0.214': attribute type 9 has an invalid length. [ 77.922313][ T6015] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.214'. [ 77.958879][ T6020] netlink: 76 bytes leftover after parsing attributes in process `syz.1.216'. [ 77.998864][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 78.002756][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 78.010317][ T39] audit: type=1326 audit(1719631435.799:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6024 comm="syz.1.217" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 78.027153][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 78.093931][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 78.738647][ T39] audit: type=1804 audit(1719631436.529:21): pid=6037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.220" name="/syzkaller.41UIqA/63/file0/bus" dev="9p" ino=35922748 res=1 errno=0 [ 79.065623][ T6050] netlink: 76 bytes leftover after parsing attributes in process `syz.1.226'. [ 79.066512][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 79.210884][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 100 [ 79.217953][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 79.218005][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 79.294174][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 79.297845][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 79.301464][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 79.369704][ T6063] netlink: 'syz.1.229': attribute type 9 has an invalid length. [ 79.373245][ T39] audit: type=1326 audit(1719631437.159:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.2.230" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c6579 code=0x0 [ 79.378901][ T6063] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.229'. [ 79.425800][ T6068] netlink: 'syz.1.229': attribute type 9 has an invalid length. [ 79.428644][ T6068] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.229'. [ 79.499605][ T6069] netlink: 'syz.3.231': attribute type 9 has an invalid length. [ 79.503102][ T6069] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.231'. [ 79.555335][ T6069] netlink: 'syz.3.231': attribute type 9 has an invalid length. [ 80.372434][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 80.412870][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 80.423457][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 80.423531][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 80.523645][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 80.536625][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 80.834976][ T6107] netlink: 'syz.2.241': attribute type 9 has an invalid length. [ 80.838272][ T6107] __nla_validate_parse: 1 callbacks suppressed [ 80.838281][ T6107] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.241'. [ 80.864845][ T6107] netlink: 'syz.2.241': attribute type 9 has an invalid length. [ 80.867517][ T6107] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.241'. [ 81.108519][ T39] audit: type=1326 audit(1719631438.899:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6111 comm="syz.1.243" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 81.257259][ T5204] bt_err_ratelimited: 1 callbacks suppressed [ 81.257270][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 81.407724][ T56] cfg80211: failed to load regulatory.db [ 81.654545][ T6123] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.246'. [ 81.702441][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 81.705872][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 81.706058][ T6123] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.246'. [ 81.711937][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 82.092851][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 82.097238][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 82.100668][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 82.210027][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 82.541049][ T6153] validate_nla: 2 callbacks suppressed [ 82.541061][ T6153] netlink: 'syz.3.255': attribute type 9 has an invalid length. [ 82.548501][ T6153] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.255'. [ 82.570963][ T6153] netlink: 'syz.3.255': attribute type 9 has an invalid length. [ 82.573929][ T6153] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.255'. [ 82.891562][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 100 [ 82.899008][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 82.899060][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 83.047809][ T39] audit: type=1326 audit(1719631440.839:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6162 comm="syz.1.258" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 83.360973][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 83.364479][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 83.368173][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 83.434553][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 84.035614][ T6191] netlink: 'syz.1.265': attribute type 9 has an invalid length. [ 84.041624][ T6191] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.265'. [ 84.111413][ T6191] netlink: 'syz.1.265': attribute type 9 has an invalid length. [ 84.114429][ T6191] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.265'. [ 84.651393][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 84.866873][ T6203] netlink: 76 bytes leftover after parsing attributes in process `syz.1.268'. [ 85.314386][ T39] audit: type=1326 audit(1719631443.109:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6214 comm="syz.2.273" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c6579 code=0x0 [ 85.518223][ T39] audit: type=1326 audit(1719631443.309:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6218 comm="syz.3.275" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x0 [ 85.626165][ T6224] netlink: 4 bytes leftover after parsing attributes in process `syz.3.275'. [ 85.931277][ T6231] netlink: 'syz.1.277': attribute type 9 has an invalid length. [ 85.934925][ T6231] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.277'. [ 85.952541][ T6231] netlink: 'syz.1.277': attribute type 9 has an invalid length. [ 85.955401][ T6231] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.277'. [ 86.092079][ T6235] netlink: 'syz.0.279': attribute type 9 has an invalid length. [ 86.097056][ T6235] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.279'. [ 86.136433][ T6235] netlink: 'syz.0.279': attribute type 9 has an invalid length. [ 86.139151][ T6235] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.279'. [ 86.203924][ T5194] Bluetooth: hci1: unexpected event for opcode 0x0803 [ 86.793401][ T5194] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 87.413925][ T5204] Bluetooth: hci4: command 0x0406 tx timeout [ 88.227147][ T6280] netlink: 'syz.3.292': attribute type 9 has an invalid length. [ 88.229861][ T6280] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.292'. [ 88.257489][ T6280] netlink: 'syz.3.292': attribute type 9 has an invalid length. [ 88.260172][ T6280] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.292'. [ 88.350051][ T6286] netlink: 'syz.0.294': attribute type 9 has an invalid length. [ 88.353711][ T6286] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.294'. [ 88.380932][ T6288] netlink: 'syz.0.294': attribute type 9 has an invalid length. [ 88.384224][ T6288] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.294'. [ 88.549285][ T6291] netlink: 'syz.2.295': attribute type 9 has an invalid length. [ 88.552762][ T6291] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.295'. [ 88.581239][ T6291] netlink: 'syz.2.295': attribute type 9 has an invalid length. [ 88.585781][ T6291] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.295'. [ 89.217797][ T39] audit: type=1326 audit(1719631447.009:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.0.300" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 89.777714][ T5204] Bluetooth: hci1: unexpected event for opcode 0x0803 [ 89.807752][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 90.197890][ T6335] netlink: 'syz.3.307': attribute type 9 has an invalid length. [ 90.263506][ T6335] netlink: 'syz.3.307': attribute type 9 has an invalid length. [ 90.361487][ T6339] netlink: 'syz.0.308': attribute type 9 has an invalid length. [ 90.397716][ T6339] netlink: 'syz.0.308': attribute type 9 has an invalid length. [ 90.509705][ T39] audit: type=1326 audit(1719631448.299:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6341 comm="syz.2.309" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c6579 code=0x0 [ 91.141460][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 91.442584][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 91.451548][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 91.451803][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 91.588021][ T39] audit: type=1326 audit(1719631449.379:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6358 comm="syz.2.314" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c6579 code=0x0 [ 91.690915][ T6363] __nla_validate_parse: 5 callbacks suppressed [ 91.690928][ T6363] netlink: 4 bytes leftover after parsing attributes in process `syz.2.314'. [ 92.439955][ T5204] Bluetooth: hci0: unexpected event for opcode 0x0803 [ 92.498576][ T6379] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.319'. [ 92.582592][ T6379] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.319'. [ 92.792166][ T6388] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.321'. [ 92.855655][ T6389] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.321'. [ 93.056621][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 93.067491][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 93.069069][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 93.586101][ T39] audit: type=1326 audit(1719631451.379:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6407 comm="syz.1.327" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 93.689383][ T6413] netlink: 4 bytes leftover after parsing attributes in process `syz.1.327'. [ 94.208577][ T5204] Bluetooth: hci2: unexpected event for opcode 0x0803 [ 94.269680][ T6430] validate_nla: 4 callbacks suppressed [ 94.269758][ T6430] netlink: 'syz.2.333': attribute type 9 has an invalid length. [ 94.275932][ T6430] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.333'. [ 94.357453][ T6430] netlink: 'syz.2.333': attribute type 9 has an invalid length. [ 94.385544][ T6430] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.333'. [ 94.906441][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 94.924452][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 94.977337][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 95.149919][ T6457] netlink: 'syz.3.337': attribute type 9 has an invalid length. [ 95.154261][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 95.173231][ T6457] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.337'. [ 95.213753][ T6461] netlink: 'syz.3.337': attribute type 9 has an invalid length. [ 95.217207][ T6461] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.337'. [ 96.049801][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 96.083144][ T5204] Bluetooth: hci0: unexpected event for opcode 0x0803 [ 96.108249][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 96.174860][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 97.185375][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 97.204067][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 97.249027][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 97.407211][ T39] audit: type=1804 audit(1719631455.199:31): pid=6491 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.348" name="/syzkaller.NNr9zd/78/file0/bus" dev="9p" ino=35922748 res=1 errno=0 [ 97.420010][ T6499] netlink: 'syz.2.349': attribute type 9 has an invalid length. [ 97.430194][ T6499] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.349'. [ 97.494871][ T6499] netlink: 'syz.2.349': attribute type 9 has an invalid length. [ 97.507870][ T6499] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.349'. [ 97.676568][ T6505] netlink: 'syz.1.351': attribute type 9 has an invalid length. [ 97.679460][ T6505] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.351'. [ 98.099170][ T39] audit: type=1326 audit(1719631455.889:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6506 comm="syz.0.352" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 98.278096][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 98.293820][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 98.303977][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 98.374289][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 98.415795][ T5204] Bluetooth: hci0: unexpected event for opcode 0x0803 [ 99.065297][ T39] audit: type=1326 audit(1719631456.859:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6530 comm="syz.0.357" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 99.548633][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 99.630078][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 99.722887][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 100.023474][ T6550] netlink: 'syz.3.361': attribute type 9 has an invalid length. [ 100.026879][ T6550] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.361'. [ 100.071596][ T6550] netlink: 'syz.3.361': attribute type 9 has an invalid length. [ 100.077564][ T6550] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.361'. [ 100.578906][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 100.939921][ T6560] netlink: 'syz.3.364': attribute type 9 has an invalid length. [ 100.953051][ T6560] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.364'. [ 101.442936][ T6563] overlayfs: missing 'lowerdir' [ 101.757794][ T5204] Bluetooth: hci4: unexpected event for opcode 0x0803 [ 102.199703][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 103.077578][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 103.094787][ T6593] overlayfs: missing 'lowerdir' [ 103.404875][ T6597] netlink: 'syz.2.375': attribute type 9 has an invalid length. [ 103.408199][ T6597] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.375'. [ 104.383302][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 104.459936][ T5204] Bluetooth: hci0: unexpected event for opcode 0x0803 [ 105.290209][ T5204] Bluetooth: hci1: unexpected event for opcode 0x0803 [ 105.593829][ T6629] netlink: 'syz.1.384': attribute type 9 has an invalid length. [ 105.603246][ T6629] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.384'. [ 105.703606][ T6629] netlink: 'syz.1.384': attribute type 9 has an invalid length. [ 105.707089][ T6629] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.384'. [ 106.745174][ T6635] netlink: 'syz.3.385': attribute type 9 has an invalid length. [ 106.753844][ T6635] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.385'. [ 106.818326][ T39] audit: type=1804 audit(1719631464.589:34): pid=6638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.387" name="/syzkaller.kH13Af/97/file0/bus" dev="sda1" ino=1964 res=1 errno=0 [ 106.865259][ T6639] netlink: 'syz.1.386': attribute type 9 has an invalid length. [ 106.868125][ T6639] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.386'. [ 107.014246][ T6640] netlink: 'syz.3.385': attribute type 9 has an invalid length. [ 107.016968][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 107.021367][ T6640] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.385'. [ 107.123301][ T6641] netlink: 'syz.1.386': attribute type 9 has an invalid length. [ 107.133522][ T6641] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.386'. [ 107.476454][ T5204] Bluetooth: hci0: unexpected event for opcode 0x0803 [ 107.676644][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 108.229763][ T6660] netlink: 'syz.0.392': attribute type 9 has an invalid length. [ 108.253271][ T6660] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.392'. [ 108.613855][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 109.923250][ T6677] netlink: 'syz.0.397': attribute type 9 has an invalid length. [ 109.930265][ T6677] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.397'. [ 109.967165][ T6677] netlink: 'syz.0.397': attribute type 9 has an invalid length. [ 109.970560][ T6677] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.397'. [ 110.823856][ T6692] netlink: 'syz.0.402': attribute type 9 has an invalid length. [ 110.827346][ T6692] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.402'. [ 110.992189][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 111.327769][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 111.439210][ T6706] netlink: 'syz.2.407': attribute type 9 has an invalid length. [ 111.445544][ T6706] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.407'. [ 111.502518][ T6706] netlink: 'syz.2.407': attribute type 9 has an invalid length. [ 111.505415][ T6706] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.407'. [ 111.847846][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 112.568556][ T6718] netlink: 'syz.2.411': attribute type 9 has an invalid length. [ 112.575581][ T6718] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.411'. [ 112.618305][ T6718] netlink: 'syz.2.411': attribute type 9 has an invalid length. [ 112.622297][ T6718] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.411'. [ 113.409383][ T5204] Bluetooth: hci1: unexpected event for opcode 0x0803 [ 114.058547][ T6739] netlink: 'syz.0.416': attribute type 9 has an invalid length. [ 114.064674][ T6739] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.416'. [ 114.400395][ T39] audit: type=1804 audit(1719631472.189:35): pid=6744 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.418" name="/syzkaller.KDedqT/100/file0/bus" dev="9p" ino=35922748 res=1 errno=0 [ 114.478756][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 114.593226][ T56] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 114.783372][ T56] usb 6-1: Using ep0 maxpacket: 32 [ 114.788251][ T56] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 114.791869][ T56] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 114.803235][ T56] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 114.807193][ T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 114.811411][ T56] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 114.833214][ T56] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 114.838048][ T56] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 114.842339][ T56] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 114.858689][ T56] usb 6-1: config 0 descriptor?? [ 115.006965][ T6755] netlink: 'syz.0.421': attribute type 9 has an invalid length. [ 115.014327][ T6755] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.421'. [ 115.069165][ T6742] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 115.073008][ T6742] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 115.106563][ T56] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 115.111122][ T6755] netlink: 'syz.0.421': attribute type 9 has an invalid length. [ 115.118657][ T6755] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.421'. [ 115.143741][ T56] usb 6-1: USB disconnect, device number 2 [ 115.154994][ T56] usblp0: removed [ 115.377100][ T6760] netlink: 'syz.2.422': attribute type 9 has an invalid length. [ 115.380333][ T6760] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.422'. [ 115.473410][ T6760] netlink: 'syz.2.422': attribute type 9 has an invalid length. [ 115.477581][ T6760] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.422'. [ 115.715841][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 100 [ 115.738232][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 115.786181][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 115.845140][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 115.850566][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 115.936717][ T5204] Bluetooth: hci0: unexpected event for opcode 0x0803 [ 116.197169][ T39] audit: type=1326 audit(1719631473.989:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6783 comm="syz.0.428" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 116.296320][ T6787] netlink: 'syz.2.429': attribute type 9 has an invalid length. [ 116.312437][ T6787] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.429'. [ 117.093332][ T5248] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 117.158994][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 117.170332][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 117.179195][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 117.246390][ T5248] usb 8-1: device descriptor read/64, error -71 [ 117.419594][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 117.436436][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 117.513272][ T5248] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 117.666062][ T5248] usb 8-1: device descriptor read/64, error -71 [ 117.784172][ T39] audit: type=1326 audit(1719631475.579:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6822 comm="syz.0.438" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 117.793777][ T5248] usb usb8-port1: attempt power cycle [ 118.103326][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 118.223615][ T5248] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 118.275900][ T5248] usb 8-1: device descriptor read/8, error -71 [ 118.325352][ T39] audit: type=1326 audit(1719631476.119:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6829 comm="syz.1.440" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 118.553313][ T5248] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 118.586173][ T5248] usb 8-1: device descriptor read/8, error -71 [ 118.713959][ T5248] usb usb8-port1: unable to enumerate USB device [ 118.826233][ T39] audit: type=1326 audit(1719631476.619:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6834 comm="syz.0.441" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 118.940657][ T6838] netlink: 4 bytes leftover after parsing attributes in process `syz.0.441'. [ 119.191325][ T6840] netlink: 'syz.2.442': attribute type 9 has an invalid length. [ 119.195121][ T6840] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.442'. [ 119.218101][ T6840] netlink: 'syz.2.442': attribute type 9 has an invalid length. [ 119.221184][ T6840] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.442'. [ 119.763913][ T39] audit: type=1804 audit(1719631477.559:40): pid=6853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.445" name="/syzkaller.41UIqA/118/file0/bus" dev="9p" ino=35922748 res=1 errno=0 [ 120.217308][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 120.329277][ T39] audit: type=1326 audit(1719631478.119:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6869 comm="syz.0.451" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 120.392828][ T6873] netlink: 'syz.2.452': attribute type 9 has an invalid length. [ 120.396253][ T6873] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.452'. [ 121.015083][ T6878] 9p: Unknown Cache mode or invalid value fsca [ 121.042110][ T39] audit: type=1804 audit(1719631478.829:42): pid=6878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.453" name="/syzkaller.KDedqT/104/file0/bus" dev="sda1" ino=1960 res=1 errno=0 [ 121.483453][ T5238] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 121.653399][ T5238] usb 5-1: device descriptor read/64, error -71 [ 121.923507][ T5238] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 122.070878][ T6896] 9p: Unknown Cache mode or invalid value fsca [ 122.074481][ T5238] usb 5-1: device descriptor read/64, error -71 [ 122.146789][ T39] audit: type=1804 audit(1719631479.939:43): pid=6896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.459" name="/syzkaller.kH13Af/116/file0/bus" dev="sda1" ino=1962 res=1 errno=0 [ 122.197446][ T5238] usb usb5-port1: attempt power cycle [ 122.619329][ T5238] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 122.643807][ T39] audit: type=1326 audit(1719631480.429:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6902 comm="syz.1.461" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 122.653995][ T5238] usb 5-1: device descriptor read/8, error -71 [ 122.747852][ T6905] netlink: 4 bytes leftover after parsing attributes in process `syz.1.461'. [ 122.927925][ T5238] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 122.939970][ T39] audit: type=1326 audit(1719631480.729:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6908 comm="syz.2.463" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c6579 code=0x0 [ 122.954350][ T5238] usb 5-1: device descriptor read/8, error -71 [ 123.083738][ T5238] usb usb5-port1: unable to enumerate USB device [ 124.505826][ T39] audit: type=1326 audit(1719631482.299:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6935 comm="syz.0.469" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 124.591099][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 124.610302][ T6938] netlink: 4 bytes leftover after parsing attributes in process `syz.0.469'. [ 125.305570][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 125.309695][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 125.318228][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 125.555549][ T39] audit: type=1326 audit(1719631483.349:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6959 comm="syz.2.476" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c6579 code=0x0 [ 125.653113][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 126.551649][ T6978] netlink: 'syz.2.479': attribute type 9 has an invalid length. [ 126.558462][ T6978] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.479'. [ 127.106166][ T39] audit: type=1326 audit(1719631484.899:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6980 comm="syz.3.481" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x0 [ 127.122211][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 100 [ 127.132001][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 127.144626][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 127.209962][ T6986] netlink: 4 bytes leftover after parsing attributes in process `syz.3.481'. [ 127.210176][ T6990] 9p: Unknown Cache mode or invalid value fsca [ 127.236482][ T39] audit: type=1804 audit(1719631485.029:49): pid=6990 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.483" name="/syzkaller.NNr9zd/111/file0/bus" dev="sda1" ino=1960 res=1 errno=0 [ 127.444093][ T39] audit: type=1326 audit(1719631485.239:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6998 comm="syz.1.487" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 127.448024][ T5204] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 127.599008][ T5204] Bluetooth: hci2: unexpected event for opcode 0x0803 [ 129.019662][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 129.035076][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 129.115860][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 129.777656][ T39] audit: type=1326 audit(1719631487.569:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7038 comm="syz.0.498" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 129.840630][ T7042] netlink: 'syz.2.497': attribute type 9 has an invalid length. [ 129.844592][ T7042] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.497'. [ 129.886051][ T7042] netlink: 'syz.2.497': attribute type 9 has an invalid length. [ 129.889502][ T7042] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.497'. [ 130.216802][ T5194] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 130.829626][ T5194] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 130.856994][ T5194] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 130.875595][ T5194] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 130.903894][ T5194] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 130.927157][ T5194] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 131.423275][ T25] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 131.574053][ T25] usb 8-1: device descriptor read/64, error -71 [ 131.845181][ T25] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 132.005329][ T25] usb 8-1: device descriptor read/64, error -71 [ 132.123754][ T25] usb usb8-port1: attempt power cycle [ 132.227042][ T7084] netlink: 'syz.1.509': attribute type 9 has an invalid length. [ 132.231218][ T7084] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.509'. [ 132.263088][ T5194] Bluetooth: hci1: unexpected event for opcode 0x0803 [ 132.263642][ T7084] netlink: 'syz.1.509': attribute type 9 has an invalid length. [ 132.269751][ T7084] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.509'. [ 132.543376][ T25] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 132.584779][ T25] usb 8-1: device descriptor read/8, error -71 [ 132.617091][ T1350] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.620097][ T1350] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.851668][ T5194] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 132.854291][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 132.858740][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 132.863382][ T25] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 132.878092][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 132.893521][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 132.905012][ T25] usb 8-1: device descriptor read/8, error -71 [ 133.036244][ T25] usb usb8-port1: unable to enumerate USB device [ 133.092288][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 135.612703][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 135.613753][ T7142] netlink: 'syz.1.523': attribute type 9 has an invalid length. [ 135.619834][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 135.619881][ T7142] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.523'. [ 135.622833][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 135.762381][ T7144] netlink: 'syz.1.523': attribute type 9 has an invalid length. [ 135.773246][ T7144] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.523'. [ 136.723252][ T56] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 136.856640][ T5204] Bluetooth: hci1: unexpected event for opcode 0x0803 [ 136.874918][ T56] usb 6-1: device descriptor read/64, error -71 [ 137.153249][ T56] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 137.313397][ T56] usb 6-1: device descriptor read/64, error -71 [ 137.433821][ T56] usb usb6-port1: attempt power cycle [ 137.669864][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 137.684354][ T5204] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 137.853308][ T56] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 137.894068][ T56] usb 6-1: device descriptor read/8, error -71 [ 138.164482][ T56] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 138.204110][ T56] usb 6-1: device descriptor read/8, error -71 [ 138.323597][ T56] usb usb6-port1: unable to enumerate USB device [ 138.328702][ T39] audit: type=1326 audit(1719631496.119:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7183 comm="syz.3.535" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x0 [ 138.855551][ T7200] netlink: 'syz.0.539': attribute type 9 has an invalid length. [ 138.859416][ T7200] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.539'. [ 138.901516][ T7200] netlink: 'syz.0.539': attribute type 9 has an invalid length. [ 138.906418][ T7200] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.539'. [ 139.033858][ T5194] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 139.045013][ T5194] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 139.049496][ T5194] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 139.057868][ T5194] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 139.064068][ T5194] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 139.067994][ T5194] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 139.213126][ T7202] chnl_net:caif_netlink_parms(): no params data found [ 139.244997][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 139.251763][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 139.339756][ T42] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.353045][ T7202] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.358197][ T7202] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.361814][ T7217] netlink: 'syz.3.542': attribute type 9 has an invalid length. [ 139.361958][ T7202] bridge_slave_0: entered allmulticast mode [ 139.364569][ T7217] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.542'. [ 139.373981][ T7202] bridge_slave_0: entered promiscuous mode [ 139.378129][ T7202] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.381506][ T7202] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.385567][ T7202] bridge_slave_1: entered allmulticast mode [ 139.389685][ T7202] bridge_slave_1: entered promiscuous mode [ 139.483531][ T42] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.497149][ T7218] netlink: 'syz.3.542': attribute type 9 has an invalid length. [ 139.498688][ T7202] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 139.500406][ T7218] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.542'. [ 139.509975][ T7202] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 139.578621][ T42] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.588419][ T7202] team0: Port device team_slave_0 added [ 139.605980][ T7202] team0: Port device team_slave_1 added [ 139.609625][ T7221] netlink: 'syz.1.543': attribute type 9 has an invalid length. [ 139.614335][ T7221] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.543'. [ 139.680242][ T42] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 139.688987][ T7202] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 139.692080][ T7202] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 139.707102][ T7202] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 139.714225][ T7202] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 139.717314][ T7202] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 139.729476][ T7202] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 139.791457][ T7225] netlink: 'syz.0.544': attribute type 9 has an invalid length. [ 139.795122][ T7225] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.544'. [ 139.819362][ T7202] hsr_slave_0: entered promiscuous mode [ 139.822961][ T7202] hsr_slave_1: entered promiscuous mode [ 139.829899][ T7202] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 139.833489][ T7202] Cannot create hsr debugfs directory [ 139.870107][ T7227] netlink: 'syz.0.544': attribute type 9 has an invalid length. [ 139.873970][ T7227] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.544'. [ 139.951662][ T42] bridge_slave_1: left allmulticast mode [ 139.953887][ T42] bridge_slave_1: left promiscuous mode [ 139.956115][ T42] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.959860][ T42] bridge_slave_0: left allmulticast mode [ 139.961825][ T42] bridge_slave_0: left promiscuous mode [ 139.964222][ T42] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.257189][ T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 140.262001][ T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 140.267003][ T42] bond0 (unregistering): Released all slaves [ 140.469474][ T7233] netlink: 'syz.1.546': attribute type 9 has an invalid length. [ 140.472401][ T7233] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.546'. [ 140.565580][ T7233] netlink: 'syz.1.546': attribute type 9 has an invalid length. [ 140.568954][ T7233] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.546'. [ 140.800894][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 140.805715][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 140.907852][ T7255] netlink: 'syz.3.550': attribute type 9 has an invalid length. [ 140.911609][ T7255] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.550'. [ 141.119387][ T7202] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 141.126783][ T7202] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 141.136673][ T7202] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 141.143547][ T7202] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 141.169182][ T5204] Bluetooth: hci3: command tx timeout [ 141.314558][ T42] hsr_slave_0: left promiscuous mode [ 141.317900][ T42] hsr_slave_1: left promiscuous mode [ 141.321101][ T42] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.325026][ T42] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 141.328734][ T42] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 141.331725][ T42] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 141.367861][ T42] veth1_macvtap: left promiscuous mode [ 141.370448][ T42] veth0_macvtap: left promiscuous mode [ 141.373491][ T42] veth1_vlan: left promiscuous mode [ 141.376053][ T42] veth0_vlan: left promiscuous mode [ 141.411094][ T39] audit: type=1326 audit(1719631499.199:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7266 comm="syz.1.552" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 142.068500][ T42] team0 (unregistering): Port device team_slave_1 removed [ 142.145578][ T42] team0 (unregistering): Port device team_slave_0 removed [ 142.705787][ T7202] 8021q: adding VLAN 0 to HW filter on device bond0 [ 142.720996][ T7202] 8021q: adding VLAN 0 to HW filter on device team0 [ 142.731526][ T5239] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.735180][ T5239] bridge0: port 1(bridge_slave_0) entered forwarding state [ 142.758741][ T30] bridge0: port 2(bridge_slave_1) entered blocking state [ 142.761350][ T30] bridge0: port 2(bridge_slave_1) entered forwarding state [ 142.990086][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 143.021992][ T7202] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 143.062592][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 143.100305][ T7202] veth0_vlan: entered promiscuous mode [ 143.137994][ T7202] veth1_vlan: entered promiscuous mode [ 143.202494][ T7202] veth0_macvtap: entered promiscuous mode [ 143.215832][ T7202] veth1_macvtap: entered promiscuous mode [ 143.231925][ T7202] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 143.238051][ T7202] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.242899][ T7202] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 143.243387][ T5204] Bluetooth: hci3: command tx timeout [ 143.248080][ T7202] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.254918][ T7202] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 143.259572][ T7202] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.266363][ T7202] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 143.281170][ T7202] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 143.285979][ T7202] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.290233][ T7202] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 143.295496][ T7202] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.299755][ T7202] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 143.305730][ T7202] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 143.312101][ T7202] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 143.321590][ T7202] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.326067][ T7202] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.330198][ T7202] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.336963][ T7202] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 143.397300][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.400834][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.444500][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 143.447951][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.998954][ T39] audit: type=1326 audit(1719631501.789:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.0.561" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 144.106172][ T7315] __nla_validate_parse: 6 callbacks suppressed [ 144.106183][ T7315] netlink: 4 bytes leftover after parsing attributes in process `syz.0.561'. [ 144.135751][ T7323] validate_nla: 5 callbacks suppressed [ 144.135778][ T7323] netlink: 'syz.2.563': attribute type 9 has an invalid length. [ 144.140793][ T7323] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.563'. [ 144.166606][ T7323] netlink: 'syz.2.563': attribute type 9 has an invalid length. [ 144.169427][ T7323] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.563'. [ 144.852302][ T7328] netlink: 'syz.0.565': attribute type 9 has an invalid length. [ 144.858368][ T7328] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.565'. [ 144.924940][ T7328] netlink: 'syz.0.565': attribute type 9 has an invalid length. [ 144.933272][ T7328] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.565'. [ 144.966783][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 144.997637][ T5204] Bluetooth: hci0: unexpected event for opcode 0x0803 [ 145.323663][ T5204] Bluetooth: hci3: command tx timeout [ 146.147013][ T5204] Bluetooth: hci2: unexpected event for opcode 0x0803 [ 146.573809][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 146.804040][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 147.413421][ T5204] Bluetooth: hci3: command tx timeout [ 147.503406][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 147.507504][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 147.525006][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 147.654741][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 147.734790][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 148.075370][ T39] audit: type=1326 audit(1719631505.869:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7384 comm="syz.0.580" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 148.136753][ T7387] netlink: 4 bytes leftover after parsing attributes in process `syz.0.580'. [ 148.706362][ T5204] Bluetooth: hci0: unexpected event for opcode 0x0803 [ 148.915061][ T7395] netlink: 'syz.0.583': attribute type 9 has an invalid length. [ 148.918218][ T7395] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.583'. [ 149.008875][ T7398] netlink: 'syz.0.583': attribute type 9 has an invalid length. [ 149.012439][ T7398] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.583'. [ 149.589991][ T5204] Bluetooth: hci3: ACL packet for unknown connection handle 100 [ 149.608731][ T5204] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 150.039229][ T7421] netlink: 'syz.1.589': attribute type 9 has an invalid length. [ 150.042951][ T7421] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.589'. [ 150.123602][ T7422] netlink: 'syz.1.589': attribute type 9 has an invalid length. [ 150.158949][ T7422] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.589'. [ 150.384154][ T7425] netlink: 'syz.2.590': attribute type 9 has an invalid length. [ 150.387051][ T7425] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.590'. [ 150.447930][ T7425] netlink: 'syz.2.590': attribute type 9 has an invalid length. [ 150.451528][ T7425] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.590'. [ 150.469364][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 150.485967][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 150.490903][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 150.510114][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 150.523030][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 150.567127][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 150.685758][ T7441] netlink: 'syz.0.593': attribute type 9 has an invalid length. [ 150.693097][ T7441] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.593'. [ 150.750930][ T7441] netlink: 'syz.0.593': attribute type 9 has an invalid length. [ 150.755776][ T7441] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.593'. [ 150.771691][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 150.789767][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 150.959891][ T7455] netlink: 'syz.1.596': attribute type 9 has an invalid length. [ 150.967965][ T7455] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.596'. [ 151.007609][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 151.025271][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 151.033560][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 151.034193][ T7455] netlink: 'syz.1.596': attribute type 9 has an invalid length. [ 151.051376][ T7455] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.596'. [ 151.200790][ T7459] netlink: 'syz.3.599': attribute type 9 has an invalid length. [ 151.204469][ T7459] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.599'. [ 151.513442][ T7466] netlink: 'syz.0.601': attribute type 9 has an invalid length. [ 151.516767][ T7466] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.601'. [ 151.635355][ T5204] Bluetooth: hci3: ACL packet for unknown connection handle 100 [ 151.682392][ T5194] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 151.785572][ T5194] Bluetooth: hci0: ACL packet for unknown connection handle 100 [ 151.793057][ T5194] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 151.827286][ T5194] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 152.285173][ T39] audit: type=1326 audit(1719631510.079:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7488 comm="syz.2.608" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748e579 code=0x0 [ 152.745375][ T5194] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 152.921612][ T5194] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 153.219802][ T39] audit: type=1326 audit(1719631511.009:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7509 comm="syz.0.614" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 153.733355][ T5194] Bluetooth: hci3: command 0x0406 tx timeout [ 153.892322][ T39] audit: type=1326 audit(1719631511.679:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7517 comm="syz.3.616" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x0 [ 154.469398][ T5204] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 154.947472][ T39] audit: type=1326 audit(1719631512.739:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.3.624" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x0 [ 155.406303][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 155.970206][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 156.413117][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 156.569001][ T7579] validate_nla: 9 callbacks suppressed [ 156.569014][ T7579] netlink: 'syz.0.635': attribute type 9 has an invalid length. [ 156.575340][ T7579] __nla_validate_parse: 10 callbacks suppressed [ 156.575349][ T7579] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.635'. [ 156.622524][ T7579] netlink: 'syz.0.635': attribute type 9 has an invalid length. [ 156.626437][ T7579] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.635'. [ 156.978797][ T7586] netlink: 'syz.3.637': attribute type 9 has an invalid length. [ 156.982175][ T7586] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.637'. [ 157.023659][ T7586] netlink: 'syz.3.637': attribute type 9 has an invalid length. [ 157.026586][ T7586] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.637'. [ 157.319588][ T5204] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 157.420884][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 157.425476][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 157.429518][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 158.313255][ T5194] Bluetooth: hci3: ACL packet for unknown connection handle 100 [ 158.324340][ T5194] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 158.436875][ T5194] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 158.446837][ T5194] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 158.452032][ T5194] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 158.455631][ T7638] mkiss: ax0: crc mode is auto. [ 158.571344][ T7642] netlink: 'syz.0.655': attribute type 9 has an invalid length. [ 158.575699][ T7642] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.655'. [ 158.624331][ T7642] netlink: 'syz.0.655': attribute type 9 has an invalid length. [ 158.627942][ T7642] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.655'. [ 158.693401][ T7645] netlink: 'syz.2.656': attribute type 9 has an invalid length. [ 158.697039][ T7645] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.656'. [ 159.525499][ T5194] Bluetooth: hci3: ACL packet for unknown connection handle 100 [ 159.539370][ T5194] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 159.655473][ T8] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 159.805781][ T8] usb 5-1: device descriptor read/64, error -71 [ 160.043340][ T5194] Bluetooth: hci3: command 0x0406 tx timeout [ 160.095184][ T7670] mkiss: ax0: crc mode is auto. [ 160.103436][ T8] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 160.264038][ T8] usb 5-1: device descriptor read/64, error -71 [ 160.394263][ T8] usb usb5-port1: attempt power cycle [ 160.475814][ T5204] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 160.665195][ T7686] netlink: 'syz.3.669': attribute type 9 has an invalid length. [ 160.671283][ T7686] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.669'. [ 160.735471][ T7686] netlink: 'syz.3.669': attribute type 9 has an invalid length. [ 160.739254][ T7686] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.669'. [ 160.823268][ T8] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 160.854601][ T8] usb 5-1: device descriptor read/8, error -71 [ 161.123408][ T8] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 161.156508][ T8] usb 5-1: device descriptor read/8, error -71 [ 161.158528][ T39] audit: type=1326 audit(1719631518.949:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7687 comm="syz.1.670" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 161.262979][ T7690] netlink: 4 bytes leftover after parsing attributes in process `syz.1.670'. [ 161.283567][ T8] usb usb5-port1: unable to enumerate USB device [ 161.524563][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 161.533892][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 161.552812][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 161.588128][ C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 161.711791][ T7702] netlink: 'syz.3.674': attribute type 9 has an invalid length. [ 161.715243][ T7702] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.674'. [ 162.074508][ T7708] netlink: 'syz.1.676': attribute type 9 has an invalid length. [ 162.077337][ T7708] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.676'. [ 162.111831][ T7708] netlink: 'syz.1.676': attribute type 9 has an invalid length. [ 162.118062][ T7708] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.676'. [ 162.130442][ T5204] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 162.470324][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 162.484524][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 162.493124][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 162.639525][ T7724] vivid-006: disconnect [ 162.660721][ T7720] vivid-006: reconnect [ 162.899864][ C3] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 162.997439][ T39] audit: type=1326 audit(1719631520.789:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7731 comm="syz.1.683" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 163.102820][ T7738] netlink: 4 bytes leftover after parsing attributes in process `syz.1.683'. [ 163.470279][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 163.493466][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 163.505976][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 163.586684][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 163.596846][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 163.612456][ T7759] vivid-000: disconnect [ 163.637182][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 163.641439][ T7755] vivid-000: reconnect [ 163.767738][ T39] audit: type=1326 audit(1719631521.559:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7768 comm="syz.3.694" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x0 [ 163.769524][ T7770] netlink: 'syz.0.691': attribute type 9 has an invalid length. [ 163.781191][ T7770] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.691'. [ 163.819653][ T7770] netlink: 'syz.0.691': attribute type 9 has an invalid length. [ 163.822986][ T7770] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.691'. [ 163.848794][ T7761] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only [ 163.853572][ T7761] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 163.957433][ T7777] netlink: 'syz.1.695': attribute type 9 has an invalid length. [ 163.960691][ T7777] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.695'. [ 164.008854][ T7777] netlink: 'syz.1.695': attribute type 9 has an invalid length. [ 164.012322][ T7777] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.695'. [ 164.683370][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 164.688629][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 164.700506][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 164.832453][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 100 [ 164.859240][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 164.875287][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 164.888932][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 164.947514][ T7803] Bluetooth: MGMT ver 1.22 [ 165.088935][ T7806] vivid-000: ================= START STATUS ================= [ 165.091734][ T7806] vivid-000: Test Pattern: 75% Colorbar [ 165.094759][ T7806] vivid-000: Fill Percentage of Frame: 100 [ 165.097581][ T7806] vivid-000: Horizontal Movement: No Movement [ 165.100446][ T7806] vivid-000: Vertical Movement: No Movement [ 165.103128][ T7806] vivid-000: OSD Text Mode: All [ 165.106345][ T7806] vivid-000: Show Border: false [ 165.108778][ T7806] vivid-000: Show Square: false [ 165.111556][ T7806] vivid-000: Sensor Flipped Horizontally: false [ 165.115000][ T7806] vivid-000: Sensor Flipped Vertically: false [ 165.117774][ T7806] vivid-000: Insert SAV Code in Image: false [ 165.121098][ T7806] vivid-000: Insert EAV Code in Image: false [ 165.126827][ T7806] vivid-000: Insert Video Guard Band: false [ 165.129534][ T7806] vivid-000: Reduced Framerate: false [ 165.132057][ T7806] vivid-000: Enable Capture Cropping: true [ 165.134860][ T7806] vivid-000: Enable Capture Composing: true [ 165.137407][ T7806] vivid-000: Enable Capture Scaler: true [ 165.140969][ T7806] vivid-000: Timestamp Source: End of Frame [ 165.143860][ T7806] vivid-000: Colorspace: sRGB [ 165.145862][ T7806] vivid-000: Transfer Function: Default [ 165.148356][ T7806] vivid-000: Y'CbCr Encoding: Default [ 165.150946][ T7806] vivid-000: HSV Encoding: Hue 0-179 [ 165.153746][ T7806] vivid-000: Quantization: Default [ 165.156060][ T7806] vivid-000: Apply Alpha To Red Only: false [ 165.158738][ T7806] vivid-000: Standard Aspect Ratio: 4x3 [ 165.161230][ T7806] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 165.164899][ T7806] vivid-000: DV Timings: 640x480p59 inactive [ 165.167636][ T7806] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 165.170481][ T7806] vivid-000: Maximum EDID Blocks: 2 [ 165.172560][ T7806] vivid-000: Limited RGB Range (16-235): false [ 165.175409][ T7806] vivid-000: Rx RGB Quantization Range: Automatic [ 165.178245][ T7806] vivid-000: Power Present: 0x00000001 [ 165.180690][ T7806] tpg source WxH: 640x360 (Y'CbCr) [ 165.182969][ T7806] tpg field: 1 [ 165.184641][ T7806] tpg crop: 640x360@0x0 [ 165.186496][ T7806] tpg compose: 640x360@0x0 [ 165.188483][ T7806] tpg colorspace: 8 [ 165.190174][ T7806] tpg transfer function: 0/0 [ 165.192279][ T7806] tpg Y'CbCr encoding: 0/0 [ 165.195892][ T7806] tpg quantization: 0/0 [ 165.197789][ T7806] tpg RGB range: 0/2 [ 165.199345][ T7806] vivid-000: ================== END STATUS ================== [ 165.302534][ T7809] netlink: 'syz.1.705': attribute type 9 has an invalid length. [ 165.306424][ T7809] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.705'. [ 165.344129][ T7809] netlink: 'syz.1.705': attribute type 9 has an invalid length. [ 165.347311][ T7809] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.705'. [ 165.647076][ T39] audit: type=1326 audit(1719631523.439:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7812 comm="syz.3.707" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x0 [ 166.802584][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 100 [ 166.813348][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 167.616984][ T39] audit: type=1326 audit(1719631525.409:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7860 comm="syz.3.723" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x0 [ 167.946545][ T7868] netlink: 830 bytes leftover after parsing attributes in process `syz.1.725'. [ 168.246369][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 168.250581][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 168.327592][ T39] audit: type=1804 audit(1719631526.109:65): pid=7878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.729" name="/syzkaller.NNr9zd/170/file0" dev="fuse" ino=1 res=1 errno=0 [ 168.430631][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 100 [ 168.434684][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 168.438843][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 168.622063][ T39] audit: type=1326 audit(1719631526.409:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7891 comm="syz.1.734" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 168.725399][ T7895] netlink: 4 bytes leftover after parsing attributes in process `syz.1.734'. [ 169.257423][ T39] audit: type=1326 audit(1719631527.049:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.0.736" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 169.373359][ T7901] netlink: 'syz.0.736': attribute type 10 has an invalid length. [ 169.449547][ T7901] team0: Failed to send options change via netlink (err -105) [ 169.452980][ T7901] team0: Port device netdevsim0 added [ 169.458276][ T5241] team0: Failed to send port change of device netdevsim0 via netlink (err -105) [ 169.563303][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 100 [ 169.566922][ T5204] Bluetooth: hci0: SCO packet for unknown connection handle 201 [ 169.571746][ T39] audit: type=1326 audit(1719631527.359:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7907 comm="syz.3.739" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x7ffc0000 [ 169.585227][ T39] audit: type=1326 audit(1719631527.379:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7907 comm="syz.3.739" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x7ffc0000 [ 169.596307][ T5204] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 169.603565][ T39] audit: type=1326 audit(1719631527.379:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7907 comm="syz.3.739" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7447579 code=0x7ffc0000 [ 169.616176][ T39] audit: type=1326 audit(1719631527.379:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7907 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x7ffc0000 [ 169.628555][ T39] audit: type=1326 audit(1719631527.379:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7907 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x7ffc0000 [ 169.644549][ T39] audit: type=1326 audit(1719631527.379:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7907 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7447579 code=0x7ffc0000 [ 169.683416][ T7916] netlink: 4 bytes leftover after parsing attributes in process `syz.1.741'. [ 170.867465][ T7935] netlink: 4 bytes leftover after parsing attributes in process `syz.1.747'. [ 171.240385][ T7941] fuse: Unknown parameter 'x]Õ¥QàWÝ—f­w0x0000000000000003' [ 171.273270][ T7941] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 171.284229][ T7941] VFS: could not find a valid V7 on nullb0. [ 171.385192][ T7944] team0: Port device team_slave_0 removed [ 171.769266][ T7953] openvswitch: netlink: Flow actions attr not present in new flow. [ 172.394060][ T7945] dccp_close: ABORT with 68 bytes unread [ 172.458901][ T7969] netlink: 'syz.0.756': attribute type 9 has an invalid length. [ 172.462647][ T7969] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.756'. [ 172.504531][ T7969] netlink: 'syz.0.756': attribute type 9 has an invalid length. [ 172.507866][ T7969] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.756'. [ 172.995359][ T7979] netlink: 'syz.1.760': attribute type 10 has an invalid length. [ 173.011549][ T7979] 8021q: adding VLAN 0 to HW filter on device team0 [ 173.016521][ T7979] bond0: (slave team0): Enslaving as an active interface with an up link [ 173.189090][ T5204] Bluetooth: hci0: unexpected cc 0x100c length: 11 > 3 [ 173.192769][ T5204] Bluetooth: hci0: unexpected event for opcode 0x100c [ 173.281826][ T39] kauditd_printk_skb: 2059 callbacks suppressed [ 173.281837][ T39] audit: type=1326 audit(1719631531.069:2133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7987 comm="syz.0.763" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 173.395392][ T7992] fuse: Unknown parameter 'x]Õ¥QàWÝ—f­w0x0000000000000003' [ 173.436614][ T7992] VFS: could not find a valid V7 on nullb0. [ 173.596639][ T39] audit: type=1326 audit(1719631531.389:2134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7998 comm="syz.3.767" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7447579 code=0x0 [ 174.174058][ T7990] dccp_close: ABORT with 68 bytes unread [ 174.310338][ T8011] netlink: 'syz.1.771': attribute type 9 has an invalid length. [ 174.312922][ T8011] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.771'. [ 174.344512][ T8011] netlink: 'syz.1.771': attribute type 9 has an invalid length. [ 174.347688][ T8011] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.771'. [ 174.420082][ T5194] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 174.425823][ T5194] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 174.430484][ T5194] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 174.440417][ T5194] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 174.454504][ T5194] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 174.458115][ T5194] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 174.598581][ T3425] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.617457][ T8024] sch_tbf: peakrate 8 is lower than or equals to rate 4294967294 ! [ 174.636287][ T8014] chnl_net:caif_netlink_parms(): no params data found [ 174.693137][ T3425] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.757875][ T8014] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.760407][ T8014] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.763065][ T8014] bridge_slave_0: entered allmulticast mode [ 174.767410][ T8014] bridge_slave_0: entered promiscuous mode [ 174.780388][ T3425] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.789322][ T8014] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.792195][ T8014] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.795356][ T8014] bridge_slave_1: entered allmulticast mode [ 174.798289][ T8014] bridge_slave_1: entered promiscuous mode [ 174.836942][ T8014] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 174.842518][ T8014] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.899401][ T3425] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.911728][ T8014] team0: Port device team_slave_0 added [ 174.920597][ T8014] team0: Port device team_slave_1 added [ 174.983334][ T8014] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.986723][ T8014] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.998328][ T8014] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 175.005142][ T8014] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 175.008197][ T8014] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 175.020503][ T8014] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 175.150073][ T8014] hsr_slave_0: entered promiscuous mode [ 175.153622][ T8014] hsr_slave_1: entered promiscuous mode [ 175.157103][ T8014] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 175.160981][ T8014] Cannot create hsr debugfs directory [ 175.164989][ T3425] bridge_slave_1: left allmulticast mode [ 175.167560][ T3425] bridge_slave_1: left promiscuous mode [ 175.170035][ T3425] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.176254][ T3425] bridge_slave_0: left allmulticast mode [ 175.178352][ T3425] bridge_slave_0: left promiscuous mode [ 175.180669][ T3425] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.350743][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 175.368754][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 175.369592][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 175.576677][ T3425] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 175.592116][ T3425] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 175.598854][ T3425] bond0 (unregistering): Released all slaves [ 175.862447][ T39] audit: type=1326 audit(1719631533.649:2135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8055 comm="syz.1.780" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 176.063952][ T8062] netlink: 'syz.0.781': attribute type 9 has an invalid length. [ 176.067530][ T8062] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.781'. [ 176.157479][ T8065] netlink: 'syz.0.781': attribute type 9 has an invalid length. [ 176.160600][ T8065] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.781'. [ 176.292201][ T3425] hsr_slave_0: left promiscuous mode [ 176.296766][ T3425] hsr_slave_1: left promiscuous mode [ 176.300741][ T3425] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 176.303604][ T3425] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 176.306889][ T3425] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 176.309820][ T3425] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 176.343103][ T3425] veth1_macvtap: left promiscuous mode [ 176.345580][ T3425] veth0_macvtap: left promiscuous mode [ 176.347873][ T3425] veth1_vlan: left promiscuous mode [ 176.349999][ T3425] veth0_vlan: left promiscuous mode [ 176.533396][ T5204] Bluetooth: hci1: command tx timeout [ 176.913404][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 176.925390][ T5204] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 176.933897][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 177.148396][ T3425] team0 (unregistering): Port device team_slave_1 removed [ 177.236582][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 177.250112][ T3425] team0 (unregistering): Port device team_slave_0 removed [ 177.255858][ T5204] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 177.266412][ T5204] Bluetooth: hci0: Injecting HCI hardware error event [ 177.288667][ T5194] Bluetooth: hci0: hardware error 0x00 [ 178.156664][ T8014] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 178.172987][ T8014] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 178.180091][ T8014] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 178.200250][ T8014] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 178.214587][ T8097] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 178.304029][ T8014] 8021q: adding VLAN 0 to HW filter on device bond0 [ 178.320439][ T8014] 8021q: adding VLAN 0 to HW filter on device team0 [ 178.328681][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 178.331868][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 178.346608][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 178.349962][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 178.544220][ T39] audit: type=1326 audit(1719631536.339:2136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8120 comm="syz.1.790" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 178.569562][ T8014] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 178.603359][ T5204] Bluetooth: hci1: command tx timeout [ 178.617170][ T8014] veth0_vlan: entered promiscuous mode [ 178.627708][ T8014] veth1_vlan: entered promiscuous mode [ 178.657935][ T8014] veth0_macvtap: entered promiscuous mode [ 178.667421][ T8014] veth1_macvtap: entered promiscuous mode [ 178.682777][ T8014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.691797][ T8014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.696532][ T8014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.700794][ T8014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.705557][ T8014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 178.710913][ T8014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.717530][ T8014] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 178.727446][ T8125] netlink: 44 bytes leftover after parsing attributes in process `syz.1.790'. [ 178.730570][ T8014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.737259][ T8014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.742699][ T8014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.748348][ T8014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.752862][ T8014] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 178.757593][ T8014] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 178.763608][ T8014] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 178.774014][ T8014] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.777722][ T8014] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.781456][ T8014] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.785219][ T8014] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 178.847690][ T3425] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 178.851289][ T3425] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 178.877022][ T3425] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 178.880920][ T3425] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 179.080828][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 179.086656][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 179.092943][ T5204] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 179.323356][ T5194] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 179.417298][ T39] audit: type=1326 audit(1719631537.209:2137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8153 comm="syz.1.798" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 179.527641][ T8158] fuse: Unknown parameter 'x]Õ¥QàWÝ—f­w0x0000000000000003' [ 179.569308][ T8158] VFS: could not find a valid V7 on nullb0. [ 179.868133][ T5194] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 180.394041][ T8183] netlink: 'syz.1.806': attribute type 9 has an invalid length. [ 180.396788][ T8183] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.806'. [ 180.421304][ T8183] netlink: 'syz.1.806': attribute type 9 has an invalid length. [ 180.424698][ T8183] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.806'. [ 180.693334][ T5194] Bluetooth: hci1: command tx timeout [ 181.564790][ T8216] sch_tbf: peakrate 8 is lower than or equals to rate 4294967294 ! [ 181.838135][ T5194] Bluetooth: hci2: unexpected event for opcode 0x0803 [ 182.146471][ T8225] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 182.220080][ T5194] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 182.396020][ T8233] capability: warning: `syz.2.821' uses deprecated v2 capabilities in a way that may be insecure [ 182.405994][ T8233] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 182.482530][ T5194] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 182.496021][ T5194] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 182.504280][ T5194] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 182.713500][ T5194] Bluetooth: hci4: ACL packet for unknown connection handle 100 [ 182.717060][ T5194] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 182.727818][ T5194] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 182.763371][ T5194] Bluetooth: hci1: command tx timeout [ 182.771876][ T5194] Bluetooth: hci4: unexpected event for opcode 0x0803 [ 183.478510][ T39] audit: type=1326 audit(1719631541.269:2138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8272 comm="syz.2.829" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73a7579 code=0x0 [ 183.693278][ T8276] netlink: 44 bytes leftover after parsing attributes in process `syz.2.829'. [ 183.914414][ T8283] tty tty27: ldisc open failed (-12), clearing slot 26 [ 184.122034][ T8297] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 184.644542][ T5204] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 184.996402][ T8316] syz.1.839 uses obsolete (PF_INET,SOCK_PACKET) [ 185.888779][ T8330] netlink: 32 bytes leftover after parsing attributes in process `syz.0.843'. [ 185.947381][ T39] audit: type=1326 audit(1719631543.739:2139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8333 comm="syz.0.845" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 186.052605][ T5204] Bluetooth: hci1: command 0x0406 tx timeout [ 186.148272][ T8341] netlink: 20 bytes leftover after parsing attributes in process `syz.0.845'. [ 186.390886][ T8345] netlink: 'syz.1.847': attribute type 9 has an invalid length. [ 186.395055][ T8345] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.847'. [ 186.425997][ T8345] netlink: 'syz.1.847': attribute type 9 has an invalid length. [ 186.429128][ T8345] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.847'. [ 186.712011][ T5194] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 188.045691][ T5194] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 188.184959][ T39] audit: type=1326 audit(1719631545.979:2140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="syz.1.859" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 188.365070][ T8387] netlink: 20 bytes leftover after parsing attributes in process `syz.1.859'. [ 188.833737][ T8390] netlink: 'syz.2.860': attribute type 9 has an invalid length. [ 188.837063][ T8390] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.860'. [ 188.889756][ T8390] netlink: 'syz.2.860': attribute type 9 has an invalid length. [ 188.893295][ T8390] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.860'. [ 189.125192][ T8395] syzkaller0: entered promiscuous mode [ 189.127621][ T8395] syzkaller0: entered allmulticast mode [ 189.316282][ T8400] kAFS: unparsable volume name [ 191.371966][ T39] audit: type=1804 audit(1719631549.159:2141): pid=8428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.871" name="/syzkaller.41UIqA/235/.log" dev="sda1" ino=1968 res=1 errno=0 [ 191.397417][ T8428] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 191.908828][ T8434] QAT: Invalid ioctl -2147191295 [ 192.078870][ T5194] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 192.091892][ T5194] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 192.613869][ T39] audit: type=1326 audit(1719631550.409:2142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8450 comm="syz.2.878" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73a7579 code=0x0 [ 192.667506][ T8451] netlink: 4 bytes leftover after parsing attributes in process `syz.2.878'. [ 193.153617][ T39] audit: type=1804 audit(1719631550.949:2143): pid=8458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.881" name="/syzkaller.NNr9zd/219/.log" dev="sda1" ino=1968 res=1 errno=0 [ 193.164352][ T8458] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 193.386951][ T8463] QAT: Invalid ioctl -2147191295 [ 193.590614][ T8466] kernel profiling enabled (shift: 2) [ 194.049925][ T1350] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.052965][ T1350] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.846078][ T5194] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 194.879988][ T5194] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 195.036880][ T5194] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 195.076878][ T39] audit: type=1804 audit(1719631552.869:2144): pid=8498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.891" name="/syzkaller.KDedqT/223/.log" dev="sda1" ino=1966 res=1 errno=0 [ 195.079194][ T8498] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 195.321883][ T5194] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 195.437907][ T39] audit: type=1804 audit(1719631553.229:2145): pid=8503 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.893" name="/syzkaller.KDedqT/224/file0/bus" dev="sda1" ino=1966 res=1 errno=0 [ 195.848022][ T5204] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 195.853112][ T5204] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 195.857748][ T5204] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 195.861011][ T5204] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 195.865418][ T5204] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 195.869199][ T5204] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 196.041156][ T1086] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.060409][ T8512] chnl_net:caif_netlink_parms(): no params data found [ 196.179798][ T1086] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.310185][ T8512] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.316021][ T8512] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.319258][ T8512] bridge_slave_0: entered allmulticast mode [ 196.323324][ T8512] bridge_slave_0: entered promiscuous mode [ 196.346955][ T1086] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.359721][ T5194] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 196.372974][ T8512] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.377681][ T8512] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.380235][ T8512] bridge_slave_1: entered allmulticast mode [ 196.385644][ T5194] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 196.390039][ T8512] bridge_slave_1: entered promiscuous mode [ 196.452553][ T8512] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 196.514615][ T1086] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.524157][ T39] audit: type=1326 audit(1719631554.319:2146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8525 comm="syz.2.898" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73a7579 code=0x0 [ 196.538646][ T8512] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 196.584669][ T8528] netlink: 'syz.2.898': attribute type 2 has an invalid length. [ 196.592984][ T8512] team0: Port device team_slave_0 added [ 196.600958][ T8512] team0: Port device team_slave_1 added [ 196.696740][ T8512] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 196.699973][ T8512] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.715737][ T8512] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 196.740710][ T8512] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 196.745979][ T8512] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.756171][ T8512] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 196.866552][ T1086] bridge_slave_1: left allmulticast mode [ 196.868941][ T1086] bridge_slave_1: left promiscuous mode [ 196.871546][ T1086] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.878567][ T1086] bridge_slave_0: left allmulticast mode [ 196.880908][ T1086] bridge_slave_0: left promiscuous mode [ 196.884217][ T1086] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.299013][ T1086] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 197.320932][ T1086] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 197.339969][ T1086] bond0 (unregistering): Released all slaves [ 197.474088][ T8512] hsr_slave_0: entered promiscuous mode [ 197.501626][ T8512] hsr_slave_1: entered promiscuous mode [ 197.518904][ T8512] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 197.522206][ T8512] Cannot create hsr debugfs directory [ 197.567924][ T8545] netlink: 'syz.2.902': attribute type 9 has an invalid length. [ 197.570685][ T8545] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.902'. [ 197.711267][ T8551] netlink: 'syz.2.902': attribute type 9 has an invalid length. [ 197.715869][ T8551] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.902'. [ 197.719657][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 197.740763][ T5204] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 197.963422][ T5204] Bluetooth: hci3: command tx timeout [ 198.371154][ T1086] hsr_slave_0: left promiscuous mode [ 198.375923][ T1086] hsr_slave_1: left promiscuous mode [ 198.382534][ T1086] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 198.387342][ T1086] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 198.408941][ T1086] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 198.412203][ T1086] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 198.472337][ T1086] veth1_macvtap: left promiscuous mode [ 198.474440][ T1086] veth0_macvtap: left promiscuous mode [ 198.476493][ T1086] veth1_vlan: left promiscuous mode [ 198.478433][ T1086] veth0_vlan: left promiscuous mode [ 199.566777][ T5204] Bluetooth: hci1: command 0x0406 tx timeout [ 200.043395][ T5194] Bluetooth: hci3: command tx timeout [ 200.205268][ T1086] team0 (unregistering): Port device team_slave_1 removed [ 201.443418][ T39] audit: type=1804 audit(1719631559.229:2147): pid=8586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.911" name="/syzkaller.41UIqA/250/.log" dev="sda1" ino=1957 res=1 errno=0 [ 201.464431][ T8586] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow [ 201.521427][ T8512] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 201.559387][ T8512] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 201.581911][ T8512] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 201.599494][ T8512] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 201.686792][ T39] audit: type=1326 audit(1719631559.479:2148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8587 comm="syz.1.910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x7ffc0000 [ 201.712609][ T39] audit: type=1326 audit(1719631559.499:2149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8587 comm="syz.1.910" exe="/syz-executor" sig=0 arch=40000003 syscall=271 compat=1 ip=0xf7456579 code=0x7ffc0000 [ 201.719823][ T8512] 8021q: adding VLAN 0 to HW filter on device bond0 [ 201.723553][ T39] audit: type=1326 audit(1719631559.499:2150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8587 comm="syz.1.910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x7ffc0000 [ 201.735001][ T39] audit: type=1326 audit(1719631559.499:2151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8587 comm="syz.1.910" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x7ffc0000 [ 201.765107][ T8512] 8021q: adding VLAN 0 to HW filter on device team0 [ 201.774961][ T5199] bridge0: port 1(bridge_slave_0) entered blocking state [ 201.778545][ T5199] bridge0: port 1(bridge_slave_0) entered forwarding state [ 201.816441][ T5199] bridge0: port 2(bridge_slave_1) entered blocking state [ 201.819461][ T5199] bridge0: port 2(bridge_slave_1) entered forwarding state [ 202.034065][ T8512] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 202.055588][ T5194] Bluetooth: hci2: ACL packet for unknown connection handle 100 [ 202.074901][ T8512] veth0_vlan: entered promiscuous mode [ 202.081095][ T8512] veth1_vlan: entered promiscuous mode [ 202.099705][ T5194] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 202.103738][ T8512] veth0_macvtap: entered promiscuous mode [ 202.110621][ T8512] veth1_macvtap: entered promiscuous mode [ 202.122846][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.127635][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.131563][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.133329][ T5194] Bluetooth: hci3: command tx timeout [ 202.138223][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.142714][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.147664][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.155548][ T8512] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 202.166286][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.166352][ T39] audit: type=1326 audit(1719631559.959:2152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8608 comm="syz.0.916" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 202.170697][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.170712][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.170725][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.170739][ T8512] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.170752][ T8512] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.192063][ T8610] fuse: Bad value for 'fd' [ 202.199447][ T8512] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 202.214580][ T8512] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.218887][ T8512] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.222770][ T8512] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.227326][ T8512] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 202.281486][ T5194] Bluetooth: hci1: ACL packet for unknown connection handle 100 [ 202.284992][ T5194] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 202.288264][ T1086] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.291318][ T5194] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 202.291526][ T1086] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.325385][ T1086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 202.329180][ T1086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 202.391666][ T8619] netlink: 20 bytes leftover after parsing attributes in process `syz.0.916'. [ 202.444167][ T5194] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 202.572757][ T8629] netlink: 'syz.3.920': attribute type 9 has an invalid length. [ 202.581842][ T8629] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.920'. [ 202.630684][ T8629] netlink: 'syz.3.920': attribute type 9 has an invalid length. [ 202.634266][ T8629] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.920'. [ 203.322321][ T8637] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 203.591785][ T5194] Bluetooth: hci3: ACL packet for unknown connection handle 100 [ 203.632925][ T5194] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 203.779518][ T39] audit: type=1326 audit(1719631561.569:2153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8656 comm="syz.1.927" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 203.812923][ T5194] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 203.820648][ T8661] ubi0: attaching mtd0 [ 203.847585][ T8661] ubi0: scanning is finished [ 203.852307][ T8661] ubi0: empty MTD device detected [ 203.951539][ T8661] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 203.963447][ T8661] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 203.966937][ T8661] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 203.966961][ T39] audit: type=1804 audit(1719631561.749:2154): pid=8666 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.930" name="/syzkaller.2c0FXx/6/.log" dev="sda1" ino=1966 res=1 errno=0 [ 203.969909][ T8661] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 203.994174][ T8661] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 203.997544][ T8661] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 204.001116][ T8661] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2147319994 [ 204.009975][ T8661] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 204.017163][ T8667] ubi0: background thread "ubi_bgt0d" started, PID 8667 [ 204.203471][ T5194] Bluetooth: hci3: command tx timeout [ 204.527759][ T8679] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 204.736794][ T5194] Bluetooth: hci3: ACL packet for unknown connection handle 100 [ 204.749015][ T5194] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 204.841460][ T39] audit: type=1804 audit(1719631562.629:2155): pid=8697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.939" name="/syzkaller.2c0FXx/11/.log" dev="sda1" ino=1967 res=1 errno=0 [ 204.931862][ T8699] Bluetooth: MGMT ver 1.22 [ 205.378545][ T8718] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 205.905646][ T5239] libceph: connect (1)[c::]:6789 error -101 [ 205.908611][ T5239] libceph: mon0 (1)[c::]:6789 connect error [ 205.975190][ T8739] ceph: No mds server is up or the cluster is laggy [ 206.078755][ T39] audit: type=1326 audit(1719631563.869:2156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8743 comm="syz.0.952" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 206.134522][ T8751] netlink: 4 bytes leftover after parsing attributes in process `syz.0.952'. [ 206.208729][ T8756] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 80 [ 207.027026][ T5194] Bluetooth: hci2: unexpected event for opcode 0x0803 [ 207.945209][ T8791] netlink: 'syz.0.965': attribute type 9 has an invalid length. [ 207.954182][ T8791] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.965'. [ 207.997479][ T8791] netlink: 'syz.0.965': attribute type 9 has an invalid length. [ 208.000655][ T8791] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.965'. [ 208.327875][ T39] audit: type=1326 audit(1719631566.119:2157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8797 comm="syz.3.967" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ca579 code=0x0 [ 208.436555][ T8800] netlink: 4 bytes leftover after parsing attributes in process `syz.3.967'. [ 208.776037][ T39] audit: type=1804 audit(1719631566.569:2158): pid=8804 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.969" name="/syzkaller.41UIqA/267/.log" dev="sda1" ino=1957 res=1 errno=0 [ 209.282415][ T8816] netlink: 'syz.3.973': attribute type 9 has an invalid length. [ 209.292306][ T8816] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.973'. [ 209.369284][ T8816] netlink: 'syz.3.973': attribute type 9 has an invalid length. [ 209.372699][ T8816] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.973'. [ 209.452427][ T8819] mmap: syz.0.974 (8819) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 210.628782][ T39] audit: type=1326 audit(1719631568.419:2159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8843 comm="syz.0.981" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 210.718978][ T8855] netlink: 'syz.2.984': attribute type 9 has an invalid length. [ 210.722633][ T8855] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.984'. [ 210.731454][ T8849] netlink: 4 bytes leftover after parsing attributes in process `syz.0.981'. [ 210.756740][ T8855] netlink: 'syz.2.984': attribute type 9 has an invalid length. [ 210.760185][ T8855] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.984'. [ 211.888013][ T8882] A link change request failed with some changes committed already. Interface xfrm0 may have been left with an inconsistent configuration, please check. [ 212.335377][ T39] audit: type=1326 audit(1719631570.129:2160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.0.993" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 212.439630][ T8894] netlink: 4 bytes leftover after parsing attributes in process `syz.0.993'. [ 213.274219][ T8908] netlink: 'syz.0.996': attribute type 9 has an invalid length. [ 213.277062][ T8908] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.996'. [ 213.345064][ T8908] netlink: 'syz.0.996': attribute type 9 has an invalid length. [ 213.347661][ T8908] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.996'. [ 215.465084][ T8931] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 215.772569][ T39] audit: type=1326 audit(1719631573.559:2161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8935 comm="syz.0.1004" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73e7579 code=0x0 [ 215.826947][ T8938] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1004'. [ 217.773317][ T25] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 217.963439][ T25] usb 8-1: Using ep0 maxpacket: 32 [ 217.968542][ T25] usb 8-1: config 0 has no interfaces? [ 217.970725][ T25] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 217.975160][ T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.979361][ T25] usb 8-1: config 0 descriptor?? [ 218.191539][ T8969] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 218.196931][ T8969] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 218.202571][ T5199] usb 8-1: USB disconnect, device number 10 [ 218.403096][ T8981] fuse: Unknown parameter 'use00000000000000000000' [ 218.737795][ T8993] A link change request failed with some changes committed already. Interface xfrm0 may have been left with an inconsistent configuration, please check. [ 218.869960][ T8999] netlink: 'syz.0.1021': attribute type 9 has an invalid length. [ 218.874175][ T8999] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1021'. [ 218.905054][ T8999] netlink: 'syz.0.1021': attribute type 9 has an invalid length. [ 218.908162][ T8999] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1021'. [ 219.695031][ T9013] netlink: 'syz.3.1024': attribute type 9 has an invalid length. [ 219.699711][ T9013] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1024'. [ 219.749922][ T9013] netlink: 'syz.3.1024': attribute type 9 has an invalid length. [ 219.754737][ T9013] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1024'. [ 220.445898][ T8] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 220.502104][ T39] audit: type=1326 audit(1719631578.289:2162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9032 comm="syz.3.1031" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ca579 code=0x0 [ 220.617882][ T9041] netlink: 'syz.0.1033': attribute type 9 has an invalid length. [ 220.621275][ T9041] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1033'. [ 220.623335][ T8] usb 7-1: Using ep0 maxpacket: 32 [ 220.629394][ T8] usb 7-1: no configurations [ 220.632217][ T8] usb 7-1: can't read configurations, error -22 [ 220.649623][ T9041] netlink: 'syz.0.1033': attribute type 9 has an invalid length. [ 220.652462][ T9041] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1033'. [ 220.783353][ T8] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 220.973327][ T8] usb 7-1: Using ep0 maxpacket: 32 [ 220.975903][ T8] usb 7-1: no configurations [ 220.977931][ T8] usb 7-1: can't read configurations, error -22 [ 220.980547][ T8] usb usb7-port1: attempt power cycle [ 221.381848][ T9046] trusted_key: syz.3.1034 sent an empty control message without MSG_MORE. [ 221.393337][ T8] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 221.425940][ T8] usb 7-1: Using ep0 maxpacket: 32 [ 221.433396][ T8] usb 7-1: no configurations [ 221.435454][ T8] usb 7-1: can't read configurations, error -22 [ 221.506885][ T9055] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1038'. [ 221.593442][ T8] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 221.630008][ T8] usb 7-1: Using ep0 maxpacket: 32 [ 221.632369][ T8] usb 7-1: no configurations [ 221.637175][ T8] usb 7-1: can't read configurations, error -22 [ 221.640474][ T8] usb usb7-port1: unable to enumerate USB device [ 221.643369][ C1] ================================================================== [ 221.643377][ C1] BUG: KASAN: stack-out-of-bounds in profile_pc+0x186/0x1a0 [ 221.643407][ C1] Read of size 8 at addr ffffc90002b27b90 by task syz-executor/5191 [ 221.643414][ C1] [ 221.643417][ C1] CPU: 1 PID: 5191 Comm: syz-executor Not tainted 6.10.0-rc5-syzkaller-00243-g6c0483dbfe72 #0 [ 221.643439][ C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 221.643445][ C1] Call Trace: [ 221.643449][ C1] [ 221.643453][ C1] dump_stack_lvl+0x116/0x1f0 [ 221.668043][ C1] print_report+0xc3/0x620 [ 221.669968][ C1] ? __virt_addr_valid+0x5e/0x580 [ 221.672092][ C1] kasan_report+0xd9/0x110 [ 221.674043][ C1] ? profile_pc+0x186/0x1a0 [ 221.675836][ C1] ? profile_pc+0x186/0x1a0 [ 221.677624][ C1] ? queued_read_lock_slowpath+0x131/0x2b1 [ 221.679960][ C1] profile_pc+0x186/0x1a0 [ 221.681699][ C1] profile_tick+0xd3/0x140 [ 221.683496][ C1] tick_nohz_handler+0x380/0x530 [ 221.685475][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 221.687710][ C1] __hrtimer_run_queues+0x657/0xcc0 [ 221.690028][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 221.692354][ C1] ? ktime_get_update_offsets_now+0x201/0x310 [ 221.694819][ C1] hrtimer_interrupt+0x31b/0x800 [ 221.696519][ C1] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 221.698704][ C1] sysvec_apic_timer_interrupt+0x90/0xb0 [ 221.700408][ C1] [ 221.701551][ C1] [ 221.702733][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 221.705102][ C1] RIP: 0010:queued_read_lock_slowpath+0x131/0x2b1 [ 221.707663][ C1] Code: 85 45 01 00 00 8b 03 84 c0 74 36 48 b8 00 00 00 00 00 fc ff df 49 89 de 48 89 dd 49 c1 ee 03 83 e5 07 49 01 c6 83 c5 03 f3 90 <41> 0f b6 06 40 38 c5 7c 08 84 c0 0f 85 1f 01 00 00 8b 03 84 c0 75 [ 221.714518][ C1] RSP: 0018:ffffc90002b27b88 EFLAGS: 00000286 [ 221.716540][ C1] RAX: 00000000000002ff RBX: ffffffff8d80a080 RCX: ffffffff8adfd02b [ 221.719327][ C1] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff8d80a080 [ 221.722397][ C1] RBP: 0000000000000003 R08: 0000000000000001 R09: fffffbfff1b01410 [ 221.724984][ C1] R10: ffffffff8d80a083 R11: 0000000000000000 R12: 1ffff92000564f72 [ 221.727478][ C1] R13: ffffffff8d80a084 R14: fffffbfff1b01410 R15: ffffffff8152a979 [ 221.730085][ C1] ? do_wait+0x1e9/0x570 [ 221.731458][ C1] ? queued_read_lock_slowpath+0xdb/0x2b1 [ 221.733205][ C1] ? queued_read_lock_slowpath+0xdb/0x2b1 [ 221.734980][ C1] ? __pfx_queued_read_lock_slowpath+0x10/0x10 [ 221.736937][ C1] __do_wait+0x105/0x890 [ 221.738301][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 221.740326][ C1] ? do_wait+0x1e9/0x570 [ 221.742076][ C1] do_wait+0x219/0x570 [ 221.743767][ C1] kernel_wait4+0x16c/0x280 [ 221.745688][ C1] ? __pfx_kernel_wait4+0x10/0x10 [ 221.747844][ C1] ? __pfx_child_wait_callback+0x10/0x10 [ 221.750213][ C1] ? __pfx_hrtimer_nanosleep+0x10/0x10 [ 221.752443][ C1] ? __might_fault+0xe3/0x190 [ 221.754330][ C1] __do_compat_sys_wait4+0x159/0x170 [ 221.756415][ C1] ? __pfx___do_compat_sys_wait4+0x10/0x10 [ 221.758557][ C1] ? __pfx_get_old_timespec32+0x10/0x10 [ 221.760293][ C1] __do_fast_syscall_32+0x73/0x120 [ 221.761866][ C1] do_fast_syscall_32+0x32/0x80 [ 221.763446][ C1] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 221.765504][ C1] RIP: 0023:0xf7456579 [ 221.767131][ C1] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 221.774262][ C1] RSP: 002b:00000000fffd0d00 EFLAGS: 00000246 ORIG_RAX: 0000000000000072 [ 221.776763][ C1] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00000000fffd0e20 [ 221.779169][ C1] RDX: 0000000040000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 221.782114][ C1] RBP: 00000000fffd0e20 R08: 0000000000000000 R09: 0000000000000000 [ 221.785149][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 221.788179][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 221.791082][ C1] [ 221.792038][ C1] [ 221.792778][ C1] The buggy address belongs to stack of task syz-executor/5191 [ 221.795088][ C1] and is located at offset 0 in frame: [ 221.796738][ C1] queued_read_lock_slowpath+0x0/0x2b1 [ 221.798386][ C1] [ 221.799109][ C1] This frame has 1 object: [ 221.800762][ C1] [32, 36) 'val' [ 221.800771][ C1] [ 221.803110][ C1] The buggy address belongs to the virtual mapping at [ 221.803110][ C1] [ffffc90002b20000, ffffc90002b29000) created by: [ 221.803110][ C1] kernel_clone+0xfd/0x980 [ 221.809826][ C1] [ 221.810875][ C1] The buggy address belongs to the physical page: [ 221.813705][ C1] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888011c86510 pfn:0x11c86 [ 221.817948][ C1] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 221.820751][ C1] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 221.824140][ C1] raw: ffff888011c86510 0000000000000000 00000001ffffffff 0000000000000000 [ 221.827530][ C1] page dumped because: kasan: bad access detected [ 221.829985][ C1] page_owner tracks the page as allocated [ 221.832259][ C1] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 4914, tgid 4914 (dhcpcd), ts 41453143022, free_ts 41451839699 [ 221.839996][ C1] post_alloc_hook+0x2d1/0x350 [ 221.841740][ C1] get_page_from_freelist+0x1353/0x2e50 [ 221.843490][ C1] __alloc_pages_noprof+0x22b/0x2460 [ 221.845263][ C1] alloc_pages_mpol_noprof+0x275/0x610 [ 221.847242][ C1] __vmalloc_node_range_noprof+0xa6a/0x1520 [ 221.849367][ C1] copy_process+0x29f5/0x6f50 [ 221.850924][ C1] kernel_clone+0xfd/0x980 [ 221.852278][ C1] __do_sys_clone+0xba/0x100 [ 221.853828][ C1] do_syscall_64+0xcd/0x250 [ 221.855357][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.857266][ C1] page last free pid 4913 tgid 4913 stack trace: [ 221.859570][ C1] free_unref_page+0x64a/0xe40 [ 221.861076][ C1] __put_partials+0x14c/0x170 [ 221.862611][ C1] qlist_free_all+0x4e/0x140 [ 221.864320][ C1] kasan_quarantine_reduce+0x192/0x1e0 [ 221.866022][ C1] __kasan_slab_alloc+0x69/0x90 [ 221.867822][ C1] kmalloc_node_track_caller_noprof+0x1c1/0x440 [ 221.869937][ C1] kmalloc_reserve+0xef/0x2c0 [ 221.871421][ C1] __alloc_skb+0x164/0x380 [ 221.872862][ C1] alloc_skb_with_frags+0xe4/0x710 [ 221.874529][ C1] sock_alloc_send_pskb+0x7f1/0x980 [ 221.876171][ C1] unix_dgram_sendmsg+0x46c/0x19b0 [ 221.878046][ C1] sock_write_iter+0x50a/0x5c0 [ 221.879843][ C1] vfs_write+0x6b6/0x1140 [ 221.881396][ C1] ksys_write+0x1f8/0x260 [ 221.882683][ C1] do_syscall_64+0xcd/0x250 [ 221.884055][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.885864][ C1] [ 221.886624][ C1] Memory state around the buggy address: [ 221.888959][ C1] ffffc90002b27a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 221.892230][ C1] ffffc90002b27b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 221.894861][ C1] >ffffc90002b27b80: 00 00 f1 f1 f1 f1 04 f3 f3 f3 00 00 00 00 00 00 [ 221.897394][ C1] ^ [ 221.898939][ C1] ffffc90002b27c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 221.901605][ C1] ffffc90002b27c80: 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00 [ 221.904129][ C1] ================================================================== [ 221.906652][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 221.909153][ C1] CPU: 1 PID: 5191 Comm: syz-executor Not tainted 6.10.0-rc5-syzkaller-00243-g6c0483dbfe72 #0 [ 221.912284][ C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 221.915624][ C1] Call Trace: [ 221.916790][ C1] [ 221.917875][ C1] dump_stack_lvl+0x3d/0x1f0 [ 221.919541][ C1] panic+0x6f5/0x7a0 [ 221.920861][ C1] ? __pfx_panic+0x10/0x10 [ 221.922635][ C1] ? rcu_is_watching+0x12/0xc0 [ 221.924122][ C1] ? __pfx_lock_release+0x10/0x10 [ 221.925891][ C1] ? check_panic_on_warn+0x1f/0xb0 [ 221.927536][ C1] check_panic_on_warn+0xab/0xb0 [ 221.929141][ C1] end_report+0x117/0x180 [ 221.930661][ C1] kasan_report+0xe9/0x110 [ 221.932103][ C1] ? profile_pc+0x186/0x1a0 [ 221.933489][ C1] ? profile_pc+0x186/0x1a0 [ 221.934897][ C1] ? queued_read_lock_slowpath+0x131/0x2b1 [ 221.936734][ C1] profile_pc+0x186/0x1a0 [ 221.938213][ C1] profile_tick+0xd3/0x140 [ 221.939641][ C1] tick_nohz_handler+0x380/0x530 [ 221.941249][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 221.943031][ C1] __hrtimer_run_queues+0x657/0xcc0 [ 221.944876][ C1] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 221.946635][ C1] ? ktime_get_update_offsets_now+0x201/0x310 [ 221.948963][ C1] hrtimer_interrupt+0x31b/0x800 [ 221.950920][ C1] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 221.953269][ C1] sysvec_apic_timer_interrupt+0x90/0xb0 [ 221.955282][ C1] [ 221.956178][ C1] [ 221.957081][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 221.958956][ C1] RIP: 0010:queued_read_lock_slowpath+0x131/0x2b1 [ 221.961285][ C1] Code: 85 45 01 00 00 8b 03 84 c0 74 36 48 b8 00 00 00 00 00 fc ff df 49 89 de 48 89 dd 49 c1 ee 03 83 e5 07 49 01 c6 83 c5 03 f3 90 <41> 0f b6 06 40 38 c5 7c 08 84 c0 0f 85 1f 01 00 00 8b 03 84 c0 75 [ 221.968307][ C1] RSP: 0018:ffffc90002b27b88 EFLAGS: 00000286 [ 221.970687][ C1] RAX: 00000000000002ff RBX: ffffffff8d80a080 RCX: ffffffff8adfd02b [ 221.973337][ C1] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff8d80a080 [ 221.975920][ C1] RBP: 0000000000000003 R08: 0000000000000001 R09: fffffbfff1b01410 [ 221.978301][ C1] R10: ffffffff8d80a083 R11: 0000000000000000 R12: 1ffff92000564f72 [ 221.980995][ C1] R13: ffffffff8d80a084 R14: fffffbfff1b01410 R15: ffffffff8152a979 [ 221.984017][ C1] ? do_wait+0x1e9/0x570 [ 221.985674][ C1] ? queued_read_lock_slowpath+0xdb/0x2b1 [ 221.987875][ C1] ? queued_read_lock_slowpath+0xdb/0x2b1 [ 221.990072][ C1] ? __pfx_queued_read_lock_slowpath+0x10/0x10 [ 221.992528][ C1] __do_wait+0x105/0x890 [ 221.994396][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 221.996539][ C1] ? do_wait+0x1e9/0x570 [ 221.998209][ C1] do_wait+0x219/0x570 [ 221.999548][ C1] kernel_wait4+0x16c/0x280 [ 222.000912][ C1] ? __pfx_kernel_wait4+0x10/0x10 [ 222.002624][ C1] ? __pfx_child_wait_callback+0x10/0x10 [ 222.004634][ C1] ? __pfx_hrtimer_nanosleep+0x10/0x10 [ 222.006385][ C1] ? __might_fault+0xe3/0x190 [ 222.007821][ C1] __do_compat_sys_wait4+0x159/0x170 [ 222.009600][ C1] ? __pfx___do_compat_sys_wait4+0x10/0x10 [ 222.011681][ C1] ? __pfx_get_old_timespec32+0x10/0x10 [ 222.013536][ C1] __do_fast_syscall_32+0x73/0x120 [ 222.015132][ C1] do_fast_syscall_32+0x32/0x80 [ 222.016609][ C1] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 222.018543][ C1] RIP: 0023:0xf7456579 [ 222.019964][ C1] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 222.025913][ C1] RSP: 002b:00000000fffd0d00 EFLAGS: 00000246 ORIG_RAX: 0000000000000072 [ 222.028716][ C1] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00000000fffd0e20 [ 222.031479][ C1] RDX: 0000000040000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 222.033863][ C1] RBP: 00000000fffd0e20 R08: 0000000000000000 R09: 0000000000000000 [ 222.036249][ C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 222.038636][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 222.041189][ C1] [ 223.135733][ C1] Shutting down cpus with NMI [ 223.137972][ C1] Kernel Offset: disabled [ 223.139470][ C1] Rebooting in 86400 seconds.. VM DIAGNOSIS: 03:26:19 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffffffff8d80a084 RCX=ffffffff8adfbe0b RDX=fffffbfff1b01411 RSI=0000000000000004 RDI=ffffffff8d80a084 RBP=0000000000000007 RSP=ffffc90023187950 R8 =0000000000000000 R9 =fffffbfff1b01410 R10=ffffffff8d80a087 R11=0000000000000000 R12=fffffbfff1b01410 R13=0000000000000000 R14=ffff88802c03fa40 R15=0000000000000000 RIP=ffffffff8adfbe4a RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000003021eff8 CR3=00000000535b0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000079 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84f94935 RDI=ffffffff94d5c040 RBP=ffffffff94d5c000 RSP=ffffc90000598760 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3230303039636652 R12=0000000000000000 R13=0000000000000079 R14=ffffffff84f948d0 R15=0000000000000000 RIP=ffffffff84f9495f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c100000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f72f6eb0 CR3=0000000054b1c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffffffff8d80a084 RCX=ffffffff8adfbe0b RDX=fffffbfff1b01411 RSI=0000000000000004 RDI=ffffffff8d80a084 RBP=0000000000000007 RSP=ffffc900238e7860 R8 =0000000000000000 R9 =fffffbfff1b01410 R10=ffffffff8d80a087 R11=0000000000000001 R12=fffffbfff1b01410 R13=0000000000000000 R14=ffff88802c23fa40 R15=0000000000000002 RIP=ffffffff8adfbe03 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c200000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5cacda4 CR3=0000000025a5e000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813be48e RDX=ffff8880279f8000 RSI=ffffffff813be4ab RDI=0000000000000000 RBP=ffffffff8d80a084 RSP=ffffc900257f7928 R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=0000000000000000 R12=0000000000000003 R13=0000000000000003 R14=ffff88802c33fa40 R15=fffffbfff1b01410 RIP=ffffffff813be4ac RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5d4d65c CR3=00000000535b0000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000