last executing test programs: 2m51.605234932s ago: executing program 0 (id=2458): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a5"], 0x0}, 0x90) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74) sendmmsg$unix(r0, &(0x7f0000000b00)=[{{&(0x7f00000000c0)=@file={0x0, './file0/file0\x00'}, 0x60, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000001dc0)="bb", 0xfdef}, {0x0, 0x2c}], 0x2, 0x0, 0x0, 0x1}}, {{&(0x7f0000000580)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000600)='z', 0xfdef}], 0x1}}], 0x3, 0x0) 2m51.603510067s ago: executing program 0 (id=2459): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000004700)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f00000047c0)={0x60, r1, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r2}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084) 2m51.530392122s ago: executing program 0 (id=2460): r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r1) setpriority(0x2, 0xff, 0x0) 2m51.516381918s ago: executing program 0 (id=2463): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x48) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000580)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xb5008, 0x0) umount2(&(0x7f00000001c0)='./file0/../file0\x00', 0x4) 2m51.45689514s ago: executing program 0 (id=2464): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f0000002680)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)="18", 0x1}], 0x1}}, {{&(0x7f0000000140)={0xa, 0x4e20, 0x0, @private0, 0x80000001}, 0x1c, &(0x7f0000000800)=[{&(0x7f0000000180)="ed", 0x1}], 0x1}}], 0x2, 0x0) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000000c0)={0xf55, 0x1, 0x800a, 0xffffff01, 0xfffffffb, 0x3, 0x4, 0x10001}, &(0x7f00000002c0)=0x20) 2m51.204370575s ago: executing program 0 (id=2468): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x102080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000500)={0x1, 0x0, [{0x20a, 0x0, 0x7}]}) 2m51.078272253s ago: executing program 32 (id=2468): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x102080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000500)={0x1, 0x0, [{0x20a, 0x0, 0x7}]}) 1m22.352673097s ago: executing program 2 (id=4124): openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000140), 0x802, 0x0) r0 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0x86f7, 0x10100, 0x0, 0x3}, &(0x7f0000002000)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22}) io_uring_enter(r0, 0x48e9, 0x0, 0x2, 0x0, 0x0) 1m22.296256875s ago: executing program 2 (id=4126): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x40, 0x6, 0xa, 0xad3394dc192dae8b, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @masq={{0x9}, @void}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) close(0x3) 1m22.295776514s ago: executing program 2 (id=4127): r0 = epoll_create1(0x0) r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0x8000000e}) close(0x3) 1m22.22289347s ago: executing program 2 (id=4129): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000280)='./file0\x00', 0x0, 0x97801, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x112) 1m22.220991957s ago: executing program 2 (id=4131): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}}, &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b30, &(0x7f0000000040)={'wlan0\x00'}) 1m22.080717966s ago: executing program 2 (id=4134): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8500, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000140)=@x86={0x9, 0x2, 0x40, 0x0, 0x8, 0x3, 0x7, 0x1, 0xd, 0x6e, 0xb, 0x7, 0x0, 0xffff, 0x101, 0x5, 0x8, 0xf0, 0xa, '\x00', 0x40, 0x2}) 1m21.955401499s ago: executing program 33 (id=4134): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8500, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000140)=@x86={0x9, 0x2, 0x40, 0x0, 0x8, 0x3, 0x7, 0x1, 0xd, 0x6e, 0xb, 0x7, 0x0, 0xffff, 0x101, 0x5, 0x8, 0xf0, 0xa, '\x00', 0x40, 0x2}) 2.21179244s ago: executing program 4 (id=6067): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x4e21, @private=0xa010102}], 0x10) readv(r0, &(0x7f0000000600)=[{&(0x7f0000000180)=""/135, 0x87}], 0x1) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8) 1.534194098s ago: executing program 3 (id=6082): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="040e1a000310"], 0xf) 1.344727297s ago: executing program 4 (id=6088): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x6, 0x4, 0x8, 0x8}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 1.263700337s ago: executing program 4 (id=6091): r0 = syz_open_dev$vim2m(&(0x7f0000000280), 0x1, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x4, 0x2, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f00000012c0)=0x2) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc044560f, &(0x7f00000001c0)=@mmap={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, "2063569a"}}) 1.105399777s ago: executing program 5 (id=6095): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='hugetlb.2MB.max_usage_in_bytes\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0xc92) 1.051371829s ago: executing program 5 (id=6096): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000000380)={[0x1, 0xeeee8000, 0xeeef0000, 0x8000000], 0x7ff, 0xc81675ab98b5563b}) 1.049226681s ago: executing program 4 (id=6097): r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) r1 = io_uring_setup(0x6640, &(0x7f0000000780)={0x0, 0xca8a, 0x1000}) close_range(r1, 0xffffffffffffffff, 0x0) ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, 0x0) 905.30672ms ago: executing program 5 (id=6099): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x40000046, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x10002, 0x1, 0x1}) r1 = syz_open_dev$vim2m(&(0x7f00000004c0), 0xfffffffffffffffe, 0x2) ioctl$vim2m_VIDIOC_EXPBUF(r1, 0xc0405610, &(0x7f0000000180)={0x1, 0x1d, 0x10000006, 0x80c80}) 904.452356ms ago: executing program 4 (id=6101): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000040)=0x8003) 751.830724ms ago: executing program 1 (id=6104): setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x4e23, 0xfffc, 0x4e23, 0x3, 0xa, 0x80, 0x30}, {0x100000000, 0x2, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff, 0xffffffffffff0d4a, 0x8, 0x800000000001}, {0x9, 0xfffffffffffffffe, 0x0, 0x9}, 0xd6, 0x0, 0x1, 0x0, 0x0, 0x1}, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x210000, 0x33}, 0x0, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0xfffffffb}}, 0xe8) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300)={0xffffffffffffffff}, 0x106, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000340)={0x15, 0x110, 0xfa00, {r1, 0x0, 0x30, 0x30, 0x0, @in6={0x1b, 0x4000, 0x0, @loopback, 0xbff}, @ib={0x1b, 0x38e, 0x0, {'\x00\a\x00'}, 0x0, 0x40000000, 0x8}}}, 0x118) 698.678225ms ago: executing program 4 (id=6105): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x6, 0x24, &(0x7f0000000740)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0x4004550d, 0x0) 546.821868ms ago: executing program 1 (id=6106): r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0) write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab) unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0) unlinkat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x0) 546.420249ms ago: executing program 5 (id=6107): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f00000000c0), 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan0\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x1d, r1}, 0x10, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="0400"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=r0, @ANYRES64=r1, @ANYBLOB="000000000100000000000000840004"], 0x48}}, 0x0) 473.398156ms ago: executing program 5 (id=6108): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f0000000200), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x10, 0x0) chroot(&(0x7f0000000040)='./file0\x00') umount2(&(0x7f0000000000)='./file0\x00', 0x1) 470.514349ms ago: executing program 3 (id=6109): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0xf}]}, &(0x7f0000000000)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) r1 = socket$kcm(0x10, 0x3, 0x10) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000980)=r0, 0x4) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000003c0)="1400000017000b63d25a80648c2594f934a3c92b", 0x14}], 0x1}, 0x0) 457.623568ms ago: executing program 5 (id=6110): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c) recvmsg(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x40000102) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8) 380.838541ms ago: executing program 3 (id=6111): r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x6) symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r1, &(0x7f0000000080)='./file0\x00') 380.432634ms ago: executing program 3 (id=6112): bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000440)=@framed={{0x18, 0x5, 0x0, 0x0, 0x63, 0x0, 0x0, 0x0, 0xfffffffe}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r1, 0xfffff000, 0xe, 0x0, &(0x7f0000001700)="61df7100c80400d5721ff59fe864", 0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xf) 306.654481ms ago: executing program 3 (id=6113): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) timerfd_settime(0xffffffffffffffff, 0x7, 0x0, 0x0) 136.444644ms ago: executing program 1 (id=6114): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='contention_end\x00', r0}, 0x18) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x4, 0x0) ioctl$BINDER_GET_NODE_INFO_FOR_REF(r1, 0xc018620c, &(0x7f0000000000)={0x4}) 65.882809ms ago: executing program 1 (id=6115): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001300), 0xffffffffffffffff) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000080)={0x38, r2, 0x401, 0x70bd2a, 0x259fdbfe, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "b6ba34b7af3bb3540f31e07fbd"}, @NL80211_ATTR_KEY_TYPE={0x8, 0x37, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x84}, 0x24004000) 7.601329ms ago: executing program 1 (id=6116): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.stat\x00', 0x275a, 0x0) preadv2(r1, &(0x7f0000000280)=[{&(0x7f0000000080)=""/173, 0xad}], 0x1, 0x5, 0x84c2, 0x12) 6.196777ms ago: executing program 3 (id=6117): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x42800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) prlimit64(0x0, 0x7, &(0x7f00000001c0), 0x0) ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000}) 0s ago: executing program 1 (id=6118): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0) syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="040e1a000310"], 0xf) kernel console output (not intermixed with test programs): 5-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 133.791462][T10621] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 134.012076][ T56] sierra_net 6-1:1.7 wwan0: register 'sierra_net' at usb-dummy_hcd.1-1, Sierra Wireless USB-to-WWAN Modem, 00:00:00:00:01:07 [ 134.204003][ T56] sierra_net 6-1:1.7 wwan0: Submit SYNC failed -71 [ 134.209040][ T56] sierra_net 6-1:1.7 wwan0: Send SYNC failed, status -71 [ 134.213259][ T56] sierra_net 6-1:1.7 wwan0: Submit SYNC failed -71 [ 134.217142][ T56] sierra_net 6-1:1.7 wwan0: Send SYNC failed, status -71 [ 134.225632][ T56] usb 6-1: USB disconnect, device number 3 [ 134.232649][ T56] sierra_net 6-1:1.7 wwan0: unregister 'sierra_net' usb-dummy_hcd.1-1, Sierra Wireless USB-to-WWAN Modem [ 134.294140][T10638] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2141'. [ 134.297982][T10638] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2141'. [ 134.302754][ T56] sierra_net 6-1:1.7 wwan0 (unregistered): usb_control_msg failed, status -19 [ 134.483945][ T838] kernel write not supported for file /snd/pcmC1D0p (pid: 838 comm: kworker/3:2) [ 134.577009][T10652] loop4: detected capacity change from 0 to 524255232 [ 134.651808][T10652] loop4: detected capacity change from 524255232 to 524287956 [ 135.022786][T10688] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 135.418033][T10714] loop4: detected capacity change from 0 to 524255232 [ 135.459898][T10714] loop4: detected capacity change from 524255232 to 524287956 [ 136.055272][ T54] usb 5-1: USB disconnect, device number 3 [ 136.069896][ T54] usblp0: removed [ 136.223727][ T41] kauditd_printk_skb: 6 callbacks suppressed [ 136.223742][ T41] audit: type=1326 audit(1758064148.381:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10753 comm="syz.3.2196" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb2598 code=0x7ffc0000 [ 136.255556][ T41] audit: type=1326 audit(1758064148.381:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10753 comm="syz.3.2196" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 136.272838][ T41] audit: type=1326 audit(1758064148.381:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10753 comm="syz.3.2196" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb2598 code=0x7ffc0000 [ 136.303804][ T41] audit: type=1326 audit(1758064148.381:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10753 comm="syz.3.2196" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 136.316957][ T41] audit: type=1326 audit(1758064148.391:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10753 comm="syz.3.2196" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 136.325751][ T41] audit: type=1326 audit(1758064148.391:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10753 comm="syz.3.2196" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb2598 code=0x7ffc0000 [ 136.336005][ T41] audit: type=1326 audit(1758064148.391:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10753 comm="syz.3.2196" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 136.347277][ T41] audit: type=1326 audit(1758064148.391:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10753 comm="syz.3.2196" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb2598 code=0x7ffc0000 [ 136.362857][ T41] audit: type=1326 audit(1758064148.391:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10753 comm="syz.3.2196" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 136.372696][ T41] audit: type=1326 audit(1758064148.391:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10753 comm="syz.3.2196" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 136.413325][T10765] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048) [ 138.183421][T10833] loop6: detected capacity change from 0 to 524287999 [ 138.186974][ T5993] buffer_io_error: 7 callbacks suppressed [ 138.186986][ T5993] Buffer I/O error on dev loop6, logical block 0, async page read [ 138.193559][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.193992][ T5993] Buffer I/O error on dev loop6, logical block 0, async page read [ 138.196484][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.201222][ T5993] Buffer I/O error on dev loop6, logical block 0, async page read [ 138.207193][ T5993] Buffer I/O error on dev loop6, logical block 0, async page read [ 138.212880][ T5993] Buffer I/O error on dev loop6, logical block 0, async page read [ 138.216911][ T5993] Buffer I/O error on dev loop6, logical block 0, async page read [ 138.221449][ T5993] Buffer I/O error on dev loop6, logical block 0, async page read [ 138.225243][ T5993] Buffer I/O error on dev loop6, logical block 0, async page read [ 138.229860][ T5993] ldm_validate_partition_table(): Disk read failed. [ 138.234397][ T5993] Buffer I/O error on dev loop6, logical block 0, async page read [ 138.237864][ T5993] Buffer I/O error on dev loop6, logical block 0, async page read [ 138.281729][ T5993] Dev loop6: unable to read RDB block 0 [ 138.284670][ T5993] loop6: unable to read partition table [ 138.291716][T10833] ldm_validate_partition_table(): Disk read failed. [ 138.295011][T10833] Dev loop6: unable to read RDB block 0 [ 138.298451][T10833] loop6: unable to read partition table [ 138.301889][T10833] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 138.306584][T10836] ldm_validate_partition_table(): Disk read failed. [ 138.310249][T10836] Dev loop6: unable to read RDB block 0 [ 138.313327][T10836] loop6: unable to read partition table [ 138.316280][T10836] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 138.726044][T10864] netlink: 'syz.0.2246': attribute type 1 has an invalid length. [ 139.544970][T10883] netlink: 'syz.1.2254': attribute type 14 has an invalid length. [ 140.109579][ C3] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 141.028818][T10953] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2286'. [ 141.542199][ T838] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 141.700636][ T838] usb 7-1: too many configurations: 9, using maximum allowed: 8 [ 141.707096][ T838] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 141.712160][ T838] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 141.717106][ T838] usb 7-1: config 0 interface 0 has no altsetting 0 [ 141.724315][ T838] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 141.728801][ T838] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 141.733600][ T838] usb 7-1: config 0 interface 0 has no altsetting 0 [ 141.738184][ T838] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 141.743664][ T838] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 141.750235][ T838] usb 7-1: config 0 interface 0 has no altsetting 0 [ 141.754493][ T838] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 141.758312][ T838] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 141.767118][ T838] usb 7-1: config 0 interface 0 has no altsetting 0 [ 141.773360][ T838] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 141.778201][ T838] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 141.783001][ T838] usb 7-1: config 0 interface 0 has no altsetting 0 [ 141.787345][ T838] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 141.791823][ T838] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 141.797515][ T838] usb 7-1: config 0 interface 0 has no altsetting 0 [ 141.803347][ T838] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 141.807617][ T838] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 141.812628][ T838] usb 7-1: config 0 interface 0 has no altsetting 0 [ 141.817156][ T838] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 141.823743][ T838] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 141.832231][ T838] usb 7-1: config 0 interface 0 has no altsetting 0 [ 141.838932][ T838] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 141.843224][ T838] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 141.848523][ T838] usb 7-1: Product: syz [ 141.850484][ T838] usb 7-1: Manufacturer: syz [ 141.853064][ T838] usb 7-1: SerialNumber: syz [ 141.860290][ T838] usb 7-1: config 0 descriptor?? [ 141.872688][ T838] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0 [ 142.081723][ T29] usb 7-1: USB disconnect, device number 3 [ 142.100713][ T29] yurex 7-1:0.0: USB YUREX #0 now disconnected [ 142.217928][T10985] kvm_intel: kvm [10984]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x2 [ 142.860032][T11029] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 143.547225][T11063] serio: Serial port ptm0 [ 144.622466][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 144.803525][ T56] hid_parser_main: 73 callbacks suppressed [ 144.803546][ T56] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 144.817350][ T56] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz0] on syz0 [ 145.251237][T11132] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 145.935913][T11175] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2386'. [ 146.492458][T11209] netlink: 'syz.3.2400': attribute type 1 has an invalid length. [ 146.962724][T11238] can0: slcan on ttyS3. [ 147.435360][T11259] netlink: 'syz.0.2420': attribute type 1 has an invalid length. [ 147.978478][T11302] sp0: Synchronizing with TNC [ 148.345786][T11327] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2454'. [ 148.546664][T11340] team0: No ports can be present during mode change [ 148.924526][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.020954][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.128011][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.139774][ T838] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 149.217406][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.262110][ T5990] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 149.267212][ T5990] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 149.272907][ T5990] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 149.278090][ T5990] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 149.283056][ T5990] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 149.315153][ T838] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 149.318741][ T838] usb 6-1: can't read configurations, error -71 [ 149.422768][ T13] bridge_slave_1: left allmulticast mode [ 149.425821][ T13] bridge_slave_1: left promiscuous mode [ 149.429924][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.439241][ T13] bridge_slave_0: left allmulticast mode [ 149.443740][ T13] bridge_slave_0: left promiscuous mode [ 149.446101][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 149.885394][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 149.890984][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 149.896174][ T13] bond0 (unregistering): Released all slaves [ 150.002479][ T13] IPVS: stopping master sync thread 10311 ... [ 150.067104][T11357] chnl_net:caif_netlink_parms(): no params data found [ 150.071038][T11238] can0 (unregistered): slcan off ttyS3. [ 150.143987][T11372] netlink: 'syz.2.2473': attribute type 1 has an invalid length. [ 150.161165][ T838] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 150.337147][ T838] usb 6-1: Using ep0 maxpacket: 16 [ 150.337414][T11357] bridge0: port 1(bridge_slave_0) entered blocking state [ 150.343594][T11357] bridge0: port 1(bridge_slave_0) entered disabled state [ 150.346978][ T838] usb 6-1: config 0 has an invalid interface number: 8 but max is 0 [ 150.347000][ T838] usb 6-1: config 0 has no interface number 0 [ 150.347029][ T838] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 150.347048][ T838] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 150.352409][ T838] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 150.352434][ T838] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 150.352450][ T838] usb 6-1: Product: syz [ 150.355630][T11357] bridge_slave_0: entered allmulticast mode [ 150.360887][ T838] usb 6-1: SerialNumber: syz [ 150.381007][T11357] bridge_slave_0: entered promiscuous mode [ 150.400001][ T838] usb 6-1: config 0 descriptor?? [ 150.411341][ T838] cm109 6-1:0.8: invalid payload size 0, expected 4 [ 150.417140][ T13] hsr_slave_0: left promiscuous mode [ 150.417411][ T838] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.8/input/input10 [ 150.429712][ T13] hsr_slave_1: left promiscuous mode [ 150.432839][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 150.436057][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 150.442729][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 150.445685][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 150.497568][ T13] veth1_macvtap: left promiscuous mode [ 150.511986][ T13] veth0_macvtap: left promiscuous mode [ 150.515078][ T13] veth1_vlan: left promiscuous mode [ 150.517482][ T13] veth0_vlan: left promiscuous mode [ 150.609720][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 150.615612][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 150.619128][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 150.622450][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 150.625818][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 150.629172][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 150.632862][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 150.636283][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 150.641995][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 150.645581][ C3] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 150.656755][ T838] usb 6-1: USB disconnect, device number 5 [ 150.659307][ C3] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 150.698475][ T838] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 151.304538][ T5990] Bluetooth: hci1: command tx timeout [ 151.481992][ T13] team0 (unregistering): Port device team_slave_1 removed [ 151.600884][ T13] team0 (unregistering): Port device team_slave_0 removed [ 152.278416][T11357] bridge0: port 2(bridge_slave_1) entered blocking state [ 152.281534][T11357] bridge0: port 2(bridge_slave_1) entered disabled state [ 152.284231][T11357] bridge_slave_1: entered allmulticast mode [ 152.287134][T11357] bridge_slave_1: entered promiscuous mode [ 152.357996][T11357] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 152.370382][T11357] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 152.475124][T11357] team0: Port device team_slave_0 added [ 152.480394][T11357] team0: Port device team_slave_1 added [ 152.588939][T11357] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 152.599005][T11357] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 152.617886][T11357] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 152.625153][T11357] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 152.628515][T11357] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 152.661461][T11357] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 152.768794][T11357] hsr_slave_0: entered promiscuous mode [ 152.775600][T11357] hsr_slave_1: entered promiscuous mode [ 152.777712][T11357] debugfs: 'hsr0' already exists in 'hsr' [ 152.779676][T11357] Cannot create hsr debugfs directory [ 153.051882][T11357] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 153.057510][T11357] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 153.064350][T11357] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 153.070289][T11357] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 153.142932][T11357] 8021q: adding VLAN 0 to HW filter on device bond0 [ 153.170387][T11357] 8021q: adding VLAN 0 to HW filter on device team0 [ 153.195540][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 153.199270][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 153.207210][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 153.210337][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 153.380039][ T5990] Bluetooth: hci1: command tx timeout [ 153.531308][T11492] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2516'. [ 153.545339][T11492] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2516'. [ 153.576601][T11357] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 153.853432][T11511] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2512'. [ 153.854365][T11357] veth0_vlan: entered promiscuous mode [ 153.871545][T11357] veth1_vlan: entered promiscuous mode [ 153.903294][T11357] veth0_macvtap: entered promiscuous mode [ 153.911198][T11357] veth1_macvtap: entered promiscuous mode [ 153.934386][T11357] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 153.945357][T11357] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 153.955793][ T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.960339][ T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.966943][ T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.973484][ T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.038460][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 154.045809][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 154.086323][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 154.104970][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 154.131320][T11534] veth1_macvtap: left promiscuous mode [ 154.536199][T11560] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2530'. [ 154.805055][T11567] input: syz0 as /devices/virtual/input/input12 [ 155.469781][ T5990] Bluetooth: hci1: command tx timeout [ 156.793526][T11634] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2560'. [ 157.220457][ T10] kernel write not supported for file /media0 (pid: 10 comm: kworker/0:1) [ 157.479680][T11675] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2582'. [ 157.549636][ T5990] Bluetooth: hci1: command tx timeout [ 158.479627][ T56] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 158.630226][ T56] usb 9-1: Using ep0 maxpacket: 16 [ 158.644569][ T56] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 158.648591][ T56] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 158.653995][ T56] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 158.660583][ T56] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 158.664331][ T56] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 158.667810][ T56] usb 9-1: SerialNumber: syz [ 158.674023][ T56] cdc_ether 9-1:1.0: probe with driver cdc_ether failed with error -22 [ 158.892763][ T56] usb 9-1: USB disconnect, device number 2 [ 159.229196][T11755] sctp: [Deprecated]: syz.3.2616 (pid 11755) Use of struct sctp_assoc_value in delayed_ack socket option. [ 159.229196][T11755] Use struct sctp_sack_info instead [ 159.464227][T11767] binder: 11765:11767 ioctl c0306201 80000040 returned -14 [ 160.456459][T11843] binder: 11842:11843 ioctl c018620c 80000000 returned -1 [ 160.824392][T11868] input: syz0 as /devices/virtual/input/input13 [ 161.227429][T11883] can0: slcan on ttyS3. [ 161.332467][T11883] can0 (unregistered): slcan off ttyS3. [ 161.636923][T11901] kvm: kvm [11900]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x40000006) [ 162.389975][T11930] mac80211_hwsim hwsim11 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 162.669123][T11946] netlink: 'syz.4.2701': attribute type 4 has an invalid length. [ 162.789402][T11959] raw_sendmsg: syz.4.2708 forgot to set AF_INET. Fix it! [ 162.804542][T11961] netlink: 'syz.1.2709': attribute type 83 has an invalid length. [ 162.905009][T11971] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2714'. [ 163.082074][T11990] sctp: [Deprecated]: syz.1.2723 (pid 11990) Use of int in maxseg socket option. [ 163.082074][T11990] Use struct sctp_assoc_value instead [ 163.218380][T12004] ref_ctr_offset mismatch. inode: 0xc1e offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x4 [ 163.713933][T12048] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2751'. [ 163.836735][T12061] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2758'. [ 163.906581][T12067] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2760'. [ 163.910554][T12067] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2760'. [ 164.022968][T12062] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 164.026017][T12062] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 164.029323][T12062] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 164.035832][T12062] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 164.039505][T12062] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 164.043799][T12062] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 164.540827][T12123] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2782'. [ 164.660348][T12141] vivid-002: disconnect [ 164.664166][T12139] vivid-002: reconnect [ 164.851782][T12160] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2798'. [ 164.872589][T12160] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2798'. [ 164.876246][T12160] netlink: 'syz.3.2798': attribute type 13 has an invalid length. [ 164.981088][T12173] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 164.984399][T12173] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 165.061945][ T1145] wlan1: Trigger new scan to find an IBSS to join [ 165.084005][ T41] kauditd_printk_skb: 98 callbacks suppressed [ 165.084023][ T41] audit: type=1326 audit(1758064177.241:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12186 comm="syz.3.2811" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb2598 code=0x7ffc0000 [ 165.098724][ T41] audit: type=1326 audit(1758064177.241:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12186 comm="syz.3.2811" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb2598 code=0x7ffc0000 [ 165.111966][ T41] audit: type=1326 audit(1758064177.241:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12186 comm="syz.3.2811" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 165.122637][ T41] audit: type=1326 audit(1758064177.241:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12186 comm="syz.3.2811" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 165.133345][ T41] audit: type=1326 audit(1758064177.251:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12186 comm="syz.3.2811" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb2598 code=0x7ffc0000 [ 165.145828][ T41] audit: type=1326 audit(1758064177.251:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12186 comm="syz.3.2811" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb2598 code=0x7ffc0000 [ 165.156093][ T41] audit: type=1326 audit(1758064177.251:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12186 comm="syz.3.2811" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 165.166177][ T41] audit: type=1326 audit(1758064177.251:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12186 comm="syz.3.2811" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 165.176891][ T41] audit: type=1326 audit(1758064177.251:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12186 comm="syz.3.2811" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb2598 code=0x7ffc0000 [ 165.185710][ T41] audit: type=1326 audit(1758064177.251:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12186 comm="syz.3.2811" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 166.017285][T12256] loop7: detected capacity change from 0 to 8 [ 166.020994][ T5990] Bluetooth: hci0: command 0x0c1a tx timeout [ 166.110084][ T5990] Bluetooth: hci1: command 0x0c1a tx timeout [ 166.110129][ T5995] Bluetooth: hci2: command 0x0c1a tx timeout [ 166.110151][ T5996] Bluetooth: hci3: command 0x0c1a tx timeout [ 166.256079][T12256] Dev loop7: unable to read RDB block 8 [ 166.258688][T12256] loop7: unable to read partition table [ 166.261336][T12256] loop7: partition table beyond EOD, truncated [ 166.264254][T12256] loop_reread_partitions: partition scan of loop7 (Cjmmý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 166.526987][T12257] Dev loop7: unable to read RDB block 8 [ 166.529726][T12257] loop7: unable to read partition table [ 166.532581][T12257] loop7: partition table beyond EOD, truncated [ 166.687398][T12274] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2845'. [ 167.369736][ T34] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 167.520685][ T34] usb 6-1: Using ep0 maxpacket: 32 [ 167.525771][ T34] usb 6-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 167.530252][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.535921][ T34] usb 6-1: config 0 descriptor?? [ 167.546858][ T34] as10x_usb: device has been detected [ 167.550953][ T34] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 167.566591][ T34] usb 6-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 167.571401][ T838] usb 7-1: new full-speed USB device number 4 using dummy_hcd [ 167.593450][ T34] as10x_usb: error during firmware upload part1 [ 167.596773][ T34] Registered device nBox DVB-T Dongle [ 167.731819][ T838] usb 7-1: config 0 has no interfaces? [ 167.736341][ T838] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 167.742716][ T838] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.747755][ T838] usb 7-1: config 0 descriptor?? [ 167.750567][ T858] usb 6-1: USB disconnect, device number 6 [ 167.768916][ T858] Unregistered device nBox DVB-T Dongle [ 167.770645][ T858] as10x_usb: device has been disconnected [ 167.957758][ T838] usb 7-1: USB disconnect, device number 4 [ 168.119831][T12299] block device autoloading is deprecated and will be removed. [ 168.179908][ T5995] Bluetooth: hci1: command 0x0c1a tx timeout [ 168.565714][T12325] netlink: 6 bytes leftover after parsing attributes in process `syz.2.2869'. [ 168.633262][T12336] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.2874'. [ 168.811063][T12349] netlink: 'syz.2.2880': attribute type 5 has an invalid length. [ 168.816421][T12349] netlink: 'syz.2.2880': attribute type 5 has an invalid length. [ 168.919297][T12363] loop9: detected capacity change from 0 to 7 [ 168.925912][T12363] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 168.928492][T12363] loop9: partition table partially beyond EOD, truncated [ 168.931896][T12363] loop9: p1 size 2437361653 extends beyond EOD, truncated [ 169.249132][T12410] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2909'. [ 169.253224][T12410] netlink: 'syz.1.2909': attribute type 21 has an invalid length. [ 169.703753][T12457] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2931'. [ 169.963123][T12484] cifs: Unknown parameter 'mode' [ 170.033768][ T1141] wlan1: Trigger new scan to find an IBSS to join [ 170.260499][ T5990] Bluetooth: hci1: command 0x0c1a tx timeout [ 171.082074][ T12] wlan1: Creating new IBSS network, BSSID fe:8a:de:1b:db:3e [ 171.577652][T12580] input: syz1 as /devices/virtual/input/input14 [ 171.611272][T12582] input: syz1 as /devices/virtual/input/input15 [ 172.339697][ T5995] Bluetooth: hci1: command 0x0c1a tx timeout [ 172.609064][ T6073] IPVS: starting estimator thread 0... [ 172.709562][T12628] IPVS: using max 25 ests per chain, 60000 per kthread [ 172.814782][T12648] binder: BINDER_SET_CONTEXT_MGR already set [ 172.819363][T12648] binder: 12647:12648 ioctl 4018620d 80000040 returned -16 [ 173.379658][ C3] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured! [ 174.052033][ T41] kauditd_printk_skb: 47 callbacks suppressed [ 174.052051][ T41] audit: type=1326 audit(1758064186.205:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12709 comm="syz.3.3042" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 174.066055][ T41] audit: type=1326 audit(1758064186.205:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12709 comm="syz.3.3042" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 174.076743][ T41] audit: type=1326 audit(1758064186.215:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12709 comm="syz.3.3042" exe="/syz-executor" sig=0 arch=40000003 syscall=293 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 174.087301][ T41] audit: type=1326 audit(1758064186.215:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12709 comm="syz.3.3042" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 174.098244][ T41] audit: type=1326 audit(1758064186.215:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12709 comm="syz.3.3042" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 175.079694][ T2294] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 175.103622][T12754] netlink: 168 bytes leftover after parsing attributes in process `syz.4.3061'. [ 175.229812][ T2294] usb 6-1: Using ep0 maxpacket: 8 [ 175.241367][ T2294] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 175.245697][ T2294] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 175.250151][ T2294] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 175.254409][ T2294] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 175.261246][ T2294] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 175.265094][ T2294] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.426017][ T53] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 175.477268][T12771] netlink: 133 bytes leftover after parsing attributes in process `syz.4.3068'. [ 175.486668][ T2294] usb 6-1: GET_CAPABILITIES returned 0 [ 175.490149][ T2294] usbtmc 6-1:16.0: can't read capabilities [ 175.516733][T12773] sp0: Synchronizing with TNC [ 175.599689][ T53] usb 7-1: Using ep0 maxpacket: 8 [ 175.604151][ T53] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 175.608998][ T53] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 175.614023][ T53] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 175.618312][ T53] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 175.624598][ T53] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 175.628809][ T53] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 175.687757][ T29] usb 6-1: USB disconnect, device number 7 [ 175.695495][T12783] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3075'. [ 175.848748][ T53] usb 7-1: GET_CAPABILITIES returned 0 [ 175.851939][ T53] usbtmc 7-1:16.0: can't read capabilities [ 176.051467][ T29] usb 7-1: USB disconnect, device number 5 [ 178.382285][ T34] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 178.386489][T12908] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3132'. [ 178.391552][T12908] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3132'. [ 178.443116][T12912] sp0: Synchronizing with TNC [ 178.539666][ T34] usb 6-1: Using ep0 maxpacket: 8 [ 178.543535][ T34] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 178.548371][ T34] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 178.555010][ T34] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 178.560657][ T34] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 178.565897][ T34] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 178.570179][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.572732][T12915] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3135'. [ 178.578512][ T34] hub 6-1:1.0: bad descriptor, ignoring hub [ 178.582659][ T34] hub 6-1:1.0: probe with driver hub failed with error -5 [ 178.586171][ T34] cdc_wdm 6-1:1.0: skipping garbage [ 178.589283][ T34] cdc_wdm 6-1:1.0: skipping garbage [ 178.593250][ T34] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 178.595995][ T34] cdc_wdm 6-1:1.0: Unknown control protocol [ 178.708286][T12921] netlink: 27 bytes leftover after parsing attributes in process `syz.2.3138'. [ 178.757623][T12927] macvtap0: entered promiscuous mode [ 178.763214][T12927] macvtap0: left promiscuous mode [ 178.847635][T12931] netlink: 7 bytes leftover after parsing attributes in process `syz.4.3143'. [ 178.889917][ T34] usb 6-1: USB disconnect, device number 8 [ 179.256929][ T34] kernel read not supported for file /dsp (pid: 34 comm: kworker/3:0) [ 180.967016][T13001] trusted_key: encrypted_key: keyword 'upw' not recognized [ 180.987344][T13003] netlink: 340 bytes leftover after parsing attributes in process `syz.4.3177'. [ 181.739077][ T6073] kernel read not supported for file /dsp (pid: 6073 comm: kworker/0:4) [ 181.783790][T13033] can0: slcan on ttyS3. [ 181.794464][T13035] macvtap0: entered promiscuous mode [ 181.798312][T13035] macvtap0: left promiscuous mode [ 181.882836][T13033] can0 (unregistered): slcan off ttyS3. [ 182.163881][ T41] audit: type=1326 audit(1758064194.315:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13057 comm="syz.4.3202" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x0 [ 182.457935][T13080] syz_tun: entered promiscuous mode [ 182.582101][T13091] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 182.633802][T13095] serio: Serial port ptm0 [ 184.230447][ T2294] usb 6-1: new low-speed USB device number 9 using dummy_hcd [ 184.336722][T13133] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 184.392309][ T2294] usb 6-1: config index 0 descriptor too short (expected 1307, got 27) [ 184.396686][ T2294] usb 6-1: config 0 has an invalid interface number: 0 but max is -1 [ 184.407388][ T2294] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 184.412849][ T2294] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 184.418658][ T2294] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 184.423794][ T2294] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 184.428482][ T2294] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 184.437276][ T2294] usb 6-1: string descriptor 0 read error: -22 [ 184.440059][ T2294] usb 6-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 184.445646][ T2294] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 184.453627][ T2294] usb 6-1: config 0 descriptor?? [ 184.457551][ T2294] hub 6-1:0.0: bad descriptor, ignoring hub [ 184.460226][ T2294] hub 6-1:0.0: probe with driver hub failed with error -5 [ 184.466732][ T2294] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input17 [ 184.527282][T13193] mkiss: ax0: crc mode is auto. [ 184.667152][ T53] usb 6-1: USB disconnect, device number 9 [ 184.869272][ T2294] kernel read not supported for file /dsp (pid: 2294 comm: kworker/0:2) [ 185.106546][T13225] Failed to get privilege flags for destination (handle=0x2:0x0) [ 185.876284][ T6073] hid-generic 0003:0004:0008.0005: unknown main item tag 0x0 [ 185.882731][ T6073] hid-generic 0003:0004:0008.0005: unknown main item tag 0x0 [ 185.885987][ T6073] hid-generic 0003:0004:0008.0005: unknown main item tag 0x0 [ 185.889344][ T6073] hid-generic 0003:0004:0008.0005: unknown main item tag 0x0 [ 185.897767][ T6073] hid-generic 0003:0004:0008.0005: unknown main item tag 0x0 [ 185.900829][ T6073] hid-generic 0003:0004:0008.0005: unknown main item tag 0x0 [ 185.914716][ T6073] hid-generic 0003:0004:0008.0005: unknown main item tag 0x0 [ 185.917829][ T6073] hid-generic 0003:0004:0008.0005: unknown main item tag 0x0 [ 185.921103][ T6073] hid-generic 0003:0004:0008.0005: unknown main item tag 0x0 [ 185.925194][ T6073] hid-generic 0003:0004:0008.0005: unknown main item tag 0x0 [ 185.938672][ T6073] hid-generic 0003:0004:0008.0005: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 186.076868][T13307] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3315'. [ 186.209243][T13320] openvswitch: netlink: IPv4 tunnel dst address is zero [ 186.262627][T13324] batadv_slave_1: entered promiscuous mode [ 186.265421][T13324] batadv_slave_1: left promiscuous mode [ 186.600932][T13350] 9pnet: p9_errstr2errno: server reported unknown error  [ 186.669590][T13358] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3340'. [ 186.673669][T13358] netlink: 'syz.4.3340': attribute type 30 has an invalid length. [ 186.677158][T13358] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3340'. [ 186.790669][T13362] netlink: 'syz.3.3344': attribute type 1 has an invalid length. [ 186.797325][T13362] netlink: 'syz.3.3344': attribute type 1 has an invalid length. [ 186.801690][T13362] netlink: 'syz.3.3344': attribute type 1 has an invalid length. [ 186.805194][T13362] nbd: error processing sock list [ 186.808771][T13362] block nbd1: shutting down sockets [ 186.907175][T13368] netlink: 292 bytes leftover after parsing attributes in process `syz.2.3346'. [ 187.000013][T13374] netlink: 'syz.3.3349': attribute type 5 has an invalid length. [ 187.355163][T13389] Attempt to restore checkpoint with obsolete wellknown handles [ 187.708533][T13396] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 187.722329][ T1141] Bluetooth: hci4: Frame reassembly failed (-84) [ 187.835287][ T5990] Bluetooth: hci3: unexpected event for opcode 0x0c47 [ 187.844048][ T56] hid-generic 0003:0004:0008.0006: hidraw0: USB HID v0.00 Device [syz0] on syz1 [ 188.441825][T13452] input: syz0 as /devices/virtual/input/input18 [ 188.697826][T13476] dummy0: entered allmulticast mode [ 188.742560][T13483] netlink: 'syz.4.3398': attribute type 21 has an invalid length. [ 188.820130][T13490] input: syz1 as /devices/virtual/input/input19 [ 188.983865][T13494] block nbd2: server does not support multiple connections per device. [ 188.987824][T13494] block nbd2: shutting down sockets [ 188.994307][T13499] netlink: 'syz.3.3406': attribute type 1 has an invalid length. [ 188.998317][T13499] netlink: 'syz.3.3406': attribute type 4 has an invalid length. [ 189.003053][T13499] netlink: 188 bytes leftover after parsing attributes in process `syz.3.3406'. [ 189.006672][T13499] NCSI netlink: No device for ifindex 0 [ 189.185902][T13516] vlan2: entered allmulticast mode [ 189.189037][T13516] veth0_to_bond: entered allmulticast mode [ 189.593014][T13545] netlink: 'syz.4.3425': attribute type 1 has an invalid length. [ 189.765491][T13560] ALSA: mixer_oss: invalid index 40000 [ 189.780833][ T5990] Bluetooth: hci4: command 0x1003 tx timeout [ 189.785715][ T5995] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 190.139698][ T858] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 190.293410][ T858] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 190.299160][ T858] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 190.303623][ T858] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 190.307338][ T858] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 190.314448][T13570] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 190.323204][ T858] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 190.527544][ T56] usb 7-1: USB disconnect, device number 6 [ 190.739794][ T2294] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 190.891300][ T2294] usb 6-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 190.895088][ T2294] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 190.902404][ T2294] usb 6-1: config 0 descriptor?? [ 190.907846][ T2294] gspca_main: spca508-2.14.0 probing 8086:0110 [ 191.116249][ T2294] gspca_spca508: reg_read err -71 [ 191.119160][ T2294] gspca_spca508: reg_read err -71 [ 191.122853][ T2294] gspca_spca508: reg_read err -71 [ 191.125390][ T2294] gspca_spca508: reg_read err -71 [ 191.127884][ T2294] gspca_spca508: reg_read err -71 [ 191.130552][ T2294] gspca_spca508: reg write: error -71 [ 191.133080][ T2294] spca508 6-1:0.0: probe with driver spca508 failed with error -71 [ 191.138924][ T2294] usb 6-1: USB disconnect, device number 10 [ 191.902227][T13656] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3480'. [ 191.907801][T13656] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3480'. [ 192.001826][T13666] dlm: no local IP address has been set [ 192.005984][T13666] dlm: cannot start dlm midcomms -107 [ 192.021501][ T5995] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 192.059862][T13670] binder: 13669:13670 ioctl c0306201 80000540 returned -14 [ 192.406071][T13707] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3504'. [ 192.413281][T13707] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3504'. [ 192.513554][ T41] audit: type=1326 audit(1758064204.665:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.4.3508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 192.523214][ T41] audit: type=1326 audit(1758064204.665:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.4.3508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 192.532844][ T41] audit: type=1326 audit(1758064204.665:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.4.3508" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 192.542341][ T41] audit: type=1326 audit(1758064204.665:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.4.3508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 192.559616][ T41] audit: type=1326 audit(1758064204.665:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.4.3508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 192.561109][T13721] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 192.568363][ T41] audit: type=1326 audit(1758064204.665:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.4.3508" exe="/syz-executor" sig=0 arch=40000003 syscall=226 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 192.581656][ T41] audit: type=1326 audit(1758064204.665:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.4.3508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 192.592213][ T41] audit: type=1326 audit(1758064204.665:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.4.3508" exe="/syz-executor" sig=0 arch=40000003 syscall=229 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 192.601248][ T41] audit: type=1326 audit(1758064204.665:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13714 comm="syz.4.3508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 193.731723][ T41] audit: type=1326 audit(1758064205.885:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13791 comm="syz.1.3542" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa1598 code=0x7ffc0000 [ 196.103550][T13911] block nbd4: NBD_DISCONNECT [ 196.105993][T13911] block nbd4: Send disconnect failed -107 [ 196.109081][T13910] block nbd4: Disconnected due to user request. [ 196.112085][T13910] block nbd4: shutting down sockets [ 196.382771][T13935] bad cache= option: none [ 196.382771][T13935] internal : no [ 196.382771][T13935] type : aead [ 196.382771][T13935] async : yes [ 196.382771][T13935] blocksize : 1 [ 196.382771][T13935] ivsize : 32 [ 196.382771][T13935] maxauthsize : 32 [ 196.382771][T13935] geniv : [ 196.382771][T13935] [ 196.382771][T13935] name : authencesn(streebog256 [ 196.382771][T13935] [ 196.398739][T13935] CIFS: VFS: bad cache= option: none [ 196.398739][T13935] internal : no [ 196.398739][T13935] type : aead [ 196.398739][T13935] async : yes [ 196.398739][T13935] blocksize : 1 [ 196.398739][T13935] ivsize : 32 [ 196.398739][T13935] maxauthsize : 32 [ 196.398739][T13935] geniv : [ 196.398739][T13935] [ 196.398739][T13935] name : authencesn(streebog256 [ 196.544210][T13933] syz.4.3607 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 197.029171][T13975] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 197.070972][T13982] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.3629'. [ 198.380406][ T56] e1000 0000:00:06.0 eth0: Reset adapter [ 198.408340][T14041] o2cb: This node has not been configured. [ 198.412840][T14041] o2cb: Cluster check failed. Fix errors before retrying. [ 198.416614][T14041] (syz.4.3655,14041,1):user_dlm_register:674 ERROR: status = -22 [ 198.422800][T14041] (syz.4.3655,14041,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0" [ 198.657093][T14060] netlink: 'syz.2.3661': attribute type 4 has an invalid length. [ 199.630216][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.580821][ T56] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 209.219668][ T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 211.907404][ T41] kauditd_printk_skb: 75 callbacks suppressed [ 211.907419][ T41] audit: type=1326 audit(1758064224.055:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14082 comm="syz.1.3663" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa1598 code=0x7ffc0000 [ 211.928120][ T41] audit: type=1326 audit(1758064224.055:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14082 comm="syz.1.3663" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa1598 code=0x7ffc0000 [ 211.938491][ T41] audit: type=1326 audit(1758064224.055:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14082 comm="syz.1.3663" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa1598 code=0x7ffc0000 [ 211.947819][ T41] audit: type=1326 audit(1758064224.055:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14082 comm="syz.1.3663" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa1598 code=0x7ffc0000 [ 211.958244][ T41] audit: type=1326 audit(1758064224.055:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14082 comm="syz.1.3663" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa1598 code=0x7ffc0000 [ 211.967366][ T41] audit: type=1326 audit(1758064224.055:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14082 comm="syz.1.3663" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa1598 code=0x7ffc0000 [ 211.979698][ T41] audit: type=1326 audit(1758064224.055:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14082 comm="syz.1.3663" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa1598 code=0x7ffc0000 [ 211.993925][ T41] audit: type=1326 audit(1758064224.055:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14082 comm="syz.1.3663" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa1598 code=0x7ffc0000 [ 212.002809][ T41] audit: type=1326 audit(1758064224.055:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14082 comm="syz.1.3663" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa1598 code=0x7ffc0000 [ 212.017975][ T41] audit: type=1326 audit(1758064224.055:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14082 comm="syz.1.3663" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa1598 code=0x7ffc0000 [ 212.422979][ T1145] Bluetooth: hci4: Frame reassembly failed (-84) [ 212.428266][T14124] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 213.006864][T14156] binder: 14155:14156 ioctl 400c620e 80000040 returned -22 [ 213.196431][T14168] mkiss: ax0: crc mode is auto. [ 213.265190][T14172] netlink: 'syz.4.3703': attribute type 1 has an invalid length. [ 213.269727][T14172] netlink: 224 bytes leftover after parsing attributes in process `syz.4.3703'. [ 213.755789][T14201] netem: incorrect gi model size [ 213.759105][T14201] netem: change failed [ 214.429576][ T5995] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 215.270119][ T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 215.321805][T14301] netlink: 84 bytes leftover after parsing attributes in process `syz.2.3758'. [ 215.324972][T14301] netlink: 'syz.2.3758': attribute type 2 has an invalid length. [ 225.814341][ T41] kauditd_printk_skb: 334 callbacks suppressed [ 225.814358][ T41] audit: type=1800 audit(1758064237.965:719): pid=14371 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3777" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 226.467503][T14395] vxcan0: tx address claim with dlc 0 [ 226.533500][T14401] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3791'. [ 226.589260][T14405] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3792'. [ 226.645209][T14408] @: renamed from vlan0 (while UP) [ 227.493086][T14460] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3815'. [ 228.577510][T14492] ptrace attach of ""[14493] was attempted by "/syz-executor exec"[14492] [ 228.884877][ T41] audit: type=1326 audit(1758064241.035:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14510 comm="syz.4.3839" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 228.897172][ T41] audit: type=1326 audit(1758064241.035:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14510 comm="syz.4.3839" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f26598 code=0x7ffc0000 [ 228.913927][ T41] audit: type=1326 audit(1758064241.035:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14510 comm="syz.4.3839" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 228.923949][ T41] audit: type=1326 audit(1758064241.045:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14510 comm="syz.4.3839" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f26598 code=0x7ffc0000 [ 228.933063][ T41] audit: type=1326 audit(1758064241.045:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14510 comm="syz.4.3839" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f26598 code=0x7ffc0000 [ 228.943004][ T41] audit: type=1326 audit(1758064241.045:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14510 comm="syz.4.3839" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f26598 code=0x7ffc0000 [ 228.954343][ T41] audit: type=1326 audit(1758064241.045:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14510 comm="syz.4.3839" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f26598 code=0x7ffc0000 [ 228.965252][ T41] audit: type=1326 audit(1758064241.045:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14510 comm="syz.4.3839" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f26598 code=0x7ffc0000 [ 228.975724][ T41] audit: type=1326 audit(1758064241.045:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14510 comm="syz.4.3839" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f26598 code=0x7ffc0000 [ 229.268664][T14547] netlink: 128 bytes leftover after parsing attributes in process `syz.3.3856'. [ 229.757854][ T2294] hid_parser_main: 26 callbacks suppressed [ 229.757875][ T2294] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 229.765244][T14574] UHID_CREATE from different security context by process 2045 (syz.1.3868), this is not allowed. [ 229.770330][ T2294] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 229.773560][ T2294] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 229.776877][ T2294] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 229.783130][ T2294] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 229.786583][ T2294] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 229.790192][ T2294] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 229.793712][ T2294] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 229.797398][ T2294] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 229.801663][ T2294] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 229.815405][ T2294] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.03 Device [syz1] on syz1 [ 231.564756][T14700] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3925'. [ 232.419710][ T5990] Bluetooth: hci1: command 0x0c1a tx timeout [ 232.545879][T14776] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3959'. [ 232.550608][T14776] netlink: 'syz.4.3959': attribute type 5 has an invalid length. [ 232.718560][T14789] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3965'. [ 232.728796][T14789] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3965'. [ 233.837875][T14852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3994'. [ 234.930331][T14916] kvm: user requested TSC rate below hardware speed [ 235.316751][T14950] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4040'. [ 235.403398][ T41] kauditd_printk_skb: 86 callbacks suppressed [ 235.403413][ T41] audit: type=1326 audit(2000000000.979:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.3.4043" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 235.416216][ T41] audit: type=1326 audit(2000000000.979:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.3.4043" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 235.426664][ T41] audit: type=1326 audit(2000000000.979:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.3.4043" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 235.436863][ T41] audit: type=1326 audit(2000000000.979:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.3.4043" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb2598 code=0x7ffc0000 [ 235.448805][ T41] audit: type=1326 audit(2000000000.979:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.3.4043" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb2598 code=0x7ffc0000 [ 235.458580][ T41] audit: type=1326 audit(2000000000.979:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.3.4043" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 235.472840][ T41] audit: type=1326 audit(2000000000.979:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.3.4043" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 235.486917][ T41] audit: type=1326 audit(2000000000.979:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.3.4043" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 235.501351][ T41] audit: type=1326 audit(2000000000.979:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.3.4043" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb2598 code=0x7ffc0000 [ 235.529708][ T41] audit: type=1326 audit(2000000000.979:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14955 comm="syz.3.4043" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb2598 code=0x7ffc0000 [ 235.613802][T14970] sg_write: data in/out 489/14 bytes for SCSI command 0xb-- guessing data in; [ 235.613802][T14970] program syz.4.4049 not setting count and/or reply_len properly [ 235.708356][T14980] netlink: 'syz.1.4054': attribute type 1 has an invalid length. [ 235.712527][T14980] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4054'. [ 235.811343][T14993] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 235.931087][T15003] hugetlbfs: syz.4.4065 (15003): Using mlock ulimits for SHM_HUGETLB is obsolete [ 236.014400][T15007] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4066'. [ 236.197171][T15031] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4078'. [ 236.660524][T15066] kvm: kvm [15065]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x10001 [ 236.925889][T15084] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4099'. [ 236.990675][T15089] vxcan0: tx address claim with dest, not broadcast [ 237.901918][T15148] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4130'. [ 237.942627][T15148] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4130'. [ 238.076878][ T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.178182][ T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.264430][ T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.384378][ T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.415086][ T5996] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 238.420925][ T5996] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 238.426668][ T5996] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 238.434900][ T5996] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 238.439239][ T5996] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 238.632672][T15167] chnl_net:caif_netlink_parms(): no params data found [ 238.778721][T15167] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.782342][T15167] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.786822][T15167] bridge_slave_0: entered allmulticast mode [ 238.792154][T15167] bridge_slave_0: entered promiscuous mode [ 238.798806][T15167] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.801973][T15167] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.805473][T15167] bridge_slave_1: entered allmulticast mode [ 238.808980][T15167] bridge_slave_1: entered promiscuous mode [ 238.888226][T15167] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 238.896439][T15167] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 238.967648][T15167] team0: Port device team_slave_0 added [ 238.973752][T15190] tipc: Resetting bearer [ 239.043305][T15190] tipc: Disabling bearer [ 239.085482][T15167] team0: Port device team_slave_1 added [ 239.197923][T15167] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 239.200181][T15198] loop0: Can't mount, would change RO state [ 239.200707][T15167] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 239.213802][T15167] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 239.219125][T15167] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 239.222547][T15167] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 239.234831][T15167] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 239.259824][T15202] netlink: 'syz.1.4152': attribute type 1 has an invalid length. [ 239.266513][T15202] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 239.308774][T15167] hsr_slave_0: entered promiscuous mode [ 239.314382][T15167] hsr_slave_1: entered promiscuous mode [ 239.318664][T15167] debugfs: 'hsr0' already exists in 'hsr' [ 239.323816][T15167] Cannot create hsr debugfs directory [ 239.572436][T15167] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 239.588170][T15167] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 239.610837][T15167] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 239.660708][T15167] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 239.860051][ T5995] Bluetooth: hci4: command 0xfc11 tx timeout [ 239.871549][ T5990] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 240.035886][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 240.046036][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 240.053134][ T13] bond0 (unregistering): Released all slaves [ 240.187843][T15167] 8021q: adding VLAN 0 to HW filter on device bond0 [ 240.244420][T15167] 8021q: adding VLAN 0 to HW filter on device team0 [ 240.253206][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state [ 240.256560][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 240.271787][ T73] bridge0: port 2(bridge_slave_1) entered blocking state [ 240.275458][ T73] bridge0: port 2(bridge_slave_1) entered forwarding state [ 240.351504][T15251] dvmrp1: tun_chr_ioctl cmd 1074025676 [ 240.353937][T15251] dvmrp1: owner set to 0 [ 240.410906][ T13] hsr_slave_0: left promiscuous mode [ 240.417373][ T13] hsr_slave_1: left promiscuous mode [ 240.420943][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 240.424103][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 240.429204][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 240.432745][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 240.473759][ T13] veth1_macvtap: left promiscuous mode [ 240.476128][ T13] veth0_macvtap: left promiscuous mode [ 240.483131][ T13] veth1_vlan: left promiscuous mode [ 240.486237][ T13] veth0_vlan: left promiscuous mode [ 240.499891][ T5990] Bluetooth: hci0: command tx timeout [ 240.701087][T15268] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4179'. [ 240.800391][T15274] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4182'. [ 241.229738][ T1142] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 241.514831][ T13] team0 (unregistering): Port device team_slave_1 removed [ 241.616009][ T13] team0 (unregistering): Port device team_slave_0 removed [ 242.304784][T15279] macvlan2: entered promiscuous mode [ 242.306594][T15279] macvlan2: entered allmulticast mode [ 242.308988][T15279] gretap0: entered allmulticast mode [ 242.337284][T15283] netlink: 'syz.3.4186': attribute type 25 has an invalid length. [ 242.343394][T15283] netlink: 'syz.3.4186': attribute type 7 has an invalid length. [ 242.490519][T15167] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 242.589584][ T5990] Bluetooth: hci0: command tx timeout [ 242.746946][T15167] veth0_vlan: entered promiscuous mode [ 242.751665][ T13] IPVS: stop unused estimator thread 0... [ 242.772632][T15167] veth1_vlan: entered promiscuous mode [ 242.808641][T15167] veth0_macvtap: entered promiscuous mode [ 242.815090][T15167] veth1_macvtap: entered promiscuous mode [ 242.837878][T15167] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 242.855846][T15167] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 242.872411][ T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.883070][ T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.887058][ T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.899325][ T13] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 242.940416][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 242.943742][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.968677][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 242.969163][T15339] (syz.1.4207,15339,3):dlmfs_mkdir:421 ERROR: invalid domain name for directory. [ 242.972458][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 243.151178][T15362] mkiss: ax0: crc mode is auto. [ 243.185033][ T41] kauditd_printk_skb: 888 callbacks suppressed [ 243.185048][ T41] audit: type=1326 audit(2000000008.769:1713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15364 comm="syz.3.4218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 243.197937][ T41] audit: type=1326 audit(2000000008.769:1714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15364 comm="syz.3.4218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 243.210646][ T41] audit: type=1326 audit(2000000008.769:1715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15364 comm="syz.3.4218" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 243.221855][ T41] audit: type=1326 audit(2000000008.789:1716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15364 comm="syz.3.4218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 243.231335][ T41] audit: type=1326 audit(2000000008.789:1717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15364 comm="syz.3.4218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 243.241408][ T41] audit: type=1326 audit(2000000008.799:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15367 comm="syz.3.4218" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 243.252130][ T41] audit: type=1326 audit(2000000008.839:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15364 comm="syz.3.4218" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 243.267315][ T41] audit: type=1326 audit(2000000008.849:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15364 comm="syz.3.4218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 243.277198][ T41] audit: type=1326 audit(2000000008.849:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15370 comm="syz.3.4218" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 243.287103][ T41] audit: type=1326 audit(2000000008.859:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15364 comm="syz.3.4218" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7ffc0000 [ 243.309278][T15372] dlm: non-version read from control device 34 [ 243.378296][T15380] loop0: Can't mount, would change RO state [ 243.432318][T15386] netlink: 256 bytes leftover after parsing attributes in process `syz.5.4225'. [ 243.752378][T15421] macvlan2: entered promiscuous mode [ 243.754905][T15421] macvlan2: entered allmulticast mode [ 243.758574][T15421] gretap0: entered allmulticast mode [ 244.101134][T15451] mkiss: ax0: crc mode is auto. [ 244.603660][T15481] input: syz1 as /devices/virtual/input/input21 [ 244.663620][ T5990] Bluetooth: hci0: command tx timeout [ 244.674079][T15487] netlink: 'syz.5.4274': attribute type 25 has an invalid length. [ 244.779802][T15489] block nbd2: server does not support multiple connections per device. [ 244.783278][T15489] block nbd2: shutting down sockets [ 244.839887][T15497] block nbd2: shutting down sockets [ 246.102597][ T13] wlan1: Trigger new scan to find an IBSS to join [ 246.339187][T15587] syzkaller1: tun_chr_ioctl cmd 1074025672 [ 246.343629][T15587] syzkaller1: ignored: set checksum disabled [ 246.739890][ T5990] Bluetooth: hci0: command tx timeout [ 247.314554][T15651] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.560069][T15661] sctp: [Deprecated]: syz.3.4359 (pid 15661) Use of int in max_burst socket option deprecated. [ 247.560069][T15661] Use struct sctp_assoc_value instead [ 247.662777][T15669] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4355'. [ 247.732236][T12288] kernel write not supported for file /input/event2 (pid: 12288 comm: kworker/3:4) [ 247.747180][T15678] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4360'. [ 247.759636][T15678] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4360'. [ 248.165978][T15704] 8021q: adding VLAN 0 to HW filter on device bond2 [ 248.172416][T15704] bond0: (slave bond2): Enslaving as an active interface with an up link [ 249.152857][T15763] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4397'. [ 249.506792][T15790] syz.5.4410 uses obsolete (PF_INET,SOCK_PACKET) [ 249.570274][ T6074] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 250.713770][T15828] input: syz1 as /devices/virtual/input/input22 [ 250.716197][ T41] kauditd_printk_skb: 5 callbacks suppressed [ 250.716212][ T41] audit: type=1800 audit(2000000016.299:1728): pid=15829 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4430" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 250.776279][T15837] misc userio: Begin command sent, but we're already running [ 250.840171][T15841] netlink: 'syz.1.4434': attribute type 7 has an invalid length. [ 251.056420][T15856] tipc: Started in network mode [ 251.058582][T15856] tipc: Node identity ac14140f, cluster identity 4711 [ 251.065169][T15856] tipc: New replicast peer: 255.255.255.255 [ 251.069306][T15856] tipc: Enabled bearer , priority 10 [ 251.099529][T15858] bond0: entered promiscuous mode [ 251.102028][T15858] bond_slave_0: entered promiscuous mode [ 251.104665][T15858] bond_slave_1: entered promiscuous mode [ 251.107436][T15858] bond2: entered promiscuous mode [ 251.115170][T15858] bond0: left promiscuous mode [ 251.117994][T15858] bond_slave_0: left promiscuous mode [ 251.121075][T15858] bond_slave_1: left promiscuous mode [ 251.124073][T15858] bond2: left promiscuous mode [ 251.140089][ T1141] wlan1: Trigger new scan to find an IBSS to join [ 251.220923][ T41] audit: type=1326 audit(2000000016.809:1729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15871 comm="syz.4.4448" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 251.231794][ T41] audit: type=1326 audit(2000000016.809:1730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15871 comm="syz.4.4448" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 251.243720][ T41] audit: type=1326 audit(2000000016.809:1731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15871 comm="syz.4.4448" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 251.252947][ T41] audit: type=1326 audit(2000000016.809:1732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15871 comm="syz.4.4448" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x0 [ 251.571565][T15894] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4457'. [ 251.575539][T15894] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4457'. [ 252.059828][ T56] tipc: Node number set to 2886997007 [ 252.093466][ T41] audit: type=1326 audit(2000000017.679:1733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15916 comm="syz.4.4467" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x0 [ 252.172498][ T13] wlan1: Creating new IBSS network, BSSID 00:8d:8d:ff:00:00 [ 253.228783][T15965] random: crng reseeded on system resumption [ 253.274943][T15967] bridge2: entered allmulticast mode [ 253.362125][T15970] netlink: 'syz.5.4490': attribute type 8 has an invalid length. [ 253.758444][T15993] mkiss: ax0: crc mode is auto. [ 253.953096][ T41] audit: type=1326 audit(2000000019.539:1734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16002 comm="syz.4.4506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 253.961486][ T41] audit: type=1326 audit(2000000019.539:1735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16002 comm="syz.4.4506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 253.973765][ T41] audit: type=1326 audit(2000000019.539:1736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16002 comm="syz.4.4506" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 253.995718][ T41] audit: type=1326 audit(2000000019.539:1737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16002 comm="syz.4.4506" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 254.050872][T16009] misc userio: Begin command sent, but we're already running [ 254.371809][T16032] vlan2: entered allmulticast mode [ 254.373730][T16032] veth0_to_bond: entered allmulticast mode [ 254.620316][T16045] Falling back ldisc for ttyS3. [ 255.131311][ T6074] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 256.162461][T16112] netlink: 'syz.3.4555': attribute type 8 has an invalid length. [ 256.310317][ T56] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 257.911030][ T56] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 259.101208][T16189] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4594'. [ 259.106449][T16190] loop7: detected capacity change from 0 to 7 [ 259.114015][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 259.118357][ C3] buffer_io_error: 40 callbacks suppressed [ 259.118373][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 259.124689][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 259.131015][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 259.141244][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 259.145397][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 259.149120][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 259.154502][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 259.165081][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 259.169156][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 259.173376][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 259.177196][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 259.181841][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 259.186980][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 259.195339][T16190] ldm_validate_partition_table(): Disk read failed. [ 259.198697][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 259.204505][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 259.210414][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 259.215534][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 259.225361][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 259.229266][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 259.235235][T16190] Dev loop7: unable to read RDB block 0 [ 259.243653][T16190] loop7: unable to read partition table [ 259.251091][T16190] loop7: partition table beyond EOD, truncated [ 259.254092][T16190] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 260.403084][T16239] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4617'. [ 260.492617][T16246] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4620'. [ 260.596408][T16256] sp0: Synchronizing with TNC [ 260.607935][T16254] [U] [ 260.770106][ T56] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 261.067611][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.160982][T16280] kernel read not supported for file /eth0 (pid: 16280 comm: syz.5.4634) [ 261.166236][ T41] kauditd_printk_skb: 108 callbacks suppressed [ 261.166253][ T41] audit: type=1800 audit(2000000026.749:1846): pid=16280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4634" name="eth0" dev="mqueue" ino=61700 res=0 errno=0 [ 261.872173][T16283] netlink: 'syz.1.4636': attribute type 11 has an invalid length. [ 262.303856][ T41] audit: type=1326 audit(2000000027.889:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16325 comm="syz.4.4657" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f26579 code=0x0 [ 262.428293][T16337] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 16337 comm: syz.1.4661) [ 262.448961][ T41] audit: type=1800 audit(2000000028.039:1848): pid=16337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4661" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=61231 res=0 errno=0 [ 262.660603][ T5995] Bluetooth: hci0: command 0x0405 tx timeout [ 263.179006][T16372] input: syz1 as /devices/virtual/input/input25 [ 264.242105][T16441] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4706'. [ 264.353062][T16452] erspan0: entered promiscuous mode [ 264.959598][ T10] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 265.111687][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 265.117793][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 265.123050][ T10] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 265.128392][ T10] usb 6-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00 [ 265.132969][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 265.140936][ T10] usb 6-1: config 0 descriptor?? [ 265.527163][T16528] sctp: [Deprecated]: syz.5.4747 (pid 16528) Use of struct sctp_assoc_value in delayed_ack socket option. [ 265.527163][T16528] Use struct sctp_sack_info instead [ 265.572939][ T10] hid_parser_main: 73 callbacks suppressed [ 265.572958][ T10] hid-udraw 0003:20D6:CB17.0008: unknown main item tag 0x0 [ 265.584020][ T10] input: THQ uDraw Game Tablet for PS3 Joypad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:20D6:CB17.0008/input/input26 [ 265.638514][ T41] audit: type=1326 audit(2000000031.219:1849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16539 comm="syz.4.4749" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 265.652037][ T41] audit: type=1326 audit(2000000031.219:1850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16539 comm="syz.4.4749" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 265.671298][ T10] input: THQ uDraw Game Tablet for PS3 Touchpad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:20D6:CB17.0008/input/input27 [ 265.671587][ T41] audit: type=1326 audit(2000000031.219:1851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16539 comm="syz.4.4749" exe="/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 265.685016][ T10] input: THQ uDraw Game Tablet for PS3 Pen as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:20D6:CB17.0008/input/input28 [ 265.693222][ T41] audit: type=1326 audit(2000000031.219:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16539 comm="syz.4.4749" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 265.704403][ T10] input: THQ uDraw Game Tablet for PS3 Accelerometer as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/0003:20D6:CB17.0008/input/input29 [ 265.714997][ T41] audit: type=1326 audit(2000000031.219:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16539 comm="syz.4.4749" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 265.726035][ T41] audit: type=1326 audit(2000000031.219:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16539 comm="syz.4.4749" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 265.739364][ T41] audit: type=1326 audit(2000000031.219:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16539 comm="syz.4.4749" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 265.751542][ T10] hid-udraw 0003:20D6:CB17.0008: hidraw0: USB HID v0.00 Device [HID 20d6:cb17] on usb-dummy_hcd.1-1/input0 [ 265.767222][T16548] netlink: 830 bytes leftover after parsing attributes in process `syz.4.4756'. [ 265.772839][T16548] bond_slave_0: entered promiscuous mode [ 265.775366][T16548] bond_slave_1: entered promiscuous mode [ 265.829119][ T29] usb 6-1: USB disconnect, device number 11 [ 265.858600][T16558] openvswitch: netlink: Multiple metadata blocks provided [ 266.110418][T16570] nbd2: detected capacity change from 0 to 8589934655 [ 266.116266][ T5990] block nbd2: Receive control failed (result -32) [ 266.790838][T16595] erspan0: entered promiscuous mode [ 267.814055][T16660] Bluetooth: MGMT ver 1.23 [ 268.015469][ T41] kauditd_printk_skb: 2 callbacks suppressed [ 268.015487][ T41] audit: type=1326 audit(2000000033.589:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16673 comm="syz.5.4815" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 268.030213][ T41] audit: type=1326 audit(2000000033.589:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16673 comm="syz.5.4815" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 268.052757][ C0] vkms_vblank_simulate: vblank timer overrun [ 268.071867][ T41] audit: type=1326 audit(2000000033.589:1860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16673 comm="syz.5.4815" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 268.082756][ T41] audit: type=1326 audit(2000000033.589:1861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16673 comm="syz.5.4815" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51598 code=0x7ffc0000 [ 268.091152][ T41] audit: type=1326 audit(2000000033.589:1862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16673 comm="syz.5.4815" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 268.101317][ T41] audit: type=1326 audit(2000000033.589:1863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16673 comm="syz.5.4815" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51598 code=0x7ffc0000 [ 268.101343][ T41] audit: type=1326 audit(2000000033.589:1864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16673 comm="syz.5.4815" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 268.101363][ T41] audit: type=1326 audit(2000000033.599:1865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16673 comm="syz.5.4815" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51598 code=0x7ffc0000 [ 268.101383][ T41] audit: type=1326 audit(2000000033.599:1866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16673 comm="syz.5.4815" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51598 code=0x7ffc0000 [ 268.101403][ T41] audit: type=1326 audit(2000000033.599:1867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16673 comm="syz.5.4815" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51598 code=0x7ffc0000 [ 268.245558][T16689] input: syz0 as /devices/virtual/input/input30 [ 268.246099][T16691] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4823'. [ 268.273899][T16691] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4823'. [ 268.321876][T16699] vivid-003: disconnect [ 268.325513][T16697] vivid-003: reconnect [ 268.658645][T16724] erspan0: entered promiscuous mode [ 269.936405][T16805] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4876'. [ 270.022969][T16815] input: syz0 as /devices/virtual/input/input31 [ 270.358949][T16840] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4893'. [ 270.896032][T16888] blkio.reset_stats is deprecated [ 271.001054][T16897] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4918'. [ 271.016816][T16896] block device autoloading is deprecated and will be removed. [ 271.066368][ C0] vkms_vblank_simulate: vblank timer overrun [ 271.202260][ C0] vkms_vblank_simulate: vblank timer overrun [ 271.424273][T16914] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4927'. [ 271.887817][T16941] random: crng reseeded on system resumption [ 271.895970][T16941] Restarting kernel threads ... [ 271.903980][T16941] Done restarting kernel threads. [ 271.985626][T16951] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4944'. [ 272.256307][T16968] netlink: 236 bytes leftover after parsing attributes in process `syz.4.4951'. [ 272.573097][T16987] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4960'. [ 272.577138][T16987] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4960'. [ 272.663460][T16993] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4964'. [ 272.691089][T16993] bridge0: port 3(vlan4) entered blocking state [ 272.693961][T16993] bridge0: port 3(vlan4) entered disabled state [ 272.697041][T16993] vlan4: entered allmulticast mode [ 272.701095][T16993] bridge0: entered allmulticast mode [ 272.709244][T16993] vlan4: left allmulticast mode [ 272.711536][T16993] bridge0: left allmulticast mode [ 273.193164][T17026] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4978'. [ 273.196696][T17026] netem: unknown loss type 12 [ 273.198882][T17026] netem: change failed [ 273.391556][T17040] genirq: Flags mismatch irq 4. 00200000 (pcmmio) vs. 00200080 (ttyS0) [ 273.780047][T17080] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 274.079507][T17107] bridge1: entered promiscuous mode [ 274.525547][ T29] hid-generic 000F:0004:0000.0009: unknown main item tag 0x0 [ 274.528511][ T29] hid-generic 000F:0004:0000.0009: unknown main item tag 0x0 [ 274.536931][ T29] hid-generic 000F:0004:0000.0009: unknown main item tag 0x0 [ 274.553262][ T29] hid-generic 000F:0004:0000.0009: unknown main item tag 0x0 [ 274.557250][ T29] hid-generic 000F:0004:0000.0009: unknown main item tag 0x0 [ 274.579145][ T29] hid-generic 000F:0004:0000.0009: unknown main item tag 0x0 [ 274.582823][ T29] hid-generic 000F:0004:0000.0009: unknown main item tag 0x0 [ 274.586376][ T29] hid-generic 000F:0004:0000.0009: unknown main item tag 0x0 [ 274.593853][ T29] hid-generic 000F:0004:0000.0009: unknown main item tag 0x0 [ 274.599036][ T29] hid-generic 000F:0004:0000.0009: unknown main item tag 0x0 [ 274.619668][ T29] hid-generic 000F:0004:0000.0009: hidraw0: HID v0.02 Device [syz0] on syz1 [ 274.832711][T17163] netlink: 'syz.4.5038': attribute type 9 has an invalid length. [ 274.902930][ T5991] kernel read not supported for file /audio1 (pid: 5991 comm: kworker/1:3) [ 275.096941][T17175] overlayfs: failed to clone lowerpath [ 275.185886][T17184] bridge2: entered promiscuous mode [ 275.784260][T17200] __nla_validate_parse: 3 callbacks suppressed [ 275.784279][T17200] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5055'. [ 276.058115][T17216] bridge2: entered promiscuous mode [ 276.377249][T17225] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 276.380992][T17225] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 276.383714][T17225] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 276.386174][T17225] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 276.390365][T17225] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 276.396648][T17225] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 276.934294][T17272] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5083'. [ 276.954221][T17274] GUP no longer grows the stack in syz.1.5084 (17274): 80004000-80005000 (80001000) [ 276.958585][T17274] CPU: 2 UID: 0 PID: 17274 Comm: syz.1.5084 Not tainted syzkaller #0 PREEMPT(full) [ 276.958628][T17274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 276.958640][T17274] Call Trace: [ 276.958647][T17274] [ 276.958655][T17274] dump_stack_lvl+0x16c/0x1f0 [ 276.958801][T17274] gup_vma_lookup+0x1d2/0x220 [ 276.958860][T17274] __get_user_pages+0x243/0x34a0 [ 276.958897][T17274] ? register_lock_class+0x41/0x4c0 [ 276.958921][T17274] ? __pfx___get_user_pages+0x10/0x10 [ 276.958948][T17274] ? do_fast_syscall_32+0x32/0x80 [ 276.958974][T17274] __gup_longterm_locked+0xa92/0x17e0 [ 276.959003][T17274] ? __lock_acquire+0xb97/0x1ce0 [ 276.959031][T17274] ? __pfx___gup_longterm_locked+0x10/0x10 [ 276.959070][T17274] pin_user_pages_remote+0xed/0x140 [ 276.959099][T17274] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 276.959125][T17274] ? mm_access+0x22d/0x2e0 [ 276.959160][T17274] process_vm_rw_core.constprop.0+0x41b/0x970 [ 276.959189][T17274] ? rcu_is_watching+0x12/0xc0 [ 276.959213][T17274] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 276.959238][T17274] ? iovec_from_user+0xbb/0x140 [ 276.959270][T17274] ? iovec_from_user+0xbb/0x140 [ 276.959294][T17274] process_vm_rw+0x216/0x2c0 [ 276.959320][T17274] ? __pfx_process_vm_rw+0x10/0x10 [ 276.959352][T17274] ? __pfx___mm_populate+0x10/0x10 [ 276.959400][T17274] ? xfd_validate_state+0x61/0x180 [ 276.959456][T17274] __ia32_sys_process_vm_writev+0xdf/0x1b0 [ 276.959483][T17274] ? lockdep_hardirqs_on+0x7c/0x110 [ 276.959544][T17274] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 276.959699][T17274] __do_fast_syscall_32+0x7c/0x300 [ 276.959731][T17274] do_fast_syscall_32+0x32/0x80 [ 276.959843][T17274] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 276.959897][T17274] RIP: 0023:0xf7fa1579 [ 276.959913][T17274] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 276.959932][T17274] RSP: 002b:00000000f54a655c EFLAGS: 00000296 ORIG_RAX: 000000000000015c [ 276.959952][T17274] RAX: ffffffffffffffda RBX: 0000000000000acc RCX: 0000000080c22000 [ 276.959965][T17274] RDX: 000000000000002b RSI: 0000000080c22fa0 RDI: 0000000000000001 [ 276.959978][T17274] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 276.959990][T17274] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 276.960003][T17274] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 276.960032][T17274] [ 277.178040][T17287] mkiss: ax0: crc mode is auto. [ 277.445684][ T41] kauditd_printk_skb: 165 callbacks suppressed [ 277.445705][ T41] audit: type=1326 audit(2000000043.029:2033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17304 comm="syz.3.5098" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x0 [ 277.513607][T17310] openvswitch: netlink: IP tunnel TTL not specified. [ 278.429730][ T5995] Bluetooth: hci1: command 0x0c1a tx timeout [ 278.432124][ T5983] Bluetooth: hci2: command 0x0c1a tx timeout [ 278.433060][ T5990] Bluetooth: hci0: command 0x0405 tx timeout [ 278.442610][ T5996] Bluetooth: hci3: command 0x0c1a tx timeout [ 278.517863][T17339] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5112'. [ 278.525065][T17339] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5112'. [ 278.531765][T17339] netlink: 'syz.1.5112': attribute type 14 has an invalid length. [ 278.535418][T17339] netlink: 'syz.1.5112': attribute type 12 has an invalid length. [ 278.818660][T17365] overlayfs: statfs failed on './file0' [ 279.005130][T17381] mkiss: ax0: crc mode is auto. [ 279.372138][T17408] Invalid ELF header magic: != ELF [ 279.544096][T17425] netlink: 'syz.3.5154': attribute type 3 has an invalid length. [ 279.547804][T17425] netlink: 186932 bytes leftover after parsing attributes in process `syz.3.5154'. [ 280.315333][T17458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5167'. [ 280.334218][T17462] bridge0: entered promiscuous mode [ 280.337227][T17462] macvlan0: entered promiscuous mode [ 280.500680][ T5990] Bluetooth: hci0: command 0x0405 tx timeout [ 280.876163][T17490] netlink: 'syz.5.5185': attribute type 1 has an invalid length. [ 280.880345][T17490] netlink: 188 bytes leftover after parsing attributes in process `syz.5.5185'. [ 281.277683][T17517] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5197'. [ 281.281266][T17517] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5197'. [ 282.326031][T17573] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5223'. [ 282.329699][T17573] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5223'. [ 282.579625][ T5990] Bluetooth: hci0: command 0x0405 tx timeout [ 282.952363][T17582] bridge0: entered promiscuous mode [ 282.955227][T17582] macvlan2: entered promiscuous mode [ 283.076068][T17590] random: crng reseeded on system resumption [ 283.414577][T17604] bridge0: entered promiscuous mode [ 283.417169][T17604] macvlan2: entered promiscuous mode [ 283.458802][T17607] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 283.465819][ T1141] Bluetooth: hci4: Frame reassembly failed (-84) [ 283.508158][ T1145] bond0: (slave bond_slave_0): interface is now down [ 283.513028][ T1145] bond0: (slave bond_slave_1): interface is now down [ 283.524747][ T1145] bond0: now running without any active interface! [ 283.571861][T17615] netlink: 'syz.5.5244': attribute type 4 has an invalid length. [ 283.628207][T17621] ALSA: mixer_oss: invalid OSS volume '' [ 283.831103][T17646] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5258'. [ 284.079537][ T41] audit: type=1326 audit(2000000050.658:2034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.5267" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa1598 code=0x7ffc0000 [ 284.086848][ T41] audit: type=1326 audit(2000000050.658:2035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.5267" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000 [ 284.099372][ T41] audit: type=1326 audit(2000000050.658:2036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.5267" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000 [ 284.101740][ T1141] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 284.108656][ T41] audit: type=1326 audit(2000000050.658:2037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.5267" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa1598 code=0x7ffc0000 [ 284.123696][ T41] audit: type=1326 audit(2000000050.658:2038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.5267" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000 [ 284.134911][ T41] audit: type=1326 audit(2000000050.658:2039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.5267" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000 [ 284.147181][ T41] audit: type=1326 audit(2000000050.658:2040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.5267" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa1598 code=0x7ffc0000 [ 284.158324][ T41] audit: type=1326 audit(2000000050.658:2041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.5267" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000 [ 284.168285][ T41] audit: type=1326 audit(2000000050.658:2042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.5267" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000 [ 284.177704][ T41] audit: type=1326 audit(2000000050.658:2043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.1.5267" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa1579 code=0x7ffc0000 [ 285.539619][ T5990] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 285.599701][ T24] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 285.779591][ T24] usb 6-1: Using ep0 maxpacket: 16 [ 285.793538][ T24] usb 6-1: unable to get BOS descriptor or descriptor too short [ 285.797803][ T24] usb 6-1: config 7 has an invalid interface number: 88 but max is 0 [ 285.801181][ T24] usb 6-1: config 7 has no interface number 0 [ 285.803705][ T24] usb 6-1: config 7 interface 88 has no altsetting 0 [ 285.810454][ T24] usb 6-1: New USB device found, idVendor=0482, idProduct=0100, bcdDevice= 1.00 [ 285.819505][ T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 285.824298][ T24] usb 6-1: Product: syz [ 285.830703][ T24] usb 6-1: Manufacturer: syz [ 285.832744][ T24] usb 6-1: SerialNumber: syz [ 286.048452][ T24] usb-storage 6-1:7.88: USB Mass Storage device detected [ 286.071966][ T24] usb-storage 6-1:7.88: Quirks match for vid 0482 pid 0100: 8 [ 286.075349][ T24] usb-storage 6-1:7.88: This device (0482,0100,0100 S 05 P fe) has an unneeded SubClass entry in unusual_devs.h (kernel syzkaller) [ 286.075349][ T24] Please send a copy of this message to and [ 286.202743][ T24] usb 6-1: USB disconnect, device number 12 [ 287.119150][T17818] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.5334'. [ 287.141639][T17819] netlink: 'syz.1.5335': attribute type 2 has an invalid length. [ 287.546187][ T10] hid_parser_main: 8 callbacks suppressed [ 287.546206][ T10] hid-generic 0001:0000:0000.000A: unknown main item tag 0x0 [ 287.552632][ T10] hid-generic 0001:0000:0000.000A: unknown main item tag 0x0 [ 287.556182][ T10] hid-generic 0001:0000:0000.000A: unknown main item tag 0x0 [ 287.563597][ T10] hid-generic 0001:0000:0000.000A: unknown main item tag 0x0 [ 287.566735][ T10] hid-generic 0001:0000:0000.000A: unknown main item tag 0x0 [ 287.570100][ T10] hid-generic 0001:0000:0000.000A: unknown main item tag 0x0 [ 287.575361][ T10] hid-generic 0001:0000:0000.000A: unknown main item tag 0x0 [ 287.578711][ T10] hid-generic 0001:0000:0000.000A: unknown main item tag 0x0 [ 287.581822][ T10] hid-generic 0001:0000:0000.000A: unknown main item tag 0x0 [ 287.584459][ T10] hid-generic 0001:0000:0000.000A: unknown main item tag 0x0 [ 287.588433][ T10] hid-generic 0001:0000:0000.000A: hidraw0: HID vffffff.ff Device [syz0] on syz0 [ 287.638525][T17850] netlink: 'syz.5.5347': attribute type 12 has an invalid length. [ 287.642280][T17850] netlink: 248 bytes leftover after parsing attributes in process `syz.5.5347'. [ 287.662817][T17852] usb usb9: usbfs: process 17852 (syz.1.5348) did not claim interface 30 before use [ 288.012892][T17872] ALSA: mixer_oss: invalid OSS volume 'PHOfiЧaEEAKER' [ 288.016026][T17872] ALSA: mixer_oss: invalid OSS volume '' [ 288.288453][T17888] af_packet: tpacket_rcv: packet too big, clamped from 64989 to 3952. macoff=96 [ 288.400240][T17900] misc userio: Can't change port type on an already running userio instance [ 288.551331][T17909] syz_tun: entered allmulticast mode [ 288.555215][T17908] syz_tun: left allmulticast mode [ 288.667976][T17915] sit0: entered promiscuous mode [ 288.678381][T17915] netlink: 'syz.5.5376': attribute type 1 has an invalid length. [ 288.682790][T17915] netlink: 1 bytes leftover after parsing attributes in process `syz.5.5376'. [ 289.310205][ T41] kauditd_printk_skb: 96 callbacks suppressed [ 289.310223][ T41] audit: type=1326 audit(2000000055.888:2140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17943 comm="syz.4.5387" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f26598 code=0x7ffc0000 [ 289.328745][ T41] audit: type=1326 audit(2000000055.888:2141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17943 comm="syz.4.5387" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 289.339880][ T41] audit: type=1326 audit(2000000055.898:2142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17943 comm="syz.4.5387" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f26598 code=0x7ffc0000 [ 289.349554][ T41] audit: type=1326 audit(2000000055.898:2143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17943 comm="syz.4.5387" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f26598 code=0x7ffc0000 [ 289.358853][ T41] audit: type=1326 audit(2000000055.898:2144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17943 comm="syz.4.5387" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 289.368764][ T41] audit: type=1326 audit(2000000055.898:2145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17943 comm="syz.4.5387" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f26598 code=0x7ffc0000 [ 289.382134][ T41] audit: type=1326 audit(2000000055.898:2146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17943 comm="syz.4.5387" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 289.395495][ T41] audit: type=1326 audit(2000000055.898:2147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17943 comm="syz.4.5387" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f26598 code=0x7ffc0000 [ 289.404791][ T41] audit: type=1326 audit(2000000055.898:2148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17943 comm="syz.4.5387" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f26598 code=0x7ffc0000 [ 289.414182][ T41] audit: type=1326 audit(2000000055.898:2149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17943 comm="syz.4.5387" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f26579 code=0x7ffc0000 [ 289.511331][T17952] netlink: 64 bytes leftover after parsing attributes in process `syz.4.5391'. [ 289.695577][T17957] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5393'. [ 289.702641][T17957] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 290.376949][T18004] netlink: 'syz.3.5414': attribute type 4 has an invalid length. [ 290.416732][T18007] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5416'. [ 290.497822][ T5996] Bluetooth: hci4: sending frame failed (-49) [ 290.503643][ T5990] Bluetooth: hci4: Entering manufacturer mode failed (-49) [ 290.556480][T18016] sp0: Synchronizing with TNC [ 291.452505][T18085] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5450'. [ 291.854446][T18116] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5465'. [ 292.484380][ T24] e1000 0000:00:06.0 eth0: Reset adapter [ 294.661448][ T2294] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 295.165271][ C0] vkms_vblank_simulate: vblank timer overrun [ 296.653223][ T41] kauditd_printk_skb: 45 callbacks suppressed [ 296.653241][ T41] audit: type=1326 audit(2000000063.238:2195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18181 comm="syz.3.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7fc00000 [ 296.668520][ T41] audit: type=1326 audit(2000000063.238:2196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18181 comm="syz.3.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb2579 code=0x7fc00000 [ 296.691053][ T41] audit: type=1326 audit(2000000063.238:2197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18181 comm="syz.3.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7fc00000 [ 296.703032][ T41] audit: type=1326 audit(2000000063.238:2198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18181 comm="syz.3.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7fc00000 [ 296.714259][ T41] audit: type=1326 audit(2000000063.238:2199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18181 comm="syz.3.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7fc00000 [ 296.725106][ T41] audit: type=1326 audit(2000000063.238:2200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18181 comm="syz.3.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7fc00000 [ 296.737250][ T41] audit: type=1326 audit(2000000063.238:2201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18181 comm="syz.3.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7fc00000 [ 296.763459][ T41] audit: type=1326 audit(2000000063.238:2202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18181 comm="syz.3.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7fc00000 [ 296.775298][ T41] audit: type=1326 audit(2000000063.238:2203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18181 comm="syz.3.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7fc00000 [ 296.791043][ T41] audit: type=1326 audit(2000000063.238:2204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18181 comm="syz.3.5496" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb2579 code=0x7fc00000 [ 296.797914][T18269] can0: slcan on ttyS3. [ 296.895630][T18269] can0 (unregistered): slcan off ttyS3. [ 297.000170][ T2294] kernel read not supported for file /dsp1 (pid: 2294 comm: kworker/0:2) [ 297.014342][T18279] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5532'. [ 297.225196][T18291] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 297.228784][T18291] IPv6: NLM_F_CREATE should be set when creating new route [ 297.434093][T18303] netlink: 'syz.3.5542': attribute type 2 has an invalid length. [ 298.064748][T18358] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 298.067285][T18358] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 298.072907][T18358] vhci_hcd vhci_hcd.0: Device attached [ 298.077990][T18361] vhci_hcd: connection closed [ 298.078311][ T13] vhci_hcd: stop threads [ 298.084650][ T13] vhci_hcd: release socket [ 298.086686][ T13] vhci_hcd: disconnect device [ 298.602033][T18391] netlink: 'syz.3.5583': attribute type 1 has an invalid length. [ 298.624279][T18391] netlink: 224 bytes leftover after parsing attributes in process `syz.3.5583'. [ 298.929608][T18416] input: syz0 as /devices/virtual/input/input33 [ 299.185047][T18436] gfs2: path_lookup on returned error -2 [ 299.504754][ T55] Bluetooth: hci4: Frame reassembly failed (-84) [ 299.508583][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 299.949870][ T5983] Bluetooth: hci0: command 0x0405 tx timeout [ 299.986366][T18496] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5630'. [ 300.084522][T18501] netlink: 'syz.3.5632': attribute type 1 has an invalid length. [ 300.087799][T18501] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5632'. [ 300.092049][T18501] netlink: 'syz.3.5632': attribute type 2 has an invalid length. [ 300.095570][T18501] netlink: 'syz.3.5632': attribute type 1 has an invalid length. [ 300.101329][T18501] netlink: 2 bytes leftover after parsing attributes in process `syz.3.5632'. [ 300.310843][T18517] oup_id=00: renamed from lo (while UP) [ 300.370370][T18521] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5641'. [ 301.452613][T18581] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5668'. [ 301.539795][ T5983] Bluetooth: hci4: command 0x1003 tx timeout [ 301.560981][ T5996] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 302.025890][ T5996] Bluetooth: hci0: command 0x0405 tx timeout [ 302.069643][ T29] kernel read not supported for file /dsp1 (pid: 29 comm: kworker/1:0) [ 302.189619][ T29] kernel read not supported for file /dsp1 (pid: 29 comm: kworker/1:0) [ 302.280819][T18600] netlink: 64 bytes leftover after parsing attributes in process `syz.5.5677'. [ 302.904753][ T41] kauditd_printk_skb: 90 callbacks suppressed [ 302.904771][ T41] audit: type=1326 audit(2000000069.488:2295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18645 comm="syz.5.5697" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51598 code=0x7ffc0000 [ 302.921259][ T41] audit: type=1326 audit(2000000069.488:2296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18645 comm="syz.5.5697" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51598 code=0x7ffc0000 [ 302.932781][ T41] audit: type=1326 audit(2000000069.488:2297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18645 comm="syz.5.5697" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51598 code=0x7ffc0000 [ 302.944021][ T41] audit: type=1326 audit(2000000069.488:2298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18645 comm="syz.5.5697" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51598 code=0x7ffc0000 [ 302.962328][ T41] audit: type=1326 audit(2000000069.488:2299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18645 comm="syz.5.5697" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51598 code=0x7ffc0000 [ 302.973739][ T41] audit: type=1326 audit(2000000069.498:2300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18645 comm="syz.5.5697" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51598 code=0x7ffc0000 [ 302.998328][ T41] audit: type=1326 audit(2000000069.498:2301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18645 comm="syz.5.5697" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51598 code=0x7ffc0000 [ 303.008783][ T41] audit: type=1326 audit(2000000069.498:2302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18645 comm="syz.5.5697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 303.033182][ T41] audit: type=1326 audit(2000000069.498:2303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18645 comm="syz.5.5697" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51598 code=0x7ffc0000 [ 303.044871][ T41] audit: type=1326 audit(2000000069.498:2304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18645 comm="syz.5.5697" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51598 code=0x7ffc0000 [ 303.283787][ T5996] Bluetooth: hci4: sending frame failed (-49) [ 303.286920][ T5990] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 304.305901][T18732] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5726'. [ 304.631759][T18757] binder: 18756:18757 ioctl 4018620d 0 returned -22 [ 305.249108][T18801] bridge0: port 2(bridge_slave_1) entered disabled state [ 305.450240][T18820] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5764'. [ 305.455779][T18820] netlink: 104 bytes leftover after parsing attributes in process `syz.3.5764'. [ 305.460598][T18820] netlink: 104 bytes leftover after parsing attributes in process `syz.3.5764'. [ 306.227319][T18867] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5783'. [ 306.237900][ T1145] bond0: (slave bond2): link status definitely down, disabling slave [ 306.517875][T18877] [U] [ 306.519717][T18877] [U] [ 306.521537][T18877] [U] [ 306.522974][T18877] [U] [ 306.524717][T18877] [U] [ 306.525951][T18877] [U] [ 306.527170][T18877] [U] [ 306.528369][T18877] [U] [ 306.535431][T18877] [U] [ 306.536736][T18877] [U] [ 306.538936][T18877] [U] [ 306.540564][T18877] [U] [ 306.542274][T18877] [U] [ 306.543813][T18877] [U] [ 306.545338][T18877] [U] [ 306.546682][T18877] [U] [ 306.548472][T18877] [U] [ 306.549978][T18877] [U] [ 306.551554][T18877] [U] [ 306.553330][T18877] [U] [ 306.555399][T18877] [U] [ 306.557237][T18877] [U] [ 306.558874][T18877] [U] [ 306.560340][T18877] [U] [ 306.562243][T18877] [U] [ 306.563693][T18877] [U] [ 306.565152][T18877] [U] [ 306.566595][T18877] [U] [ 306.568089][T18877] [U] [ 306.569675][T18877] [U] [ 306.571337][T18877] [U] [ 306.572958][T18877] [U] [ 306.574867][T18877] [U] [ 306.576491][T18877] [U] [ 306.577777][T18877] [U] [ 306.579007][T18877] [U] [ 306.579695][ T10] usb 6-1: new low-speed USB device number 13 using dummy_hcd [ 306.580794][T18877] [U] [ 306.589051][T18877] [U] [ 306.590721][T18877] [U] [ 306.592140][T18877] [U] [ 306.594082][T18877] [U] [ 306.595428][T18877] [U] [ 306.597009][T18877] [U] [ 306.598431][T18877] [U] [ 306.599885][T18877] [U] [ 306.601160][T18877] [U] [ 306.602469][T18877] [U] [ 306.603788][T18877] [U] [ 306.612624][T18877] [U] [ 306.614037][T18877] [U] [ 306.615425][T18877] [U] [ 306.616744][T18877] [U] [ 306.618239][T18877] [U] [ 306.619358][T18877] [U] [ 306.620546][T18877] [U] [ 306.621703][T18877] [U] [ 306.623467][T18877] [U] [ 306.624986][T18877] [U] [ 306.626464][T18877] [U] [ 306.628256][T18877] [U] [ 306.629866][T18877] [U] [ 306.631117][T18877] [U] [ 306.632321][T18877] [U] [ 306.633545][T18877] [U] [ 306.634700][T18877] [U] [ 306.635887][T18877] [U] [ 306.637106][T18877] [U] [ 306.638390][T18877] [U] [ 306.640051][T18877] [U] [ 306.641418][T18877] [U] [ 306.642727][T18877] [U] [ 306.643933][T18877] [U] [ 306.645418][T18877] [U] [ 306.646559][T18877] [U] [ 306.647615][T18877] [U] [ 306.648743][T18877] [U] [ 306.650385][T18877] [U] [ 306.651841][T18877] [U] [ 306.653169][T18877] [U] [ 306.654349][T18877] [U] [ 306.655577][T18877] [U] [ 306.656645][T18877] [U] [ 306.658039][T18877] [U] [ 306.659347][T18877] [U] [ 306.660624][T18877] [U] [ 306.662035][T18877] [U] [ 306.663305][T18877] [U] [ 306.664643][T18877] [U] [ 306.666176][T18877] [U] [ 306.667675][T18877] [U] [ 306.669299][T18877] [U] [ 306.670630][T18877] [U] [ 306.672126][T18877] [U] [ 306.673225][T18877] [U] [ 306.674306][T18877] [U] [ 306.675367][T18877] [U] [ 306.676578][T18877] [U] [ 306.677835][T18877] [U] [ 306.679131][T18877] [U] [ 306.680625][T18877] [U] [ 306.682020][T18877] [U] [ 306.683229][T18877] [U] [ 306.684294][T18877] [U] [ 306.685394][T18877] [U] [ 306.686478][T18877] [U] [ 306.687527][T18877] [U] [ 306.688564][T18877] [U] [ 306.689688][T18877] [U] [ 306.691085][T18877] [U] [ 306.692220][T18877] [U] [ 306.693386][T18877] [U] [ 306.694560][T18877] [U] [ 306.695917][T18877] [U] [ 306.697344][T18877] [U] [ 306.698838][T18877] [U] [ 306.700421][T18877] [U] [ 306.717687][T18877] [U] [ 306.719195][T18877] [U] [ 306.721445][T18877] [U] [ 306.722820][T18877] [U] [ 306.724390][T18877] [U] [ 306.725845][T18877] [U] [ 306.727065][T18877] [U] [ 306.728314][T18877] [U] [ 306.729827][T18877] [U] [ 306.731055][T18877] [U] [ 306.731963][ T10] usb 6-1: config 0 has no interfaces? [ 306.732482][T18877] [U] [ 306.736522][ T10] usb 6-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.00 [ 306.746582][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 306.755330][ T10] usb 6-1: config 0 descriptor?? [ 306.801012][T18876] [U] [ 306.935338][T18889] program syz.4.5792 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 306.977138][T18871] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5785'. [ 306.997658][ T29] usb 6-1: USB disconnect, device number 13 [ 307.068812][T18899] bond_slave_0: left promiscuous mode [ 307.071731][T18899] bond_slave_1: left promiscuous mode [ 307.073804][T18899] bond0: entered promiscuous mode [ 307.075621][T18899] bond_slave_0: entered promiscuous mode [ 307.077870][T18899] bond_slave_1: entered promiscuous mode [ 307.182775][T18905] netlink: 256 bytes leftover after parsing attributes in process `syz.4.5800'. [ 307.186637][T18905] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5800'. [ 307.626710][T18935] kernel read not supported for file /eth0 (pid: 18935 comm: syz.1.5815) [ 307.909585][ T41] kauditd_printk_skb: 399 callbacks suppressed [ 307.909603][ T41] audit: type=1326 audit(2000000074.488:2704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18951 comm="syz.5.5823" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 307.932300][ T41] audit: type=1326 audit(2000000074.498:2705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18951 comm="syz.5.5823" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f515a7 code=0x7ffc0000 [ 307.948042][ T41] audit: type=1326 audit(2000000074.498:2706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18951 comm="syz.5.5823" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 307.959401][ T41] audit: type=1326 audit(2000000074.498:2707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18951 comm="syz.5.5823" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f515a7 code=0x7ffc0000 [ 307.972551][ T41] audit: type=1326 audit(2000000074.498:2708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18951 comm="syz.5.5823" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 307.984760][ T41] audit: type=1326 audit(2000000074.498:2709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18951 comm="syz.5.5823" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f515a7 code=0x7ffc0000 [ 307.995170][ T41] audit: type=1326 audit(2000000074.498:2710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18951 comm="syz.5.5823" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 308.007443][ T41] audit: type=1326 audit(2000000074.498:2711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18951 comm="syz.5.5823" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f515a7 code=0x7ffc0000 [ 308.018431][ T41] audit: type=1326 audit(2000000074.498:2712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18951 comm="syz.5.5823" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 308.028449][ T41] audit: type=1326 audit(2000000074.498:2713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18951 comm="syz.5.5823" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f515a7 code=0x7ffc0000 [ 308.185159][ C3] vkms_vblank_simulate: vblank timer overrun [ 308.213950][T18968] 9pnet_virtio: no channels available for device syz [ 308.323391][T18974] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method [ 308.551669][ C3] vkms_vblank_simulate: vblank timer overrun [ 308.987259][T19008] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5846'. [ 309.124947][T19017] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 309.167460][T19023] netlink: 'syz.1.5853': attribute type 2 has an invalid length. [ 309.284641][T19037] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5860'. [ 309.507343][T19049] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5865'. [ 310.478756][T19129] genirq: Flags mismatch irq 31. 00200000 (pcmmio) vs. 00200000 (eth1-tx-0) [ 310.934768][T19151] 9pnet: p9_errstr2errno: server reported unknown error [ 311.078536][ T6074] kernel write not supported for file /amidi2 (pid: 6074 comm: kworker/2:4) [ 313.254879][T19249] Process accounting resumed [ 313.393900][ T34] kernel read not supported for file /dsp (pid: 34 comm: kworker/3:0) [ 313.539848][ T5990] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 313.654209][T19270] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 313.659666][T19270] block device autoloading is deprecated and will be removed. [ 314.019945][ T55] wlan0: Trigger new scan to find an IBSS to join [ 314.208338][T19325] veth1_to_batadv: entered promiscuous mode [ 314.211782][T19325] macsec2: entered promiscuous mode [ 314.723624][T19352] mkiss: ax0: crc mode is auto. [ 315.121334][T19360] syz.4.6010 (19360): drop_caches: 2 [ 315.128152][T19360] syz.4.6010 (19360): drop_caches: 2 [ 315.471491][ T1141] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 315.641863][T19387] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6022'. [ 317.453755][T19438] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6045'. [ 317.499962][T19440] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6046'. [ 317.527542][T19442] netlink: 'syz.5.6047': attribute type 1 has an invalid length. [ 317.531731][T19442] netlink: 17 bytes leftover after parsing attributes in process `syz.5.6047'. [ 317.728140][T19464] netlink: 'syz.5.6057': attribute type 8 has an invalid length. [ 317.860275][ T5990] Bluetooth: hci0: command 0x0405 tx timeout [ 317.863433][T19398] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 318.240198][ C1] vkms_vblank_simulate: vblank timer overrun [ 318.633071][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 318.680467][ T5990] Bluetooth: hci3: unexpected event for opcode 0x1003 [ 319.069865][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 319.079623][ T13] wlan0: Trigger new scan to find an IBSS to join [ 320.000796][T19595] binder: 19594:19595 ioctl c018620c 80000000 returned -1 [ 320.110546][ T73] wlan0: Creating new IBSS network, BSSID 0a:dd:d9:62:2e:3d [ 320.136557][ C0] ------------[ cut here ]------------ [ 320.147387][ C0] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0 [ 320.153496][ C0] WARNING: CPU: 0 PID: 0 at net/mac80211/rate.c:398 __rate_control_send_low+0x661/0x780 [ 320.157508][ C0] Modules linked in: [ 320.159563][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 320.166199][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 320.172383][ C0] RIP: 0010:__rate_control_send_low+0x661/0x780 [ 320.175081][ C0] Code: a4 a0 d4 00 00 00 e8 4e eb b3 f6 44 8b 44 24 24 45 89 e9 89 d9 48 8b 74 24 08 44 89 e2 48 c7 c7 c0 0a 09 8d e8 b0 e2 72 f6 90 <0f> 0b 90 90 e9 26 fd ff ff 48 8b 3c 24 e8 2d 52 19 f7 e9 fb fc ff [ 320.182912][ C0] RSP: 0018:ffffc90000007930 EFLAGS: 00010282 [ 320.185458][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a02f8 [ 320.188954][ C0] RDX: ffffffff8e2977c0 RSI: ffffffff817a0305 RDI: 0000000000000001 [ 320.193484][ C0] RBP: ffff88804a075a68 R08: 0000000000000001 R09: 0000000000000000 [ 320.197137][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 00000000ffffffff [ 320.200848][ C0] R13: 0000000000000000 R14: 000000000000000c R15: ffff88804a075a70 [ 320.205187][ C0] FS: 0000000000000000(0000) GS:ffff8880974ba000(0000) knlGS:0000000000000000 [ 320.210345][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 320.214363][ C0] CR2: 0000000000000000 CR3: 000000002a940000 CR4: 0000000000352ef0 [ 320.220177][ C0] Call Trace: [ 320.223105][ C0] [ 320.224973][ C0] rate_control_send_low+0x29a/0x820 [ 320.227891][ C0] ? trace_kmem_cache_alloc+0x28/0xc0 [ 320.231169][ C0] ? kmem_cache_alloc_node_noprof+0x225/0x3b0 [ 320.234938][ C0] rate_control_get_rate+0x1be/0x5e0 [ 320.238399][ C0] ieee80211_beacon_get_finish+0x467/0x670 [ 320.241902][ C0] ? __pfx_ieee80211_beacon_get_finish+0x10/0x10 [ 320.245095][ C0] __ieee80211_beacon_get+0xc56/0x1e40 [ 320.248150][ C0] ? __lock_acquire+0xb97/0x1ce0 [ 320.250893][ C0] ieee80211_beacon_get_tim+0xa6/0x280 [ 320.253949][ C0] ? __pfx_ieee80211_beacon_get_tim+0x10/0x10 [ 320.260103][ C0] mac80211_hwsim_beacon_tx+0x4d9/0xa40 [ 320.264845][ C0] __iterate_interfaces+0x2e5/0x650 [ 320.267937][ C0] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 320.271668][ C0] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 320.274996][ C0] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 320.279025][ C0] ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0 [ 320.284276][ C0] mac80211_hwsim_beacon+0x105/0x200 [ 320.287527][ C0] __hrtimer_run_queues+0x202/0xad0 [ 320.291435][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 320.294989][ C0] ? read_tsc+0x9/0x20 [ 320.297475][ C0] hrtimer_run_softirq+0x17d/0x350 [ 320.300497][ C0] handle_softirqs+0x216/0x8e0 [ 320.303045][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 320.306763][ C0] __irq_exit_rcu+0x109/0x170 [ 320.309510][ C0] irq_exit_rcu+0x9/0x30 [ 320.311580][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 320.314852][ C0] [ 320.316537][ C0] [ 320.318201][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 320.322084][ C0] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 320.325190][ C0] Code: 3d 64 02 e9 13 0a 03 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 53 75 18 00 fb f4 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 320.338818][ C0] RSP: 0018:ffffffff8e207e08 EFLAGS: 00000286 [ 320.342609][ C0] RAX: 00000000001d1691 RBX: 0000000000000000 RCX: ffffffff8b919b29 [ 320.347691][ C0] RDX: 0000000000000000 RSI: ffffffff8de4f4d1 RDI: ffffffff8c163700 [ 320.355181][ C0] RBP: fffffbfff1c52ef8 R08: 0000000000000001 R09: ffffed1005646655 [ 320.360385][ C0] R10: ffff88802b2332ab R11: 0000000000000000 R12: 0000000000000000 [ 320.363862][ C0] R13: ffffffff8e2977c0 R14: ffffffff90aba990 R15: 0000000000000000 [ 320.367189][ C0] ? ct_kernel_exit+0x139/0x190 [ 320.369516][ C0] default_idle+0x13/0x20 [ 320.371744][ C0] default_idle_call+0x6d/0xb0 [ 320.374845][ C0] do_idle+0x391/0x510 [ 320.376550][ C0] ? __pfx_do_idle+0x10/0x10 [ 320.378771][ C0] ? trace_sched_exit_tp+0x2f/0x120 [ 320.381172][ C0] cpu_startup_entry+0x4f/0x60 [ 320.384289][ C0] rest_init+0x16b/0x2b0 [ 320.387359][ C0] ? acpi_subsystem_init+0x133/0x180 [ 320.393055][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 320.395948][ C0] start_kernel+0x3ee/0x4d0 [ 320.398918][ C0] x86_64_start_reservations+0x18/0x30 [ 320.402715][ C0] x86_64_start_kernel+0x130/0x190 [ 320.405834][ C0] common_startup_64+0x13e/0x148 [ 320.407924][ C0] [ 320.409327][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 320.413318][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) [ 320.417610][ C0] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 320.424615][ C0] Call Trace: [ 320.426914][ C0] [ 320.429206][ C0] dump_stack_lvl+0x3d/0x1f0 [ 320.432946][ C0] vpanic+0x6e8/0x7a0 [ 320.435144][ C0] ? __pfx_vpanic+0x10/0x10 [ 320.437594][ C0] ? __rate_control_send_low+0x661/0x780 [ 320.440922][ C0] panic+0xca/0xd0 [ 320.443274][ C0] ? __pfx_panic+0x10/0x10 [ 320.445587][ C0] ? check_panic_on_warn+0x1f/0xb0 [ 320.447842][ C0] check_panic_on_warn+0xab/0xb0 [ 320.450152][ C0] __warn+0xf6/0x3c0 [ 320.452364][ C0] ? __pfx_vprintk_emit+0x10/0x10 [ 320.456034][ C0] ? __rate_control_send_low+0x661/0x780 [ 320.459743][ C0] report_bug+0x3c3/0x580 [ 320.462856][ C0] ? __rate_control_send_low+0x661/0x780 [ 320.469301][ C0] handle_bug+0x184/0x210 [ 320.472042][ C0] exc_invalid_op+0x17/0x50 [ 320.474070][ C0] asm_exc_invalid_op+0x1a/0x20 [ 320.476319][ C0] RIP: 0010:__rate_control_send_low+0x661/0x780 [ 320.479633][ C0] Code: a4 a0 d4 00 00 00 e8 4e eb b3 f6 44 8b 44 24 24 45 89 e9 89 d9 48 8b 74 24 08 44 89 e2 48 c7 c7 c0 0a 09 8d e8 b0 e2 72 f6 90 <0f> 0b 90 90 e9 26 fd ff ff 48 8b 3c 24 e8 2d 52 19 f7 e9 fb fc ff [ 320.490459][ C0] RSP: 0018:ffffc90000007930 EFLAGS: 00010282 [ 320.492961][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a02f8 [ 320.495865][ C0] RDX: ffffffff8e2977c0 RSI: ffffffff817a0305 RDI: 0000000000000001 [ 320.500512][ C0] RBP: ffff88804a075a68 R08: 0000000000000001 R09: 0000000000000000 [ 320.505041][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: 00000000ffffffff [ 320.510422][ C0] R13: 0000000000000000 R14: 000000000000000c R15: ffff88804a075a70 [ 320.513453][ C0] ? __warn_printk+0x198/0x350 [ 320.515563][ C0] ? __warn_printk+0x1a5/0x350 [ 320.517851][ C0] rate_control_send_low+0x29a/0x820 [ 320.520762][ C0] ? trace_kmem_cache_alloc+0x28/0xc0 [ 320.523084][ C0] ? kmem_cache_alloc_node_noprof+0x225/0x3b0 [ 320.526231][ C0] rate_control_get_rate+0x1be/0x5e0 [ 320.529656][ C0] ieee80211_beacon_get_finish+0x467/0x670 [ 320.533264][ C0] ? __pfx_ieee80211_beacon_get_finish+0x10/0x10 [ 320.535993][ C0] __ieee80211_beacon_get+0xc56/0x1e40 [ 320.538706][ C0] ? __lock_acquire+0xb97/0x1ce0 [ 320.541669][ C0] ieee80211_beacon_get_tim+0xa6/0x280 [ 320.545272][ C0] ? __pfx_ieee80211_beacon_get_tim+0x10/0x10 [ 320.550330][ C0] mac80211_hwsim_beacon_tx+0x4d9/0xa40 [ 320.553925][ C0] __iterate_interfaces+0x2e5/0x650 [ 320.557188][ C0] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 320.561884][ C0] ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10 [ 320.564571][ C0] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 320.568144][ C0] ieee80211_iterate_active_interfaces_atomic+0x71/0x1b0 [ 320.572865][ C0] mac80211_hwsim_beacon+0x105/0x200 [ 320.575829][ C0] __hrtimer_run_queues+0x202/0xad0 [ 320.578525][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 320.581850][ C0] ? read_tsc+0x9/0x20 [ 320.583706][ C0] hrtimer_run_softirq+0x17d/0x350 [ 320.586773][ C0] handle_softirqs+0x216/0x8e0 [ 320.589489][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 320.592453][ C0] __irq_exit_rcu+0x109/0x170 [ 320.595058][ C0] irq_exit_rcu+0x9/0x30 [ 320.596983][ C0] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 320.599742][ C0] [ 320.601603][ C0] [ 320.603382][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 320.606407][ C0] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 320.609173][ C0] Code: 3d 64 02 e9 13 0a 03 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 53 75 18 00 fb f4 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 320.617446][ C0] RSP: 0018:ffffffff8e207e08 EFLAGS: 00000286 [ 320.620629][ C0] RAX: 00000000001d1691 RBX: 0000000000000000 RCX: ffffffff8b919b29 [ 320.624430][ C0] RDX: 0000000000000000 RSI: ffffffff8de4f4d1 RDI: ffffffff8c163700 [ 320.628125][ C0] RBP: fffffbfff1c52ef8 R08: 0000000000000001 R09: ffffed1005646655 [ 320.631704][ C0] R10: ffff88802b2332ab R11: 0000000000000000 R12: 0000000000000000 [ 320.636002][ C0] R13: ffffffff8e2977c0 R14: ffffffff90aba990 R15: 0000000000000000 [ 320.639171][ C0] ? ct_kernel_exit+0x139/0x190 [ 320.641213][ C0] default_idle+0x13/0x20 [ 320.643012][ C0] default_idle_call+0x6d/0xb0 [ 320.644992][ C0] do_idle+0x391/0x510 [ 320.646714][ C0] ? __pfx_do_idle+0x10/0x10 [ 320.648763][ C0] ? trace_sched_exit_tp+0x2f/0x120 [ 320.653441][ C0] cpu_startup_entry+0x4f/0x60 [ 320.655690][ C0] rest_init+0x16b/0x2b0 [ 320.657304][ C0] ? acpi_subsystem_init+0x133/0x180 [ 320.659262][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 320.661688][ C0] start_kernel+0x3ee/0x4d0 [ 320.663556][ C0] x86_64_start_reservations+0x18/0x30 [ 320.666051][ C0] x86_64_start_kernel+0x130/0x190 [ 320.668457][ C0] common_startup_64+0x13e/0x148 [ 320.670641][ C0] [ 320.673236][ C0] Kernel Offset: disabled [ 320.675041][ C0] Rebooting in 86400 seconds.. VM DIAGNOSIS: 23:12:12 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8561dc95 RDI=ffffffff9b102740 RBP=ffffffff9b102700 RSP=ffffc900000072a0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000030 R14=ffffffff9b102700 R15=ffffffff8561dc30 RIP=ffffffff8561dcbf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880974ba000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000000000 CR3=000000002a940000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff849ced39ffffff ff849cea9affffff ff849cea81ffffff ff849cea3dffffff ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff849cf6daffffff ff849cf5eaffffff ff849cef3affffff ff849cef19ffffff ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff849d11ddffffff ff849d11adffffff ff849d1150ffffff ff849cf723ffffff ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff84a19aacffffff ff84a19831ffffff ff84a197ffffffff ff84a19521ffffff ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff84a18f88ffffff ff84a18f2fffffff ff84a16187ffffff ff84a160e3ffffff ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff84a15a5dffffff ff84a05fe3ffffff ff84a05f3affffff ff849d12e4ffffff ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff849d12d0ffffff ff849d12a7ffffff ff849d1211ffffff ff849d11f5ffffff ZMM24=b03445a4b03445a4 b03445a4b03445a4 b03445a4b03445a4 b03445a4b03445a4 b03445a4b03445a4 b03445a4b03445a4 b03445a4b03445a4 b03445a4b03445a4 ZMM25=38f13a5538f13a55 38f13a5538f13a55 38f13a5538f13a55 38f13a5538f13a55 38f13a5538f13a55 38f13a5538f13a55 38f13a5538f13a55 38f13a5538f13a55 ZMM26=103e56ef103e56ef 103e56ef103e56ef 103e56ef103e56ef 103e56ef103e56ef 103e56ef103e56ef 103e56ef103e56ef 103e56ef103e56ef 103e56ef103e56ef ZMM27=1a2b74da1a2b74da 1a2b74da1a2b74da 1a2b74da1a2b74da 1a2b74da1a2b74da 1a2b74da1a2b74da 1a2b74da1a2b74da 1a2b74da1a2b74da 1a2b74da1a2b74da ZMM28=000000f0000000ef 000000ee000000ed 000000ec000000eb 000000ea000000e9 000000e8000000e7 000000e6000000e5 000000e4000000e3 000000e2000000e1 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=282a0000282a0000 282a0000282a0000 282a0000282a0000 282a0000282a0000 282a0000282a0000 282a0000282a0000 282a0000282a0000 282a0000282a0000 info registers vcpu 1 CPU#1 RAX=0000000000130667 RBX=0000000000000001 RCX=ffffffff8b919b29 RDX=0000000000000000 RSI=ffffffff8de4f4d1 RDI=ffffffff8c163700 RBP=ffffed1003bd8488 RSP=ffffc9000046fdf8 R8 =0000000000000001 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000000 R12=0000000000000001 R13=ffff88801dec2440 R14=ffffffff90aba990 R15=0000000000000000 RIP=ffffffff8b91866f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880975ba000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7466288 CR3=000000006883b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88802352ac0c RCX=0000000000000001 RDX=0000000000000000 RSI=00000000ffffffff RDI=ffff888049b201e0 RBP=ffff888049b201e0 RSP=ffffc900034cfc78 R8 =0000000000000005 R9 =0000000000000300 R10=0000000000000300 R11=0000000000000000 R12=ffff8880271ec880 R13=00000000ffffffff R14=0000000000000300 R15=00007f271e5c0fff RIP=ffffffff8b918f25 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f271ed6c300 ffffffff 00c00000 GS =0000 ffff8880976ba000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00005592f3123000 CR3=000000002a940000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000003000000012 0004000000080024 0000000000280034 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000017ee 0000001800000000 0000000000000000 0000000000000017 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e01ffffffffffff ffffef0802800308 0000006400000000 0000000100000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 697376656474656e 0002001480010018 0000001400000000 00000000000101d2 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 08088c0301000002 0000000001060800 020103e603908a08 0001000000080604 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0112ca0004000408 0005800201c70800 0800498400346964 656d6f632f766564 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f01ffffffffffff ffffe50805800301 0800028002040173 e80031313230386c ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 04001090030210b8 808400108e030010 b0808400108e0304 01e080808400108c ZMM25=7b97e0b07b97e0b0 7b97e0b07b97e0b0 7b97e0b07b97e0b0 7b97e0b07b97e0b0 7b97e0b07b97e0b0 7b97e0b07b97e0b0 7b97e0b07b97e0b0 7b97e0b07b97e0b0 ZMM26=abe0b7f3abe0b7f3 abe0b7f3abe0b7f3 abe0b7f3abe0b7f3 abe0b7f3abe0b7f3 abe0b7f3abe0b7f3 abe0b7f3abe0b7f3 abe0b7f3abe0b7f3 abe0b7f3abe0b7f3 ZMM27=aae848abaae848ab aae848abaae848ab aae848abaae848ab aae848abaae848ab aae848abaae848ab aae848abaae848ab aae848abaae848ab aae848abaae848ab ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=ec1f0000ec1f0000 ec1f0000ec1f0000 ec1f0000ec1f0000 ec1f0000ec1f0000 ec1f0000ec1f0000 ec1f0000ec1f0000 ec1f0000ec1f0000 ec1f0000ec1f0000 info registers vcpu 3 CPU#3 RAX=0000000000000002 RBX=ffff88802b241d80 RCX=ffffffff81af1301 RDX=ffff88802701c880 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000747fa70 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=dffffc0000000000 R13=ffffed10056483b1 R14=0000000000000001 R15=0000000000000000 RIP=ffffffff81af12d6 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880977ba000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000032c22ffc CR3=0000000027c55000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 17e61cb8a98d0f03 7ef05d5177b0da0d ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f8d5782649d61e05 b775dcef7792c2bf ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 625045c0aa508dd0 dd1010b5edc53e76 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f7d9084634c77c79 3ddd33814032592b ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000008b40 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e46ca000000c374 800100000000c375 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e787e0000afd3e00 39e2a8000000c375 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 80010000f3fbce00 0000c3740000c374 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 3785300080010000 800100000000c373 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b744aa6501a738e 6c4cb6b53899c0a0 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8bc5c892ad86adc5 161f2745f60c5e97 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000