last executing test programs: 5m5.957601224s ago: executing program 0 (id=10882): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_PEER_MEASUREMENT_START(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x3c, r1, 0x1, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_PMSR_ATTR_PEERS={0x28, 0xe, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_REQ={0x10, 0x3, 0x0, 0x1, [@NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}, @NL80211_PMSR_REQ_ATTR_GET_AP_TSF={0x4}]}, @NL80211_PMSR_PEER_ATTR_REQ={0x4}, @NL80211_PMSR_PEER_ATTR_ADDR={0xa, 0x1, @device_b={0x8, 0x2, 0x11, 0x0, 0x0, 0x7}}]}]}]}, 0x3c}}, 0x0) 5m5.906027609s ago: executing program 0 (id=10883): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000008c0), r0) sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000940)={0x38, r1, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x41, 0x0}}, @NLBL_MGMT_A_DOMAIN={0xc, 0x1, 'nl80211\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x40010}, 0x80) 5m5.82755474s ago: executing program 0 (id=10886): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) r0 = open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x0) fcntl$setstatus(r0, 0x4, 0x42400) 5m5.826775248s ago: executing program 0 (id=10889): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) ioctl$TIOCL_SETSEL(r1, 0x4b4b, &(0x7f0000001900)={0x2, {0x2, 0x1200, 0x0, 0x101}}) 5m5.753003866s ago: executing program 0 (id=10891): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) mmap$fb(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000004, 0x11, r0, 0x6f000) 5m5.744250848s ago: executing program 0 (id=10894): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x8102, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'pimreg0\x00', 0x1}) ioctl$TUNSETOFFLOAD(r0, 0x400454ce, 0x5) 4m50.513835184s ago: executing program 32 (id=10894): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x8102, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'pimreg0\x00', 0x1}) ioctl$TUNSETOFFLOAD(r0, 0x400454ce, 0x5) 2m36.856926235s ago: executing program 2 (id=17017): r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 2m36.019889935s ago: executing program 2 (id=17051): r0 = syz_open_dev$dri(&(0x7f0000000180), 0x2, 0x16b802) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f00000002c0)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc01c64b9, &(0x7f0000000300)={&(0x7f0000000200), &(0x7f0000000240), 0x41, r1}) 2m35.949468357s ago: executing program 2 (id=17054): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000006700000008000300", @ANYRES32=r2, @ANYBLOB="0800c300911300000800c4"], 0x2c}}, 0x0) 2m35.933179296s ago: executing program 2 (id=17056): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 2m35.900261968s ago: executing program 2 (id=17059): r0 = syz_clone(0x81000000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_pidfd_open(r0, 0x0) capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000280)) setns(r1, 0x20000) 2m35.617715537s ago: executing program 2 (id=17067): io_setup(0x2007, &(0x7f0000000200)=0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) io_submit(r0, 0x1, &(0x7f0000000140)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 2m35.572919363s ago: executing program 33 (id=17067): io_setup(0x2007, &(0x7f0000000200)=0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) io_submit(r0, 0x1, &(0x7f0000000140)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 2m33.277201231s ago: executing program 3 (id=17123): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x7}, '\x00', "5171bb672965593497418688ac68cb126474cd3660dab9e2086e246728d7a040", "05e2e505", "000800003f98afbe"}, 0x38) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36) connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58) 2m32.37325705s ago: executing program 3 (id=17133): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='jbd2_handle_extend\x00'}, 0x10) r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000340)=0x8) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}, 0x20) 2m32.306752329s ago: executing program 3 (id=17135): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff) syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x70bd2b, 0x8, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}}, 0x20000004) 2m32.227561995s ago: executing program 3 (id=17138): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20) renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file7\x00', 0x5) 2m32.146597963s ago: executing program 3 (id=17141): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000100)) 2m32.018009403s ago: executing program 3 (id=17145): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = dup2(r0, r1) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8b26, &(0x7f0000000000)={'wlan0\x00'}) 2m31.932342813s ago: executing program 34 (id=17145): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = dup2(r0, r1) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8b26, &(0x7f0000000000)={'wlan0\x00'}) 1m57.673550534s ago: executing program 5 (id=17983): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000002c0)=[@in6={0xa, 0x4e21, 0x2, @local, 0x9}]}, &(0x7f0000000240)=0x10) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000200)={r1, 0x5}, 0x8) 1m57.604420338s ago: executing program 5 (id=17984): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) fstatat64(0xffffff9c, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x6000) 1m57.376989665s ago: executing program 5 (id=17989): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6}]}, 0x8) close_range(r0, 0xffffffffffffffff, 0x0) 1m57.28956878s ago: executing program 5 (id=17993): mkdir(&(0x7f0000000100)='./file0\x00', 0x0) write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB='/'], 0x2) mount$fuse(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0xa6d214, 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 1m57.251291926s ago: executing program 5 (id=17996): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x0, 0xc}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0xff}]}}]}, 0x3c}}, 0x0) 1m56.957449199s ago: executing program 5 (id=18003): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=@bridge_setlink={0x270, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x110, 0xc, 0x0, 0x1, [@AF_INET={0x13, 0xc, 0x0, 0x1, {0xc, 0x5, 0x0, 0x1, [{0x8}]}}]}, @IFLA_VF_PORTS={0x8, 0x3, 0x0, 0x1, [{0x64, 0x1d, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "714abbd2547de97cbbf6efb226f19bf9"}, @IFLA_PORT_PROFILE={0xd, 0x2, ':(\x8e^[[Z@\x00'}]}, {0x60, 0x7, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "293a02149f3b75a67093c28fd6f55a23"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "e48f01e49713f0c2d839f940d9f088d8"}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_slave_0\x00'}, @IFLA_PORT_PROFILE={0x7, 0x2, '):\x00'}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}]}, {0x18, 0x25, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "4d2906d0880fc8acc30fe2020f984967"}]}, {0x50, 0x2, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x4, 0x5, "a1085e7df341b9dc3d8008a2fe5bdaad"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "9c7e472c916020fe41bcc5aa8f56c947"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "80ab8be51421cfa3c9e5cbfe8217e0af"}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_VF={0x8}]}, {0x60, 0x1a, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x4, 0x3}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_PROFILE={0xc, 0x2, 'syztnl0\x00'}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_slave_0\x00'}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e078d277f38ed3a40a448f3f6b6763e8"}]}, {0x3c, 0x1a, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x2}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x19, "03dd96197aca85b64424a37dbda7b694"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x8, "eb052fcd3dd4d3e8bbcbf1de857c0e1c"}]}, {0x3c, 0x1, 0x0, 0x1, [@IFLA_PORT_VF={0x8}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "b2112a97bf9704ee57915340334b8271"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e8635392a70f36f95f4b9b352920ebec"}]}]}, @IFLA_GSO_MAX_SEGS={0x8}, @IFLA_AF_SPEC={0x60, 0x1a, 0x0, 0x1, [@AF_INET6={0x20, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET6={0x34, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @local}, @IFLA_INET6_TOKEN={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @broadcast}}, @IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}]}, @AF_BRIDGE={0x4}, @AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @remote}, @IFLA_INET6_TOKEN={0x0, 0x7, @loopback}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @private2}, @IFLA_INET6_TOKEN={0x0, 0x7, @private1}]}]}]}, 0x270}}, 0x0) 1m56.898125021s ago: executing program 35 (id=18003): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=@bridge_setlink={0x270, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x110, 0xc, 0x0, 0x1, [@AF_INET={0x13, 0xc, 0x0, 0x1, {0xc, 0x5, 0x0, 0x1, [{0x8}]}}]}, @IFLA_VF_PORTS={0x8, 0x3, 0x0, 0x1, [{0x64, 0x1d, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "714abbd2547de97cbbf6efb226f19bf9"}, @IFLA_PORT_PROFILE={0xd, 0x2, ':(\x8e^[[Z@\x00'}]}, {0x60, 0x7, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "293a02149f3b75a67093c28fd6f55a23"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "e48f01e49713f0c2d839f940d9f088d8"}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_slave_0\x00'}, @IFLA_PORT_PROFILE={0x7, 0x2, '):\x00'}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}]}, {0x18, 0x25, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "4d2906d0880fc8acc30fe2020f984967"}]}, {0x50, 0x2, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x4, 0x5, "a1085e7df341b9dc3d8008a2fe5bdaad"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "9c7e472c916020fe41bcc5aa8f56c947"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "80ab8be51421cfa3c9e5cbfe8217e0af"}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_VF={0x8}]}, {0x60, 0x1a, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x4, 0x3}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_PROFILE={0xc, 0x2, 'syztnl0\x00'}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_slave_0\x00'}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e078d277f38ed3a40a448f3f6b6763e8"}]}, {0x3c, 0x1a, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x2}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x19, "03dd96197aca85b64424a37dbda7b694"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x8, "eb052fcd3dd4d3e8bbcbf1de857c0e1c"}]}, {0x3c, 0x1, 0x0, 0x1, [@IFLA_PORT_VF={0x8}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "b2112a97bf9704ee57915340334b8271"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e8635392a70f36f95f4b9b352920ebec"}]}]}, @IFLA_GSO_MAX_SEGS={0x8}, @IFLA_AF_SPEC={0x60, 0x1a, 0x0, 0x1, [@AF_INET6={0x20, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET6={0x34, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @local}, @IFLA_INET6_TOKEN={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @broadcast}}, @IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}]}, @AF_BRIDGE={0x4}, @AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @remote}, @IFLA_INET6_TOKEN={0x0, 0x7, @loopback}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @private2}, @IFLA_INET6_TOKEN={0x0, 0x7, @private1}]}]}]}, 0x270}}, 0x0) 1m29.496322578s ago: executing program 1 (id=18669): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) renameat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0) 1m29.440353272s ago: executing program 1 (id=18672): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x34, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_SETUP={0x4}, @NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}, @NL80211_MESHCONF_CONNECTED_TO_AS={0x5}]}]}, 0x34}, 0x1, 0x0, 0x0, 0xc0c0}, 0x80) 1m29.364892551s ago: executing program 1 (id=18673): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f0000000080)=0xb, 0x4) bind$bt_hci(r0, &(0x7f00000002c0)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r0, &(0x7f0000002d00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000009c0)=""/157, 0x9d}, 0x2}], 0x1, 0x0, 0x0) 1m29.350786552s ago: executing program 1 (id=18675): mkdir(&(0x7f0000000100)='./file0\x00', 0x0) write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB='/'], 0x2) mount$fuse(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0xa6d214, 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 1m29.314235879s ago: executing program 1 (id=18677): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x80800) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000003240)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000002c0)=[0x0], &(0x7f0000000340), 0x0, 0x1, 0x0, 0x0, r1}) ioctl$DRM_IOCTL_MODE_SETPROPERTY(r0, 0xc01064ab, &(0x7f0000000380)={0x0, r2, r1}) 1m28.977386941s ago: executing program 1 (id=18684): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f00000000c0)={0x4, 0x40001e5a, 0x0, 0x0}) 1m28.932486147s ago: executing program 36 (id=18684): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f00000000c0)={0x4, 0x40001e5a, 0x0, 0x0}) 1.666300518s ago: executing program 7 (id=21360): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) 1.387227444s ago: executing program 4 (id=21369): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000000000ff000040"]) 1.381800363s ago: executing program 7 (id=21371): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000001140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) 1.314334655s ago: executing program 4 (id=21374): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@ipv6_newaddr={0x34, 0x14, 0x1, 0x0, 0x0, {0xa, 0x80, 0xa1, 0x0, r2}, [@IFA_LOCAL={0x14, 0x2, @private1}, @IFA_FLAGS={0x8, 0x8, 0x402}]}, 0x34}}, 0x0) 1.270043022s ago: executing program 4 (id=21376): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x8031, 0xffffffffffffffff, 0x3c32000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) exit(0x7) 1.269817684s ago: executing program 7 (id=21377): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) sendmsg$rds(r0, &(0x7f0000000680)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x4e21, @remote}, 0x10) 1.240455014s ago: executing program 7 (id=21378): r0 = socket$kcm(0x11, 0x200000000000002, 0x300) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001540)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000500000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e34ff65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd086004c4a56c6cce6e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e430a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b051f47db7aa110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c0000000000000000000a000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3938e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea875583e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba46cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5ccb9f10f615c87c441dc50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f246e891e20ecaad7059866506c3000000000c3230e901e885b7a4a36bdfdb5ce7a2e5807a0f4c1d461d1243fccf51b875b49490cd7d044e7a1e1a4c013fae1f070a8a37ab90da2efc6c875b3aab34b75a252072691fc97bef0fed8ee597ab83bb53f89c36bc2ee3ad54904542f66dc94132df75fc9944882d6f2e13b7057e0000000000000000000000000000000000001b726c0ccd24000000000000cfd2f4d005578b9ed06e1c41ef3b411066739de953d39b968caaca1507928d68c8f052"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000000)=r1, 0x4) syz_emit_ethernet(0x16, &(0x7f0000000600)={@local, @empty, @void, {@llc_tr={0x11, {@snap={0xaa, 0xab, '}', '#I`'}}}}}, 0x0) 1.237052464s ago: executing program 7 (id=21380): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6}]}) socket$inet_udp(0x2, 0x2, 0x0) socket$packet(0x11, 0x3, 0x300) pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 434.627045ms ago: executing program 4 (id=21395): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x1, 'queue0\x00'}) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0) read$char_usb(r1, &(0x7f00000001c0)=""/4068, 0xfe4) 375.956846ms ago: executing program 4 (id=21397): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8c01}, 0x20004080) 375.695313ms ago: executing program 4 (id=21398): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) close(r0) syz_usb_connect(0x6, 0x3e, &(0x7f0000000380)=ANY=[], 0x0) ioctl$SIOCSIFHWADDR(r0, 0x40095505, &(0x7f0000000140)={'syzkaller0\x00', @random="371692e7f7ef"}) 316.04215ms ago: executing program 7 (id=21400): r0 = socket$inet6(0xa, 0x1, 0x84) setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000002080)=0x2, 0x4) sendto$inet6(r0, &(0x7f00000002c0)='\x00', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) getsockopt$bt_hci(r0, 0x84, 0x6d, &(0x7f0000002280)=""/4086, &(0x7f0000000040)=0xff6) 205.095293ms ago: executing program 6 (id=21404): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r0 = socket$kcm(0xa, 0x5, 0x0) sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0x0, @local}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0x34000}], 0x1, 0x0, 0x0, 0x2000}, 0x60) 127.306535ms ago: executing program 6 (id=21405): r0 = socket$kcm(0xa, 0x2, 0x88) write$FUSE_STATX(0xffffffffffffffff, &(0x7f0000000380)={0x130, 0x0, 0x0, {0x9, 0x3, 0x0, '\x00', {0x0, 0x9, 0x4, 0x5, 0x0, 0x0, 0x8000, '\x00', 0x0, 0x7, 0x9, 0x8, {0x62d, 0x7}, {0x1, 0x1}, {0x7, 0xfffffff9}, {0x9}, 0x80, 0xfff, 0x5}}}, 0x130) sendmsg$kcm(r0, &(0x7f0000000340)={&(0x7f00000002c0)=@in6={0xa, 0x4e20, 0x0, @dev, 0x7}, 0x80, 0x0}, 0x200ce0c0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0), 0x58}, 0x0) 127.133395ms ago: executing program 6 (id=21406): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000500)=ANY=[@ANYBLOB="0100000000000000f3000040"]) 126.846581ms ago: executing program 8 (id=21407): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r0, 0x0, 0x0, 0x0, 0x0, 0x0) setsockopt$sock_int(r1, 0x1, 0x4c, &(0x7f00000000c0)=0x4, 0x4) recvmmsg(r1, &(0x7f0000001d00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/67, 0x43}}], 0x1, 0x0, 0x0) 126.13036ms ago: executing program 8 (id=21408): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$SIOCSIFHWADDR(r0, 0x8b20, &(0x7f0000000000)={'wlan1\x00', @broadcast}) 63.308656ms ago: executing program 8 (id=21409): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000240)={@hyper}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000000)={{@my=0x1}, @my=0x1, 0x0, 0x0, 0x8000000}) 63.093488ms ago: executing program 8 (id=21410): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10) nanosleep(&(0x7f0000000180), 0x0) 61.980602ms ago: executing program 6 (id=21411): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r0, 0x10e, 0x8, 0x0, 0x0) 608.554µs ago: executing program 8 (id=21412): unshare(0x20020680) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160-generic\x00'}, 0x58) accept4(r0, 0x0, 0x0, 0x0) 426.473µs ago: executing program 6 (id=21413): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000800)=@newqdisc={0x148, 0x24, 0xf0b, 0x1, 0x10000, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_red={{0x8}, {0x11c, 0x2, [@TCA_RED_PARMS={0x14, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x80}}, @TCA_RED_STAB={0x104, 0x2, "171f24ce73eb01afed6f4b3872f6f7d2ad76640342132cb8f3349d70985c1c69a9467def24eb1634a0e05a0154d5f902f30ffb3d607d697278109a141885dc225b053a0e92a593873c07860fd2be484416c84fce073f53cf67ca1ae8febdde9553c6347ef890953c46e38948cc4d54cf638b1317cf136559fae5bbd603f63763062c9bcd8715afeeb4c236554c890276b5b88de90f2e4a2464e869742a5b2ee6968dc8212e5b9ff3eba09ab9f42efaeb14b479c003e517c44c38fe3198540b9fe222ed2f8d0a78c6ba169719d69126dc57150020a5367cd3b781fd6fd9b8dca55427c2dfdf7ca5b9d1616b5bf2b4bbb627308e7eb58ce727046ddde0c629c2da"}]}}]}, 0x148}}, 0x8000) 238.085µs ago: executing program 8 (id=21414): r0 = syz_open_dev$ndb(&(0x7f0000004800), 0x0, 0x1) r1 = socket(0x2b, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) 0s ago: executing program 6 (id=21415): openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0) r0 = syz_io_uring_setup(0x239, &(0x7f0000000200)={0x0, 0xcd0c, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): nable to relocate VQ 0x0 after dequeue, screwing up backlog [ 412.858579][T12056] netlink: 60 bytes leftover after parsing attributes in process `syz.4.18161'. [ 412.877499][T12056] netlink: 928 bytes leftover after parsing attributes in process `syz.4.18161'. [ 412.952221][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 412.955838][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 412.959196][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 413.319948][ T39] audit: type=1800 audit(2000000070.789:41747): pid=12085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.18166" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 413.832496][ T5962] Bluetooth: hci1: command tx timeout [ 414.562198][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 415.282238][ T56] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 415.446859][ T56] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 415.449904][ T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 415.457589][ T56] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 415.460783][ T56] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 415.471595][ T56] usb 6-1: Manufacturer: syz [ 415.487029][ T56] usb 6-1: config 0 descriptor?? [ 415.548194][ T56] rc_core: IR keymap rc-hauppauge not found [ 415.550377][ T56] Registered IR keymap rc-empty [ 415.552942][ T56] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0 [ 415.557257][ T56] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input66 [ 415.703231][ T35] usb 6-1: USB disconnect, device number 21 [ 415.912140][ T5962] Bluetooth: hci1: command tx timeout [ 416.245686][T12249] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 416.482346][ T35] usb 12-1: new high-speed USB device number 2 using dummy_hcd [ 416.644012][ T35] usb 12-1: config index 0 descriptor too short (expected 23569, got 27) [ 416.647555][ T35] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 416.660506][ T35] usb 12-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 416.664727][ T35] usb 12-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 416.668164][ T35] usb 12-1: Manufacturer: syz [ 416.672401][ T35] usb 12-1: config 0 descriptor?? [ 416.732095][ T35] rc_core: IR keymap rc-hauppauge not found [ 416.734601][ T35] Registered IR keymap rc-empty [ 416.737400][ T35] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/rc/rc0 [ 416.742605][ T35] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/rc/rc0/input67 [ 416.884814][ T56] usb 12-1: USB disconnect, device number 2 [ 417.032614][ T2304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 417.440172][T12265] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 418.197836][T12275] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 418.224996][T12277] netlink: 'syz.7.18258': attribute type 1 has an invalid length. [ 418.462931][T12294] sctp: [Deprecated]: syz.1.18275 (pid 12294) Use of struct sctp_assoc_value in delayed_ack socket option. [ 418.462931][T12294] Use struct sctp_sack_info instead [ 419.033260][ T2347] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 419.192989][T12310] netlink: 'syz.1.18272': attribute type 1 has an invalid length. [ 419.290300][T12320] sctp: [Deprecated]: syz.4.18280 (pid 12320) Use of struct sctp_assoc_value in delayed_ack socket option. [ 419.290300][T12320] Use struct sctp_sack_info instead [ 420.394481][T12349] binder: 12348:12349 ioctl c018620b 0 returned -14 [ 421.635645][T12383] binder: 12381:12383 ioctl c018620b 0 returned -14 [ 421.661696][T12386] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 421.665180][T12386] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 421.779710][T12399] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 421.783825][T12399] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 422.233201][ T45] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 422.611309][T12425] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 422.615344][T12425] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 422.920255][T12445] binder: 12444:12445 ioctl c018620b 0 returned -14 [ 423.067918][T12459] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 423.114554][T12461] netlink: 4 bytes leftover after parsing attributes in process `syz.1.18349'. [ 423.118496][T12461] netlink: 277 bytes leftover after parsing attributes in process `syz.1.18349'. [ 423.122788][T12461] netlink: 277 bytes leftover after parsing attributes in process `syz.1.18349'. [ 423.126976][T12465] ALSA: seq fatal error: cannot create timer (-22) [ 424.097551][T12522] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18370'. [ 424.157678][T12529] netem: incorrect gi model size [ 424.160710][T12529] netem: change failed [ 424.201038][T12533] netlink: 'syz.6.18375': attribute type 19 has an invalid length. [ 424.274758][T12539] bridge0: port 3(ipvlan2) entered blocking state [ 424.277683][T12539] bridge0: port 3(ipvlan2) entered disabled state [ 424.280784][T12539] ipvlan2: entered allmulticast mode [ 424.292124][T12539] ipvlan2: left allmulticast mode [ 424.732085][ T57] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 424.792515][ T2320] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 424.892260][ T57] usb 6-1: Using ep0 maxpacket: 8 [ 424.895249][ T57] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 32, changing to 9 [ 424.898825][ T57] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 424.903207][ T57] usb 6-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 424.906191][ T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 424.910172][ T57] usb 6-1: config 0 descriptor?? [ 425.123398][ T57] usbhid 6-1:0.0: can't add hid device: -71 [ 425.126136][ T57] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 425.133477][ T57] usb 6-1: USB disconnect, device number 22 [ 425.662132][T12556] [U] [ 425.663227][T12556] [U] [ 425.664309][T12556] [U] [ 425.665401][T12556] [U] [ 425.666489][T12556] [U] [ 425.667611][T12556] [U] [ 425.668714][T12556] [U] [ 425.669828][T12556] [U] [ 425.683566][T12556] [U] [ 425.684798][T12556] [U] [ 425.685985][T12556] [U] [ 425.687186][T12556] [U] [ 425.688381][T12556] [U] [ 425.689601][T12556] [U] [ 425.690781][T12556] [U] [ 425.691973][T12556] [U] [ 425.694198][T12556] [U] [ 425.695409][T12556] [U] [ 425.696604][T12556] [U] [ 425.697795][T12556] [U] [ 425.698984][T12556] [U] [ 425.700163][T12556] [U] [ 425.701360][T12556] [U] [ 425.702558][T12556] [U] [ 425.704820][T12556] [U] [ 425.706022][T12556] [U] [ 425.707207][T12556] [U] [ 425.708398][T12556] [U] [ 425.709625][T12556] [U] [ 425.710805][T12556] [U] [ 425.711996][T12556] [U] [ 425.713220][T12556] [U] [ 425.719608][T12556] [U] [ 425.720936][T12556] [U] [ 425.722129][T12556] [U] [ 425.723326][T12556] [U] [ 425.725735][T12556] [U] [ 425.726939][T12556] [U] [ 425.728126][T12556] [U] [ 425.729323][T12556] [U] [ 425.730680][T12556] [U] [ 425.731877][T12556] [U] [ 425.733076][T12556] [U] [ 425.734257][T12556] [U] [ 425.736386][T12556] [U] [ 425.737623][T12556] [U] [ 425.738805][T12556] [U] [ 425.740010][T12556] [U] [ 425.741366][T12556] [U] [ 425.742577][T12556] [U] [ 425.743781][T12556] [U] [ 425.744964][T12556] [U] [ 425.746795][T12556] [U] [ 425.747997][T12556] [U] [ 425.749190][T12556] [U] [ 425.750382][T12556] [U] [ 425.751716][T12556] [U] [ 425.752968][T12556] [U] [ 425.754163][T12556] [U] [ 425.755361][T12556] [U] [ 425.757868][T12556] [U] [ 425.759095][T12556] [U] [ 425.760292][T12556] [U] [ 425.761496][T12556] [U] [ 425.763333][T12556] [U] [ 425.764570][T12556] [U] [ 425.765772][T12556] [U] [ 425.766960][T12556] [U] [ 425.768162][T12556] [U] [ 425.769368][T12556] [U] [ 425.770562][T12556] [U] [ 425.771767][T12556] [U] [ 425.783690][T12556] [U] [ 425.784919][T12556] [U] [ 425.786115][T12556] [U] [ 425.787285][T12556] [U] [ 425.788465][T12556] [U] [ 425.789660][T12556] [U] [ 425.790834][T12556] [U] [ 425.792025][T12556] [U] [ 425.794318][T12556] [U] [ 425.795527][T12556] [U] [ 425.796733][T12556] [U] [ 425.797914][T12556] [U] [ 425.799104][T12556] [U] [ 425.800301][T12556] [U] [ 425.801503][T12556] [U] [ 425.803160][T12556] [U] [ 425.805138][T12556] [U] [ 425.806349][T12556] [U] [ 425.807540][T12556] [U] [ 425.808741][T12556] [U] [ 425.809929][T12556] [U] [ 425.811122][T12556] [U] [ 425.812317][T12556] [U] [ 425.813522][T12556] [U] [ 425.815499][T12556] [U] [ 425.816722][T12556] [U] [ 425.817924][T12556] [U] [ 425.819106][T12556] [U] [ 425.820326][T12556] [U] [ 425.821524][T12556] [U] [ 425.822716][T12556] [U] [ 425.823945][T12556] [U] [ 425.825872][T12556] [U] [ 425.827082][T12556] [U] [ 425.828283][T12556] [U] [ 425.829556][T12556] [U] [ 425.830658][T12556] [U] [ 425.831753][T12556] [U] [ 425.832922][T12556] [U] [ 425.834010][T12556] [U] [ 425.835710][T12556] [U] [ 425.836855][T12556] [U] [ 425.837935][T12556] [U] [ 425.839013][T12556] [U] [ 425.840173][T12556] [U] [ 425.841279][T12556] [U] [ 425.842386][T12556] [U] [ 425.843487][T12556] [U] [ 425.844851][T12556] [U] [ 425.845951][T12556] [U] [ 425.847030][T12556] [U] [ 425.848108][T12556] [U] [ 425.849858][T12556] [U] [ 425.850978][T12556] [U] [ 425.852059][T12556] [U] [ 425.882305][T12555] [U] [ 425.886055][T12569] netlink: 'syz.7.18392': attribute type 3 has an invalid length. [ 425.888552][T12569] netlink: 199836 bytes leftover after parsing attributes in process `syz.7.18392'. [ 426.067737][T12578] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 426.542064][ T57] usb 11-1: new high-speed USB device number 3 using dummy_hcd [ 426.692186][ T57] usb 11-1: Using ep0 maxpacket: 8 [ 426.697327][ T57] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 32, changing to 9 [ 426.700724][ T57] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 426.705222][ T57] usb 11-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00 [ 426.709190][ T57] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 426.713514][ T57] usb 11-1: config 0 descriptor?? [ 426.787554][T12593] [U] [ 426.788447][T12593] [U] [ 426.789295][T12593] [U] [ 426.790239][T12593] [U] [ 426.791177][T12593] [U] [ 426.792040][T12593] [U] [ 426.792895][T12593] [U] [ 426.793738][T12593] [U] [ 426.794777][T12593] [U] [ 426.795645][T12593] [U] [ 426.796503][T12593] [U] [ 426.797336][T12593] [U] [ 426.798329][T12593] [U] [ 426.799184][T12593] [U] [ 426.800079][T12593] [U] [ 426.800999][T12593] [U] [ 426.802189][T12593] [U] [ 426.803067][T12593] [U] [ 426.803905][T12593] [U] [ 426.804755][T12593] [U] [ 426.805956][T12593] [U] [ 426.806819][T12593] [U] [ 426.807662][T12593] [U] [ 426.808521][T12593] [U] [ 426.809475][T12593] [U] [ 426.810362][T12593] [U] [ 426.811283][T12593] [U] [ 426.812132][T12593] [U] [ 426.813559][T12593] [U] [ 426.814681][T12593] [U] [ 426.815767][T12593] [U] [ 426.816864][T12593] [U] [ 426.817965][T12593] [U] [ 426.819041][T12593] [U] [ 426.820146][T12593] [U] [ 426.821240][T12593] [U] [ 426.822462][T12593] [U] [ 426.823600][T12593] [U] [ 426.824712][T12593] [U] [ 426.825792][T12593] [U] [ 426.826927][T12593] [U] [ 426.828004][T12593] [U] [ 426.829097][T12593] [U] [ 426.830182][T12593] [U] [ 426.831291][T12593] [U] [ 426.832407][T12593] [U] [ 426.833507][T12593] [U] [ 426.834603][T12593] [U] [ 426.836202][T12593] [U] [ 426.837316][T12593] [U] [ 426.838413][T12593] [U] [ 426.839531][T12593] [U] [ 426.840662][T12593] [U] [ 426.841756][T12593] [U] [ 426.842866][T12593] [U] [ 426.843980][T12593] [U] [ 426.845172][T12593] [U] [ 426.846260][T12593] [U] [ 426.847347][T12593] [U] [ 426.848430][T12593] [U] [ 426.849570][T12593] [U] [ 426.850677][T12593] [U] [ 426.851771][T12593] [U] [ 426.852882][T12593] [U] [ 426.854049][T12593] [U] [ 426.855167][T12593] [U] [ 426.856255][T12593] [U] [ 426.857356][T12593] [U] [ 426.858447][T12593] [U] [ 426.859531][T12593] [U] [ 426.860523][T12593] [U] [ 426.861612][T12593] [U] [ 426.862843][T12593] [U] [ 426.863966][T12593] [U] [ 426.865068][T12593] [U] [ 426.866161][T12593] [U] [ 426.867250][T12593] [U] [ 426.868332][T12593] [U] [ 426.869446][T12593] [U] [ 426.870535][T12593] [U] [ 426.871735][T12593] [U] [ 426.872843][T12593] [U] [ 426.873912][T12593] [U] [ 426.874931][T12593] [U] [ 426.875959][T12593] [U] [ 426.876829][T12593] [U] [ 426.877665][T12593] [U] [ 426.878513][T12593] [U] [ 426.879369][T12593] [U] [ 426.880210][T12593] [U] [ 426.881059][T12593] [U] [ 426.881925][T12593] [U] [ 426.882849][T12593] [U] [ 426.883711][T12593] [U] [ 426.884583][T12593] [U] [ 426.885427][T12593] [U] [ 426.886284][T12593] [U] [ 426.887132][T12593] [U] [ 426.887940][T12593] [U] [ 426.888751][T12593] [U] [ 426.889594][T12593] [U] [ 426.890430][T12593] [U] [ 426.891512][T12593] [U] [ 426.892732][T12593] [U] [ 426.893738][T12593] [U] [ 426.894567][T12593] [U] [ 426.895402][T12593] [U] [ 426.896280][T12593] [U] [ 426.897148][T12593] [U] [ 426.897950][T12593] [U] [ 426.898703][T12593] [U] [ 426.899529][T12593] [U] [ 426.900702][T12593] [U] [ 426.901586][T12593] [U] [ 426.902430][T12593] [U] [ 426.903294][T12593] [U] [ 426.904214][T12593] [U] [ 426.905084][T12593] [U] [ 426.905916][T12593] [U] [ 426.906771][T12593] [U] [ 426.907631][T12593] [U] [ 426.908501][T12593] [U] [ 426.909351][T12593] [U] [ 426.910223][T12593] [U] [ 426.911085][T12593] [U] [ 426.911952][T12593] [U] [ 426.912803][T12593] [U] [ 426.923158][ T57] usbhid 11-1:0.0: can't add hid device: -71 [ 426.925229][ T57] usbhid 11-1:0.0: probe with driver usbhid failed with error -71 [ 426.928730][ T57] usb 11-1: USB disconnect, device number 3 [ 426.951300][T12592] [U] [ 427.636258][T12648] netlink: 4 bytes leftover after parsing attributes in process `syz.1.18429'. [ 427.640987][T12648] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18429'. [ 427.916925][T12668] netlink: 8 bytes leftover after parsing attributes in process `syz.4.18437'. [ 427.993090][ T90] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 428.039647][T12695] netlink: 24 bytes leftover after parsing attributes in process `syz.1.18451'. [ 428.325908][T12722] netlink: 24 bytes leftover after parsing attributes in process `syz.7.18462'. [ 429.316334][T12760] vivid-003: disconnect [ 429.318372][T12759] vivid-003: reconnect [ 429.423898][T12776] input: syz0 as /devices/virtual/input/input68 [ 429.513645][T12788] program syz.6.18494 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 429.568811][T12795] veth1_to_team: entered promiscuous mode [ 429.616829][T12798] tap0: tun_chr_ioctl cmd 1074025676 [ 429.619109][T12798] tap0: owner set to 6 [ 429.912378][ T2320] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 430.070646][T12860] bpf: Bad value for 'gid' [ 430.354300][T12904] netlink: 'syz.1.18545': attribute type 21 has an invalid length. [ 430.356840][T12904] netlink: 156 bytes leftover after parsing attributes in process `syz.1.18545'. [ 430.360402][T12904] netlink: 'syz.1.18545': attribute type 21 has an invalid length. [ 430.362963][T12904] netlink: 156 bytes leftover after parsing attributes in process `syz.1.18545'. [ 430.479093][T12918] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 430.547362][T12923] random: crng reseeded on system resumption [ 430.600277][T12927] netlink: 12 bytes leftover after parsing attributes in process `syz.1.18555'. [ 430.980135][T12947] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 430.982443][T12947] syzkaller0: linktype set to 804 [ 431.019662][T12949] netlink: 12 bytes leftover after parsing attributes in process `syz.6.18565'. [ 431.024639][T12949] bridge0: port 3(vlan2) entered blocking state [ 431.026622][T12949] bridge0: port 3(vlan2) entered disabled state [ 431.028670][T12949] vlan2: entered allmulticast mode [ 431.030845][T12949] vlan2: left allmulticast mode [ 431.064214][T12951] netlink: 52 bytes leftover after parsing attributes in process `syz.1.18566'. [ 431.143327][T12957] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 431.584631][T12997] netlink: 4 bytes leftover after parsing attributes in process `syz.7.18588'. [ 431.588517][T12997] netlink: 8 bytes leftover after parsing attributes in process `syz.7.18588'. [ 431.824597][T13010] netlink: 24 bytes leftover after parsing attributes in process `syz.4.18593'. [ 432.054501][T13026] netlink: 'syz.1.18600': attribute type 1 has an invalid length. [ 432.481584][T13055] IPVS: persistence engine module ip_vs_pe_m not found [ 433.192204][ T66] Bluetooth: hci4: command 0x1003 tx timeout [ 433.196097][ T5962] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 433.537017][T13082] netlink: 11 bytes leftover after parsing attributes in process `syz.4.18625'. [ 433.738774][T13106] netlink: 48 bytes leftover after parsing attributes in process `syz.6.18636'. [ 433.788219][T13116] netem: change failed [ 434.090501][T13138] veth1_to_team: entered promiscuous mode [ 434.604678][T13150] netlink: 76 bytes leftover after parsing attributes in process `syz.1.18657'. [ 434.745895][T13165] IPVS: fo: SCTP 172.20.20.187:0 - no destination available [ 434.751513][ T56] IPVS: starting estimator thread 0... [ 434.820746][T13174] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 434.836517][ T39] audit: type=1326 audit(2000000092.309:41748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13175 comm="syz.1.18669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 434.852455][T13166] IPVS: using max 39 ests per chain, 93600 per kthread [ 434.854629][ T39] audit: type=1326 audit(2000000092.309:41749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13175 comm="syz.1.18669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 434.867648][ T39] audit: type=1326 audit(2000000092.309:41750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13175 comm="syz.1.18669" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 434.875200][ T39] audit: type=1326 audit(2000000092.309:41751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13175 comm="syz.1.18669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 434.881682][ T39] audit: type=1326 audit(2000000092.309:41752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13175 comm="syz.1.18669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 434.890806][ T39] audit: type=1326 audit(2000000092.319:41753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13175 comm="syz.1.18669" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 434.899609][ T39] audit: type=1326 audit(2000000092.319:41754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13175 comm="syz.1.18669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 434.906398][ T39] audit: type=1326 audit(2000000092.319:41755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13175 comm="syz.1.18669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 434.915553][ T39] audit: type=1326 audit(2000000092.319:41756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13175 comm="syz.1.18669" exe="/syz-executor" sig=0 arch=40000003 syscall=302 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 434.922212][ T39] audit: type=1326 audit(2000000092.319:41757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13175 comm="syz.1.18669" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73de579 code=0x7ffc0000 [ 435.528546][ T66] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 435.535462][ T66] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 435.538334][ T66] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 435.541098][ T66] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 435.544295][ T66] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 435.546577][ T66] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 435.606347][T13216] sit0 speed is unknown, defaulting to 1000 [ 435.639576][T13216] wlan0 speed is unknown, defaulting to 1000 [ 435.730770][T13216] chnl_net:caif_netlink_parms(): no params data found [ 435.764589][T13232] netlink: 192 bytes leftover after parsing attributes in process `syz.7.18694'. [ 435.843711][T13216] bridge0: port 1(bridge_slave_0) entered blocking state [ 435.846006][T13216] bridge0: port 1(bridge_slave_0) entered disabled state [ 435.848262][T13216] bridge_slave_0: entered allmulticast mode [ 435.850575][T13216] bridge_slave_0: entered promiscuous mode [ 435.853520][T13216] bridge0: port 2(bridge_slave_1) entered blocking state [ 435.855699][T13216] bridge0: port 2(bridge_slave_1) entered disabled state [ 435.858218][T13216] bridge_slave_1: entered allmulticast mode [ 435.861560][T13216] bridge_slave_1: entered promiscuous mode [ 435.892632][T13216] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 435.898719][T13216] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 435.946168][T13216] team0: Port device team_slave_0 added [ 435.950098][T13216] team0: Port device team_slave_1 added [ 435.969914][T13216] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 435.972334][T13216] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 435.980332][T13216] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 435.985546][T13216] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 435.987650][T13216] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 435.996132][T13216] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 436.023216][T13216] hsr_slave_0: entered promiscuous mode [ 436.025341][T13216] hsr_slave_1: entered promiscuous mode [ 436.027406][T13216] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 436.029701][T13216] Cannot create hsr debugfs directory [ 436.115310][T13216] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 436.118826][T13216] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 436.125534][T13216] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 436.129139][T13216] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 436.138433][T13216] bridge0: port 2(bridge_slave_1) entered blocking state [ 436.140641][T13216] bridge0: port 2(bridge_slave_1) entered forwarding state [ 436.142937][T13216] bridge0: port 1(bridge_slave_0) entered blocking state [ 436.145088][T13216] bridge0: port 1(bridge_slave_0) entered forwarding state [ 436.166974][ T2320] bridge0: port 1(bridge_slave_0) entered disabled state [ 436.170432][ T2320] bridge0: port 2(bridge_slave_1) entered disabled state [ 436.190407][T13216] 8021q: adding VLAN 0 to HW filter on device bond0 [ 436.200618][T13216] 8021q: adding VLAN 0 to HW filter on device team0 [ 436.205254][ T1230] bridge0: port 1(bridge_slave_0) entered blocking state [ 436.208321][ T1230] bridge0: port 1(bridge_slave_0) entered forwarding state [ 436.214926][ T1230] bridge0: port 2(bridge_slave_1) entered blocking state [ 436.217947][ T1230] bridge0: port 2(bridge_slave_1) entered forwarding state [ 436.307281][T13216] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 436.410456][T13216] veth0_vlan: entered promiscuous mode [ 436.417066][T13216] veth1_vlan: entered promiscuous mode [ 436.433108][T13216] veth0_macvtap: entered promiscuous mode [ 436.438053][T13216] veth1_macvtap: entered promiscuous mode [ 436.449422][T13216] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 436.454271][T13216] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.458401][T13216] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 436.462931][T13216] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.466883][T13216] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 436.470887][T13216] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.476224][T13216] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 436.482746][T13216] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 436.487071][T13216] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.491097][T13216] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 436.495700][T13216] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.499770][T13216] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 436.504185][T13216] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.509307][T13216] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 436.516407][T13216] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 436.520076][T13216] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 436.522958][T13216] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 436.525548][T13216] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 436.578274][ T2320] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 436.581303][ T2320] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 436.602963][ T1230] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 436.605346][ T1230] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 437.523232][T13277] netlink: 12 bytes leftover after parsing attributes in process `syz.7.18707'. [ 437.530548][T13277] bridge0: port 3(vlan2) entered blocking state [ 437.535523][T13277] bridge0: port 3(vlan2) entered disabled state [ 437.538179][T13277] vlan2: entered allmulticast mode [ 437.540588][T13277] vlan2: left allmulticast mode [ 437.547654][T13279] veth1_to_team: entered promiscuous mode [ 437.594124][ T66] Bluetooth: hci2: command tx timeout [ 437.781868][T13289] netlink: 12 bytes leftover after parsing attributes in process `syz.4.18714'. [ 438.025085][T13302] IPVS: fo: SCTP 172.20.20.187:0 - no destination available [ 438.368226][T13325] netlink: 76 bytes leftover after parsing attributes in process `syz.8.18729'. [ 438.444226][T13331] netlink: 12 bytes leftover after parsing attributes in process `syz.7.18732'. [ 438.684748][T13353] netlink: 76 bytes leftover after parsing attributes in process `syz.7.18742'. [ 439.523914][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.672512][ T66] Bluetooth: hci2: command tx timeout [ 439.872626][T13422] netlink: 'syz.4.18764': attribute type 5 has an invalid length. [ 439.959947][T13438] ip6gretap0: entered promiscuous mode [ 440.212609][T13463] netlink: 830 bytes leftover after parsing attributes in process `syz.6.18791'. [ 440.464266][T13497] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 440.540536][T13502] xt_CT: You must specify a L4 protocol and not use inversions on it [ 440.592099][ T833] usb 13-1: new high-speed USB device number 2 using dummy_hcd [ 440.772033][ T833] usb 13-1: Using ep0 maxpacket: 8 [ 440.775018][ T833] usb 13-1: config index 0 descriptor too short (expected 301, got 45) [ 440.777570][ T833] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 440.781012][ T833] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 440.785108][ T833] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 440.788908][ T833] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 440.796725][ T833] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 440.800159][ T833] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 441.018167][ T833] usb 13-1: GET_CAPABILITIES returned 0 [ 441.021094][ T833] usbtmc 13-1:16.0: can't read capabilities [ 441.222127][ T56] usb 13-1: USB disconnect, device number 2 [ 441.762116][ T66] Bluetooth: hci2: command tx timeout [ 442.181619][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 442.181630][ T39] audit: type=1800 audit(2000000099.649:41759): pid=13601 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.18854" name="file1" dev="tmpfs" ino=10108 res=0 errno=0 [ 442.573478][T13612] sctp: [Deprecated]: syz.4.18858 (pid 13612) Use of struct sctp_assoc_value in delayed_ack socket option. [ 442.573478][T13612] Use struct sctp_sack_info instead [ 442.802346][T13625] netlink: 4 bytes leftover after parsing attributes in process `syz.8.18865'. [ 443.375741][T13673] pimreg: entered allmulticast mode [ 443.382346][ T56] usb 12-1: new high-speed USB device number 3 using dummy_hcd [ 443.570883][ T56] usb 12-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 443.574627][ T56] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 443.577494][ T56] usb 12-1: Product: syz [ 443.579355][ T56] usb 12-1: Manufacturer: syz [ 443.580887][ T56] usb 12-1: SerialNumber: syz [ 443.584456][ T56] usb 12-1: config 0 descriptor?? [ 443.764344][T13687] netlink: 8 bytes leftover after parsing attributes in process `syz.6.18893'. [ 443.790082][ T35] usb 12-1: USB disconnect, device number 3 [ 443.832474][ T5962] Bluetooth: hci2: command tx timeout [ 444.140215][T13716] netlink: 72 bytes leftover after parsing attributes in process `syz.6.18906'. [ 444.169878][ T56] IPVS: starting estimator thread 0... [ 444.252290][T13720] IPVS: using max 38 ests per chain, 91200 per kthread [ 444.319230][T13735] netlink: 4 bytes leftover after parsing attributes in process `syz.6.18915'. [ 444.326370][T13735] netlink: 16 bytes leftover after parsing attributes in process `syz.6.18915'. [ 444.637480][T13760] netlink: 'syz.8.18927': attribute type 18 has an invalid length. [ 444.642091][T13760] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 444.645233][T13760] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 444.647957][T13760] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 444.650721][T13760] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 444.746792][T13771] netlink: 28 bytes leftover after parsing attributes in process `syz.6.18932'. [ 445.197151][T13813] netlink: 4 bytes leftover after parsing attributes in process `syz.8.18951'. [ 445.475256][T13843] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 445.546504][T13852] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 445.613922][T13862] netlink: 12 bytes leftover after parsing attributes in process `syz.7.18975'. [ 445.689718][T13868] netlink: 28 bytes leftover after parsing attributes in process `syz.7.18979'. [ 445.914436][ T5962] Bluetooth: hci2: command 0x0405 tx timeout [ 446.070443][T13907] netlink: 96 bytes leftover after parsing attributes in process `syz.4.18996'. [ 446.213258][ T5987] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 446.217445][ T5987] hid-generic 0000:0000:0000.0008: hidraw1: HID v0.00 Device [syz0] on syz0 [ 446.634172][ T39] audit: type=1800 audit(2000000104.109:41760): pid=13970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.19027" name="[kvm-gmem]" dev="anon_inodefs" ino=166172 res=0 errno=0 [ 446.694369][T13972] block nbd4: shutting down sockets [ 446.962034][ T833] usb 12-1: new high-speed USB device number 4 using dummy_hcd [ 447.105627][T13989] netlink: 8 bytes leftover after parsing attributes in process `syz.4.19036'. [ 447.124645][ T833] usb 12-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 447.129253][ T833] usb 12-1: config 0 has no interfaces? [ 447.131828][ T833] usb 12-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 447.135839][ T833] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 447.139006][ T833] usb 12-1: config 0 descriptor?? [ 447.401424][ T5987] usb 12-1: USB disconnect, device number 4 [ 447.712766][T14053] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 447.716134][T14053] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 448.826707][ T39] audit: type=1326 audit(2000000106.299:41761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14135 comm="syz.6.19101" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73fe579 code=0x0 [ 448.975201][T14157] netlink: 'syz.8.19111': attribute type 6 has an invalid length. [ 449.728405][T14239] __nla_validate_parse: 7 callbacks suppressed [ 449.728416][T14239] netlink: 12 bytes leftover after parsing attributes in process `syz.7.19149'. [ 450.240853][T14286] netlink: 12 bytes leftover after parsing attributes in process `syz.7.19171'. [ 450.278073][T14293] vivid-000: ================= START STATUS ================= [ 450.280411][T14293] vivid-000: Test Pattern: 75% Colorbar [ 450.283034][T14293] vivid-000: Fill Percentage of Frame: 100 [ 450.285072][T14293] vivid-000: Horizontal Movement: Move Left Slow [ 450.286996][T14293] vivid-000: Vertical Movement: No Movement [ 450.288804][T14293] vivid-000: OSD Text Mode: All [ 450.290306][T14293] vivid-000: Show Border: true [ 450.291805][T14293] vivid-000: Show Square: true [ 450.294543][T14293] vivid-000: Sensor Flipped Horizontally: true [ 450.296534][T14293] vivid-000: Sensor Flipped Vertically: false [ 450.298464][T14293] vivid-000: Insert SAV Code in Image: true [ 450.300343][T14293] vivid-000: Insert EAV Code in Image: true [ 450.303372][T14293] vivid-000: Insert Video Guard Band: false [ 450.305968][T14293] vivid-000: Reduced Framerate: true [ 450.308325][T14293] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 450.310896][T14293] vivid-000: S-Video 000-0 Is Connected To: None [ 450.313941][T14293] vivid-000: Enable Capture Cropping: false [ 450.315845][T14293] vivid-000: Enable Capture Composing: true [ 450.317822][T14293] vivid-000: Enable Capture Scaler: false [ 450.319687][T14293] vivid-000: Timestamp Source: Start of Exposure [ 450.321730][T14293] vivid-000: Colorspace: sRGB [ 450.323659][T14293] vivid-000: Transfer Function: Rec. 709 [ 450.325445][T14293] vivid-000: Y'CbCr Encoding: ITU-R 601 [ 450.327177][T14293] vivid-000: HSV Encoding: Hue 0-256 [ 450.329036][T14293] vivid-000: Quantization: Default [ 450.330658][T14293] vivid-000: Apply Alpha To Red Only: true [ 450.332959][T14293] vivid-000: Standard Aspect Ratio: 4x3 [ 450.334740][T14293] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 450.337183][T14293] vivid-000: DV Timings: 4096x2160p60 inactive [ 450.339410][T14293] vivid-000: DV Timings Aspect Ratio: 4x3 [ 450.341637][T14293] vivid-000: Maximum EDID Blocks: 1 [ 450.344216][T14293] vivid-000: Limited RGB Range (16-235): false [ 450.346892][T14293] vivid-000: Rx RGB Quantization Range: Automatic [ 450.350118][T14293] vivid-000: Power Present: 0x00000001 [ 450.352771][T14293] tpg source WxH: 3840x2160 (Y'CbCr) [ 450.354969][T14293] tpg field: 1 [ 450.356501][T14293] tpg crop: 3840x2160@0x0 [ 450.358312][T14293] tpg compose: 3840x2160@0x0 [ 450.360238][T14293] tpg colorspace: 2 [ 450.361889][T14293] tpg transfer function: 1/1 [ 450.364366][T14293] tpg Y'CbCr encoding: 2/2 [ 450.366277][T14293] tpg quantization: 1/1 [ 450.368046][T14293] tpg RGB range: 0/2 [ 450.369710][T14293] vivid-000: ================== END STATUS ================== [ 450.425617][ T39] audit: type=1326 audit(2000000107.899:41762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.6.19180" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x0 [ 450.773278][T14342] vivid-007: disconnect [ 450.774948][T14340] vivid-007: reconnect [ 450.807986][T14344] mkiss: ax0: crc mode is auto. [ 450.871746][T14352] netlink: 4 bytes leftover after parsing attributes in process `syz.7.19208'. [ 450.885313][T14352] netlink: 277 bytes leftover after parsing attributes in process `syz.7.19208'. [ 450.888133][T14352] netlink: 277 bytes leftover after parsing attributes in process `syz.7.19208'. [ 451.029417][T14372] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 451.073810][T14376] netlink: 4 bytes leftover after parsing attributes in process `syz.4.19213'. [ 451.077434][T14376] netlink: 277 bytes leftover after parsing attributes in process `syz.4.19213'. [ 451.080276][T14376] netlink: 277 bytes leftover after parsing attributes in process `syz.4.19213'. [ 451.131233][T14382] ALSA: seq fatal error: cannot create timer (-22) [ 451.190455][T14384] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 451.307483][T14394] vlan2: entered promiscuous mode [ 451.309137][T14394] bridge0: entered promiscuous mode [ 451.342127][T14397] batadv_slave_1: entered promiscuous mode [ 451.346171][T14395] batadv_slave_1: left promiscuous mode [ 451.369788][T14403] ALSA: seq fatal error: cannot create timer (-22) [ 451.607937][T14429] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 451.989289][T14474] netem: incorrect gi model size [ 451.993120][T14474] netem: change failed [ 452.042588][T14480] netlink: 'syz.8.19262': attribute type 19 has an invalid length. [ 452.127264][T14487] netem: incorrect gi model size [ 452.129841][T14487] netem: change failed [ 452.189590][T14491] netlink: 'syz.4.19273': attribute type 3 has an invalid length. [ 452.198334][T14491] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.19273'. [ 452.630276][T14506] bridge0: port 3(ipvlan2) entered blocking state [ 452.633163][T14506] bridge0: port 3(ipvlan2) entered disabled state [ 452.635295][T14506] ipvlan2: entered allmulticast mode [ 452.637424][T14506] ipvlan2: left allmulticast mode [ 452.914481][T14532] bridge0: port 3(ipvlan2) entered blocking state [ 452.916882][T14532] bridge0: port 3(ipvlan2) entered disabled state [ 452.919095][T14532] ipvlan2: entered allmulticast mode [ 452.921269][T14532] ipvlan2: left allmulticast mode [ 453.178714][T14550] netlink: 4 bytes leftover after parsing attributes in process `syz.4.19300'. [ 454.047559][T14600] vivid-009: disconnect [ 454.050107][T14599] vivid-009: reconnect [ 454.288092][T14626] input: syz0 as /devices/virtual/input/input70 [ 454.397942][T14633] program syz.8.19331 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 455.002829][T14671] tap0: tun_chr_ioctl cmd 1074025676 [ 455.005047][T14671] tap0: owner set to 6 [ 455.545238][T14715] bpf: Bad value for 'gid' [ 455.814341][T14733] netlink: 'syz.6.19379': attribute type 21 has an invalid length. [ 455.817787][T14733] __nla_validate_parse: 1 callbacks suppressed [ 455.817847][T14733] netlink: 156 bytes leftover after parsing attributes in process `syz.6.19379'. [ 455.826747][T14733] netlink: 'syz.6.19379': attribute type 21 has an invalid length. [ 455.830010][T14733] netlink: 156 bytes leftover after parsing attributes in process `syz.6.19379'. [ 455.989032][T14739] netlink: 24 bytes leftover after parsing attributes in process `syz.8.19382'. [ 456.215542][T14757] netlink: 11 bytes leftover after parsing attributes in process `syz.6.19389'. [ 456.347972][T14767] netlink: 24 bytes leftover after parsing attributes in process `syz.6.19394'. [ 456.982820][T14789] netlink: 11 bytes leftover after parsing attributes in process `syz.7.19401'. [ 457.620861][T14813] netlink: 830 bytes leftover after parsing attributes in process `syz.7.19413'. [ 457.916265][T14842] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 457.995250][T14848] xt_CT: You must specify a L4 protocol and not use inversions on it [ 458.075370][T14859] netlink: 4 bytes leftover after parsing attributes in process `syz.7.19441'. [ 458.218425][ T39] audit: type=1800 audit(2000000115.689:41763): pid=14872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.19447" name="file1" dev="tmpfs" ino=1124 res=0 errno=0 [ 458.340255][T14884] sctp: [Deprecated]: syz.8.19445 (pid 14884) Use of struct sctp_assoc_value in delayed_ack socket option. [ 458.340255][T14884] Use struct sctp_sack_info instead [ 459.885018][ T833] usb 11-1: new high-speed USB device number 4 using dummy_hcd [ 460.034646][ T833] usb 11-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 460.037609][ T833] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 460.040073][ T833] usb 11-1: Product: syz [ 460.041439][ T833] usb 11-1: Manufacturer: syz [ 460.047473][ T833] usb 11-1: SerialNumber: syz [ 460.053134][ T833] usb 11-1: config 0 descriptor?? [ 460.592794][ T35] usb 11-1: USB disconnect, device number 4 [ 461.616965][T14975] netlink: 'syz.6.19482': attribute type 5 has an invalid length. [ 462.628838][T15016] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 464.632367][ T66] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 466.243885][T15064] syz.8.19524 invoked oom-killer: gfp_mask=0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), order=0, oom_score_adj=1000 [ 466.248392][T15064] CPU: 0 UID: 0 PID: 15064 Comm: syz.8.19524 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 466.248407][T15064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 466.248412][T15064] Call Trace: [ 466.248416][T15064] [ 466.248420][T15064] dump_stack_lvl+0x16c/0x1f0 [ 466.248437][T15064] dump_header+0x101/0x930 [ 466.248453][T15064] oom_kill_process+0x270/0xa60 [ 466.248465][T15064] ? oom_cpuset_eligible.isra.0+0x199/0x2d0 [ 466.248479][T15064] out_of_memory+0x1407/0x1700 [ 466.248495][T15064] ? __pfx___mutex_trylock_common+0x10/0x10 [ 466.248506][T15064] ? __pfx_out_of_memory+0x10/0x10 [ 466.248519][T15064] ? lock_acquire+0x2f/0xb0 [ 466.248528][T15064] ? __alloc_frozen_pages_noprof+0xcc5/0x2470 [ 466.248542][T15064] __alloc_frozen_pages_noprof+0x1d66/0x2470 [ 466.248557][T15064] ? __lock_acquire+0xcc5/0x3c40 [ 466.248566][T15064] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 466.248581][T15064] ? __pfx___lock_acquire+0x10/0x10 [ 466.248593][T15064] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 466.248607][T15064] ? policy_nodemask+0xea/0x4e0 [ 466.248619][T15064] alloc_pages_mpol+0x1fc/0x540 [ 466.248630][T15064] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 466.248642][T15064] ? xas_load+0x49/0x5b0 [ 466.248653][T15064] ? filemap_get_entry+0xd0/0x3c0 [ 466.248663][T15064] folio_alloc_noprof+0x20/0x2d0 [ 466.248675][T15064] filemap_alloc_folio_noprof+0x39b/0x470 [ 466.248687][T15064] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 466.248702][T15064] __filemap_get_folio+0x5e9/0xbd0 [ 466.248713][T15064] filemap_fault+0x1889/0x2ca0 [ 466.248725][T15064] ? __pfx_filemap_fault+0x10/0x10 [ 466.248734][T15064] ? find_held_lock+0x2d/0x110 [ 466.248747][T15064] ? do_pte_missing+0xde9/0x3e10 [ 466.248757][T15064] ? __pfx_lock_release+0x10/0x10 [ 466.248770][T15064] __do_fault+0x10a/0x490 [ 466.248782][T15064] do_pte_missing+0xecf/0x3e10 [ 466.248796][T15064] __handle_mm_fault+0x1166/0x2c60 [ 466.248817][T15064] ? lock_vma_under_rcu+0x6b9/0x980 [ 466.248826][T15064] ? __pfx___handle_mm_fault+0x10/0x10 [ 466.248847][T15064] handle_mm_fault+0x3fa/0xaa0 [ 466.248859][T15064] do_user_addr_fault+0x60d/0x13f0 [ 466.248873][T15064] exc_page_fault+0x5c/0xc0 [ 466.248885][T15064] asm_exc_page_fault+0x26/0x30 [ 466.248897][T15064] RIP: 0023:0xf711e5cb [ 466.248909][T15064] Code: Unable to access opcode bytes at 0xf711e5a1. [ 466.248913][T15064] RSP: 002b:00000000ffeb3160 EFLAGS: 00010202 [ 466.248920][T15064] RAX: 000000000c2eafee RBX: 000000000c230000 RCX: 0000000000000004 [ 466.248926][T15064] RDX: 0000000000000010 RSI: 00000000f0257f74 RDI: 00000000ffffffff [ 466.248931][T15064] RBP: 00000000f7fa5610 R08: 0000000000000000 R09: 0000000000000000 [ 466.248936][T15064] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 466.248941][T15064] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 466.248953][T15064] [ 466.248956][T15064] Mem-Info: [ 466.370554][T15064] active_anon:5272 inactive_anon:4392 isolated_anon:0 [ 466.370554][T15064] active_file:0 inactive_file:93 isolated_file:0 [ 466.370554][T15064] unevictable:1759 dirty:2 writeback:0 [ 466.370554][T15064] slab_reclaimable:7039 slab_unreclaimable:89227 [ 466.370554][T15064] mapped:20509 shmem:9190 pagetables:1276 [ 466.370554][T15064] sec_pagetables:339 bounce:0 [ 466.370554][T15064] kernel_misc_reclaimable:0 [ 466.370554][T15064] free:17409 free_pcp:125 free_cma:0 [ 466.386296][T15064] Node 0 active_anon:1360kB inactive_anon:516kB active_file:416kB inactive_file:536kB unevictable:3516kB isolated(anon):0kB isolated(file):0kB mapped:620kB dirty:0kB writeback:0kB shmem:10348kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9084kB pagetables:720kB sec_pagetables:1196kB all_unreclaimable? no [ 466.401317][T15064] Node 1 active_anon:21948kB inactive_anon:14832kB active_file:0kB inactive_file:100kB unevictable:3520kB isolated(anon):0kB isolated(file):0kB mapped:81948kB dirty:8kB writeback:0kB shmem:26412kB shmem_thp:8192kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:6588kB pagetables:4384kB sec_pagetables:160kB all_unreclaimable? yes [ 466.417025][T15064] Node 0 DMA free:1032kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:4kB active_file:8kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 466.435843][T15064] lowmem_reserve[]: 0 297 0 0 0 [ 466.441160][T15064] Node 0 DMA32 free:14564kB boost:0kB min:13672kB low:17088kB high:20504kB reserved_highatomic:4096KB active_anon:1640kB inactive_anon:252kB active_file:0kB inactive_file:4216kB unevictable:3516kB writepending:0kB present:1032196kB managed:305108kB mlocked:0kB bounce:0kB free_pcp:1524kB local_pcp:328kB free_cma:0kB [ 466.460418][T15064] lowmem_reserve[]: 0 0 0 0 0 [ 466.470526][T15064] Node 1 DMA32 free:46648kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB active_anon:22108kB inactive_anon:14672kB active_file:8kB inactive_file:68kB unevictable:3520kB writepending:0kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 466.485025][T15064] lowmem_reserve[]: 0 0 0 0 0 [ 466.497930][T15064] Node 0 DMA: 8*4kB (U) 47*8kB (U) 17*16kB (U) 11*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 1032kB [ 466.514544][T15064] Node 0 DMA32: 139*4kB (UMEH) 247*8kB (UMEH) 102*16kB (UMEH) 137*32kB (UMEH) 58*64kB (UME) 19*128kB (UME) 1*256kB (E) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 14948kB [ 466.529359][T15064] Node 1 DMA32: 1078*4kB (ME) 818*8kB (UMEH) 199*16kB (UME) 159*32kB (UME) 61*64kB (UME) 21*128kB (UME) 19*256kB (UM) 14*512kB (UM) 9*1024kB (UM) 0*2048kB 0*4096kB = 46968kB [ 466.553549][T15064] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 466.557551][T15064] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 466.561552][T15064] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 466.568391][T15064] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 466.592035][T15064] 9872 total pagecache pages [ 466.594108][T15064] 406 pages in swap cache [ 466.596064][T15064] Free swap = 200kB [ 466.597794][T15064] Total swap = 124996kB [ 466.599585][T15064] 524155 pages RAM [ 466.601142][T15064] 0 pages HighMem/MovableOnly [ 466.632670][T15064] 206975 pages reserved [ 466.634733][T15064] 0 pages cma reserved [ 466.636461][T15064] Unreclaimable slab info: [ 466.640249][T15064] Name Used Total [ 466.692797][T15064] pid_3 31KB 31KB [ 466.695642][T15064] pid_2 116KB 173KB [ 466.698248][T15064] bio-360 7KB 7KB [ 466.700956][T15064] bio-424 8KB 8KB [ 466.723677][T15064] bio-440 8KB 8KB [ 466.726527][T15064] bio-536 15KB 15KB [ 466.729224][T15064] afs_inode_cache 123KB 123KB [ 466.745821][T15064] z3fold_handle 397KB 397KB [ 466.748332][T15064] zswap_entry 390KB 466KB [ 466.751113][T15064] AF_VSOCK 122KB 122KB [ 466.772128][T15064] sw_flow_stats 16KB 16KB [ 466.774630][T15064] sw_flow 61KB 61KB [ 466.777464][T15064] batadv_tt_change_cache 16KB 16KB [ 466.780162][T15064] batadv_tl_cache 16KB 16KB [ 466.802084][T15064] IEEE-802.15.4-MAC 126KB 126KB [ 466.804707][T15064] IEEE-802.15.4-RAW 126KB 126KB [ 466.807280][T15064] p9_req_t 31KB 31KB [ 466.809773][T15064] INET_SMC 31KB 31KB [ 466.842703][T15064] SMC6 126KB 126KB [ 466.845461][T15064] SMC 126KB 126KB [ 466.848117][T15064] TIPC 126KB 126KB [ 466.850865][T15064] rds_tcp_connection 63KB 63KB [ 466.872374][T15064] RDS 128KB 128KB [ 466.875290][T15064] rds_connection 30KB 30KB [ 466.878132][T15064] SCTPv6 120KB 120KB [ 466.880642][T15064] SCTP 127KB 127KB [ 466.920523][T15064] sctp_chunk 93KB 132KB [ 466.932409][T15064] sctp_bind_bucket 16KB 16KB [ 466.935095][T15064] tw_sock_DCCPv6 15KB 15KB [ 466.937631][T15064] DCCPv6 121KB 121KB [ 466.940193][T15064] DCCP 126KB 126KB [ 466.962418][T15064] dccp_bind2_bucket 16KB 16KB [ 466.965047][T15064] dccp_bind_bucket 16KB 16KB [ 466.967812][T15064] PNPIPE 123KB 123KB [ 466.970594][T15064] PHONET 126KB 126KB [ 466.992890][T15064] L2TP/IPv6 127KB 127KB [ 466.995620][T15064] L2TP/IP 121KB 121KB [ 466.998266][T15064] KCM 127KB 127KB [ 467.000846][T15064] kcm_mux 63KB 63KB [ 467.022457][T15064] RXRPC 127KB 127KB [ 467.025567][T15064] rxrpc_call_jar 350KB 350KB [ 467.028212][T15064] can_gw 31KB 31KB [ 467.030770][T15064] can_receiver 15KB 15KB [ 467.047423][T15064] net_bridge_fdb_entry 23KB 23KB [ 467.050287][T15064] MPTCPv6 127KB 127KB [ 467.072038][T15064] ip6-frags 15KB 15KB [ 467.074906][T15064] fib6_node 275KB 276KB [ 467.077615][T15064] ip6_dst_cache 326KB 375KB [ 467.080118][T15064] mfc6_cache 16KB 16KB [ 467.100002][T15064] PINGv6 127KB 127KB [ 467.112538][T15064] RAWv6 191KB 191KB [ 467.115402][T15064] UDPLITEv6 127KB 127KB [ 467.117864][T15064] UDPv6 159KB 159KB [ 467.120367][T15064] tw_sock_TCPv6 7KB 7KB [ 467.142682][T15064] request_sock_TCPv6 15KB 15KB [ 467.145408][T15064] TCPv6 408KB 607KB [ 467.147980][T15064] nf_conntrack 31KB 31KB [ 467.158982][T15064] wg_peer 154KB 154KB [ 467.161456][T15064] allowedips_node 19KB 19KB [ 467.198207][T15064] t10_alua_lu_gp_cache 7KB 7KB [ 467.200832][T15064] scsi_sense_cache 44KB 44KB [ 467.212408][T15064] virtio_scsi_cmd 16KB 16KB [ 467.214995][T15064] bio-136 68KB 68KB [ 467.217694][T15064] io_buffer 16KB 36KB [ 467.220390][T15064] io_kiocb 85KB 164KB [ 467.235489][T15064] bio-264 31KB 31KB [ 467.237987][T15064] mqueue_inode_cache 121KB 121KB [ 467.240777][T15064] f2fs_bio_post_read_ctx 23KB 23KB [ 467.262633][T15064] jfs_mp 7KB 7KB [ 467.264623][T15064] orangefs_op_cache 17KB 17KB [ 467.267050][T15064] fuse_request 31KB 31KB [ 467.270440][T15064] cifs_small_rq 16KB 16KB [ 467.273969][T15064] cifs_request 67KB 67KB [ 467.276496][T15064] cifs_mpx_ids 4KB 4KB [ 467.278986][T15064] cifs_io_subrequest 39KB 39KB [ 467.281585][T15064] cifs_io_request 95KB 95KB [ 467.285588][T15064] nfs_commit_data 15KB 15KB [ 467.288121][T15064] nfs_write_data 63KB 63KB [ 467.290625][T15064] ecryptfs_sb_cache 7KB 7KB [ 467.293532][T15064] jbd2_inode 11KB 11KB [ 467.295789][T15064] ext4_system_zone 3KB 3KB [ 467.298314][T15064] ext4_io_end_vec 15KB 15KB [ 467.300881][T15064] kioctx 127KB 127KB [ 467.303710][T15064] aio_kiocb 31KB 31KB [ 467.305997][T15064] userfaultfd_ctx_cache 63KB 63KB [ 467.308063][T15064] fanotify_mark 7KB 7KB [ 467.310159][T15064] dnotify_mark 15KB 15KB [ 467.312327][T15064] dnotify_struct 15KB 15KB [ 467.314159][T15064] fasync_cache 15KB 15KB [ 467.315983][T15064] pid_namespace 30KB 30KB [ 467.317880][T15064] posix_timers_cache 31KB 31KB [ 467.320375][T15064] kvm_vcpu 123KB 123KB [ 467.323710][T15064] kvm_mmu_page_header 11KB 11KB [ 467.325629][T15064] pte_list_desc 7KB 7KB [ 467.327443][T15064] x86_emulator 120KB 120KB [ 467.329526][T15064] rpc_buffers 127KB 127KB [ 467.331310][T15064] rpc_tasks 31KB 31KB [ 467.333858][T15064] UNIX-STREAM 247KB 247KB [ 467.335700][T15064] UNIX 528KB 742KB [ 467.337575][T15064] ip4-frags 31KB 31KB [ 467.339451][T15064] mfc_cache 12KB 12KB [ 467.341379][T15064] UDP-Lite 124KB 124KB [ 467.343563][T15064] MPTCP 120KB 120KB [ 467.345442][T15064] tcp_bind2_bucket 16KB 16KB [ 467.347269][T15064] tcp_bind_bucket 16KB 16KB [ 467.349139][T15064] inet_peer 16KB 16KB [ 467.350959][T15064] xfrm_dst 39KB 39KB [ 467.355428][T15064] xfrm_state 127KB 127KB [ 467.357246][T15064] ip_fib_trie 48KB 48KB [ 467.359144][T15064] ip_fib_alias 132KB 138KB [ 467.360941][T15064] rtable 55KB 104KB [ 467.363834][T15064] PING 121KB 121KB [ 467.365684][T15064] RAW 121KB 121KB [ 467.367541][T15064] UDP 186KB 186KB [ 467.369380][T15064] request_sock_TCP 23KB 23KB [ 467.371504][T15064] TCP 462KB 605KB [ 467.373828][T15064] hugetlbfs_inode_cache 126KB 126KB [ 467.375735][T15064] fscache_cookie_jar 15KB 15KB [ 467.377629][T15064] netfs_subrequest 54KB 54KB [ 467.379655][T15064] netfs_request 126KB 126KB [ 467.381792][T15064] bio-256 15KB 15KB [ 467.384694][T15064] ep_head 16KB 16KB [ 467.386619][T15064] eventpoll_pwq 15KB 15KB [ 467.388755][T15064] eventpoll_epi 86KB 86KB [ 467.390541][T15064] inotify_inode_mark 31KB 31KB [ 467.392804][T15064] sgpool-128 29KB 29KB [ 467.395581][T15064] sgpool-64 31KB 31KB [ 467.397796][T15064] sgpool-32 598KB 756KB [ 467.399789][T15064] sgpool-16 234KB 265KB [ 467.401616][T15064] sgpool-8 131KB 140KB [ 467.404397][T15064] bio_crypt_ctx 7KB 7KB [ 467.406392][T15064] request_queue 264KB 286KB [ 467.408315][T15064] blkdev_ioc 31KB 31KB [ 467.410144][T15064] bio-200 447KB 476KB [ 467.412239][T15064] biovec-max 569KB 718KB [ 467.414211][T15064] biovec-64 865KB 913KB [ 467.416057][T15064] biovec-16 124KB 156KB [ 467.417989][T15064] bio_integrity_payload 7KB 7KB [ 467.419939][T15064] khugepaged_mm_slot 15KB 15KB [ 467.423329][T15064] ksm_mm_slot 16KB 16KB [ 467.425444][T15064] uid_cache 31KB 31KB [ 467.427294][T15064] iommu_iova_magazine 1064KB 1102KB [ 467.429195][T15064] iommu_iova 268KB 268KB [ 467.431099][T15064] dmaengine-unmap-256 30KB 30KB [ 467.433676][T15064] dmaengine-unmap-128 30KB 30KB [ 467.435580][T15064] dmaengine-unmap-16 4KB 4KB [ 467.437482][T15064] dmaengine-unmap-2 4KB 4KB [ 467.439335][T15064] QIPCRTR 126KB 126KB [ 467.441288][T15064] audit_buffer 39KB 75KB [ 467.443738][T15064] skbuff_ext_cache 20KB 20KB [ 467.445686][T15064] skbuff_small_head 987KB 1008KB [ 467.447564][T15064] skbuff_fclone_cache 158KB 265KB [ 467.449888][T15064] skbuff_head_cache 1405KB 1414KB [ 467.451847][T15064] configfs_dir_cache 16KB 16KB [ 467.453899][T15064] file_lease_cache 31KB 31KB [ 467.455765][T15064] file_lock_cache 63KB 63KB [ 467.457647][T15064] file_lock_ctx 19KB 19KB [ 467.459479][T15064] fsnotify_mark_connector 15KB 15KB [ 467.461456][T15064] taskstats 200KB 262KB [ 467.463625][T15064] proc_dir_entry 991KB 1015KB [ 467.465506][T15064] pde_opener 15KB 15KB [ 467.467318][T15064] seq_file 101KB 140KB [ 467.469152][T15064] sigqueue 94KB 110KB [ 467.470963][T15064] shmem_inode_cache 7871KB 8376KB [ 467.473358][T15064] kernfs_iattrs_cache 15KB 15KB [ 467.476281][T15064] kernfs_node_cache 50942KB 50944KB [ 467.479172][T15064] mnt_cache 118KB 149KB [ 467.481055][T15064] filp 418KB 598KB [ 467.483183][T15064] names_cache 4131KB 4224KB [ 467.485129][T15064] net_namespace 151KB 151KB [ 467.487053][T15064] ima_iint_cache 55KB 55KB [ 467.488916][T15064] lsm_inode_cache 1583KB 1925KB [ 467.491398][T15064] lsm_file_cache 154KB 196KB [ 467.493848][T15064] key_jar 39KB 39KB [ 467.495676][T15064] uts_namespace 31KB 31KB [ 467.497826][T15064] nsproxy 15KB 15KB [ 467.500256][T15064] vma_lock 706KB 820KB [ 467.503677][T15064] vm_area_struct 788KB 922KB [ 467.505583][T15064] fs_cache 50KB 88KB [ 467.511044][T15064] files_cache 302KB 382KB [ 467.514984][T15064] signal_cache 1029KB 1731KB [ 467.516861][T15064] sighand_cache 1355KB 2104KB [ 467.518734][T15064] task_struct 4775KB 5084KB [ 467.520569][T15064] cred 187KB 328KB [ 467.522696][T15064] anon_vma_chain 348KB 405KB [ 467.524628][T15064] anon_vma 379KB 517KB [ 467.526512][T15064] pid 234KB 441KB [ 467.528589][T15064] Acpi-Operand 274KB 384KB [ 467.530486][T15064] Acpi-ParseExt 63KB 86KB [ 467.532667][T15064] Acpi-Parse 90KB 130KB [ 467.533447][ T39] audit: type=1800 audit(2000000125.009:41764): pid=15088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.19534" name="file1" dev="tmpfs" ino=1951 res=0 errno=0 [ 467.534521][T15064] Acpi-State 70KB 106KB [ 467.545720][T15064] Acpi-Namespace 52KB 52KB [ 467.547660][T15064] shared_policy_node 16KB 16KB [ 467.549487][T15064] numa_policy 15KB 15KB [ 467.551312][T15064] perf_event 30KB 30KB [ 467.554291][T15064] trace_event_file 536KB 536KB [ 467.556210][T15064] ftrace_event_field 988KB 988KB [ 467.558810][T15064] pool_workqueue 2150KB 2160KB [ 467.560682][T15064] maple_node 526KB 1152KB [ 467.562822][T15064] task_group 46KB 46KB [ 467.564641][T15064] mm_struct 457KB 570KB [ 467.566501][T15064] vmap_area 460KB 1275KB [ 467.568300][T15064] debug_objects_cache 3184KB 3281KB [ 467.570111][T15064] page->ptl 146KB 228KB [ 467.572138][T15064] kmalloc-cg-8k 7088KB 7200KB [ 467.573958][T15064] kmalloc-cg-4k 26960KB 27232KB [ 467.575762][T15064] kmalloc-cg-2k 18512KB 18632KB [ 467.577599][T15064] kmalloc-cg-1k 3836KB 3972KB [ 467.579437][T15064] kmalloc-cg-512 2252KB 2288KB [ 467.581271][T15064] kmalloc-cg-256 533KB 540KB [ 467.583478][T15064] kmalloc-cg-128 417KB 420KB [ 467.585330][T15064] kmalloc-cg-64 80KB 100KB [ 467.587165][T15064] kmalloc-cg-32 71KB 104KB [ 467.588973][T15064] kmalloc-cg-16 38KB 112KB [ 467.590792][T15064] kmalloc-cg-8 42KB 44KB [ 467.592927][T15064] kmalloc-cg-192 283KB 284KB [ 467.594754][T15064] kmalloc-cg-96 66KB 92KB [ 467.596633][T15064] kmalloc-8k 8384KB 8608KB [ 467.598471][T15064] kmalloc-4k 25896KB 26720KB [ 467.600282][T15064] kmalloc-2k 15276KB 16032KB [ 467.602490][T15064] kmalloc-1k 13956KB 14336KB [ 467.604351][T15064] kmalloc-512 13361KB 13552KB [ 467.606183][T15064] kmalloc-256 7303KB 7312KB [ 467.608026][T15064] kmalloc-128 1477KB 1548KB [ 467.609880][T15064] kmalloc-64 3763KB 3956KB [ 467.611718][T15064] kmalloc-32 2989KB 3084KB [ 467.614275][T15064] kmalloc-16 627KB 640KB [ 467.616160][T15064] kmalloc-8 2486KB 2524KB [ 467.618005][T15064] kmalloc-192 2539KB 2560KB [ 467.619836][T15064] kmalloc-96 1315KB 1360KB [ 467.621694][T15064] kmem_cache_node 225KB 228KB [ 467.623938][T15064] kmem_cache 195KB 195KB [ 467.625840][T15064] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/syz8,task=syz.8.19524,pid=15064,uid=0 [ 467.632779][T15064] Out of memory (oom_kill_allocating_task): Killed process 15064 (syz.8.19524) total-vm:103636kB, anon-rss:788kB, file-rss:20584kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000 [ 467.742630][ T1321] usb 11-1: new high-speed USB device number 5 using dummy_hcd [ 467.788396][T15108] netlink: 8 bytes leftover after parsing attributes in process `syz.7.19549'. [ 467.874641][T15116] netlink: 4 bytes leftover after parsing attributes in process `syz.7.19548'. [ 467.902337][ T1321] usb 11-1: Using ep0 maxpacket: 8 [ 467.905307][ T1321] usb 11-1: config index 0 descriptor too short (expected 301, got 45) [ 467.908206][ T1321] usb 11-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 467.911154][ T1321] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 467.914214][ T1321] usb 11-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 467.917909][ T1321] usb 11-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 467.923436][ T1321] usb 11-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 467.926773][ T1321] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 468.040232][T15129] netlink: 'syz.7.19555': attribute type 6 has an invalid length. [ 468.147390][ T1321] usb 11-1: GET_CAPABILITIES returned 0 [ 468.149095][ T1321] usbtmc 11-1:16.0: can't read capabilities [ 468.350760][ T64] usb 11-1: USB disconnect, device number 5 [ 468.393637][T15149] sctp: [Deprecated]: syz.7.19559 (pid 15149) Use of struct sctp_assoc_value in delayed_ack socket option. [ 468.393637][T15149] Use struct sctp_sack_info instead [ 468.439514][T15153] netlink: 4 bytes leftover after parsing attributes in process `syz.4.19562'. [ 469.758453][T15223] pimreg: entered allmulticast mode [ 470.439517][T15263] netlink: 12 bytes leftover after parsing attributes in process `syz.4.19610'. [ 470.669500][T15273] pimreg: entered allmulticast mode [ 470.746303][T15278] vivid-007: disconnect [ 470.748854][T15277] vivid-007: reconnect [ 470.966974][T15292] netlink: 8 bytes leftover after parsing attributes in process `syz.4.19625'. [ 471.036105][T15296] netlink: 72 bytes leftover after parsing attributes in process `syz.4.19627'. [ 471.126016][T15304] sch_tbf: burst 0 is lower than device lo mtu (11337746) ! [ 471.313117][T15320] netlink: 4 bytes leftover after parsing attributes in process `syz.8.19639'. [ 471.317183][T15320] netlink: 16 bytes leftover after parsing attributes in process `syz.8.19639'. [ 471.418179][T15324] batadv_slave_1: entered promiscuous mode [ 471.421177][T15323] batadv_slave_1: left promiscuous mode [ 471.530417][T15338] netlink: 'syz.6.19648': attribute type 18 has an invalid length. [ 471.615251][T15346] vlan2: entered promiscuous mode [ 471.617456][T15346] bridge0: entered promiscuous mode [ 471.683680][T15352] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 471.778570][T15365] netlink: 'syz.7.19661': attribute type 18 has an invalid length. [ 471.783638][T15365] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 471.786341][T15365] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 471.789020][T15365] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 471.791718][T15365] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 472.026308][T15381] netlink: 28 bytes leftover after parsing attributes in process `syz.7.19670'. [ 472.082744][T15385] netlink: 'syz.4.19671': attribute type 18 has an invalid length. [ 472.639247][T15416] netlink: 'syz.6.19684': attribute type 18 has an invalid length. [ 473.920806][T15493] netlink: 12 bytes leftover after parsing attributes in process `syz.6.19718'. [ 474.019618][T15502] netlink: 28 bytes leftover after parsing attributes in process `syz.8.19722'. [ 474.300953][T15533] netlink: 12 bytes leftover after parsing attributes in process `syz.8.19733'. [ 474.471377][T15541] netlink: 28 bytes leftover after parsing attributes in process `syz.6.19737'. [ 474.992571][T15566] netlink: 4 bytes leftover after parsing attributes in process `syz.8.19755'. [ 475.211015][ T39] audit: type=1326 audit(2000000132.679:41765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15588 comm="syz.7.19765" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x0 [ 476.104068][T15629] mkiss: ax0: crc mode is auto. [ 476.235661][T15643] netlink: 12 bytes leftover after parsing attributes in process `syz.7.19787'. [ 476.824156][T15689] e1000 0000:00:06.0 eth0: Unsupported Speed/Duplex configuration [ 476.878687][T15698] netlink: 'syz.7.19813': attribute type 2 has an invalid length. [ 476.973949][T15709] mkiss: ax0: crc mode is auto. [ 477.300655][ T39] audit: type=1326 audit(2000000134.769:41766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15742 comm="syz.8.19834" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x0 [ 478.260720][T15774] mac80211_hwsim hwsim43 wlan1: entered promiscuous mode [ 478.293793][T15780] netlink: 24 bytes leftover after parsing attributes in process `syz.6.19851'. [ 478.393232][T15788] bridge0: port 2(bridge_slave_1) entered listening state [ 478.396888][T15788] bridge0: port 2(bridge_slave_1) entered disabled state [ 478.547242][T15802] netlink: 80 bytes leftover after parsing attributes in process `syz.7.19861'. [ 478.637497][T15811] netlink: 8 bytes leftover after parsing attributes in process `syz.7.19865'. [ 478.678472][T15815] netlink: 'syz.7.19867': attribute type 4 has an invalid length. [ 478.811207][ T39] audit: type=1326 audit(2000000136.269:41767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15823 comm="syz.4.19871" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf744e579 code=0x0 [ 478.892221][ T64] usb 13-1: new high-speed USB device number 3 using dummy_hcd [ 479.052063][ T64] usb 13-1: Using ep0 maxpacket: 8 [ 479.056689][ T64] usb 13-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b [ 479.059514][ T64] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 479.062135][ T64] usb 13-1: Product: syz [ 479.063440][ T64] usb 13-1: Manufacturer: syz [ 479.064923][ T64] usb 13-1: SerialNumber: syz [ 479.067467][ T64] usb 13-1: config 0 descriptor?? [ 479.070762][ T64] option 13-1:0.0: GSM modem (1-port) converter detected [ 479.277720][ T9897] usb 13-1: USB disconnect, device number 3 [ 479.281093][ T9897] option 13-1:0.0: device disconnected [ 479.917487][T15876] netlink: 8 bytes leftover after parsing attributes in process `syz.8.19895'. [ 480.367611][T15918] netlink: 40 bytes leftover after parsing attributes in process `syz.4.19913'. [ 480.812236][ T8445] usb 13-1: new high-speed USB device number 4 using dummy_hcd [ 480.962002][ T8445] usb 13-1: Using ep0 maxpacket: 8 [ 480.965333][ T8445] usb 13-1: config 0 has an invalid interface number: 1 but max is 0 [ 480.970965][ T8445] usb 13-1: config 0 has no interface number 0 [ 480.973922][ T8445] usb 13-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 480.982397][ T8445] usb 13-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 480.986271][ T8445] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 480.995911][ T8445] usb 13-1: config 0 descriptor?? [ 481.005683][ T8445] iowarrior 13-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 481.067088][T15954] mkiss: ax0: crc mode is auto. [ 481.204594][ T56] usb 13-1: USB disconnect, device number 4 [ 481.702001][T15979] netlink: 40 bytes leftover after parsing attributes in process `syz.7.19939'. [ 481.783083][T15989] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 481.914159][T16000] loop6: detected capacity change from 0 to 524287999 [ 481.917133][ C1] blk_print_req_error: 194 callbacks suppressed [ 481.917143][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 481.923148][ C1] buffer_io_error: 194 callbacks suppressed [ 481.923155][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 481.929308][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 481.932378][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 481.935082][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 481.939027][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 481.945770][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 481.949358][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 481.953008][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 481.956896][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 481.960562][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 481.964530][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 481.967794][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 481.971724][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 481.981192][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 481.985073][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 481.988313][T16000] ldm_validate_partition_table(): Disk read failed. [ 481.992271][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 481.996024][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 481.999911][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 482.003975][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 482.041143][T16000] Dev loop6: unable to read RDB block 0 [ 482.045537][T16000] loop6: unable to read partition table [ 482.048324][T16000] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 482.066390][ T5363] ldm_validate_partition_table(): Disk read failed. [ 482.069740][ T5363] Dev loop6: unable to read RDB block 0 [ 482.080107][ T5363] loop6: unable to read partition table [ 482.552486][ T5962] Bluetooth: hci0: command 0x0419 tx timeout [ 482.755597][T16056] e1000 0000:00:06.0 eth0: Unsupported Speed/Duplex configuration [ 483.439326][T16114] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 483.608505][T16125] mac80211_hwsim hwsim38 wlan0: entered promiscuous mode [ 483.611180][T16125] macvtap1: entered promiscuous mode [ 483.613294][T16125] macvtap1: entered allmulticast mode [ 483.615055][T16125] mac80211_hwsim hwsim38 wlan0: entered allmulticast mode [ 485.551034][T16158] loop9: detected capacity change from 0 to 8 [ 485.558077][T16158] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 485.559743][T16158] loop9: partition table partially beyond EOD, truncated [ 485.564111][T16158] loop9: p1 size 81768186 extends beyond EOD, truncated [ 485.579663][ T9927] udevd[9927]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory [ 485.942103][ T56] usb 12-1: new high-speed USB device number 5 using dummy_hcd [ 486.102276][ T56] usb 12-1: Using ep0 maxpacket: 8 [ 486.106308][ T56] usb 12-1: config 0 has an invalid interface number: 1 but max is 0 [ 486.109811][ T56] usb 12-1: config 0 has no interface number 0 [ 486.112557][ T56] usb 12-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 486.117180][ T56] usb 12-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 486.121234][ T56] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 486.131051][ T56] usb 12-1: config 0 descriptor?? [ 486.138955][ T56] iowarrior 12-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 486.213287][T16176] mkiss: ax0: crc mode is auto. [ 486.347095][ T35] usb 12-1: USB disconnect, device number 5 [ 486.571855][T16201] mkiss: ax0: crc mode is auto. [ 486.761118][ T4154] bond0: (slave syz_tun): Releasing backup interface [ 486.842830][T16218] netlink: 'syz.6.20051': attribute type 21 has an invalid length. [ 486.846709][T16218] netlink: 'syz.6.20051': attribute type 1 has an invalid length. [ 487.131527][ T5962] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 487.138233][ T5962] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 487.147758][ T5962] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 487.158775][ T5962] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 487.166257][ T5962] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 487.169435][ T5962] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 487.263092][T16230] sit0 speed is unknown, defaulting to 1000 [ 487.298359][T16230] wlan0 speed is unknown, defaulting to 1000 [ 487.394022][T16230] chnl_net:caif_netlink_parms(): no params data found [ 487.472199][ T56] usb 12-1: new high-speed USB device number 6 using dummy_hcd [ 487.494025][ T5962] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 487.501284][ T5962] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 487.511082][ T5962] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 487.514790][T16230] bridge0: port 1(bridge_slave_0) entered blocking state [ 487.518091][T16230] bridge0: port 1(bridge_slave_0) entered disabled state [ 487.521362][T16230] bridge_slave_0: entered allmulticast mode [ 487.525296][ T5962] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 487.525968][T16230] bridge_slave_0: entered promiscuous mode [ 487.527759][ T5962] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 487.532183][T16230] bridge0: port 2(bridge_slave_1) entered blocking state [ 487.534386][ T5962] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 487.535865][T16230] bridge0: port 2(bridge_slave_1) entered disabled state [ 487.541152][T16230] bridge_slave_1: entered allmulticast mode [ 487.545775][T16230] bridge_slave_1: entered promiscuous mode [ 487.594128][T16230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 487.598249][T16230] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 487.622259][ T56] usb 12-1: Using ep0 maxpacket: 16 [ 487.633743][ T56] usb 12-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 487.636520][ T56] usb 12-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 487.639106][ T56] usb 12-1: Product: syz [ 487.640487][ T56] usb 12-1: Manufacturer: syz [ 487.642080][ T56] usb 12-1: SerialNumber: syz [ 487.648622][T16250] netlink: 'syz.8.20064': attribute type 21 has an invalid length. [ 487.650163][ T56] usb 12-1: config 0 descriptor?? [ 487.652123][T16250] netlink: 'syz.8.20064': attribute type 1 has an invalid length. [ 487.660386][T16230] team0: Port device team_slave_0 added [ 487.670102][T16230] team0: Port device team_slave_1 added [ 487.743732][T16230] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 487.746134][T16230] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 487.757720][T16230] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 487.762344][T16243] sit0 speed is unknown, defaulting to 1000 [ 487.772811][T16230] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 487.774910][T16230] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 487.782776][T16230] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 487.826501][T16256] netlink: 'syz.8.20067': attribute type 8 has an invalid length. [ 487.842888][T16230] hsr_slave_0: entered promiscuous mode [ 487.846038][T16230] hsr_slave_1: entered promiscuous mode [ 487.848876][T16230] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 487.852883][T16230] Cannot create hsr debugfs directory [ 487.855650][T16243] wlan0 speed is unknown, defaulting to 1000 [ 487.873132][ T56] usb 12-1: USB disconnect, device number 6 [ 488.060228][T16230] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 488.105840][T16243] chnl_net:caif_netlink_parms(): no params data found [ 488.150372][T16230] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 488.202690][T16243] bridge0: port 1(bridge_slave_0) entered blocking state [ 488.205931][T16243] bridge0: port 1(bridge_slave_0) entered disabled state [ 488.209154][T16243] bridge_slave_0: entered allmulticast mode [ 488.212761][T16243] bridge_slave_0: entered promiscuous mode [ 488.217044][T16243] bridge0: port 2(bridge_slave_1) entered blocking state [ 488.220237][T16243] bridge0: port 2(bridge_slave_1) entered disabled state [ 488.223757][T16243] bridge_slave_1: entered allmulticast mode [ 488.226146][T16243] bridge_slave_1: entered promiscuous mode [ 488.258063][T16230] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 488.283731][T16243] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 488.289870][T16243] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 488.328098][T16243] team0: Port device team_slave_0 added [ 488.335318][T16243] team0: Port device team_slave_1 added [ 488.350097][T16230] bond0: (slave netdevsim0): Releasing backup interface [ 488.355384][T16230] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 488.375789][T16243] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 488.377963][T16243] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 488.385999][T16243] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 488.430079][T16243] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 488.433672][T16243] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 488.441880][T16243] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 488.490591][T16243] hsr_slave_0: entered promiscuous mode [ 488.495242][T16243] hsr_slave_1: entered promiscuous mode [ 488.497297][T16243] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 488.506616][T16243] Cannot create hsr debugfs directory [ 488.619450][T16230] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 488.633829][T16230] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 488.638021][T16230] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 488.646284][T16230] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 488.691800][T16243] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 488.761496][T16230] 8021q: adding VLAN 0 to HW filter on device bond0 [ 488.783662][T16230] 8021q: adding VLAN 0 to HW filter on device team0 [ 488.791071][ T1230] bridge0: port 1(bridge_slave_0) entered blocking state [ 488.794094][ T1230] bridge0: port 1(bridge_slave_0) entered forwarding state [ 488.798788][ T1230] bridge0: port 2(bridge_slave_1) entered blocking state [ 488.801815][ T1230] bridge0: port 2(bridge_slave_1) entered forwarding state [ 488.809778][T16289] netlink: 52 bytes leftover after parsing attributes in process `syz.7.20080'. [ 488.814526][T16289] netlink: 8 bytes leftover after parsing attributes in process `syz.7.20080'. [ 488.843631][T16243] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 488.929184][T16243] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 488.985161][T16230] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 489.032783][T16243] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 489.108217][T16230] veth0_vlan: entered promiscuous mode [ 489.112809][T16230] veth1_vlan: entered promiscuous mode [ 489.143239][T16230] veth0_macvtap: entered promiscuous mode [ 489.146900][T16230] veth1_macvtap: entered promiscuous mode [ 489.157259][T16230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 489.160535][T16230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.164651][T16230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 489.168078][T16230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.170994][T16230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 489.174679][T16230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.177638][T16230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 489.180817][T16230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.184882][T16230] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 489.201312][ T66] Bluetooth: hci0: command tx timeout [ 489.212535][T16230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 489.216649][T16230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.219969][T16230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 489.223728][T16230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.226737][T16230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 489.229956][T16230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.233168][T16230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 489.236422][T16230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.240260][T16230] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 489.258635][T16230] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 489.261350][T16230] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 489.264724][T16230] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 489.267368][T16230] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 489.271048][T16243] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 489.275003][T16243] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 489.283862][T16243] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 489.291456][T16243] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 489.343682][ T2320] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 489.346302][ T2320] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 489.361213][ T2320] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 489.364649][T16243] 8021q: adding VLAN 0 to HW filter on device bond0 [ 489.364811][ T2320] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 489.371773][T16243] 8021q: adding VLAN 0 to HW filter on device team0 [ 489.377053][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 489.380007][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 489.389487][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 489.392363][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 489.511153][T16243] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 489.594512][ T66] Bluetooth: hci3: command tx timeout [ 489.638618][T16243] veth0_vlan: entered promiscuous mode [ 489.651829][T16243] veth1_vlan: entered promiscuous mode [ 489.679553][T16243] veth0_macvtap: entered promiscuous mode [ 489.686698][T16348] netlink: 12 bytes leftover after parsing attributes in process `syz.4.20096'. [ 489.689454][T16348] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 489.696894][T16243] veth1_macvtap: entered promiscuous mode [ 489.697839][T16350] netlink: 24 bytes leftover after parsing attributes in process `syz.8.20097'. [ 489.711477][T16243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 489.719351][T16243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.725289][T16243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 489.729661][T16243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.734643][T16243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 489.738511][T16243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.743974][T16243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 489.748289][T16243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.752345][T16243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 489.755530][T16243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.759378][T16243] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 489.764816][T16243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 489.768588][T16243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.774029][T16243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 489.777957][T16243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.780965][T16243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 489.785462][T16243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.789096][T16243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 489.792527][T16243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.795914][T16243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 489.799076][T16243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 489.803209][T16243] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 489.808957][T16243] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 489.811629][T16243] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 489.814748][T16243] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 489.818210][T16243] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 489.906734][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 489.909726][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 489.927122][ T90] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 489.930103][ T90] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 490.390258][T16408] netlink: 'syz.8.20125': attribute type 1 has an invalid length. [ 490.393782][T16408] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 490.397409][T16408] IPv6: NLM_F_CREATE should be set when creating new route [ 490.435138][T16413] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 490.752847][T16424] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 490.757870][T16424] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 490.762823][T16424] bond0 (unregistering): Released all slaves [ 490.842519][T16436] netlink: 100 bytes leftover after parsing attributes in process `syz.7.20137'. [ 490.969291][ T66] Bluetooth: hci2: Malformed LE Event: 0x0d [ 491.137861][T16374] Set syz1 is full, maxelem 65536 reached [ 491.273392][ T66] Bluetooth: hci0: command tx timeout [ 491.672710][ T66] Bluetooth: hci3: command tx timeout [ 491.887237][T16495] netlink: 180 bytes leftover after parsing attributes in process `syz.7.20164'. [ 493.142976][T16590] bridge0: port 1(bridge_slave_0) entered disabled state [ 493.250085][T16590] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 493.261387][T16590] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 493.333415][T16590] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.337324][T16590] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.341297][T16590] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.345843][T16590] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 493.363224][ T66] Bluetooth: hci0: command tx timeout [ 493.383495][T16590] netdevsim netdevsim8 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 493.388333][T16590] netdevsim netdevsim8 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 493.392682][T16590] netdevsim netdevsim8 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 493.396157][T16590] netdevsim netdevsim8 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 493.403621][T16590] bridge0: left promiscuous mode [ 493.752880][ T66] Bluetooth: hci3: command tx timeout [ 494.383399][T16664] openvswitch: netlink: nsh attribute has 65512 unknown bytes. [ 494.386948][T16664] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 494.680670][T16686] netlink: 4 bytes leftover after parsing attributes in process `syz.8.20251'. [ 494.686459][T16686] netlink: 4 bytes leftover after parsing attributes in process `syz.8.20251'. [ 494.704883][ T39] audit: type=1326 audit(2000000152.179:41768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16636 comm="syz.6.20229" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7fc00000 [ 494.781741][T16698] netlink: 4 bytes leftover after parsing attributes in process `syz.6.20257'. [ 494.873308][T16708] binder: 16707:16708 ioctl c0306201 200003c0 returned -22 [ 494.950925][T16718] Bluetooth: MGMT ver 1.23 [ 495.194139][T16748] netlink: 'syz.7.20282': attribute type 7 has an invalid length. [ 495.228010][T16750] input: syz0 as /devices/virtual/input/input71 [ 495.347986][T16763] netlink: 24 bytes leftover after parsing attributes in process `syz.7.20289'. [ 495.432388][ T66] Bluetooth: hci0: command tx timeout [ 495.830620][T16789] netlink: 12 bytes leftover after parsing attributes in process `syz.4.20301'. [ 495.834749][ T66] Bluetooth: hci3: command tx timeout [ 496.480799][ T39] audit: type=1326 audit(2000000153.949:41769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16828 comm="syz.6.20319" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 496.488030][ T39] audit: type=1326 audit(2000000153.949:41770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16828 comm="syz.6.20319" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 496.494507][ T39] audit: type=1326 audit(2000000153.959:41771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16828 comm="syz.6.20319" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 496.501000][ T39] audit: type=1326 audit(2000000153.959:41772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16828 comm="syz.6.20319" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 496.507621][ T39] audit: type=1326 audit(2000000153.959:41773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16828 comm="syz.6.20319" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 496.516326][ T39] audit: type=1326 audit(2000000153.959:41774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16828 comm="syz.6.20319" exe="/syz-executor" sig=0 arch=40000003 syscall=180 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 496.523026][ T39] audit: type=1326 audit(2000000153.959:41775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16828 comm="syz.6.20319" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 496.529422][ T39] audit: type=1326 audit(2000000153.959:41776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16828 comm="syz.6.20319" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 497.044702][T16862] netlink: 8 bytes leftover after parsing attributes in process `syz.6.20334'. [ 497.047774][T16862] netlink: 'syz.6.20334': attribute type 22 has an invalid length. [ 497.050845][T16862] netlink: 4 bytes leftover after parsing attributes in process `syz.6.20334'. [ 497.242276][T16877] netlink: 8 bytes leftover after parsing attributes in process `syz.4.20341'. [ 497.348364][T16896] netlink: 8 bytes leftover after parsing attributes in process `syz.8.20350'. [ 497.352272][T16896] netlink: 24 bytes leftover after parsing attributes in process `syz.8.20350'. [ 498.314043][T16965] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 498.315952][T16965] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 498.337446][T16965] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 498.339832][T16965] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 498.351962][T16965] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 498.357110][T16965] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 498.360713][T16965] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 498.369936][T16965] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 498.378358][T16965] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 498.389179][T16965] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 498.391107][T16965] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 498.420293][T16965] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 498.850105][T17030] tmpfs: Invalid gid '0x00000000ffffffff' [ 498.904508][T17037] netlink: 'syz.6.20417': attribute type 1 has an invalid length. [ 499.186196][ T39] audit: type=1326 audit(2000000156.649:41777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17075 comm="syz.6.20436" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 499.419005][T17088] bond0: entered promiscuous mode [ 499.420672][T17088] bond_slave_0: entered promiscuous mode [ 499.422650][T17088] bond_slave_1: entered promiscuous mode [ 499.424953][T17088] batadv0: entered promiscuous mode [ 499.429008][T17088] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network [ 499.432217][T17088] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network [ 499.441295][T17088] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 499.473870][T17092] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 499.609680][T17121] kernel read not supported for file /.pending_reads (pid: 17121 comm: syz.8.20456) [ 500.102354][ T1321] usb 13-1: new full-speed USB device number 5 using dummy_hcd [ 500.254801][ T1321] usb 13-1: config 0 has no interfaces? [ 500.259063][ T1321] usb 13-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= b.72 [ 500.261767][ T1321] usb 13-1: New USB device strings: Mfr=28, Product=37, SerialNumber=3 [ 500.270928][ T1321] usb 13-1: Product: syz [ 500.272604][ T1321] usb 13-1: Manufacturer: syz [ 500.274033][ T1321] usb 13-1: SerialNumber: syz [ 500.276407][ T1321] usb 13-1: config 0 descriptor?? [ 500.345728][T17212] gretap1: entered allmulticast mode [ 500.346417][T17214] __nla_validate_parse: 4 callbacks suppressed [ 500.346426][T17214] netlink: 24 bytes leftover after parsing attributes in process `syz.7.20500'. [ 500.348093][T17212] bridge0: port 3(gretap1) entered blocking state [ 500.354204][T17212] bridge0: port 3(gretap1) entered disabled state [ 500.356856][T17212] gretap1: entered promiscuous mode [ 500.358787][T17212] bridge0: port 3(gretap1) entered blocking state [ 500.360820][T17212] bridge0: port 3(gretap1) entered forwarding state [ 500.392674][ C2] bridge0: received packet on gretap1 with own address as source address (addr:e6:f8:10:af:72:13, vlan:0) [ 500.404043][ T66] Bluetooth: hci3: command 0x0405 tx timeout [ 500.404125][ T5962] Bluetooth: hci0: command 0x0c1a tx timeout [ 500.406007][ T66] Bluetooth: hci2: command 0x0405 tx timeout [ 500.407951][ T5962] Bluetooth: hci1: command 0x0c1a tx timeout [ 500.488275][ T9897] usb 13-1: USB disconnect, device number 5 [ 500.492154][ C2] bridge0: received packet on gretap1 with own address as source address (addr:e6:f8:10:af:72:13, vlan:0) [ 500.534844][ C0] bridge0: received packet on gretap1 with own address as source address (addr:e6:f8:10:af:72:13, vlan:0) [ 500.734179][T17250] veth1_to_team: entered promiscuous mode [ 500.936136][T17258] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 500.942067][T17258] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 500.955078][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 500.961032][T17258] bond0 (unregistering): Released all slaves [ 501.167729][T17294] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present [ 501.595325][ C3] bridge0: received packet on gretap1 with own address as source address (addr:e6:f8:10:af:72:13, vlan:0) [ 501.596216][ C0] bridge0: received packet on gretap1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 501.599101][ C3] bridge0: received packet on gretap1 with own address as source address (addr:e6:f8:10:af:72:13, vlan:0) [ 501.704477][T17311] netlink: 'syz.6.20542': attribute type 1 has an invalid length. [ 501.707381][T17311] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 501.709921][T17311] IPv6: NLM_F_CREATE should be set when creating new route [ 502.028016][T17346] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 502.157795][ T5962] Bluetooth: hci0: Malformed LE Event: 0x0d [ 502.190140][T17357] netlink: 100 bytes leftover after parsing attributes in process `syz.4.20563'. [ 502.227119][T17359] sp0: Synchronizing with TNC [ 502.405117][ C3] bridge0: received packet on gretap1 with own address as source address (addr:e6:f8:10:af:72:13, vlan:0) [ 502.472917][ T5962] Bluetooth: hci2: command 0x0405 tx timeout [ 502.472941][T15017] Bluetooth: hci0: command 0x0c1a tx timeout [ 502.472953][T17217] Bluetooth: hci3: command 0x0405 tx timeout [ 502.474601][T17217] Bluetooth: hci1: command 0x0c1a tx timeout [ 502.492894][T17377] bond0 (unregistering): left promiscuous mode [ 502.494718][T17377] bond_slave_0: left promiscuous mode [ 502.496352][T17377] bond_slave_1: left promiscuous mode [ 502.499198][T17377] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 502.502862][T17377] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 502.506054][T17377] bond0 (unregistering): Released all slaves [ 502.779175][T17402] sit0 speed is unknown, defaulting to 1000 [ 502.807350][T17408] team0: No ports can be present during mode change [ 502.829625][T17402] wlan0 speed is unknown, defaulting to 1000 [ 502.843796][ T39] kauditd_printk_skb: 11 callbacks suppressed [ 502.843805][ T39] audit: type=1326 audit(2000000160.319:41789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17342 comm="syz.7.20559" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7fc00000 [ 503.020186][T17420] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 503.025396][T17420] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 503.029551][T17420] bond0 (unregistering): Released all slaves [ 503.074506][T17428] input: syz1 as /devices/virtual/input/input72 [ 503.083572][T17430] netlink: 52 bytes leftover after parsing attributes in process `syz.7.20596'. [ 503.109551][ T39] audit: type=1326 audit(2000000160.579:41790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17431 comm="syz.4.20598" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 503.116090][ T39] audit: type=1326 audit(2000000160.579:41791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17431 comm="syz.4.20598" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 503.123186][ T39] audit: type=1326 audit(2000000160.589:41792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17431 comm="syz.4.20598" exe="/syz-executor" sig=0 arch=40000003 syscall=343 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 503.129683][ T39] audit: type=1326 audit(2000000160.595:41793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17431 comm="syz.4.20598" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 503.136836][ T39] audit: type=1326 audit(2000000160.595:41794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17431 comm="syz.4.20598" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 503.162264][ T5987] usb 13-1: new high-speed USB device number 6 using dummy_hcd [ 503.334457][ T5987] usb 13-1: Using ep0 maxpacket: 8 [ 503.342573][ T5987] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 503.346374][ T5987] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 503.349266][ T5987] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 503.371981][ T5987] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 503.376073][ T5987] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 503.379249][ T5987] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 503.431826][T17453] Failed to get privilege flags for destination (handle=0x2:0x0) [ 503.599857][ T5987] usb 13-1: GET_CAPABILITIES returned 0 [ 503.601537][ T5987] usbtmc 13-1:16.0: can't read capabilities [ 503.804827][ T5987] usb 13-1: USB disconnect, device number 6 [ 503.960445][T17444] Set syz1 is full, maxelem 65536 reached [ 504.029131][T17456] netlink: 180 bytes leftover after parsing attributes in process `syz.6.20609'. [ 504.330869][T17477] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 504.335151][T17477] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 504.338691][T17477] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 504.448916][T17496] netlink: 180 bytes leftover after parsing attributes in process `syz.8.20627'. [ 504.552136][T15017] Bluetooth: hci3: command 0x0405 tx timeout [ 504.552148][ T5962] Bluetooth: hci0: command 0x0c1a tx timeout [ 504.562049][ T5962] Bluetooth: hci1: command 0x0c1a tx timeout [ 504.562068][T15017] Bluetooth: hci2: command 0x0405 tx timeout [ 505.442489][ C2] bridge0: received packet on gretap1 with own address as source address (addr:e6:f8:10:af:72:13, vlan:0) [ 505.477903][T17611] netlink: 4 bytes leftover after parsing attributes in process `syz.7.20677'. [ 505.657490][T17641] loop9: detected capacity change from 0 to 1 [ 505.659822][T17641] Dev loop9: unable to read RDB block 1 [ 505.661566][T17641] loop9: unable to read partition table [ 505.663993][T17641] loop9: partition table beyond EOD, truncated [ 505.665885][T17641] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5) [ 505.869507][ T5966] kernel write not supported for file /input/event0 (pid: 5966 comm: kworker/2:2) [ 505.935542][T17669] loop9: detected capacity change from 0 to 1 [ 505.940407][T17669] Dev loop9: unable to read RDB block 1 [ 505.942929][T17669] loop9: unable to read partition table [ 505.944762][T17669] loop9: partition table beyond EOD, truncated [ 505.946688][T17669] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5) [ 505.983522][T17675] bond0: entered promiscuous mode [ 505.985723][T17675] batadv0: entered promiscuous mode [ 505.987568][T17675] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 505.989964][T17675] Cannot create hsr debugfs directory [ 505.991857][T17675] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network [ 505.995597][T17675] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 506.195089][T17697] netlink: 'syz.6.20717': attribute type 11 has an invalid length. [ 506.550356][T17741] netlink: 4 bytes leftover after parsing attributes in process `syz.7.20735'. [ 506.589335][T17751] netlink: 8 bytes leftover after parsing attributes in process `syz.8.20740'. [ 506.800037][T17782] netlink: 340 bytes leftover after parsing attributes in process `syz.8.20754'. [ 507.033602][T17817] netlink: 'syz.7.20771': attribute type 9 has an invalid length. [ 507.871471][T17872] Falling back ldisc for ttyS3. [ 507.984751][T15017] Bluetooth: hci3: SCO packet for unknown connection handle 200 [ 508.113918][T17901] netlink: 'syz.7.20808': attribute type 1 has an invalid length. [ 508.118526][T17901] netlink: 24 bytes leftover after parsing attributes in process `syz.7.20808'. [ 508.285658][T17919] loop9: detected capacity change from 0 to 7 [ 508.288182][T17919] Dev loop9: unable to read RDB block 7 [ 508.290126][T17919] loop9: unable to read partition table [ 508.291889][T17919] loop9: partition table beyond EOD, truncated [ 508.294126][T17919] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5) [ 508.702127][ T9897] usb 13-1: new high-speed USB device number 7 using dummy_hcd [ 508.862326][ T9897] usb 13-1: Using ep0 maxpacket: 32 [ 508.866359][ T9897] usb 13-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 508.869033][ T9897] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 508.872259][ T9897] usb 13-1: config 0 descriptor?? [ 508.875297][ T9897] as10x_usb: device has been detected [ 508.877078][ T9897] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 508.882301][ T9897] usb 13-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 508.895537][ T9897] as10x_usb: error during firmware upload part1 [ 508.897718][ T9897] Registered device nBox DVB-T Dongle [ 509.030562][T17984] misc userio: Begin command sent, but we're already running [ 509.077823][ T56] usb 13-1: USB disconnect, device number 7 [ 509.086226][ T56] Unregistered device nBox DVB-T Dongle [ 509.086638][ T56] as10x_usb: device has been disconnected [ 509.139056][T17990] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 510.114674][T18023] netlink: 16 bytes leftover after parsing attributes in process `syz.6.20865'. [ 510.117333][T18023] netlink: 92 bytes leftover after parsing attributes in process `syz.6.20865'. [ 510.120014][T18023] vlan0: entered allmulticast mode [ 510.121546][T18023] veth0_vlan: entered allmulticast mode [ 510.402233][T18044] Falling back ldisc for ttyS3. [ 510.434531][T18050] netlink: 4 bytes leftover after parsing attributes in process `syz.6.20878'. [ 510.721843][T18067] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 511.020767][T18081] netlink: 10 bytes leftover after parsing attributes in process `syz.6.20890'. [ 511.251850][T18096] netlink: 14 bytes leftover after parsing attributes in process `syz.4.20899'. [ 511.703203][ T39] audit: type=1326 audit(2000000169.175:41795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18123 comm="syz.8.20913" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x0 [ 511.911810][ T39] audit: type=1326 audit(2000000169.375:41796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18086 comm="syz.6.20894" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7fc00000 [ 512.438676][ T39] audit: type=1326 audit(2000000169.905:41797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.6.20935" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 512.445620][ T39] audit: type=1326 audit(2000000169.915:41798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.6.20935" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 512.453274][ T39] audit: type=1326 audit(2000000169.925:41799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.6.20935" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 512.459989][ T39] audit: type=1326 audit(2000000169.925:41800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.6.20935" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 512.467692][ T39] audit: type=1326 audit(2000000169.925:41801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.6.20935" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 512.474629][ T39] audit: type=1326 audit(2000000169.945:41802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.6.20935" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 512.481545][ T39] audit: type=1326 audit(2000000169.945:41803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.6.20935" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 512.488208][ T39] audit: type=1326 audit(2000000169.945:41804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18172 comm="syz.6.20935" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ee579 code=0x7ffc0000 [ 512.967155][T18228] netlink: 8 bytes leftover after parsing attributes in process `syz.7.20961'. [ 513.095518][T18244] sch_tbf: burst 63600 is lower than device lo mtu (65550) ! [ 513.762431][ C2] bridge0: received packet on gretap1 with own address as source address (addr:e6:f8:10:af:72:13, vlan:0) [ 513.837746][T18310] netlink: 16 bytes leftover after parsing attributes in process `syz.7.21000'. [ 513.873360][T18317] Failed to get privilege flags for destination (handle=0x2:0x0) [ 513.904863][T18319] netlink: 194236 bytes leftover after parsing attributes in process `syz.6.21005'. [ 513.907630][T18319] openvswitch: netlink: Message has 3068 unknown bytes. [ 513.988292][T18325] netlink: 194236 bytes leftover after parsing attributes in process `syz.7.21014'. [ 513.991107][T18325] openvswitch: netlink: Message has 3068 unknown bytes. [ 515.752212][T15017] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 515.780851][T18356] netlink: 194236 bytes leftover after parsing attributes in process `syz.8.21018'. [ 515.784257][T18356] openvswitch: netlink: Message has 3068 unknown bytes. [ 516.037591][T18395] netlink: 192 bytes leftover after parsing attributes in process `syz.7.21040'. [ 516.121715][T18405] netlink: 24 bytes leftover after parsing attributes in process `syz.6.21045'. [ 516.320152][ C0] bridge0: received packet on gretap1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 516.551176][T18479] netlink: 'syz.4.21080': attribute type 2 has an invalid length. [ 516.614615][T18488] misc userio: Can't change port type on an already running userio instance [ 516.737517][T18506] netlink: 8 bytes leftover after parsing attributes in process `syz.4.21092'. [ 516.757402][T18510] netlink: 20 bytes leftover after parsing attributes in process `syz.8.21094'. [ 517.274984][T18578] binder: 18577:18578 ioctl 541b 0 returned -22 [ 517.291467][T18581] netlink: 4 bytes leftover after parsing attributes in process `syz.6.21123'. [ 517.496101][ T39] kauditd_printk_skb: 20 callbacks suppressed [ 517.496112][ T39] audit: type=1326 audit(2000000174.965:41825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18611 comm="syz.4.21144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f6f598 code=0x7ffc0000 [ 517.512516][ T39] audit: type=1326 audit(2000000174.965:41826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18611 comm="syz.4.21144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f6f598 code=0x7ffc0000 [ 517.519126][ T39] audit: type=1326 audit(2000000174.965:41827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18611 comm="syz.4.21144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f6f598 code=0x7ffc0000 [ 517.525783][ T39] audit: type=1326 audit(2000000174.965:41828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18611 comm="syz.4.21144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f6f598 code=0x7ffc0000 [ 517.532830][ T39] audit: type=1326 audit(2000000174.965:41829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18611 comm="syz.4.21144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f6f598 code=0x7ffc0000 [ 517.539216][ T39] audit: type=1326 audit(2000000174.965:41830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18611 comm="syz.4.21144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f6f598 code=0x7ffc0000 [ 517.546668][ T39] audit: type=1326 audit(2000000174.965:41831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18611 comm="syz.4.21144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f6f598 code=0x7ffc0000 [ 517.553374][ T39] audit: type=1326 audit(2000000174.965:41832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18611 comm="syz.4.21144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f6f598 code=0x7ffc0000 [ 517.559761][ T39] audit: type=1326 audit(2000000174.965:41833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18611 comm="syz.4.21144" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f6f598 code=0x7ffc0000 [ 517.566303][ T39] audit: type=1326 audit(2000000174.965:41834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18611 comm="syz.4.21144" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f6f579 code=0x7ffc0000 [ 517.683281][T18623] netlink: 'syz.4.21149': attribute type 1 has an invalid length. [ 517.685731][T18623] netlink: 134708 bytes leftover after parsing attributes in process `syz.4.21149'. [ 517.702033][ T35] usb 13-1: new high-speed USB device number 8 using dummy_hcd [ 517.714590][T18625] bridge0: port 3(gretap1) entered disabled state [ 517.718185][T18625] bridge0: port 2(bridge_slave_1) entered disabled state [ 517.720442][T18625] bridge0: port 1(bridge_slave_0) entered disabled state [ 517.766897][T18630] input: syz0 as /devices/virtual/input/input80 [ 517.793208][T18634] netlink: 4 bytes leftover after parsing attributes in process `syz.7.21154'. [ 517.799300][T18634] netlink: 4 bytes leftover after parsing attributes in process `syz.7.21154'. [ 517.818251][T18637] bridge0: port 1(bridge_slave_0) entered blocking state [ 517.820501][T18637] bridge0: port 1(bridge_slave_0) entered forwarding state [ 517.852612][ T35] usb 13-1: Using ep0 maxpacket: 16 [ 517.862784][ T35] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 517.866115][ T35] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 517.869909][ T35] usb 13-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 517.873655][ T35] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 517.877018][ T35] usb 13-1: config 0 descriptor?? [ 519.657777][T18736] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 519.672829][T18738] o2cb: This node has not been configured. [ 519.675162][T18738] o2cb: Cluster check failed. Fix errors before retrying. [ 519.681186][T18738] (syz.7.21203,18738,1):user_dlm_register:674 ERROR: status = -22 [ 519.689195][T18738] (syz.7.21203,18738,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0" [ 519.748828][ T12] tipc: Subscription rejected, illegal request [ 519.760795][T18746] sit0 speed is unknown, defaulting to 1000 [ 519.796120][T18746] wlan0 speed is unknown, defaulting to 1000 [ 520.274685][T18787] ipvlan2: entered promiscuous mode [ 520.276373][T18787] ipvlan2: entered allmulticast mode [ 520.396692][T18797] netlink: 12 bytes leftover after parsing attributes in process `syz.6.21229'. [ 520.467675][ T35] usbhid 13-1:0.0: can't add hid device: -71 [ 520.469842][ T35] usbhid 13-1:0.0: probe with driver usbhid failed with error -71 [ 520.473149][ T35] usb 13-1: USB disconnect, device number 8 [ 520.871140][T18840] kvm: kvm [18839]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x4000000f) [ 521.138034][T18887] xt_cgroup: path and classid specified [ 521.365209][T18918] sit0 speed is unknown, defaulting to 1000 [ 521.399840][T18918] wlan0 speed is unknown, defaulting to 1000 [ 521.644887][T18962] netlink: 188 bytes leftover after parsing attributes in process `syz.7.21303'. [ 521.647643][T18962] netlink: 'syz.7.21303': attribute type 1 has an invalid length. [ 521.652284][T18961] input: syz1 as /devices/virtual/input/input82 [ 521.786912][T18975] atomic_op ffff8880586f4198 conn xmit_atomic 0000000000000000 [ 522.098627][T19015] netlink: 256 bytes leftover after parsing attributes in process `syz.8.21330'. [ 522.101360][T19015] netlink: 72 bytes leftover after parsing attributes in process `syz.8.21330'. [ 522.228635][T19026] netlink: 12 bytes leftover after parsing attributes in process `syz.8.21336'. [ 522.283039][T19034] netlink: 'syz.8.21339': attribute type 27 has an invalid length. [ 522.288954][T19034] vlan2: left promiscuous mode [ 522.321187][T19034] 8021q: adding VLAN 0 to HW filter on device team0 [ 522.328068][T19034] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 522.398377][T19046] netlink: 8 bytes leftover after parsing attributes in process `syz.4.21345'. [ 522.401544][T19046] netlink: 12 bytes leftover after parsing attributes in process `syz.4.21345'. [ 522.529467][ T39] kauditd_printk_skb: 136 callbacks suppressed [ 522.529475][ T39] audit: type=1326 audit(2000000179.995:41971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.7.21356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 522.538260][ T39] audit: type=1326 audit(2000000179.995:41972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.7.21356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 522.549388][ T39] audit: type=1326 audit(2000000180.005:41973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.7.21356" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 522.556919][ T39] audit: type=1326 audit(2000000180.005:41974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.7.21356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 522.564446][ T39] audit: type=1326 audit(2000000180.005:41975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.7.21356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 522.571142][ T39] audit: type=1326 audit(2000000180.015:41976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.7.21356" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 522.578064][ T39] audit: type=1326 audit(2000000180.015:41977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.7.21356" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 522.584781][ T39] audit: type=1326 audit(2000000180.015:41978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.7.21356" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fc35a7 code=0x7ffc0000 [ 522.591385][ T39] audit: type=1326 audit(2000000180.015:41979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.7.21356" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 522.598148][ T39] audit: type=1326 audit(2000000180.015:41980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19066 comm="syz.7.21356" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fc35a7 code=0x7ffc0000 [ 522.771267][T19084] siw: device registration error -23 [ 522.886030][T19094] netlink: 8 bytes leftover after parsing attributes in process `syz.4.21368'. [ 523.053122][T19108] netlink: 4 bytes leftover after parsing attributes in process `syz.6.21375'. [ 524.365300][T19194] [ 524.366090][T19194] ====================================================== [ 524.368154][T19194] WARNING: possible circular locking dependency detected [ 524.370179][T19194] 6.13.0-syzkaller-08291-g805ba04cb7cc #0 Not tainted [ 524.373040][T19194] ------------------------------------------------------ [ 524.374545][T19200] netlink: 4 bytes leftover after parsing attributes in process `syz.6.21417'. [ 524.375519][T19194] syz.8.21414/19194 is trying to acquire lock: [ 524.375527][T19194] ffff88806a455e58 (sk_lock-AF_SMC){+.+.}-{0:0}, at: smc_shutdown+0x65/0x7f0 [ 524.382576][T19194] [ 524.382576][T19194] but task is already holding lock: [ 524.385014][T19194] ffff888026b96270 (&nsock->tx_lock){+.+.}-{4:4}, at: sock_shutdown+0x16f/0x280 [ 524.387932][T19194] [ 524.387932][T19194] which lock already depends on the new lock. [ 524.387932][T19194] [ 524.390996][T19194] [ 524.390996][T19194] the existing dependency chain (in reverse order) is: [ 524.393702][T19194] [ 524.393702][T19194] -> #6 (&nsock->tx_lock){+.+.}-{4:4}: [ 524.395970][T19194] __mutex_lock+0x19b/0xb10 [ 524.397454][T19194] sock_shutdown+0x16f/0x280 [ 524.399010][T19194] nbd_ioctl+0x49b/0xd60 [ 524.400498][T19194] compat_blkdev_ioctl+0x2f7/0x750 [ 524.402187][T19194] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 524.403910][T19194] __do_fast_syscall_32+0x73/0x120 [ 524.405568][T19194] do_fast_syscall_32+0x32/0x80 [ 524.407187][T19194] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 524.409192][T19194] [ 524.409192][T19194] -> #5 (&nbd->config_lock){+.+.}-{4:4}: [ 524.411515][T19194] __mutex_lock+0x19b/0xb10 [ 524.413006][T19194] refcount_dec_and_mutex_lock+0x51/0xc0 [ 524.414858][T19194] nbd_config_put+0x31/0x750 [ 524.416414][T19194] nbd_release+0xb7/0x190 [ 524.417882][T19194] blkdev_put_whole+0xad/0xf0 [ 524.419456][T19194] bdev_release+0x47e/0x6d0 [ 524.420992][T19194] blkdev_release+0x15/0x20 [ 524.422493][T19194] __fput+0x3ff/0xb70 [ 524.423972][T19194] __fput_sync+0xa1/0xc0 [ 524.425370][T19194] __x64_sys_close+0x86/0x100 [ 524.426932][T19194] do_syscall_64+0xcd/0x250 [ 524.428437][T19194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 524.430316][T19194] [ 524.430316][T19194] -> #4 (&disk->open_mutex){+.+.}-{4:4}: [ 524.432545][T19194] __mutex_lock+0x19b/0xb10 [ 524.434024][T19194] bdev_open+0x41a/0xe20 [ 524.435474][T19194] bdev_file_open_by_dev+0x17d/0x210 [ 524.437238][T19194] disk_scan_partitions+0x1ed/0x320 [ 524.438955][T19194] add_disk_fwnode+0x1006/0x1320 [ 524.440620][T19194] pmem_attach_disk+0x9a1/0x13e0 [ 524.442308][T19194] nd_pmem_probe+0x1a9/0x1f0 [ 524.443852][T19194] nvdimm_bus_probe+0x169/0x5d0 [ 524.445398][T19194] really_probe+0x23e/0xa90 [ 524.446897][T19194] __driver_probe_device+0x1de/0x440 [ 524.448661][T19194] driver_probe_device+0x4c/0x1b0 [ 524.450300][T19194] __driver_attach+0x283/0x580 [ 524.451892][T19194] bus_for_each_dev+0x13c/0x1d0 [ 524.453490][T19194] bus_add_driver+0x2e9/0x690 [ 524.455058][T19194] driver_register+0x15c/0x4b0 [ 524.456636][T19194] __nd_driver_register+0x103/0x1a0 [ 524.458268][T19194] do_one_initcall+0x128/0x630 [ 524.459826][T19194] kernel_init_freeable+0x58f/0x8b0 [ 524.461528][T19194] kernel_init+0x1c/0x2b0 [ 524.462994][T19194] ret_from_fork+0x45/0x80 [ 524.464504][T19194] ret_from_fork_asm+0x1a/0x30 [ 524.466076][T19194] [ 524.466076][T19194] -> #3 (&nvdimm_namespace_key){+.+.}-{4:4}: [ 524.468460][T19194] __mutex_lock+0x19b/0xb10 [ 524.469958][T19194] uevent_show+0x188/0x3b0 [ 524.471446][T19194] dev_attr_show+0x53/0xe0 [ 524.472914][T19194] sysfs_kf_seq_show+0x223/0x3e0 [ 524.474570][T19194] seq_read_iter+0x4f4/0x12b0 [ 524.476133][T19194] kernfs_fop_read_iter+0x414/0x580 [ 524.477825][T19194] vfs_read+0x886/0xbf0 [ 524.479229][T19194] ksys_read+0x12b/0x250 [ 524.480679][T19194] do_syscall_64+0xcd/0x250 [ 524.482191][T19194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 524.484069][T19194] [ 524.484069][T19194] -> #2 (kn->active#5){++++}-{0:0}: [ 524.486286][T19194] kernfs_drain+0x48f/0x590 [ 524.487810][T19194] __kernfs_remove+0x281/0x670 [ 524.489394][T19194] kernfs_remove_by_name_ns+0xb2/0x130 [ 524.491129][T19194] device_del+0x381/0x9f0 [ 524.492628][T19194] unregister_netdevice_many_notify+0x148d/0x21a0 [ 524.494682][T19194] unregister_netdevice_queue+0x307/0x3f0 [ 524.496358][T19194] unregister_netdev+0x21/0x30 [ 524.497933][T19194] mkiss_close+0x1e7/0x340 [ 524.499412][T19194] tty_ldisc_close+0x111/0x1a0 [ 524.501005][T19194] tty_ldisc_kill+0x8e/0x150 [ 524.502558][T19194] tty_ldisc_release+0x17b/0x2a0 [ 524.504201][T19194] tty_release_struct+0x23/0xe0 [ 524.505805][T19194] tty_release+0xe25/0x1410 [ 524.507246][T19194] __fput+0x3ff/0xb70 [ 524.508636][T19194] task_work_run+0x14e/0x250 [ 524.510165][T19194] syscall_exit_to_user_mode+0x27b/0x2a0 [ 524.512009][T19194] __do_fast_syscall_32+0x80/0x120 [ 524.513685][T19194] do_fast_syscall_32+0x32/0x80 [ 524.515303][T19194] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 524.517341][T19194] [ 524.517341][T19194] -> #1 (rtnl_mutex){+.+.}-{4:4}: [ 524.519505][T19194] __mutex_lock+0x19b/0xb10 [ 524.521016][T19194] smc_vlan_by_tcpsk+0x251/0x620 [ 524.522659][T19194] __smc_connect+0x466/0x4920 [ 524.524207][T19194] smc_connect+0x2fc/0x760 [ 524.525680][T19194] __sys_connect_file+0x13e/0x1a0 [ 524.527324][T19194] __sys_connect+0x14f/0x170 [ 524.528857][T19194] __ia32_sys_connect+0x71/0xb0 [ 524.530456][T19194] __do_fast_syscall_32+0x73/0x120 [ 524.532145][T19194] do_fast_syscall_32+0x32/0x80 [ 524.533783][T19194] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 524.535818][T19194] [ 524.535818][T19194] -> #0 (sk_lock-AF_SMC){+.+.}-{0:0}: [ 524.538059][T19194] __lock_acquire+0x249e/0x3c40 [ 524.539662][T19194] lock_acquire.part.0+0x11b/0x380 [ 524.541344][T19194] lock_sock_nested+0x3a/0xf0 [ 524.542912][T19194] smc_shutdown+0x65/0x7f0 [ 524.544397][T19194] nbd_mark_nsock_dead+0xae/0x5d0 [ 524.546068][T19194] sock_shutdown+0x17c/0x280 [ 524.547611][T19194] nbd_ioctl+0x49b/0xd60 [ 524.549041][T19194] compat_blkdev_ioctl+0x2f7/0x750 [ 524.550712][T19194] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 524.552467][T19194] __do_fast_syscall_32+0x73/0x120 [ 524.554140][T19194] do_fast_syscall_32+0x32/0x80 [ 524.555751][T19194] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 524.557772][T19194] [ 524.557772][T19194] other info that might help us debug this: [ 524.557772][T19194] [ 524.560787][T19194] Chain exists of: [ 524.560787][T19194] sk_lock-AF_SMC --> &nbd->config_lock --> &nsock->tx_lock [ 524.560787][T19194] [ 524.564634][T19194] Possible unsafe locking scenario: [ 524.564634][T19194] [ 524.566821][T19194] CPU0 CPU1 [ 524.568429][T19194] ---- ---- [ 524.570039][T19194] lock(&nsock->tx_lock); [ 524.571387][T19194] lock(&nbd->config_lock); [ 524.573470][T19194] lock(&nsock->tx_lock); [ 524.575511][T19194] lock(sk_lock-AF_SMC); [ 524.576803][T19194] [ 524.576803][T19194] *** DEADLOCK *** [ 524.576803][T19194] [ 524.579181][T19194] 2 locks held by syz.8.21414/19194: [ 524.580748][T19194] #0: ffff88802012e998 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_ioctl+0x151/0xd60 [ 524.583792][T19194] #1: ffff888026b96270 (&nsock->tx_lock){+.+.}-{4:4}, at: sock_shutdown+0x16f/0x280 [ 524.586510][T19194] [ 524.586510][T19194] stack backtrace: [ 524.588276][T19194] CPU: 0 UID: 0 PID: 19194 Comm: syz.8.21414 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 524.588287][T19194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 524.588293][T19194] Call Trace: [ 524.588296][T19194] [ 524.588300][T19194] dump_stack_lvl+0x116/0x1f0 [ 524.588315][T19194] print_circular_bug+0x490/0x760 [ 524.588327][T19194] check_noncircular+0x31a/0x400 [ 524.588337][T19194] ? __pfx_check_noncircular+0x10/0x10 [ 524.588347][T19194] ? __lock_acquire+0x15a9/0x3c40 [ 524.588357][T19194] ? lockdep_lock+0xc6/0x200 [ 524.588370][T19194] ? __pfx_lockdep_lock+0x10/0x10 [ 524.588384][T19194] __lock_acquire+0x249e/0x3c40 [ 524.588397][T19194] ? __pfx___lock_acquire+0x10/0x10 [ 524.588407][T19194] ? __mutex_trylock_common+0xea/0x250 [ 524.588419][T19194] lock_acquire.part.0+0x11b/0x380 [ 524.588429][T19194] ? smc_shutdown+0x65/0x7f0 [ 524.588439][T19194] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 524.588449][T19194] ? rcu_is_watching+0x12/0xc0 [ 524.588463][T19194] ? trace_lock_acquire+0x14e/0x1f0 [ 524.588471][T19194] ? sock_shutdown+0x16f/0x280 [ 524.588482][T19194] ? smc_shutdown+0x65/0x7f0 [ 524.588491][T19194] ? lock_acquire+0x2f/0xb0 [ 524.588500][T19194] ? smc_shutdown+0x65/0x7f0 [ 524.588509][T19194] lock_sock_nested+0x3a/0xf0 [ 524.588523][T19194] ? smc_shutdown+0x65/0x7f0 [ 524.588531][T19194] smc_shutdown+0x65/0x7f0 [ 524.588541][T19194] nbd_mark_nsock_dead+0xae/0x5d0 [ 524.588553][T19194] sock_shutdown+0x17c/0x280 [ 524.588566][T19194] nbd_ioctl+0x49b/0xd60 [ 524.588580][T19194] ? __pfx_nbd_ioctl+0x10/0x10 [ 524.588594][T19194] ? __pfx_lock_release+0x10/0x10 [ 524.588603][T19194] ? trace_lock_acquire+0x14e/0x1f0 [ 524.588613][T19194] ? __pfx_nbd_ioctl+0x10/0x10 [ 524.588626][T19194] compat_blkdev_ioctl+0x2f7/0x750 [ 524.588638][T19194] ? __pfx_compat_blkdev_ioctl+0x10/0x10 [ 524.588649][T19194] ? __fget_files+0x206/0x3a0 [ 524.588660][T19194] ? __pfx_compat_blkdev_ioctl+0x10/0x10 [ 524.588671][T19194] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 524.588685][T19194] __do_fast_syscall_32+0x73/0x120 [ 524.588698][T19194] do_fast_syscall_32+0x32/0x80 [ 524.588711][T19194] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 524.588726][T19194] RIP: 0023:0xf7fb4579 [ 524.588733][T19194] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 524.588743][T19194] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 524.588752][T19194] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000ab04 [ 524.588758][T19194] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 524.588763][T19194] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 524.588769][T19194] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 524.588774][T19194] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 524.588782][T19194] [ 524.674673][T19194] block nbd8: shutting down sockets VM DIAGNOSIS: 21:44:56 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000062 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff853811a5 RDI=ffffffff9aad2ea0 RBP=ffffffff9aad2e60 RSP=ffffc90007d7f3b8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=732d302e33312e36 R12=0000000000000000 R13=0000000000000062 R14=ffffffff85381140 R15=0000000000000000 RIP=ffffffff853811cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002db1affc CR3=0000000073ef6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000001dac2c RBX=0000000000000001 RCX=ffffffff8b45af89 RDX=ffffed10056a6f7e RSI=ffffffff8bd281a0 RDI=ffffffff818ff9f9 RBP=ffffed1003ad5910 RSP=ffffc9000047fe08 R8 =0000000000000000 R9 =ffffed10056a6f7d R10=ffff88802b537beb R11=0000000000000000 R12=0000000000000001 R13=ffff88801d6ac880 R14=ffffffff905ff710 R15=0000000000000000 RIP=ffffffff8b45c36f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7416188 CR3=0000000051de8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000080000001 RBX=0000000000000020 RCX=ffffffff84c2a0ee RDX=ffff888021efc880 RSI=0000000000000008 RDI=0000000000000001 RBP=ffffc90003007450 RSP=ffffc900030072b0 R8 =0000000000000001 R9 =0000000000000008 R10=0000000000000020 R11=0000000000000012 R12=0000000000000020 R13=ffffc90003007430 R14=ffff88805a4e4a17 R15=ffffc90003007458 RIP=ffffffff81b8db78 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f27345bed00 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000564c0eb93000 CR3=000000004a7a4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=56dfbc4856dfbc48 56dfbc4856dfbc48 56dfbc4856dfbc48 56dfbc4856dfbc48 56dfbc4856dfbc48 56dfbc4856dfbc48 56dfbc4856dfbc48 56dfbc4856dfbc48 ZMM22=f93a1a2af93a1a2a f93a1a2af93a1a2a f93a1a2af93a1a2a f93a1a2af93a1a2a f93a1a2af93a1a2a f93a1a2af93a1a2a f93a1a2af93a1a2a f93a1a2af93a1a2a ZMM23=352f4c1a352f4c1a 352f4c1a352f4c1a 352f4c1a352f4c1a 352f4c1a352f4c1a 352f4c1a352f4c1a 352f4c1a352f4c1a 352f4c1a352f4c1a 352f4c1a352f4c1a ZMM24=67fa452a67fa452a 67fa452a67fa452a 67fa452a67fa452a 67fa452a67fa452a 67fa452a67fa452a 67fa452a67fa452a 67fa452a67fa452a 67fa452a67fa452a ZMM25=136e31f9136e31f9 136e31f9136e31f9 136e31f9136e31f9 136e31f9136e31f9 136e31f9136e31f9 136e31f9136e31f9 136e31f9136e31f9 136e31f9136e31f9 ZMM26=c6dfe290c6dfe290 c6dfe290c6dfe290 c6dfe290c6dfe290 c6dfe290c6dfe290 c6dfe290c6dfe290 c6dfe290c6dfe290 c6dfe290c6dfe290 c6dfe290c6dfe290 ZMM27=6bfd7a096bfd7a09 6bfd7a096bfd7a09 6bfd7a096bfd7a09 6bfd7a096bfd7a09 6bfd7a096bfd7a09 6bfd7a096bfd7a09 6bfd7a096bfd7a09 6bfd7a096bfd7a09 ZMM28=000000400000003f 0000003e0000003d 0000003c0000003b 0000003a00000039 0000003800000037 0000003600000035 0000003400000033 0000003200000031 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=8f6500008f650000 8f6500008f650000 8f6500008f650000 8f6500008f650000 8f6500008f650000 8f6500008f650000 8f6500008f650000 8f6500008f650000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=ffffffff9a9be710 RCX=ffffffff8196970d RDX=0000000000000001 RSI=0000000000000004 RDI=ffffc9000cd57000 RBP=1ffff920019aadfc RSP=ffffc9000cd56fd8 R8 =0000000000000001 R9 =fffff520019aae00 R10=0000000000000003 R11=000000000000001e R12=ffffffff9a9be718 R13=ffffffff9a9be720 R14=0000000000000000 R15=ffff88806a179180 RIP=ffffffff8196971e RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7183410 CR3=0000000051de8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000