last executing test programs: 2m48.929075583s ago: executing program 2 (id=16569): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x80) 2m48.72025857s ago: executing program 2 (id=16582): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2140, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f00000002c0)) 2m48.614182968s ago: executing program 2 (id=16586): r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000100)={0x3, 0x2, 0x1}) ioctl$vim2m_VIDIOC_QUERYBUF(r0, 0xc044565d, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x0, 0x51cf, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "6b6ff202"}}) 2m48.610050586s ago: executing program 2 (id=16588): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x8) 2m48.571255521s ago: executing program 2 (id=16591): r0 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$fscrypt_v1(&(0x7f00000002c0), &(0x7f0000000300)={'fscrypt:', @desc1}, &(0x7f0000000440)={0x0, "8527d2100090af54bfbca283be11c0de7af30e909379200700000000000000a44d66a6535daf1bc35fb3af1e9197e31d26589d184095fb0000000600", 0x14}, 0x48, 0xffffffffffffffff) keyctl$unlink(0x9, r0, r1) 2m48.386179919s ago: executing program 2 (id=16601): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r0 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) tgkill(r0, r0, 0x21) 2m48.282975329s ago: executing program 32 (id=16601): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r0 = syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) tgkill(r0, r0, 0x21) 2m24.855412762s ago: executing program 1 (id=17511): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$I2C(&(0x7f00000000c0), 0x0, 0x121c80) ioctl$I2C_RDWR(r0, 0x707, &(0x7f00000001c0)={&(0x7f0000001840)=[{0x0, 0x0, 0x0, 0x0}], 0x1}) 2m24.850351999s ago: executing program 1 (id=17519): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@NL80211_ATTR_REG_ALPHA2={0x6, 0x21, 'b\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x200000c0}, 0x4) 2m24.773681854s ago: executing program 1 (id=17523): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2) openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x5000, 0x0) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f01e, 0x2}) 2m24.69197552s ago: executing program 1 (id=17516): r0 = socket(0x840000000002, 0x3, 0xff) connect$inet(r0, &(0x7f0000000540)={0x2, 0x4e60, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10) sendmmsg$inet(r0, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94) 2m24.618979964s ago: executing program 1 (id=17520): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x100) fcntl$notify(r0, 0x402, 0x8000000b) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20) 2m24.618615137s ago: executing program 1 (id=17521): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, 0x0, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x6, &(0x7f0000000040)=0x100000001, 0x4) 2m8.495613349s ago: executing program 33 (id=17521): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, 0x0, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x6, &(0x7f0000000040)=0x100000001, 0x4) 1m11.376383969s ago: executing program 5 (id=19754): madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) setreuid(0xee00, 0xee01) syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0) 1m11.342068674s ago: executing program 5 (id=19756): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000ac0)=@filter={'filter\x00', 0x4, 0x4, 0xb00, 0xffffffff, 0x0, 0x0, 0xaa8, 0xfeffffff, 0xffffffff, 0xb94, 0xb94, 0xb94, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa4, 0xc8}, @common=@unspec=@CLASSIFY={0x24, 'CLASSIFY\x00', 0x0, {0x6a4}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @rand_addr=' \x01\x00', [0xff000000, 0xffffffff, 0xffffffff, 0xff], [0xff, 0xffffffff, 0x0, 0xff], 'team0\x00', 'veth0_virt_wifi\x00', {0xff}, {0xff}, 0x87, 0x8, 0x6, 0xc}, 0x0, 0x884, 0x8a8, 0x0, {}, [@common=@unspec=@u32={{0x7e0}, {[{[{0x9, 0x2}, {0xfffffff8}, {0x5, 0x1}, {0x2, 0x2}, {0x6, 0x2}, {0xd, 0x2}, {0xadb}, {0x7f, 0x2}, {0xe4, 0x2}, {0xce3, 0x1}, {0x8, 0x2}], [{0xffff, 0x20000}, {0x8, 0x5}, {0x6, 0x6}, {0x0, 0xffff0001}, {0x3, 0x1}, {0x0, 0x2}, {0x9623, 0x6}, {0x5, 0x6}, {0x3633, 0xff}, {0x5, 0x8}, {0x1, 0x8001}], 0x8, 0x39}, {[{0x7, 0x1}, {0x8000, 0x2}, {0x7, 0x3}, {0x200, 0x2}, {0x6}, {0xfffffffc}, {0x3, 0x3}, {0x7, 0x1}, {0x95, 0x2}, {0x8, 0x2}, {0x9, 0x3}], [{0x0, 0x5}, {0x5, 0x1}, {0x7, 0x20}, {0x7fff, 0x1ff}, {0x7}, {0x0, 0xfff}, {0x6, 0xa}, {0x3, 0x7f0e536e}, {0x0, 0x9}, {0x7, 0x7}, {0x200, 0x5}], 0x9, 0x4}, {[{0xfff, 0x1}, {0xe7f1, 0x1}, {0x5, 0x2}, {0x7}, {0x0, 0x2}, {0xa, 0x2}, {0x7, 0x1}, {0x1, 0x3}, {0x3, 0x2}, {0x7, 0x1}, {0x7fff, 0x3}], [{0x3, 0x4}, {0x8000, 0x8000}, {0x2, 0x2}, {0x5, 0x2}, {0xc7, 0x8}, {0x2, 0xe238}, {0x5, 0xc}, {0x7ff, 0x3}, {0x8, 0xfffffff5}, {0x7, 0x2}, {0xe0, 0x28}], 0x1, 0x3}, {[{0xf98, 0x3}, {0x2, 0x3}, {0x9, 0x1}, {0x4}, {0x9, 0x1}, {0x1000}, {0xaeacf8f, 0x1}, {0x5, 0x1}, {0x80}, {0x4, 0x1}, {0xf, 0x3}], [{0x0, 0x2}, {0x2, 0x4363}, {0x4, 0x5}, {0x9e, 0x8a5c}, {0x8, 0xfffffff8}, {0xfffffffc, 0x3}, {0x5}, {0x8000, 0xdddf}, {0x0, 0x5}, {0x3ff, 0xfff}, {0xfc20, 0x2ce4000}], 0x3, 0xa}, {[{0x0, 0x3}, {0x8, 0x3}, {0xc4}, {0x6, 0x2}, {0x3, 0x1}, {0x366, 0x3}, {0x0, 0x2}, {0x2, 0x2}, {0x6, 0x2}, {0x6, 0x2}, {0xbb9d, 0x3}], [{0x0, 0x7}, {0xfffffffa, 0x1}, {0xc, 0x3f5f}, {0xdcac}, {0x7fff, 0x1ff}, {0x1c59, 0x81a7}, {0x7, 0x7}, {0x7, 0x2}, {0x5, 0xd}, {0x456, 0xe}, {0x120000, 0x2}], 0x3, 0x5}, {[{0x3, 0x3}, {0xb0d362b}, {0xff, 0x2}, {0x0, 0x3}, {}, {0x101, 0x2}, {0x6, 0x2}, {0x1, 0x2}, {0xe78}, {0xfffffffb, 0x1}, {0xe, 0x1}], [{0x800, 0x9}, {0x9, 0xf}, {0x100, 0x2}, {0x2, 0x40}, {0x10000, 0x1}, {0x0, 0x7}, {0x0, 0x8}, {0x0, 0xd}, {0x7fffffff, 0x9}, {0x401}, {0x7, 0x3579b70f}], 0x7, 0xa}, {[{0x5, 0x1}, {0xc, 0x1}, {0x1ff, 0x1}, {0x8000, 0x1}, {0xf, 0x1}, {0x5c, 0x1}, {0x40, 0x3}, {0x54c, 0x3}, {0x7fffffff, 0x1}, {0xffffff53, 0x3}, {0x1df9, 0x3}], [{0x73bedf43, 0xb}, {0xd}, {0x7ff, 0x3}, {0x7, 0x9}, {0x3, 0xb}, {0x9, 0x35c}, {0xd69, 0x4}, {0x2, 0x9}, {0x7ff, 0x5}, {0x7, 0x3ff}, {0xfffffff9, 0x80000000}], 0x9, 0xb}, {[{0x5, 0x2}, {0x2, 0x3}, {0x47f, 0x3}, {0x3, 0x2}, {0x1, 0x2}, {0x5, 0x1}, {0x3, 0x2}, {0x8}, {0x2, 0x3}, {0x2}, {0x5, 0x2}], [{0x7, 0x9}, {0x0, 0x9}, {0x10001, 0x6}, {0x1, 0x6}, {0x800, 0xcee}, {0x8001, 0x7}, {0x5, 0x35}, {0x80000001, 0x2}, {0x7fff, 0xf7ab}, {0x2}, {0x7, 0x7}], 0x9, 0x2}, {[{0x3, 0x2}, {0x8, 0x2}, {0x0, 0x2}, {0x4}, {0x5, 0x3}, {0x415, 0x1}, {0x2}, {}, {0x9, 0x1}, {}, {0x8}], [{0xd7ac, 0x1ff}, {0x0, 0x4}, {0x0, 0x40}, {0x1, 0x100}, {0x5, 0x4}, {0x8, 0x3}, {0x81, 0x1000}, {0xb7d, 0x100}, {0x1, 0x6}, {0x925, 0xfffffe01}, {0xd, 0x1}], 0x2, 0x8}, {[{0xbca4}, {0x1}, {0x6}, {0x101}, {0x8}, {0x2}, {0xaec, 0x3}, {0xa9f1, 0x3}, {0x9}, {0x7, 0x2}, {0x2, 0x1}], [{0x9, 0x2}, {0x0, 0x9e8}, {0x9, 0xfffffffd}, {0x8, 0x3}, {0xff, 0x80}, {0x5}, {0x60000000, 0x81}, {0xf0, 0x7}, {0xfffffffe, 0x4}, {0xffff0001, 0x3}, {0x7, 0x3}], 0x8, 0xb}, {[{0xe197, 0x3}, {0xed2, 0x3}, {0x1, 0x3}, {0x7}, {0x0, 0x2}, {0xc, 0x1}, {0xfffffffa}, {0x752, 0x3}, {0x9}, {0x1}, {0x3}], [{0x8000, 0x9}, {0x1, 0x7ff}, {0x800, 0x8}, {0x0, 0xe80}, {0xcbc1, 0x93cb}, {0x4, 0x4}, {0x3, 0x6}, {0x8, 0x8}, {0x2, 0xfffffffa}, {0x1, 0x85501d6}, {0x5, 0x6d8e}], 0xa, 0xa}], 0xa}}]}, @REJECT={0x24}}, {{@uncond, 0x0, 0xa4, 0xc8}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffe}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0xb5c) 1m11.265850371s ago: executing program 5 (id=19758): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth0_to_bond\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@ipv4_newroute={0x34, 0x1a, 0x1, 0x70bd28, 0x0, {0x2, 0x20, 0x20, 0x0, 0x0, 0x0, 0x0, 0x7}, [@RTA_IIF={0x8, 0x3, r1}, @RTA_DST={0x8, 0x1, @rand_addr=0x64010100}, @RTA_SRC={0x8, 0x2, @private=0xa010100}]}, 0x34}}, 0x40) 1m11.265603434s ago: executing program 5 (id=19759): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x2) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 1m11.26099262s ago: executing program 5 (id=19760): mkdir(&(0x7f0000005800)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 1m11.21507426s ago: executing program 5 (id=19762): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c00010029a41d00ffdbdf2507000000", @ANYRES32=r1, @ANYBLOB="80007f0a0a000200ffffffffffff00000600050001"], 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x4040004) 54.930588504s ago: executing program 34 (id=19762): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c00010029a41d00ffdbdf2507000000", @ANYRES32=r1, @ANYBLOB="80007f0a0a000200ffffffffffff00000600050001"], 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x4040004) 18.629456672s ago: executing program 0 (id=22017): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_INPUT(r0, &(0x7f0000002080)={0xfc, {"a2e3ad09ed0d09f91b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a41c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78a57a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420800000000000000c1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1212e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b8393dee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x104b) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000000)=0x7) 18.550756607s ago: executing program 0 (id=22020): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x50, r1, 0x1, 0x70bd25, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x6}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x5}, {0x5, 0x3, 0x2}, {0x5}]}]}, 0x50}}, 0x0) 18.550335842s ago: executing program 0 (id=22021): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e999000000000000000000000000000000000000000000000000ac1e0001821501f63ed02a170000000000000000000000000a006030"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001400e9990000000000000000fc000000000000000000000000000000ac1e000100"], 0xb8}}, 0x0) 18.490825052s ago: executing program 0 (id=22022): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0xc) 18.489112537s ago: executing program 0 (id=22024): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x6, 0x8, 0x8, 0x40}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc) 18.395945611s ago: executing program 0 (id=22028): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x8850) sendmsg$NFT_BATCH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0x16}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x78}}, 0x0) 18.300015996s ago: executing program 35 (id=22028): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x8850) sendmsg$NFT_BATCH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0x16}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x78}}, 0x0) 1.022359159s ago: executing program 3 (id=22739): r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'lo\x00', 0x0}) sendmsg$can_raw(r0, &(0x7f0000000340)={&(0x7f0000000380)={0x1d, r1}, 0x10, &(0x7f00000003c0)={&(0x7f0000000140)=@can={{0x2, 0x0, 0x1, 0x1}, 0x2, 0x2, 0x0, 0x0, "2e235857a534099b"}, 0x10}, 0x2, 0x0, 0x0, 0x20008804}, 0x1004c818) 1.021677574s ago: executing program 3 (id=22741): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) syz_open_dev$vim2m(&(0x7f0000000340), 0xc03, 0x2) close_range(r0, 0xffffffffffffffff, 0x0) 968.906576ms ago: executing program 3 (id=22743): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000040)={0x2, 0x0, 0xd}) 968.253484ms ago: executing program 3 (id=22745): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000014c0)={0x30, r1, 0x1, 0x0, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}]}, 0x30}}, 0x0) 886.353224ms ago: executing program 3 (id=22747): pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) poll(&(0x7f00000002c0)=[{r0, 0x2402}], 0x1, 0x83a4) fcntl$setpipe(r0, 0x407, 0x0) 380.947167ms ago: executing program 4 (id=22753): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a48000000060a010400000000000000000a0000010900010073797a31000000001c0004801800018008000100666962000c00028008000240240000030900020073797a32"], 0x70}, 0x1, 0x0, 0x0, 0x4000854}, 0x20000040) 305.038781ms ago: executing program 4 (id=22755): r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) io_setup(0x3fe, &(0x7f00000001c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000000)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)=' -', 0x3fffff}]) 229.510462ms ago: executing program 6 (id=22756): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000940)={0x46, 0x0, [{0xe000, 0x2c, &(0x7f00000002c0)=""/144}, {0xdddd0000, 0x0, &(0x7f0000000580)=""/75}, {0x9000, 0x0, &(0x7f0000000600)=""/112}, {0x100000, 0x0, &(0x7f0000000780)=""/174}, {0xffffffff, 0x0, &(0x7f0000002600)=""/4096}, {0x2, 0x0, &(0x7f00000006c0)=""/41}, {0x2, 0x0, &(0x7f0000000840)=""/203}]}) 215.866703ms ago: executing program 7 (id=22757): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = semget(0x0, 0x1, 0x281) semctl$IPC_RMID(r0, 0x0, 0x0) 214.137428ms ago: executing program 6 (id=22758): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001a80), r0) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000300)={0x34, r1, 0x1, 0x1000000, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x1c, 0x2, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}]}]}]}, 0x34}}, 0x20004000) 125.102212ms ago: executing program 7 (id=22760): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_DEV={0xc}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000040}, 0x4) 124.656302ms ago: executing program 6 (id=22761): r0 = fsopen(&(0x7f0000000000)='udf\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0) read(r0, 0x0, 0x0) 121.464685ms ago: executing program 7 (id=22762): r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0) 116.356086ms ago: executing program 4 (id=22763): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000980)={0x802}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)={0x18, 0x52, 0x201, 0x2, 0x0, {0x1c}, [@generic="de"]}, 0x18}, 0x1, 0x0, 0x0, 0x4040000}, 0x40044c4) 63.06979ms ago: executing program 6 (id=22764): r0 = socket$l2tp6(0xa, 0x2, 0x73) setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f00000000c0)=0x6, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0xa, 0x0, 0xb, @local}, 0x1c) 62.554772ms ago: executing program 7 (id=22765): ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000240)={0x0, 0x3, 0x0, {0x20, 0x1}, {0x44, 0x2}, @ramp={0x2, 0x8000, {0x1, 0x5, 0x5, 0x2}}}) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01) write$char_usb(r0, &(0x7f0000000040)="e2", 0x12d8) 62.355245ms ago: executing program 4 (id=22766): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42642) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x217, @time={0x65757100, 0x8}, 0x4, {0x0, 0x4}, 0x67, 0x2}) 50.326791ms ago: executing program 7 (id=22767): sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="03000000", @ANYRES16=0x0, @ANYBLOB="000428bd7000fbdbdf2508"], 0x150}, 0x1, 0x0, 0x0, 0x40010}, 0x20000000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000370007"], 0x14}, 0x1, 0x0, 0x0, 0x4048011}, 0x8050) 47.422138ms ago: executing program 6 (id=22768): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x4c831, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil) ptrace(0x10, 0x1) 40.427119ms ago: executing program 4 (id=22769): r0 = memfd_create(&(0x7f0000000040)='\x02A\xbb\xcc\x96\x0e\x00\x00\x00\x00\x00\x00', 0x6) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3000002, 0x12, r0, 0x0) ftruncate(r0, 0x0) 16.432759ms ago: executing program 7 (id=22770): syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x0, 0x2a0002) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='fd/3\x00') ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, 0x0) 14.885813ms ago: executing program 4 (id=22771): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0) lchown(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) 14.642702ms ago: executing program 3 (id=22772): r0 = socket$inet_icmp(0x2, 0x2, 0x1) r1 = dup(r0) write$binfmt_aout(r1, 0x0, 0xffffffdb) 0s ago: executing program 6 (id=22773): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000001e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_HASH_MODULUS={0x8, 0x4, 0x1, 0x0, 0x40000}, @NFTA_HASH_DREG={0x8, 0x2, 0x1, 0x0, 0xe}, @NFTA_HASH_OFFSET={0x8, 0x6, 0x1, 0x0, 0xfffffff8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0) kernel console output (not intermixed with test programs): 0 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 352.028070][ T40] audit: type=1326 audit(2000000135.032:29634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11708 comm="syz.0.18219" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 352.041388][ T40] audit: type=1326 audit(2000000135.032:29635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11708 comm="syz.0.18219" exe="/syz-executor" sig=0 arch=40000003 syscall=349 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 352.053201][ T40] audit: type=1326 audit(2000000135.051:29636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11708 comm="syz.0.18219" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 352.059978][ T40] audit: type=1326 audit(2000000135.051:29637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11708 comm="syz.0.18219" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 352.340976][ T64] Bluetooth: hci3: command 0x0c1a tx timeout [ 352.425765][ T64] Bluetooth: hci4: command 0x0419 tx timeout [ 352.460232][T11777] __nla_validate_parse: 4 callbacks suppressed [ 352.460250][T11777] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18246'. [ 352.466031][T11777] netlink: 'syz.3.18246': attribute type 4 has an invalid length. [ 352.583817][T11797] overlayfs: only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed. [ 352.610193][T11790] hub 2-0:1.0: USB hub found [ 352.611926][T11790] hub 2-0:1.0: 6 ports detected [ 352.661554][T11803] netlink: 4 bytes leftover after parsing attributes in process `syz.0.18260'. [ 352.777674][ T34] tipc: Node number set to 903479296 [ 352.810419][T17779] usb 2-1: new high-speed USB device number 3 using ehci-pci [ 352.826971][T11827] netlink: 24 bytes leftover after parsing attributes in process `syz.3.18271'. [ 352.877816][T11834] mkiss: ax0: crc mode is auto. [ 352.951571][T11847] netlink: 'syz.3.18280': attribute type 2 has an invalid length. [ 353.014560][T17779] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 353.018407][T17779] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 353.021087][T17779] usb 2-1: Product: QEMU USB Tablet [ 353.025154][T17779] usb 2-1: Manufacturer: QEMU [ 353.027088][T17779] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 353.058858][T17779] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0006/input/input43 [ 353.081061][T17779] hid-generic 0003:0627:0001.0006: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 353.778636][ T40] audit: type=1326 audit(2000000136.724:29638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11838 comm="syz.4.18277" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7fc00000 [ 354.428431][T12005] xt_l2tp: missing protocol rule (udp|l2tpip) [ 354.431980][T12007] sock: sock_timestamping_bind_phc: sock not bind to device [ 354.459850][ T6261] kernel read not supported for file /385/attr/prev (pid: 6261 comm: kworker/1:4) [ 354.480830][T12015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.18360'. [ 354.558178][ T64] Bluetooth: hci3: command 0x0c1a tx timeout [ 354.630933][ T64] Bluetooth: hci4: command 0x0419 tx timeout [ 354.734913][T12041] "syz.4.18371" (12041) uses obsolete ecb(arc4) skcipher [ 354.757276][T12043] max out of range [ 354.849281][ C2] sr 2:0:0:0: [sr0] tag#15 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 354.852564][ C2] sr 2:0:0:0: [sr0] tag#15 CDB: Regenerate(16) 82 5a 86 a5 26 a3 50 1f b1 dd 8d ff 3e 90 d6 f5 [ 354.981889][T12070] macvlan2: entered promiscuous mode [ 355.886211][ C0] sr 2:0:0:0: [sr0] tag#19 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 355.889411][ C0] sr 2:0:0:0: [sr0] tag#19 CDB: Regenerate(16) 82 5a 86 a5 26 a3 50 1f b1 dd 8d ff 3e 90 d6 f5 [ 355.962112][T12114] tmpfs: Too few inodes for current use [ 355.987295][T12119] bridge_slave_1: default FDB implementation only supports local addresses [ 356.062535][T12122] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 356.064604][T12122] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 356.455899][T12179] ubi31: detaching mtd0 [ 356.466193][T12179] ubi31: mtd0 is detached [ 356.518042][T12186] xt_l2tp: missing protocol rule (udp|l2tpip) [ 356.671140][T12202] netlink: 116 bytes leftover after parsing attributes in process `syz.5.18449'. [ 357.061310][ T40] audit: type=1326 audit(2000000139.805:29639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12245 comm="syz.0.18469" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 357.285018][T17779] kernel read not supported for file /comedi3 (pid: 17779 comm: kworker/3:4) [ 357.326142][T12289] netlink: 68 bytes leftover after parsing attributes in process `syz.5.18490'. [ 357.329388][T12289] netlink: 16 bytes leftover after parsing attributes in process `syz.5.18490'. [ 357.519481][T12324] netlink: 256 bytes leftover after parsing attributes in process `syz.5.18507'. [ 357.522589][T12324] netlink: 56 bytes leftover after parsing attributes in process `syz.5.18507'. [ 357.529288][T12318] syz.0.18504 (12318) used greatest stack depth: 18808 bytes left [ 357.581313][T12332] devpts: Bad value for 'max' [ 357.590208][T12338] netlink: zone id is out of range [ 357.591930][T12338] netlink: zone id is out of range [ 357.593675][T12338] netlink: set zone limit has 8 unknown bytes [ 357.619849][T12342] netlink: 8 bytes leftover after parsing attributes in process `syz.5.18515'. [ 357.998455][T12402] netlink: 4 bytes leftover after parsing attributes in process `syz.4.18544'. [ 358.002034][T12402] netlink: 277 bytes leftover after parsing attributes in process `syz.4.18544'. [ 358.005240][T12402] netlink: 277 bytes leftover after parsing attributes in process `syz.4.18544'. [ 358.039228][ T40] kauditd_printk_skb: 7 callbacks suppressed [ 358.039239][ T40] audit: type=1326 audit(2000000140.725:29647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.5.18546" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 358.050180][ T40] audit: type=1326 audit(2000000140.725:29648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.5.18546" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 358.058900][ T40] audit: type=1326 audit(2000000140.725:29649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.5.18546" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 358.065555][ T40] audit: type=1326 audit(2000000140.725:29650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.5.18546" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 358.073117][ T40] audit: type=1326 audit(2000000140.725:29651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.5.18546" exe="/syz-executor" sig=0 arch=40000003 syscall=399 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 358.080680][ T40] audit: type=1326 audit(2000000140.725:29652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.5.18546" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 358.087258][ T40] audit: type=1326 audit(2000000140.725:29653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.5.18546" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 358.091477][T12418] sctp: [Deprecated]: syz.5.18552 (pid 12418) Use of int in max_burst socket option. [ 358.091477][T12418] Use struct sctp_assoc_value instead [ 358.094253][ T40] audit: type=1326 audit(2000000140.725:29654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.5.18546" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 358.107065][ T40] audit: type=1326 audit(2000000140.725:29655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.5.18546" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 358.114791][ T40] audit: type=1326 audit(2000000140.725:29656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12409 comm="syz.5.18546" exe="/syz-executor" sig=0 arch=40000003 syscall=400 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 358.216728][ T64] Bluetooth: hci4: command 0x0419 tx timeout [ 358.216801][ T6129] Bluetooth: hci3: command 0x0c1a tx timeout [ 358.256431][T12447] netlink: 'syz.5.18566': attribute type 1 has an invalid length. [ 358.259023][T12447] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 358.276529][T12449] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 358.278616][T12449] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 358.282323][T12449] vhci_hcd vhci_hcd.0: Device attached [ 358.286840][T12450] vhci_hcd: connection closed [ 358.287031][ T46] vhci_hcd vhci_hcd.4: stop threads [ 358.290273][ T46] vhci_hcd vhci_hcd.4: release socket [ 358.292546][ T46] vhci_hcd vhci_hcd.4: disconnect device [ 358.335821][T12457] vlan0: entered promiscuous mode [ 358.337525][T12457] bridge0: entered promiscuous mode [ 358.880391][ T6151] usb 10-1: new low-speed USB device number 2 using dummy_hcd [ 359.041898][ T6151] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 359.045735][ T6151] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 359.048687][ T6151] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8 [ 359.053350][ T6151] usb 10-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 359.056646][ T6151] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 359.061254][T12499] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 359.065058][ T6151] hub 10-1:1.0: bad descriptor, ignoring hub [ 359.066939][ T6151] hub 10-1:1.0: probe with driver hub failed with error -5 [ 359.071825][ T6151] cdc_wdm 10-1:1.0: skipping garbage [ 359.073593][ T6151] cdc_wdm 10-1:1.0: skipping garbage [ 359.081178][ T6151] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device [ 359.084906][ T6151] cdc_wdm 10-1:1.0: Unknown control protocol [ 359.346701][T12584] tmpfs: Cannot change global quota limit on remount [ 359.375288][ C2] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 359.377981][ C2] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 359.380466][ C2] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 359.382539][ C2] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 359.384702][ C2] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 359.386813][ C2] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 359.390510][ C2] cdc_wdm 10-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1 [ 359.498226][ T34] usb 10-1: USB disconnect, device number 2 [ 359.590431][T12615] netlink: 'syz.3.18642': attribute type 1 has an invalid length. [ 359.651207][T12624] IPVS: Unknown mcast interface: pim6reg [ 359.809306][T12644] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18656'. [ 359.946636][T12656] netlink: 12 bytes leftover after parsing attributes in process `syz.0.18662'. [ 360.015821][ T29] hid-generic FFFF:0008:0003.0007: item fetching failed at offset 0/1 [ 360.018725][ T29] hid-generic FFFF:0008:0003.0007: probe with driver hid-generic failed with error -22 [ 361.166279][T12703] trusted_key: encrypted_key: key user:syz not found [ 361.346185][T12732] overlayfs: only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed. [ 361.653731][T12763] netlink: 24 bytes leftover after parsing attributes in process `syz.5.18713'. [ 361.737982][T12774] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18717'. [ 361.861128][T12794] tipc: Enabling of bearer rejected, failed to enable media [ 361.872845][T12796] netlink: 'syz.0.18729': attribute type 2 has an invalid length. [ 362.026739][T12812] nbd: must specify a size in bytes for the device [ 362.284721][T12852] netlink: 4 bytes leftover after parsing attributes in process `syz.5.18758'. [ 362.353878][T12862] netlink: 4 bytes leftover after parsing attributes in process `syz.5.18763'. [ 362.388220][T12866] netlink: 'syz.0.18765': attribute type 4 has an invalid length. [ 362.394562][T12866] netlink: 224 bytes leftover after parsing attributes in process `syz.0.18765'. [ 362.438816][T12874] mkiss: ax0: crc mode is auto. [ 362.696404][ T57] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 362.739868][T12911] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 375.477037][T12964] netlink: 8 bytes leftover after parsing attributes in process `syz.4.18797'. [ 375.598457][T12978] CUSE: unknown device info "xKJ H+ۤ2LhnL1`Ccn80(3նi" [ 375.602026][T12978] CUSE: unknown device info "ٮ,<_eF" [ 375.604128][T12978] CUSE: unknown device info "3ܟ,̘" [ 375.609035][T12978] CUSE: unknown device info "J2S Z !e/J+-na4\N4" [ 375.611879][T12978] CUSE: unknown device info " [ 375.611879][T12978] fzXS! [ 375.611879][T12978] AxjTǔw xRɐQ(hҏj pVdY0|M?2JIv^R@" [ 375.617218][T12978] CUSE: unknown device info "!To}ݝ&|L+Uoϲ"FstV:׌E gJ<@c4TM_/V{" [ 375.622389][T12978] CUSE: unknown device info "whU~V߶ݸFsX,xkq/Q]3H" [ 375.625103][T12978] CUSE: zero length info key specified [ 375.626038][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 375.626049][ T40] audit: type=1326 audit(2000000158.180:29661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12980 comm="syz.5.18806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 375.636152][ T40] audit: type=1326 audit(2000000158.180:29662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12980 comm="syz.5.18806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 375.658361][ T40] audit: type=1326 audit(2000000158.180:29663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12980 comm="syz.5.18806" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 375.667363][ T40] audit: type=1326 audit(2000000158.180:29664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12980 comm="syz.5.18806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 375.674565][ T40] audit: type=1326 audit(2000000158.180:29665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12980 comm="syz.5.18806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 375.681654][ T40] audit: type=1326 audit(2000000158.180:29666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12980 comm="syz.5.18806" exe="/syz-executor" sig=0 arch=40000003 syscall=143 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 375.688805][ T40] audit: type=1326 audit(2000000158.180:29667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12980 comm="syz.5.18806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 375.695640][ T40] audit: type=1326 audit(2000000158.180:29668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12980 comm="syz.5.18806" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f75579 code=0x7ffc0000 [ 375.838735][ T29] IPVS: starting estimator thread 0... [ 375.942168][T13003] IPVS: using max 48 ests per chain, 115200 per kthread [ 376.144778][T13043] netlink: 12 bytes leftover after parsing attributes in process `syz.5.18835'. [ 376.210878][T13053] bridge0: port 2(bridge_slave_1) entered disabled state [ 376.213745][T13053] bridge0: port 1(bridge_slave_0) entered disabled state [ 376.764026][T13127] netlink: 8 bytes leftover after parsing attributes in process `syz.4.18875'. [ 376.767610][T13127] netlink: 4 bytes leftover after parsing attributes in process `syz.4.18875'. [ 376.770550][T13127] netlink: 'syz.4.18875': attribute type 15 has an invalid length. [ 377.996279][T13178] input input44: cannot allocate more than FF_MAX_EFFECTS effects [ 378.728409][T13250] netlink: 16 bytes leftover after parsing attributes in process `syz.4.18933'. [ 379.121813][T13272] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18944'. [ 379.124627][T13272] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18944'. [ 379.127545][T13272] netlink: 'syz.3.18944': attribute type 13 has an invalid length. [ 379.130072][T13272] netlink: 'syz.3.18944': attribute type 14 has an invalid length. [ 379.190771][T13284] macvtap1: entered promiscuous mode [ 379.194062][T13284] macvtap1: entered allmulticast mode [ 379.195739][T13284] veth1_vlan: entered allmulticast mode [ 379.807537][T13355] netlink: 88 bytes leftover after parsing attributes in process `syz.0.18985'. [ 379.810416][T13355] netlink: 24 bytes leftover after parsing attributes in process `syz.0.18985'. [ 379.838653][T13362] CIFS: Unable to determine destination address [ 379.840290][T13363] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 379.869928][T13367] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18990'. [ 380.050814][T13395] batadv_slave_0: entered promiscuous mode [ 380.053997][T13393] batadv_slave_0: left promiscuous mode [ 380.285359][ T34] libceph: connect (1)[c::]:6789 error -101 [ 380.288086][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 380.294947][ T34] libceph: connect (1)[c::]:6789 error -101 [ 380.297087][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 380.385961][T13441] qrtr: Invalid version 255 [ 380.572763][ T34] libceph: connect (1)[c::]:6789 error -101 [ 380.575441][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 380.608852][ T40] audit: type=1326 audit(2000000162.838:29669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13465 comm="syz.0.19037" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 380.616282][ T40] audit: type=1326 audit(2000000162.838:29670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13465 comm="syz.0.19037" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 380.679315][T13473] genirq: Flags mismatch irq 4. 00200000 (pcl812) vs. 00200080 (ttyS0) [ 381.117253][ T34] libceph: connect (1)[c::]:6789 error -101 [ 381.119362][ T34] libceph: mon0 (1)[c::]:6789 connect error [ 381.165117][T13429] ceph: No mds server is up or the cluster is laggy [ 381.295181][T13487] xt_nfacct: accounting object `\$9ZM#mU|^c\F9YⳈ' does not exist [ 381.430210][T13497] x_tables: ip6_tables: CONNSECMARK.0 target: invalid size 8 (kernel) != (user) 16 [ 381.474648][T13504] __nla_validate_parse: 1 callbacks suppressed [ 381.474665][T13504] netlink: 24 bytes leftover after parsing attributes in process `syz.3.19055'. [ 381.483029][T13504] netlink: 24 bytes leftover after parsing attributes in process `syz.3.19055'. [ 381.486683][T13506] program syz.0.19056 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 381.602686][T13525] netlink: 16 bytes leftover after parsing attributes in process `syz.3.19065'. [ 381.720774][T13547] program syz.4.19075 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 381.766133][T13552] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0 [ 381.791923][T13558] netlink: 4 bytes leftover after parsing attributes in process `syz.0.19080'. [ 381.797917][T13558] 8021q: adding VLAN 0 to HW filter on device ipvlan0 [ 381.800535][T13558] team0: Device ipvlan0 is already an upper device of the team interface [ 381.848659][T13562] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 381.851536][T13562] overlayfs: missing 'lowerdir' [ 381.969548][T13573] ucma_write: process 1256 (syz.4.19087) changed security contexts after opening file descriptor, this is not allowed. [ 382.076745][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 382.076756][ T40] audit: type=1326 audit(2000000164.204:29675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13588 comm="syz.3.19094" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 382.089062][ T40] audit: type=1326 audit(2000000164.204:29676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13588 comm="syz.3.19094" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 382.096213][ T40] audit: type=1326 audit(2000000164.223:29677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13588 comm="syz.3.19094" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 382.104331][ T40] audit: type=1326 audit(2000000164.223:29678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13588 comm="syz.3.19094" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 382.112618][ T40] audit: type=1326 audit(2000000164.223:29679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13588 comm="syz.3.19094" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 382.121094][ T40] audit: type=1326 audit(2000000164.232:29680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13588 comm="syz.3.19094" exe="/syz-executor" sig=0 arch=40000003 syscall=52 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 382.131115][ T40] audit: type=1326 audit(2000000164.260:29681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13588 comm="syz.3.19094" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 382.144554][ T40] audit: type=1326 audit(2000000164.260:29682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13588 comm="syz.3.19094" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 382.172778][T13595] binder_alloc: binder_alloc_mmap_handler: 13594 80ffd000-80fff000 already mapped failed -16 [ 382.282013][T13613] hugetlbfs: Bad value '' for mount option 'size' [ 382.282013][T13613] [ 382.839273][ T40] audit: type=1326 audit(2000000164.915:29683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13567 comm="syz.0.19085" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7fc00000 [ 382.846225][ T40] audit: type=1326 audit(2000000164.924:29684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13567 comm="syz.0.19085" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f23579 code=0x7fc00000 [ 383.023191][T13668] netlink: 4 bytes leftover after parsing attributes in process `syz.0.19127'. [ 383.268427][T13686] netlink: 24 bytes leftover after parsing attributes in process `syz.4.19136'. [ 383.380428][T13701] netlink: 4 bytes leftover after parsing attributes in process `syz.4.19143'. [ 383.443446][T13709] netlink: 176 bytes leftover after parsing attributes in process `syz.5.19146'. [ 383.697878][T13741] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 383.699978][T13741] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 383.702475][T13741] vhci_hcd vhci_hcd.0: Device attached [ 383.711613][T13743] vhci_hcd: connection closed [ 383.711926][ T62] vhci_hcd vhci_hcd.4: stop threads [ 383.715578][ T62] vhci_hcd vhci_hcd.4: release socket [ 383.717410][ T62] vhci_hcd vhci_hcd.4: disconnect device [ 384.805878][T13814] netlink: 16 bytes leftover after parsing attributes in process `syz.0.19194'. [ 384.806341][T13810] ptrace attach of "/syz-executor exec"[10338] was attempted by " \x0cH;'Sde/Ȑ|zPиW\x0bPt5QI0kp;t>?7~՞8)>\x0a.Fv\x5c0CP{\x07ԭ4OT)%DkfCkF 籥;m\x0cv\x0cTʪz5m֢vī'c^تg_\x0bƍ8)c,(qeB㑻SPt4o IHwL#@mUpE^agh~d_9\x07r|GJj+&ҽk(\x07rnE4(#ë\x0b YβB\x0aЦ&R`?L1tիw.M=3|Gsmg4`|\x22{б춋1[{ȯw/B_g6-qyk*o\x0d\x5cc8\x5 [ 384.820086][T13813] netlink: 8 bytes leftover after parsing attributes in process `syz.3.19195'. [ 385.202036][T13858] option changes via remount are deprecated (pid=13856 comm=syz.3.19215) [ 385.369189][T13880] dummy0: Device is already in use. [ 385.564318][ T6261] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 385.608591][T13910] overlayfs: conflicting lowerdir path [ 385.673904][T13920] netlink: 'syz.4.19246': attribute type 62 has an invalid length. [ 385.680866][ T24] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 385.726927][ T6261] usb 10-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 385.729983][ T6261] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 385.732606][ T6261] usb 10-1: Product: syz [ 385.733984][ T6261] usb 10-1: Manufacturer: syz [ 385.737749][ T6261] usb 10-1: SerialNumber: syz [ 385.748162][ T6261] usb 10-1: config 0 descriptor?? [ 385.841743][ T24] usb 5-1: too many configurations: 9, using maximum allowed: 8 [ 385.845083][ T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 385.848090][ T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 385.851579][ T24] usb 5-1: config 0 interface 0 has no altsetting 0 [ 385.855829][ T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 385.858684][ T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 385.862291][ T24] usb 5-1: config 0 interface 0 has no altsetting 0 [ 385.865652][ T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 385.868536][ T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 385.871950][ T24] usb 5-1: config 0 interface 0 has no altsetting 0 [ 385.877864][ T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 385.880785][ T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 385.884339][ T24] usb 5-1: config 0 interface 0 has no altsetting 0 [ 385.887478][ T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 385.890480][ T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 385.893967][ T24] usb 5-1: config 0 interface 0 has no altsetting 0 [ 385.897197][ T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 385.900169][ T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 385.903551][ T24] usb 5-1: config 0 interface 0 has no altsetting 0 [ 385.906649][ T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 385.909867][ T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 385.914557][ T24] usb 5-1: config 0 interface 0 has no altsetting 0 [ 385.920160][ T24] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 385.922975][ T24] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 385.929590][ T24] usb 5-1: config 0 interface 0 has no altsetting 0 [ 385.933910][ T24] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 385.936756][ T24] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 385.939624][ T24] usb 5-1: Product: syz [ 385.941082][ T24] usb 5-1: Manufacturer: syz [ 385.942597][ T24] usb 5-1: SerialNumber: syz [ 385.951290][ T24] usb 5-1: config 0 descriptor?? [ 385.956792][ T24] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0 [ 385.983472][ T6261] usb-storage 10-1:0.0: USB Mass Storage device detected [ 385.983579][ T64] Bluetooth: hci4: unknown advertising packet type: 0x17 [ 385.985783][ T64] Bluetooth: hci4: unknown advertising packet type: 0xbd [ 385.988549][ T64] Bluetooth: hci4: Malformed LE Event: 0x02 [ 386.059331][ T6261] usb 10-1: USB disconnect, device number 3 [ 386.139770][T13964] tipc: Enabled bearer , priority 10 [ 386.844490][T14044] __nla_validate_parse: 4 callbacks suppressed [ 386.844509][T14044] netlink: 4 bytes leftover after parsing attributes in process `syz.3.19305'. [ 386.872889][T14044] veth7: entered promiscuous mode [ 387.016395][T14051] syz.4.19309: page allocation failure: order:2, mode:0xcc1(GFP_KERNEL|GFP_DMA), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 387.022796][T14051] CPU: 3 UID: 0 PID: 14051 Comm: syz.4.19309 Tainted: G L syzkaller #0 PREEMPT(full) [ 387.022814][T14051] Tainted: [L]=SOFTLOCKUP [ 387.022818][T14051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 387.022824][T14051] Call Trace: [ 387.022828][T14051] [ 387.022833][T14051] dump_stack_lvl+0x100/0x190 [ 387.022850][T14051] warn_alloc.cold+0x95/0x1c1 [ 387.022868][T14051] ? __pfx_warn_alloc+0x10/0x10 [ 387.022880][T14051] ? __mutex_unlock_slowpath+0x15c/0x790 [ 387.022903][T14051] __alloc_frozen_pages_noprof+0x1442/0x2410 [ 387.022922][T14051] ? lockdep_hardirqs_on+0x78/0x100 [ 387.022936][T14051] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 387.022948][T14051] ? stack_depot_save_flags+0x3f8/0x9c0 [ 387.022970][T14051] ? comedi_isadma_alloc+0x10c/0x6e0 [ 387.022983][T14051] ? pcl818_attach+0x1103/0x15b0 [ 387.022994][T14051] ? comedi_device_attach+0x3d2/0x660 [ 387.023004][T14051] ? do_devconfig_ioctl+0x1b3/0x6d0 [ 387.023016][T14051] ? comedi_unlocked_ioctl+0x44c/0x2e70 [ 387.023037][T14051] __alloc_pages_noprof+0xb/0x1b0 [ 387.023050][T14051] __dma_direct_alloc_pages.isra.0+0x47c/0x8f0 [ 387.023066][T14051] ? __pfx___dma_direct_alloc_pages.isra.0+0x10/0x10 [ 387.023080][T14051] ? dma_alloc_from_dev_coherent+0x2e0/0x570 [ 387.023095][T14051] dma_direct_alloc+0x8f/0x590 [ 387.023108][T14051] dma_alloc_attrs+0x185/0x2b0 [ 387.023123][T14051] ? __pfx_dma_alloc_attrs+0x10/0x10 [ 387.023139][T14051] ? dma_direct_supported+0xca/0x220 [ 387.023154][T14051] comedi_isadma_alloc+0x3dc/0x6e0 [ 387.023170][T14051] ? __pfx_comedi_isadma_alloc+0x10/0x10 [ 387.023184][T14051] ? request_threaded_irq+0x27b/0x3e0 [ 387.023200][T14051] pcl818_attach+0x1103/0x15b0 [ 387.023215][T14051] comedi_device_attach+0x3d2/0x660 [ 387.023229][T14051] do_devconfig_ioctl+0x1b3/0x6d0 [ 387.023241][T14051] ? comedi_unlocked_ioctl+0x163/0x2e70 [ 387.023257][T14051] ? __pfx_do_devconfig_ioctl+0x10/0x10 [ 387.023277][T14051] ? kasan_save_stack+0x3f/0x50 [ 387.023289][T14051] ? kasan_save_stack+0x30/0x50 [ 387.023301][T14051] ? kasan_save_track+0x14/0x30 [ 387.023313][T14051] ? kasan_save_free_info+0x3b/0x70 [ 387.023322][T14051] ? __kasan_slab_free+0x5f/0x80 [ 387.023334][T14051] ? kfree+0x1c7/0x690 [ 387.023343][T14051] ? tomoyo_path_number_perm+0x46d/0x580 [ 387.023358][T14051] ? security_file_ioctl_compat+0xd3/0x230 [ 387.023377][T14051] comedi_unlocked_ioctl+0x44c/0x2e70 [ 387.023396][T14051] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 387.023420][T14051] ? kasan_quarantine_put+0x104/0x240 [ 387.023432][T14051] ? lockdep_hardirqs_on+0x78/0x100 [ 387.023446][T14051] ? find_held_lock+0x2b/0x80 [ 387.023457][T14051] ? tomoyo_path_number_perm+0x28f/0x580 [ 387.023471][T14051] ? tomoyo_path_number_perm+0x28f/0x580 [ 387.023489][T14051] ? tomoyo_path_number_perm+0x188/0x580 [ 387.023507][T14051] comedi_compat_ioctl+0x438/0xe20 [ 387.023523][T14051] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 387.023539][T14051] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 387.023551][T14051] ? do_vfs_ioctl+0x226/0x13e0 [ 387.023568][T14051] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 387.023588][T14051] ? find_held_lock+0x2b/0x80 [ 387.023598][T14051] ? hook_file_ioctl_common+0x146/0x410 [ 387.023616][T14051] ? __fget_files+0x21f/0x3d0 [ 387.023642][T14051] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 387.023658][T14051] __ia32_compat_sys_ioctl+0x2cf/0x360 [ 387.023670][T14051] __do_fast_syscall_32+0xde/0x660 [ 387.023686][T14051] do_fast_syscall_32+0x32/0x70 [ 387.023699][T14051] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 387.023712][T14051] RIP: 0023:0xf7f64579 [ 387.023720][T14051] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 387.023730][T14051] RSP: 002b:00000000f542650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 387.023741][T14051] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400 [ 387.023748][T14051] RDX: 00000000800003c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 387.023754][T14051] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 387.023759][T14051] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 387.023765][T14051] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 387.023779][T14051] [ 387.023805][T14051] Mem-Info: [ 387.044925][T14065] netlink: 'syz.5.19315': attribute type 178 has an invalid length. [ 387.048112][T14051] active_anon:1274 inactive_anon:1415 isolated_anon:0 [ 387.048112][T14051] active_file:2454 inactive_file:7070 isolated_file:0 [ 387.048112][T14051] unevictable:1768 dirty:500 writeback:0 [ 387.048112][T14051] slab_reclaimable:6533 slab_unreclaimable:58006 [ 387.048112][T14051] mapped:22351 shmem:1793 pagetables:2266 [ 387.048112][T14051] sec_pagetables:334 bounce:0 [ 387.048112][T14051] kernel_misc_reclaimable:0 [ 387.048112][T14051] free:67400 free_pcp:3 free_cma:0 [ 387.180660][T14051] Node 0 active_anon:12kB inactive_anon:476kB active_file:8kB inactive_file:256kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:40kB dirty:8kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9632kB pagetables:1812kB sec_pagetables:1160kB all_unreclaimable? yes Balloon:0kB [ 387.193888][T14051] Node 0 DMA free:2472kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:0kB free_cma:0kB [ 387.208586][T14051] lowmem_reserve[]: 0 288 288 288 288 [ 387.212057][T14051] Node 0 DMA: 26*4kB (U) 6*8kB (UE) 5*16kB (UE) 8*32kB (UE) 1*64kB (E) 3*128kB (UE) 0*256kB 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 2472kB [ 387.218706][T14051] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 387.222457][T14051] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 387.225498][T14051] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 387.228536][T14051] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 387.231617][T14051] 12354 total pagecache pages [ 387.233154][T14051] 1066 pages in swap cache [ 387.234605][T14051] Free swap = 80800kB [ 387.235988][T14051] Total swap = 124996kB [ 387.237356][T14051] 524155 pages RAM [ 387.238567][T14051] 0 pages HighMem/MovableOnly [ 387.240146][T14051] 209486 pages reserved [ 387.242594][T14051] 0 pages cma reserved [ 387.338509][ T6261] tipc: Node number set to 4278190081 [ 387.354878][T14091] netlink: 8 bytes leftover after parsing attributes in process `syz.3.19328'. [ 387.358934][T14091] netlink: 52 bytes leftover after parsing attributes in process `syz.3.19328'. [ 387.732450][T14141] tipc: Enabling of bearer rejected, failed to enable media [ 388.090495][T14201] PKCS8: Unsupported PKCS#8 version [ 388.286984][T14214] netlink: 8 bytes leftover after parsing attributes in process `syz.5.19383'. [ 388.290162][T14214] netlink: 8 bytes leftover after parsing attributes in process `syz.5.19383'. [ 388.408087][ C2] usb 5-1: yurex_control_callback - control failed: -2 [ 388.419291][ T24] usb 5-1: USB disconnect, device number 14 [ 388.433519][ T24] yurex 5-1:0.0: USB YUREX #0 now disconnected [ 388.450846][T14231] tmpfs: Cannot change global quota limit on remount [ 388.744277][T14266] vivid-007: disconnect [ 388.746075][T14265] vivid-007: reconnect [ 388.785756][ T6151] hid_parser_main: 2 callbacks suppressed [ 388.785770][ T6151] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 388.794540][ T6151] hid-generic 0000:0000:0000.0008: hidraw1: HID v0.00 Device [syz0] on syz0 [ 388.866029][T14275] fido_id[14275]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 389.303238][T14342] bond1: (slave bond_slave_1): Device is not our slave [ 389.306015][T14342] bond1: option active_slave: invalid value (bond_slave_1) [ 389.309619][T14342] bond1 (unregistering): Released all slaves [ 389.527937][T14375] use of bytesused == 0 is deprecated and will be removed in the future, [ 389.540102][T14375] use the actual size instead. [ 390.499117][ T40] kauditd_printk_skb: 29 callbacks suppressed [ 390.499129][ T40] audit: type=1326 audit(2000000172.089:29714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14382 comm="syz.3.19466" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7fc00000 [ 390.723369][T14486] netlink: 24 bytes leftover after parsing attributes in process `syz.0.19515'. [ 390.880355][T14512] netlink: 'syz.5.19528': attribute type 2 has an invalid length. [ 390.883418][T14512] netlink: 'syz.5.19528': attribute type 2 has an invalid length. [ 390.979027][T14528] netlink: 4 bytes leftover after parsing attributes in process `syz.3.19536'. [ 390.983144][T14528] netlink: 104 bytes leftover after parsing attributes in process `syz.3.19536'. [ 390.987637][T14528] netlink: 104 bytes leftover after parsing attributes in process `syz.3.19536'. [ 391.304137][T14562] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 391.307565][T14562] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 391.311003][T14562] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 391.313715][T14562] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 391.316363][T14562] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 391.319136][T14562] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 391.322463][T14562] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 391.325964][T14562] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 391.329929][T14562] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 391.333343][T14562] ICMPv6: RA: ndisc_router_discovery failed to add default route [ 391.990564][T14588] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 392.051846][T14596] binder: 14595:14596 ioctl c0306201 80000080 returned -22 [ 392.219653][T14619] Invalid logical block size (53355) [ 392.315468][T14629] netlink: 4 bytes leftover after parsing attributes in process `syz.5.19584'. [ 392.444366][T14645] loop2: detected capacity change from 0 to 7 [ 392.452675][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 392.456526][ C1] buffer_io_error: 43 callbacks suppressed [ 392.456539][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 392.463295][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 392.466485][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 392.469501][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 392.472524][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 392.475141][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 392.478161][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 392.480859][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 392.483994][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 392.487307][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 392.490399][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 392.493165][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 392.496266][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 392.498771][ T5942] ldm_validate_partition_table(): Disk read failed. [ 392.502628][ C3] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 392.506617][ C3] Buffer I/O error on dev loop2, logical block 0, async page read [ 392.510077][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 392.513613][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 392.516302][ C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 392.519369][ C1] Buffer I/O error on dev loop2, logical block 0, async page read [ 392.522172][ T5942] Dev loop2: unable to read RDB block 0 [ 392.528650][ T5942] loop2: unable to read partition table [ 392.530550][ T5942] loop2: partition table beyond EOD, truncated [ 392.537803][T14645] ldm_validate_partition_table(): Disk read failed. [ 392.540622][T14645] Dev loop2: unable to read RDB block 0 [ 392.542896][T14645] loop2: unable to read partition table [ 392.545073][T14645] loop2: partition table beyond EOD, truncated [ 392.547107][T14645] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 392.672111][T14657] xt_time: unknown flags 0xf4 [ 392.753902][T14663] netlink: 'syz.5.19600': attribute type 4 has an invalid length. [ 392.756395][T14663] netlink: 17 bytes leftover after parsing attributes in process `syz.5.19600'. [ 392.978882][T14675] netlink: 8 bytes leftover after parsing attributes in process `syz.5.19606'. [ 393.114585][T14689] netlink: 4 bytes leftover after parsing attributes in process `syz.4.19611'. [ 393.259212][T14712] netlink: 'syz.3.19624': attribute type 2 has an invalid length. [ 393.505678][T14752] netlink: 4 bytes leftover after parsing attributes in process `syz.4.19645'. [ 393.603110][T14772] hub 9-0:1.0: USB hub found [ 393.604909][T14772] hub 9-0:1.0: 1 port detected [ 394.424399][T14874] pim6reg: entered allmulticast mode [ 394.432018][T14874] pim6reg: left allmulticast mode [ 394.467614][T14880] netlink: 24 bytes leftover after parsing attributes in process `syz.5.19705'. [ 394.547613][T14886] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 394.576195][T14889] netlink: 12 bytes leftover after parsing attributes in process `syz.5.19709'. [ 394.954749][T14937] netlink: 20 bytes leftover after parsing attributes in process `syz.3.19733'. [ 395.053049][T14954] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 395.055203][T14954] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 395.058094][T14954] vhci_hcd vhci_hcd.0: Device attached [ 395.064473][T14955] vhci_hcd: connection closed [ 395.065289][ T12] vhci_hcd vhci_hcd.3: stop threads [ 395.069654][ T12] vhci_hcd vhci_hcd.3: release socket [ 395.071668][ T12] vhci_hcd vhci_hcd.3: disconnect device [ 395.749015][T15006] Bluetooth: MGMT ver 1.23 [ 396.178997][ T6129] Bluetooth: hci1: command 0x1003 tx timeout [ 396.180793][ T64] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 396.324709][T15029] netlink: 4 bytes leftover after parsing attributes in process `syz.4.19777'. [ 396.596478][ T40] audit: type=1326 audit(2000000177.795:29715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.4.19786" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 396.605725][ T40] audit: type=1326 audit(2000000177.795:29716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.4.19786" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 396.614879][ T40] audit: type=1326 audit(2000000177.805:29717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.4.19786" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 396.623471][ T40] audit: type=1326 audit(2000000177.805:29718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.4.19786" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 396.630521][T29502] kernel write not supported for file /sg0 (pid: 29502 comm: kworker/2:4) [ 396.633620][ T40] audit: type=1326 audit(2000000177.805:29719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.4.19786" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 396.644239][ T40] audit: type=1326 audit(2000000177.805:29720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.4.19786" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 396.654618][ T40] audit: type=1326 audit(2000000177.805:29721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.4.19786" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 396.662780][ T40] audit: type=1326 audit(2000000177.805:29722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.4.19786" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 396.672340][ T40] audit: type=1326 audit(2000000177.805:29723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.4.19786" exe="/syz-executor" sig=0 arch=40000003 syscall=288 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 396.681033][ T40] audit: type=1326 audit(2000000177.805:29724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.4.19786" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64579 code=0x7ffc0000 [ 396.757782][T15057] IPVS: persistence engine module ip_vs_pe_sir not found [ 396.816828][T15061] [U] [ 396.927837][T29502] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 397.101130][T29502] usb 5-1: Using ep0 maxpacket: 8 [ 397.107313][T29502] usb 5-1: config 0 has no interfaces? [ 397.109823][T29502] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 397.118310][T29502] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 397.140248][T29502] usb 5-1: config 0 descriptor?? [ 397.355060][T15113] netlink: 4 bytes leftover after parsing attributes in process `syz.4.19812'. [ 397.370402][T29502] usb 5-1: USB disconnect, device number 15 [ 397.792627][T15140] netlink: 20 bytes leftover after parsing attributes in process `syz.4.19825'. [ 397.828402][T15142] genirq: Flags mismatch irq 4. 00200000 (aio_iiro_16) vs. 00200080 (ttyS0) [ 398.356786][T15187] netlink: 16 bytes leftover after parsing attributes in process `syz.0.19848'. [ 398.390254][T15193] netlink: 8 bytes leftover after parsing attributes in process `syz.0.19851'. [ 400.042115][T15276] netlink: 8 bytes leftover after parsing attributes in process `syz.4.19891'. [ 400.045997][T15276] netlink: 'syz.4.19891': attribute type 5 has an invalid length. [ 400.050442][T15276] netlink: 'syz.4.19891': attribute type 9 has an invalid length. [ 400.053525][T15276] netlink: 4 bytes leftover after parsing attributes in process `syz.4.19891'. [ 400.064704][T15278] 9pnet_virtio: no channels available for device 3$~VP [ 400.064760][T15276] geneve2: entered promiscuous mode [ 400.069363][T15276] geneve2: entered allmulticast mode [ 400.073621][ T1141] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0 [ 400.076545][ T1141] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0 [ 400.080297][ T1141] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0 [ 400.083340][ T1141] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0 [ 400.095408][T15280] tipc: Enabled bearer , priority 10 [ 400.569563][T15327] netlink: 8 bytes leftover after parsing attributes in process `syz.3.19916'. [ 400.889602][T15364] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond_slave_1, syncid = 0, id = 0 [ 401.150226][ T6129] Bluetooth: hci1: command 0x1003 tx timeout [ 401.150547][ T64] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 401.161875][T15395] netlink: 44 bytes leftover after parsing attributes in process `syz.3.19948'. [ 401.165776][T15395] netlink: 6 bytes leftover after parsing attributes in process `syz.3.19948'. [ 401.578144][T15442] netlink: 39 bytes leftover after parsing attributes in process `syz.3.19970'. [ 401.581040][T15442] netlink: 1 bytes leftover after parsing attributes in process `syz.3.19970'. [ 401.961262][T15483] vimc link validate: Sensor A:src:16x16 (0x33424752, 12, 0, 5, 2) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 402.437305][T15517] trusted_key: encrypted_key: key trusted:syz not found [ 403.456419][T15638] ALSA: mixer_oss: invalid OSS volume 'Y{UDD ' [ 403.470189][T15638] ALSA: mixer_oss: invalid OSS volume 'ߧ4cT󯆩"m!lT.Π' [ 403.472923][T15638] ALSA: mixer_oss: invalid OSS volume 'lg' [ 403.474807][T15638] ALSA: mixer_oss: invalid OSS volume ')nkKi,rWY\ZV?J`G' [ 403.477728][T15638] ALSA: mixer_oss: invalid OSS volume 'kO0$g{pl{y;_ARW' [ 403.480511][T15638] ALSA: mixer_oss: invalid OSS volume '' [ 403.491090][T15638] ALSA: mixer_oss: invalid OSS volume 'sv Fu{Qby>h%w]' [ 403.502137][T15638] ALSA: mixer_oss: invalid OSS volume 'E= v?@48@hL' [ 403.504816][T15638] ALSA: mixer_oss: invalid OSS volume '+?>3Iq0:iq|UDř' [ 403.507433][T15638] ALSA: mixer_oss: invalid OSS volume 'vӷ*xrN0ܗcAdh' [ 403.510132][T15638] ALSA: mixer_oss: invalid OSS volume 'JM %HJ[~S' [ 403.932730][T15673] __nla_validate_parse: 2 callbacks suppressed [ 403.932742][T15673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.20081'. [ 404.303972][ T6129] Bluetooth: hci4: command 0x0419 tx timeout [ 405.602963][T15734] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 406.828444][T15803] netlink: 8 bytes leftover after parsing attributes in process `syz.4.20145'. [ 406.852811][T15805] syz.0.20146 (15805) used obsolete PPPIOCDETACH ioctl [ 407.499649][T15873] can0: slcan on ttyprintk. [ 407.575430][T15877] net_ratelimit: 5266 callbacks suppressed [ 407.575443][T15877] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 407.607789][T15872] can0 (unregistered): slcan off ttyprintk. [ 407.640094][T15881] tipc: Enabling of bearer rejected, failed to enable media [ 407.722728][ T40] kauditd_printk_skb: 28 callbacks suppressed [ 407.722745][ T40] audit: type=1326 audit(2000000188.197:29753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15886 comm="syz.0.20188" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x0 [ 407.986719][T15911] netlink: 28 bytes leftover after parsing attributes in process `syz.3.20198'. [ 408.367927][T15931] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 409.372377][T16023] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20247'. [ 409.444316][T16034] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 411.928419][T16046] binder: 16045:16046 ioctl c00c620f 80000080 returned -22 [ 411.998928][ T6129] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 412.004180][ T6129] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 412.007210][ T6129] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 412.010002][ T6129] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 412.016031][ T6129] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 412.072835][T16052] virt_wifi0 speed is unknown, defaulting to 1000 [ 412.173409][T16052] wg1 speed is unknown, defaulting to 1000 [ 412.339288][T16052] chnl_net:caif_netlink_parms(): no params data found [ 412.434002][ T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 412.468399][T16052] bridge0: port 1(bridge_slave_0) entered blocking state [ 412.471009][T16052] bridge0: port 1(bridge_slave_0) entered disabled state [ 412.474011][T16052] bridge_slave_0: entered allmulticast mode [ 412.476827][T16052] bridge_slave_0: entered promiscuous mode [ 412.482383][T16052] bridge0: port 2(bridge_slave_1) entered blocking state [ 412.484746][T16052] bridge0: port 2(bridge_slave_1) entered disabled state [ 412.487043][T16052] bridge_slave_1: entered allmulticast mode [ 412.489748][T16052] bridge_slave_1: entered promiscuous mode [ 412.506924][T16052] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 412.511407][T16052] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 412.555095][ T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 412.572818][T16052] team0: Port device team_slave_0 added [ 412.576026][T16052] team0: Port device team_slave_1 added [ 412.589965][T16052] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 412.592757][T16052] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 412.603332][T16052] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 412.607597][T16052] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 412.609807][T16052] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 412.617931][T16052] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 412.652764][ T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 412.661456][T16052] hsr_slave_0: entered promiscuous mode [ 412.664134][T16052] hsr_slave_1: entered promiscuous mode [ 412.666211][T16052] debugfs: 'hsr0' already exists in 'hsr' [ 412.668039][T16052] Cannot create hsr debugfs directory [ 412.733198][T16127] netlink: 11 bytes leftover after parsing attributes in process `syz.3.20297'. [ 412.763486][ T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 412.804219][T16052] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 412.813326][T16052] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 412.830582][T16052] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 412.839933][T16052] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 412.883591][T16052] bridge0: port 2(bridge_slave_1) entered blocking state [ 412.885875][T16052] bridge0: port 2(bridge_slave_1) entered forwarding state [ 412.888196][T16052] bridge0: port 1(bridge_slave_0) entered blocking state [ 412.890491][T16052] bridge0: port 1(bridge_slave_0) entered forwarding state [ 412.918840][ T12] bridge_slave_1: left allmulticast mode [ 412.920750][ T12] bridge_slave_1: left promiscuous mode [ 412.922553][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 412.925995][ T12] bridge_slave_0: left allmulticast mode [ 412.927771][ T12] bridge_slave_0: left promiscuous mode [ 412.929520][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 412.999600][T16156] 9pnet_virtio: no channels available for device 3$~VP [ 413.142476][T16172] netlink: 36 bytes leftover after parsing attributes in process `syz.4.20314'. [ 414.222089][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 414.225824][ T64] Bluetooth: hci1: command tx timeout [ 414.234864][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 414.238612][ T12] bond0 (unregistering): Released all slaves [ 414.283289][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 414.286501][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 414.339295][ T12] tipc: Disabling bearer [ 414.342169][ T12] tipc: Left network mode [ 414.358696][T16052] 8021q: adding VLAN 0 to HW filter on device bond0 [ 414.372011][T16052] 8021q: adding VLAN 0 to HW filter on device team0 [ 414.377824][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 414.380652][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 414.390655][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 414.393253][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 414.484878][T16208] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.20333'. [ 414.580697][T16052] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 414.640198][ T12] hsr_slave_0: left promiscuous mode [ 414.642394][ T12] hsr_slave_1: left promiscuous mode [ 414.642723][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 414.642735][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 414.643427][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 414.643440][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 414.657373][ T12] veth1_macvtap: left promiscuous mode [ 414.661484][ T12] veth0_macvtap: left promiscuous mode [ 414.661562][ T12] veth1_vlan: left promiscuous mode [ 414.661618][ T12] veth0_vlan: left promiscuous mode [ 415.036258][ T12] team0 (unregistering): Port device team_slave_1 removed [ 415.063526][ T12] team0 (unregistering): Port device team_slave_0 removed [ 415.334271][T16239] netlink: 32 bytes leftover after parsing attributes in process `syz.3.20343'. [ 415.350764][T16246] vlan2: entered allmulticast mode [ 415.352611][T16246] team0: entered allmulticast mode [ 415.354305][T16246] team_slave_0: entered allmulticast mode [ 415.358195][T16246] team_slave_1: entered allmulticast mode [ 415.431317][T16264] ip6gre1: entered promiscuous mode [ 415.435424][T16264] ip6gre1: entered allmulticast mode [ 415.440488][T16052] veth0_vlan: entered promiscuous mode [ 415.448158][T16052] veth1_vlan: entered promiscuous mode [ 415.484415][T16052] veth0_macvtap: entered promiscuous mode [ 415.488500][T16052] veth1_macvtap: entered promiscuous mode [ 415.500302][T16052] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 415.511159][T16052] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 415.514876][T16273] netlink: 'syz.4.20354': attribute type 2 has an invalid length. [ 415.526525][ T46] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 415.545130][ T46] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 415.553773][ T46] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 415.557344][ T46] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 415.572098][T16277] tipc: Enabled bearer , priority 10 [ 415.700434][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 415.703159][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 415.719314][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 415.722070][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 416.356935][T16351] netlink: 4 bytes leftover after parsing attributes in process `syz.6.20383'. [ 416.448521][ T64] Bluetooth: hci1: command tx timeout [ 417.087951][T16420] can0: slcan on ttyprintk. [ 417.181733][T16419] can0 (unregistered): slcan off ttyprintk. [ 417.407053][T16461] netlink: 'syz.3.20430': attribute type 1 has an invalid length. [ 417.409599][T16461] netlink: 96 bytes leftover after parsing attributes in process `syz.3.20430'. [ 417.413304][T16461] netlink: 1 bytes leftover after parsing attributes in process `syz.3.20430'. [ 417.416353][T16461] netlink: 'syz.3.20430': attribute type 1 has an invalid length. [ 417.418957][T16461] netlink: 634 bytes leftover after parsing attributes in process `syz.3.20430'. [ 417.764005][T16498] netlink: 16 bytes leftover after parsing attributes in process `syz.3.20448'. [ 417.865442][ T40] audit: type=1326 audit(2000000197.682:29754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16507 comm="syz.0.20453" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f23579 code=0x0 [ 418.024925][ T57] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 418.028450][ T57] hid-generic 0000:0000:0000.0009: hidraw1: HID v0.00 Device [syz1] on syz0 [ 418.082556][T16529] fido_id[16529]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 418.369546][T16560] netlink: 24 bytes leftover after parsing attributes in process `syz.3.20476'. [ 418.426139][T16568] syz.4.20479 (16568): drop_caches: 4 [ 418.508372][T16578] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 418.672013][ T64] Bluetooth: hci1: command tx timeout [ 419.130203][T16598] netlink: 59 bytes leftover after parsing attributes in process `syz.0.20492'. [ 419.691700][ T29] kernel read not supported for file 2195/task/2196/cmdline (pid: 29 comm: kworker/1:0) [ 419.944892][T16724] netlink: 'syz.0.20555': attribute type 1 has an invalid length. [ 420.017708][ T40] audit: type=1326 audit(2000000199.693:29755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16734 comm="syz.3.20562" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x0 [ 420.063911][T16743] ip6tnl3: entered promiscuous mode [ 420.065731][T16743] ip6tnl3: entered allmulticast mode [ 420.068205][T16743] team0: Device ip6tnl3 is up. Set it down before adding it as a team port [ 420.381397][T16772] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma? [ 420.896502][ T64] Bluetooth: hci1: command tx timeout [ 421.150736][T16815] netlink: 4 bytes leftover after parsing attributes in process `syz.4.20598'. [ 421.345536][T16847] netlink: 4 bytes leftover after parsing attributes in process `syz.0.20614'. [ 421.349128][T16847] netlink: 20 bytes leftover after parsing attributes in process `syz.0.20614'. [ 421.433081][T16862] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20621'. [ 421.436082][T16862] netlink: 4 bytes leftover after parsing attributes in process `syz.0.20621'. [ 421.439316][T16862] netlink: 'syz.0.20621': attribute type 18 has an invalid length. [ 421.444466][T16862] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20621'. [ 421.568386][T16883] netlink: 12 bytes leftover after parsing attributes in process `syz.0.20630'. [ 421.698790][T16903] netlink: 8 bytes leftover after parsing attributes in process `syz.3.20637'. [ 422.034627][T16939] tipc: Bearer : already 2 bearers with priority 10 [ 422.037210][T16939] tipc: Bearer : trying with adjusted priority [ 422.039729][T16939] tipc: Enabling of bearer rejected, max 3 bearers permitted [ 422.266394][T16962] syz.6.20664: page allocation failure: order:2, mode:0xcc1(GFP_KERNEL|GFP_DMA), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 422.270533][T16962] CPU: 3 UID: 0 PID: 16962 Comm: syz.6.20664 Tainted: G L syzkaller #0 PREEMPT(full) [ 422.270556][T16962] Tainted: [L]=SOFTLOCKUP [ 422.270560][T16962] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 422.270567][T16962] Call Trace: [ 422.270572][T16962] [ 422.270576][T16962] dump_stack_lvl+0x100/0x190 [ 422.270594][T16962] warn_alloc.cold+0x95/0x1c1 [ 422.270612][T16962] ? __pfx_warn_alloc+0x10/0x10 [ 422.270624][T16962] ? __mutex_unlock_slowpath+0x15c/0x790 [ 422.270649][T16962] __alloc_frozen_pages_noprof+0x1442/0x2410 [ 422.270667][T16962] ? stack_trace_save+0x8e/0xc0 [ 422.270680][T16962] ? __pfx_stack_trace_save+0x10/0x10 [ 422.270692][T16962] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 422.270704][T16962] ? stack_depot_save_flags+0x27/0x9c0 [ 422.270725][T16962] ? comedi_isadma_alloc+0x10c/0x6e0 [ 422.270738][T16962] ? pcl818_attach+0x1103/0x15b0 [ 422.270749][T16962] ? comedi_device_attach+0x3d2/0x660 [ 422.270759][T16962] ? do_devconfig_ioctl+0x1b3/0x6d0 [ 422.270771][T16962] ? comedi_unlocked_ioctl+0x44c/0x2e70 [ 422.270793][T16962] __alloc_pages_noprof+0xb/0x1b0 [ 422.270805][T16962] __dma_direct_alloc_pages.isra.0+0x47c/0x8f0 [ 422.270821][T16962] ? __pfx___dma_direct_alloc_pages.isra.0+0x10/0x10 [ 422.270835][T16962] ? dma_alloc_from_dev_coherent+0x2e0/0x570 [ 422.270850][T16962] dma_direct_alloc+0x8f/0x590 [ 422.270863][T16962] dma_alloc_attrs+0x185/0x2b0 [ 422.270878][T16962] ? __pfx_dma_alloc_attrs+0x10/0x10 [ 422.270894][T16962] ? dma_direct_supported+0xca/0x220 [ 422.270908][T16962] comedi_isadma_alloc+0x3dc/0x6e0 [ 422.270925][T16962] ? __pfx_comedi_isadma_alloc+0x10/0x10 [ 422.270940][T16962] ? request_threaded_irq+0x27b/0x3e0 [ 422.270955][T16962] pcl818_attach+0x1103/0x15b0 [ 422.270971][T16962] comedi_device_attach+0x3d2/0x660 [ 422.270985][T16962] do_devconfig_ioctl+0x1b3/0x6d0 [ 422.270997][T16962] ? comedi_unlocked_ioctl+0x163/0x2e70 [ 422.271014][T16962] ? __pfx_do_devconfig_ioctl+0x10/0x10 [ 422.271033][T16962] ? kasan_save_stack+0x3f/0x50 [ 422.271046][T16962] ? kasan_save_stack+0x30/0x50 [ 422.271057][T16962] ? kasan_save_track+0x14/0x30 [ 422.271069][T16962] ? kasan_save_free_info+0x3b/0x70 [ 422.271078][T16962] ? __kasan_slab_free+0x5f/0x80 [ 422.271092][T16962] ? kfree+0x1c7/0x690 [ 422.271100][T16962] ? tomoyo_path_number_perm+0x46d/0x580 [ 422.271115][T16962] ? security_file_ioctl_compat+0xd3/0x230 [ 422.271134][T16962] comedi_unlocked_ioctl+0x44c/0x2e70 [ 422.271154][T16962] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 422.271179][T16962] ? kasan_quarantine_put+0x104/0x240 [ 422.271192][T16962] ? lockdep_hardirqs_on+0x78/0x100 [ 422.271206][T16962] ? find_held_lock+0x2b/0x80 [ 422.271217][T16962] ? tomoyo_path_number_perm+0x28f/0x580 [ 422.271231][T16962] ? tomoyo_path_number_perm+0x28f/0x580 [ 422.271249][T16962] ? tomoyo_path_number_perm+0x188/0x580 [ 422.271268][T16962] comedi_compat_ioctl+0x438/0xe20 [ 422.271284][T16962] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 422.271300][T16962] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 422.271312][T16962] ? do_vfs_ioctl+0x226/0x13e0 [ 422.271329][T16962] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 422.271350][T16962] ? find_held_lock+0x2b/0x80 [ 422.271360][T16962] ? hook_file_ioctl_common+0x146/0x410 [ 422.271379][T16962] ? __fget_files+0x21f/0x3d0 [ 422.271393][T16962] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 422.271409][T16962] __ia32_compat_sys_ioctl+0x2cf/0x360 [ 422.271421][T16962] __do_fast_syscall_32+0xde/0x660 [ 422.271437][T16962] do_fast_syscall_32+0x32/0x70 [ 422.271450][T16962] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 422.271484][T16962] RIP: 0023:0xf7fd5579 [ 422.271496][T16962] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 422.271506][T16962] RSP: 002b:00000000f549650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 422.271517][T16962] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400 [ 422.271523][T16962] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000 [ 422.271529][T16962] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 422.271535][T16962] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 422.271545][T16962] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 422.271559][T16962] [ 422.271563][T16962] Mem-Info: [ 422.408497][T16962] active_anon:390 inactive_anon:1026 isolated_anon:0 [ 422.408497][T16962] active_file:905 inactive_file:1493 isolated_file:0 [ 422.408497][T16962] unevictable:1768 dirty:184 writeback:0 [ 422.408497][T16962] slab_reclaimable:6461 slab_unreclaimable:58643 [ 422.408497][T16962] mapped:21838 shmem:1772 pagetables:2396 [ 422.408497][T16962] sec_pagetables:336 bounce:0 [ 422.408497][T16962] kernel_misc_reclaimable:0 [ 422.408497][T16962] free:76002 free_pcp:1 free_cma:0 [ 422.423718][T16962] Node 0 active_anon:0kB inactive_anon:488kB active_file:0kB inactive_file:264kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:84kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9568kB pagetables:1812kB sec_pagetables:1160kB all_unreclaimable? yes Balloon:0kB [ 422.433401][T16962] Node 0 DMA free:2504kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:4kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 422.443400][T16962] lowmem_reserve[]: 0 288 288 288 288 [ 422.445193][T16962] Node 0 DMA: 24*4kB (U) 7*8kB (UE) 5*16kB (UE) 9*32kB (UE) 1*64kB (E) 3*128kB (UE) 0*256kB 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 2504kB [ 422.450181][T16962] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 422.453269][T16962] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 422.456356][T16962] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 422.459672][T16962] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 422.462865][T16962] 4909 total pagecache pages [ 422.464445][T16962] 737 pages in swap cache [ 422.465912][T16962] Free swap = 75096kB [ 422.467647][T16962] Total swap = 124996kB [ 422.469100][T16962] 524155 pages RAM [ 422.470434][T16962] 0 pages HighMem/MovableOnly [ 422.472086][T16962] 209486 pages reserved [ 422.473527][T16962] 0 pages cma reserved [ 422.792547][T16990] netlink: 'syz.6.20676': attribute type 5 has an invalid length. [ 422.930351][T17000] [U] bmtk}UH\؉Hn;} [ 423.180388][T17024] netlink: 8 bytes leftover after parsing attributes in process `syz.4.20693'. [ 423.202551][T17024] 8021q: adding VLAN 0 to HW filter on device bond1 [ 423.323443][T17049] netlink: 'syz.4.20704': attribute type 83 has an invalid length. [ 423.474625][T17079] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 423.777815][T17135] netlink: 1072 bytes leftover after parsing attributes in process `syz.6.20746'. [ 424.018901][ T40] audit: type=1326 audit(2000000203.444:29756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17165 comm="syz.0.20761" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f23579 code=0x0 [ 424.029488][T17166] loop5: detected capacity change from 0 to 7 [ 424.042598][T17166] loop5: [CUMANA/ADFS] p1 [ADFS] p1 [ 424.044501][T17166] loop5: partition table partially beyond EOD, truncated [ 424.046877][T17166] loop5: p1 size 2989602745 extends beyond EOD, truncated [ 424.086602][ T5942] udevd[5942]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 424.398713][T17206] netlink: 'syz.3.20780': attribute type 4 has an invalid length. [ 424.613797][T17225] loop5: detected capacity change from 0 to 7 [ 424.621374][T17225] loop5: [CUMANA/ADFS] p1 [ADFS] p1 [ 424.623168][T17225] loop5: partition table partially beyond EOD, truncated [ 424.625543][T17225] loop5: p1 size 2989602745 extends beyond EOD, truncated [ 424.654519][ T5942] udevd[5942]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory [ 425.220714][ T40] audit: type=1326 audit(2000000204.566:29757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17301 comm="syz.6.20824" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd5579 code=0x7ffc0000 [ 425.230328][ T40] audit: type=1326 audit(2000000204.566:29758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17301 comm="syz.6.20824" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd5579 code=0x7ffc0000 [ 425.240050][T17304] can0: slcan on ptm0. [ 425.246233][ T40] audit: type=1326 audit(2000000204.576:29759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17301 comm="syz.6.20824" exe="/syz-executor" sig=0 arch=40000003 syscall=27 compat=1 ip=0xf7fd5579 code=0x7ffc0000 [ 425.257399][ T40] audit: type=1326 audit(2000000204.576:29760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17301 comm="syz.6.20824" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd5579 code=0x7ffc0000 [ 425.274283][ T40] audit: type=1326 audit(2000000204.576:29761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17301 comm="syz.6.20824" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd5579 code=0x7ffc0000 [ 425.344085][T17303] can0 (unregistered): slcan off ptm0. [ 425.398408][T17335] netdevsim netdevsim6 netdevsim0: entered promiscuous mode [ 425.400934][T17335] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 425.444056][T17342] ip6gre2: entered promiscuous mode [ 425.445798][T17342] ip6gre2: entered allmulticast mode [ 425.550469][T17365] netlink: 'syz.6.20849': attribute type 1 has an invalid length. [ 426.286466][T17476] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 426.815911][T17540] __nla_validate_parse: 4 callbacks suppressed [ 426.815923][T17540] netlink: 59 bytes leftover after parsing attributes in process `syz.4.20933'. [ 426.903787][ T40] audit: type=1326 audit(2000000206.138:29762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17547 comm="syz.4.20938" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f64579 code=0x0 [ 427.602071][T17610] netlink: 4 bytes leftover after parsing attributes in process `syz.3.20959'. [ 427.604858][T17610] netlink: 20 bytes leftover after parsing attributes in process `syz.3.20959'. [ 427.702264][ T40] audit: type=1326 audit(2000000206.886:29763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17625 comm="syz.3.20973" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 427.719346][ T40] audit: type=1326 audit(2000000206.886:29764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17625 comm="syz.3.20973" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 427.726814][ T40] audit: type=1326 audit(2000000206.886:29765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17625 comm="syz.3.20973" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 427.855796][T17650] tipc: New replicast peer: 255.255.255.255 [ 427.857947][T17650] tipc: Enabled bearer , priority 10 [ 428.194094][T17688] netlink: 12 bytes leftover after parsing attributes in process `syz.4.20995'. [ 428.223062][ T6151] kernel write not supported for file /input/event1 (pid: 6151 comm: kworker/0:3) [ 428.254202][T17692] netlink: 'syz.4.20997': attribute type 5 has an invalid length. [ 428.704090][T17729] netlink: 'syz.6.21012': attribute type 2 has an invalid length. [ 428.735194][ T829] IPVS: starting estimator thread 0... [ 428.838842][T17732] IPVS: using max 47 ests per chain, 112800 per kthread [ 428.937883][T17678] orangefs_mount: mount request failed with -4 [ 429.006798][T17770] netlink: 8 bytes leftover after parsing attributes in process `syz.0.21032'. [ 429.009733][T17770] netlink: 4 bytes leftover after parsing attributes in process `syz.0.21032'. [ 429.013850][T17770] netlink: 'syz.0.21032': attribute type 7 has an invalid length. [ 429.065865][T17780] raw_sendmsg: syz.6.21035 forgot to set AF_INET. Fix it! [ 429.128358][T17790] usb usb7: selecting invalid altsetting 6 [ 429.174345][T17797] netlink: 1072 bytes leftover after parsing attributes in process `syz.4.21044'. [ 429.488249][T17840] netlink: 'syz.0.21064': attribute type 1 has an invalid length. [ 429.491169][T17840] netlink: 'syz.0.21064': attribute type 1 has an invalid length. [ 429.745049][T17884] netlink: 8 bytes leftover after parsing attributes in process `syz.4.21087'. [ 429.757065][T17884] netlink: 8 bytes leftover after parsing attributes in process `syz.4.21087'. [ 429.760797][T17884] netlink: 8 bytes leftover after parsing attributes in process `syz.4.21087'. [ 429.940895][T17918] 9pnet_fd: p9_fd_create_tcp (17918): problem binding to privport [ 429.955561][T17920] usb usb9: usbfs: process 17920 (syz.4.21105) did not claim interface 16 before use [ 431.690232][T18067] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold [ 431.722733][T18075] tipc: Started in network mode [ 431.724428][T18075] tipc: Node identity 4, cluster identity 4711 [ 431.728308][T18075] tipc: Node number set to 4 [ 432.262042][T18134] netlink: 'syz.6.21208': attribute type 5 has an invalid length. [ 433.070084][T18222] __nla_validate_parse: 4 callbacks suppressed [ 433.070095][T18222] netlink: 16 bytes leftover after parsing attributes in process `syz.0.21250'. [ 433.378068][T18262] netlink: 'syz.3.21267': attribute type 83 has an invalid length. [ 433.503459][T18283] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 433.551833][ T6151] kernel read not supported for file 11126/task/11127/cmdline (pid: 6151 comm: kworker/0:3) [ 433.582386][T18294] netlink: 4 bytes leftover after parsing attributes in process `syz.6.21284'. [ 433.884457][T18350] ip6tnl1: entered promiscuous mode [ 433.886791][T18350] ip6tnl1: entered allmulticast mode [ 433.889437][T18350] team0: Device ip6tnl1 is up. Set it down before adding it as a team port [ 434.050398][T18368] netlink: 12 bytes leftover after parsing attributes in process `syz.3.21325'. [ 434.066534][ T6129] Bluetooth: hci1: command 0x0405 tx timeout [ 434.173149][T18386] netlink: 4 bytes leftover after parsing attributes in process `syz.6.21321'. [ 434.179495][T18386] netlink: 20 bytes leftover after parsing attributes in process `syz.6.21321'. [ 434.214247][T18392] tipc: Resetting bearer [ 434.218886][T18392] tipc: Resetting bearer [ 434.265851][T18401] netlink: 'syz.3.21334': attribute type 1 has an invalid length. [ 434.491628][T18443] ip6gretap0: entered promiscuous mode [ 434.493889][T18443] macsec1: entered promiscuous mode [ 434.497910][T18443] macsec1: entered allmulticast mode [ 434.499730][T18443] ip6gretap0: entered allmulticast mode [ 434.583736][T18457] netlink: 'syz.3.21359': attribute type 5 has an invalid length. [ 434.644698][T18469] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 786440, id = 0 [ 434.652006][T18468] IPVS: stopping backup sync thread 18469 ... [ 434.749502][T18481] vivid-007: disconnect [ 434.751774][T18480] vivid-007: reconnect [ 435.315796][T18540] netlink: 'syz.4.21400': attribute type 15 has an invalid length. [ 435.319275][T18540] netlink: 666 bytes leftover after parsing attributes in process `syz.4.21400'. [ 436.228974][T18619] ip6tnl1: entered promiscuous mode [ 436.231095][T18619] ip6tnl1: entered allmulticast mode [ 436.233782][T18619] team0: Device ip6tnl1 is up. Set it down before adding it as a team port [ 436.357935][T18631] sp0: Synchronizing with TNC [ 436.364206][T18631] [U] [ 436.773891][T18677] sp0: Synchronizing with TNC [ 436.903715][T18694] tipc: MTU too low for tipc bearer [ 437.162804][ T6151] kernel read not supported for file /media3 (pid: 6151 comm: kworker/0:3) [ 437.169138][T18729] netlink: 8 bytes leftover after parsing attributes in process `syz.6.21489'. [ 437.174478][T18729] netlink: 8 bytes leftover after parsing attributes in process `syz.6.21489'. [ 437.179085][T18729] netlink: 8 bytes leftover after parsing attributes in process `syz.6.21489'. [ 437.184644][T18729] netlink: 8 bytes leftover after parsing attributes in process `syz.6.21489'. [ 437.614385][T18781] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold [ 438.488524][T18851] sp0: Synchronizing with TNC [ 438.624416][T18866] mkiss: ax0: crc mode is auto. [ 438.837106][T18895] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 438.856690][T18897] __nla_validate_parse: 8 callbacks suppressed [ 438.856702][T18897] netlink: 4 bytes leftover after parsing attributes in process `syz.3.21562'. [ 438.868861][T18897] netlink: 4 bytes leftover after parsing attributes in process `syz.3.21562'. [ 438.907028][T18907] nftables ruleset with unbound set [ 439.166110][T18945] virt_wifi0 speed is unknown, defaulting to 1000 [ 439.169293][T18945] wg1 speed is unknown, defaulting to 1000 [ 439.661929][T19015] netlink: 32 bytes leftover after parsing attributes in process `syz.3.21617'. [ 439.837111][T19035] [U] v3f"S/4:XTzWtlW= [ 439.839198][T19035] [U] J"e:" [ 439.892344][T19045] netlink: 'syz.4.21631': attribute type 1 has an invalid length. [ 440.058127][T19062] sctp: [Deprecated]: syz.4.21638 (pid 19062) Use of struct sctp_assoc_value in delayed_ack socket option. [ 440.058127][T19062] Use struct sctp_sack_info instead [ 440.065102][T19062] sctp: [Deprecated]: syz.4.21638 (pid 19062) Use of struct sctp_assoc_value in delayed_ack socket option. [ 440.065102][T19062] Use struct sctp_sack_info instead [ 440.143962][T19072] netlink: 44 bytes leftover after parsing attributes in process `syz.6.21644'. [ 440.147034][T19072] netlink: 'syz.6.21644': attribute type 6 has an invalid length. [ 440.149760][T19072] netlink: 'syz.6.21644': attribute type 5 has an invalid length. [ 440.152434][T19072] netlink: 'syz.6.21644': attribute type 4 has an invalid length. [ 440.532681][T19108] netlink: 8 bytes leftover after parsing attributes in process `syz.4.21663'. [ 440.815639][T19150] netlink: 'syz.6.21683': attribute type 1 has an invalid length. [ 440.818687][T19150] netlink: 'syz.6.21683': attribute type 1 has an invalid length. [ 440.877933][T19159] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_vlan, syncid = 0, id = 0 [ 440.937208][T19172] netlink: 8 bytes leftover after parsing attributes in process `syz.3.21693'. [ 440.940112][T19172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.21693'. [ 440.947167][T19172] netlink: 'syz.3.21693': attribute type 12 has an invalid length. [ 440.949974][T19172] netlink: 'syz.3.21693': attribute type 11 has an invalid length. [ 440.962517][T19165] ptrace attach of "/syz-executor exec"[19166] was attempted by "/syz-executor exec"[19165] [ 441.013350][T19179] autofs: Bad value for 'fd' [ 441.393626][T19217] PKCS7: Unknown OID: [5] (bad) [ 441.395502][T19217] PKCS7: Only support pkcs7_signedData type [ 441.407610][T19221] netlink: 16 bytes leftover after parsing attributes in process `syz.0.21714'. [ 441.566619][T19244] netlink: 8 bytes leftover after parsing attributes in process `syz.3.21728'. [ 441.571322][T19244] netlink: 'syz.3.21728': attribute type 5 has an invalid length. [ 441.573832][T19244] netlink: 16 bytes leftover after parsing attributes in process `syz.3.21728'. [ 441.620546][T19259] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 441.652303][T19253] ptrace attach of "/syz-executor exec"[19258] was attempted by "/syz-executor exec"[19253] [ 441.696343][T19269] syz.6.21740: page allocation failure: order:10, mode:0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 441.702335][T19269] CPU: 3 UID: 0 PID: 19269 Comm: syz.6.21740 Tainted: G L syzkaller #0 PREEMPT(full) [ 441.702355][T19269] Tainted: [L]=SOFTLOCKUP [ 441.702359][T19269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 441.702367][T19269] Call Trace: [ 441.702371][T19269] [ 441.702376][T19269] dump_stack_lvl+0x100/0x190 [ 441.702393][T19269] warn_alloc.cold+0x95/0x1c1 [ 441.702413][T19269] ? __pfx_warn_alloc+0x10/0x10 [ 441.702431][T19269] ? __alloc_pages_direct_compact+0x3fe/0x550 [ 441.702447][T19269] ? __pfx___alloc_pages_direct_compact+0x10/0x10 [ 441.702462][T19269] ? rcu_is_watching+0x12/0xc0 [ 441.702474][T19269] ? psi_memstall_leave+0x1e2/0x2e0 [ 441.702486][T19269] ? lockdep_hardirqs_on+0x78/0x100 [ 441.702503][T19269] __alloc_frozen_pages_noprof+0x1442/0x2410 [ 441.702517][T19269] ? __lock_acquire+0x4a5/0x2630 [ 441.702535][T19269] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 441.702554][T19269] ? find_held_lock+0x2b/0x80 [ 441.702564][T19269] ? aa_file_perm+0x268/0x1540 [ 441.702576][T19269] ? aa_file_perm+0x268/0x1540 [ 441.702591][T19269] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 441.702605][T19269] ? policy_nodemask+0xed/0x4f0 [ 441.702627][T19269] alloc_pages_mpol+0x1fb/0x550 [ 441.702643][T19269] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 441.702658][T19269] ? stack_trace_save+0x8e/0xc0 [ 441.702672][T19269] ? __pfx_stack_trace_save+0x10/0x10 [ 441.702684][T19269] ? rcu_is_watching+0x12/0xc0 [ 441.702697][T19269] ___kmalloc_large_node+0x104/0x150 [ 441.702718][T19269] __kmalloc_large_node_noprof+0x1c/0x70 [ 441.702735][T19269] ? qrtr_tun_write_iter+0xc1/0x1b0 [ 441.702752][T19269] __kmalloc_noprof+0x6b1/0x9c0 [ 441.702762][T19269] ? common_file_perm+0x1ab/0x4f0 [ 441.702781][T19269] ? qrtr_tun_write_iter+0xc1/0x1b0 [ 441.702797][T19269] qrtr_tun_write_iter+0xc1/0x1b0 [ 441.702814][T19269] aio_write+0x3ba/0x920 [ 441.702828][T19269] ? __pfx_aio_write+0x10/0x10 [ 441.702840][T19269] ? __lock_acquire+0x4a5/0x2630 [ 441.702863][T19269] ? __might_fault+0xc5/0x140 [ 441.702878][T19269] ? io_submit_one+0x1142/0x1fb0 [ 441.702890][T19269] io_submit_one+0x1142/0x1fb0 [ 441.702905][T19269] ? __lock_acquire+0x4a5/0x2630 [ 441.702921][T19269] ? __pfx_io_submit_one+0x10/0x10 [ 441.702939][T19269] ? __might_fault+0xc5/0x140 [ 441.702954][T19269] ? __ia32_compat_sys_io_submit+0x1a7/0x3b0 [ 441.702968][T19269] __ia32_compat_sys_io_submit+0x1a7/0x3b0 [ 441.702985][T19269] ? __pfx___ia32_compat_sys_io_submit+0x10/0x10 [ 441.703006][T19269] __do_fast_syscall_32+0xde/0x660 [ 441.703022][T19269] do_fast_syscall_32+0x32/0x70 [ 441.703036][T19269] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 441.703049][T19269] RIP: 0023:0xf7fd5579 [ 441.703059][T19269] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 441.703069][T19269] RSP: 002b:00000000f549650c EFLAGS: 00000292 ORIG_RAX: 00000000000000f8 [ 441.703079][T19269] RAX: ffffffffffffffda RBX: 00000000f7fce000 RCX: 00000000000000e7 [ 441.703086][T19269] RDX: 0000000080000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 441.703092][T19269] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 441.703098][T19269] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 441.703104][T19269] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 441.703118][T19269] [ 441.703122][T19269] Mem-Info: [ 441.829013][T19269] active_anon:1125 inactive_anon:220 isolated_anon:0 [ 441.829013][T19269] active_file:721 inactive_file:9516 isolated_file:0 [ 441.829013][T19269] unevictable:1768 dirty:438 writeback:0 [ 441.829013][T19269] slab_reclaimable:6490 slab_unreclaimable:58766 [ 441.829013][T19269] mapped:21929 shmem:1770 pagetables:2679 [ 441.829013][T19269] sec_pagetables:338 bounce:0 [ 441.829013][T19269] kernel_misc_reclaimable:0 [ 441.829013][T19269] free:72594 free_pcp:649 free_cma:0 [ 441.842813][T19269] Node 0 active_anon:4kB inactive_anon:488kB active_file:0kB inactive_file:264kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:48kB dirty:4kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9632kB pagetables:1836kB sec_pagetables:1160kB all_unreclaimable? yes Balloon:0kB [ 441.852311][T19269] Node 1 active_anon:4496kB inactive_anon:292kB active_file:2884kB inactive_file:37500kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:87668kB dirty:1748kB writeback:0kB shmem:3544kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5912kB pagetables:8880kB sec_pagetables:192kB all_unreclaimable? no Balloon:0kB [ 441.862672][T19269] Node 0 DMA free:2508kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:4kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 441.872801][T19269] lowmem_reserve[]: 0 288 288 288 288 [ 441.874939][T19269] Node 0 DMA32 free:32800kB boost:16384kB min:29604kB low:32908kB high:36212kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:484kB active_file:0kB inactive_file:264kB unevictable:3536kB writepending:4kB zspages:1724kB present:1032196kB managed:295104kB mlocked:0kB bounce:0kB free_pcp:388kB local_pcp:0kB free_cma:0kB [ 441.885642][T19269] lowmem_reserve[]: 0 0 0 0 0 [ 441.887170][T19269] Node 1 DMA32 free:253452kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4496kB inactive_anon:292kB active_file:2884kB inactive_file:37500kB unevictable:3536kB writepending:1748kB zspages:6148kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:3672kB local_pcp:0kB free_cma:0kB [ 441.897818][T19269] lowmem_reserve[]: 0 0 0 0 0 [ 441.899692][T19269] Node 0 DMA: 25*4kB (UE) 7*8kB (UE) 5*16kB (UE) 9*32kB (UE) 1*64kB (E) 3*128kB (UE) 0*256kB 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 2508kB [ 441.904918][T19269] Node 0 DMA32: 896*4kB (UME) 502*8kB (UME) 267*16kB (UME) 294*32kB (UME) 66*64kB (UME) 23*128kB (UME) 15*256kB (UM) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 32800kB [ 441.912063][T19269] Node 1 DMA32: 3750*4kB (UME) 5082*8kB (UME) 4758*16kB (UME) 329*32kB (UME) 253*64kB (UME) 198*128kB (UM) 134*256kB (UM) 66*512kB (UM) 1*1024kB (M) 0*2048kB 0*4096kB = 252968kB [ 441.918347][T19269] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 441.921391][T19269] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 441.925743][T19269] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 441.929366][T19269] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 441.932487][T19269] 12774 total pagecache pages [ 441.934426][T19269] 821 pages in swap cache [ 441.937042][T19269] Free swap = 73592kB [ 441.938384][T19269] Total swap = 124996kB [ 441.939733][T19269] 524155 pages RAM [ 441.941116][T19269] 0 pages HighMem/MovableOnly [ 441.942650][T19269] 209486 pages reserved [ 441.944009][T19269] 0 pages cma reserved [ 441.960869][T19294] netlink: 'syz.3.21752': attribute type 21 has an invalid length. [ 441.964039][T19294] IPv6: NLM_F_CREATE should be specified when creating new route [ 441.967405][T19294] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 441.969698][T19294] IPv6: NLM_F_CREATE should be set when creating new route [ 441.972599][T19294] IPv6: NLM_F_CREATE should be set when creating new route [ 441.974925][T19294] IPv6: NLM_F_CREATE should be set when creating new route [ 441.979204][T19294] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 442.071337][ T6151] kernel write not supported for file /amidi2 (pid: 6151 comm: kworker/0:3) [ 442.971458][T19341] sg_write: data in/out 124/12 bytes for SCSI command 0x1c-- guessing data in; [ 442.971458][T19341] program syz.4.21774 not setting count and/or reply_len properly [ 443.338429][T19375] mkiss: ax0: crc mode is auto. [ 444.391505][T19451] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 444.582150][T19472] mkiss: ax0: crc mode is auto. [ 444.929951][T19513] mkiss: ax0: crc mode is auto. [ 445.231322][T19543] __nla_validate_parse: 4 callbacks suppressed [ 445.231334][T19543] netlink: 20 bytes leftover after parsing attributes in process `syz.4.21873'. [ 445.419713][T19570] program syz.6.21884 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 445.967234][T19638] mkiss: ax0: crc mode is auto. [ 446.254412][T19649] netlink: 64 bytes leftover after parsing attributes in process `syz.0.21922'. [ 446.257475][T19649] nbd: couldn't find a device at index 0 [ 446.626183][T19672] sp0: Synchronizing with TNC [ 446.639224][ T6151] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 446.799407][ T6151] usb 5-1: Using ep0 maxpacket: 8 [ 446.803755][ T6151] usb 5-1: config 0 has an invalid interface number: 55 but max is 0 [ 446.806740][ T6151] usb 5-1: config 0 has no interface number 0 [ 446.808909][ T6151] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 446.813131][ T6151] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 446.816885][ T6151] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 446.821175][ T6151] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 446.825547][ T6151] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 446.828605][ T6151] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 446.833614][ T6151] usb 5-1: config 0 descriptor?? [ 446.843538][ T6151] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 447.057580][ T6151] usb 5-1: USB disconnect, device number 16 [ 447.060800][ T6151] ldusb 5-1:0.55: LD USB Device #0 now disconnected [ 447.768656][T19783] netlink: 27 bytes leftover after parsing attributes in process `syz.0.21987'. [ 447.876661][T19801] netlink: 8 bytes leftover after parsing attributes in process `syz.4.21996'. [ 447.930368][T19811] netlink: 8 bytes leftover after parsing attributes in process `syz.4.22001'. [ 447.933707][T19811] netlink: 4 bytes leftover after parsing attributes in process `syz.4.22001'. [ 447.936546][T19811] validate_nla: 1 callbacks suppressed [ 447.936558][T19811] netlink: 'syz.4.22001': attribute type 7 has an invalid length. [ 447.941094][T19811] netlink: 'syz.4.22001': attribute type 13 has an invalid length. [ 447.989276][T19817] vivid-000: disconnect [ 447.992076][T19816] vivid-000: reconnect [ 448.001102][T19819] binder: 19818:19819 ioctl 400c620e 80000480 returned -22 [ 448.023649][T19821] mkiss: ax0: crc mode is auto. [ 448.233108][T19852] netlink: 4 bytes leftover after parsing attributes in process `syz.0.22021'. [ 448.240880][T19852] netlink: 104 bytes leftover after parsing attributes in process `syz.0.22021'. [ 448.243827][T19852] netlink: 104 bytes leftover after parsing attributes in process `syz.0.22021'. [ 448.571188][ T64] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 448.576683][ T64] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 448.582192][ T64] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 448.586027][ T64] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 448.588764][ T64] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 448.620510][T19869] virt_wifi0 speed is unknown, defaulting to 1000 [ 448.623324][T19869] wg1 speed is unknown, defaulting to 1000 [ 448.706224][T19869] chnl_net:caif_netlink_parms(): no params data found [ 448.750550][T19869] bridge0: port 1(bridge_slave_0) entered blocking state [ 448.752789][T19869] bridge0: port 1(bridge_slave_0) entered disabled state [ 448.755016][T19869] bridge_slave_0: entered allmulticast mode [ 448.757894][T19869] bridge_slave_0: entered promiscuous mode [ 448.761097][T19869] bridge0: port 2(bridge_slave_1) entered blocking state [ 448.762750][T19882] sctp: [Deprecated]: syz.6.22034 (pid 19882) Use of struct sctp_assoc_value in delayed_ack socket option. [ 448.762750][T19882] Use struct sctp_sack_info instead [ 448.763497][T19869] bridge0: port 2(bridge_slave_1) entered disabled state [ 448.772974][T19869] bridge_slave_1: entered allmulticast mode [ 448.775655][T19869] bridge_slave_1: entered promiscuous mode [ 448.791478][T19869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 448.795779][T19869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 448.811857][T19869] team0: Port device team_slave_0 added [ 448.815032][T19869] team0: Port device team_slave_1 added [ 448.828136][T19869] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 448.830423][T19869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 448.838443][T19869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 448.843439][T19869] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 448.845871][T19869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 448.854326][T19869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 448.876003][T19869] hsr_slave_0: entered promiscuous mode [ 448.878288][T19869] hsr_slave_1: entered promiscuous mode [ 448.880410][T19869] debugfs: 'hsr0' already exists in 'hsr' [ 448.882191][T19869] Cannot create hsr debugfs directory [ 448.981044][T19869] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 448.985286][T19869] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 448.994516][T19869] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 449.000760][T19869] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 449.066576][T19869] 8021q: adding VLAN 0 to HW filter on device bond0 [ 449.084680][T19869] 8021q: adding VLAN 0 to HW filter on device team0 [ 449.098313][ T93] bridge0: port 1(bridge_slave_0) entered blocking state [ 449.100733][ T93] bridge0: port 1(bridge_slave_0) entered forwarding state [ 449.104392][ T93] bridge0: port 2(bridge_slave_1) entered blocking state [ 449.106633][ T93] bridge0: port 2(bridge_slave_1) entered forwarding state [ 449.242669][T19869] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 449.411961][T19869] veth0_vlan: entered promiscuous mode [ 449.419169][T19869] veth1_vlan: entered promiscuous mode [ 449.441279][T19869] veth0_macvtap: entered promiscuous mode [ 449.447917][T19869] veth1_macvtap: entered promiscuous mode [ 449.462191][T19869] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 449.559209][ T6146] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 449.728344][ T6146] usb 9-1: Using ep0 maxpacket: 8 [ 449.732077][ T6146] usb 9-1: unable to get BOS descriptor or descriptor too short [ 449.735313][ T6146] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 449.738741][ T6146] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 449.742280][ T6146] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid maxpacket 65535, setting to 1024 [ 449.745694][ T6146] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1024 [ 449.748677][ T6146] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 449.752100][ T6146] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 43690, setting to 1024 [ 449.755491][ T6146] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024 [ 449.760171][ T6146] usb 9-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84 [ 449.763129][ T6146] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 449.765594][ T6146] usb 9-1: Product: syz [ 449.766881][ T6146] usb 9-1: Manufacturer: syz [ 449.768376][ T6146] usb 9-1: SerialNumber: syz [ 449.771756][ T6146] usb 9-1: config 0 descriptor?? [ 449.773990][T19923] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 449.776379][T19923] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 449.780670][ T6146] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 450.023721][ T6262] usb 9-1: USB disconnect, device number 2 [ 450.126960][T19869] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 450.149781][ T1140] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 450.152803][ T1140] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 450.162634][ T1140] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 450.187268][ T1140] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 450.240918][T19936] netlink: 'syz.6.22052': attribute type 21 has an invalid length. [ 450.242529][ T93] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 450.244453][T19936] IPv6: NLM_F_CREATE should be specified when creating new route [ 450.246484][ T93] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 450.249066][T19936] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 450.253835][T19936] IPv6: NLM_F_CREATE should be set when creating new route [ 450.256243][T19936] IPv6: NLM_F_CREATE should be set when creating new route [ 450.258573][T19936] IPv6: NLM_F_CREATE should be set when creating new route [ 450.261028][T19934] netlink: 28 bytes leftover after parsing attributes in process `syz.3.22058'. [ 450.268419][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 450.270733][T19936] netlink: 'syz.6.22052': attribute type 21 has an invalid length. [ 450.270890][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 450.275250][T19936] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 450.354115][T19946] xt_socket: unknown flags 0xd0 [ 450.744180][ T6129] Bluetooth: hci0: command tx timeout [ 450.875257][ T24] IPVS: starting estimator thread 0... [ 450.968560][T20017] IPVS: using max 48 ests per chain, 115200 per kthread [ 451.087438][T20041] ipvlan3: entered promiscuous mode [ 451.090133][T20041] bridge0: port 3(ipvlan3) entered blocking state [ 451.097303][T20041] bridge0: port 3(ipvlan3) entered disabled state [ 451.100691][T20041] ipvlan3: entered allmulticast mode [ 451.102896][T20041] bridge0: entered allmulticast mode [ 451.110769][T20041] ipvlan3: left allmulticast mode [ 451.112431][T20041] bridge0: left allmulticast mode [ 451.824302][ T24] usb 11-1: new high-speed USB device number 2 using dummy_hcd [ 451.914293][T20134] comedi: valid board names for 8255 driver are: [ 451.916417][T20134] 8255 [ 451.917339][T20134] comedi: valid board names for vmk80xx driver are: [ 451.919566][T20134] vmk80xx [ 451.921020][T20134] comedi: valid board names for usbduxsigma driver are: [ 451.923271][T20134] usbduxsigma [ 451.924343][T20134] comedi: valid board names for usbduxfast driver are: [ 451.926447][T20134] usbduxfast [ 451.927525][T20134] comedi: valid board names for usbdux driver are: [ 451.929599][T20134] usbdux [ 451.931029][T20134] comedi: valid board names for ni6501 driver are: [ 451.933095][T20134] ni6501 [ 451.934084][T20134] comedi: valid board names for dt9812 driver are: [ 451.936206][T20134] dt9812 [ 451.937163][T20134] comedi: valid board names for ni_labpc_cs driver are: [ 451.939278][T20134] ni_labpc_cs [ 451.940505][T20134] comedi: valid board names for ni_daq_700 driver are: [ 451.943875][T20134] ni_daq_700 [ 451.944974][T20134] comedi: valid board names for labpc_pci driver are: [ 451.947174][T20134] labpc_pci [ 451.948231][T20134] comedi: valid board names for adl_pci9118 driver are: [ 451.950397][T20134] pci9118dg [ 451.951603][T20134] pci9118hg [ 451.953479][T20134] pci9118hr [ 451.954792][T20134] comedi: valid board names for 8255_pci driver are: [ 451.956806][T20134] 8255_pci [ 451.957795][T20134] comedi: valid board names for s526 driver are: [ 451.959782][T20134] s526 [ 451.960686][T20134] comedi: valid board names for multiq3 driver are: [ 451.963189][T20134] multiq3 [ 451.964251][T20134] comedi: valid board names for pcmuio driver are: [ 451.966197][T20134] pcmuio48 [ 451.967233][T20134] pcmuio96 [ 451.968363][T20134] comedi: valid board names for pcmmio driver are: [ 451.970505][T20134] pcmmio [ 451.971486][T20134] comedi: valid board names for pcmda12 driver are: [ 451.974177][T20134] pcmda12 [ 451.975304][T20134] comedi: valid board names for pcmad driver are: [ 451.977420][T20134] pcmad12 [ 451.978449][T20134] pcmad16 [ 451.979569][T20134] comedi: valid board names for ni_labpc driver are: [ 451.981776][T20134] lab-pc-1200 [ 451.982958][T20134] lab-pc-1200ai [ 451.984386][T20134] lab-pc+ [ 451.985654][T20134] comedi: valid board names for atmio16 driver are: [ 451.987820][T20134] atmio16 [ 451.988815][T20134] atmio16d [ 451.989957][T20134] comedi: valid board names for ni_at_ao driver are: [ 451.992171][T20134] at-ao-6 [ 451.993190][T20134] at-ao-10 [ 451.994279][T20134] comedi: valid board names for ni_at_a2150 driver are: [ 451.997019][T20134] ni_at_a2150 [ 451.998483][T20134] comedi: valid board names for adq12b driver are: [ 452.000733][T20134] adq12b [ 452.001590][ T24] usb 11-1: Using ep0 maxpacket: 16 [ 452.002004][T20134] comedi: valid board names for mpc624 driver are: [ 452.005819][ T24] usb 11-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 452.009516][T20134] mpc624 [ 452.011559][T20134] comedi: valid board names for c6xdigio driver are: [ 452.014264][T20134] c6xdigio [ 452.014770][ T24] usb 11-1: config 0 interface 0 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 452.015666][T20134] comedi: valid board names for aio_iiro_16 driver are: [ 452.021713][ T24] usb 11-1: config 0 interface 0 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 452.023574][T20134] aio_iiro_16 [ 452.027344][T20142] tmpfs: Cannot retroactively limit inodes [ 452.028258][ T24] usb 11-1: config 0 interface 0 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 452.028283][ T24] usb 11-1: config 0 interface 0 has no altsetting 0 [ 452.032660][ T24] usb 11-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 452.038480][T20134] comedi: valid board names for aio_aio12_8 driver are: [ 452.044920][T20134] aio_aio12_8 [ 452.046026][T20134] aio_ai12_8 [ 452.047098][T20134] aio_ao12_4 [ 452.048094][ T24] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 452.049265][T20134] comedi: valid board names for fl512 driver are: [ 452.050808][ T24] usb 11-1: Product: syz [ 452.053044][T20134] fl512 [ 452.054410][ T24] usb 11-1: Manufacturer: syz [ 452.055404][T20134] comedi: valid board names for dmm32at driver are: [ 452.055412][T20134] dmm32at [ 452.057391][ T24] usb 11-1: SerialNumber: syz [ 452.060034][T20134] comedi: valid board names for dt282x driver are: [ 452.064791][T20134] dt2821 [ 452.065804][T20134] dt2821-f [ 452.066848][T20134] dt2821-g [ 452.067883][T20134] dt2823 [ 452.068853][T20134] dt2824-pgh [ 452.070427][T20134] dt2824-pgl [ 452.071551][T20134] dt2825 [ 452.072493][T20134] dt2827 [ 452.073537][T20134] dt2828 [ 452.074577][T20134] dt2829 [ 452.075427][ T24] usb 11-1: config 0 descriptor?? [ 452.075586][T20134] dt21-ez [ 452.075593][T20134] dt23-ez [ 452.075597][T20134] dt24-ez [ 452.075601][T20134] dt24-ez-pgl [ 452.075606][T20134] comedi: valid board names for dt2817 driver are: [ 452.075611][T20134] dt2817 [ 452.075615][T20134] comedi: valid board names for dt2815 driver are: [ 452.077863][T20100] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 452.078277][T20134] dt2815 [ 452.092234][T20134] comedi: valid board names for dt2814 driver are: [ 452.094740][T20134] dt2814 [ 452.095895][T20134] comedi: valid board names for dt2811 driver are: [ 452.098241][T20134] dt2811-pgh [ 452.099348][T20134] dt2811-pgl [ 452.100432][T20134] comedi: valid board names for dt2801 driver are: [ 452.103041][T20134] dt2801 [ 452.104043][T20134] comedi: valid board names for das6402 driver are: [ 452.106158][T20134] das6402-12 [ 452.107283][T20134] das6402-16 [ 452.108540][T20134] comedi: valid board names for das1800 driver are: [ 452.110680][T20134] das-1701st [ 452.111809][T20134] das-1701st-da [ 452.121483][T20134] das-1702st [ 452.122640][T20134] das-1702st-da [ 452.124373][T20134] das-1702hr [ 452.125445][T20134] das-1702hr-da [ 452.126630][T20134] das-1701ao [ 452.127708][T20134] das-1702ao [ 452.128796][T20134] das-1801st [ 452.129854][T20134] das-1801st-da [ 452.131030][T20134] das-1802st [ 452.132092][T20134] das-1802st-da [ 452.133258][T20134] das-1802hr [ 452.134819][T20134] das-1802hr-da [ 452.135986][T20134] das-1801hc [ 452.137123][T20134] das-1802hc [ 452.138154][T20134] das-1801ao [ 452.139239][T20134] das-1802ao [ 452.139288][T20148] Invalid source name [ 452.140436][T20134] comedi: valid board names for das800 driver are: [ 452.140446][T20134] das-800 [ 452.140451][T20134] cio-das800 [ 452.140455][T20134] das-801 [ 452.140459][T20134] cio-das801 [ 452.140463][T20134] das-802 [ 452.140467][T20134] cio-das802 [ 452.151024][T20134] cio-das802/16 [ 452.152190][T20134] comedi: valid board names for isa-das08 driver are: [ 452.154391][T20134] isa-das08 [ 452.157045][T20134] das08-pgm [ 452.158097][T20134] das08-pgh [ 452.159154][T20134] das08-pgl [ 452.160228][T20134] das08-aoh [ 452.161386][T20134] das08-aol [ 452.162467][T20134] das08-aom [ 452.163571][T20134] das08/jr-ao [ 452.164646][T20134] das08jr-16-ao [ 452.166204][T20134] pc104-das08 [ 452.167660][T20134] das08jr/16 [ 452.168808][T20134] comedi: valid board names for das16m1 driver are: [ 452.171135][T20134] das16m1 [ 452.172237][T20134] comedi: valid board names for dac02 driver are: [ 452.174389][T20134] dac02 [ 452.175294][T20134] comedi: valid board names for rti802 driver are: [ 452.177661][T20134] rti802 [ 452.178608][T20134] comedi: valid board names for rti800 driver are: [ 452.180716][T20134] rti800 [ 452.181672][T20134] rti815 [ 452.182658][T20134] comedi: valid board names for pcm3724 driver are: [ 452.184787][T20134] pcm3724 [ 452.186027][T20134] comedi: valid board names for pcl818 driver are: [ 452.189141][T20134] pcl818l [ 452.190567][T20134] pcl818h [ 452.191959][T20134] pcl818hd [ 452.193286][T20134] pcl818hg [ 452.194276][T20134] pcl818 [ 452.195263][T20134] pcl718 [ 452.196223][T20134] pcm3718 [ 452.203059][T20134] comedi: valid board names for pcl816 driver are: [ 452.206713][T20134] pcl816 [ 452.207867][T20134] pcl814b [ 452.209638][T20134] comedi: valid board names for pcl812 driver are: [ 452.211822][T20134] pcl812 [ 452.212784][T20134] pcl812pg [ 452.213820][T20134] acl8112pg [ 452.214968][T20134] acl8112dg [ 452.216078][T20134] acl8112hg [ 452.217179][T20134] a821pgl [ 452.218236][T20134] a821pglnda [ 452.219933][T20134] a821pgh [ 452.221121][T20134] a822pgl [ 452.222203][T20134] a822pgh [ 452.223566][T20134] a823pgl [ 452.224825][T20134] a823pgh [ 452.226213][T20134] pcl813 [ 452.227530][T20134] pcl813b [ 452.228884][T20134] acl8113 [ 452.231542][T20134] iso813 [ 452.232521][T20134] acl8216 [ 452.233677][T20134] a826pg [ 452.234768][T20134] comedi: valid board names for pcl730 driver are: [ 452.237229][T20134] pcl730 [ 452.238208][T20134] iso730 [ 452.239238][T20134] acl7130 [ 452.240303][T20134] pcm3730 [ 452.241818][T20134] pcl725 [ 452.242901][T20134] p8r8dio [ 452.243948][T20134] acl7225b [ 452.244994][T20134] p16r16dio [ 452.246056][T20134] pcl733 [ 452.247517][T20134] pcl734 [ 452.248613][T20134] opmm-1616-xt [ 452.249884][T20134] pearl-mm-p [ 452.251102][T20134] ir104-pbf [ 452.252656][T20134] comedi: valid board names for pcl726 driver are: [ 452.255044][T20134] pcl726 [ 452.256054][T20134] pcl727 [ 452.257066][T20134] pcl728 [ 452.258107][T20134] acl6126 [ 452.259378][T20134] acl6128 [ 452.260627][T20134] comedi: valid board names for pcl724 driver are: [ 452.263337][T20134] pcl724 [ 452.264543][T20134] pcl722 [ 452.265737][T20134] pcl731 [ 452.266865][T20134] acl7122 [ 452.268149][T20134] acl7124 [ 452.269313][T20134] pet48dio [ 452.270355][T20134] pcmio48 [ 452.271471][T20134] onyx-mm-dio [ 452.272919][T20134] comedi: valid board names for pcl711 driver are: [ 452.277558][T20134] pcl711 [ 452.278780][T20134] pcl711b [ 452.279893][T20134] acl8112hg [ 452.281017][T20134] acl8112dg [ 452.282147][T20134] comedi: valid board names for amplc_pc263 driver are: [ 452.285311][T20134] pc263 [ 452.286341][T20134] comedi: valid board names for amplc_pc236 driver are: [ 452.288602][T20134] pc36at [ 452.289612][T20134] comedi: valid board names for amplc_dio200 driver are: [ 452.292125][T20134] pc212e [ 452.293126][T20134] pc214e [ 452.300405][T20100] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 452.302863][T20134] pc215e [ 452.303858][T20134] pc218e [ 452.305634][T20134] pc272e [ 452.307003][T20134] comedi: valid board names for comedi_parport driver are: [ 452.309384][T20134] comedi_parport [ 452.310616][T20134] comedi: valid board names for comedi_test driver are: [ 452.311969][ T24] input: syz syz as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.0/input/input49 [ 452.313063][T20134] comedi_test [ 452.320588][T20134] comedi: valid board names for comedi_bond driver are: [ 452.324188][T20134] comedi_bond [ 452.499978][ T40] kauditd_printk_skb: 11 callbacks suppressed [ 452.499991][ T40] audit: type=1326 audit(2000000230.084:29777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20179 comm="syz.7.22171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 452.513154][ T40] audit: type=1326 audit(2000000230.084:29778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20179 comm="syz.7.22171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 452.521702][ T40] audit: type=1326 audit(2000000230.084:29779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20179 comm="syz.7.22171" exe="/syz-executor" sig=0 arch=40000003 syscall=24 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 452.531529][ T40] audit: type=1326 audit(2000000230.084:29780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20179 comm="syz.7.22171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 452.539044][ T40] audit: type=1326 audit(2000000230.084:29781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20179 comm="syz.7.22171" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 452.578053][T20188] program syz.3.22175 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 452.676928][T20194] mkiss: ax0: crc mode is auto. [ 452.978201][ T6129] Bluetooth: hci0: command tx timeout [ 453.234120][ T6146] usb 11-1: USB disconnect, device number 2 [ 453.271313][T20196] Bluetooth: MGMT ver 1.23 [ 453.643155][T20243] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 453.690165][T20249] ip6gretap0: entered promiscuous mode [ 453.692050][T20249] macsec1: entered promiscuous mode [ 453.694093][T20249] macsec1: entered allmulticast mode [ 453.697355][T20249] ip6gretap0: entered allmulticast mode [ 453.700759][T20249] ip6gretap0: left allmulticast mode [ 453.702590][T20249] ip6gretap0: left promiscuous mode [ 453.771086][T20255] vivid-007: disconnect [ 453.773300][T20254] vivid-007: reconnect [ 453.852728][T20262] loop6: detected capacity change from 0 to 524287999 [ 453.867739][T20266] netlink: 'syz.4.22212': attribute type 2 has an invalid length. [ 454.307364][T20332] netlink: 'syz.3.22243': attribute type 11 has an invalid length. [ 454.446637][ T40] audit: type=1800 audit(2000000231.908:29782): pid=20345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.7.22249" name="/newroot/58/bus/#312//deleted" dev="tmpfs" ino=312 res=0 errno=0 [ 454.550403][T20367] nbd: must specify an index to disconnect [ 454.584434][T20371] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold [ 454.809763][T20395] mkiss: ax0: crc mode is auto. [ 454.952205][T20413] __nla_validate_parse: 1 callbacks suppressed [ 454.952221][T20413] netlink: 12 bytes leftover after parsing attributes in process `syz.7.22281'. [ 454.958718][T20413] netlink: 12 bytes leftover after parsing attributes in process `syz.7.22281'. [ 455.201821][ T6129] Bluetooth: hci0: command tx timeout [ 455.207078][T20443] netlink: 4 bytes leftover after parsing attributes in process `syz.7.22297'. [ 455.358661][T20449] netlink: 27 bytes leftover after parsing attributes in process `syz.7.22299'. [ 455.845246][T20488] virt_wifi0 speed is unknown, defaulting to 1000 [ 455.848047][T20488] wg1 speed is unknown, defaulting to 1000 [ 455.954079][T20492] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_hsr, syncid = 4, id = 0 [ 456.115816][T20500] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 456.121406][T20500] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 456.444388][T20514] netlink: 12 bytes leftover after parsing attributes in process `syz.3.22331'. [ 456.458265][T20516] netlink: 'syz.4.22330': attribute type 4 has an invalid length. [ 456.460907][T20516] netlink: 17 bytes leftover after parsing attributes in process `syz.4.22330'. [ 456.483954][T20520] netlink: 8 bytes leftover after parsing attributes in process `syz.3.22333'. [ 456.775410][T20559] autofs: Bad value for 'fd' [ 456.868238][T20568] netlink: 8 bytes leftover after parsing attributes in process `syz.7.22355'. [ 456.872538][T20568] netlink: 4 bytes leftover after parsing attributes in process `syz.7.22355'. [ 456.875437][T20568] netlink: 'syz.7.22355': attribute type 7 has an invalid length. [ 456.878188][T20568] netlink: 'syz.7.22355': attribute type 13 has an invalid length. [ 457.426121][ T6129] Bluetooth: hci0: command tx timeout [ 457.517866][T20608] netlink: 72 bytes leftover after parsing attributes in process `syz.3.22375'. [ 457.769624][T20623] netlink: 'syz.3.22382': attribute type 1 has an invalid length. [ 457.772935][T20623] netlink: 'syz.3.22382': attribute type 1 has an invalid length. [ 458.039221][T20652] macvlan2: entered allmulticast mode [ 458.041298][T20652] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 458.106527][T20658] IPVS: ip_vs_edit_dest(): server weight less than zero [ 458.319217][T20695] netlink: 'syz.4.22413': attribute type 11 has an invalid length. [ 458.494056][T20730] genirq: Flags mismatch irq 4. 00200000 (pcl816) vs. 00200080 (ttyS0) [ 459.303718][T20825] netlink: 'syz.4.22475': attribute type 1 has an invalid length. [ 459.376326][T20833] : entered promiscuous mode [ 459.483774][ T62] Bluetooth: hci4: Frame reassembly failed (-84) [ 459.572519][T20863] binder: 20862:20863 ioctl 541b 0 returned -22 [ 459.834948][T20894] Invalid source name [ 460.155541][T20939] binder: 20937:20939 ioctl c018620c 80000140 returned -22 [ 460.349776][T20955] syz_tun: entered allmulticast mode [ 461.390868][T20979] __nla_validate_parse: 8 callbacks suppressed [ 461.390880][T20979] netlink: 12 bytes leftover after parsing attributes in process `syz.6.22546'. [ 461.459767][T20989] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 461.609512][T21009] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 461.613689][T21009] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1) [ 461.692666][ T64] Bluetooth: hci4: command 0x1003 tx timeout [ 461.693260][ T6129] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 461.764023][T21030] program syz.4.22570 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 462.125979][T21072] netlink: 4 bytes leftover after parsing attributes in process `syz.4.22591'. [ 462.227213][ T6151] usb 12-1: new high-speed USB device number 2 using dummy_hcd [ 462.386023][ T6151] usb 12-1: Using ep0 maxpacket: 8 [ 462.389381][ T6151] usb 12-1: unable to get BOS descriptor or descriptor too short [ 462.392968][ T6151] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 462.397250][ T6151] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 462.400347][ T6151] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid maxpacket 65535, setting to 1024 [ 462.404058][ T6151] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1024 [ 462.407855][ T6151] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 462.411017][ T6151] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 43690, setting to 1024 [ 462.414639][ T6151] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024 [ 462.420684][ T6151] usb 12-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84 [ 462.423732][ T6151] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 462.426340][ T6151] usb 12-1: Product: syz [ 462.427797][ T6151] usb 12-1: Manufacturer: syz [ 462.429625][ T6151] usb 12-1: SerialNumber: syz [ 462.432643][ T6151] usb 12-1: config 0 descriptor?? [ 462.435061][T21057] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 462.438199][T21057] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 462.443926][ T6151] usb 12-1: Quirk or no altset; falling back to MIDI 1.0 [ 462.687651][T17779] usb 12-1: USB disconnect, device number 2 [ 462.730610][T21084] new mount options do not match the existing superblock, will be ignored [ 462.734271][T21084] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 "" [ 462.992477][T21103] netlink: 56 bytes leftover after parsing attributes in process `syz.3.22605'. [ 463.078265][T21113] netlink: 'syz.6.22612': attribute type 10 has an invalid length. [ 463.086617][T21113] 8021q: adding VLAN 0 to HW filter on device bond0 [ 463.090064][T21113] team0: Port device bond0 added [ 463.146662][T21123] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 463.308389][T21148] netlink: 12 bytes leftover after parsing attributes in process `syz.3.22624'. [ 463.333664][T21151] netlink: 'syz.7.22625': attribute type 4 has an invalid length. [ 463.336818][T21151] netlink: 17 bytes leftover after parsing attributes in process `syz.7.22625'. [ 463.405935][T21157] virt_wifi0 speed is unknown, defaulting to 1000 [ 463.408749][T21157] wg1 speed is unknown, defaulting to 1000 [ 463.556289][T21182] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 464.077963][T21228] virt_wifi0 speed is unknown, defaulting to 1000 [ 464.080812][T21228] wg1 speed is unknown, defaulting to 1000 [ 464.391059][T21243] mkiss: ax0: crc mode is auto. [ 464.943484][T21273] program syz.7.22682 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 465.106065][T21296] genirq: Flags mismatch irq 4. 00200000 (pcl816) vs. 00200080 (ttyS0) [ 465.526915][T21357] genirq: Flags mismatch irq 4. 00200000 (pcl816) vs. 00200080 (ttyS0) [ 465.590624][T21366] netlink: 36 bytes leftover after parsing attributes in process `syz.6.22730'. [ 465.801822][T21396] bond_slave_0: entered promiscuous mode [ 465.804136][T21396] bond_slave_1: entered promiscuous mode [ 465.806131][T21396] macvlan2: entered allmulticast mode [ 465.807991][T21396] bond0: entered allmulticast mode [ 465.809656][T21396] bond_slave_0: entered allmulticast mode [ 465.811499][T21396] bond_slave_1: entered allmulticast mode [ 465.813639][T21396] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 465.947006][T21409] netlink: 512 bytes leftover after parsing attributes in process `syz.4.22750'. [ 466.430499][T21420] ipvlan2: entered promiscuous mode [ 466.433062][T21420] bridge0: port 3(ipvlan2) entered blocking state [ 466.435367][T21420] bridge0: port 3(ipvlan2) entered disabled state [ 466.437940][T21420] ipvlan2: entered allmulticast mode [ 466.439665][T21420] bridge0: entered allmulticast mode [ 466.442399][T21420] ipvlan2: left allmulticast mode [ 466.444122][T21420] bridge0: left allmulticast mode [ 466.576442][ T40] audit: type=1326 audit(2000000002.983:29783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21426 comm="syz.7.22757" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 466.578876][T21429] netlink: 'syz.6.22758': attribute type 1 has an invalid length. [ 466.593847][ T40] audit: type=1326 audit(2000000002.983:29784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21426 comm="syz.7.22757" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 466.603057][ T40] audit: type=1326 audit(2000000002.983:29785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21426 comm="syz.7.22757" exe="/syz-executor" sig=0 arch=40000003 syscall=393 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 466.610164][ T40] audit: type=1326 audit(2000000002.983:29786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21426 comm="syz.7.22757" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 466.616873][ T40] audit: type=1326 audit(2000000003.002:29787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21426 comm="syz.7.22757" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 466.624761][ T40] audit: type=1326 audit(2000000003.002:29788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21426 comm="syz.7.22757" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 466.632127][ T40] audit: type=1326 audit(2000000003.002:29789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21426 comm="syz.7.22757" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf742d579 code=0x7ffc0000 [ 466.674952][T21436] netlink: 212368 bytes leftover after parsing attributes in process `syz.7.22762'. [ 466.757846][T21448] ptrace attach of "/syz-executor exec"[16052] was attempted by ""[21448] [ 466.792364][T21452] ================================================================== [ 466.794893][T21452] BUG: KASAN: slab-out-of-bounds in try_module_get+0x4c/0xd0 [ 466.797239][T21452] Write of size 4 at addr ffff888044ed1d08 by task syz.7.22770/21452 [ 466.800822][T21452] [ 466.802295][T21452] CPU: 2 UID: 0 PID: 21452 Comm: syz.7.22770 Tainted: G L syzkaller #0 PREEMPT(full) [ 466.802315][T21452] Tainted: [L]=SOFTLOCKUP [ 466.802320][T21452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 466.802329][T21452] Call Trace: [ 466.802334][T21452] [ 466.802340][T21452] dump_stack_lvl+0x100/0x190 [ 466.802355][T21452] print_report+0x156/0x4c9 [ 466.802372][T21452] ? __virt_addr_valid+0x81/0x620 [ 466.802395][T21452] ? __phys_addr+0xe8/0x180 [ 466.802417][T21452] ? try_module_get+0x4c/0xd0 [ 466.802429][T21452] kasan_report+0xdf/0x1a0 [ 466.802445][T21452] ? try_module_get+0x4c/0xd0 [ 466.802458][T21452] kasan_check_range+0x10f/0x1e0 [ 466.802468][T21452] try_module_get+0x4c/0xd0 [ 466.802480][T21452] dvb_device_open+0x124/0x3b0 [ 466.802494][T21452] ? __pfx_dvb_device_open+0x10/0x10 [ 466.802508][T21452] chrdev_open+0x234/0x6a0 [ 466.802521][T21452] ? __pfx_apparmor_file_open+0x10/0x10 [ 466.802536][T21452] ? __pfx_chrdev_open+0x10/0x10 [ 466.802551][T21452] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 466.802566][T21452] do_dentry_open+0x73e/0x1570 [ 466.802579][T21452] ? __pfx_chrdev_open+0x10/0x10 [ 466.802592][T21452] ? security_inode_permission+0xbf/0x250 [ 466.802612][T21452] vfs_open+0x82/0x3f0 [ 466.802628][T21452] path_openat+0x21dc/0x3120 [ 466.802645][T21452] ? __pfx_path_openat+0x10/0x10 [ 466.802661][T21452] do_filp_open+0x1f7/0x420 [ 466.802674][T21452] ? __pfx_do_filp_open+0x10/0x10 [ 466.802692][T21452] ? _raw_spin_unlock+0x28/0x50 [ 466.802702][T21452] ? alloc_fd+0x476/0x790 [ 466.802717][T21452] do_sys_openat2+0x12e/0x220 [ 466.802733][T21452] ? __pfx_do_sys_openat2+0x10/0x10 [ 466.802750][T21452] ? __ia32_sys_futex_time32+0x2f4/0x470 [ 466.802767][T21452] __ia32_compat_sys_openat+0x12d/0x210 [ 466.802779][T21452] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 466.802797][T21452] ? kcov_ioctl+0x16a/0x720 [ 466.802808][T21452] ? fput+0x79/0x100 [ 466.802823][T21452] do_int80_emulation+0x101/0x470 [ 466.802838][T21452] asm_int80_emulation+0x1a/0x20 [ 466.802849][T21452] RIP: 0023:0xf719572b [ 466.802858][T21452] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 466.802868][T21452] RSP: 002b:00000000f54563cc EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 466.802879][T21452] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5456490 [ 466.802886][T21452] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 466.802893][T21452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 466.802899][T21452] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 466.802906][T21452] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 466.802929][T21452] [ 466.802933][T21452] [ 466.897048][T21452] Allocated by task 1: [ 466.898428][T21452] kasan_save_stack+0x30/0x50 [ 466.900101][T21452] kasan_save_track+0x14/0x30 [ 466.901952][T21452] __kasan_kmalloc+0xaa/0xb0 [ 466.903538][T21452] dvb_register_device+0x1d6/0x1e60 [ 466.905271][T21452] dvb_dmxdev_init+0x319/0x4c0 [ 466.906832][T21452] vidtv_bridge_probe+0x75b/0xa30 [ 466.908578][T21452] platform_probe+0x106/0x1d0 [ 466.910129][T21452] really_probe+0x241/0xa60 [ 466.911631][T21452] __driver_probe_device+0x1de/0x400 [ 466.913394][T21452] driver_probe_device+0x4c/0x1b0 [ 466.915081][T21452] __driver_attach+0x217/0x5c0 [ 466.916688][T21452] bus_for_each_dev+0x13e/0x1d0 [ 466.918321][T21452] bus_add_driver+0x305/0x5b0 [ 466.919950][T21452] driver_register+0x1e2/0x360 [ 466.921515][T21452] vidtv_bridge_init+0x38/0x70 [ 466.923201][T21452] do_one_initcall+0x11d/0x690 [ 466.924805][T21452] kernel_init_freeable+0x6e5/0x790 [ 466.926525][T21452] kernel_init+0x1f/0x1e0 [ 466.928031][T21452] ret_from_fork+0x754/0xaf0 [ 466.929553][T21452] ret_from_fork_asm+0x1a/0x30 [ 466.931204][T21452] [ 466.932005][T21452] The buggy address belongs to the object at ffff888044ed1c00 [ 466.932005][T21452] which belongs to the cache kmalloc-256 of size 256 [ 466.937285][T21452] The buggy address is located 48 bytes to the right of [ 466.937285][T21452] allocated 216-byte region [ffff888044ed1c00, ffff888044ed1cd8) [ 466.943471][T21452] [ 466.944517][T21452] The buggy address belongs to the physical page: [ 466.947223][T21452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x44ed0 [ 466.950811][T21452] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 466.954376][T21452] ksm flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 466.957697][T21452] page_type: f5(slab) [ 466.959421][T21452] raw: 04fff00000000040 ffff88801b842b40 ffffea0001187c00 0000000000000003 [ 466.962308][T21452] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 466.965815][T21452] head: 04fff00000000040 ffff88801b842b40 ffffea0001187c00 0000000000000003 [ 466.969177][T21452] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 466.971933][T21452] head: 04fff00000000001 ffffea000113b401 00000000ffffffff 00000000ffffffff [ 466.974926][T21452] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 466.977814][T21452] page dumped because: kasan: bad access detected [ 466.980080][T21452] page_owner tracks the page as allocated [ 466.981907][T21452] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 19682272223, free_ts 0 [ 466.988319][T21452] post_alloc_hook+0x1e1/0x250 [ 466.990037][T21452] get_page_from_freelist+0xe3d/0x2e10 [ 466.992267][T21452] __alloc_frozen_pages_noprof+0x26c/0x2410 [ 466.994723][T21452] alloc_pages_mpol+0x1fb/0x550 [ 466.996771][T21452] new_slab+0x2c4/0x440 [ 466.998101][T21452] ___slab_alloc+0xda3/0x1ca0 [ 466.999645][T21452] __slab_alloc.isra.0+0x63/0x110 [ 467.001239][T21452] __kmalloc_cache_noprof+0x531/0x810 [ 467.002954][T21452] bus_add_driver+0x92/0x5b0 [ 467.004626][T21452] driver_register+0x1e2/0x360 [ 467.006671][T21452] usb_register_driver+0x21c/0x3e0 [ 467.008948][T21452] do_one_initcall+0x11d/0x690 [ 467.010847][T21452] kernel_init_freeable+0x6e5/0x790 [ 467.012541][T21452] kernel_init+0x1f/0x1e0 [ 467.014024][T21452] ret_from_fork+0x754/0xaf0 [ 467.016015][T21452] ret_from_fork_asm+0x1a/0x30 [ 467.017865][T21452] page_owner free stack trace missing [ 467.020113][T21452] [ 467.020971][T21452] Memory state around the buggy address: [ 467.022751][T21452] ffff888044ed1c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 467.025394][T21452] ffff888044ed1c80: 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc [ 467.027924][T21452] >ffff888044ed1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 467.030731][T21452] ^ [ 467.032215][T21452] ffff888044ed1d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 467.034994][T21452] ffff888044ed1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 467.037701][T21452] ================================================================== [ 467.044375][T21452] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 467.046767][T21452] CPU: 0 UID: 0 PID: 21452 Comm: syz.7.22770 Tainted: G L syzkaller #0 PREEMPT(full) [ 467.050286][T21452] Tainted: [L]=SOFTLOCKUP [ 467.051687][T21452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 467.055101][T21452] Call Trace: [ 467.056191][T21452] [ 467.057162][T21452] dump_stack_lvl+0x100/0x190 [ 467.058725][T21452] vpanic+0x20d/0x630 [ 467.060054][T21452] panic+0xd1/0xd1 [ 467.061472][T21452] ? __pfx_panic+0x10/0x10 [ 467.062899][T21452] ? try_module_get+0x4c/0xd0 [ 467.064449][T21452] ? preempt_schedule_common+0x42/0xc0 [ 467.066210][T21452] check_panic_on_warn.cold+0x19/0x34 [ 467.067987][T21452] end_report.part.0+0x3a/0x90 [ 467.069543][T21452] kasan_report.cold+0xe/0x18 [ 467.071078][T21452] ? try_module_get+0x4c/0xd0 [ 467.072595][T21452] kasan_check_range+0x10f/0x1e0 [ 467.074203][T21452] try_module_get+0x4c/0xd0 [ 467.075671][T21452] dvb_device_open+0x124/0x3b0 [ 467.077237][T21452] ? __pfx_dvb_device_open+0x10/0x10 [ 467.078942][T21452] chrdev_open+0x234/0x6a0 [ 467.080404][T21452] ? __pfx_apparmor_file_open+0x10/0x10 [ 467.082177][T21452] ? __pfx_chrdev_open+0x10/0x10 [ 467.083797][T21452] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 467.085787][T21452] do_dentry_open+0x73e/0x1570 [ 467.087363][T21452] ? __pfx_chrdev_open+0x10/0x10 [ 467.088973][T21452] ? security_inode_permission+0xbf/0x250 [ 467.090880][T21452] vfs_open+0x82/0x3f0 [ 467.092211][T21452] path_openat+0x21dc/0x3120 [ 467.093716][T21452] ? __pfx_path_openat+0x10/0x10 [ 467.095320][T21452] do_filp_open+0x1f7/0x420 [ 467.096791][T21452] ? __pfx_do_filp_open+0x10/0x10 [ 467.098350][T21452] ? _raw_spin_unlock+0x28/0x50 [ 467.099944][T21452] ? alloc_fd+0x476/0x790 [ 467.101372][T21452] do_sys_openat2+0x12e/0x220 [ 467.102883][T21452] ? __pfx_do_sys_openat2+0x10/0x10 [ 467.104602][T21452] ? __ia32_sys_futex_time32+0x2f4/0x470 [ 467.106413][T21452] __ia32_compat_sys_openat+0x12d/0x210 [ 467.108155][T21452] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 467.110124][T21452] ? kcov_ioctl+0x16a/0x720 [ 467.111623][T21452] ? fput+0x79/0x100 [ 467.112895][T21452] do_int80_emulation+0x101/0x470 [ 467.114514][T21452] asm_int80_emulation+0x1a/0x20 [ 467.116089][T21452] RIP: 0023:0xf719572b [ 467.117400][T21452] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 467.123558][T21452] RSP: 002b:00000000f54563cc EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 467.126208][T21452] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5456490 [ 467.128724][T21452] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000 [ 467.131241][T21452] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 467.133767][T21452] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 467.136298][T21452] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 467.138889][T21452] [ 467.140690][T21452] Kernel Offset: disabled [ 467.142097][T21452] Rebooting in 86400 seconds.. VM DIAGNOSIS: 00:13:38 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000003 RBX=ffff88802b2339e8 RCX=0000000000000000 RDX=0000000000000000 RSI=ffffffff8bfa3520 RDI=ffffffff8dee9f20 RBP=0000000000000000 RSP=ffffc9000dfc7928 R8 =0000000086db7919 R9 =0000000000000007 R10=0000000000000200 R11=0000000000000000 R12=ffffffff81f11080 R13=ffffc9000dfc79b0 R14=0000000000000000 R15=ffff8880280c4980 RIP=ffffffff81eb0c91 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880973e2000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f722f340 CR3=0000000064d9a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000001 RBX=ffff888023e6b018 RCX=0000000000000001 RDX=0000000000000000 RSI=ffff888023e6b018 RDI=ffff888023e6a4c0 RBP=ffff888023e6a4c0 RSP=ffffc900073c76d0 R8 =0000000000000000 R9 =0000000000000007 R10=0000000000000001 R11=0000000000000000 R12=0000000000000000 R13=0000000000000007 R14=0000000000000001 R15=0000000000000004 RIP=ffffffff81e264f1 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880974e2000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7465208 CR3=0000000048593000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000800940070 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff85674530 RDI=ffffffff9b1f3260 RBP=ffffffff9b1f3220 RSP=ffffc90007a57258 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3434303838387257 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff363e69e R15=dffffc0000000000 RIP=ffffffff85674557 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880975e2000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f5455ff4 CR3=0000000041bcf000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffff000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000028b8e9 RBX=ffff88801dea0000 RCX=ffffffff8b7424b5 RDX=0000000000000000 RSI=ffffffff8dc41eac RDI=ffffffff8bfa35a0 RBP=0000000000000003 RSP=ffffc9000048fdf0 R8 =0000000000000001 R9 =ffffed10056a673d R10=ffff88802b5339eb R11=0000000000000000 R12=ffffed1003bd4000 R13=0000000000000003 R14=ffffffff90b774d0 R15=0000000000000000 RIP=ffffffff8b740e1f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880976e2000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f73a6e98 CR3=000000000e392000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000