last executing test programs: 9m14.36558762s ago: executing program 1 (id=650): pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r5, 0x0, 0xf3a, 0x0) write(r1, &(0x7f0000000300)="c918", 0x2) close(r4) tee(r0, r5, 0x3ff, 0x0) write$binfmt_script(r5, 0x0, 0xd9) write(r2, 0x0, 0x0) 9m14.103662764s ago: executing program 1 (id=652): bpf$MAP_CREATE(0x0, 0x0, 0x48) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000004700)={'team0\x00', 0x0}) r3 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000100)={0x60, r1, 0x405, 0x70bd27, 0x25dfdbfe, {}, [{{0x8, 0x1, r2}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000431}, 0x4040084) 9m14.034882532s ago: executing program 1 (id=654): sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = socket(0x22, 0x80003, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b4"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000300)={@cgroup=r1, r1, 0x2e}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b4"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000180)={0x0, 0x0}, 0x0) r4 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r3, 0x4) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r4, r2, 0x0, r2}, 0x5) close_range(r0, 0xffffffffffffffff, 0x0) 9m14.031398745s ago: executing program 1 (id=655): timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x14, 0xf, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) 9m13.97559545s ago: executing program 1 (id=656): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220) r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'}) 9m13.086346118s ago: executing program 1 (id=665): socket(0x22, 0x80003, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r0, 0xffffffffffffffff, 0x26, 0x0, @void}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x5, 0x2, 0x4}, 0x50) r1 = socket$inet6(0xa, 0x3, 0x3c) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x5000, 0x0, @loopback, 0x5}, 0x1c) writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) 8m58.079668977s ago: executing program 32 (id=665): socket(0x22, 0x80003, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r0, 0xffffffffffffffff, 0x26, 0x0, @void}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x5, 0x2, 0x4}, 0x50) r1 = socket$inet6(0xa, 0x3, 0x3c) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x5000, 0x0, @loopback, 0x5}, 0x1c) writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) 27.054056865s ago: executing program 0 (id=2880): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r0) socket$unix(0x1, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x84) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r2, 0xc018620b, &(0x7f0000000040)={0x3}) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f) sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, 0x0, 0x4814) syz_io_uring_submit(0x0, 0x0, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, 0x0) setpriority(0x2, 0x0, 0x5d1) openat$rfkill(0xffffff9c, 0x0, 0x8080, 0x0) openat$comedi(0xffffff9c, &(0x7f0000000140)='/dev/comedi1\x00', 0x100, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f0000000000)={0x9000301b}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4880}, 0x4000000) mkdir(&(0x7f0000000100)='./control\x00', 0x0) r4 = openat$cgroup_freezer_state(r0, &(0x7f0000000440), 0x2, 0x0) sendfile(r4, r4, 0x0, 0x8000002) 25.915659027s ago: executing program 0 (id=2884): r0 = socket$alg(0x26, 0x5, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/67, 0x0, 0x4}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000000c0)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000006c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2}) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1) bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) 25.376676298s ago: executing program 0 (id=2886): r0 = socket$alg(0x26, 0x5, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000640), 0xfffffffc, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x20000, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, 0x0) ioctl$TUNATTACHFILTER(r3, 0x400454d1, &(0x7f00000000c0)={0x0, 0x0}) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/67, 0x0, 0x4}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000000c0)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000006c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1}) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f}, 0x94) bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) accept4(r0, 0x0, 0x0, 0x800) 23.10901211s ago: executing program 0 (id=2896): r0 = socket$alg(0x26, 0x5, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000640), 0xfffffffc, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x20000, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, 0x0) ioctl$TUNATTACHFILTER(r3, 0x400454d1, &(0x7f00000000c0)={0x0, 0x0}) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) r4 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r4) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/67, 0x0, 0x4}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000000c0)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000006c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r4}) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f}, 0x94) bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) accept4(r0, 0x0, 0x0, 0x800) 20.824546838s ago: executing program 0 (id=2902): r0 = socket$alg(0x26, 0x5, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000640), 0xfffffffc, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x7fff, 0x0, 0x1}}, 0x40) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) r3 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/67, 0x0, 0x4}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000000c0)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000006c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f}, 0x94) accept4(r0, 0x0, 0x0, 0x800) 18.959503643s ago: executing program 4 (id=2906): r0 = socket$alg(0x26, 0x5, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000640), 0xfffffffc, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x20000, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, 0x0) ioctl$TUNATTACHFILTER(r3, 0x400454d1, &(0x7f00000000c0)={0x0, 0x0}) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/67, 0x0, 0x4}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000000c0)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000006c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1}) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f}, 0x94) bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) accept4(r0, 0x0, 0x0, 0x800) 5.427232098s ago: executing program 0 (id=2910): r0 = socket$alg(0x26, 0x5, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000640), 0xfffffffc, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x20000, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, 0x0) ioctl$TUNATTACHFILTER(r3, 0x400454d1, &(0x7f00000000c0)={0x0, 0x0}) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) r4 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r4) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/67, 0x0, 0x4}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000000c0)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000006c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r4}) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f}, 0x94) bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) accept4(r0, 0x0, 0x0, 0x800) 5.422539514s ago: executing program 4 (id=2916): openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x801, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x4903, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000480), 0x129540, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$dri(0x0, 0x1ff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x6}, 0x50) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x80, 0xffffffff, 0x0, "8100e1c8e80b598c36ff000800"}) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x102800) ioctl$TCFLSH(r2, 0x540b, 0x2) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r4 = syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x400) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r5, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000340)={r6, 0x200, 0x0, 0x0, 0x1, [0x0], [0x0, 0x7], [0xdb3, 0x80000002, 0x2], [0x0, 0x4, 0x1, 0x1]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000080)={r7, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r8}) close_range(r1, 0xffffffffffffffff, 0x0) 5.402058679s ago: executing program 4 (id=2918): r0 = socket$alg(0x26, 0x5, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000640), 0xfffffffc, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) r3 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/67, 0x0, 0x4}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000000c0)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000006c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r3}) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1) bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) 4.359146999s ago: executing program 3 (id=2923): socket$inet_udplite(0x2, 0x2, 0x88) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x9, 0x7fff0000}]}) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000280)={0x3, 0x0, 0xfdfdffff, 0xff600000}) munlockall() prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) setsockopt$MRT_ADD_MFC(0xffffffffffffffff, 0x0, 0xcc, 0x0, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101) syz_open_dev$evdev(0x0, 0x68a4, 0x2080) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r4 = socket$kcm(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r4, 0x8982, 0x0) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000140)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) mmap$IORING_OFF_CQ_RING(&(0x7f0000696000/0x12000)=nil, 0x12000, 0x2000001, 0x80010, r3, 0x8000000) sendmsg$NFNL_MSG_ACCT_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x28, 0x0, 0x7, 0x201, 0x0, 0x0, {0x3, 0x0, 0x8}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_FLAGS={0x8}]}, 0x28}}, 0x28000) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000300)=""/59, 0x304000, 0x800, 0x8, 0x2}, 0x54) r5 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x80}, &(0x7f0000000180), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_FILES(r5, 0x2, 0x0, 0x0) io_uring_register$IORING_REGISTER_IOWQ_AFF(r5, 0x11, &(0x7f0000000440)="6fb73e0acea62f5a1d6b96c4fc072e64d8c0c3f34e38737f80a0dffbdbf076c4d6683c43a4c245f8b690594938b40d56c986896ac26b40674b778ce4edf69716a31db962e36f8b01377c97c9349153b696c8f40a00cd01d28f38a6b2309f695c9d60414687daefe6428debf43c96691eddf9db38f36de242610688c634e292c7612185c7b372f13418f0c0aadd769f31e6301de2c8057bc2208c54b2b221f7ebf19fec312840c9527cf5308a69e844ed", 0xb0) 3.343529809s ago: executing program 4 (id=2927): socket$alg(0x26, 0x5, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000640), 0xfffffffc, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x7fff, 0x0, 0x1}}, 0x40) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x20000, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, 0x0) ioctl$TUNATTACHFILTER(r2, 0x400454d1, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) r3 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r3) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r3}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/67, 0x0, 0x4}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000000c0)={0x1, 0x1, 0x0, &(0x7f00000006c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r3}) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1) 3.343046355s ago: executing program 3 (id=2928): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r0) socket$unix(0x1, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x84) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r2, 0xc018620b, &(0x7f0000000040)={0x3}) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f) sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, 0x0, 0x4814) syz_io_uring_submit(0x0, 0x0, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, 0x0) setpriority(0x2, 0x0, 0x5d1) openat$rfkill(0xffffff9c, 0x0, 0x8080, 0x0) openat$comedi(0xffffff9c, &(0x7f0000000140)='/dev/comedi1\x00', 0x100, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f0000000000)={0x9000301b}) write$P9_RLERROR(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[], 0xa) mkdir(&(0x7f0000000100)='./control\x00', 0x0) r4 = openat$cgroup_freezer_state(r0, &(0x7f0000000440), 0x2, 0x0) sendfile(r4, r4, 0x0, 0x8000002) 2.344784604s ago: executing program 3 (id=2931): openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x801, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x4903, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000480), 0x129540, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$dri(0x0, 0x1ff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x6}, 0x50) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x80, 0xffffffff, 0x0, "8100e1c8e80b598c36ff000800"}) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x102800) ioctl$TCFLSH(r2, 0x540b, 0x2) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r4 = syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x400) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r5, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000340)={r6, 0x200, 0x0, 0x0, 0x1, [], [0x0, 0x7], [0xdb3, 0x80000002, 0x2], [0x0, 0x4, 0x1, 0x1]}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000300)) close_range(r1, 0xffffffffffffffff, 0x0) 1.331390864s ago: executing program 3 (id=2935): openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x801, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x4903, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000480), 0x129540, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$dri(0x0, 0x1ff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x6}, 0x50) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x80, 0xffffffff, 0x0, "8100e1c8e80b598c36ff000800"}) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x102800) ioctl$TCFLSH(r1, 0x540b, 0x2) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x400) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r4, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000340)={r5, 0x200, 0x0, 0x0, 0x1, [0x0], [0x0, 0x7], [0xdb3, 0x80000002, 0x2], [0x0, 0x4, 0x1, 0x1]}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000080)={r6, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r7}) 398.644998ms ago: executing program 3 (id=2937): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/67, 0x0, 0x4}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000000c0)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000006c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x0, 0x0}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) 319.383629ms ago: executing program 2 (id=2938): openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x801, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x4903, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000480), 0x129540, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$dri(0x0, 0x1ff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x6}, 0x50) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x80, 0xffffffff, 0x0, "8100e1c8e80b598c36ff000800"}) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x102800) ioctl$TCFLSH(r2, 0x540b, 0x2) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r4 = syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x400) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r5, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000340)={r6, 0x200, 0x0, 0x0, 0x1, [0x0], [0x0, 0x7], [0xdb3, 0x80000002, 0x2], [0x0, 0x4, 0x1, 0x1]}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000080)={r7}) close_range(r1, 0xffffffffffffffff, 0x0) 318.873283ms ago: executing program 3 (id=2939): openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x801, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x4903, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000480), 0x129540, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$dri(0x0, 0x1ff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x6}, 0x50) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x80, 0xffffffff, 0x0, "8100e1c8e80b598c36ff000800"}) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x102800) ioctl$TCFLSH(r2, 0x540b, 0x2) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r4 = syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x400) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r5, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000340)={r6, 0x200, 0x0, 0x0, 0x1, [], [0x0, 0x7], [0xdb3, 0x80000002, 0x2], [0x0, 0x4, 0x1, 0x1]}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000300)) close_range(r1, 0xffffffffffffffff, 0x0) 305.959859ms ago: executing program 2 (id=2940): openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x801, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x4903, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000480), 0x129540, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$dri(0x0, 0x1ff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x6}, 0x50) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x80, 0xffffffff, 0x0, "8100e1c8e80b598c36ff000800"}) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x102800) ioctl$TCFLSH(r2, 0x540b, 0x2) r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r4 = syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x400) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r5, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000340)={r6, 0x200, 0x0, 0x0, 0x1, [0x0], [0x0, 0x7], [0xdb3, 0x80000002, 0x2], [0x0, 0x4, 0x1, 0x1]}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000080)={r7}) close_range(r1, 0xffffffffffffffff, 0x0) 230.864239ms ago: executing program 2 (id=2941): openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x801, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$cdrom(0xffffffffffffff9c, &(0x7f0000000000), 0x4903, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000480), 0x129540, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) syz_open_dev$dri(0x0, 0x1ff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x6}, 0x50) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x80, 0xffffffff, 0x0, "8100e1c8e80b598c36ff000800"}) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x102800) ioctl$TCFLSH(r1, 0x540b, 0x2) r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r3 = syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x400) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r4, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000340)={r5, 0x200, 0x0, 0x0, 0x1, [0x0], [0x0, 0x7], [0xdb3, 0x80000002, 0x2], [0x0, 0x4, 0x1, 0x1]}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000080)={r6, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r3, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r7}) 171.786085ms ago: executing program 2 (id=2942): r0 = socket$alg(0x26, 0x5, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000640), 0xfffffffc, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x20000, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, 0x0) ioctl$TUNATTACHFILTER(r3, 0x400454d1, &(0x7f00000000c0)={0x0, 0x0}) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) r4 = eventfd(0x0) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r4}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/67, 0x0, 0x4}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000000c0)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000006c0)=""/87, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r4}) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f}, 0x94) bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) accept4(r0, 0x0, 0x0, 0x800) 99.220724ms ago: executing program 4 (id=2943): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f00000008c0), 0x1, 0x400) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r2}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r3}) 28.270526ms ago: executing program 2 (id=2944): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r0) socket$unix(0x1, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x84) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r2, 0xc018620b, &(0x7f0000000040)={0x3}) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f) sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, 0x0, 0x4814) syz_io_uring_submit(0x0, 0x0, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, 0x0) setpriority(0x2, 0x0, 0x5d1) openat$rfkill(0xffffff9c, 0x0, 0x8080, 0x0) openat$comedi(0xffffff9c, &(0x7f0000000140)='/dev/comedi1\x00', 0x100, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r3, &(0x7f0000000000)={0x9000301b}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4880}, 0x4000000) mkdir(&(0x7f0000000100)='./control\x00', 0x0) r4 = openat$cgroup_freezer_state(r0, &(0x7f0000000440), 0x2, 0x0) sendfile(r4, r4, 0x0, 0x8000002) 414.759µs ago: executing program 2 (id=2945): ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000001180)=0x2000000) mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x4010, 0xffffffffffffffff, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, &(0x7f0000000080)=0x7) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x6, 0x0, 0x9, 0x0, 0x3, 0xfa12, 0xffffffff}, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000740)=@mangle={'mangle\x00', 0x1f, 0x6, 0x458, 0x2e8, 0x0, 0x2e8, 0x228, 0xa0, 0x3e8, 0x3e8, 0x3e8, 0x3e8, 0x3e8, 0x6, &(0x7f00000004c0), {[{{@ip={@loopback, @empty, 0xff, 0xffffffff, 'veth1\x00', 'lo\x00', {0xff}, {}, 0x11, 0x2, 0x38}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x488, 0x6, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e24}}}, {{@ip={@private=0xa010102, @multicast1, 0xffffffff, 0x0, 'veth0_to_bond\x00', 'gretap0\x00', {0xff}, {}, 0x5c, 0x2, 0x6a}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x3, 0x3, @local, 0x4e21}}}, {{@ip={@empty, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xffffff00, 0xff, 'netdevsim0\x00', 'batadv0\x00', {0xff}, {}, 0x0, 0x0, 0x73}, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}]}, @ECN={0x28, 'ECN\x00', 0x0, {0x0, 0xe5, 0x2}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @TTL={0x28, 'TTL\x00', 0x0, {0x3, 0x6}}}, {{@uncond, 0x0, 0xc0, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x7}}, @inet=@rpfilter={{0x28}, {0x3}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x8, @ipv4=@remote, 0x4e21}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4b8) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) prctl$PR_SET_PTRACER(0x59616d61, 0x0) 0s ago: executing program 4 (id=2946): r0 = socket$alg(0x26, 0x5, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f0000000640), 0xfffffffc, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x7fff, 0x0, 0x1}}, 0x40) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x20000, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, 0x0) ioctl$TUNATTACHFILTER(r3, 0x400454d1, &(0x7f00000000c0)={0x0, 0x0}) ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) r5 = eventfd(0x0) ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r5) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r5}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/67, 0x0, 0x4}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000000c0)={0x1, 0x1, &(0x7f0000000380)=""/231, 0x0, &(0x7f0000000480)=""/70, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]}) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r5}) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f}, 0x94) bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) accept4(r0, 0x0, 0x0, 0x800) kernel console output (not intermixed with test programs): confined op=collect_data cause=failed comm="syz.3.348" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=15394 res=0 errno=0 [ 130.558868][ T6027] usblp 7-1:0.0: usblp1: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0A25 pid 0xA44E [ 130.645216][ T1470] usb 6-1: Using ep0 maxpacket: 8 [ 130.649445][ T1470] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 130.659011][ T1470] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 130.662506][ T1470] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 130.666041][ T1470] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 130.670596][ T1470] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 130.673870][ T1470] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.738147][ C1] wdm_int_callback: 69 callbacks suppressed [ 130.738167][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 130.743520][ C1] wdm_int_callback: 69 callbacks suppressed [ 130.743542][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 130.749428][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 130.752186][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 130.755238][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 130.758015][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 130.763299][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 130.765573][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 130.773613][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 130.775936][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 130.784360][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 130.786784][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 130.788074][ T10] usb 7-1: USB disconnect, device number 4 [ 130.791320][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 130.793927][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 130.796950][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 130.799177][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 130.802483][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 130.804706][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 130.808397][ T53] usb 5-1: USB disconnect, device number 3 [ 130.813588][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 130.815868][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 130.817931][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 130.843389][ T10] usblp1: removed [ 130.886476][ T1470] usb 6-1: GET_CAPABILITIES returned 0 [ 130.888477][ T1470] usbtmc 6-1:16.0: can't read capabilities [ 131.093880][ T10] usb 6-1: USB disconnect, device number 4 [ 131.621484][ T7370] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 132.051380][ T7398] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 132.283793][ T10] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 132.310420][ T7411] netem: unknown loss type 0 [ 132.312706][ T7411] netem: change failed [ 132.443662][ T10] usb 6-1: Using ep0 maxpacket: 32 [ 132.446927][ T10] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 132.452680][ T10] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 132.455769][ T10] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 132.459083][ T10] usb 6-1: Product: syz [ 132.460473][ T10] usb 6-1: Manufacturer: syz [ 132.462164][ T10] usb 6-1: SerialNumber: syz [ 132.465414][ T10] usb 6-1: config 0 descriptor?? [ 132.468516][ T7399] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 132.573586][ T53] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 132.653683][ T5995] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 132.726053][ T53] usb 7-1: too many configurations: 9, using maximum allowed: 8 [ 132.727552][ T6027] usb 6-1: USB disconnect, device number 5 [ 132.730544][ T53] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 132.735574][ T53] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 132.740481][ T53] usb 7-1: config 0 interface 0 has no altsetting 0 [ 132.745362][ T53] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 132.749222][ T53] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 132.754094][ T53] usb 7-1: config 0 interface 0 has no altsetting 0 [ 132.757904][ T53] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 132.761827][ T53] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 132.767892][ T53] usb 7-1: config 0 interface 0 has no altsetting 0 [ 132.772004][ T53] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 132.775979][ T53] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 132.780611][ T53] usb 7-1: config 0 interface 0 has no altsetting 0 [ 132.784641][ T53] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 132.788439][ T53] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 132.793243][ T53] usb 7-1: config 0 interface 0 has no altsetting 0 [ 132.797692][ T53] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 132.801613][ T53] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 132.803655][ T5995] usb 8-1: Using ep0 maxpacket: 8 [ 132.806304][ T53] usb 7-1: config 0 interface 0 has no altsetting 0 [ 132.809235][ T5995] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 132.811862][ T53] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 132.813400][ T5995] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 132.817439][ T53] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 132.820919][ T5995] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 132.825041][ T53] usb 7-1: config 0 interface 0 has no altsetting 0 [ 132.828381][ T5995] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 132.832176][ T53] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 132.834271][ T5995] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 132.837645][ T53] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 132.837672][ T53] usb 7-1: config 0 interface 0 has no altsetting 0 [ 132.839684][ T53] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 132.841315][ T5995] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 132.844858][ T53] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 132.846770][ T5995] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 132.850590][ T53] usb 7-1: Product: syz [ 132.852984][ T5995] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 132.856657][ T53] usb 7-1: Manufacturer: syz [ 132.860469][ T5995] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 132.862358][ T53] usb 7-1: SerialNumber: syz [ 132.866472][ T5995] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 132.871172][ T53] usb 7-1: config 0 descriptor?? [ 132.875270][ T5995] usb 8-1: config 168 descriptor has 1 excess byte, ignoring [ 132.883177][ T5995] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 132.885874][ T53] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0 [ 132.887561][ T5995] usb 8-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 132.896652][ T5995] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 132.900310][ T5995] usb 8-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 132.906718][ T5995] usb 8-1: string descriptor 0 read error: -22 [ 132.909272][ T5995] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 132.912900][ T5995] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.922153][ T5995] adutux 8-1:168.0: ADU100 now attached to /dev/usb/adutux1 [ 133.148697][ C1] usb 7-1: yurex_control_callback - control failed: -71 [ 133.148940][ T57] usb 7-1: USB disconnect, device number 5 [ 133.160592][ T57] yurex 7-1:0.0: USB YUREX #0 now disconnected [ 133.165075][ T6305] usb 8-1: USB disconnect, device number 8 [ 133.466505][ T7428] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 133.849421][ T7451] syzkaller1: entered promiscuous mode [ 133.851857][ T7451] syzkaller1: entered allmulticast mode [ 134.103671][ T5995] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 134.131029][ T7463] sg_read: process 334 (syz.3.401) changed security contexts after opening file descriptor, this is not allowed. [ 134.243658][ T57] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 134.264703][ T5995] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 134.268984][ T5995] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 134.275712][ T5995] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 134.279402][ T5995] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.290533][ T5995] usb 6-1: config 0 descriptor?? [ 134.305836][ T5995] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 134.312410][ T7474] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ2 [ 134.413626][ T57] usb 7-1: Using ep0 maxpacket: 8 [ 134.417455][ T57] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 134.421135][ T57] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 134.425721][ T57] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 134.430027][ T57] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 134.435939][ T57] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 134.441294][ T57] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 134.445561][ T57] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.613652][ T53] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 134.660669][ T57] usb 7-1: GET_CAPABILITIES returned 0 [ 134.663059][ T57] usbtmc 7-1:16.0: can't read capabilities [ 134.773645][ T53] usb 5-1: Using ep0 maxpacket: 8 [ 134.777193][ T53] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 134.781227][ T53] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 134.785513][ T53] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 134.789506][ T53] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 134.795027][ T53] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 134.798658][ T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.862432][ T1470] usb 7-1: USB disconnect, device number 6 [ 135.010455][ T53] usb 5-1: GET_CAPABILITIES returned 0 [ 135.012811][ T53] usbtmc 5-1:16.0: can't read capabilities [ 135.226169][ T1470] usb 5-1: USB disconnect, device number 4 [ 135.503774][ T6027] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 135.719154][ T6027] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 135.722180][ T6027] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 135.724881][ T6027] usb 8-1: Product: syz [ 135.726327][ T6027] usb 8-1: Manufacturer: syz [ 135.727970][ T6027] usb 8-1: SerialNumber: syz [ 135.731657][ T6027] usb 8-1: config 0 descriptor?? [ 135.888895][ T7498] netlink: 32 bytes leftover after parsing attributes in process `syz.0.415'. [ 135.947350][ T6027] usb 8-1: USB disconnect, device number 9 [ 136.265120][ T7505] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 136.877795][ T6027] usb 6-1: USB disconnect, device number 6 [ 136.951038][ T7490] Set syz1 is full, maxelem 65536 reached [ 137.004569][ T57] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 137.173615][ T57] usb 8-1: Using ep0 maxpacket: 8 [ 137.177389][ T57] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 137.182191][ T57] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 137.189470][ T57] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 137.193629][ T57] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 137.199015][ T57] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 137.202832][ T57] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.223619][ T53] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 137.394977][ T53] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 137.398599][ T53] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 137.401744][ T53] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 137.406084][ T53] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 137.409091][ T53] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.413319][ T53] usb 7-1: config 0 descriptor?? [ 137.420551][ T57] usb 8-1: GET_CAPABILITIES returned 0 [ 137.422927][ T57] usbtmc 8-1:16.0: can't read capabilities [ 137.423776][ T5995] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 137.483713][ T10] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 137.516463][ T1416] ieee802154 phy1 wpan1: encryption failed: -22 [ 137.574098][ T5995] usb 5-1: too many configurations: 9, using maximum allowed: 8 [ 137.577539][ T5995] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 137.580697][ T5995] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 137.584271][ T5995] usb 5-1: config 0 interface 0 has no altsetting 0 [ 137.587291][ T5995] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 137.590250][ T5995] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 137.593788][ T5995] usb 5-1: config 0 interface 0 has no altsetting 0 [ 137.596718][ T5995] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 137.599962][ T5995] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 137.603808][ T5995] usb 5-1: config 0 interface 0 has no altsetting 0 [ 137.606979][ T5995] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 137.609999][ T5995] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 137.613808][ T5995] usb 5-1: config 0 interface 0 has no altsetting 0 [ 137.619288][ T5995] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 137.622200][ T5995] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 137.622333][ C1] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 137.625951][ T5995] usb 5-1: config 0 interface 0 has no altsetting 0 [ 137.629247][ T7512] usbtmc 8-1:16.0: Unable to send data, error -71 [ 137.632040][ T5995] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 137.637356][ T10] usb 6-1: Using ep0 maxpacket: 32 [ 137.639694][ T5995] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 137.641253][ T6027] usb 8-1: USB disconnect, device number 10 [ 137.644649][ T5995] usb 5-1: config 0 interface 0 has no altsetting 0 [ 137.651682][ T5995] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 137.656010][ T5995] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 137.660807][ T5995] usb 5-1: config 0 interface 0 has no altsetting 0 [ 137.663907][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 137.668550][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 137.672702][ T10] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 137.676986][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.681310][ T5995] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 137.685406][ T5995] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 137.690054][ T5995] usb 5-1: config 0 interface 0 has no altsetting 0 [ 137.695040][ T10] usb 6-1: config 0 descriptor?? [ 137.698707][ T5995] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 137.702513][ T5995] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 137.707393][ T5995] usb 5-1: Product: syz [ 137.708950][ T5995] usb 5-1: Manufacturer: syz [ 137.710637][ T5995] usb 5-1: SerialNumber: syz [ 137.714083][ T5995] usb 5-1: config 0 descriptor?? [ 137.723124][ T5995] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0 [ 137.826533][ T53] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 137.829980][ T53] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 137.833247][ T53] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 137.837022][ T53] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 137.840280][ T53] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 137.843714][ T53] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 137.846958][ T53] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 137.849516][ T53] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 137.851935][ T53] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 137.854484][ T53] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 137.863926][ T53] plantronics 0003:047F:FFFF.0002: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 138.022583][ T53] usb 7-1: USB disconnect, device number 7 [ 138.036621][ C0] usb 5-1: yurex_control_callback - control failed: -71 [ 138.040110][ C3] usb 5-1: yurex_control_callback - control failed: -71 [ 138.040799][ T5995] usb 5-1: USB disconnect, device number 5 [ 138.047188][ T5995] yurex 5-1:0.0: USB YUREX #0 now disconnected [ 138.109304][ T10] savu 0003:1E7D:2D5A.0003: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 138.369708][ T6027] usb 6-1: USB disconnect, device number 7 [ 138.580519][ T7544] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 138.813610][ T57] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 138.966251][ T57] usb 7-1: config index 0 descriptor too short (expected 39, got 27) [ 138.969794][ T57] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 138.974764][ T57] usb 7-1: config 0 interface 0 has no altsetting 0 [ 138.981580][ T57] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 138.989161][ T57] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 138.992867][ T57] usb 7-1: Product: syz [ 138.995263][ T57] usb 7-1: Manufacturer: syz [ 138.997343][ T57] usb 7-1: SerialNumber: syz [ 139.008114][ T57] usb 7-1: config 0 descriptor?? [ 139.011598][ T57] hub 7-1:0.0: bad descriptor, ignoring hub [ 139.014602][ T57] hub 7-1:0.0: probe with driver hub failed with error -5 [ 139.019309][ T57] usb 7-1: selecting invalid altsetting 0 [ 139.108234][ T7577] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 139.129053][ T7581] netlink: 16 bytes leftover after parsing attributes in process `syz.0.447'. [ 139.160730][ T7583] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 139.165232][ T7583] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 139.264042][ T10] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 139.375700][ T7588] Illegal XDP return value 4294967274 on prog (id 59) dev N/A, expect packet loss! [ 139.413575][ T10] usb 8-1: Using ep0 maxpacket: 8 [ 139.420414][ T10] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 139.424887][ T10] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 139.428952][ T10] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 139.432640][ T10] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 139.436979][ T10] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 139.441905][ T10] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 139.445902][ T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.472824][ T7596] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 139.655297][ T10] usb 8-1: usb_control_msg returned -32 [ 139.657951][ T10] usbtmc 8-1:16.0: can't read capabilities [ 140.009436][ T7608] usbtmc 8-1:16.0: control status returned 0 [ 140.064039][ T7609] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 140.069555][ T57] usb 7-1: USB disconnect, device number 8 [ 140.213983][ T5995] usb 8-1: USB disconnect, device number 11 [ 140.973706][ T53] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 141.145415][ T53] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 141.148809][ T53] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 141.152946][ T53] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 141.156939][ T53] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 141.159636][ T53] usb 6-1: Manufacturer: syz [ 141.169174][ T53] usb 6-1: config 0 descriptor?? [ 141.223597][ T53] rc_core: IR keymap rc-hauppauge not found [ 141.226177][ T53] Registered IR keymap rc-empty [ 141.229164][ T53] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0 [ 141.236468][ T53] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input10 [ 141.338591][ T7671] netlink: 96 bytes leftover after parsing attributes in process `syz.3.485'. [ 141.362545][ T7672] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 141.377007][ T57] usb 6-1: USB disconnect, device number 8 [ 142.658436][ T7738] netlink: 12 bytes leftover after parsing attributes in process `syz.2.511'. [ 142.661719][ T7738] netlink: 12 bytes leftover after parsing attributes in process `syz.2.511'. [ 143.097743][ T7783] input: syz1 as /devices/virtual/input/input11 [ 143.303574][ T34] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 143.475333][ T34] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 143.480306][ T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 143.493577][ T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 143.497787][ T34] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 143.514424][ T34] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 143.517522][ T34] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 143.520371][ T34] usb 6-1: Manufacturer: syz [ 143.533955][ T34] usb 6-1: config 0 descriptor?? [ 143.946884][ T34] hid_parser_main: 5 callbacks suppressed [ 143.946902][ T34] appleir 0003:05AC:8243.0004: unknown main item tag 0x0 [ 143.984109][ T34] appleir 0003:05AC:8243.0004: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 144.174314][ T7810] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 144.467791][ T34] usb 6-1: USB disconnect, device number 9 [ 144.661160][ T7831] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 144.837724][ T7839] tmpfs: Unknown parameter 'usrquota_inodt' [ 145.077153][ T7849] overlayfs: upper fs does not support file handles, falling back to index=off. [ 145.089125][ T7849] evm: overlay not supported [ 145.323890][ T5995] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 145.493750][ T5995] usb 6-1: Using ep0 maxpacket: 8 [ 145.507215][ T5995] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 145.511879][ T5995] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 145.523709][ T5995] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 145.534248][ T5995] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 145.536585][ T54] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 145.543692][ T5995] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 145.547760][ T5995] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.634443][ T7874] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 145.683621][ T54] usb 8-1: Using ep0 maxpacket: 8 [ 145.688149][ T54] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 145.692590][ T54] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 145.699209][ T54] usb 8-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 145.704383][ T54] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 145.710363][ T54] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 145.714979][ T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.729629][ T54] usbtmc 8-1:16.0: bulk endpoints not found [ 145.769000][ T5995] usb 6-1: GET_CAPABILITIES returned 0 [ 145.771020][ T5995] usbtmc 6-1:16.0: can't read capabilities [ 145.973029][ T5995] usb 6-1: USB disconnect, device number 10 [ 146.532901][ T7895] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 146.999657][ T7920] input: syz1 as /devices/virtual/input/input12 [ 147.122262][ T5955] Bluetooth: hci1: Dropping invalid advertising data [ 147.125276][ T5955] Bluetooth: hci1: Malformed LE Event: 0x02 [ 147.163973][ T54] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 147.173967][ T54] hid-generic 0000:0000:0000.0005: hidraw1: HID v0.00 Device [syz1] on syz0 [ 147.294094][ T7934] bond0: (slave rose0): Error: Device is in use and cannot be enslaved usb_generic_handle_packet: ctrl buffer too small (16384 > 4096) [ 147.886252][ T7947] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 148.153721][ T7959] netlink: 8 bytes leftover after parsing attributes in process `syz.0.598'. [ 148.206364][ T7967] netlink: 4 bytes leftover after parsing attributes in process `syz.0.601'. [ 148.212381][ T7967] tipc: Started in network mode [ 148.216159][ T7967] tipc: Node identity ac14140f, cluster identity 4711 [ 148.219834][ T7967] tipc: New replicast peer: 255.255.255.255 [ 148.222393][ T7967] tipc: Enabled bearer , priority 10 [ 148.280282][ T7973] netlink: 4 bytes leftover after parsing attributes in process `syz.2.605'. [ 148.297408][ T5995] usb 8-1: USB disconnect, device number 12 [ 148.535382][ T7983] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 149.094688][ T8002] netlink: 8 bytes leftover after parsing attributes in process `syz.3.616'. [ 149.098831][ T8002] netlink: 8 bytes leftover after parsing attributes in process `syz.3.616'. [ 149.190584][ T8006] vxcan1: entered promiscuous mode [ 149.225041][ T53] tipc: Node number set to 2886997007 [ 149.283705][ T54] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 149.453807][ T54] usb 6-1: Using ep0 maxpacket: 8 [ 149.456888][ T54] usb 6-1: config 0 has an invalid interface number: 55 but max is 0 [ 149.460000][ T54] usb 6-1: config 0 has no interface number 0 [ 149.462657][ T54] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 149.468212][ T54] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 149.473453][ T54] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 149.477631][ T54] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 149.483168][ T54] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 149.487272][ T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.492269][ T54] usb 6-1: config 0 descriptor?? [ 149.498867][ T54] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 149.724442][ T8020] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 149.757555][ C2] ldusb 6-1:0.55: usb_submit_urb failed (-19) [ 149.757556][ T5995] usb 6-1: USB disconnect, device number 11 [ 149.768070][ T5995] ldusb 6-1:0.55: LD USB Device #0 now disconnected [ 150.366934][ T8036] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 150.421137][ T8043] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 150.439795][ T8043] block device autoloading is deprecated and will be removed. [ 150.698462][ T8057] netlink: 20 bytes leftover after parsing attributes in process `syz.2.636'. [ 150.755091][ T8059] netlink: 20 bytes leftover after parsing attributes in process `syz.2.636'. [ 150.954135][ T5995] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 151.105343][ T5995] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 151.112553][ T5995] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41 [ 151.116061][ T5995] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11 [ 151.118892][ T5995] usb 5-1: Product: syz [ 151.120384][ T5995] usb 5-1: Manufacturer: syz [ 151.121801][ T5995] usb 5-1: SerialNumber: syz [ 151.331951][ T5995] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 151.572053][ T8067] netlink: 8 bytes leftover after parsing attributes in process `syz.2.639'. [ 151.885494][ T8079] mmap: syz.3.643 (8079) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 152.243445][ T8091] fuse: root generation should be zero [ 152.547335][ T8109] team0: No ports can be present during mode change [ 152.625010][ T8115] VFS: Warning: syz.1.655 using old stat() call. Recompile your binary. [ 153.009866][ T8124] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 153.492423][ T2100] usb 5-1: USB disconnect, device number 6 [ 153.497670][ T2100] usblp0: removed [ 154.011750][ T8151] kvm: pic: non byte write [ 154.014079][ T8151] kvm: pic: non byte write [ 154.016354][ T8151] kvm: pic: non byte write [ 154.021457][ T8151] kvm: pic: non byte write [ 154.023316][ T8151] kvm: pic: non byte write [ 154.025163][ T8151] kvm: pic: non byte write [ 154.027281][ T8151] kvm: pic: non byte write [ 154.029108][ T8151] kvm: pic: non byte write [ 154.030895][ T8151] kvm: pic: non byte write [ 154.032979][ T8151] kvm: pic: non byte write [ 154.845378][ T5955] Bluetooth: hci1: Dropping invalid advertising data [ 154.847655][ T5955] Bluetooth: hci1: Malformed LE Event: 0x02 [ 155.950625][ T8211] netlink: 'syz.2.686': attribute type 12 has an invalid length. [ 156.304904][ T8225] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 156.721321][ T8234] netlink: 'syz.0.695': attribute type 1 has an invalid length. [ 156.725160][ T8234] netlink: 224 bytes leftover after parsing attributes in process `syz.0.695'. [ 157.139627][ T8255] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 157.753717][ T5995] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 157.778643][ T8267] netlink: 60 bytes leftover after parsing attributes in process `syz.0.706'. [ 157.903789][ T5995] usb 7-1: Using ep0 maxpacket: 8 [ 157.923819][ T5995] usb 7-1: config 0 has an invalid interface number: 55 but max is 0 [ 157.927155][ T5995] usb 7-1: config 0 has no interface number 0 [ 157.929702][ T5995] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 157.934292][ T5995] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 157.938990][ T5995] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 157.943617][ T5995] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 157.948842][ T5995] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 157.952582][ T5995] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.957125][ T5995] usb 7-1: config 0 descriptor?? [ 157.963820][ T5995] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 158.217937][ T54] usb 7-1: USB disconnect, device number 9 [ 158.217945][ C0] ldusb 7-1:0.55: usb_submit_urb failed (-19) [ 158.227819][ T54] ldusb 7-1:0.55: LD USB Device #0 now disconnected [ 158.839251][ T8280] netlink: 'syz.2.712': attribute type 1 has an invalid length. [ 159.869148][ T8280] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR [ 159.905096][ T8282] vlan3: entered allmulticast mode [ 159.910394][ T8282] veth1: entered allmulticast mode [ 159.967525][ T8287] binder: 8286:8287 ioctl c0306201 80000180 returned -14 [ 159.998622][ T8289] syzkaller0: entered promiscuous mode [ 160.001122][ T8289] syzkaller0: entered allmulticast mode [ 160.176880][ T8303] syzkaller0: entered promiscuous mode [ 160.179508][ T8303] syzkaller0: entered allmulticast mode [ 160.271365][ T8304] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 160.378287][ T8311] binder: BINDER_SET_CONTEXT_MGR already set [ 160.382423][ T8311] binder: 8310:8311 ioctl 4018620d 80000040 returned -16 [ 160.449985][ T8311] syz.0.719 (8311): drop_caches: 2 [ 160.959891][ T5955] Bluetooth: hci1: Dropping invalid advertising data [ 160.962465][ T5955] Bluetooth: hci1: Malformed LE Event: 0x02 [ 161.067623][ T8331] binder_alloc: 8329: binder_alloc_buf, no vma [ 161.105240][ T8333] binder_alloc: 8332: pid 8332 spamming oneway? 1 buffers allocated for a total size of 4096 [ 161.427401][ T40] audit: type=1804 audit(1763494879.037:109): pid=8348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.733" name="/newroot/201/file1" dev="fuse" ino=1 res=1 errno=0 [ 161.452945][ T40] audit: type=1800 audit(1763494879.037:110): pid=8348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.733" name="/" dev="fuse" ino=1 res=0 errno=0 [ 161.462686][ T40] audit: type=1800 audit(1763494879.037:111): pid=8347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.733" name="/" dev="fuse" ino=1 res=0 errno=0 [ 163.903623][ T34] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 164.055461][ T34] usb 7-1: config 0 has no interfaces? [ 164.060105][ T34] usb 7-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 164.064590][ T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.069693][ T34] usb 7-1: Product: syz [ 164.071613][ T34] usb 7-1: Manufacturer: syz [ 164.074032][ T34] usb 7-1: SerialNumber: syz [ 164.078762][ T34] usb 7-1: config 0 descriptor?? [ 164.301297][ T8404] netdevsim netdevsim2 netdevsim0: unset [1, 1] type 2 family 0 port 20004 - 0 [ 164.353936][ T6027] usb 7-1: USB disconnect, device number 10 [ 164.633707][ T5952] Bluetooth: hci4: command 0x1003 tx timeout [ 164.633738][ T5955] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 165.488011][ T8423] random: crng reseeded on system resumption [ 165.649658][ T8431] capability: warning: `syz.0.760' uses 32-bit capabilities (legacy support in use) [ 167.218073][ T8458] binder: BINDER_SET_CONTEXT_MGR already set [ 167.220900][ T8458] binder: 8457:8458 ioctl 4018620d 80000040 returned -16 [ 167.223693][ T40] audit: type=1107 audit(1763494884.827:112): pid=8456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 167.250343][ T8461] netlink: 8 bytes leftover after parsing attributes in process `syz.0.771'. [ 167.253882][ T8461] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 167.256623][ T8461] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 167.274623][ T8461] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 167.277958][ T8461] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 168.471418][ T8483] tipc: Enabled bearer , priority 0 [ 168.475115][ T8483] mac80211_hwsim hwsim2 syzkaller0: entered promiscuous mode [ 168.478462][ T8483] mac80211_hwsim hwsim2 syzkaller0: entered allmulticast mode [ 168.482076][ T8483] tipc: Resetting bearer [ 168.684037][ T89] smc: removing ib device syz1 [ 168.688247][ T6027] syz1: Port: 1 Link DOWN [ 168.774898][ T5952] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 168.780322][ T5952] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 168.786958][ T5952] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 168.791099][ T5952] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 168.795092][ T5952] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 169.594242][ T8489] chnl_net:caif_netlink_parms(): no params data found [ 169.615467][ T8509] tipc: Started in network mode [ 169.617295][ T8509] tipc: Node identity 9e7486f378e6, cluster identity 4711 [ 169.620424][ T8509] tipc: Enabled bearer , priority 0 [ 169.724762][ T8489] bridge0: port 1(bridge_slave_0) entered blocking state [ 169.727359][ T8489] bridge0: port 1(bridge_slave_0) entered disabled state [ 169.730117][ T8489] bridge_slave_0: entered allmulticast mode [ 169.733067][ T8489] bridge_slave_0: entered promiscuous mode [ 169.739364][ T8489] bridge0: port 2(bridge_slave_1) entered blocking state [ 169.742237][ T8489] bridge0: port 2(bridge_slave_1) entered disabled state [ 169.745113][ T8489] bridge_slave_1: entered allmulticast mode [ 169.748177][ T8489] bridge_slave_1: entered promiscuous mode [ 169.755703][ T8518] tipc: Enabling of bearer rejected, already enabled [ 169.773192][ T8514] syz_tun: entered allmulticast mode [ 169.792852][ T8489] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 169.801710][ T8489] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 169.805586][ T8514] syz_tun: left allmulticast mode [ 169.860266][ T8489] team0: Port device team_slave_0 added [ 169.900873][ T8489] team0: Port device team_slave_1 added [ 169.932619][ T8489] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 169.935059][ T8489] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 169.947403][ T8489] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 169.960010][ T8489] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 169.962516][ T8489] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 169.971408][ T8489] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 170.013707][ T8489] hsr_slave_0: entered promiscuous mode [ 170.016212][ T8489] hsr_slave_1: entered promiscuous mode [ 170.018574][ T8489] debugfs: 'hsr0' already exists in 'hsr' [ 170.020608][ T8489] Cannot create hsr debugfs directory [ 170.149369][ T8532] tipc: Started in network mode [ 170.151506][ T8532] tipc: Node identity ca80739f6226, cluster identity 4711 [ 170.155267][ T8532] tipc: Enabled bearer , priority 0 [ 170.230479][ T40] audit: type=1326 audit(1763494887.837:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8533 comm="syz.2.793" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 170.243701][ T40] audit: type=1326 audit(1763494887.837:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8533 comm="syz.2.793" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 170.250968][ T40] audit: type=1326 audit(1763494887.837:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8533 comm="syz.2.793" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 170.260357][ T40] audit: type=1326 audit(1763494887.837:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8533 comm="syz.2.793" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 170.268042][ T40] audit: type=1326 audit(1763494887.837:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8533 comm="syz.2.793" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 170.275169][ T40] audit: type=1326 audit(1763494887.837:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8533 comm="syz.2.793" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 170.282448][ T40] audit: type=1326 audit(1763494887.837:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8533 comm="syz.2.793" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 170.290850][ T40] audit: type=1326 audit(1763494887.837:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8533 comm="syz.2.793" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 170.298514][ T40] audit: type=1326 audit(1763494887.837:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8533 comm="syz.2.793" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 170.314260][ T8489] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 170.319065][ T8489] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 170.323354][ T8489] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 170.333851][ T8489] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 170.347728][ T8545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.796'. [ 170.415488][ T8489] 8021q: adding VLAN 0 to HW filter on device bond0 [ 170.440250][ T8489] 8021q: adding VLAN 0 to HW filter on device team0 [ 170.450069][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.452449][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 170.461373][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.463834][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 170.517496][ T89] bridge_slave_1: left allmulticast mode [ 170.519937][ T89] bridge_slave_1: left promiscuous mode [ 170.523979][ T89] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.531268][ T89] bridge_slave_0: left allmulticast mode [ 170.534233][ T89] bridge_slave_0: left promiscuous mode [ 170.536712][ T89] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.844479][ T89] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 170.848686][ T89] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 170.852302][ T89] bond0 (unregistering): Released all slaves [ 170.860515][ T6305] tipc: Node number set to 3868362483 [ 170.862680][ T8560] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 170.873756][ T5952] Bluetooth: hci3: command tx timeout [ 170.954382][ T89] IPVS: stopping master sync thread 7206 ... [ 171.014804][ T8489] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 171.153745][ T53] tipc: Node number set to 2829480863 [ 171.187659][ T8489] veth0_vlan: entered promiscuous mode [ 171.196555][ T8489] veth1_vlan: entered promiscuous mode [ 171.208109][ T89] hsr_slave_0: left promiscuous mode [ 171.212671][ T89] hsr_slave_1: left promiscuous mode [ 171.215341][ T89] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 171.218834][ T89] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 171.817377][ T89] team0 (unregistering): Port device team_slave_1 removed [ 171.883685][ T89] team0 (unregistering): Port device team_slave_0 removed [ 172.458953][ T8489] veth0_macvtap: entered promiscuous mode [ 172.471856][ T8489] veth1_macvtap: entered promiscuous mode [ 172.518785][ T8489] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 172.540537][ T8489] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 172.576176][ T1248] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.583602][ T1248] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.607091][ T1248] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.614494][ T1248] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 172.730961][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 172.742708][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.770230][ T1248] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 172.772838][ T1248] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.803224][ T8618] netlink: 14 bytes leftover after parsing attributes in process `syz.0.810'. [ 172.892082][ T8618] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 172.898872][ T8618] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 172.904676][ T8618] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 172.909617][ T8618] bond0 (unregistering): Released all slaves [ 172.965837][ T5952] Bluetooth: hci3: command tx timeout [ 173.585114][ T8650] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 173.587781][ T8650] IPv6: NLM_F_CREATE should be set when creating new route [ 173.635787][ T8655] netlink: 'syz.3.818': attribute type 1 has an invalid length. [ 173.669741][ T8655] bond2: (slave ipvlan3): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 173.676162][ T8655] bond2: (slave ipvlan3): The slave device specified does not support setting the MAC address [ 173.680896][ T8655] bond2: (slave ipvlan3): Setting fail_over_mac to active for active-backup mode [ 173.717820][ T8662] netlink: 4 bytes leftover after parsing attributes in process `syz.3.818'. [ 174.404345][ T8684] netlink: 'syz.2.826': attribute type 10 has an invalid length. [ 174.411576][ T8684] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 174.602383][ T40] kauditd_printk_skb: 32 callbacks suppressed [ 174.602400][ T40] audit: type=1326 audit(1763494892.207:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.4.832" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 174.624195][ T40] audit: type=1326 audit(1763494892.207:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.4.832" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 174.640410][ T40] audit: type=1326 audit(1763494892.207:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.4.832" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 174.650784][ T40] audit: type=1326 audit(1763494892.207:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.4.832" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 174.661389][ T40] audit: type=1326 audit(1763494892.207:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.4.832" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 174.681450][ T40] audit: type=1326 audit(1763494892.207:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.4.832" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 174.691709][ T40] audit: type=1326 audit(1763494892.207:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.4.832" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 174.704685][ T40] audit: type=1326 audit(1763494892.207:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.4.832" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 174.714904][ T40] audit: type=1326 audit(1763494892.217:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.4.832" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 174.716005][ T8694] random: crng reseeded on system resumption [ 174.726433][ T40] audit: type=1326 audit(1763494892.217:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8695 comm="syz.4.832" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf707d598 code=0x7ffc0000 [ 175.038880][ T8708] tipc: Started in network mode [ 175.041339][ T8708] tipc: Node identity 9e1bb2cb5733, cluster identity 4711 [ 175.045362][ T5952] Bluetooth: hci3: command tx timeout [ 175.048030][ T8708] tipc: Enabled bearer , priority 0 [ 175.052838][ T8708] syzkaller0: entered promiscuous mode [ 175.055529][ T8708] syzkaller0: entered allmulticast mode [ 175.074479][ T8708] tipc: Resetting bearer [ 175.090280][ T8706] tipc: Resetting bearer [ 175.100189][ T8706] tipc: Disabling bearer [ 175.539436][ T8717] syzkaller0: entered promiscuous mode [ 175.542057][ T8717] syzkaller0: entered allmulticast mode [ 175.570972][ T8717] tipc: Enabled bearer , priority 0 [ 175.575677][ T8716] tipc: Resetting bearer [ 175.586712][ T8716] tipc: Disabling bearer [ 175.738403][ T8721] netlink: 'syz.4.840': attribute type 1 has an invalid length. [ 175.830788][ T8723] tipc: Enabled bearer , priority 0 [ 175.835336][ T8723] syzkaller0: entered promiscuous mode [ 175.837264][ T8723] syzkaller0: entered allmulticast mode [ 175.851144][ T8723] tipc: Resetting bearer [ 175.856558][ T8722] tipc: Resetting bearer [ 175.877229][ T8722] tipc: Disabling bearer [ 176.986668][ T8743] overlayfs: failed to resolve './file0': -2 [ 177.197877][ T8753] netlink: zone id is out of range [ 177.224666][ T8753] netlink: set zone limit has 4 unknown bytes [ 178.294547][ T8772] netlink: 'syz.2.856': attribute type 2 has an invalid length. [ 178.314893][ T8772] !: entered promiscuous mode [ 178.322730][ T8772] netlink: 'syz.2.856': attribute type 2 has an invalid length. [ 178.326808][ T8772] !: left promiscuous mode [ 179.623586][ T54] usb 9-1: new low-speed USB device number 2 using dummy_hcd [ 179.785767][ T54] usb 9-1: config 0 has an invalid interface number: 1 but max is 0 [ 179.790332][ T54] usb 9-1: config 0 has no interface number 0 [ 179.795349][ T54] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 179.800557][ T54] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 179.804430][ T54] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 179.808527][ T54] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.814009][ T54] usb 9-1: config 0 descriptor?? [ 179.816636][ T8790] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 179.824173][ T54] iowarrior 9-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 180.553638][ T5955] Bluetooth: hci1: command 0x0406 tx timeout [ 182.536430][ T5952] Bluetooth: hci1: Dropping invalid advertising data [ 182.539400][ T5952] Bluetooth: hci1: Malformed LE Event: 0x02 [ 182.575639][ T8846] sch_tbf: burst 2 is lower than device syzkaller0 mtu (313) ! [ 182.588532][ T5988] IPVS: starting estimator thread 0... [ 182.673768][ T8849] IPVS: using max 44 ests per chain, 105600 per kthread [ 184.374476][ T8865] orangefs_mount: mount request failed with -4 [ 184.512685][ T40] kauditd_printk_skb: 797 callbacks suppressed [ 184.512696][ T40] audit: type=1326 audit(1763494902.117:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.2.885" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 184.537586][ T40] audit: type=1326 audit(1763494902.127:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.2.885" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 184.553568][ T40] audit: type=1326 audit(1763494902.137:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.2.885" exe="/syz-executor" sig=0 arch=40000003 syscall=70 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 184.565993][ T40] audit: type=1326 audit(1763494902.137:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.2.885" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 184.593659][ T40] audit: type=1326 audit(1763494902.137:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.2.885" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 184.600712][ T40] audit: type=1326 audit(1763494902.137:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.2.885" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 184.610266][ T40] audit: type=1326 audit(1763494902.137:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.2.885" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 184.617744][ T40] audit: type=1326 audit(1763494902.137:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.2.885" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 184.627123][ T40] audit: type=1326 audit(1763494902.137:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.2.885" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 184.634583][ T40] audit: type=1326 audit(1763494902.137:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8880 comm="syz.2.885" exe="/syz-executor" sig=0 arch=40000003 syscall=363 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 184.934090][ T8906] netlink: 4 bytes leftover after parsing attributes in process `syz.0.891'. [ 184.938828][ T8906] netlink: 4 bytes leftover after parsing attributes in process `syz.0.891'. [ 184.952608][ T8906] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 184.959902][ T8906] netlink: 104 bytes leftover after parsing attributes in process `syz.0.891'. [ 184.963937][ T8906] netlink: 104 bytes leftover after parsing attributes in process `syz.0.891'. [ 185.338875][ T8926] netlink: 16 bytes leftover after parsing attributes in process `syz.3.892'. [ 185.347535][ T8926] netlink: 16 bytes leftover after parsing attributes in process `syz.3.892'. [ 186.835420][ T8947] netlink: 16 bytes leftover after parsing attributes in process `syz.4.902'. [ 186.950007][ T8950] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 186.966231][ T8950] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 187.580801][ T8951] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 188.869081][ T8973] netlink: zone id is out of range [ 189.174344][ T8968] program syz.4.906 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 191.158366][ T9020] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 191.970444][ T9035] bond0: (slave wlan1): Releasing backup interface [ 192.212106][ T9042] futex_wake_op: syz.0.927 tries to shift op by 32; fix this program [ 193.060968][ T9058] fuse: Invalid rootmode [ 193.575236][ T40] kauditd_printk_skb: 11 callbacks suppressed [ 193.575249][ T40] audit: type=1326 audit(1763494911.187:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9063 comm="syz.4.934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 193.590376][ T40] audit: type=1326 audit(1763494911.187:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9063 comm="syz.4.934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 193.599269][ T9064] netlink: 14 bytes leftover after parsing attributes in process `syz.4.934'. [ 193.600264][ T40] audit: type=1326 audit(1763494911.187:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9063 comm="syz.4.934" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 193.611349][ T40] audit: type=1326 audit(1763494911.187:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9063 comm="syz.4.934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 193.619028][ T40] audit: type=1326 audit(1763494911.187:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9063 comm="syz.4.934" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 193.625823][ T40] audit: type=1326 audit(1763494911.187:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9063 comm="syz.4.934" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 193.632594][ T40] audit: type=1326 audit(1763494911.187:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9063 comm="syz.4.934" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 193.640242][ T40] audit: type=1326 audit(1763494911.187:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9063 comm="syz.4.934" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 193.647539][ T40] audit: type=1326 audit(1763494911.187:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9063 comm="syz.4.934" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 193.654187][ T40] audit: type=1326 audit(1763494911.187:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9063 comm="syz.4.934" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 193.712895][ T9064] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 193.718197][ T9064] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 193.722094][ T9064] bond0 (unregistering): Released all slaves [ 195.780086][ T9079] netlink: 8 bytes leftover after parsing attributes in process `syz.3.938'. [ 198.633134][ T9112] Process accounting resumed [ 198.960805][ T9124] ======================================================= [ 198.960805][ T9124] WARNING: The mand mount option has been deprecated and [ 198.960805][ T9124] and is ignored by this kernel. Remove the mand [ 198.960805][ T9124] option from the mount to silence this warning. [ 198.960805][ T9124] ======================================================= [ 198.961425][ T1416] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.893777][ T9139] netlink: 16 bytes leftover after parsing attributes in process `syz.0.953'. [ 199.971391][ T9143] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7) [ 199.973573][ T9143] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 199.987967][ T9143] vhci_hcd vhci_hcd.0: Device attached [ 200.244006][ T34] usb 37-1: new low-speed USB device number 2 using vhci_hcd [ 200.457623][ T5952] Bluetooth: hci1: Dropping invalid advertising data [ 200.460580][ T5952] Bluetooth: hci1: Malformed LE Event: 0x02 [ 200.601232][ T40] kauditd_printk_skb: 20 callbacks suppressed [ 200.601248][ T40] audit: type=1326 audit(1763494918.207:1012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9178 comm="syz.4.958" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf707d579 code=0x0 [ 200.725837][ T9182] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11) [ 200.728000][ T9182] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 200.730571][ T9182] vhci_hcd vhci_hcd.0: Device attached [ 200.993613][ T10] usb 45-1: new high-speed USB device number 2 using vhci_hcd [ 201.412179][ T9183] vhci_hcd: connection reset by peer [ 201.416657][ T1248] vhci_hcd: stop threads [ 201.418369][ T1248] vhci_hcd: release socket [ 201.420580][ T1248] vhci_hcd: disconnect device [ 201.481571][ T9192] netlink: 32 bytes leftover after parsing attributes in process `syz.3.959'. [ 201.485269][ T9192] netlink: 32 bytes leftover after parsing attributes in process `syz.3.959'. [ 201.516921][ T9192] netlink: 32 bytes leftover after parsing attributes in process `syz.3.959'. [ 201.520017][ T9192] netlink: 32 bytes leftover after parsing attributes in process `syz.3.959'. [ 201.575664][ T9192] netlink: 32 bytes leftover after parsing attributes in process `syz.3.959'. [ 201.578933][ T9192] netlink: 32 bytes leftover after parsing attributes in process `syz.3.959'. [ 202.086809][ T9197] Process accounting resumed [ 202.269415][ T9204] netlink: 8 bytes leftover after parsing attributes in process `syz.3.962'. [ 202.272281][ T9204] netlink: 4 bytes leftover after parsing attributes in process `syz.3.962'. [ 202.275288][ T9204] netlink: 'syz.3.962': attribute type 13 has an invalid length. [ 202.277823][ T9204] netlink: 'syz.3.962': attribute type 12 has an invalid length. [ 202.287893][ T9204] netlink: 4 bytes leftover after parsing attributes in process `syz.3.962'. [ 202.768215][ T5952] Bluetooth: hci1: Dropping invalid advertising data [ 202.770486][ T5952] Bluetooth: hci1: Malformed LE Event: 0x02 [ 202.914213][ T9144] vhci_hcd: connection reset by peer [ 202.919105][ T1145] vhci_hcd: stop threads [ 202.920682][ T1145] vhci_hcd: release socket [ 202.922501][ T1145] vhci_hcd: disconnect device [ 204.652197][ T9251] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 204.654916][ T9251] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 204.673162][ T9251] vhci_hcd vhci_hcd.0: Device attached [ 204.684066][ T40] audit: type=1326 audit(1763494922.297:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.4.974" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 204.691244][ T40] audit: type=1326 audit(1763494922.297:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.4.974" exe="/syz-executor" sig=0 arch=40000003 syscall=394 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 204.698651][ T40] audit: type=1326 audit(1763494922.297:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.4.974" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 204.710438][ T40] audit: type=1326 audit(1763494922.297:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.4.974" exe="/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 204.733756][ T40] audit: type=1326 audit(1763494922.297:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.4.974" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 204.748786][ T40] audit: type=1326 audit(1763494922.297:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.4.974" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 204.762060][ T40] audit: type=1326 audit(1763494922.297:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.4.974" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 204.778036][ T40] audit: type=1326 audit(1763494922.307:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9242 comm="syz.4.974" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707d579 code=0x7ffc0000 [ 205.281922][ T9261] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 205.402416][ T34] vhci_hcd: vhci_device speed not set [ 205.439793][ T9252] vhci_hcd: connection closed [ 205.440119][ T1153] vhci_hcd: stop threads [ 205.443263][ T1153] vhci_hcd: release socket [ 205.445328][ T1153] vhci_hcd: disconnect device [ 206.143603][ T10] vhci_hcd: vhci_device speed not set [ 206.352390][ T9288] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.356237][ T9288] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.571913][ T9288] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 206.584745][ T9288] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 206.907189][ T13] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.911421][ T13] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.915329][ T13] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.918987][ T13] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.214154][ T53] usb usb46-port1: attempt power cycle [ 208.774583][ T53] usb usb46-port1: unable to enumerate USB device [ 208.828595][ T9316] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 208.831599][ T9316] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 211.564474][ T5952] Bluetooth: hci3: Dropping invalid advertising data [ 211.567338][ T5952] Bluetooth: hci3: Malformed LE Event: 0x02 [ 212.036236][ T1248] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 212.040875][ T1248] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 214.043324][ T9399] netlink: 'syz.0.1010': attribute type 10 has an invalid length. [ 214.275349][ T9402] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 215.564996][ T5955] Bluetooth: hci1: Dropping invalid advertising data [ 215.568749][ T5955] Bluetooth: hci1: Malformed LE Event: 0x02 [ 216.393668][ T5952] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 216.393744][ T5955] Bluetooth: hci4: command 0x1003 tx timeout [ 216.918643][ T9450] netlink: 'syz.2.1028': attribute type 21 has an invalid length. [ 217.397977][ T9444] delete_channel: no stack [ 217.428044][ T9453] binder: 9451:9453 ioctl 40182103 80000300 returned -22 [ 217.436387][ T9452] sctp: [Deprecated]: syz.4.1029 (pid 9452) Use of struct sctp_assoc_value in delayed_ack socket option. [ 217.436387][ T9452] Use struct sctp_sack_info instead [ 217.767243][ T9464] 9pnet_fd: Insufficient options for proto=fd [ 218.344794][ T40] audit: type=1804 audit(1763494935.957:1021): pid=9477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1034" name="/newroot/246/file0" dev="tmpfs" ino=1328 res=1 errno=0 [ 218.646300][ T9474] /dev/sr0: Can't open blockdev [ 218.913869][ T9487] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6) [ 218.916094][ T9487] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 218.918972][ T9487] vhci_hcd vhci_hcd.0: Device attached [ 219.193954][ T53] usb 46-1: SetAddress Request (6) to port 0 [ 219.196347][ T53] usb 46-1: new SuperSpeed USB device number 6 using vhci_hcd [ 219.463693][ T9488] vhci_hcd: connection reset by peer [ 219.488990][ T61] vhci_hcd: stop threads [ 219.490864][ T61] vhci_hcd: release socket [ 219.492879][ T61] vhci_hcd: disconnect device [ 220.167166][ T9503] bridge0: port 1(team_slave_1) entered blocking state [ 220.169666][ T9503] bridge0: port 1(team_slave_1) entered disabled state [ 220.172078][ T9503] team_slave_1: entered allmulticast mode [ 220.177359][ T9503] team_slave_1: entered promiscuous mode [ 220.182981][ T9503] team_slave_1: left allmulticast mode [ 220.185075][ T9503] team_slave_1: left promiscuous mode [ 220.188605][ T9503] bridge0: port 1(team_slave_1) entered disabled state [ 221.178967][ T5952] Bluetooth: hci1: Dropping invalid advertising data [ 221.181360][ T5952] Bluetooth: hci1: Malformed LE Event: 0x02 [ 221.760806][ T9541] __nla_validate_parse: 1 callbacks suppressed [ 221.760821][ T9541] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1044'. [ 221.775579][ T9541] ip6erspan0: entered allmulticast mode [ 221.869155][ T9540] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1047'. [ 221.872142][ T9540] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1047'. [ 223.265805][ T9559] bond3: entered promiscuous mode [ 223.285025][ T9559] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 223.290347][ T9559] bond3: (slave macvlan2): Enslaving as an active interface with a down link [ 223.540352][ T9559] infiniband syz1: set active [ 223.542606][ T9559] infiniband syz1: added syz_tun [ 223.578374][ T9559] RDS/IB: syz1: added [ 223.580394][ T9559] smc: adding ib device syz1 with port count 1 [ 223.582771][ T9559] smc: ib device syz1 port 1 has pnetid SYZ2 (user defined) [ 223.682962][ T9568] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 223.685148][ T9568] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 223.693649][ T9568] vhci_hcd vhci_hcd.0: Device attached [ 223.849881][ T9569] vhci_hcd: connection closed [ 223.850392][ T61] vhci_hcd: stop threads [ 223.854532][ T61] vhci_hcd: release socket [ 223.857346][ T61] vhci_hcd: disconnect device [ 224.017654][ T9572] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1053'. [ 224.288421][ T53] usb 46-1: device descriptor read/8, error -110 [ 225.093663][ T53] usb usb46-port1: attempt power cycle [ 225.784943][ T9597] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 225.878255][ T53] usb usb46-port1: unable to enumerate USB device [ 227.553723][ T9619] sctp: [Deprecated]: syz.3.1063 (pid 9619) Use of struct sctp_assoc_value in delayed_ack socket option. [ 227.553723][ T9619] Use struct sctp_sack_info instead [ 228.841612][ T9634] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 229.479302][ T9651] 9pnet_fd: Insufficient options for proto=fd [ 229.849967][ T9649] lo speed is unknown, defaulting to 1000 [ 229.852344][ T9649] lo speed is unknown, defaulting to 1000 [ 229.855220][ T9649] lo speed is unknown, defaulting to 1000 [ 229.864653][ T9649] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 229.881789][ T9649] lo speed is unknown, defaulting to 1000 [ 229.885202][ T9657] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1073'. [ 229.885390][ T9649] lo speed is unknown, defaulting to 1000 [ 229.891973][ T9649] lo speed is unknown, defaulting to 1000 [ 229.895396][ T9649] lo speed is unknown, defaulting to 1000 [ 230.508328][ T9669] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1077'. [ 230.548227][ T9669] macvlan3: entered allmulticast mode [ 230.550717][ T9669] veth1_vlan: entered allmulticast mode [ 230.561014][ T9669] veth1_vlan: left allmulticast mode [ 230.793112][ T5952] Bluetooth: hci3: Dropping invalid advertising data [ 230.796376][ T5952] Bluetooth: hci3: Malformed LE Event: 0x02 [ 231.257820][ T9676] rdma_rxe: rxe_newlink: failed to add bridge_slave_1 [ 232.698016][ T9705] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 232.710263][ T9705] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 232.748378][ T9701] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1086'. [ 232.777507][ T9706] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 234.570815][ T40] audit: type=1326 audit(1763494952.177:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 234.578479][ T40] audit: type=1326 audit(1763494952.177:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 234.589449][ T40] audit: type=1326 audit(1763494952.187:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1104" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 234.597024][ T40] audit: type=1326 audit(1763494952.187:1025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 234.604280][ T40] audit: type=1326 audit(1763494952.187:1026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 234.611362][ T40] audit: type=1326 audit(1763494952.187:1027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1104" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 234.618682][ T40] audit: type=1326 audit(1763494952.187:1028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 234.626365][ T40] audit: type=1326 audit(1763494952.187:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 234.633990][ T40] audit: type=1326 audit(1763494952.197:1030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1104" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 234.641523][ T40] audit: type=1326 audit(1763494952.197:1031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9745 comm="syz.0.1104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 235.002542][ T9758] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 235.383402][ T5952] Bluetooth: hci1: Dropping invalid advertising data [ 235.386870][ T5952] Bluetooth: hci1: Malformed LE Event: 0x02 [ 236.533252][ T5952] Bluetooth: hci1: Dropping invalid advertising data [ 236.535986][ T5952] Bluetooth: hci1: Malformed LE Event: 0x02 [ 237.456068][ T9816] netlink: 'syz.4.1128': attribute type 13 has an invalid length. [ 237.686181][ T9828] netlink: 'syz.2.1129': attribute type 13 has an invalid length. [ 239.277662][ T9850] netlink: 'syz.3.1138': attribute type 13 has an invalid length. [ 239.480277][ T9857] netlink: 'syz.4.1139': attribute type 13 has an invalid length. [ 239.898380][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 241.076737][ T9879] netlink: 'syz.3.1145': attribute type 13 has an invalid length. [ 241.913766][ T5955] Bluetooth: hci4: command 0x1003 tx timeout [ 241.918551][ T5952] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 242.662039][ T9908] netlink: 'syz.0.1152': attribute type 13 has an invalid length. [ 243.055399][ T9908] tipc: Resetting bearer [ 243.203859][ T53] lo speed is unknown, defaulting to 1000 [ 243.437880][ T40] kauditd_printk_skb: 25 callbacks suppressed [ 243.437890][ T40] audit: type=1107 audit(1763494961.047:1057): pid=9914 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 243.622221][ T9925] netlink: 'syz.0.1156': attribute type 13 has an invalid length. [ 243.652658][ T9925] tipc: Resetting bearer [ 243.747616][ T9928] netlink: 'syz.4.1157': attribute type 13 has an invalid length. [ 244.355574][ T9932] netlink: 'syz.3.1158': attribute type 13 has an invalid length. [ 244.608836][ T9939] netlink: 'syz.2.1159': attribute type 13 has an invalid length. [ 244.792547][ T9943] netlink: 'syz.4.1161': attribute type 1 has an invalid length. [ 244.836796][ T9945] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 244.841555][ T9945] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address [ 244.847359][ T9945] bond0: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode [ 244.891095][ T9943] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1161'. [ 245.290554][ T9955] netlink: 'syz.3.1164': attribute type 13 has an invalid length. [ 245.308311][ T9956] netlink: 'syz.4.1163': attribute type 13 has an invalid length. [ 245.498756][ T9964] netlink: 'syz.2.1165': attribute type 13 has an invalid length. [ 245.832089][ T9966] netlink: 'syz.0.1166': attribute type 13 has an invalid length. [ 245.859009][ T9966] tipc: Resetting bearer [ 246.669867][ T9983] tipc: Resetting bearer [ 247.883788][T10002] validate_nla: 4 callbacks suppressed [ 247.883805][T10002] netlink: 'syz.2.1173': attribute type 13 has an invalid length. [ 249.046020][T10020] netlink: 'syz.0.1179': attribute type 13 has an invalid length. [ 249.092014][T10020] tipc: Resetting bearer [ 249.840927][T10032] netlink: 'syz.2.1182': attribute type 13 has an invalid length. [ 250.938564][T10044] netlink: 'syz.3.1186': attribute type 13 has an invalid length. [ 251.973306][T10060] netlink: 'syz.0.1189': attribute type 13 has an invalid length. [ 251.991625][T10060] tipc: Resetting bearer [ 252.077191][T10063] netlink: 'syz.2.1190': attribute type 13 has an invalid length. [ 252.847671][T10072] netlink: 'syz.3.1192': attribute type 13 has an invalid length. [ 252.976969][T10077] netlink: 'syz.0.1193': attribute type 13 has an invalid length. [ 253.072554][T10077] tipc: Resetting bearer [ 253.088807][T10079] netlink: 'syz.2.1194': attribute type 13 has an invalid length. [ 254.059397][T10090] netlink: 'syz.3.1196': attribute type 13 has an invalid length. [ 254.245262][T10095] netlink: 'syz.0.1197': attribute type 13 has an invalid length. [ 254.261460][T10096] netlink: 'syz.2.1198': attribute type 13 has an invalid length. [ 254.278230][T10095] tipc: Resetting bearer [ 255.038187][T10110] netlink: 'syz.3.1201': attribute type 13 has an invalid length. [ 255.172123][T10112] netlink: 'syz.0.1202': attribute type 13 has an invalid length. [ 255.204277][T10112] tipc: Resetting bearer [ 255.944367][T10125] netlink: 'syz.4.1204': attribute type 13 has an invalid length. [ 258.683600][T10163] netlink: 'syz.4.1214': attribute type 13 has an invalid length. [ 258.934088][T10170] netlink: 'syz.2.1215': attribute type 13 has an invalid length. [ 259.029044][T10172] netlink: 'syz.0.1216': attribute type 13 has an invalid length. [ 259.049003][T10172] tipc: Resetting bearer [ 259.660956][T10178] netlink: 'syz.3.1218': attribute type 13 has an invalid length. [ 260.140111][T10188] netlink: 'syz.4.1219': attribute type 13 has an invalid length. [ 260.397439][ T1416] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.234745][T10206] netlink: 'syz.0.1225': attribute type 13 has an invalid length. [ 261.252652][T10206] tipc: Resetting bearer [ 261.299722][T10210] netlink: 'syz.2.1226': attribute type 13 has an invalid length. [ 261.855848][T10218] netlink: 'syz.3.1228': attribute type 13 has an invalid length. [ 262.144561][T10224] netlink: 'syz.0.1229': attribute type 13 has an invalid length. [ 262.159095][T10224] tipc: Resetting bearer [ 262.692637][ T5952] Bluetooth: hci3: Dropping invalid advertising data [ 262.695193][ T5952] Bluetooth: hci3: Malformed LE Event: 0x02 [ 262.793648][T10233] netlink: 'syz.3.1233': attribute type 13 has an invalid length. [ 263.357100][ T40] audit: type=1326 audit(1763494980.967:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10242 comm="syz.2.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 263.365054][ T40] audit: type=1326 audit(1763494980.967:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10242 comm="syz.2.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 263.376274][ T40] audit: type=1326 audit(1763494980.967:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10242 comm="syz.2.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 263.383664][ T40] audit: type=1326 audit(1763494980.967:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10242 comm="syz.2.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 263.395435][ T40] audit: type=1326 audit(1763494980.967:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10242 comm="syz.2.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 263.402912][ T40] audit: type=1326 audit(1763494980.967:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10242 comm="syz.2.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 263.412021][ T40] audit: type=1326 audit(1763494980.967:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10242 comm="syz.2.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 263.421064][ T40] audit: type=1326 audit(1763494980.967:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10242 comm="syz.2.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 263.430379][ T40] audit: type=1326 audit(1763494980.967:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10242 comm="syz.2.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 263.439569][ T40] audit: type=1326 audit(1763494980.967:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10242 comm="syz.2.1236" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf701d579 code=0x7ffc0000 [ 264.147089][T10256] netlink: 'syz.0.1238': attribute type 13 has an invalid length. [ 264.269078][T10256] tipc: Resetting bearer [ 264.825324][T10266] netlink: 'syz.3.1241': attribute type 13 has an invalid length. [ 264.889515][T10268] netlink: 'syz.2.1242': attribute type 13 has an invalid length. [ 264.975824][T10270] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1243'. [ 264.979407][T10270] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1243'. [ 264.991661][T10270] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1243'. [ 264.994978][T10270] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1243'. [ 265.180532][ T5952] Bluetooth: hci3: Dropping invalid advertising data [ 265.183002][ T5952] Bluetooth: hci3: Malformed LE Event: 0x02 [ 267.529553][T10295] orangefs_mount: mount request failed with -4 [ 267.825350][T10312] netlink: 'syz.4.1254': attribute type 13 has an invalid length. [ 267.852873][T10311] netlink: 'syz.0.1253': attribute type 13 has an invalid length. [ 267.901328][T10311] tipc: Resetting bearer [ 268.699481][T10321] netlink: 'syz.2.1255': attribute type 13 has an invalid length. [ 268.737111][T10323] netlink: 'syz.4.1257': attribute type 13 has an invalid length. [ 269.097359][T10329] netlink: 'syz.3.1258': attribute type 13 has an invalid length. [ 269.741998][T10339] bond0: entered promiscuous mode [ 269.770254][T10335] bond0: (slave macvlan2): Opening slave failed [ 269.863122][T10335] rdma_rxe: rxe_newlink: failed to add syz_tun [ 271.115975][T10376] netlink: 'syz.2.1265': attribute type 13 has an invalid length. [ 272.080451][T10389] netlink: 'syz.3.1267': attribute type 13 has an invalid length. [ 272.294810][T10391] gfs2: error -5 reading superblock [ 273.216632][T10407] syz.0.1272 (10407): /proc/10402/oom_adj is deprecated, please use /proc/10402/oom_score_adj instead. [ 273.785900][T10416] netlink: 'syz.4.1275': attribute type 13 has an invalid length. [ 274.040051][T10423] netlink: 'syz.0.1276': attribute type 13 has an invalid length. [ 274.307910][T10423] tipc: Resetting bearer [ 275.382505][T10447] netlink: 'syz.4.1281': attribute type 13 has an invalid length. [ 276.400832][T10461] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 277.020384][T10465] netlink: 'syz.3.1287': attribute type 13 has an invalid length. [ 277.828631][T10477] netlink: 'syz.3.1290': attribute type 13 has an invalid length. [ 278.406301][ T5955] Bluetooth: hci3: command 0x0406 tx timeout [ 278.431961][T10483] netlink: 'syz.4.1291': attribute type 13 has an invalid length. [ 278.596630][T10487] netlink: 'syz.2.1293': attribute type 13 has an invalid length. [ 279.688845][T10504] netlink: 'syz.3.1297': attribute type 13 has an invalid length. [ 280.967030][T10521] netlink: 'syz.3.1302': attribute type 13 has an invalid length. [ 281.068534][T10524] netlink: 'syz.2.1303': attribute type 13 has an invalid length. [ 281.622813][T10531] netlink: 'syz.0.1305': attribute type 13 has an invalid length. [ 281.870506][T10531] tipc: Resetting bearer [ 282.016711][T10539] netlink: 'syz.2.1307': attribute type 13 has an invalid length. [ 284.327241][T10573] netlink: 'syz.2.1316': attribute type 13 has an invalid length. [ 284.784067][T10580] netlink: 'syz.0.1318': attribute type 13 has an invalid length. [ 284.801424][T10580] tipc: Resetting bearer [ 287.068672][T10616] netlink: 'syz.0.1326': attribute type 13 has an invalid length. [ 287.105290][T10616] tipc: Resetting bearer [ 287.348636][T10620] netlink: 'syz.3.1327': attribute type 13 has an invalid length. [ 287.711189][T10626] netlink: 'syz.2.1328': attribute type 13 has an invalid length. [ 288.622192][T10643] netlink: 'syz.2.1334': attribute type 13 has an invalid length. [ 291.126661][T10679] netlink: 'syz.0.1342': attribute type 13 has an invalid length. [ 291.154313][T10679] tipc: Resetting bearer [ 293.203649][ T5955] Bluetooth: hci3: command 0x0406 tx timeout [ 293.454008][T10738] netlink: 'syz.0.1349': attribute type 13 has an invalid length. [ 293.506234][T10738] tipc: Resetting bearer [ 294.966660][T10755] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 296.076606][T10772] netlink: 'syz.2.1357': attribute type 13 has an invalid length. [ 296.760278][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 296.765356][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 297.429100][ T5952] Bluetooth: hci1: unknown advertising packet type: 0xff [ 297.429133][ T5952] Bluetooth: hci1: Dropping invalid advertising data [ 297.466760][ T5952] Bluetooth: hci1: Malformed LE Event: 0x02 [ 297.472757][T10785] netlink: 'syz.4.1361': attribute type 13 has an invalid length. [ 298.306408][T10798] netlink: 'syz.2.1365': attribute type 13 has an invalid length. [ 299.175277][T10810] netlink: 'syz.0.1367': attribute type 13 has an invalid length. [ 299.224236][T10810] tipc: Resetting bearer [ 302.415158][T10843] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1376'. [ 302.819369][T10847] block device autoloading is deprecated and will be removed. [ 302.997036][T10857] netlink: 'syz.4.1379': attribute type 13 has an invalid length. [ 303.392526][T10847] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1377'. [ 304.581631][T10879] netlink: 'syz.2.1384': attribute type 13 has an invalid length. [ 306.678159][T10905] netlink: 'syz.2.1391': attribute type 13 has an invalid length. [ 307.907176][T10924] netlink: 'syz.3.1396': attribute type 13 has an invalid length. [ 309.199691][T10945] netlink: 'syz.4.1400': attribute type 13 has an invalid length. [ 309.215098][T10947] netlink: 'syz.0.1401': attribute type 13 has an invalid length. [ 309.241723][T10947] tipc: Resetting bearer [ 310.201870][T10962] netlink: 'syz.4.1405': attribute type 13 has an invalid length. [ 310.291459][T10964] netlink: 'syz.0.1406': attribute type 13 has an invalid length. [ 310.487189][T10964] tipc: Resetting bearer [ 312.998077][T11007] netlink: 'syz.3.1417': attribute type 13 has an invalid length. [ 313.533551][T11011] fuse: Invalid rootmode [ 314.105587][T11022] netlink: 'syz.3.1420': attribute type 13 has an invalid length. [ 315.207247][T11027] Process accounting resumed [ 315.469244][T11042] netlink: 'syz.2.1427': attribute type 13 has an invalid length. [ 317.408438][T11065] netlink: 'syz.4.1438': attribute type 13 has an invalid length. [ 318.257090][T11072] netlink: 'syz.3.1432': attribute type 13 has an invalid length. [ 320.454023][T11104] netlink: 'syz.3.1441': attribute type 13 has an invalid length. [ 321.382222][T11111] rdma_rxe: rxe_newlink: failed to add bridge_slave_1 [ 323.781744][T11149] netlink: 'syz.0.1449': attribute type 13 has an invalid length. [ 323.805347][T11149] tipc: Resetting bearer [ 325.167921][T11172] netlink: 'syz.3.1457': attribute type 13 has an invalid length. [ 327.100466][T11192] netlink: 'syz.4.1462': attribute type 13 has an invalid length. [ 327.939398][T11201] netlink: 'syz.0.1464': attribute type 13 has an invalid length. [ 328.026524][T11201] tipc: Resetting bearer [ 328.324058][T11206] netlink: 'syz.2.1465': attribute type 13 has an invalid length. [ 328.936382][T11217] netlink: 'syz.0.1467': attribute type 13 has an invalid length. [ 328.949514][T11217] tipc: Resetting bearer [ 330.889312][T11244] netlink: 'syz.2.1475': attribute type 13 has an invalid length. [ 331.934201][T11258] netlink: 'syz.0.1478': attribute type 13 has an invalid length. [ 331.957670][T11258] tipc: Resetting bearer [ 332.106627][T11264] netlink: 'syz.4.1480': attribute type 13 has an invalid length. [ 333.466847][T11285] netlink: 'syz.2.1485': attribute type 13 has an invalid length. [ 334.595267][T11301] netlink: 'syz.2.1489': attribute type 13 has an invalid length. [ 337.470251][T11333] netlink: 'syz.2.1497': attribute type 13 has an invalid length. [ 338.293134][T11348] netlink: 'syz.3.1499': attribute type 13 has an invalid length. [ 339.273858][T11363] netlink: 'syz.3.1504': attribute type 13 has an invalid length. [ 341.618635][T11394] netlink: 'syz.2.1510': attribute type 13 has an invalid length. [ 341.704135][T11396] netlink: 'syz.3.1511': attribute type 13 has an invalid length. [ 342.354357][T11406] netlink: 'syz.4.1513': attribute type 13 has an invalid length. [ 343.523626][T11423] netlink: 'syz.4.1517': attribute type 13 has an invalid length. [ 345.785152][T11457] netlink: 'syz.4.1525': attribute type 13 has an invalid length. [ 347.577128][T11482] netlink: 'syz.0.1530': attribute type 13 has an invalid length. [ 347.609071][T11482] tipc: Resetting bearer [ 348.566821][T11498] netlink: 'syz.4.1533': attribute type 13 has an invalid length. [ 349.243598][T11508] netlink: 'syz.2.1536': attribute type 13 has an invalid length. [ 349.399524][T11513] netlink: 'syz.4.1537': attribute type 13 has an invalid length. [ 349.810574][T11518] netlink: 'syz.3.1539': attribute type 13 has an invalid length. [ 350.454534][T11528] netlink: 'syz.4.1541': attribute type 13 has an invalid length. [ 351.063458][T11544] netlink: 'syz.2.1545': attribute type 13 has an invalid length. [ 351.655168][T11554] netlink: 'syz.4.1546': attribute type 13 has an invalid length. [ 356.468828][T11615] netlink: 'syz.3.1561': attribute type 13 has an invalid length. [ 357.327941][T11627] netlink: 'syz.0.1564': attribute type 13 has an invalid length. [ 357.391002][T11627] tipc: Resetting bearer [ 359.007143][T11655] netlink: 'syz.3.1570': attribute type 13 has an invalid length. [ 360.457213][T11680] netlink: 'syz.3.1577': attribute type 13 has an invalid length. [ 362.411582][T11715] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1583'. [ 362.991473][T11726] netlink: 'syz.4.1586': attribute type 13 has an invalid length. [ 363.999819][T11736] netlink: 'syz.4.1587': attribute type 13 has an invalid length. [ 364.690849][T11745] netlink: 'syz.2.1589': attribute type 13 has an invalid length. [ 364.841213][T11749] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1591'. [ 365.764963][T11757] netlink: 'syz.2.1593': attribute type 13 has an invalid length. [ 366.899864][T11775] netlink: 'syz.2.1597': attribute type 13 has an invalid length. [ 367.836697][T11785] netlink: 'syz.4.1600': attribute type 13 has an invalid length. [ 371.198999][T11833] netlink: 'syz.4.1611': attribute type 13 has an invalid length. [ 374.028821][T11872] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1621'. [ 380.570435][T11956] netlink: 'syz.2.1640': attribute type 13 has an invalid length. [ 380.574129][T11956] gretap0: refused to change device tx_queue_len [ 380.576337][T11956] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 381.730937][T11971] netlink: 'syz.3.1644': attribute type 13 has an invalid length. [ 383.140832][T11990] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1647'. [ 383.167875][T11988] netlink: 'syz.3.1648': attribute type 13 has an invalid length. [ 383.445343][T11988] gretap0: refused to change device tx_queue_len [ 383.447935][T11988] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 385.037991][T12019] netlink: 'syz.3.1655': attribute type 13 has an invalid length. [ 385.041553][T12019] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1655'. [ 388.369507][T12075] netlink: 'syz.4.1666': attribute type 13 has an invalid length. [ 388.373388][T12075] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1666'. [ 389.565641][T12086] netlink: 'syz.0.1671': attribute type 13 has an invalid length. [ 389.568296][T12086] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1671'. [ 390.749779][T12112] netlink: 'syz.3.1677': attribute type 13 has an invalid length. [ 390.756026][T12112] gretap0: refused to change device tx_queue_len [ 390.758543][T12112] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 392.128129][T12130] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1681'. [ 392.803166][T12139] netlink: 'syz.4.1683': attribute type 13 has an invalid length. [ 393.260472][T12149] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1685'. [ 394.159190][T12159] netlink: 'syz.2.1689': attribute type 13 has an invalid length. [ 394.165844][T12159] gretap0: refused to change device tx_queue_len [ 394.168867][T12159] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 394.438491][T12166] netlink: 'syz.0.1690': attribute type 13 has an invalid length. [ 394.441992][T12166] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1690'. [ 395.124641][T12175] netlink: 'syz.3.1692': attribute type 13 has an invalid length. [ 400.065813][T12242] netlink: 'syz.2.1711': attribute type 13 has an invalid length. [ 400.068537][T12242] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1711'. [ 401.024808][T12252] netlink: 'syz.4.1712': attribute type 13 has an invalid length. [ 401.028172][T12252] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1712'. [ 401.295087][T12258] netlink: 'syz.0.1714': attribute type 13 has an invalid length. [ 402.095579][T12273] netlink: 'syz.4.1717': attribute type 13 has an invalid length. [ 403.306158][T12294] netlink: 'syz.3.1722': attribute type 13 has an invalid length. [ 403.425983][T12297] netlink: 'syz.2.1723': attribute type 13 has an invalid length. [ 404.616015][ T40] kauditd_printk_skb: 25 callbacks suppressed [ 404.616031][ T40] audit: type=1800 audit(1763495122.227:1093): pid=12313 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1726" name="nullb0" dev="tmpfs" ino=2421 res=0 errno=0 [ 405.005614][ T40] audit: type=1800 audit(1763495122.607:1094): pid=12321 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1727" name="nullb0" dev="tmpfs" ino=1510 res=0 errno=0 [ 405.113725][T12322] netlink: 'syz.4.1729': attribute type 13 has an invalid length. [ 405.126176][T12322] netlink: 'syz.4.1729': attribute type 27 has an invalid length. [ 406.199691][T12334] netlink: 'syz.4.1731': attribute type 13 has an invalid length. [ 406.747109][ T40] audit: type=1800 audit(1763495124.357:1095): pid=12335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1730" name="nullb0" dev="tmpfs" ino=1510 res=0 errno=0 [ 407.037099][T12345] netlink: 'syz.3.1733': attribute type 13 has an invalid length. [ 407.844502][ T40] audit: type=1800 audit(1763495125.427:1096): pid=12355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1735" name="nullb0" dev="tmpfs" ino=1510 res=0 errno=0 [ 408.139708][T12360] netlink: 'syz.3.1737': attribute type 13 has an invalid length. [ 408.435444][T12368] netlink: 'syz.4.1738': attribute type 13 has an invalid length. [ 409.809984][T12387] netlink: 'syz.2.1743': attribute type 13 has an invalid length. [ 410.675772][ T40] audit: type=1800 audit(1763495128.237:1097): pid=12401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1744" name="nullb0" dev="tmpfs" ino=2421 res=0 errno=0 [ 410.774470][T12402] netlink: 'syz.4.1746': attribute type 13 has an invalid length. [ 412.654376][ T40] audit: type=1800 audit(1763495130.257:1098): pid=12420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1750" name="nullb0" dev="tmpfs" ino=1510 res=0 errno=0 [ 413.403092][T12438] netlink: 'syz.4.1755': attribute type 13 has an invalid length. [ 413.604651][T12431] netlink: 'syz.2.1754': attribute type 13 has an invalid length. [ 413.608334][T12431] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1754'. [ 414.317080][T12454] netlink: 'syz.3.1759': attribute type 13 has an invalid length. [ 414.320714][T12454] netlink: 'syz.3.1759': attribute type 27 has an invalid length. [ 415.326252][T12475] netlink: 'syz.2.1763': attribute type 13 has an invalid length. [ 415.427367][T12477] netlink: 'syz.4.1762': attribute type 13 has an invalid length. [ 415.430722][T12477] netlink: 'syz.4.1762': attribute type 27 has an invalid length. [ 416.607549][T12494] netlink: 'syz.3.1766': attribute type 13 has an invalid length. [ 417.757286][T12510] netlink: 'syz.4.1769': attribute type 13 has an invalid length. [ 419.792428][T12538] netlink: 'syz.4.1776': attribute type 13 has an invalid length. [ 419.796070][T12538] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1776'. [ 421.388455][T12561] netlink: 'syz.3.1781': attribute type 13 has an invalid length. [ 421.573695][ T40] audit: type=1800 audit(1763495139.157:1099): pid=12563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1780" name="nullb0" dev="tmpfs" ino=1510 res=0 errno=0 [ 424.666091][T12605] netlink: 'syz.2.1792': attribute type 13 has an invalid length. [ 426.719809][T12647] netlink: 'syz.2.1799': attribute type 13 has an invalid length. [ 427.377225][T12650] netlink: 'syz.4.1800': attribute type 13 has an invalid length. [ 430.972270][T12715] netlink: 'syz.4.1815': attribute type 13 has an invalid length. [ 436.897016][T12801] netlink: 'syz.3.1834': attribute type 13 has an invalid length. [ 437.138079][T12808] netlink: 'syz.4.1836': attribute type 13 has an invalid length. [ 443.166158][ T40] audit: type=1800 audit(1763495160.777:1100): pid=12896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1855" name="nullb0" dev="tmpfs" ino=1510 res=0 errno=0 [ 444.789081][ T40] audit: type=1800 audit(1763495162.397:1101): pid=12919 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1860" name="nullb0" dev="tmpfs" ino=2421 res=0 errno=0 [ 446.725541][ T40] audit: type=1800 audit(1763495164.337:1102): pid=12947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1868" name="nullb0" dev="tmpfs" ino=1510 res=0 errno=0 [ 449.839691][ T40] audit: type=1800 audit(1763495167.447:1103): pid=12991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1878" name="nullb0" dev="tmpfs" ino=2421 res=0 errno=0 [ 450.714094][ T40] audit: type=1800 audit(1763495168.317:1104): pid=13010 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1881" name="nullb0" dev="tmpfs" ino=1510 res=0 errno=0 [ 451.682210][T13028] bond2: entered promiscuous mode [ 451.687293][T13028] bond2: entered allmulticast mode [ 451.690451][T13028] 8021q: adding VLAN 0 to HW filter on device bond2 [ 452.159165][ T40] audit: type=1800 audit(1763495169.767:1105): pid=13032 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1884" name="nullb0" dev="tmpfs" ino=2421 res=0 errno=0 [ 454.775179][T13078] bond1: entered promiscuous mode [ 454.777514][T13078] bond1: entered allmulticast mode [ 454.781094][T13078] 8021q: adding VLAN 0 to HW filter on device bond1 [ 455.249862][T13095] bond2: entered promiscuous mode [ 455.251609][T13095] bond2: entered allmulticast mode [ 455.264445][T13095] 8021q: adding VLAN 0 to HW filter on device bond2 [ 456.629305][ T40] audit: type=1800 audit(1763495174.237:1106): pid=13127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1907" name="nullb0" dev="tmpfs" ino=2421 res=0 errno=0 [ 458.301836][ T40] audit: type=1800 audit(1763495175.907:1107): pid=13154 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1912" name="nullb0" dev="tmpfs" ino=1510 res=0 errno=0 [ 458.977792][ T40] audit: type=1800 audit(1763495176.587:1108): pid=13160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1915" name="nullb0" dev="tmpfs" ino=1510 res=0 errno=0 [ 459.026994][T13168] bond3: entered promiscuous mode [ 459.029016][T13168] bond3: entered allmulticast mode [ 459.033185][T13168] 8021q: adding VLAN 0 to HW filter on device bond3 [ 459.939877][ T40] audit: type=1800 audit(1763495177.547:1109): pid=13184 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1916" name="nullb0" dev="tmpfs" ino=2421 res=0 errno=0 [ 461.656581][ T40] audit: type=1800 audit(1763495179.267:1110): pid=13206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1925" name="nullb0" dev="tmpfs" ino=1510 res=0 errno=0 [ 463.147296][T13231] binder: 13230:13231 ioctl c01c64ae 0 returned -22 [ 464.734770][T13264] binder: 13263:13264 ioctl c01c64ae 0 returned -22 [ 465.521851][ T40] audit: type=1800 audit(1763495183.127:1111): pid=13279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1947" name="nullb0" dev="tmpfs" ino=1510 res=0 errno=0 [ 466.123690][ T40] audit: type=1800 audit(1763495183.727:1112): pid=13290 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1950" name="nullb0" dev="tmpfs" ino=2421 res=0 errno=0 [ 466.480789][T13295] binder: 13294:13295 ioctl c01c64ae 0 returned -22 [ 466.672000][T13303] binder: 13302:13303 ioctl c01c64ae 0 returned -22 [ 467.538268][T13312] binder: 13311:13312 ioctl c01c64ae 0 returned -22 [ 467.581732][T13314] binder: 13313:13314 ioctl c01c64ae 0 returned -22 [ 469.395953][T13345] binder: 13343:13345 ioctl c01c64ae 0 returned -22 [ 469.675842][T13353] binder: 13352:13353 ioctl c01c64ae 0 returned -22 [ 470.611960][T13365] binder: 13364:13365 ioctl c01c64ae 0 returned -22 [ 474.780505][T13418] binder: 13417:13418 ioctl c01c64ae 0 returned -22 [ 476.040662][T13439] netlink: 'syz.2.1998': attribute type 10 has an invalid length. [ 476.046022][T13439] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 476.050331][T13439] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 478.088031][T13461] netlink: 'syz.3.2004': attribute type 10 has an invalid length. [ 478.110375][T13461] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 478.117593][T13461] batadv0: entered promiscuous mode [ 478.133813][T13461] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 479.274574][T13476] binder: 13474:13476 ioctl c01c64ae 0 returned -22 [ 479.705379][T13485] netlink: 'syz.4.2009': attribute type 10 has an invalid length. [ 482.853803][T13533] binder: 13532:13533 ioctl c01c64ae 0 returned -22 [ 483.125822][T13528] netlink: 'syz.4.2023': attribute type 10 has an invalid length. [ 483.683423][T13546] binder: 13545:13546 ioctl c01c64ae 0 returned -22 [ 486.393587][T13577] netlink: 'syz.2.2038': attribute type 10 has an invalid length. [ 487.014904][T13590] netlink: 'syz.3.2042': attribute type 10 has an invalid length. [ 488.443037][T13609] netlink: 'syz.4.2048': attribute type 10 has an invalid length. [ 488.989390][T13616] netlink: 'syz.2.2050': attribute type 10 has an invalid length. [ 493.218996][T13671] netlink: 'syz.2.2066': attribute type 10 has an invalid length. [ 493.901072][T13687] binder: 13686:13687 ioctl c01c64ae 0 returned -22 [ 494.786196][ T40] audit: type=1800 audit(1763495212.397:1113): pid=13700 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2073" name="nullb0" dev="tmpfs" ino=2421 res=0 errno=0 [ 495.784951][ T40] audit: type=1800 audit(1763495213.397:1114): pid=13712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2077" name="nullb0" dev="tmpfs" ino=1510 res=0 errno=0 [ 496.046773][T13715] netlink: 'syz.0.2078': attribute type 10 has an invalid length. [ 497.590942][T13742] netlink: 'syz.0.2086': attribute type 10 has an invalid length. [ 504.876711][T13825] netlink: 'syz.3.2109': attribute type 10 has an invalid length. [ 507.931838][T13871] netlink: 'syz.0.2121': attribute type 10 has an invalid length. [ 510.453388][T13907] netlink: 'syz.2.2132': attribute type 10 has an invalid length. [ 510.658102][T13913] netlink: 'syz.2.2134': attribute type 10 has an invalid length. [ 512.060188][T13930] netlink: 'syz.2.2139': attribute type 10 has an invalid length. [ 517.213024][T14015] binder: 14014:14015 ioctl c01c64ae 0 returned -22 [ 518.724171][T14038] netlink: 'syz.4.2168': attribute type 10 has an invalid length. [ 520.138982][T14055] netlink: 'syz.2.2172': attribute type 10 has an invalid length. [ 520.567828][T14069] binder: 14068:14069 ioctl c01c64ae 0 returned -22 [ 527.449103][T14177] netlink: 'syz.0.2206': attribute type 10 has an invalid length. [ 527.846519][T14190] netlink: 'syz.4.2210': attribute type 10 has an invalid length. [ 529.252793][T14212] netlink: 'syz.3.2218': attribute type 10 has an invalid length. [ 531.926297][T14259] netlink: 'syz.4.2231': attribute type 10 has an invalid length. [ 535.044179][T14308] netlink: 'syz.0.2244': attribute type 10 has an invalid length. [ 536.072342][T14334] netlink: 'syz.4.2249': attribute type 10 has an invalid length. [ 536.513984][T14337] netlink: 'syz.0.2250': attribute type 10 has an invalid length. [ 537.807057][T14351] netlink: 'syz.0.2254': attribute type 10 has an invalid length. [ 539.098204][T14378] netlink: 'syz.0.2262': attribute type 10 has an invalid length. [ 544.475075][T14469] binder: 14468:14469 ioctl c01c64ae 0 returned -22 [ 545.417737][T14485] binder: 14484:14485 ioctl c01c64ae 0 returned -22 [ 548.563353][T14535] binder: 14534:14535 ioctl c01c64ae 0 returned -22 [ 554.266501][T14588] binder: 14586:14588 ioctl c01c64ae 0 returned -22 [ 555.301202][T14600] binder: 14599:14600 ioctl c01c64ae 0 returned -22 [ 558.358024][T14650] netlink: 'syz.3.2338': attribute type 10 has an invalid length. [ 561.079794][T14695] netlink: 'syz.4.2348': attribute type 10 has an invalid length. [ 561.793408][T14710] netlink: 'syz.0.2350': attribute type 10 has an invalid length. [ 563.099980][ T40] audit: type=1800 audit(1763495280.707:1115): pid=14723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2357" name="nullb0" dev="tmpfs" ino=2421 res=0 errno=0 [ 563.630607][T14730] netlink: 'syz.2.2359': attribute type 10 has an invalid length. [ 564.035219][T14737] netlink: 'syz.0.2368': attribute type 10 has an invalid length. [ 569.400449][T14799] No control pipe specified [ 570.507860][T14822] netlink: 'syz.0.2384': attribute type 10 has an invalid length. [ 572.911411][T14854] netlink: 'syz.2.2395': attribute type 10 has an invalid length. [ 573.106655][T14862] No control pipe specified [ 577.225018][T14899] netlink: 'syz.2.2408': attribute type 10 has an invalid length. [ 578.079449][T14918] netlink: 'syz.3.2415': attribute type 10 has an invalid length. [ 578.105436][T14919] netlink: 'syz.0.2412': attribute type 10 has an invalid length. [ 579.814274][T14941] netlink: 'syz.3.2420': attribute type 10 has an invalid length. [ 579.911151][T14946] binder: 14944:14946 ioctl c0306201 0 returned -14 [ 579.954557][T14946] binder: 14944:14946 ioctl c01c64ae 0 returned -22 [ 580.086020][T14950] No control pipe specified [ 580.941270][T14964] No control pipe specified [ 583.308276][T15007] No control pipe specified [ 584.761515][T15030] No control pipe specified [ 584.889260][T15035] netlink: 'syz.0.2443': attribute type 10 has an invalid length. [ 588.586740][T15089] netlink: 'syz.4.2455': attribute type 10 has an invalid length. [ 588.751701][T15087] netlink: 'syz.3.2458': attribute type 10 has an invalid length. [ 589.546377][T15092] netlink: 'syz.3.2459': attribute type 10 has an invalid length. [ 590.198884][T15110] netlink: 'syz.2.2464': attribute type 10 has an invalid length. [ 590.569036][T15112] netlink: 'syz.2.2465': attribute type 10 has an invalid length. [ 590.961918][T15124] netlink: 'syz.2.2469': attribute type 10 has an invalid length. [ 591.979239][T15142] netlink: 'syz.3.2473': attribute type 10 has an invalid length. [ 592.800786][T15159] netlink: 'syz.0.2478': attribute type 10 has an invalid length. [ 594.928607][T15192] netlink: 'syz.2.2486': attribute type 10 has an invalid length. [ 599.904428][T15278] binder: 15277:15278 ioctl c01c64ae 0 returned -22 [ 600.535183][T15286] netlink: 'syz.2.2511': attribute type 10 has an invalid length. [ 600.779863][T15296] binder: 15295:15296 ioctl c01c64ae 0 returned -22 [ 602.919766][T15325] netlink: 'syz.4.2520': attribute type 10 has an invalid length. [ 604.502659][T15355] binder: 15354:15355 ioctl c01c64ae 0 returned -22 [ 604.896332][T15359] netlink: 'syz.4.2529': attribute type 10 has an invalid length. [ 607.455980][T15392] netlink: 'syz.4.2538': attribute type 10 has an invalid length. [ 608.426607][T15415] netlink: 'syz.0.2543': attribute type 10 has an invalid length. [ 609.046208][T15426] binder: 15425:15426 ioctl c01c64ae 0 returned -22 [ 610.828964][T15449] netlink: 'syz.0.2553': attribute type 10 has an invalid length. [ 611.393275][T15460] netlink: 'syz.4.2556': attribute type 10 has an invalid length. [ 612.034756][T15467] netlink: 'syz.3.2559': attribute type 10 has an invalid length. [ 613.358955][T15485] netlink: 'syz.2.2565': attribute type 10 has an invalid length. [ 613.996513][T15495] netlink: 'syz.2.2568': attribute type 10 has an invalid length. [ 615.432327][T15524] binder: 15523:15524 ioctl c01c64ae 0 returned -22 [ 616.487758][T15539] netlink: 'syz.2.2582': attribute type 10 has an invalid length. [ 617.249070][T15546] netlink: 'syz.0.2584': attribute type 10 has an invalid length. [ 617.690938][T15560] binder: 15559:15560 ioctl c01c64ae 0 returned -22 [ 625.690115][T15685] netlink: 'syz.3.2624': attribute type 10 has an invalid length. [ 635.724957][T15833] binder: 15832:15833 ioctl c01c64ae 0 returned -22 [ 646.683018][T15999] netlink: 'syz.2.2716': attribute type 10 has an invalid length. [ 649.205680][T16039] netlink: 'syz.0.2726': attribute type 10 has an invalid length. [ 654.754927][T16122] binder: 16120:16122 ioctl c01c64ae 0 returned -22 [ 657.560768][T16161] netlink: 'syz.2.2765': attribute type 10 has an invalid length. [ 659.695325][T16197] netlink: 'syz.4.2775': attribute type 10 has an invalid length. [ 669.950488][T16345] autofs: Bad value for 'fd' [ 670.075221][T16351] No control pipe specified [ 675.070755][T16423] netlink: 'syz.2.2841': attribute type 10 has an invalid length. [ 675.814734][T16441] netlink: 'syz.2.2848': attribute type 10 has an invalid length. [ 676.798150][T16470] No control pipe specified [ 677.407804][T16474] netlink: 'syz.3.2858': attribute type 10 has an invalid length. [ 678.149980][T16506] autofs: Bad value for 'fd' [ 679.424042][T16528] autofs: Unknown parameter '00000000000000000000' [ 679.459870][T16529] autofs: Bad value for 'fd' [ 682.413634][T16571] autofs: Unknown parameter '00000000000000000000' [ 683.639643][ T6787] tipc: Resetting bearer [ 683.762408][ T6787] tipc: Disabling bearer [ 684.031171][T16590] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 684.056420][T16590] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 684.084601][T16590] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 684.100364][T16590] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 684.125214][T16590] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 684.434981][T16599] autofs: Unknown parameter 'fd00000000000000000000' [ 684.749458][ T5988] syz1: Port: 1 Link DOWN [ 685.068960][T16587] lo speed is unknown, defaulting to 1000 [ 685.072734][ T1143] smc: removing ib device syz1 [ 685.417444][T16587] chnl_net:caif_netlink_parms(): no params data found [ 685.931235][ T61] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 685.942041][T16587] bridge0: port 1(bridge_slave_0) entered blocking state [ 685.945268][T16587] bridge0: port 1(bridge_slave_0) entered disabled state [ 685.947753][T16587] bridge_slave_0: entered allmulticast mode [ 685.951114][T16587] bridge_slave_0: entered promiscuous mode [ 685.955141][T16587] bridge0: port 2(bridge_slave_1) entered blocking state [ 685.957680][T16587] bridge0: port 2(bridge_slave_1) entered disabled state [ 685.960194][T16587] bridge_slave_1: entered allmulticast mode [ 685.963811][T16587] bridge_slave_1: entered promiscuous mode [ 686.004051][ T61] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 686.085674][T16587] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 686.120599][ T61] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 686.153636][T16590] Bluetooth: hci4: command tx timeout [ 686.204507][T16587] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 686.402999][T16587] team0: Port device team_slave_0 added [ 686.407917][T16587] team0: Port device team_slave_1 added [ 686.477302][ T61] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 686.506640][T16587] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 686.509483][T16587] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 686.519484][T16587] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 686.525757][T16587] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 686.528368][T16587] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 686.539444][T16587] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 686.615992][T16587] hsr_slave_0: entered promiscuous mode [ 686.619461][T16587] hsr_slave_1: entered promiscuous mode [ 686.622392][T16587] debugfs: 'hsr0' already exists in 'hsr' [ 686.625289][T16587] Cannot create hsr debugfs directory [ 686.962631][T16626] autofs: Unknown parameter '00000000000000000000' [ 687.270982][ T61] bond3 (unregistering): (slave macvlan2): Releasing active interface [ 687.289277][ T61] bond0 (unregistering): (slave batadv0): Releasing backup interface [ 687.295113][ T61] bond0 (unregistering): Released all slaves [ 687.575678][ T61] bond1 (unregistering): Released all slaves [ 687.587287][ T61] bond2 (unregistering): Released all slaves [ 687.601667][ T61] bond3 (unregistering): Released all slaves [ 687.736476][ T61] tipc: Left network mode [ 688.077705][T16638] netlink: 'syz.2.2907': attribute type 10 has an invalid length. [ 688.232083][ T61] hsr_slave_0: left promiscuous mode [ 688.234235][T16590] Bluetooth: hci4: command tx timeout [ 688.237527][ T61] hsr_slave_1: left promiscuous mode [ 688.251004][ T61] veth1_macvtap: left promiscuous mode [ 688.253291][ T61] veth0_macvtap: left promiscuous mode [ 688.255818][ T61] veth1_vlan: left promiscuous mode [ 688.263618][ T61] veth0_vlan: left promiscuous mode [ 690.315266][T16590] Bluetooth: hci4: command tx timeout [ 690.533990][T16587] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 690.583731][T16587] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 690.589852][T16587] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 690.597556][T16587] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 690.743326][T16587] 8021q: adding VLAN 0 to HW filter on device bond0 [ 690.768185][T16587] 8021q: adding VLAN 0 to HW filter on device team0 [ 690.795561][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 690.798838][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 690.814808][T16109] bridge0: port 2(bridge_slave_1) entered blocking state [ 690.818062][T16109] bridge0: port 2(bridge_slave_1) entered forwarding state [ 691.001938][T16587] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 691.029666][T16587] veth0_vlan: entered promiscuous mode [ 691.038845][T16587] veth1_vlan: entered promiscuous mode [ 691.057091][T16587] veth0_macvtap: entered promiscuous mode [ 691.062137][T16587] veth1_macvtap: entered promiscuous mode [ 691.074880][T16587] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 691.085252][T16587] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 691.091946][ T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.095132][ T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.098571][ T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.101473][ T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.160722][ T1248] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 691.164832][ T1248] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 691.183356][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 691.186169][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 692.394635][T16590] Bluetooth: hci4: command tx timeout [ 701.625159][ T7118] bridge0: port 3(syz_tun) entered disabled state [ 701.642950][ T5952] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 701.650670][ T5952] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 701.655824][ T5952] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 701.658151][ T7118] syz_tun (unregistering): left allmulticast mode [ 701.659899][ T5952] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 701.661932][ T7118] syz_tun (unregistering): left promiscuous mode [ 701.667880][ T5952] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 701.683840][ T7118] bridge0: port 3(syz_tun) entered disabled state [ 701.846498][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 702.058590][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 702.075112][T16701] lo speed is unknown, defaulting to 1000 [ 702.158378][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 702.273586][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 702.362659][T16701] chnl_net:caif_netlink_parms(): no params data found [ 702.665428][ T13] bridge_slave_1: left allmulticast mode [ 702.668032][ T13] bridge_slave_1: left promiscuous mode [ 702.670788][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 702.680499][ T13] bridge_slave_0: left allmulticast mode [ 702.683068][ T13] bridge_slave_0: left promiscuous mode [ 702.686430][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 703.041582][ T13] bond0 (unregistering): Released all slaves [ 703.072792][T16701] bridge0: port 1(bridge_slave_0) entered blocking state [ 703.076608][T16701] bridge0: port 1(bridge_slave_0) entered disabled state [ 703.080520][T16701] bridge_slave_0: entered allmulticast mode [ 703.101805][T16701] bridge_slave_0: entered promiscuous mode [ 703.135462][T16701] bridge0: port 2(bridge_slave_1) entered blocking state [ 703.154529][T16701] bridge0: port 2(bridge_slave_1) entered disabled state [ 703.158295][T16701] bridge_slave_1: entered allmulticast mode [ 703.165632][T16701] bridge_slave_1: entered promiscuous mode [ 703.246951][ T13] tipc: Disabling bearer [ 703.251095][ T13] tipc: Disabling bearer [ 703.256289][ T13] tipc: Left network mode [ 703.311833][T16701] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 703.320087][T16701] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 703.583121][T16701] team0: Port device team_slave_0 added [ 703.589997][T16701] team0: Port device team_slave_1 added [ 703.688356][ T5952] Bluetooth: hci5: command tx timeout [ 703.777963][T16701] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 703.783358][T16701] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 703.804789][T16701] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 703.827565][T16701] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 703.834387][T16701] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 703.867448][T16701] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 704.135581][ T13] hsr_slave_0: left promiscuous mode [ 704.139580][ T13] hsr_slave_1: left promiscuous mode [ 704.147479][ T13] veth1_macvtap: left promiscuous mode [ 704.149518][ T13] veth0_macvtap: left promiscuous mode [ 704.151872][ T13] veth1_vlan: left promiscuous mode [ 704.156005][ T13] veth0_vlan: left promiscuous mode [ 704.637443][ T61] smc: removing ib device syz2 [ 705.511065][ T13] team0 (unregistering): Port device team_slave_1 removed [ 705.736068][ T13] team0 (unregistering): Port device team_slave_0 removed [ 705.753637][ T5952] Bluetooth: hci5: command tx timeout [ 706.902178][T16701] hsr_slave_0: entered promiscuous mode [ 706.919496][T16701] hsr_slave_1: entered promiscuous mode [ 706.943846][T16701] debugfs: 'hsr0' already exists in 'hsr' [ 706.951587][T16701] Cannot create hsr debugfs directory [ 706.977030][ T10] lo speed is unknown, defaulting to 1000 [ 706.978996][ T10] infiniband syz0: ib_query_port failed (-19) [ 706.997075][T16300] ================================================================== [ 706.999772][T16300] BUG: KASAN: slab-use-after-free in __ethtool_get_link_ksettings+0x1bf/0x200 [ 707.002663][T16300] Read of size 8 at addr ffff8880223a62e8 by task kworker/3:3/16300 [ 707.006365][T16300] [ 707.007928][T16300] CPU: 3 UID: 0 PID: 16300 Comm: kworker/3:3 Not tainted syzkaller #0 PREEMPT(full) [ 707.007943][T16300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 707.007951][T16300] Workqueue: events smc_ib_port_event_work [ 707.007969][T16300] Call Trace: [ 707.007974][T16300] [ 707.007978][T16300] dump_stack_lvl+0x116/0x1f0 [ 707.007994][T16300] print_report+0xcd/0x630 [ 707.008008][T16300] ? __virt_addr_valid+0x81/0x610 [ 707.008023][T16300] ? __phys_addr+0xe8/0x180 [ 707.008037][T16300] ? __ethtool_get_link_ksettings+0x1bf/0x200 [ 707.008053][T16300] kasan_report+0xe0/0x110 [ 707.008068][T16300] ? __ethtool_get_link_ksettings+0x1bf/0x200 [ 707.008085][T16300] __ethtool_get_link_ksettings+0x1bf/0x200 [ 707.008101][T16300] __ethtool_get_link_ksettings+0x148/0x200 [ 707.008116][T16300] ib_get_eth_speed+0x122/0xb50 [ 707.008135][T16300] ? __pfx_ib_get_eth_speed+0x10/0x10 [ 707.008152][T16300] ? __pfx___mutex_lock+0x10/0x10 [ 707.008169][T16300] ? do_raw_spin_unlock+0x172/0x230 [ 707.008187][T16300] rxe_query_port+0x108/0x330 [ 707.008200][T16300] ib_query_port+0x441/0x8a0 [ 707.008217][T16300] smc_ib_port_event_work+0x12f/0xbf0 [ 707.008233][T16300] ? rcu_is_watching+0x12/0xc0 [ 707.008246][T16300] process_one_work+0x9cf/0x1b70 [ 707.008267][T16300] ? __pfx_process_one_work+0x10/0x10 [ 707.008287][T16300] ? assign_work+0x1a0/0x250 [ 707.008303][T16300] worker_thread+0x6c8/0xf10 [ 707.008315][T16300] ? __kthread_parkme+0x19e/0x250 [ 707.008329][T16300] ? __pfx_worker_thread+0x10/0x10 [ 707.008346][T16300] kthread+0x3c5/0x780 [ 707.008361][T16300] ? __pfx_kthread+0x10/0x10 [ 707.008377][T16300] ? rcu_is_watching+0x12/0xc0 [ 707.008388][T16300] ? __pfx_kthread+0x10/0x10 [ 707.008404][T16300] ret_from_fork+0x675/0x7d0 [ 707.008420][T16300] ? __pfx_kthread+0x10/0x10 [ 707.008436][T16300] ret_from_fork_asm+0x1a/0x30 [ 707.008456][T16300] [ 707.008459][T16300] [ 707.074546][T16300] Allocated by task 5948: [ 707.076432][T16300] kasan_save_stack+0x33/0x60 [ 707.078464][T16300] kasan_save_track+0x14/0x30 [ 707.080525][T16300] __kasan_kmalloc+0xaa/0xb0 [ 707.082578][T16300] __kvmalloc_node_noprof+0x3a3/0x9c0 [ 707.084864][T16300] alloc_netdev_mqs+0xd7/0x1550 [ 707.086992][T16300] rtnl_create_link+0xc08/0xf90 [ 707.089153][T16300] rtnl_newlink+0xb69/0x2000 [ 707.091204][T16300] rtnetlink_rcv_msg+0x95e/0xe90 [ 707.093418][T16300] netlink_rcv_skb+0x158/0x420 [ 707.095518][T16300] netlink_unicast+0x5aa/0x870 [ 707.097604][T16300] netlink_sendmsg+0x8c8/0xdd0 [ 707.099780][T16300] __sys_sendto+0x4a3/0x520 [ 707.101846][T16300] __ia32_compat_sys_socketcall+0x625/0x770 [ 707.104420][T16300] __do_fast_syscall_32+0x7c/0x300 [ 707.106692][T16300] do_fast_syscall_32+0x32/0x80 [ 707.108820][T16300] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 707.111564][T16300] [ 707.112627][T16300] Freed by task 13: [ 707.114286][T16300] kasan_save_stack+0x33/0x60 [ 707.116317][T16300] kasan_save_track+0x14/0x30 [ 707.118395][T16300] __kasan_save_free_info+0x3b/0x60 [ 707.120672][T16300] __kasan_slab_free+0x5f/0x80 [ 707.122772][T16300] kfree+0x2b8/0x6d0 [ 707.124466][T16300] device_release+0xa4/0x240 [ 707.126509][T16300] kobject_put+0x1e7/0x5a0 [ 707.128453][T16300] netdev_run_todo+0x7e9/0x1320 [ 707.130589][T16300] default_device_exit_batch+0x858/0xaf0 [ 707.133022][T16300] ops_undo_list+0x363/0xab0 [ 707.135032][T16300] cleanup_net+0x41b/0x8b0 [ 707.136993][T16300] process_one_work+0x9cf/0x1b70 [ 707.139149][T16300] worker_thread+0x6c8/0xf10 [ 707.141184][T16300] kthread+0x3c5/0x780 [ 707.142991][T16300] ret_from_fork+0x675/0x7d0 [ 707.145034][T16300] ret_from_fork_asm+0x1a/0x30 [ 707.147049][T16300] [ 707.148124][T16300] The buggy address belongs to the object at ffff8880223a6000 [ 707.148124][T16300] which belongs to the cache kmalloc-cg-4k of size 4096 [ 707.153742][T16300] The buggy address is located 744 bytes inside of [ 707.153742][T16300] freed 4096-byte region [ffff8880223a6000, ffff8880223a7000) [ 707.158160][T16300] [ 707.158959][T16300] The buggy address belongs to the physical page: [ 707.161098][T16300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x223a0 [ 707.164738][T16300] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 707.168377][T16300] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 707.171616][T16300] page_type: f5(slab) [ 707.173380][T16300] raw: 00fff00000000040 ffff88801b44c280 dead000000000122 0000000000000000 [ 707.176904][T16300] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 707.180423][T16300] head: 00fff00000000040 ffff88801b44c280 dead000000000122 0000000000000000 [ 707.183291][T16300] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 707.186089][T16300] head: 00fff00000000003 ffffea000088e801 00000000ffffffff 00000000ffffffff [ 707.188862][T16300] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 707.191717][T16300] page dumped because: kasan: bad access detected [ 707.193846][T16300] page_owner tracks the page as allocated [ 707.195763][T16300] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5944, tgid 5944 (syz-executor), ts 55592406223, free_ts 55314522996 [ 707.203315][T16300] post_alloc_hook+0x1af/0x220 [ 707.205145][T16300] get_page_from_freelist+0x10a3/0x3a30 [ 707.207433][T16300] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 707.210014][T16300] alloc_pages_mpol+0x1fb/0x550 [ 707.212164][T16300] new_slab+0x24a/0x360 [ 707.214006][T16300] ___slab_alloc+0xd79/0x1a50 [ 707.216033][T16300] __slab_alloc.constprop.0+0x63/0x110 [ 707.218407][T16300] __kmalloc_cache_noprof+0x477/0x780 [ 707.220790][T16300] ipv6_add_dev+0x6af/0x15f0 [ 707.222864][T16300] addrconf_notify+0x53e/0x19e0 [ 707.225011][T16300] notifier_call_chain+0xbc/0x410 [ 707.227218][T16300] call_netdevice_notifiers_info+0xbe/0x140 [ 707.229801][T16300] register_netdevice+0x182e/0x2270 [ 707.232086][T16300] macvlan_common_newlink+0x10e7/0x1a20 [ 707.234522][T16300] rtnl_newlink+0xc45/0x2000 [ 707.236605][T16300] rtnetlink_rcv_msg+0x95e/0xe90 [ 707.238817][T16300] page last free pid 5951 tgid 5951 stack trace: [ 707.241297][T16300] __free_frozen_pages+0x7df/0x1160 [ 707.243577][T16300] __put_partials+0x130/0x170 [ 707.245472][T16300] qlist_free_all+0x4d/0x120 [ 707.246996][T16300] kasan_quarantine_reduce+0x195/0x1e0 [ 707.248777][T16300] __kasan_slab_alloc+0x69/0x90 [ 707.250429][T16300] __kmalloc_cache_noprof+0x274/0x780 [ 707.252180][T16300] netdevice_event+0x365/0x9d0 [ 707.253789][T16300] notifier_call_chain+0xbc/0x410 [ 707.255459][T16300] call_netdevice_notifiers_info+0xbe/0x140 [ 707.257482][T16300] __netdev_upper_dev_link+0x43b/0x840 [ 707.259395][T16300] netdev_master_upper_dev_link+0x9f/0xd0 [ 707.261400][T16300] hsr_add_port+0x4ab/0xa80 [ 707.262953][T16300] hsr_dev_finalize+0x7ef/0xd00 [ 707.264564][T16300] hsr_newlink+0x4ab/0xab0 [ 707.266060][T16300] rtnl_newlink+0xc45/0x2000 [ 707.267583][T16300] rtnetlink_rcv_msg+0x95e/0xe90 [ 707.269307][T16300] [ 707.270282][T16300] Memory state around the buggy address: [ 707.272094][T16300] ffff8880223a6180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 707.274664][T16300] ffff8880223a6200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 707.277283][T16300] >ffff8880223a6280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 707.279924][T16300] ^ [ 707.282188][T16300] ffff8880223a6300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 707.284783][T16300] ffff8880223a6380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 707.287935][T16300] ================================================================== [ 707.564920][T16300] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 707.567337][T16300] CPU: 3 UID: 0 PID: 16300 Comm: kworker/3:3 Not tainted syzkaller #0 PREEMPT(full) [ 707.570421][T16300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 707.573917][T16300] Workqueue: events smc_ib_port_event_work [ 707.575839][T16300] Call Trace: [ 707.576981][T16300] [ 707.577936][T16300] dump_stack_lvl+0x3d/0x1f0 [ 707.579460][T16300] vpanic+0x640/0x6f0 [ 707.580808][T16300] panic+0xca/0xd0 [ 707.582076][T16300] ? __pfx_panic+0x10/0x10 [ 707.583571][T16300] ? __ethtool_get_link_ksettings+0x1bf/0x200 [ 707.585617][T16300] ? preempt_schedule_common+0x44/0xc0 [ 707.587431][T16300] ? preempt_schedule_thunk+0x16/0x30 [ 707.589228][T16300] ? check_panic_on_warn+0x1f/0xb0 [ 707.590929][T16300] check_panic_on_warn+0xab/0xb0 [ 707.592572][T16300] end_report+0x107/0x170 [ 707.594023][T16300] kasan_report+0xee/0x110 [ 707.595502][T16300] ? __ethtool_get_link_ksettings+0x1bf/0x200 [ 707.597480][T16300] __ethtool_get_link_ksettings+0x1bf/0x200 [ 707.599405][T16300] __ethtool_get_link_ksettings+0x148/0x200 [ 707.601388][T16300] ib_get_eth_speed+0x122/0xb50 [ 707.603009][T16300] ? __pfx_ib_get_eth_speed+0x10/0x10 [ 707.604774][T16300] ? __pfx___mutex_lock+0x10/0x10 [ 707.606455][T16300] ? do_raw_spin_unlock+0x172/0x230 [ 707.608118][T16300] rxe_query_port+0x108/0x330 [ 707.609679][T16300] ib_query_port+0x441/0x8a0 [ 707.611058][T16300] smc_ib_port_event_work+0x12f/0xbf0 [ 707.612830][T16300] ? rcu_is_watching+0x12/0xc0 [ 707.614453][T16300] process_one_work+0x9cf/0x1b70 [ 707.616097][T16300] ? __pfx_process_one_work+0x10/0x10 [ 707.617897][T16300] ? assign_work+0x1a0/0x250 [ 707.619422][T16300] worker_thread+0x6c8/0xf10 [ 707.620975][T16300] ? __kthread_parkme+0x19e/0x250 [ 707.622638][T16300] ? __pfx_worker_thread+0x10/0x10 [ 707.624329][T16300] kthread+0x3c5/0x780 [ 707.626125][T16300] ? __pfx_kthread+0x10/0x10 [ 707.627868][T16300] ? rcu_is_watching+0x12/0xc0 [ 707.629866][T16300] ? __pfx_kthread+0x10/0x10 [ 707.631406][T16300] ret_from_fork+0x675/0x7d0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 707.633204][T16300] ? __pfx_kthread+0x10/0x10 [ 707.635179][T16300] ret_from_fork_asm+0x1a/0x30 [ 707.636788][T16300] [ 707.638642][T16300] Kernel Offset: disabled [ 707.640070][T16300] Rebooting in 86400 seconds.. VM DIAGNOSIS: 19:50:24 Registers: info registers vcpu 0 CPU#0 RAX=0000000000faa48d RBX=0000000000000000 RCX=ffffffff8b5d92a9 RDX=0000000000000000 RSI=ffffffff8da2917b RDI=ffffffff8bf078c0 RBP=fffffbfff1c12f40 RSP=ffffffff8e007df8 R8 =0000000000000001 R9 =ffffed1005646655 R10=ffff88802b2332ab R11=0000000000000001 R12=0000000000000000 R13=ffffffff8e097a00 R14=ffffffff90824ad0 R15=0000000000000000 RIP=ffffffff8b5d7d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809780d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f6bc2bf37b0 CR3=0000000013593000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000001569081 RBX=0000000000000001 RCX=ffffffff8b5d92a9 RDX=0000000000000000 RSI=ffffffff8da2917b RDI=ffffffff8bf078c0 RBP=ffffed1003b5d490 RSP=ffffc9000046fde8 R8 =0000000000000001 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000001 R12=0000000000000001 R13=ffff88801daea480 R14=ffffffff90824ad0 R15=0000000000000000 RIP=ffffffff8b5d7d5f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809790d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007ffcff926fa0 CR3=0000000013593000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000002 RBX=ffff888043bd7f50 RCX=0000000000000000 RDX=0000000000000000 RSI=ffffffff8db1895d RDI=ffffffff8bf078c0 RBP=0000000000000000 RSP=ffffc9000d4079e8 R8 =0000000000000001 R9 =0000000000000000 R10=ffffffff90824ad7 R11=0000000000000001 R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff81985437 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097a0d000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080005000 CR3=000000006577f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000fee0000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000f8000000 Opmask01=000000000007ffff Opmask02=000000000007ffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 006b636f732e7669 72706e752f646370 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7834302578302074 6e65766520646574 63657078656e7520 3a7325006b636f73 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5d1115005d150551 4b40534005414051 4640555d404b5005 1f5600004e464a56 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a411a1c3642000c 620f720a1b15111d 0000051543080d52 5c53404d5b1d5173 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6820736e6f697475 6269727473696420 74736f4d20230a0a 656d616e5f74736f ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0655011a4f1a0101 031d0154491a4120 42372a1961644f46 2029611d7a54491b ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3f775b7f7f5b7f0f 7b5f7f7e5f5f7f7f 5f777f3f6f7f5f5e 7f7f7f7f7f5d5f7b ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6820206120747065 0a6b655220230a00 2065685f20636166 6620656d61006e6f ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6820205f20696e20 0a69655220230a00 2065684d20230a0a 2020544e20006e61 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbfbfbfbfbfbfbf bfbff52532232d20 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 262821df2e2e33df 3228df3232202b22 df312e232d2435bf 2324353124322431 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4141414141414141 4141414141414141 4141414141414141 4141414141414141 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a 1a1a1a1a1a1a1a1a ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2020202020202020 2020202020202020 2020202020202020 2020202020202020 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff85269e10 RDI=ffffffff9adc5de0 RBP=ffffffff9adc5da0 RSP=ffffc900074173d8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3232303838386652 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff35b8c0e R15=dffffc0000000000 RIP=ffffffff85269e37 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097b0d000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080046000 CR3=000000006577f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000