last executing test programs: 5m26.806132991s ago: executing program 3 (id=13991): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x8, 0x10, &(0x7f0000000400)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xbecd}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x5}}, {}, [@ldst={0x2, 0x0, 0x3, 0x6, 0x5, 0x30}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, @void, @value}, 0x94) 5m26.805112554s ago: executing program 3 (id=13993): r0 = syz_io_uring_setup(0x279, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000080), &(0x7f0000000000)) exit(0x5) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f0000000040)=[0x0, 0xcc6f], 0x2) 5m25.862137623s ago: executing program 3 (id=14038): r0 = socket$nl_rdma(0x10, 0x3, 0x14) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000100)=""/252, 0xfc}], 0x1) sendmsg$RDMA_NLDEV_CMD_RES_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={0x10, 0x1409, 0x262543c4cee33fe7}, 0x10}}, 0x0) 5m25.762871712s ago: executing program 3 (id=14046): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x10, &(0x7f0000000240)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@call={0x85, 0x0, 0x0, 0x7}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x5384b9927ce1a186, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000140)='tlb_flush\x00', r1}, 0x18) 5m25.697167021s ago: executing program 3 (id=14049): mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0) 5m25.695145613s ago: executing program 3 (id=14053): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000b00)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000001"], 0x30}}, 0x0) 5m9.419580849s ago: executing program 32 (id=14053): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000b00)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000000000001"], 0x30}}, 0x0) 1m12.074757419s ago: executing program 1 (id=22335): openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100)) openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) 1m12.032256522s ago: executing program 1 (id=22337): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x68, 0x30, 0xb, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x4, r1}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0) 1m11.948788319s ago: executing program 1 (id=22340): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000080)={0x1, 0x6, 0x8, 0x6, 0x4, "ea082b0100000063f700ecffff0500"}) r1 = dup(r0) ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0xff) 1m11.883917296s ago: executing program 1 (id=22342): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x84000, 0x0) 1m11.880863713s ago: executing program 1 (id=22345): r0 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x8) mknodat$loop(r1, &(0x7f0000000100)='./file0\x00', 0xffffc000, 0x1) 1m11.414153619s ago: executing program 1 (id=22353): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000200)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local}) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000080)={0x0, 0x1, 0xc00, 0x8}) 1m11.344235683s ago: executing program 33 (id=22353): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000200)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local}) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000080)={0x0, 0x1, 0xc00, 0x8}) 1m1.387386141s ago: executing program 2 (id=22509): r0 = syz_usb_connect(0x2, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x110, 0x6d, 0x33, 0x95, 0x8, 0xfe9, 0xdb51, 0x5e35, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x7, 0xd4, 0x40, 0x0, [{{0x9, 0x4, 0x22, 0x0, 0x1, 0x8f, 0x53, 0x4e, 0x1, [], [{{0x9, 0x5, 0x1, 0x3, 0x40, 0x1, 0x3, 0x9}}]}}]}}]}}, 0x0) syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) syz_usb_ep_read(r0, 0x1, 0x97, 0x0) syz_usb_control_io$cdc_ecm(r0, &(0x7f00000014c0)={0x14, 0x0, &(0x7f0000001480)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) 1m0.349203872s ago: executing program 5 (id=22530): socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = io_uring_setup(0x3d68, &(0x7f0000000000)={0x0, 0xef52, 0x1, 0x1, 0x2ae}) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0x14, &(0x7f0000003480)={0x4, 0x0, 0x4, &(0x7f00000001c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x0}, 0x2) io_uring_enter(r0, 0x18, 0x0, 0x1f, 0x0, 0x0) 1m0.348864626s ago: executing program 5 (id=22531): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local}) ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000001680)={0x0, 0x2, 0x0, 0x31}) 1m0.2744895s ago: executing program 5 (id=22532): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)={0x24, r1, 0xd66771a5e8224ded, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_NETNS_FD={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x5}, 0x0) 1m0.273123562s ago: executing program 5 (id=22533): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x225) 1m0.201755874s ago: executing program 5 (id=22542): openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)) 59.868206451s ago: executing program 5 (id=22541): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local}) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f00000000c0)={0x0, 0x6, 0x0, 0x50c8}) 59.806375698s ago: executing program 34 (id=22541): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local}) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f00000000c0)={0x0, 0x6, 0x0, 0x50c8}) 59.312541168s ago: executing program 2 (id=22551): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000540)={@dev={0xfe, 0x80, '\x00', 0x21}, @dev={0xfe, 0x80, '\x00', 0x11}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x0, 0x1, 0x0, 0xa, 0x110000, r1}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000540)={@remote, @mcast1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x1, 0x400, 0x0, 0x26, r1}) 59.2460948s ago: executing program 2 (id=22552): r0 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f0000000040)=0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0xebec93e830f96115}) io_uring_enter(r0, 0x7f5f, 0x0, 0x0, 0x0, 0x0) 59.245690319s ago: executing program 2 (id=22553): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x225) 59.243044197s ago: executing program 2 (id=22554): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x10, 0x11, 0x4000}, @TCA_FQ_QUANTUM={0x8, 0x3, 0x4000}]}}]}, 0x40}}, 0x0) 59.077264766s ago: executing program 2 (id=22555): ioperm(0x83, 0x6, 0x8) r0 = socket$inet6(0xa, 0x6, 0x0) listen(r0, 0x101) shutdown(r0, 0x0) 59.06469166s ago: executing program 35 (id=22555): ioperm(0x83, 0x6, 0x8) r0 = socket$inet6(0xa, 0x6, 0x0) listen(r0, 0x101) shutdown(r0, 0x0) 1.634151865s ago: executing program 6 (id=23911): mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x14, 0x2) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00') read$FUSE(r0, &(0x7f0000000080)={0x2020}, 0x2020) 1.293840802s ago: executing program 6 (id=23923): pipe2(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RGETLOCK(r1, &(0x7f0000000040)=ANY=[], 0xffffff6a) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) splice(r0, 0x0, r2, 0x0, 0x8, 0xa) 1.238992496s ago: executing program 6 (id=23926): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') r1 = shmget$private(0x0, 0x3000, 0x1, &(0x7f0000001000/0x3000)=nil) shmat(r1, &(0x7f0000000000/0x1000)=nil, 0xffffffffffffcfff) lseek(r0, 0x289e0cb5, 0x0) 1.132003267s ago: executing program 6 (id=23928): r0 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x200000, 0x10100}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x2def, 0x4000, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, {0x3, 0xd}, 0x8}, 0x1) 1.082919176s ago: executing program 6 (id=23930): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000001c0), 0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000003a80)={0x0, 0x1c, &(0x7f0000003980)=[@in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}]}, &(0x7f0000003ac0)=0x10) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x6d, &(0x7f0000000080), &(0x7f00000000c0)=0x3930) 1.045037727s ago: executing program 4 (id=23931): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) r1 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={0x0}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x3, 0x9, 0x8200, 0x7, 0xb, 0xc6, 0x8, 0x3, r2}, &(0x7f0000000140)=0x20) 961.711874ms ago: executing program 4 (id=23935): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto$inet(r1, 0x0, 0x0, 0x400c0, 0x0, 0x0) 961.539176ms ago: executing program 4 (id=23936): r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card0/oss_mixer\x00', 0x298f3cc22e12b39a, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) write$proc_mixer(r0, &(0x7f0000000280)=ANY=[@ANYBLOB='DIGITAL2 \'Master Capture\' 00000000000000000000\nMIC \'Synth\' 00000000000000000000\nPHONEIN\nOGAIN\nTREBLE \'Synth Capture Switch\' 00000000000000000000\nSYNTH'], 0xdf) dup3(r1, r0, 0x0) 867.183196ms ago: executing program 4 (id=23939): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x5b76c000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) eventfd2(0xa, 0x80001) 652.250334ms ago: executing program 7 (id=23940): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) io_setup(0x3ff, &(0x7f0000000640)=0x0) io_destroy(r1) 638.38059ms ago: executing program 4 (id=23941): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2382, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, 0x0) 626.871342ms ago: executing program 0 (id=23942): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0xfffffffffffffc4a, &(0x7f0000000100)={&(0x7f0000000040)=@newlink={0x2c, 0x10, 0x401, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r1, 0x2, 0x8a2}, [@IFLA_ADDRESS={0xa}]}, 0x2c}}, 0x0) 530.855209ms ago: executing program 0 (id=23943): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000100)=""/130, 0x82}], 0x1) 508.848329ms ago: executing program 7 (id=23944): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x8031, 0xffffffffffffffff, 0x0) getrandom(&(0x7f00000021c0)=""/4092, 0xffc, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9) 508.436801ms ago: executing program 4 (id=23945): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) syz_usbip_server_init(0x1) 299.632833ms ago: executing program 0 (id=23946): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10) process_mrelease(0xffffffffffffffff, 0x0) 235.410287ms ago: executing program 0 (id=23947): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000004c0)={0x1, 0x0, [{0x48, 0x0, 0x1006}]}) 147.720975ms ago: executing program 7 (id=23948): r0 = socket$packet(0x11, 0x2, 0x300) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000400)='syzkaller\x00', 0xd, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f7f, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x7}, 0x18) bind$packet(r0, &(0x7f00000000c0)={0x11, 0xf8, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) 146.53623ms ago: executing program 7 (id=23949): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0, 0x1}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e}) 145.441236ms ago: executing program 6 (id=23950): r0 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000)) io_uring_enter(r0, 0x0, 0xe38e, 0x5, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002cc0)=[{0x0}, {0x0}], 0x0, 0x2}, 0x20) 115.815374ms ago: executing program 0 (id=23951): r0 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe) connect$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) connect$pppl2tp(r0, 0x0, 0x0) 53.13602ms ago: executing program 7 (id=23952): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f00000005c0), r1) sendmsg$NFC_CMD_DEV_DOWN(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r2, 0x1, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x6}, 0x800) 52.90017ms ago: executing program 0 (id=23953): r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) r1 = socket(0x2b, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) ioctl$NBD_DISCONNECT(r0, 0xab08) 0s ago: executing program 7 (id=23954): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000001c0)='scsi_dispatch_cmd_start\x00', r1}, 0x18) sync() kernel console output (not intermixed with test programs): 5 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.1.20358" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 392.746633][ T39] audit: type=1326 audit(370.643:51596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.1.20358" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f95598 code=0x7ffc0000 [ 392.754847][ T39] audit: type=1326 audit(370.643:51597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.1.20358" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f95598 code=0x7ffc0000 [ 392.762687][ T39] audit: type=1326 audit(370.643:51598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.1.20358" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 392.770600][ T39] audit: type=1326 audit(370.643:51599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.1.20358" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f95598 code=0x7ffc0000 [ 392.778187][ T39] audit: type=1326 audit(370.643:51600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.1.20358" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f95598 code=0x7ffc0000 [ 392.786712][ T39] audit: type=1326 audit(370.643:51601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.1.20358" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 392.794596][ T39] audit: type=1326 audit(370.643:51602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16219 comm="syz.1.20358" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f95598 code=0x7ffc0000 [ 393.016289][T16242] netem: unknown loss type 0 [ 393.018418][T16242] netem: change failed [ 393.203525][T16264] __nla_validate_parse: 2 callbacks suppressed [ 393.203535][T16264] netlink: 4 bytes leftover after parsing attributes in process `syz.4.20380'. [ 393.241190][T16268] netlink: 12 bytes leftover after parsing attributes in process `syz.4.20382'. [ 393.331255][T16277] sctp: [Deprecated]: syz.2.20386 (pid 16277) Use of struct sctp_assoc_value in delayed_ack socket option. [ 393.331255][T16277] Use struct sctp_sack_info instead [ 393.430491][T16295] netlink: 4 bytes leftover after parsing attributes in process `syz.2.20395'. [ 393.440899][T16295] netlink: 4 bytes leftover after parsing attributes in process `syz.2.20395'. [ 394.079111][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.081276][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.086457][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.089714][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.092165][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.094282][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.099736][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.101849][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.103928][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.106796][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.108943][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.111093][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.113189][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.115278][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.117696][ T25] hid-generic 00A0:0006:0003.000C: unknown main item tag 0x0 [ 394.120387][ T25] hid-generic 00A0:0006:0003.000C: hidraw0: HID v0.05 Device [syz1] on syz0 [ 394.771936][T16368] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 394.774429][T16368] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 394.777872][T16368] vhci_hcd vhci_hcd.0: Device attached [ 394.783439][T16369] vhci_hcd: connection closed [ 394.785323][T12951] vhci_hcd: stop threads [ 394.788729][T12951] vhci_hcd: release socket [ 394.796050][T12951] vhci_hcd: disconnect device [ 395.444389][T16389] netlink: 4 bytes leftover after parsing attributes in process `syz.2.20435'. [ 395.448426][T16389] netlink: 4 bytes leftover after parsing attributes in process `syz.2.20435'. [ 396.343847][T16460] batadv_slave_1: entered promiscuous mode [ 396.346949][T16460] batadv_slave_1: left promiscuous mode [ 396.590168][T16477] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20476'. [ 398.035369][T16613] netlink: 4 bytes leftover after parsing attributes in process `syz.0.20537'. [ 398.427797][ T39] kauditd_printk_skb: 24 callbacks suppressed [ 398.427814][ T39] audit: type=1326 audit(375.984:51627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16637 comm="syz.2.20549" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x0 [ 398.456896][T12953] IPVS: sh: FWM 3 0x00000003 - no destination available [ 398.494726][T16640] netlink: 76 bytes leftover after parsing attributes in process `syz.4.20550'. [ 398.556270][T16645] loop4: detected capacity change from 0 to 524287999 [ 398.562438][ C0] blk_print_req_error: 7 callbacks suppressed [ 398.562451][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 398.566836][ C0] buffer_io_error: 7 callbacks suppressed [ 398.566844][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 398.575666][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 398.578299][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 398.583371][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 398.586008][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 398.588424][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 398.590975][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 398.593384][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 398.595973][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 398.601124][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 398.603670][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 398.606807][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 398.610469][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 398.613874][ C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 398.617482][ C2] Buffer I/O error on dev loop4, logical block 0, async page read [ 398.620602][T16645] ldm_validate_partition_table(): Disk read failed. [ 398.622706][ C3] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 398.625290][ C3] Buffer I/O error on dev loop4, logical block 0, async page read [ 398.627712][ C2] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 398.631342][ C2] Buffer I/O error on dev loop4, logical block 0, async page read [ 398.634909][T16645] Dev loop4: unable to read RDB block 0 [ 398.637912][T16645] loop4: unable to read partition table [ 398.640570][T16645] loop_reread_partitions: partition scan of loop4 (3 ) failed (rc=-5) [ 398.718606][T16652] netlink: 32 bytes leftover after parsing attributes in process `syz.4.20555'. [ 398.725257][T16652] netlink: 32 bytes leftover after parsing attributes in process `syz.4.20555'. [ 399.619521][T16684] netlink: 4 bytes leftover after parsing attributes in process `syz.1.20569'. [ 399.644591][T16684] team_slave_0: left promiscuous mode [ 399.668323][T16684] team0 (unregistering): Port device team_slave_0 removed [ 399.671958][T16684] team_slave_1: left promiscuous mode [ 399.678763][T16684] team0 (unregistering): Port device team_slave_1 removed [ 399.681629][T16684] geneve0: left promiscuous mode [ 399.686407][T16684] team0 (unregistering): Port device geneve0 removed [ 399.689107][T16684] mac80211_hwsim hwsim11 wlan1: left promiscuous mode [ 399.695706][T16684] team0 (unregistering): Port device wlan1 removed [ 399.703736][T16684] team0 (unregistering): Port device bridge4 removed [ 400.002712][T16710] serio: Serial port ptm0 [ 400.152471][T16728] netlink: 'syz.1.20589': attribute type 21 has an invalid length. [ 400.154945][T16728] netlink: 156 bytes leftover after parsing attributes in process `syz.1.20589'. [ 400.159497][T16728] netlink: 'syz.1.20589': attribute type 21 has an invalid length. [ 400.161855][T16728] netlink: 156 bytes leftover after parsing attributes in process `syz.1.20589'. [ 400.521334][ T1416] aoe: packet could not be sent on bond0. consider increasing tx_queue_len [ 401.432537][T15334] kernel read not supported for file /dsp1 (pid: 15334 comm: kworker/1:5) [ 401.801060][T16816] netlink: 12 bytes leftover after parsing attributes in process `syz.4.20631'. [ 402.559826][T16868] netlink: 'syz.1.20655': attribute type 4 has an invalid length. [ 403.682465][T16905] netlink: 'syz.2.20671': attribute type 21 has an invalid length. [ 403.685739][T16905] netlink: 156 bytes leftover after parsing attributes in process `syz.2.20671'. [ 403.690292][T16905] netlink: 'syz.2.20671': attribute type 21 has an invalid length. [ 403.693596][T16905] netlink: 156 bytes leftover after parsing attributes in process `syz.2.20671'. [ 403.944524][T12951] IPVS: sh: FWM 3 0x00000003 - no destination available [ 404.020005][T16923] netlink: 4 bytes leftover after parsing attributes in process `syz.4.20677'. [ 404.165958][T16935] netlink: 4 bytes leftover after parsing attributes in process `syz.4.20683'. [ 404.169501][T16935] batadv_slave_1: entered promiscuous mode [ 404.174023][T16935] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 404.177416][T16935] netlink: 2 bytes leftover after parsing attributes in process `syz.4.20683'. [ 404.637687][T16971] netlink: 68 bytes leftover after parsing attributes in process `syz.1.20700'. [ 405.223728][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 405.318587][ T6174] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 405.420239][T17014] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20719'. [ 406.210260][T17083] netlink: 136 bytes leftover after parsing attributes in process `syz.1.20751'. [ 406.212853][T17083] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 406.270412][T17087] netlink: 56 bytes leftover after parsing attributes in process `syz.1.20753'. [ 406.324749][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 406.364389][T17095] netlink: 16 bytes leftover after parsing attributes in process `syz.0.20757'. [ 406.410342][ T6174] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 406.475330][ T6227] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 406.480448][T17105] wlan0 speed is unknown, defaulting to 1000 [ 406.482769][T17105] wg1 speed is unknown, defaulting to 1000 [ 407.102879][ T39] audit: type=1326 audit(897.090:51628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17155 comm="syz.2.20781" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 407.110088][ T39] audit: type=1326 audit(897.090:51629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17155 comm="syz.2.20781" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 407.117826][ T39] audit: type=1326 audit(897.099:51630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17155 comm="syz.2.20781" exe="/syz-executor" sig=0 arch=40000003 syscall=65 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 407.125673][ T39] audit: type=1326 audit(897.099:51631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17155 comm="syz.2.20781" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 407.136851][ T39] audit: type=1326 audit(897.099:51632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17155 comm="syz.2.20781" exe="/syz-executor" sig=0 arch=40000003 syscall=434 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 407.144910][ T39] audit: type=1326 audit(897.099:51633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17155 comm="syz.2.20781" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 407.152868][ T39] audit: type=1326 audit(897.099:51634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17155 comm="syz.2.20781" exe="/syz-executor" sig=0 arch=40000003 syscall=424 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 407.160928][ T39] audit: type=1326 audit(897.099:51635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17155 comm="syz.2.20781" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 407.436451][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 407.527440][ T6174] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 407.541823][T17181] bond0: entered promiscuous mode [ 407.544489][T17181] batadv0: entered promiscuous mode [ 407.546222][T17181] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 407.548362][T17181] Cannot create hsr debugfs directory [ 407.549935][T17181] hsr0: Slave A (bond0) is not up; please bring it up to get a fully working HSR network [ 407.552487][T17181] hsr0: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network [ 407.559406][T17181] 8021q: adding VLAN 0 to HW filter on device hsr0 [ 407.705422][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 408.124025][T17215] tmpfs: Invalid gid '0x00000000ffffffff' [ 408.548450][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 408.861910][T17269] kvm: kvm [17268]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x4000002e) [ 409.048456][T17281] bond0: entered promiscuous mode [ 409.050565][T17281] bond_slave_0: entered promiscuous mode [ 409.052898][T17281] bond_slave_1: entered promiscuous mode [ 409.056253][T17281] batadv0: entered promiscuous mode [ 409.059522][T17281] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 409.425274][T17307] kvm: kvm [17306]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x4000000f) [ 409.440942][T17309] bond0: entered promiscuous mode [ 409.443810][T17309] batadv0: entered promiscuous mode [ 409.446984][T17309] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 409.449975][T17309] Cannot create hsr debugfs directory [ 409.452473][T17309] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network [ 409.456380][T17309] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network [ 409.660119][ C1] net_ratelimit: 1 callbacks suppressed [ 409.660136][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 409.745893][ T6174] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 409.992727][T17337] kvm: apic: phys broadcast and lowest prio [ 410.088897][T12982] IPVS: sh: FWM 3 0x00000003 - no destination available [ 410.365061][T17376] sctp: [Deprecated]: syz.1.20882 (pid 17376) Use of struct sctp_assoc_value in delayed_ack socket option. [ 410.365061][T17376] Use struct sctp_sack_info instead [ 410.839145][T17415] input: syz1 as /devices/virtual/input/input64 [ 411.298672][T17458] netlink: 4 bytes leftover after parsing attributes in process `syz.0.20921'. [ 411.773190][T17494] loop6: detected capacity change from 0 to 524287999 [ 411.777819][ C3] blk_print_req_error: 7 callbacks suppressed [ 411.777834][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 411.783800][ C3] buffer_io_error: 7 callbacks suppressed [ 411.783812][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.793169][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 411.796801][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.800306][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 411.803471][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.805892][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 411.808522][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.811003][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 411.813554][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.815942][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 411.818465][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.820859][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 411.823288][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.829100][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 411.832368][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.835190][T17494] ldm_validate_partition_table(): Disk read failed. [ 411.837710][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 411.840897][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 411.881748][T17503] block device autoloading is deprecated and will be removed. [ 411.916501][T17499] loop6: detected capacity change from 524287999 to 524288000 [ 411.927993][T17494] loop6: unable to read partition table [ 411.929813][T17494] loop_reread_partitions: partition scan of loop6 (ǴWC@'OQҥ) failed (rc=-5) [ 412.653520][ T67] Bluetooth: hci2: command 0x0c1a tx timeout [ 412.684855][T17547] wlan0 speed is unknown, defaulting to 1000 [ 412.690085][T17547] wg1 speed is unknown, defaulting to 1000 [ 413.199132][ T25] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 413.209188][T17583] netlink: 368 bytes leftover after parsing attributes in process `syz.0.20978'. [ 413.303520][T17589] netlink: 88 bytes leftover after parsing attributes in process `syz.0.20981'. [ 413.307897][T17589] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20981'. [ 413.340740][T17591] netlink: 52 bytes leftover after parsing attributes in process `syz.0.20982'. [ 413.980469][T17625] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 414.092681][T17649] dns_resolver: Unsupported content type (240) [ 414.193034][ T25] ip6_tunnel: ip6gre2 xmit: Local address not yet configured! [ 414.282547][T17667] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.21016'. [ 414.286251][T17662] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.21016'. [ 415.614947][T17719] netem: incorrect gi model size [ 415.681123][T17727] netlink: 8 bytes leftover after parsing attributes in process `syz.4.21046'. [ 415.683692][T17727] netlink: 12 bytes leftover after parsing attributes in process `syz.4.21046'. [ 415.972380][ T6174] hid-generic 0000:0003:0000.000D: unknown main item tag 0x0 [ 415.975422][ T6174] hid-generic 0000:0003:0000.000D: unknown main item tag 0x0 [ 415.979220][ T6174] hid-generic 0000:0003:0000.000D: hidraw0: HID v0.00 Device [syz0] on syz1 [ 416.249218][T12982] IPVS: sh: FWM 3 0x00000003 - no destination available [ 417.610195][ T39] audit: type=1800 audit(906.921:51636): pid=17847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.21103" name="[kvm-gmem]" dev="anon_inodefs" ino=169508 res=0 errno=0 [ 417.899591][T17891] netlink: 'syz.4.21123': attribute type 2 has an invalid length. [ 417.975856][T17899] serio: Serial port ptm0 [ 418.539381][ T835] kernel read not supported for file /dsp (pid: 835 comm: kworker/0:2) [ 418.570514][T17917] netlink: 4 bytes leftover after parsing attributes in process `syz.1.21135'. [ 418.674106][ T39] audit: type=1326 audit(907.922:51637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17877 comm="syz.2.21117" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7fc00000 [ 421.690167][T18045] vimc link validate: Scaler:src:16x16 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 421.732160][T12953] IPVS: sh: FWM 3 0x00000003 - no destination available [ 422.693388][T18119] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21225'. [ 422.898138][ T39] audit: type=1326 audit(911.869:51638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 422.916583][ T39] audit: type=1326 audit(911.869:51639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 422.925493][ T39] audit: type=1326 audit(911.869:51640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc5598 code=0x7ffc0000 [ 422.934529][ T39] audit: type=1326 audit(911.869:51641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc5598 code=0x7ffc0000 [ 422.943041][ T39] audit: type=1326 audit(911.869:51642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc5598 code=0x7ffc0000 [ 422.951373][ T39] audit: type=1326 audit(911.869:51643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=43 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 422.960045][ T39] audit: type=1326 audit(911.869:51644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc5598 code=0x7ffc0000 [ 422.968152][ T39] audit: type=1326 audit(911.869:51645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 422.976502][ T39] audit: type=1326 audit(911.869:51646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc5598 code=0x7ffc0000 [ 422.990732][ T39] audit: type=1326 audit(911.869:51647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 422.997855][ T39] audit: type=1326 audit(911.869:51648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 423.004007][ T39] audit: type=1326 audit(911.869:51649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 423.010015][ T39] audit: type=1326 audit(911.869:51650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 423.016901][ T39] audit: type=1326 audit(911.869:51651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 423.023173][ T39] audit: type=1326 audit(911.869:51652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 423.039381][ T39] audit: type=1326 audit(911.869:51653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18127 comm="syz.0.21230" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 423.444079][T18180] mkiss: ax0: crc mode is auto. [ 424.287129][T18212] ntfs3(nbd2): try to read out of volume at offset 0x0 [ 425.066583][T18252] team0: Port device team_slave_1 removed [ 425.252449][T18282] netlink: 'syz.2.21302': attribute type 9 has an invalid length. [ 425.298364][T18288] netlink: 24 bytes leftover after parsing attributes in process `syz.2.21305'. [ 425.776176][ T67] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 425.784525][ T67] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 425.788439][ T67] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 425.793744][ T67] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 425.796990][ T67] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 425.800005][ T67] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 425.823402][T18321] wlan0 speed is unknown, defaulting to 1000 [ 425.832427][T18321] wg1 speed is unknown, defaulting to 1000 [ 425.928896][T18321] chnl_net:caif_netlink_parms(): no params data found [ 425.999388][T18321] bridge0: port 1(bridge_slave_0) entered blocking state [ 426.002133][T18321] bridge0: port 1(bridge_slave_0) entered disabled state [ 426.005076][T18321] bridge_slave_0: entered allmulticast mode [ 426.009057][T18321] bridge_slave_0: entered promiscuous mode [ 426.012995][T18321] bridge0: port 2(bridge_slave_1) entered blocking state [ 426.015842][T18321] bridge0: port 2(bridge_slave_1) entered disabled state [ 426.024103][T18321] bridge_slave_1: entered allmulticast mode [ 426.027533][T18321] bridge_slave_1: entered promiscuous mode [ 426.065354][T18321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 426.071351][T18321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 426.112026][T18321] team0: Port device team_slave_0 added [ 426.120432][T18321] team0: Port device team_slave_1 added [ 426.153623][T18321] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 426.156529][T18321] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 426.166929][T18321] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 426.172636][T18321] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 426.175406][T18321] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 426.185894][T18321] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 426.229193][T18321] hsr_slave_0: entered promiscuous mode [ 426.232211][T18321] hsr_slave_1: entered promiscuous mode [ 426.234720][T18321] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 426.237571][T18321] Cannot create hsr debugfs directory [ 426.432027][T18351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.21330'. [ 426.436574][T18351] netlink: 'syz.1.21330': attribute type 20 has an invalid length. [ 426.440157][T18351] netlink: 'syz.1.21330': attribute type 21 has an invalid length. [ 426.671123][T18321] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 426.674573][T18321] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 426.679326][T18321] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 426.697174][T18321] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 426.737928][T18321] 8021q: adding VLAN 0 to HW filter on device bond0 [ 426.747845][T18321] 8021q: adding VLAN 0 to HW filter on device team0 [ 426.753635][T12982] bridge0: port 1(bridge_slave_0) entered blocking state [ 426.756346][T12982] bridge0: port 1(bridge_slave_0) entered forwarding state [ 426.767555][T12982] bridge0: port 2(bridge_slave_1) entered blocking state [ 426.769546][T12982] bridge0: port 2(bridge_slave_1) entered forwarding state [ 426.865706][T18321] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 426.884180][T18321] veth0_vlan: entered promiscuous mode [ 426.889873][T18321] veth1_vlan: entered promiscuous mode [ 426.898416][T18321] veth0_macvtap: entered promiscuous mode [ 426.908067][T18321] veth1_macvtap: entered promiscuous mode [ 426.914054][T18321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 426.917910][T18321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.920959][T18321] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 426.925032][T18321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.928089][T18321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.930521][T18321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 426.933124][T18321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 426.936249][T18321] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 426.940287][T18321] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 426.942769][T18321] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 426.944968][T18321] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 426.947360][T18321] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 427.039598][T12950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 427.043248][T12950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 427.056189][T12953] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 427.059107][T12953] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 427.360102][T18422] netlink: 11 bytes leftover after parsing attributes in process `syz.0.21358'. [ 427.362806][T18422] netlink: 20 bytes leftover after parsing attributes in process `syz.0.21358'. [ 427.795767][T18451] netlink: 16 bytes leftover after parsing attributes in process `syz.2.21372'. [ 427.855125][T18455] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 427.862371][T12953] Bluetooth: hci4: Frame reassembly failed (-84) [ 427.878093][T12953] IPVS: sh: FWM 3 0x00000003 - no destination available [ 427.962677][ T6227] Bluetooth: hci0: command tx timeout [ 428.120385][T18465] netlink: 'syz.1.21379': attribute type 1 has an invalid length. [ 428.881881][ T6174] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 428.942299][T18494] futex_wake_op: syz.4.21393 tries to shift op by 32; fix this program [ 429.043750][ T6174] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 429.046476][ T6174] usb 5-1: config 0 interface 0 has no altsetting 0 [ 429.051417][ T6174] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 429.054657][ T6174] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 429.056954][ T6174] usb 5-1: Product: syz [ 429.058153][ T6174] usb 5-1: Manufacturer: syz [ 429.059478][ T6174] usb 5-1: SerialNumber: syz [ 429.061834][ T6174] usb 5-1: config 0 descriptor?? [ 429.065515][ T6174] usb 5-1: selecting invalid altsetting 0 [ 429.341689][ T835] usb 5-1: USB disconnect, device number 22 [ 429.351138][T18513] netlink: 'syz.1.21400': attribute type 21 has an invalid length. [ 429.353605][T18513] netlink: 'syz.1.21400': attribute type 1 has an invalid length. [ 430.015112][ T6227] Bluetooth: hci4: command 0x1003 tx timeout [ 430.015150][ T67] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 430.186195][ T67] Bluetooth: hci0: command tx timeout [ 430.393450][T18559] Bluetooth: MGMT ver 1.23 [ 430.553418][T18580] netlink: 65047 bytes leftover after parsing attributes in process `syz.1.21431'. [ 430.607007][T18582] netlink: 424 bytes leftover after parsing attributes in process `syz.0.21432'. [ 430.609537][T18582] netlink: 424 bytes leftover after parsing attributes in process `syz.0.21432'. [ 430.669959][T18593] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21438'. [ 430.674324][T18593] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21438'. [ 430.682761][T27819] hid-generic 0000:0003:0000.000E: unknown main item tag 0x0 [ 430.684989][T27819] hid-generic 0000:0003:0000.000E: unknown main item tag 0x0 [ 430.690747][T27819] hid-generic 0000:0003:0000.000E: hidraw0: HID v0.00 Device [syz0] on syz1 [ 431.244747][T27819] usb 6-1: new low-speed USB device number 19 using dummy_hcd [ 431.417062][T27819] usb 6-1: config 0 has an invalid interface number: 55 but max is 0 [ 431.420131][T27819] usb 6-1: config 0 has no interface number 0 [ 431.422416][T27819] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 431.426796][T27819] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 431.430605][T27819] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 431.434799][T27819] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 431.439740][T27819] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 431.443597][T27819] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 431.448644][T27819] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 431.451925][T27819] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 431.456153][T27819] usb 6-1: config 0 descriptor?? [ 431.458746][T18621] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 431.464018][T18621] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 431.468226][T27819] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 431.750718][ T64] usb 6-1: USB disconnect, device number 19 [ 431.753651][ T64] ldusb 6-1:0.55: LD USB Device #0 now disconnected [ 432.409802][ T67] Bluetooth: hci0: command tx timeout [ 433.816442][T18737] batman_adv: batadv0: Adding interface: macsec0 [ 433.818480][T18737] batman_adv: batadv0: The MTU of interface macsec0 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 433.830237][T18737] batman_adv: batadv0: Interface activated: macsec0 [ 434.035086][T12951] IPVS: sh: FWM 3 0x00000003 - no destination available [ 434.435754][T18766] netlink: 8 bytes leftover after parsing attributes in process `syz.2.21516'. [ 434.439414][T18766] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21516'. [ 434.560978][T18780] netlink: 'syz.1.21523': attribute type 2 has an invalid length. [ 434.644839][ T67] Bluetooth: hci0: command tx timeout [ 434.829754][T18817] netlink: 'syz.4.21541': attribute type 14 has an invalid length. [ 435.182394][T18862] dlm: non-version read from control device 34 [ 435.318985][T18877] 9pnet: p9_errstr2errno: server reported unknown error [ 435.652204][T18897] vivid-009: disconnect [ 435.654597][T18896] vivid-009: reconnect [ 435.876814][T18913] can0: slcan on ptm0. [ 435.938239][T18913] can0 (unregistered): slcan off ptm0. [ 435.942739][T18913] mkiss: ax0: crc mode is auto. [ 436.702773][T18977] netlink: 16 bytes leftover after parsing attributes in process `syz.0.21615'. [ 436.706481][T18977] netem: invalid attributes len -14 [ 436.709841][T18977] netem: change failed [ 436.994044][T19015] net veth1_virt_wifi : renamed from virt_wifi0 [ 437.010640][T19017] netlink: 133 bytes leftover after parsing attributes in process `syz.4.21635'. [ 437.161408][T19028] bridge0: entered promiscuous mode [ 437.163511][T19028] bridge0: entered allmulticast mode [ 437.827818][T19061] netlink: 14 bytes leftover after parsing attributes in process `syz.0.21656'. [ 437.894430][T19067] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method [ 437.986255][T19075] netlink: 'syz.1.21669': attribute type 8 has an invalid length. [ 438.830090][T19135] sp0: Synchronizing with TNC [ 438.995255][ T6227] Bluetooth: hci0: command 0x0405 tx timeout [ 439.105177][T19153] netlink: 4 bytes leftover after parsing attributes in process `syz.4.21698'. [ 440.193525][T12953] IPVS: sh: FWM 3 0x00000003 - no destination available [ 440.214029][T27819] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 440.374344][T27819] usb 5-1: Using ep0 maxpacket: 8 [ 440.377822][T27819] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 440.381569][T27819] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 440.385094][T27819] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 440.389179][T27819] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 440.393270][T27819] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 440.396836][T27819] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 440.402677][T27819] hub 5-1:1.0: bad descriptor, ignoring hub [ 440.405292][T27819] hub 5-1:1.0: probe with driver hub failed with error -5 [ 440.408387][T27819] cdc_wdm 5-1:1.0: skipping garbage [ 440.409915][T27819] cdc_wdm 5-1:1.0: skipping garbage [ 440.411897][T27819] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 440.413687][T27819] cdc_wdm 5-1:1.0: Unknown control protocol [ 440.727244][T18386] usb 5-1: USB disconnect, device number 23 [ 442.608689][ T39] kauditd_printk_skb: 14 callbacks suppressed [ 442.608704][ T39] audit: type=1326 audit(930.306:51668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19318 comm="syz.0.21775" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f22579 code=0x7ffc0000 [ 442.621979][ T39] audit: type=1326 audit(930.316:51669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19318 comm="syz.0.21775" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f225a7 code=0x7ffc0000 [ 442.627902][ T39] audit: type=1326 audit(930.316:51670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19318 comm="syz.0.21775" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f22579 code=0x7ffc0000 [ 442.637094][ T39] audit: type=1326 audit(930.316:51671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19318 comm="syz.0.21775" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f225a7 code=0x7ffc0000 [ 442.644873][ T39] audit: type=1326 audit(930.316:51672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19318 comm="syz.0.21775" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f22579 code=0x7ffc0000 [ 442.654650][ T39] audit: type=1326 audit(930.316:51673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19318 comm="syz.0.21775" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f225a7 code=0x7ffc0000 [ 442.663198][ T39] audit: type=1326 audit(930.316:51674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19318 comm="syz.0.21775" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000 [ 442.671011][ T39] audit: type=1326 audit(930.316:51675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19318 comm="syz.0.21775" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000 [ 442.682306][ T39] audit: type=1326 audit(930.316:51676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19318 comm="syz.0.21775" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000 [ 442.689559][ T39] audit: type=1326 audit(930.325:51677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19318 comm="syz.0.21775" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f22579 code=0x7ffc0000 [ 442.859827][T19332] syz.1.21788: attempt to access beyond end of device [ 442.859827][T19332] mtdblock0: rw=2048, sector=3656, nr_sectors = 8 limit=256 [ 442.925961][T19340] netlink: 4 bytes leftover after parsing attributes in process `syz.0.21790'. [ 445.216626][T19402] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21814'. [ 445.975141][T19457] sp0: Synchronizing with TNC [ 446.076009][T19464] input: syz1 as /devices/virtual/input/input68 [ 446.181599][T19476] team0: entered promiscuous mode [ 446.183068][T19476] team_slave_0: entered promiscuous mode [ 446.186036][T19474] team0: left promiscuous mode [ 446.187977][T19474] team_slave_0: left promiscuous mode [ 446.275961][T19480] loop6: detected capacity change from 524288000 to 0 [ 446.276131][T19489] netlink: 68 bytes leftover after parsing attributes in process `syz.4.21855'. [ 446.290782][T15334] kernel read not supported for file /vbi0 (pid: 15334 comm: kworker/1:5) [ 446.347845][T19497] netlink: 8 bytes leftover after parsing attributes in process `syz.2.21858'. [ 446.351850][T12950] IPVS: sh: FWM 3 0x00000003 - no destination available [ 446.634764][T19525] input: syz0 as /devices/virtual/input/input69 [ 446.985938][T19552] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 447.402473][T19575] netlink: 16 bytes leftover after parsing attributes in process `syz.0.21894'. [ 447.802821][T19609] bridge0: entered allmulticast mode [ 447.922191][T18386] kernel read not supported for file /dsp (pid: 18386 comm: kworker/2:3) [ 448.009759][T19625] netlink: 8 bytes leftover after parsing attributes in process `syz.0.21915'. [ 448.014210][T19627] netlink: 4 bytes leftover after parsing attributes in process `syz.1.21916'. [ 448.042437][T19629] bridge_slave_0: invalid flags given to default FDB implementation [ 448.587216][T19680] bridge_slave_0: default FDB implementation only supports local addresses [ 448.746609][ T39] kauditd_printk_skb: 2997 callbacks suppressed [ 448.746631][ T39] audit: type=1326 audit(936.050:54675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19691 comm="syz.1.21949" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 448.755047][ T39] audit: type=1326 audit(936.050:54676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19691 comm="syz.1.21949" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 448.764194][ T39] audit: type=1326 audit(936.068:54677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19691 comm="syz.1.21949" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 448.772481][ T39] audit: type=1326 audit(936.068:54678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19691 comm="syz.1.21949" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 448.780842][ T39] audit: type=1326 audit(936.068:54679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19691 comm="syz.1.21949" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 448.790109][ T39] audit: type=1326 audit(936.068:54680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19691 comm="syz.1.21949" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 448.796847][ T39] audit: type=1326 audit(936.068:54681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19691 comm="syz.1.21949" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 448.804433][ T39] audit: type=1326 audit(936.068:54682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19691 comm="syz.1.21949" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 448.811372][ T39] audit: type=1326 audit(936.068:54683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19691 comm="syz.1.21949" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 448.976552][T19713] netlink: 16 bytes leftover after parsing attributes in process `syz.1.21957'. [ 448.980241][T19713] netem: invalid attributes len -14 [ 448.982274][T19713] netem: change failed [ 449.196766][T19727] input: syz1 as /devices/virtual/input/input70 [ 449.432981][T19747] net veth1_virt_wifi : renamed from virt_wifi0 [ 449.462796][T19749] netlink: 133 bytes leftover after parsing attributes in process `syz.0.21976'. [ 449.485859][T19751] bridge0: entered promiscuous mode [ 449.488081][T19751] bridge0: entered allmulticast mode [ 449.701919][T19766] vivid-003: disconnect [ 449.887727][T19775] Bluetooth: hci5: Frame reassembly failed (-84) [ 450.536751][T19763] vivid-003: reconnect [ 450.728065][T19799] syz.1.21999 (19799): drop_caches: 2 [ 450.799637][T19805] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 450.968814][ T67] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 452.080510][ T6227] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 452.081104][T19776] Bluetooth: hci5: command 0x1003 tx timeout [ 452.146697][T19857] netlink: 4 bytes leftover after parsing attributes in process `syz.4.22024'. [ 452.169928][T19859] bridge_slave_0: default FDB implementation only supports local addresses [ 452.207114][T19863] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 452.286334][T19865] bpf: Bad value for 'gid' [ 452.456330][T19883] bridge_slave_0: default FDB implementation only supports local addresses [ 452.490999][T19886] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 452.508378][T12972] IPVS: sh: FWM 3 0x00000003 - no destination available [ 453.610537][T19922] sp0: Synchronizing with TNC [ 453.705638][ T67] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 453.949212][T19954] netlink: 'syz.0.22072': attribute type 1 has an invalid length. [ 453.968773][T19955] netlink: 20 bytes leftover after parsing attributes in process `syz.1.22071'. [ 454.149839][T19985] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 454.356505][T20011] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 454.455094][T20025] lo: left promiscuous mode [ 454.913048][ T39] audit: type=1326 audit(941.812:54684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20056 comm="syz.1.22120" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f95579 code=0x0 [ 455.473483][T20103] team0: Device gtp0 is of different type [ 455.540644][T20106] netlink: 84 bytes leftover after parsing attributes in process `syz.4.22142'. [ 455.872802][ T39] audit: type=1326 audit(942.710:54685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20139 comm="syz.2.22158" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x0 [ 455.893035][T20142] sp0: Synchronizing with TNC [ 456.105377][ T39] audit: type=1326 audit(942.934:54686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20163 comm="syz.4.22168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000 [ 456.112726][ T39] audit: type=1326 audit(942.934:54687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20163 comm="syz.4.22168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000 [ 456.118783][ T39] audit: type=1326 audit(942.943:54688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20163 comm="syz.4.22168" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f22579 code=0x7ffc0000 [ 456.124820][ T39] audit: type=1326 audit(942.943:54689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20163 comm="syz.4.22168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000 [ 456.130534][ T39] audit: type=1326 audit(942.943:54690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20163 comm="syz.4.22168" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7ffc0000 [ 456.136594][ T39] audit: type=1326 audit(942.943:54691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20163 comm="syz.4.22168" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7f22579 code=0x7ffc0000 [ 456.142321][ T39] audit: type=1326 audit(942.943:54692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20163 comm="syz.4.22168" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f22579 code=0x7ffc0000 [ 456.148396][ T39] audit: type=1326 audit(942.943:54693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20163 comm="syz.4.22168" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f225a7 code=0x7ffc0000 [ 457.236088][T20181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 457.239029][T20181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.241769][T20181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 457.244834][T20181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.355283][T20193] netlink: 8 bytes leftover after parsing attributes in process `syz.0.22179'. [ 457.478419][T20206] bpq0: entered allmulticast mode [ 457.518922][T20211] netlink: 8 bytes leftover after parsing attributes in process `syz.4.22190'. [ 457.521621][T20211] netlink: 24 bytes leftover after parsing attributes in process `syz.4.22190'. [ 457.625674][T20223] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22194'. [ 457.630402][T20223] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3b) already exists on: macsec0 [ 457.633288][T20223] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 457.669401][T20229] netlink: 1284 bytes leftover after parsing attributes in process `syz.4.22199'. [ 457.673229][T20229] openvswitch: netlink: Missing key (keys=40, expected=80) [ 457.822388][T20247] netlink: 'syz.4.22208': attribute type 5 has an invalid length. [ 457.907049][T12953] IPVS: sh: FWM 3 0x00000003 - no destination available [ 459.451375][T20302] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22232'. [ 459.541357][ T64] kernel write not supported for file /input/mouse0 (pid: 64 comm: kworker/2:1) [ 460.025769][T20346] gtp1: entered promiscuous mode [ 460.027731][T20346] gtp1: entered allmulticast mode [ 460.128815][T20358] ax25_connect(): syz.0.22259 uses autobind, please contact jreuter@yaina.de [ 460.275027][T20371] netlink: 'syz.1.22265': attribute type 2 has an invalid length. [ 460.280452][ T6174] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 460.337902][T20379] netlink: 28 bytes leftover after parsing attributes in process `syz.1.22268'. [ 460.415969][T20385] netlink: 4 bytes leftover after parsing attributes in process `syz.0.22271'. [ 460.451297][ T6174] usb 7-1: Using ep0 maxpacket: 32 [ 460.457326][T20348] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 460.464621][T20348] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 460.468427][ T6174] usb 7-1: unable to get BOS descriptor or descriptor too short [ 460.479023][ T6174] usb 7-1: unable to read config index 0 descriptor/start: -71 [ 460.482048][ T6174] usb 7-1: can't read configurations, error -71 [ 460.514739][T20392] lo speed is unknown, defaulting to 1000 [ 460.516903][T20392] lo speed is unknown, defaulting to 1000 [ 460.518724][T20392] lo speed is unknown, defaulting to 1000 [ 460.523257][T20392] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 460.531108][T20392] lo speed is unknown, defaulting to 1000 [ 460.533139][T20392] lo speed is unknown, defaulting to 1000 [ 460.535114][T20392] lo speed is unknown, defaulting to 1000 [ 460.538565][T20392] lo speed is unknown, defaulting to 1000 [ 460.540570][T20392] lo speed is unknown, defaulting to 1000 [ 461.320186][ T6227] Bluetooth: hci0: command 0x0405 tx timeout [ 462.126146][T20439] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 462.126192][T20444] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 462.132331][T20444] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 462.185555][ T39] kauditd_printk_skb: 3454 callbacks suppressed [ 462.185571][ T39] audit: type=1326 audit(948.621:58148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20471 comm="syz.4.22312" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f22579 code=0x0 [ 462.907300][T27819] kernel write not supported for file /sequencer (pid: 27819 comm: kworker/1:4) [ 463.104332][T20538] netlink: 20 bytes leftover after parsing attributes in process `syz.4.22343'. [ 463.426513][T20554] Attempt to restore checkpoint with obsolete wellknown handles [ 463.551579][ T67] Bluetooth: hci2: command 0x0c1a tx timeout [ 463.841443][ T6227] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 463.846879][ T6227] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 463.852340][ T6227] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 463.856468][ T6227] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 463.872255][ T6227] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 463.875482][ T6227] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 463.917102][T20569] wlan0 speed is unknown, defaulting to 1000 [ 463.919950][T20569] wg1 speed is unknown, defaulting to 1000 [ 463.931733][T20569] lo speed is unknown, defaulting to 1000 [ 464.140109][T12950] IPVS: sh: FWM 3 0x00000003 - no destination available [ 464.311863][T12953] dvmrp0 (unregistering): left allmulticast mode [ 464.328135][T12953] dvmrp9 (unregistering): left allmulticast mode [ 465.363935][T12953] bond0 (unregistering): left promiscuous mode [ 465.366501][T12953] bond_slave_0: left promiscuous mode [ 465.369103][T12953] bond_slave_1: left promiscuous mode [ 465.372740][T12953] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 465.378642][T12953] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 465.384481][T12953] bond0 (unregistering): Released all slaves [ 465.391811][T12953] bond1 (unregistering): Released all slaves [ 465.398708][T12953] bond2 (unregistering): Released all slaves [ 465.592348][T12953] bond3 (unregistering): Released all slaves [ 465.785541][T12953] bond4 (unregistering): Released all slaves [ 465.793998][T12953] bond5 (unregistering): Released all slaves [ 465.859279][T20606] Falling back ldisc for ttyprintk. [ 465.974170][T12953] bond6 (unregistering): Released all slaves [ 465.979073][T12953] bond7 (unregistering): Released all slaves [ 466.051804][T20624] input: syz0 as /devices/virtual/input/input71 [ 466.061510][T20625] netlink: 4 bytes leftover after parsing attributes in process `syz.0.22381'. [ 466.099992][T12953] : left promiscuous mode [ 466.118173][ T67] Bluetooth: hci3: command tx timeout [ 466.131636][T20569] chnl_net:caif_netlink_parms(): no params data found [ 466.194189][ T1416] aoe: packet could not be sent on bond0. consider increasing tx_queue_len [ 466.256372][T12953] tipc: Disabling bearer [ 466.275307][T12953] tipc: Disabling bearer [ 466.280043][T12953] tipc: Left network mode [ 466.332208][T20569] bridge0: port 1(bridge_slave_0) entered blocking state [ 466.334301][T20569] bridge0: port 1(bridge_slave_0) entered disabled state [ 466.336404][T20569] bridge_slave_0: entered allmulticast mode [ 466.338594][T20569] bridge_slave_0: entered promiscuous mode [ 466.341167][T20569] bridge0: port 2(bridge_slave_1) entered blocking state [ 466.343776][T20569] bridge0: port 2(bridge_slave_1) entered disabled state [ 466.345912][T20569] bridge_slave_1: entered allmulticast mode [ 466.348350][T20569] bridge_slave_1: entered promiscuous mode [ 466.388966][T20647] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 466.393539][T20569] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 466.404425][T20569] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 466.467852][T20569] team0: Port device team_slave_0 added [ 466.493104][T20569] team0: Port device team_slave_1 added [ 466.520628][T20569] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 466.523354][T20569] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 466.533278][T20569] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 466.540355][T20569] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 466.543132][T20569] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 466.553083][T20569] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 466.616484][T20569] hsr_slave_0: entered promiscuous mode [ 466.619160][T20569] hsr_slave_1: entered promiscuous mode [ 466.621875][T20569] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 466.624952][T20569] Cannot create hsr debugfs directory [ 466.760353][T20664] ALSA: mixer_oss: invalid OSS volume 'DIGTAL1' [ 466.778625][T20569] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 466.783336][T20569] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 466.788438][T20569] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 466.793625][T20569] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 466.801136][T20666] bridge_slave_0: default FDB implementation only supports local addresses [ 466.816689][T20569] bridge0: port 2(bridge_slave_1) entered blocking state [ 466.819339][T20569] bridge0: port 2(bridge_slave_1) entered forwarding state [ 466.822196][T20569] bridge0: port 1(bridge_slave_0) entered blocking state [ 466.825029][T20569] bridge0: port 1(bridge_slave_0) entered forwarding state [ 466.867212][T12953] batadv0: left promiscuous mode [ 466.874376][T12953] hsr_slave_0: left promiscuous mode [ 466.878699][T12953] hsr_slave_1: left promiscuous mode [ 466.881031][T12953] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 466.883766][T12953] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 466.897170][T12953] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 466.901685][T12953] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 466.905146][T12953] batman_adv: batadv0: Interface deactivated: vlan1 [ 466.907871][T12953] batman_adv: batadv0: Removing interface: vlan1 [ 466.911038][T12953] batman_adv: batadv0: Removing interface: macvtap0 [ 466.942030][T12953] veth1_vlan: left promiscuous mode [ 466.944005][T12953] veth0_vlan: left promiscuous mode [ 468.340903][ T67] Bluetooth: hci3: command tx timeout [ 468.853356][T20674] netlink: 52 bytes leftover after parsing attributes in process `syz.0.22403'. [ 468.861341][ T6174] lo speed is unknown, defaulting to 1000 [ 468.868555][T12982] bridge0: port 1(bridge_slave_0) entered disabled state [ 468.877252][T12982] bridge0: port 2(bridge_slave_1) entered disabled state [ 468.908501][T20569] 8021q: adding VLAN 0 to HW filter on device bond0 [ 468.917667][T20569] 8021q: adding VLAN 0 to HW filter on device team0 [ 468.922880][T13004] bridge0: port 1(bridge_slave_0) entered blocking state [ 468.924907][T13004] bridge0: port 1(bridge_slave_0) entered forwarding state [ 468.932045][T12950] bridge0: port 2(bridge_slave_1) entered blocking state [ 468.934689][T12950] bridge0: port 2(bridge_slave_1) entered forwarding state [ 468.985505][T20688] misc userio: Can't change port type on an already running userio instance [ 469.064312][T20569] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 469.178379][T20569] veth0_vlan: entered promiscuous mode [ 469.182348][T20569] veth1_vlan: entered promiscuous mode [ 469.200475][T20569] veth0_macvtap: entered promiscuous mode [ 469.211474][T20569] veth1_macvtap: entered promiscuous mode [ 469.219398][T20569] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 469.222353][T20569] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.225625][T20569] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 469.240916][T20569] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.244646][T20569] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.247341][T20569] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 469.260268][T20569] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 469.263798][T20569] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 469.267030][T20569] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.269501][T20569] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.272455][T20569] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.274819][T20569] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 469.282660][T20706] can0: slcan on ttyS3. [ 469.332054][T13004] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 469.340180][T13004] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 469.352924][T12953] IPVS: stop unused estimator thread 0... [ 469.354896][T13004] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 469.358500][T13004] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 469.389218][T20706] can0 (unregistered): slcan off ttyS3. [ 469.406392][T20713] netlink: 12 bytes leftover after parsing attributes in process `syz.0.22417'. [ 469.528427][T12950] IPVS: sh: FWM 3 0x00000003 - no destination available [ 469.531859][T20734] netlink: 'syz.4.22425': attribute type 1 has an invalid length. [ 469.661736][T20750] netlink: 16 bytes leftover after parsing attributes in process `syz.5.22440'. [ 469.897088][T20765] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 469.901735][T27819] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 469.926048][T20768] netlink: 40 bytes leftover after parsing attributes in process `syz.2.22442'. [ 469.934753][T18386] e1000 0000:00:06.0 eth0: Reset adapter [ 470.023901][T20775] overlayfs: missing 'workdir' [ 470.072843][T27819] usb 5-1: Using ep0 maxpacket: 8 [ 470.076373][T27819] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 470.078576][T27819] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 470.081848][T27819] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 470.085213][T20771] wlan0 speed is unknown, defaulting to 1000 [ 470.085905][T20771] wg1 speed is unknown, defaulting to 1000 [ 470.087301][T27819] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 470.093268][T27819] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 470.098356][T27819] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 470.101295][T27819] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 470.105778][T27819] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 470.110142][T27819] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 470.114203][T27819] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 470.130025][T27819] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 470.132198][T27819] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 470.135250][T27819] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 470.145850][T27819] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 470.150213][T27819] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 470.155757][T27819] usb 5-1: string descriptor 0 read error: -22 [ 470.157554][T27819] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 470.160423][T27819] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 470.165164][T27819] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 470.391000][ T6257] usb 5-1: USB disconnect, device number 24 [ 470.555770][ T67] Bluetooth: hci3: command tx timeout [ 472.265788][T27819] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 472.391221][T20784] batadv_slave_1: entered promiscuous mode [ 472.396206][T20783] batadv_slave_1: left promiscuous mode [ 472.433197][T20793] vcan0: tx drop: invalid da for name 0x0000000000000002 [ 472.442777][T20794] vlan2: entered allmulticast mode [ 472.444628][T20794] mac80211_hwsim hwsim33 wlan0: entered allmulticast mode [ 472.452468][T20794] mac80211_hwsim hwsim33 wlan0: left allmulticast mode [ 472.602873][ T39] audit: type=1326 audit(958.368:58149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20806 comm="syz.5.22459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 472.608685][ T39] audit: type=1326 audit(958.368:58150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20806 comm="syz.5.22459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 472.614509][ T39] audit: type=1326 audit(958.368:58151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20806 comm="syz.5.22459" exe="/syz-executor" sig=0 arch=40000003 syscall=42 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 472.627824][ T39] audit: type=1326 audit(958.368:58152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20806 comm="syz.5.22459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 472.633572][ T39] audit: type=1326 audit(958.368:58153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20806 comm="syz.5.22459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 472.651395][ T39] audit: type=1326 audit(958.368:58154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20806 comm="syz.5.22459" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 472.660262][ T39] audit: type=1326 audit(958.368:58155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20806 comm="syz.5.22459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 472.668093][ T39] audit: type=1326 audit(958.368:58156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20806 comm="syz.5.22459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 472.677112][ T39] audit: type=1326 audit(958.368:58157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20806 comm="syz.5.22459" exe="/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 472.684926][ T39] audit: type=1326 audit(958.368:58158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20806 comm="syz.5.22459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 472.777829][ T67] Bluetooth: hci3: command tx timeout [ 472.809784][T20816] sr 2:0:0:0: [sr0] CDROM not ready. Make sure there is a disc in the drive. [ 472.989032][T20837] netlink: 8 bytes leftover after parsing attributes in process `syz.2.22473'. [ 472.993370][T20837] netlink: 'syz.2.22473': attribute type 21 has an invalid length. [ 472.997533][T20841] netlink: 'syz.4.22475': attribute type 1 has an invalid length. [ 472.999719][T20841] netlink: 'syz.4.22475': attribute type 4 has an invalid length. [ 473.001809][T20841] netlink: 192 bytes leftover after parsing attributes in process `syz.4.22475'. [ 473.368655][T20881] netlink: 8 bytes leftover after parsing attributes in process `syz.2.22495'. [ 473.372935][T20881] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3b) already exists on: macsec0 [ 473.376050][T20881] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 473.380757][T20881] macsec0: entered promiscuous mode [ 473.462845][T20891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 473.467549][T20891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 473.471661][T20891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 473.476038][T20891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 473.878675][ T836] usb 7-1: new full-speed USB device number 23 using dummy_hcd [ 474.040336][ T836] usb 7-1: config 7 has an invalid interface number: 34 but max is 0 [ 474.043291][ T836] usb 7-1: config 7 has no interface number 0 [ 474.048451][ T836] usb 7-1: New USB device found, idVendor=0fe9, idProduct=db51, bcdDevice=5e.35 [ 474.051866][ T836] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 474.054688][ T836] usb 7-1: Product: syz [ 474.056317][ T836] usb 7-1: Manufacturer: syz [ 474.058016][ T836] usb 7-1: SerialNumber: syz [ 474.538003][T20947] netlink: 'syz.5.22528': attribute type 2 has an invalid length. [ 474.541211][T20947] netlink: 92 bytes leftover after parsing attributes in process `syz.5.22528'. [ 474.876330][ T836] dvb-usb: found a 'DViCO FusionHDTV DVB-T Dual USB' in warm state. [ 474.883157][ T836] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 474.887416][ T836] dvb-usb: DViCO FusionHDTV DVB-T Dual USB error while loading driver (-19) [ 474.890294][ T836] dvb_usb_cxusb 7-1:7.34: probe with driver dvb_usb_cxusb failed with error -22 [ 475.094023][T18386] usb 7-1: USB disconnect, device number 23 [ 475.347031][ T6227] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 475.352818][ T6227] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 475.357408][ T6227] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 475.362165][ T6227] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 475.368680][ T6227] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 475.371715][ T6227] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 475.387741][T20984] wlan0 speed is unknown, defaulting to 1000 [ 475.389831][T20984] wg1 speed is unknown, defaulting to 1000 [ 475.443156][T20984] chnl_net:caif_netlink_parms(): no params data found [ 475.480812][T20984] bridge0: port 1(bridge_slave_0) entered blocking state [ 475.483531][T20984] bridge0: port 1(bridge_slave_0) entered disabled state [ 475.486194][T20984] bridge_slave_0: entered allmulticast mode [ 475.488837][T20984] bridge_slave_0: entered promiscuous mode [ 475.491935][T20984] bridge0: port 2(bridge_slave_1) entered blocking state [ 475.494949][T20984] bridge0: port 2(bridge_slave_1) entered disabled state [ 475.497546][T20984] bridge_slave_1: entered allmulticast mode [ 475.500158][T20984] bridge_slave_1: entered promiscuous mode [ 475.521656][T20984] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 475.526175][T20984] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 475.560859][T20984] team0: Port device team_slave_0 added [ 475.565835][T20984] team0: Port device team_slave_1 added [ 475.594818][T20984] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 475.597447][T20984] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 475.607259][T20984] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 475.614016][T20984] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 475.616646][T20984] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 475.627840][T20984] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 475.680934][T20984] hsr_slave_0: entered promiscuous mode [ 475.683261][T20984] hsr_slave_1: entered promiscuous mode [ 475.685173][T20984] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 475.687502][T20984] Cannot create hsr debugfs directory [ 475.771341][T12953] IPVS: sh: FWM 3 0x00000003 - no destination available [ 475.806065][T20984] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 475.833694][T20984] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 475.837220][T20984] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 475.866581][T20984] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 475.892259][T13004] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 475.950398][T20984] 8021q: adding VLAN 0 to HW filter on device bond0 [ 475.966454][T20984] 8021q: adding VLAN 0 to HW filter on device team0 [ 475.972915][T12982] bridge0: port 1(bridge_slave_0) entered blocking state [ 475.975760][T12982] bridge0: port 1(bridge_slave_0) entered forwarding state [ 475.983092][T12951] bridge0: port 2(bridge_slave_1) entered blocking state [ 475.985930][T12951] bridge0: port 2(bridge_slave_1) entered forwarding state [ 475.999503][T13004] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 476.047680][ T6227] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 476.053748][ T6227] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 476.054092][T13004] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 476.060344][ T6227] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 476.064008][ T6227] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 476.066901][ T6227] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 476.069771][ T6227] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 476.097855][T21006] wlan0 speed is unknown, defaulting to 1000 [ 476.104780][T21006] wg1 speed is unknown, defaulting to 1000 [ 476.135961][T13004] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 476.223018][T20984] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 476.250148][T21006] chnl_net:caif_netlink_parms(): no params data found [ 476.294221][T13004] erspan0: left allmulticast mode [ 476.299510][T13004] erspan0: left promiscuous mode [ 476.305111][T13004] bridge0: port 1(erspan0) entered disabled state [ 476.372774][T21025] overlayfs: workdir and upperdir must be separate subtrees [ 476.409512][T21027] netlink: 16 bytes leftover after parsing attributes in process `syz.0.22560'. [ 476.496484][T13004] smc: removing net device pim6reg0 with user defined pnetid SYZ1 [ 477.167324][T13004] bond0 (unregistering): left promiscuous mode [ 477.169982][T13004] bond0 (unregistering): Released all slaves [ 477.174388][T13004] bond1 (unregistering): Released all slaves [ 477.181331][T13004] bond2 (unregistering): Released all slaves [ 477.188500][T13004] bond3 (unregistering): Released all slaves [ 477.194459][T13004] bond4 (unregistering): Released all slaves [ 477.366175][T13004] bond5 (unregistering): Released all slaves [ 477.373041][T13004] bond6 (unregistering): Released all slaves [ 477.526419][T13004] bond7 (unregistering): Released all slaves [ 477.532814][T13004] bond8 (unregistering): Released all slaves [ 477.539454][T13004] bond9 (unregistering): Released all slaves [ 477.545917][T13004] bond10 (unregistering): Released all slaves [ 477.550643][T13004] bond11 (unregistering): Released all slaves [ 477.554968][T13004] bond12 (unregistering): Released all slaves [ 477.562659][T13004] bond13 (unregistering): Released all slaves [ 477.566975][ T67] Bluetooth: hci3: command tx timeout [ 477.693666][T21006] bridge0: port 1(bridge_slave_0) entered blocking state [ 477.706926][T21006] bridge0: port 1(bridge_slave_0) entered disabled state [ 477.709765][T21006] bridge_slave_0: entered allmulticast mode [ 477.715352][T21006] bridge_slave_0: entered promiscuous mode [ 477.719537][T21006] bridge0: port 2(bridge_slave_1) entered blocking state [ 477.722436][T21006] bridge0: port 2(bridge_slave_1) entered disabled state [ 477.725426][T21006] bridge_slave_1: entered allmulticast mode [ 477.728828][T21006] bridge_slave_1: entered promiscuous mode [ 477.782333][T13004] : left promiscuous mode [ 477.862710][T21006] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 477.870414][T21006] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 477.874223][T21040] netlink: 4 bytes leftover after parsing attributes in process `syz.0.22564'. [ 477.943831][T21006] team0: Port device team_slave_0 added [ 477.944902][T13004] IPVS: stopping master sync thread 13876 ... [ 477.948446][T21006] team0: Port device team_slave_1 added [ 477.954152][T21044] PKCS8: Unsupported PKCS#8 version [ 477.954450][T13004] IPVS: stopping backup sync thread 11124 ... [ 477.992817][T20984] veth0_vlan: entered promiscuous mode [ 477.996075][T21006] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 477.998664][T21006] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 478.008501][T21006] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 478.017931][T21006] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 478.020542][T21006] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 478.030419][T21006] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 478.069946][T20984] veth1_vlan: entered promiscuous mode [ 478.075132][T21006] hsr_slave_0: entered promiscuous mode [ 478.077791][T21006] hsr_slave_1: entered promiscuous mode [ 478.081103][T21006] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 478.086617][T21006] Cannot create hsr debugfs directory [ 478.192309][T20984] veth0_macvtap: entered promiscuous mode [ 478.195602][T20984] veth1_macvtap: entered promiscuous mode [ 478.204184][T20984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 478.207072][T20984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.210139][T20984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 478.213030][T20984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.216418][T20984] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 478.257185][T20984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 478.260113][T20984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.261894][ T67] Bluetooth: hci1: command tx timeout [ 478.266657][T20984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 478.266670][T20984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.266679][T20984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 478.266687][T20984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 478.267254][T20984] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 478.270456][T20984] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 478.285239][T20984] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 478.288313][T20984] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 478.288331][T20984] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 478.292984][T21006] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 478.315012][T21006] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 478.328664][T21006] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 478.334750][T21006] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 478.449655][T12953] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 478.451903][T12953] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.466619][T13004] batadv0: left promiscuous mode [ 478.471102][T13004] hsr_slave_0: left promiscuous mode [ 478.472953][T13004] hsr_slave_1: left promiscuous mode [ 478.474692][T13004] batman_adv: batadv0: Interface deactivated: macsec0 [ 478.476724][T13004] batman_adv: batadv0: Removing interface: macsec0 [ 478.495886][T13004] veth1_macvtap: left promiscuous mode [ 478.497739][T13004] veth1_vlan: left promiscuous mode [ 478.501134][T13004] @: left promiscuous mode [ 478.564042][T13004] pimreg3 (unregistering): left allmulticast mode [ 479.797413][ T67] Bluetooth: hci3: command tx timeout [ 480.474777][ T67] Bluetooth: hci1: command tx timeout [ 480.725574][T21067] netlink: 4 bytes leftover after parsing attributes in process `syz.4.22575'. [ 480.746979][T12953] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 480.749197][T12953] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 480.791847][T21006] 8021q: adding VLAN 0 to HW filter on device bond0 [ 480.815604][T21006] 8021q: adding VLAN 0 to HW filter on device team0 [ 480.831352][T12982] bridge0: port 1(bridge_slave_0) entered blocking state [ 480.834631][T12982] bridge0: port 1(bridge_slave_0) entered forwarding state [ 480.851406][T12972] bridge0: port 2(bridge_slave_1) entered blocking state [ 480.853517][T12972] bridge0: port 2(bridge_slave_1) entered forwarding state [ 480.988997][T21006] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 481.079019][T21101] netlink: 1004 bytes leftover after parsing attributes in process `syz.0.22587'. [ 481.141690][T21006] veth0_vlan: entered promiscuous mode [ 481.146223][T21006] veth1_vlan: entered promiscuous mode [ 481.164139][T21006] veth0_macvtap: entered promiscuous mode [ 481.167718][T21006] veth1_macvtap: entered promiscuous mode [ 481.178655][T21006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.182523][T21006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.185407][T21006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.189138][T21006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.192368][T21006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.195674][T21006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.199024][T21006] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 481.205517][T13004] IPVS: stop unused estimator thread 0... [ 481.207558][T21006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.210488][T21006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.213941][T21006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.216945][T21006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.219642][T21006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.222564][T21006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.225712][T21006] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.228614][T21006] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.231960][T21006] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 481.240442][T21006] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.242900][T21006] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.247371][T21006] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.250294][T21006] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 481.296669][T12950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 481.303979][T12950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 481.326214][T12950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 481.328826][T12950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 481.397713][T12982] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 481.507289][T12982] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 481.526138][T21128] netlink: 4 bytes leftover after parsing attributes in process `syz.6.22597'. [ 481.530675][T21128] netlink: 104 bytes leftover after parsing attributes in process `syz.6.22597'. [ 481.538582][T21128] netlink: 104 bytes leftover after parsing attributes in process `syz.6.22597'. [ 481.622842][T12982] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 481.795535][T12982] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 481.892442][T21155] netlink: 8 bytes leftover after parsing attributes in process `syz.7.22609'. [ 481.971037][T12982] bridge_slave_1: left allmulticast mode [ 481.982311][T12982] bridge_slave_1: left promiscuous mode [ 481.983662][T21167] netlink: 4 bytes leftover after parsing attributes in process `syz.0.22615'. [ 481.985000][T12982] bridge0: port 2(bridge_slave_1) entered disabled state [ 481.999886][T12982] bridge_slave_0: left allmulticast mode [ 482.001995][T12982] bridge_slave_0: left promiscuous mode [ 482.006743][T12982] bridge0: port 1(bridge_slave_0) entered disabled state [ 482.025378][ T6227] Bluetooth: hci3: command tx timeout [ 482.054882][ T39] kauditd_printk_skb: 1 callbacks suppressed [ 482.054897][ T39] audit: type=1326 audit(967.208:58160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21164 comm="syz.6.22614" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc5598 code=0x7ffc0000 [ 482.068726][ T39] audit: type=1326 audit(967.208:58161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21164 comm="syz.6.22614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 482.081741][ T39] audit: type=1326 audit(967.208:58162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21164 comm="syz.6.22614" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc5598 code=0x7ffc0000 [ 482.089303][ T39] audit: type=1326 audit(967.208:58163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21164 comm="syz.6.22614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 482.096817][ T39] audit: type=1326 audit(967.208:58164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21164 comm="syz.6.22614" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc5598 code=0x7ffc0000 [ 482.104771][ T39] audit: type=1326 audit(967.208:58165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21164 comm="syz.6.22614" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc5598 code=0x7ffc0000 [ 482.112658][ T39] audit: type=1326 audit(967.208:58166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21164 comm="syz.6.22614" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 482.120219][ T39] audit: type=1326 audit(967.217:58167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21164 comm="syz.6.22614" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc5598 code=0x7ffc0000 [ 482.128591][ T39] audit: type=1326 audit(967.217:58168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21164 comm="syz.6.22614" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc5598 code=0x7ffc0000 [ 482.136202][ T39] audit: type=1326 audit(967.217:58169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21164 comm="syz.6.22614" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc5598 code=0x7ffc0000 [ 482.670005][T12982] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 482.677235][T12982] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 482.681705][T12982] bond0 (unregistering): Released all slaves [ 482.709949][ T6227] Bluetooth: hci1: command tx timeout [ 482.759803][T21216] vivid-004: disconnect [ 482.763385][T21215] vivid-004: reconnect [ 483.058846][T12982] hsr_slave_0: left promiscuous mode [ 483.060706][T12982] hsr_slave_1: left promiscuous mode [ 483.063153][T12982] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 483.065481][T12982] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 483.083697][T12982] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 483.085866][T12982] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 483.151073][T12982] veth1_macvtap: left promiscuous mode [ 483.152792][T12982] veth0_macvtap: left promiscuous mode [ 483.154400][T12982] veth1_vlan: left promiscuous mode [ 483.155911][T12982] veth0_vlan: left promiscuous mode [ 483.228630][T21260] ALSA: mixer_oss: invalid OSS volume '' [ 484.248563][ T6227] Bluetooth: hci3: command tx timeout [ 484.525569][T12982] team0 (unregistering): Port device team_slave_1 removed [ 484.683768][T12982] team0 (unregistering): Port device team_slave_0 removed [ 484.922128][ T6227] Bluetooth: hci1: command 0x0419 tx timeout [ 485.923171][T21253] netlink: 1036 bytes leftover after parsing attributes in process `syz.4.22656'. [ 485.928102][T21253] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 486.025012][T21276] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 486.027307][T21276] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 486.029666][T21276] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 486.032244][T21276] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 486.037720][T21276] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 486.048582][T21276] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 486.050695][T21276] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 486.054910][T21276] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 486.159122][T21296] netlink: 'syz.4.22672': attribute type 12 has an invalid length. [ 486.198841][T21298] netlink: 48 bytes leftover after parsing attributes in process `syz.0.22674'. [ 486.645870][T21356] netlink: 'syz.0.22701': attribute type 1 has an invalid length. [ 486.648021][T21356] netlink: 134708 bytes leftover after parsing attributes in process `syz.0.22701'. [ 486.976185][T21382] netlink: 1256 bytes leftover after parsing attributes in process `syz.6.22713'. [ 486.978960][T21382] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 487.012103][T21384] netlink: 4 bytes leftover after parsing attributes in process `syz.0.22721'. [ 487.084817][T21390] netlink: 'syz.0.22716': attribute type 1 has an invalid length. [ 487.189936][T21400] netlink: 4 bytes leftover after parsing attributes in process `syz.0.22722'. [ 487.345610][T21412] netlink: 48 bytes leftover after parsing attributes in process `syz.0.22728'. [ 487.644560][T21428] netlink: 20 bytes leftover after parsing attributes in process `syz.7.22736'. [ 487.791582][T21438] misc userio: Can't change port type on an already running userio instance [ 487.970955][T21442] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 488.039786][T21446] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 488.057037][T13004] Bluetooth: hci4: Frame reassembly failed (-84) [ 488.163775][T21453] ALSA: mixer_oss: invalid OSS volume 'DIGTAL1' [ 488.172014][ T6227] Bluetooth: hci2: command 0x0c1a tx timeout [ 488.172149][T19776] Bluetooth: hci3: command 0x0c1a tx timeout [ 488.268250][T19776] Bluetooth: hci1: command 0x0419 tx timeout [ 488.363716][T21470] netlink: 10 bytes leftover after parsing attributes in process `syz.7.22755'. [ 489.053600][T21510] netlink: 20 bytes leftover after parsing attributes in process `syz.7.22775'. [ 489.091958][T21516] netlink: 12 bytes leftover after parsing attributes in process `syz.6.22777'. [ 489.181290][T21526] team0: Device gtp0 is of different type [ 489.257318][T21528] serio: Serial port ptm1 [ 490.181646][T21581] sp0: Synchronizing with TNC [ 490.224722][T19776] Bluetooth: hci4: command 0x1003 tx timeout [ 490.228101][ T67] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 490.326017][T21585] openvswitch: netlink: nsh attribute has 24925 unknown bytes. [ 490.329043][T21585] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 490.354730][T21587] qrtr: Invalid version 0 [ 490.395715][ T67] Bluetooth: hci3: command 0x0c1a tx timeout [ 490.491931][ T67] Bluetooth: hci1: command 0x0419 tx timeout [ 490.515924][T21597] wlan0 speed is unknown, defaulting to 1000 [ 490.518904][T21597] wg1 speed is unknown, defaulting to 1000 [ 490.578556][T21604] ALSA: mixer_oss: invalid OSS volume '' [ 490.831226][T21621] netlink: 'syz.7.22825': attribute type 5 has an invalid length. [ 490.994335][T15334] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 491.039695][T21631] bond0: entered promiscuous mode [ 491.041231][T21631] bond_slave_0: entered promiscuous mode [ 491.042922][T21631] bond_slave_1: entered promiscuous mode [ 491.044851][T21631] macvlan2: entered promiscuous mode [ 491.046431][T21631] macvlan2: entered allmulticast mode [ 491.048384][T21631] bond0: entered allmulticast mode [ 491.050377][T21631] bond_slave_0: entered allmulticast mode [ 491.052585][T21631] bond_slave_1: entered allmulticast mode [ 491.055745][T21631] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 491.177758][T15334] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 491.181724][T15334] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 491.185310][T15334] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 491.190196][T15334] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 491.193568][T15334] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 491.198408][T15334] usb 5-1: config 0 descriptor?? [ 491.398122][T21641] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 491.638992][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.641967][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.644741][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.657808][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.661234][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.663960][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.666844][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.669809][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.672600][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.675435][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.678318][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.682080][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.684956][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.687730][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.690899][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.693725][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.696498][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.699353][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.702989][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.705729][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.708535][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.712868][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.715833][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.718637][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.721506][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.724861][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.727775][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.730537][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.733334][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.736054][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.738941][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.741737][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.747817][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.750740][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.753636][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.756423][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.759230][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.762058][T15334] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0 [ 491.770142][T15334] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving [ 491.781477][T15334] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.00 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 491.875973][T21660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 491.879850][T21660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.888530][T21660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 491.892611][T21660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.896677][T21660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 491.900556][T21660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.917556][ T64] usb 5-1: USB disconnect, device number 25 [ 491.948667][T21662] __nla_validate_parse: 3 callbacks suppressed [ 491.948682][T21662] netlink: 40 bytes leftover after parsing attributes in process `syz.6.22844'. [ 492.078378][T21670] ALSA: mixer_oss: invalid OSS volume '' [ 492.113795][T21672] netlink: 4 bytes leftover after parsing attributes in process `syz.6.22849'. [ 492.551705][T21677] snd_dummy snd_dummy.0: control 5:65279:0:syz0:0 is already present [ 492.619370][ T67] Bluetooth: hci3: command 0x0c1a tx timeout [ 492.704843][ T67] Bluetooth: hci1: command 0x0419 tx timeout [ 493.328038][T21693] netlink: 8 bytes leftover after parsing attributes in process `syz.6.22859'. [ 493.513879][T21714] netlink: 196 bytes leftover after parsing attributes in process `syz.0.22869'. [ 493.640675][T21725] netlink: 28 bytes leftover after parsing attributes in process `syz.7.22875'. [ 493.644321][T21725] bridge_slave_1: left allmulticast mode [ 493.646674][T21725] bridge_slave_1: left promiscuous mode [ 493.648848][T21725] bridge0: port 2(bridge_slave_1) entered disabled state [ 493.653049][T21725] bridge_slave_0: left allmulticast mode [ 493.655206][T21725] bridge_slave_0: left promiscuous mode [ 493.657765][T21725] bridge0: port 1(bridge_slave_0) entered disabled state [ 494.115965][T18386] usb 12-1: new high-speed USB device number 2 using dummy_hcd [ 494.277930][T18386] usb 12-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 494.282009][T18386] usb 12-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 494.285742][T18386] usb 12-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 494.289283][T18386] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 494.294038][T21731] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 494.298795][T18386] usb 12-1: Quirk or no altset; falling back to MIDI 1.0 [ 494.517693][T18386] usb 12-1: USB disconnect, device number 2 [ 494.613197][T21747] vivid-008: disconnect [ 494.615536][T21746] vivid-008: reconnect [ 494.905796][T21775] netem: change failed [ 494.976866][T21778] 8021q: adding VLAN 0 to HW filter on device bond1 [ 494.981011][T21778] bond0: (slave bond1): Enslaving as an active interface with an up link [ 495.002206][T21785] netlink: 100 bytes leftover after parsing attributes in process `syz.0.22902'. [ 495.432978][T21816] 8021q: adding VLAN 0 to HW filter on device bond1 [ 495.435334][T21816] bond1: entered promiscuous mode [ 495.436840][T21816] bond1: entered allmulticast mode [ 495.438608][T21816] bond0: (slave bond1): Enslaving as an active interface with an up link [ 495.622016][T21830] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 495.751659][ T6174] usb 5-1: new full-speed USB device number 26 using dummy_hcd [ 495.924595][ T6174] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 495.936491][ T6174] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 495.939933][ T6174] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 495.943177][ T6174] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 495.943619][T21845] program syz.6.22933 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 495.954477][ T6174] usb 5-1: config 0 descriptor?? [ 495.967817][ T6174] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 495.970508][ T6174] dvb-usb: bulk message failed: -22 (3/0) [ 495.977046][ T6174] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 495.982165][ T6174] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 495.985034][ T6174] usb 5-1: media controller created [ 495.988783][ T6174] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 495.994519][ T6174] dvb-usb: bulk message failed: -22 (6/0) [ 495.996888][ T6174] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 496.003482][ T6174] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb5/5-1/input/input74 [ 496.017025][ T6174] dvb-usb: schedule remote query interval to 150 msecs. [ 496.019902][ T6174] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 496.200165][ T6174] dvb-usb: bulk message failed: -22 (1/0) [ 496.206256][ T6174] dvb-usb: error while querying for an remote control event. [ 496.212275][ T6174] usb 5-1: USB disconnect, device number 26 acpid: input device has been disconnected, fd 9 [ 496.235897][ T6174] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 496.442327][T21857] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 496.444534][T21857] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 496.447216][T21857] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 496.620096][T21877] netlink: 16178 bytes leftover after parsing attributes in process `syz.7.22940'. [ 497.883295][T21896] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 497.888124][T21896] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 497.890816][T21896] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 498.608886][T21988] wlan0 speed is unknown, defaulting to 1000 [ 498.612011][T21988] wg1 speed is unknown, defaulting to 1000 [ 499.141340][T22027] wlan0 speed is unknown, defaulting to 1000 [ 499.145385][T22027] wg1 speed is unknown, defaulting to 1000 [ 499.205342][ T67] Bluetooth: hci2: command 0x0c1a tx timeout [ 499.326925][T22049] input: syz0 as /devices/virtual/input/input75 [ 499.329613][T22049] input: failed to attach handler leds to device input75, error: -6 [ 499.448114][T22057] wlan0 speed is unknown, defaulting to 1000 [ 499.452022][T22057] wg1 speed is unknown, defaulting to 1000 [ 499.694102][T22086] wlan0 speed is unknown, defaulting to 1000 [ 499.698969][T22086] wg1 speed is unknown, defaulting to 1000 [ 499.803546][ T35] usb 11-1: new high-speed USB device number 2 using dummy_hcd [ 499.963750][ T35] usb 11-1: Using ep0 maxpacket: 8 [ 499.967220][ T35] usb 11-1: config 168 descriptor has 1 excess byte, ignoring [ 499.969700][ T35] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 499.972976][ T35] usb 11-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 499.976363][ T35] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 499.979383][ T35] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 499.983330][ T35] usb 11-1: config 168 descriptor has 1 excess byte, ignoring [ 499.985583][ T35] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 499.989101][ T35] usb 11-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 499.992287][ T35] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 499.995351][ T35] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 499.999361][ T35] usb 11-1: config 168 descriptor has 1 excess byte, ignoring [ 500.001362][ T35] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 500.001457][T22100] wlan0 speed is unknown, defaulting to 1000 [ 500.004384][ T35] usb 11-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 500.004400][ T35] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 500.004413][ T35] usb 11-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 500.006886][ T35] usb 11-1: string descriptor 0 read error: -22 [ 500.006926][ T35] usb 11-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 500.006938][ T35] usb 11-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 500.009340][T22100] wg1 speed is unknown, defaulting to 1000 [ 500.012819][ T35] adutux 11-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 500.059992][ T67] Bluetooth: hci1: command 0x0419 tx timeout [ 500.060106][T19776] Bluetooth: hci3: command 0x0c1a tx timeout [ 500.234101][ T35] usb 11-1: USB disconnect, device number 2 [ 500.864225][T22134] wlan0 speed is unknown, defaulting to 1000 [ 500.867314][T22134] wg1 speed is unknown, defaulting to 1000 [ 500.936156][T22138] serio: Serial port ptm0 [ 501.146734][T22147] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 501.149406][T22147] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 501.457073][T22177] vlan3: entered allmulticast mode [ 501.458479][T22177] mac80211_hwsim hwsim35 wlan0: entered allmulticast mode [ 501.462073][T22177] mac80211_hwsim hwsim35 wlan0: left allmulticast mode [ 501.682362][T22200] wlan0 speed is unknown, defaulting to 1000 [ 501.684603][T22200] wg1 speed is unknown, defaulting to 1000 [ 502.252274][T22244] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes [ 502.286294][T22249] netlink: 8 bytes leftover after parsing attributes in process `syz.4.23096'. [ 503.968043][T22354] netlink: 8 bytes leftover after parsing attributes in process `syz.6.23139'. [ 503.970727][T22354] netlink: 'syz.6.23139': attribute type 5 has an invalid length. [ 504.789644][ T39] kauditd_printk_skb: 168 callbacks suppressed [ 504.789684][ T39] audit: type=1800 audit(988.469:58338): pid=22413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.23168" name="file0" dev="9p" ino=35913843 res=0 errno=0 [ 505.066176][T22422] wlan0 speed is unknown, defaulting to 1000 [ 505.069360][T22422] wg1 speed is unknown, defaulting to 1000 [ 505.330702][T22422] netlink: 40 bytes leftover after parsing attributes in process `syz.6.23172'. [ 505.502714][T22449] team0: entered allmulticast mode [ 505.504763][T22449] team_slave_0: entered allmulticast mode [ 505.507378][T22449] 8021q: adding VLAN 0 to HW filter on device team0 [ 505.512834][T22447] netlink: 4 bytes leftover after parsing attributes in process `syz.6.23182'. [ 506.173203][T22493] kvm: kvm [22492]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x40000085) = 0x0 [ 507.299153][T22540] netlink: 4 bytes leftover after parsing attributes in process `syz.4.23221'. [ 508.240999][T22590] netlink: 'syz.7.23244': attribute type 1 has an invalid length. [ 508.695864][T22620] loop5: detected capacity change from 0 to 7 [ 508.699344][T22620] Buffer I/O error on dev loop5, logical block 0, async page read [ 508.702690][T22620] Buffer I/O error on dev loop5, logical block 0, async page read [ 508.706149][T22620] Buffer I/O error on dev loop5, logical block 0, async page read [ 508.709565][T22620] Buffer I/O error on dev loop5, logical block 0, async page read [ 508.712649][T22620] Buffer I/O error on dev loop5, logical block 0, async page read [ 508.715915][T22620] Buffer I/O error on dev loop5, logical block 0, async page read [ 508.719048][T22620] Buffer I/O error on dev loop5, logical block 0, async page read [ 508.722514][T22620] ldm_validate_partition_table(): Disk read failed. [ 508.725251][T22620] Buffer I/O error on dev loop5, logical block 0, async page read [ 508.728387][T22620] Buffer I/O error on dev loop5, logical block 0, async page read [ 508.731700][T22620] Buffer I/O error on dev loop5, logical block 0, async page read [ 508.734868][T22620] Dev loop5: unable to read RDB block 0 [ 508.737295][T22620] loop5: unable to read partition table [ 508.739659][T22620] loop5: partition table beyond EOD, truncated [ 508.742331][T22620] loop_reread_partitions: partition scan of loop5 (被xڬdƤݡ [ 508.742331][T22620] ) failed (rc=-5) [ 512.015245][T22672] syz.4.23282: attempt to access beyond end of device [ 512.015245][T22672] loop4: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 512.020343][T22672] gfs2: error -5 reading superblock [ 512.214463][T22693] random: crng reseeded on system resumption [ 513.400239][T22735] netlink: 4 bytes leftover after parsing attributes in process `syz.0.23310'. [ 513.404654][T22735] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 513.462802][T22743] netlink: 'syz.4.23312': attribute type 10 has an invalid length. [ 513.646902][T22743] syz_tun: entered promiscuous mode [ 513.653098][T22743] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 513.741986][T22766] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3) [ 513.743918][T22766] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 513.746910][T22766] vhci_hcd vhci_hcd.0: Device attached [ 513.769937][T22766] vhci_hcd vhci_hcd.0: pdev(6) rhport(1) sockfd(5) [ 513.772409][T22766] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 513.779052][T22766] vhci_hcd vhci_hcd.0: Device attached [ 513.783633][T22766] vhci_hcd vhci_hcd.0: pdev(6) rhport(2) sockfd(7) [ 513.786094][T22766] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 513.792678][T22766] vhci_hcd vhci_hcd.0: Device attached [ 513.800028][T22766] vhci_hcd vhci_hcd.0: pdev(6) rhport(3) sockfd(9) [ 513.802060][T22766] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 513.804309][T22766] vhci_hcd vhci_hcd.0: Device attached [ 513.807628][T22771] vhci_hcd: connection closed [ 513.807687][T22767] vhci_hcd: connection closed [ 513.811533][T13004] vhci_hcd: stop threads [ 513.814958][T13004] vhci_hcd: release socket [ 513.816659][T13004] vhci_hcd: disconnect device [ 513.821364][T22777] vhci_hcd: connection closed [ 513.823954][T22775] vhci_hcd: connection closed [ 513.824054][T13004] vhci_hcd: stop threads [ 513.828577][T13004] vhci_hcd: release socket [ 513.831310][T13004] vhci_hcd: disconnect device [ 513.833235][T13004] vhci_hcd: stop threads [ 513.834914][T13004] vhci_hcd: release socket [ 513.836602][T13004] vhci_hcd: disconnect device [ 513.838854][T13004] vhci_hcd: stop threads [ 513.841904][T13004] vhci_hcd: release socket [ 513.843643][T13004] vhci_hcd: disconnect device [ 514.353346][ T8] kernel read not supported for file /dsp1 (pid: 8 comm: kworker/0:0) [ 515.756292][ T39] audit: type=1326 audit(998.731:58339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22871 comm="syz.6.23368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 515.769694][ T39] audit: type=1326 audit(998.731:58340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22871 comm="syz.6.23368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 515.777804][ T39] audit: type=1326 audit(998.731:58341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22871 comm="syz.6.23368" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 515.785817][ T39] audit: type=1326 audit(998.740:58342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22871 comm="syz.6.23368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 515.793641][ T39] audit: type=1326 audit(998.740:58343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22871 comm="syz.6.23368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 515.802336][ T39] audit: type=1326 audit(998.740:58344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22874 comm="syz.6.23368" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 515.817166][ T39] audit: type=1326 audit(998.787:58345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22871 comm="syz.6.23368" exe="/syz-executor" sig=0 arch=40000003 syscall=284 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 515.867352][T22884] netlink: 'syz.0.23374': attribute type 6 has an invalid length. [ 515.926313][ T39] audit: type=1326 audit(998.890:58346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22874 comm="syz.6.23368" exe="/syz-executor" sig=0 arch=40000003 syscall=1 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 515.946171][ T39] audit: type=1326 audit(998.908:58347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22871 comm="syz.6.23368" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc5598 code=0x7ffc0000 [ 515.957786][ T39] audit: type=1326 audit(998.908:58348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22871 comm="syz.6.23368" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x7ffc0000 [ 516.443366][T22921] netlink: 8 bytes leftover after parsing attributes in process `syz.4.23389'. [ 516.570285][T22931] netlink: 192 bytes leftover after parsing attributes in process `syz.7.23401'. [ 516.643300][T22937] netlink: 8 bytes leftover after parsing attributes in process `syz.7.23404'. [ 517.007261][T22952] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes [ 518.499431][T23037] wlan0 speed is unknown, defaulting to 1000 [ 518.513462][T23037] wg1 speed is unknown, defaulting to 1000 [ 518.676402][T23046] netlink: 'syz.4.23448': attribute type 6 has an invalid length. [ 518.797078][T23037] netlink: 40 bytes leftover after parsing attributes in process `syz.0.23442'. [ 518.898612][T23058] kvm: kvm [23056]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x40000085) = 0x0 [ 519.067031][T21788] kernel write not supported for file /amidi2 (pid: 21788 comm: kworker/0:4) [ 519.481849][T23107] netlink: 76 bytes leftover after parsing attributes in process `syz.0.23476'. [ 519.966381][T23136] Failed to get privilege flags for destination (handle=0x2:0x0) [ 520.259521][T23170] netlink: 4 bytes leftover after parsing attributes in process `syz.4.23507'. [ 520.355372][T23180] kernel read not supported for file /eth0 (pid: 23180 comm: syz.6.23512) [ 521.604668][T23247] netlink: 112 bytes leftover after parsing attributes in process `syz.7.23541'. [ 521.905285][T23265] netlink: 16 bytes leftover after parsing attributes in process `syz.0.23550'. [ 522.021020][T23278] netlink: 'syz.6.23556': attribute type 19 has an invalid length. [ 522.360823][ T39] kauditd_printk_skb: 74 callbacks suppressed [ 522.360835][ T39] audit: type=1800 audit(1004.904:58423): pid=23304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.23568" name="file0" dev="9p" ino=35913843 res=0 errno=0 [ 522.810675][T18386] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 522.851897][T23337] netlink: 'syz.4.23583': attribute type 4 has an invalid length. [ 522.887584][T23342] netlink: 4 bytes leftover after parsing attributes in process `syz.0.23586'. [ 522.992540][T12972] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 522.999510][T18386] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 523.005242][ T6174] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 523.008201][ T1019] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 523.011718][T23356] netlink: 80 bytes leftover after parsing attributes in process `syz.0.23593'. [ 523.990155][ T1019] kernel write not supported for file /sg0 (pid: 1019 comm: kworker/1:3) [ 524.057558][T23415] netlink: 'syz.0.23620': attribute type 19 has an invalid length. [ 524.104650][ T1019] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 524.156664][ T7253] kernel read not supported for file /dsp1 (pid: 7253 comm: kworker/0:3) [ 524.683524][T23481] netlink: 12 bytes leftover after parsing attributes in process `syz.6.23649'. [ 524.905095][ T57] usb 12-1: new high-speed USB device number 3 using dummy_hcd [ 525.000392][T23502] bond2: entered promiscuous mode [ 525.002557][T23502] bond2: entered allmulticast mode [ 525.004426][T23502] 8021q: adding VLAN 0 to HW filter on device bond2 [ 525.074978][ T57] usb 12-1: Using ep0 maxpacket: 16 [ 525.162935][ T57] usb 12-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 525.166248][ T57] usb 12-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 525.169306][ T57] usb 12-1: Product: syz [ 525.170821][ T57] usb 12-1: Manufacturer: syz [ 525.172676][ T57] usb 12-1: SerialNumber: syz [ 525.175778][ T57] usb 12-1: config 0 descriptor?? [ 525.207528][T23502] bond2 (unregistering): Released all slaves [ 525.397683][ T57] usb 12-1: USB disconnect, device number 3 [ 525.627634][ T39] audit: type=1326 audit(1007.963:58424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23484 comm="syz.0.23651" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7fc00000 [ 525.657797][ T39] audit: type=1326 audit(1007.963:58425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23484 comm="syz.0.23651" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f22579 code=0x7fc00000 [ 525.664458][ T39] audit: type=1326 audit(1007.963:58426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23484 comm="syz.0.23651" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7fc00000 [ 525.673051][ T39] audit: type=1326 audit(1007.963:58427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23484 comm="syz.0.23651" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7fc00000 [ 525.681287][ T39] audit: type=1326 audit(1007.963:58428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23484 comm="syz.0.23651" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7fc00000 [ 525.690361][ T39] audit: type=1326 audit(1007.963:58429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23484 comm="syz.0.23651" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7fc00000 [ 525.698197][ T39] audit: type=1326 audit(1007.963:58430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23484 comm="syz.0.23651" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7fc00000 [ 525.705931][ T39] audit: type=1326 audit(1007.963:58431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23484 comm="syz.0.23651" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7fc00000 [ 525.716898][ T39] audit: type=1326 audit(1007.963:58432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23484 comm="syz.0.23651" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22579 code=0x7fc00000 [ 525.763255][T23549] netlink: 4 bytes leftover after parsing attributes in process `syz.6.23680'. [ 525.784731][T23549] bond2 (unregistering): Released all slaves [ 526.209967][T23590] tap0: tun_chr_ioctl cmd 1074025672 [ 526.211546][T23590] tap0: ignored: set checksum enabled [ 526.727304][T23637] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 526.803746][T23645] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 527.207405][T23666] team0: No ports can be present during mode change [ 527.301462][T23670] netlink: 71 bytes leftover after parsing attributes in process `syz.6.23734'. [ 527.332491][T23673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.23735'. [ 527.639099][T23691] netlink: 'syz.0.23743': attribute type 39 has an invalid length. [ 528.967473][T19776] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 529.000164][T23734] netlink: 4 bytes leftover after parsing attributes in process `syz.0.23762'. [ 529.007429][T23734] netlink: 4 bytes leftover after parsing attributes in process `syz.0.23762'. [ 529.246906][T23756] netlink: 4 bytes leftover after parsing attributes in process `syz.7.23774'. [ 529.250643][T23756] netlink: 4 bytes leftover after parsing attributes in process `syz.7.23774'. [ 529.363813][T23766] KVM: debugfs: duplicate directory 23766-4 [ 529.513589][T23777] netlink: 'syz.6.23784': attribute type 39 has an invalid length. [ 529.545486][T23780] netlink: 4 bytes leftover after parsing attributes in process `syz.4.23785'. [ 529.558007][T23780] netlink: 4 bytes leftover after parsing attributes in process `syz.4.23785'. [ 530.307225][T23854] sch_fq: defrate 113 ignored. [ 531.404889][ T6174] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 531.565332][ T6174] usb 5-1: Using ep0 maxpacket: 8 [ 531.569621][ T6174] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 531.572854][ T6174] usb 5-1: config 0 has no interface number 0 [ 531.575299][ T6174] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 531.579953][ T6174] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 531.583807][ T6174] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 531.588608][ T6174] usb 5-1: config 0 descriptor?? [ 531.598354][ T6174] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 531.812292][T18386] usb 5-1: USB disconnect, device number 27 [ 531.878715][ T1416] aoe: packet could not be sent on bond0. consider increasing tx_queue_len [ 532.099742][ T836] usb 12-1: new high-speed USB device number 4 using dummy_hcd [ 532.265989][ T836] usb 12-1: config 0 has no interfaces? [ 532.268218][ T836] usb 12-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 532.272465][ T836] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 532.276726][ T836] usb 12-1: config 0 descriptor?? [ 532.407255][T23975] netlink: 'syz.0.23876': attribute type 25 has an invalid length. [ 532.410422][T23975] netlink: 'syz.0.23876': attribute type 7 has an invalid length. [ 532.413436][T23975] netlink: 164 bytes leftover after parsing attributes in process `syz.0.23876'. [ 532.506743][ T1019] usb 12-1: USB disconnect, device number 4 [ 532.584625][T23984] netlink: 'syz.6.23880': attribute type 2 has an invalid length. [ 532.586948][T23984] netlink: 119 bytes leftover after parsing attributes in process `syz.6.23880'. [ 533.743988][T24079] mkiss: ax0: crc mode is auto. [ 533.769013][T24081] wlan0 speed is unknown, defaulting to 1000 [ 533.772280][T24081] wg1 speed is unknown, defaulting to 1000 [ 533.788500][ T39] kauditd_printk_skb: 29 callbacks suppressed [ 533.788511][ T39] audit: type=1800 audit(1015.596:58462): pid=24083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.23926" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 533.889144][T24081] IPVS: You probably need to specify IP address on multicast interface. [ 533.894919][T24081] IPVS: Error connecting to the multicast addr [ 534.729935][T24128] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 534.732479][T24128] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 534.740417][T24128] vhci_hcd vhci_hcd.0: Device attached [ 534.749708][T24135] vhci_hcd: connection closed [ 534.749975][T12994] vhci_hcd: stop threads [ 534.756649][T12994] vhci_hcd: release socket [ 534.757806][T12994] vhci_hcd: disconnect device [ 535.009568][T24155] block nbd0: NBD_DISCONNECT [ 535.013187][T24155] [ 535.014334][T24155] ====================================================== [ 535.017232][T24155] WARNING: possible circular locking dependency detected [ 535.020207][T24155] 6.14.0-rc5-syzkaller-00039-g848e07631744 #0 Not tainted [ 535.024968][T24155] ------------------------------------------------------ [ 535.028345][T24155] syz.0.23953/24155 is trying to acquire lock: [ 535.031050][T24155] ffff88806d8a7558 (sk_lock-AF_SMC){+.+.}-{0:0}, at: smc_sendmsg+0x47/0x520 [ 535.034833][T24155] [ 535.034833][T24155] but task is already holding lock: [ 535.037983][T24155] ffff88806181c870 (&nsock->tx_lock){+.+.}-{4:4}, at: nbd_disconnect+0x321/0x540 [ 535.041680][T24155] [ 535.041680][T24155] which lock already depends on the new lock. [ 535.041680][T24155] [ 535.045652][T24155] [ 535.045652][T24155] the existing dependency chain (in reverse order) is: [ 535.049071][T24155] [ 535.049071][T24155] -> #6 (&nsock->tx_lock){+.+.}-{4:4}: [ 535.052089][T24155] __mutex_lock+0x19b/0xb10 [ 535.054284][T24155] nbd_disconnect+0x321/0x540 [ 535.056491][T24155] nbd_ioctl+0x8d1/0xd60 [ 535.058378][T24155] compat_blkdev_ioctl+0x2eb/0x7a0 [ 535.060537][T24155] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 535.062921][T24155] __do_fast_syscall_32+0x73/0x120 [ 535.064539][T24155] do_fast_syscall_32+0x32/0x80 [ 535.066074][T24155] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 535.067975][T24155] [ 535.067975][T24155] -> #5 (&nbd->config_lock){+.+.}-{4:4}: [ 535.070141][T24155] __mutex_lock+0x19b/0xb10 [ 535.071639][T24155] refcount_dec_and_mutex_lock+0x51/0xc0 [ 535.073412][T24155] nbd_config_put+0x31/0x750 [ 535.074829][T24155] nbd_release+0xb7/0x190 [ 535.076171][T24155] blkdev_put_whole+0xad/0xf0 [ 535.077633][T24155] bdev_release+0x47e/0x6d0 [ 535.079052][T24155] blkdev_release+0x15/0x20 [ 535.080427][T24155] __fput+0x3ff/0xb70 [ 535.081707][T24155] __fput_sync+0xa1/0xc0 [ 535.083038][T24155] __x64_sys_close+0x86/0x100 [ 535.084651][T24155] do_syscall_64+0xcd/0x250 [ 535.086132][T24155] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 535.088087][T24155] [ 535.088087][T24155] -> #4 (&disk->open_mutex){+.+.}-{4:4}: [ 535.090392][T24155] __mutex_lock+0x19b/0xb10 [ 535.091872][T24155] bdev_open+0x41a/0xe20 [ 535.093296][T24155] bdev_file_open_by_dev+0x17d/0x210 [ 535.094994][T24155] disk_scan_partitions+0x1ed/0x320 [ 535.096633][T24155] add_disk_fwnode+0x1006/0x1320 [ 535.098223][T24155] pmem_attach_disk+0x9a1/0x13e0 [ 535.099762][T24155] nd_pmem_probe+0x1a9/0x1f0 [ 535.101224][T24155] nvdimm_bus_probe+0x169/0x5d0 [ 535.102833][T24155] really_probe+0x23e/0xa90 [ 535.104291][T24155] __driver_probe_device+0x1de/0x440 [ 535.106034][T24155] driver_probe_device+0x4c/0x1b0 [ 535.107630][T24155] __driver_attach+0x283/0x580 [ 535.109138][T24155] bus_for_each_dev+0x13c/0x1d0 [ 535.110691][T24155] bus_add_driver+0x2e9/0x690 [ 535.112243][T24155] driver_register+0x15c/0x4b0 [ 535.113798][T24155] __nd_driver_register+0x103/0x1a0 [ 535.115466][T24155] do_one_initcall+0x128/0x700 [ 535.117067][T24155] kernel_init_freeable+0x5c7/0x900 [ 535.118782][T24155] kernel_init+0x1c/0x2b0 [ 535.120239][T24155] ret_from_fork+0x45/0x80 [ 535.121680][T24155] ret_from_fork_asm+0x1a/0x30 [ 535.123262][T24155] [ 535.123262][T24155] -> #3 (&nvdimm_namespace_key){+.+.}-{4:4}: [ 535.140448][T24155] __mutex_lock+0x19b/0xb10 [ 535.142272][T24155] uevent_show+0x188/0x3b0 [ 535.143917][T24155] dev_attr_show+0x53/0xe0 [ 535.145678][T24155] sysfs_kf_seq_show+0x23e/0x410 [ 535.147638][T24155] seq_read_iter+0x4f4/0x12b0 [ 535.149497][T24155] kernfs_fop_read_iter+0x414/0x580 [ 535.151588][T24155] vfs_read+0x886/0xbf0 [ 535.153284][T24155] ksys_read+0x12b/0x250 [ 535.155018][T24155] do_syscall_64+0xcd/0x250 [ 535.156820][T24155] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 535.159131][T24155] [ 535.159131][T24155] -> #2 (kn->active#5){++++}-{0:0}: [ 535.161771][T24155] kernfs_drain+0x48f/0x590 [ 535.163629][T24155] __kernfs_remove+0x281/0x670 [ 535.165372][T24155] kernfs_remove_by_name_ns+0xb2/0x130 [ 535.167070][T24155] device_del+0x381/0x9f0 [ 535.168374][T24155] unregister_netdevice_many_notify+0x13aa/0x1f30 [ 535.170143][T24155] unregister_netdevice_queue+0x307/0x3f0 [ 535.172179][T24155] unregister_netdev+0x1f/0x60 [ 535.174165][T24155] slip_close+0x165/0x1c0 [ 535.175984][T24155] tty_ldisc_close+0x111/0x1a0 [ 535.177862][T24155] tty_ldisc_kill+0x8e/0x150 [ 535.179811][T24155] tty_ldisc_release+0x116/0x2a0 [ 535.181770][T24155] tty_release_struct+0x23/0xe0 [ 535.183804][T24155] tty_release+0xe25/0x1410 [ 535.185780][T24155] __fput+0x3ff/0xb70 [ 535.187601][T24155] task_work_run+0x14e/0x250 [ 535.189619][T24155] syscall_exit_to_user_mode+0x27b/0x2a0 [ 535.192021][T24155] __do_fast_syscall_32+0x80/0x120 [ 535.194228][T24155] do_fast_syscall_32+0x32/0x80 [ 535.196392][T24155] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 535.199121][T24155] [ 535.199121][T24155] -> #1 (rtnl_mutex){+.+.}-{4:4}: [ 535.201875][T24155] __mutex_lock+0x19b/0xb10 [ 535.203919][T24155] smc_vlan_by_tcpsk+0x251/0x620 [ 535.206027][T24155] __smc_connect+0x44d/0x4890 [ 535.208102][T24155] smc_connect+0x2fc/0x760 [ 535.210067][T24155] __sys_connect_file+0x13e/0x1a0 [ 535.212254][T24155] __sys_connect+0x14f/0x170 [ 535.214288][T24155] __ia32_sys_connect+0x71/0xb0 [ 535.216407][T24155] __do_fast_syscall_32+0x73/0x120 [ 535.218609][T24155] do_fast_syscall_32+0x32/0x80 [ 535.220713][T24155] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 535.223312][T24155] [ 535.223312][T24155] -> #0 (sk_lock-AF_SMC){+.+.}-{0:0}: [ 535.226185][T24155] __lock_acquire+0x249e/0x3c40 [ 535.228307][T24155] lock_acquire.part.0+0x11b/0x380 [ 535.230514][T24155] lock_sock_nested+0x3a/0xf0 [ 535.232590][T24155] smc_sendmsg+0x47/0x520 [ 535.234485][T24155] sock_sendmsg+0x3d3/0x490 [ 535.236522][T24155] __sock_xmit+0x1e8/0x4f0 [ 535.238488][T24155] nbd_disconnect+0x390/0x540 [ 535.240559][T24155] nbd_ioctl+0x8d1/0xd60 [ 535.242434][T24155] compat_blkdev_ioctl+0x2eb/0x7a0 [ 535.244702][T24155] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 535.246960][T24155] __do_fast_syscall_32+0x73/0x120 [ 535.249122][T24155] do_fast_syscall_32+0x32/0x80 [ 535.251259][T24155] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 535.253939][T24155] [ 535.253939][T24155] other info that might help us debug this: [ 535.253939][T24155] [ 535.257875][T24155] Chain exists of: [ 535.257875][T24155] sk_lock-AF_SMC --> &nbd->config_lock --> &nsock->tx_lock [ 535.257875][T24155] [ 535.262885][T24155] Possible unsafe locking scenario: [ 535.262885][T24155] [ 535.265711][T24155] CPU0 CPU1 [ 535.267750][T24155] ---- ---- [ 535.269816][T24155] lock(&nsock->tx_lock); [ 535.271594][T24155] lock(&nbd->config_lock); [ 535.274363][T24155] lock(&nsock->tx_lock); [ 535.277087][T24155] lock(sk_lock-AF_SMC); [ 535.278832][T24155] [ 535.278832][T24155] *** DEADLOCK *** [ 535.278832][T24155] [ 535.281975][T24155] 2 locks held by syz.0.23953/24155: [ 535.284072][T24155] #0: ffff888024faf998 (&nbd->config_lock){+.+.}-{4:4}, at: nbd_ioctl+0x151/0xd60 [ 535.287736][T24155] #1: ffff88806181c870 (&nsock->tx_lock){+.+.}-{4:4}, at: nbd_disconnect+0x321/0x540 [ 535.291499][T24155] [ 535.291499][T24155] stack backtrace: [ 535.293812][T24155] CPU: 1 UID: 0 PID: 24155 Comm: syz.0.23953 Not tainted 6.14.0-rc5-syzkaller-00039-g848e07631744 #0 [ 535.293836][T24155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 535.293845][T24155] Call Trace: [ 535.293852][T24155] [ 535.293860][T24155] dump_stack_lvl+0x116/0x1f0 [ 535.293887][T24155] print_circular_bug+0x490/0x760 [ 535.293911][T24155] check_noncircular+0x31a/0x400 [ 535.293932][T24155] ? __pfx_check_noncircular+0x10/0x10 [ 535.293950][T24155] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 535.293968][T24155] ? lockdep_lock+0xc6/0x200 [ 535.293982][T24155] ? __pfx_lockdep_lock+0x10/0x10 [ 535.293998][T24155] __lock_acquire+0x249e/0x3c40 [ 535.294022][T24155] ? __pfx___lock_acquire+0x10/0x10 [ 535.294046][T24155] lock_acquire.part.0+0x11b/0x380 [ 535.294068][T24155] ? smc_sendmsg+0x47/0x520 [ 535.294089][T24155] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 535.294109][T24155] ? rcu_is_watching+0x12/0xc0 [ 535.294127][T24155] ? trace_lock_acquire+0x14e/0x1f0 [ 535.294145][T24155] ? smc_sendmsg+0x47/0x520 [ 535.294164][T24155] ? lock_acquire+0x2f/0xb0 [ 535.294183][T24155] ? smc_sendmsg+0x47/0x520 [ 535.294205][T24155] lock_sock_nested+0x3a/0xf0 [ 535.294228][T24155] ? smc_sendmsg+0x47/0x520 [ 535.294249][T24155] smc_sendmsg+0x47/0x520 [ 535.294271][T24155] sock_sendmsg+0x3d3/0x490 [ 535.294289][T24155] ? __pfx_sock_sendmsg+0x10/0x10 [ 535.294309][T24155] ? rcu_is_watching+0x12/0xc0 [ 535.294323][T24155] ? trace_contention_end+0xee/0x140 [ 535.294346][T24155] __sock_xmit+0x1e8/0x4f0 [ 535.294363][T24155] ? __pfx___sock_xmit+0x10/0x10 [ 535.294378][T24155] ? __pfx___mutex_lock+0x10/0x10 [ 535.294404][T24155] nbd_disconnect+0x390/0x540 [ 535.294423][T24155] ? __pfx_nbd_disconnect+0x10/0x10 [ 535.294440][T24155] ? __pfx___mutex_lock+0x10/0x10 [ 535.294463][T24155] ? bpf_lsm_capable+0x9/0x10 [ 535.294480][T24155] nbd_ioctl+0x8d1/0xd60 [ 535.294498][T24155] ? __pfx_nbd_ioctl+0x10/0x10 [ 535.294516][T24155] ? __pfx_lock_release+0x10/0x10 [ 535.294546][T24155] ? trace_lock_acquire+0x14e/0x1f0 [ 535.294563][T24155] ? __pfx_lock_release+0x10/0x10 [ 535.294585][T24155] ? __pfx_nbd_ioctl+0x10/0x10 [ 535.294602][T24155] compat_blkdev_ioctl+0x2eb/0x7a0 [ 535.294620][T24155] ? __pfx_compat_blkdev_ioctl+0x10/0x10 [ 535.294636][T24155] ? __fget_files+0x206/0x3a0 [ 535.294660][T24155] ? __pfx_compat_blkdev_ioctl+0x10/0x10 [ 535.294675][T24155] __do_compat_sys_ioctl+0x1cb/0x2c0 [ 535.294694][T24155] __do_fast_syscall_32+0x73/0x120 [ 535.294717][T24155] do_fast_syscall_32+0x32/0x80 [ 535.294738][T24155] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 535.294796][T24155] RIP: 0023:0xf7f22579 [ 535.294809][T24155] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 535.294824][T24155] RSP: 002b:00000000f502555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 535.294840][T24155] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000ab08 [ 535.294851][T24155] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 535.294860][T24155] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 535.294870][T24155] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 535.294880][T24155] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 535.294895][T24155] [ 535.294966][ C1] vkms_vblank_simulate: vblank timer overrun [ 535.424428][ C1] vkms_vblank_simulate: vblank timer overrun [ 535.440006][T24155] block nbd0: Send disconnect failed -107 [ 535.453254][T24150] block nbd0: Disconnected due to user request. [ 535.455523][T24150] block nbd0: shutting down sockets VM DIAGNOSIS: 08:37:11 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000000 RBX=0000000000000001 RCX=ffffffff9105676a RDX=0000000000000008 RSI=ffffc9000cdd7b40 RDI=ffffc9000cdd7010 RBP=ffffc9000cdd7b40 RSP=ffffc9000cdd6f88 R8 =0000000000000001 R9 =ffffffff9105676e R10=ffffc9000cdd7010 R11=0000000000012dea R12=ffffc9000cdd7060 R13=ffffc9000cdd7010 R14=ffffc9000cdd7018 R15=ffffc9000cdd7b68 RIP=ffffffff81693732 RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002d011ffc CR3=000000000df80000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000023 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff853e7cb5 RDI=ffffffff9ab6ee60 RBP=ffffffff9ab6ee20 RSP=ffffc9000c0cf058 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e34312e36 R12=0000000000000000 R13=0000000000000023 R14=ffffffff9ab6ee20 R15=0000000000000000 RIP=ffffffff853e7cdf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000057bb24c0 CR3=000000005a5ca000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=ffffc90003327b60 RCX=ffffffff81ef5674 RDX=1ffff92000664f6f RSI=ffffffff81eeb539 RDI=ffffc90003327b78 RBP=ffffc90003327b60 RSP=ffffc900033279c8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=00000000000000ae R14=ffff888024931600 R15=dffffc0000000000 RIP=ffffffff81eeb55c RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f681b2d6d00 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000560928b2d280 CR3=000000004d9f6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=ffffc90000405110 RBX=0000000000000000 RCX=1ffff110081e1306 RDX=0000000000000008 RSI=ffffc90000405100 RDI=ffff888040f09830 RBP=ffff888040f09c00 RSP=ffffc900005f8e58 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=ffffc900005f8ff8 R12=dffffc0000000000 R13=0000000000000001 R14=ffff888040f09828 R15=ffff888025160000 RIP=ffffffff8640a3e0 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f5025da4 CR3=000000006cb5a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ac3e8d2b89c566e2 73d366da7c5e002d ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 665b948679d1bf99 d6dd2af61146e2d6 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 19424ecb749b2aa5 4375dbe4cb6e78b7 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8182975c9294c5eb 74a9bc1839dd4fd4 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000009600 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 758e0080f8560080 014519bb80d60080 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000001000000 01000000dffa0080 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 014519ba01000000 d4580080014519a1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 01000000014519f0 014519ef01000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 656a36f519ca1a41 afd5ab35f3d3c937 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 97d29e3f4801eafd 20a1247780184d9e ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000