last executing test programs: 9.256947877s ago: executing program 2 (id=277): ioctl$KDSETLED(0xffffffffffffffff, 0x4b32, 0xfffffffb) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0xe8) mount(&(0x7f0000000000)=@nullb, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='xfs\x00', 0x11, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, &(0x7f00000000c0)=0x101, 0x0) syslog(0x2, 0x0, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$TCSETAF(0xffffffffffffffff, 0x5408, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/zoneinfo\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000600)=[{0x0}, {0x0}], 0x2, 0x8007b9, 0x2) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000003a80)={0x0, 0x1c, &(0x7f0000003980)=[@in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}]}, &(0x7f0000003ac0)=0x10) r3 = openat$snapshot(0xffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$SNAPSHOT_FREE(r3, 0x80083313) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x6d, &(0x7f0000000080), &(0x7f00000000c0)=0x3930) 8.255592281s ago: executing program 2 (id=280): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x13, &(0x7f00000001c0)=ANY=[@ANYBLOB="18fffffffc000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b0000000180100002075400000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000500000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 8.146452165s ago: executing program 2 (id=281): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x68, 0x0, 0x4, 0x70bd28, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x5, 0xb}}}}, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x12, 0xcd, [0x7, 0x4, 0x7f, 0x692b, 0xf353, 0x2, 0x5]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xffff}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x140}]]}, 0x68}, 0x1, 0x0, 0x0, 0x2}, 0x8011) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="2705020059020a000600002fb96dbcf706e10500000086ddffff114443052bd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000003221880b000000000000721a5dbb56a3d9e16e7c2179c9b5b24722944820e624fc5b17d0822ca4232c98a9936ba722475ca5", 0x72}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b700c9e37eed5653ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d33330e2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb00"/135, 0x87}, {&(0x7f0000001400)="7f4ba13c5a27118dc920175650f0c9ba1809dd13a6e2d5b38f40adfa278c09e0e3bd05add4d780cd753b50f06f3b51f43761c7783f38ceaefc2dad57889d8b3a2d21314410f64ec2fa92e3a14b0141b39c020021d1edd011fbccb808a317fff4cf49aab12da619d67102048ec43c76cdb9d395e8b7b6e589d788aeeecb5080fc3d5ec6ccd656e49c0a642671d3fc363b46240bbc46ad965399b71db3c8f2b269b20870a3d2a6a8de5213b0f9d41c510c827056b7284391da244ec7653648b670f9a3483b314d861992ed7fb369eda093e1643c300b94d996fc592adb22c379be070ce5cd806da85a492dd4199cceb4c5b750222485325cf1073bf87e93bdf7da8af8f5f626541afd142e24ee8f4be9f038453c0edf500deabfe4d1a7a9de51df012bc2f3b767b3c03be6ace8c37ad571323cd363116e01f98a8ff8148d3900a65b788e99ddf9d9a2383f1730c7868d2dd031034bce5a77bd1ef3385105968be7bd830bde788092f657be36f89ea55ced486e18982d01339ed04a934a43c7b3be5e6bd03cbe773a", 0x187}], 0x3}, 0x0) 8.107009346s ago: executing program 2 (id=282): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x14, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}}], {0x14}}, 0x3c}}, 0x0) 7.999926846s ago: executing program 2 (id=283): r0 = socket$packet(0x11, 0x3, 0x300) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$inet6_sctp(0xa, 0x801, 0x84) r3 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) sendmsg$AUDIT_SET(r3, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0x3c, 0x3e9, 0x200, 0x70bd2a, 0x25dfdbfb, {0x24, 0x0, 0x0, 0x0, 0x9, 0x3, 0x2000, 0x0, 0x0, 0xba, 0x5}, ["", "", "", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x240040c0) getsockopt$bt_hci(r2, 0x84, 0x7f, &(0x7f00000011c0)=""/4072, &(0x7f0000001180)=0xfe8) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="0412ffffffffffff03"], 0xb) r4 = syz_open_dev$cec(0x0, 0x0, 0x10140) ioctl$SIOCX25GDTEFACILITIES(r0, 0x89ea, &(0x7f0000000000)) sendmsg$OSF_MSG_REMOVE(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000500)=ANY=[@ANYBLOB="1400000000000000000000000000000000000000ab0439bf788a2be79420fc707007090a6edeb03880750d2f84971dfba144d9e2e16235c63ee85e1c32cf39cb71d08b45f0be9b47baa444701df0baa206ab30353b52667ac9358c4309d5914638e290a3a2285ba1f64ae6da17db3df92403d8fde9f7da18423ad22817c016e33b2fd1470d80a5ff25d6ca0f413e3792df602fad8f742b56567aad3a2dd7aded5b45acf31e6fc49d44e2fe51dd8bd2567819bf2461f37364ce864ccbcfb39443"], 0x14}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000840), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r5, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f00000006c0)={0x34, r6, 0x319, 0x0, 0x0, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0) ioctl$UI_DEV_SETUP(r4, 0x405c5503, 0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3) connect$inet6(r7, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) write$binfmt_script(r7, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="02c9000a0006000500010842580e2a64adc9b138f92294bdeebc1ecb348ff152b7108cd561ee4d2c89f6f3bfa05c3f441bd20d1c6ba70e9ed467d5a2b8fd8f67e24d29b35829db02ea386f2b2bf9b81a0b4495877a1b5a2625e79bb29899f85cd07263597bb8ec3117c8e59fd935e3df6c7673feca56a9807ad8515d9bdb88cd8cbb8d6d5f8ba8055205a576717197c6c63a7eb9b71ca1ef176ba5aa73f8fa7bda01b1c8a997b9cbb31f7d6a43f2fd45becca37149c7e02c5e01010000f6edc52d9cd3a82bb77a32a3a7e54582bcff1cc806edd494037a79928ea546a9db2c7c67f6a8c456d8"], 0xf) mknod$loop(&(0x7f00000000c0)='./file0\x00', 0x80, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000880)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="050000000000000000004400000008000300", @ANYRES32=r10, @ANYBLOB="0c0023800800170000000000df2d2d40e72a5884d66b1ecebfc2b7d56a5d83c22444c786e818c42a9d0399492e8b82e9b9d067ec2c904810477789fc714fe7d41ac952e0a2c1726f6ba03dd0eca6c4538f03eb8269501db4e2a779a1c8b144bbd83e810b0625b418f901abbfc2f3d1e0ce1247a983983f8022faf7a784e21b9e64fbcbf3f75cbbe8b25ae43f00000e05b24c0734ce655ced2afd20bfbba492a512221190a278508567f40d1aaae39bd3d1c22de7380e5d9b0fb6df5bb568e71a295d93199c05cb51768241763ab5e9a26663fe6cca1fd5cc0ea9c7b6a8ea29a2fdc1b29a8fffc10145cd9a16"], 0x28}}, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x11, 0x0) 6.352486263s ago: executing program 2 (id=291): openat2$dir(0xffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x200800, 0x82, 0x18}, 0x18) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_open_procfs(0x0, 0x0) r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f00000000c0)) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYRES32], 0x1c}}, 0x0) write$nci(0xffffffffffffffff, 0x0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x0, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) connect$unix(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$admmidi(0x0, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) pipe(&(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) write(r8, &(0x7f0000001100)="94", 0x1) tee(r8, r9, 0xe, 0x5) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) sendmsg$NL80211_CMD_DEAUTHENTICATE(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f0000000540)={0x194, 0x0, 0x0, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x80000001, 0x5a}}}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xfffe}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xa}, @NL80211_ATTR_IE={0x59, 0x2a, [@random_vendor={0xdd, 0x31, "c3eed84ce3b611905f127988ef1e9b9686fe69944c30a7293babacd3a8a852457941260193c9b5eee95a37a032c9a91d9d"}, @channel_switch={0x25, 0x3, {0x0, 0xb8, 0xd}}, @mesh_chsw={0x76, 0x6, {0x1, 0xff, 0x16, 0x3}}, @chsw_timing={0x68, 0x4, {0x0, 0x7}}, @sec_chan_ofs={0x3e, 0x1, 0x1}, @mesh_config={0x71, 0x7, {0x0, 0x1, 0x1, 0xffffffffffffffff, 0x1, 0x7, 0x68}}, @dsss={0x3, 0x1, 0xb8}]}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x6}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x7}, @NL80211_ATTR_IE={0xf6, 0x2a, [@sec_chan_ofs={0x3e, 0x1, 0x1}, @mesh_chsw={0x76, 0x6, {0x8, 0x5, 0x3b, 0x9}}, @preq={0x82, 0x25, {{0x0, 0x0, 0x1}, 0x5, 0x1, 0x4, @broadcast, 0xd, @void, 0x3, 0x8, 0x1, [{{0x1, 0x0, 0x1}, @device_a, 0x100}]}}, @perr={0x84, 0xbb, {0x2, 0xb, [{{}, @broadcast, 0x7ff, @void, 0x18}, {{0x0, 0x1}, @broadcast, 0x2, @value=@device_b, 0x4}, {{0x0, 0x1}, @broadcast, 0x582, @value, 0x1c}, {{}, @device_a, 0x1, @void, 0x16}, {{0x0, 0x1}, @broadcast, 0x890f, @value, 0x39}, {{0x0, 0x1}, @broadcast, 0x790, @value, 0x3f}, {{}, @broadcast, 0x4, @void, 0x22}, {{0x0, 0x1}, @device_a, 0x93c2, @value=@device_b, 0x3}, {{}, @device_a, 0x3, @void, 0x41}, {{0x0, 0x1}, @broadcast, 0x28f00000, @value=@broadcast, 0x12}, {{0x0, 0x1}, @device_a, 0xffff1471, @value=@broadcast}]}}, @sec_chan_ofs={0x3e, 0x1}]}]}, 0x194}, 0x1, 0x0, 0x0, 0x508c4}, 0x20048010) close_range(r7, 0xffffffffffffffff, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_NEW_INTERFACE(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYRESOCT=r4, @ANYRES16, @ANYRESHEX=r1, @ANYBLOB="b589a9e2b99e1b12bb5aa7ef8b4a3102cd1b2b45a22700e1b5", @ANYRES64=r6], 0x28}, 0x1, 0x0, 0x0, 0x2000c809}, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000002400090000670000000000000600"], 0x14}}, 0x0) 4.229663874s ago: executing program 3 (id=306): r0 = getpid() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r0, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0) ioctl$MEDIA_IOC_G_TOPOLOGY(0xffffffffffffffff, 0xc0487c04, &(0x7f0000000880)={0x0, 0x4, 0x0, &(0x7f00000004c0)=[{}, {}, {}, {}], 0x5, 0x0, &(0x7f0000000640)=[{}, {}, {}, {}, {}], 0x3, 0x0, &(0x7f0000000300)=[{}, {0x0, 0x80000000}, {}], 0x1, 0x0, &(0x7f00000000c0)=[{}]}) ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc01c7c02, &(0x7f0000000980)={r2, &(0x7f0000000380), &(0x7f0000000900)}) ioctl$USBDEVFS_CONNECTINFO(0xffffffffffffffff, 0x80045520, &(0x7f0000002a40)) capset(&(0x7f0000000080)={0x20080522, r0}, &(0x7f0000000040)={0xffffffff, 0x10, 0x4df8, 0x0, 0x1}) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r3, 0x6, 0x19, &(0x7f0000000040)=0xb7, 0x4) bind$inet(r3, &(0x7f0000003900)={0x2, 0x4e24, @multicast1}, 0x10) connect$inet(r3, &(0x7f0000000480)={0x2, 0x4e24, @empty}, 0x10) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000440)={'erspan0\x00', 0x0}) sendto$inet(r3, &(0x7f0000000100)="f4188a9876a9431deeb98e3edfaafa03a11300e3aebb4102000000000034c5d2af03a5f261a35c07d07d371a4402394549d78c3f511bb4793daf4b4e28410e598769487fb27044ece0b4e738bcc7e1ce3aa7a3df2572a082809f406467bc0f0b47872a2ecc399861b90da1ffcfb35a8f5579b72e3cde817a2a78ff205c6fee57f9177bbeeb2f3d121b9c508660c2d90b0dc3f2412b62e7d99a7dfa6960b663bb8e14764efb33f9465c242b84b75a436ef9af2492b19a15bb9108656d828553e1719de91aa29cb5bf187a0162d50e234b6207725486c9e828d756ff9b6d4f5c4960469dd3a48b4e525f0cbf7158f95d603a37c272f874ee3b5c6e56", 0xfffffffffffffdb0, 0x4040004, 0x0, 0xfffffffb) close(0xffffffffffffffff) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) syz_open_dev$sndctrl(&(0x7f0000000000), 0x2, 0x0) syz_pidfd_open(0x0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r4}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = getpid() process_vm_readv(r5, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0) 3.63836383s ago: executing program 1 (id=307): syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000cc1ef420890b070064ef000000010902120001000000000904"], 0x0) r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000005940), 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) socket$xdp(0x2c, 0x3, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0x10, &(0x7f0000000180), 0x4) connect$inet6(r1, 0x0, 0x0) madvise(&(0x7f0000ac2000/0x1000)=nil, 0x1000, 0x0) madvise(&(0x7f000018e000/0x3000)=nil, 0x3000, 0x1) io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000040)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = dup(0xffffffffffffffff) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x12, r3, 0x0) add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe) syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x4000) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) ioctl$BLKZEROOUT(r4, 0x127f, &(0x7f0000000240)={0x0, 0x1000000}) bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x0}, 0x10) r5 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r5, &(0x7f0000000140)={0x2, 0x4e22, @local}, 0x10) connect$inet(r5, &(0x7f00000000c0)={0x2, 0x4e22, @empty}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000240)='illinois\x00', 0x9) socket$nl_sock_diag(0x10, 0x3, 0x4) 3.094042945s ago: executing program 3 (id=309): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0xc, 0x13, &(0x7f00000003c0)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}, @printk={@llu}]}, &(0x7f0000000bc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x4, 0x8, &(0x7f00000002c0)='\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r2 = syz_open_dev$dri(&(0x7f00000002c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_SETPROPERTY(r2, 0xc01064ab, &(0x7f0000000040)={0x0, 0x0, r3}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r4 = socket(0x11, 0x800000003, 0x0) r5 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfe], 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0xc], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800]}}}}]}, 0x88}}, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r7}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='ext4_alloc_da_blocks\x00', r7, 0x0, 0x3}, 0x18) socket$nl_netfilter(0x10, 0x3, 0xc) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x2b, &(0x7f0000000340), &(0x7f0000000380)=0x10) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB='y\x00\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x0) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x38) socket$netlink(0x10, 0x3, 0x0) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) 2.117303503s ago: executing program 3 (id=310): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0xc, 0x13, &(0x7f00000003c0)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}, @printk={@llu}]}, &(0x7f0000000bc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0x0, 0x4, 0x8, &(0x7f00000002c0)='\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r2 = syz_open_dev$dri(&(0x7f00000002c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_SETPROPERTY(r2, 0xc01064ab, &(0x7f0000000040)={0x0, 0x0, r3}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r4 = socket(0x11, 0x800000003, 0x0) r5 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfe], 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0xc], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800]}}}}]}, 0x88}}, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r7}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='ext4_alloc_da_blocks\x00', r7, 0x0, 0x3}, 0x18) socket$nl_netfilter(0x10, 0x3, 0xc) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x2b, &(0x7f0000000340), &(0x7f0000000380)=0x10) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB='y\x00\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x0) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x38) socket$netlink(0x10, 0x3, 0x0) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) 1.910510004s ago: executing program 0 (id=312): mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) (async) r0 = socket$kcm(0xa, 0x6, 0x0) setsockopt$sock_attach_bpf(r0, 0x10d, 0xa, &(0x7f0000000000), 0x4) (async) r1 = epoll_create1(0x0) (async) r2 = syz_io_uring_setup(0x12fd, &(0x7f0000000080)={0x0, 0x35a7, 0x10100, 0x3, 0x314}, &(0x7f0000000100)=0x0, &(0x7f0000000240)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd=r1}) (async) socket$packet(0x11, 0x0, 0x300) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000018110000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, @void, @value}, 0x94) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x0, r5}, 0x38) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000002000000008000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r6}, 0x10) (async) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x200000, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe2fb, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r7}, 0x10) r8 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, 0x0) (async) socketpair$nbd(0x1, 0x1, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) (async) close(r8) (async) r9 = socket(0x10, 0x3, 0x0) (async) r10 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newqdisc={0x50, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x1c, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8}, @TCA_FQ_CODEL_TARGET={0x8}, @TCA_FQ_CODEL_QUANTUM={0x8}]}}]}, 0x50}}, 0x0) (async) io_uring_enter(r2, 0x49f7, 0x0, 0x0, 0x0, 0x0) r12 = syz_io_uring_setup(0x320e, &(0x7f0000000280), &(0x7f0000000180), &(0x7f0000000000)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x1}], 0x1}, 0x3) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r12, &(0x7f0000000400)={0x20000004}) 1.800286265s ago: executing program 0 (id=313): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x282a2, 0x0) socket$unix(0x1, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$alg(0x26, 0x5, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) socketpair(0x0, 0x0, 0x800, 0x0) r1 = getpid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000000400)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x2db, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065"], 0x15) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x2, 0xbf22, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r2, 0x0, 0xa002a0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={&(0x7f0000000080), 0x0, 0x0, 0x0, 0x1, r2}, 0x38) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x20) mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000f, 0x11, r0, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x4000) 1.339968852s ago: executing program 0 (id=314): socket$nl_route(0x10, 0x3, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000010440)={0x2020}, 0x2020) openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r0 = socket$inet_icmp(0x2, 0x2, 0x1) lseek(r0, 0x400, 0x1) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x3, &(0x7f0000000300)=[{0x200000000006, 0x0, 0x0, 0x7ffc0003}, {0xe, 0x6, 0x7d, 0x9}, {0x0, 0x8, 0xff, 0x6}]}) sysinfo(&(0x7f0000000380)=""/98) socket$packet(0x11, 0x3, 0x300) socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001700)) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x11, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="18010000007b00000000000000000000850000007b00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f00000002c0)='netlink_extack\x00', r1}, 0x10) socket(0x22, 0x2, 0x1) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) socket$kcm(0x2, 0x200000000000001, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) inotify_init1(0x80800) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket(0x10, 0x2, 0x0) pipe(&(0x7f0000000200)) socket$nl_route(0x10, 0x3, 0x0) socket(0x1, 0x803, 0x0) 1.331061434s ago: executing program 0 (id=315): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="211fb284cc71050000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r2 = io_uring_setup(0x7339, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1}) copy_file_range(r2, &(0x7f0000000240)=0x1, r1, 0x0, 0x81, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x1a, &(0x7f00000000c0)={0x0}, 0x1) syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) r4 = dup(r3) ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000340)={0x9, 0x0, 0x10000000, 0x515f3157, 0x15, "78e114100985a79874342a70e113343972d01f"}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r5, &(0x7f00000007c0)=[{&(0x7f00000003c0)="b248e2c4fa308aff7ecee3347cc471a0f0be8c61a311875cd29ca0dff315bf2f642a800e99e07f65ee56f74d3c3eaa1815b0bb449f0dd1a485a6f414c77ab9a1b6127d57899a3e4348cd2829cafa7b8e0283656708e4ded3350af5001e3a146da627a6028d5fcee14e21143e376ebefa50dde3e13ed36524136366a800338ef452b3212bffc1ea", 0x87}, {&(0x7f0000000480)}, {0x0}], 0x3) write$binfmt_elf64(r5, &(0x7f0000000b40)=ANY=[], 0xa) socket$inet_tcp(0x2, 0x1, 0x0) socket$xdp(0x2c, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x8, 0xda, 0x280, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r6 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r6, 0x29, 0x46, &(0x7f0000000180)=0x6, 0x4) connect$inet6(r6, 0x0, 0x0) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) r7 = io_uring_setup(0x3450, &(0x7f0000000380)={0x0, 0x0, 0x1, 0x0, 0x3cf}) io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0) r10 = dup(r9) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x12, r10, 0x0) 1.22583268s ago: executing program 0 (id=316): ioctl$KDSETLED(0xffffffffffffffff, 0x4b32, 0xfffffffb) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0xe8) mount(&(0x7f0000000000)=@nullb, &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='xfs\x00', 0x11, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, &(0x7f00000000c0)=0x101, 0x0) syslog(0x2, 0x0, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$TCSETAF(0xffffffffffffffff, 0x5408, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000600)=[{0x0}, {0x0}], 0x2, 0x8007b9, 0x2) preadv(r0, &(0x7f0000000640), 0x0, 0x0, 0x8004001) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000003a80)={0x0, 0x1c, &(0x7f0000003980)=[@in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}]}, &(0x7f0000003ac0)=0x10) r3 = openat$snapshot(0xffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$SNAPSHOT_FREE(r3, 0x80083313) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x6d, &(0x7f0000000080), &(0x7f00000000c0)=0x3930) 1.091235798s ago: executing program 3 (id=317): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x48, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x3c, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x14}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_CT_DIRECTION={0x5, 0x3, 0x1}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xd}, @NFTA_CT_DIRECTION={0x5, 0x3, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x94}}, 0x0) 966.957301ms ago: executing program 1 (id=318): open(&(0x7f0000000100)='./file0\x00', 0x880ff, 0x0) (async) r0 = open(&(0x7f0000000100)='./file0\x00', 0x880ff, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) (async) r1 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socket$kcm(0x10, 0x2, 0x0) (async) r4 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)="2e00000010008188040f46ecdb4cb9cca7480ef421000000e3bd6efb440013030e000a000d000008ba8000001201", 0x2e}], 0x1}, 0x0) (async) sendmsg$kcm(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)="2e00000010008188040f46ecdb4cb9cca7480ef421000000e3bd6efb440013030e000a000d000008ba8000001201", 0x2e}], 0x1}, 0x0) r5 = openat$zero(0xffffff9c, &(0x7f00000020c0), 0x40202, 0x0) bind$vsock_stream(r5, &(0x7f0000002100)={0x28, 0x0, 0x2711, @host}, 0x10) fcntl$setlease(r0, 0x400, 0x0) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000042c0)='fdinfo/3\x00') read$FUSE(r6, &(0x7f0000000080)={0x2020}, 0x2020) 965.764098ms ago: executing program 3 (id=319): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c000000a7dc77379a54f489f7713ebd583b5ca6788f53c8ef37a4cf064c990bbef36378a535630b9ece5f05ee074636c77487dcaf40bdf57bf9da2bcab14656e4c7380d36614420c64d3f56b0ab8601819c41bcec2512bd5d994960ffcd39fa732987f115f81c267e5c", @ANYRES16, @ANYBLOB="0100000000000000000022000000180001801400020076657468315f766972745f7769666900"], 0x2c}}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0xc, 0x13, &(0x7f00000003c0)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}, @printk={@llu}]}, &(0x7f0000000bc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0x4, 0x8, &(0x7f00000002c0)='\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r3 = syz_open_dev$dri(&(0x7f00000002c0), 0x2, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_SETPROPERTY(r3, 0xc01064ab, &(0x7f0000000040)={0x0, 0x0, r4}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r5 = socket(0x11, 0x800000003, 0x0) r6 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=@newqdisc={0x88, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfe], 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0xc], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800]}}}}]}, 0x88}}, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r8}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='ext4_alloc_da_blocks\x00', r8, 0x0, 0x3}, 0x18) socket$nl_netfilter(0x10, 0x3, 0xc) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x2b, &(0x7f0000000340), &(0x7f0000000380)=0x10) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r10, @ANYBLOB='y\x00\x00\x00\x00\x00\x00\x00\x00\x00~'], 0x1c}}, 0x0) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x38) socket$netlink(0x10, 0x3, 0x0) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) 769.475541ms ago: executing program 1 (id=320): mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001040)={&(0x7f0000001000)='signal_generate\x00', r2}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='fib_table_lookup\x00', r3, 0x0, 0x2}, 0xd96d38745ec7516c) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0) r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0) connect$llc(r4, &(0x7f0000000340)={0x1a, 0x308, 0x7, 0x3, 0x1, 0x1, @remote}, 0x10) sendfile(r5, r4, &(0x7f00000000c0)=0x8e, 0x180000504) mount(&(0x7f00000001c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0)='vxfs\x00', 0x0, 0x0) 703.701267ms ago: executing program 1 (id=321): socket(0x10, 0x3, 0x0) socket(0x10, 0x803, 0x0) (async) r0 = socket(0x1, 0x803, 0x0) (async) socket$xdp(0x2c, 0x3, 0x0) (async) socket$phonet_pipe(0x23, 0x5, 0x2) (async) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x2000, &(0x7f000003d000/0x2000)=nil}) (async) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x3, [@union={0x1, 0x1, 0x0, 0xf, 0x0, 0xffffffff, [{0x2, 0x0, 0xfff}]}]}, {0x0, [0x5f]}}, 0x0, 0x33, 0x0, 0x7, 0x0, 0x0, @void, @value}, 0x20) (async) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x0, 0x0}) socket$l2tp(0x2, 0x2, 0x73) (async) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) (async) madvise(&(0x7f00001c1000/0x3000)=nil, 0x40000, 0x9) (async) r2 = socket$netlink(0x10, 0x3, 0x0) (async) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYRES16, @ANYRES32=r2, @ANYRES16=r1], 0x20}, 0x1, 0xc00000000000000}, 0x0) (async) fcntl$getown(r0, 0x9) (async) bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) (async) write$binfmt_misc(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="4c00030007"], 0xd) 692.2726ms ago: executing program 0 (id=322): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x10000, 0x1000, &(0x7f0000000000/0x1000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x1fd, 0x0, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil}) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000001c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000240)={@local}) socket(0x3b, 0xa, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000000)={0x9, "c6579e97c026f2030000007d659ec1300fac5408bf584f63ebf89b20d5748c07"}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000280)={0x400, "3a1d94090000ffac0008000097eaa3b500f3000000040000000200"}) ioctl$SW_SYNC_IOC_INC(r4, 0x40045701, &(0x7f0000000080)=0xfdfdffff) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000380)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000180)={r5}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000004c0)={0x0}) mount$9p_rdma(&(0x7f00000002c0), &(0x7f0000000300)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="7472616e733d72646d0400000072743d3078303030303030303030303030346532332c74696d656f75743d307830304197912a30303030303030352c64666c747569643d0000ed0eb4a2fe2bfab22890d663fe251234746c80babd303725ace50afb973d341d915ab8fedfa93db0c468667bab953f7fcb1b2b232c9738647c10589c697688a99ed5aec7a697defb83d47db351a7acf1ff2c590a94bff38ac290e5a46b5dc9913678ec8d0e6c4c8dfce3", @ANYRESHEX=0x0, @ANYBLOB=',obj_role=,..,euid=', @ANYRESDEC=0x0, @ANYBLOB=',appraise,rootcontext=system_u,obj_user=/dev/vhost-net\x00,\x00']) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000140)={r6, 0x2, r1, 0x5}) ioperm(0xfffffffffffffffd, 0xfffc, 0x0) futex(0x0, 0x6, 0x0, &(0x7f00000000c0), 0x0, 0x0) socket(0x18, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r7 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r7, 0x541b, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) 620.290553ms ago: executing program 1 (id=323): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x282a2, 0x0) socket$unix(0x1, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$alg(0x26, 0x5, 0x0) r1 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8}, &(0x7f0000010080), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x6c, 0x4, 0x0, 0x1, [{0x68, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x58, 0x2, 0x0, 0x1, [@NFTA_INNER_NUM, @NFTA_INNER_FLAGS={0xffffffffffffff74, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x34, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x1c}, @NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0xb9}, @NFTA_PAYLOAD_DREG={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_PAYLOAD_BASE={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}}}]}, @NFTA_RULE_COMPAT={0x0, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV4={0x0, 0x1, 0x1, 0x0, 0x2}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x0, 0x1, 0x1, 0x0, 0x1d}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x0, 0x1, 0x1, 0x0, 0x88e5}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x0, 0x1, 0x1, 0x0, 0x4}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x0, 0x1, 0x1, 0x0, 0x6006}, @NFTA_RULE_COMPAT_FLAGS={0x0, 0x2, 0x1, 0x0, 0x6}, @NFTA_RULE_COMPAT_FLAGS={0x0, 0x2, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x0, 0x1, 0x1, 0x0, 0x200}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x0, 0x1, 0x1, 0x0, 0x87}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xc0}}, 0x0) socketpair(0x0, 0x0, 0x800, 0x0) r3 = getpid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000140095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10) r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000680)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000000400)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x2db, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x20) mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000f, 0x11, r0, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x4000) 480.389892ms ago: executing program 1 (id=324): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000) rseq(&(0x7f0000000040), 0x20, 0x0, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000002c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x3, 0x7fc00100}]}) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) pipe2$9p(&(0x7f0000000080), 0x80) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000a40)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000200)={r2}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000180)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000280)={r3}) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local}) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=@framed={{}, [@printk={@x, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}, @call={0x85, 0x0, 0x0, 0x7d}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) 0s ago: executing program 3 (id=325): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x282a2, 0x0) socket$unix(0x1, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$alg(0x26, 0x5, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) socketpair(0x0, 0x0, 0x800, 0x0) r1 = getpid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000000400)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x2db, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x20) mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000f, 0x11, r0, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x4000) (fail_nth: 18) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:11904' (ED25519) to the list of known hosts. [ 43.407290][ T5343] cgroup: Unknown subsys name 'net' [ 43.690746][ T5343] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 44.995169][ T5343] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 49.038824][ T4778] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 49.041794][ T4778] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 49.044431][ T4778] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 49.047497][ T5364] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 49.052003][ T5368] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 49.053308][ T5371] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 49.057897][ T5372] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 49.060489][ T5371] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 49.064541][ T5372] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 49.067902][ T5371] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 49.069989][ T5372] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 49.072096][ T5371] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 49.077443][ T5364] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 49.082111][ T5364] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 49.083047][ T5362] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 49.085596][ T5364] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 49.086699][ T5368] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 49.088947][ T5364] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 49.090525][ T5368] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 49.092561][ T5371] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 49.093995][ T5364] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 49.098780][ T5368] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 49.105945][ T5358] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 49.109631][ T5368] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 49.416138][ T5360] chnl_net:caif_netlink_parms(): no params data found [ 49.458463][ T5356] chnl_net:caif_netlink_parms(): no params data found [ 49.463610][ T5359] chnl_net:caif_netlink_parms(): no params data found [ 49.594809][ T5369] chnl_net:caif_netlink_parms(): no params data found [ 49.685080][ T5359] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.687569][ T5359] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.689666][ T5359] bridge_slave_0: entered allmulticast mode [ 49.692109][ T5359] bridge_slave_0: entered promiscuous mode [ 49.769370][ T5359] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.771280][ T5359] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.773322][ T5359] bridge_slave_1: entered allmulticast mode [ 49.775654][ T5359] bridge_slave_1: entered promiscuous mode [ 49.799957][ T5356] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.803771][ T5356] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.805746][ T5356] bridge_slave_0: entered allmulticast mode [ 49.808192][ T5356] bridge_slave_0: entered promiscuous mode [ 49.811299][ T5356] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.814893][ T5356] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.816815][ T5356] bridge_slave_1: entered allmulticast mode [ 49.819634][ T5356] bridge_slave_1: entered promiscuous mode [ 49.854959][ T5360] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.856908][ T5360] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.858829][ T5360] bridge_slave_0: entered allmulticast mode [ 49.861179][ T5360] bridge_slave_0: entered promiscuous mode [ 49.929640][ T5359] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 49.950344][ T5360] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.952413][ T5360] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.954329][ T5360] bridge_slave_1: entered allmulticast mode [ 49.956674][ T5360] bridge_slave_1: entered promiscuous mode [ 49.962681][ T5356] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 49.967103][ T5359] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.027423][ T5356] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.046640][ T5369] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.049249][ T5369] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.051378][ T5369] bridge_slave_0: entered allmulticast mode [ 50.054603][ T5369] bridge_slave_0: entered promiscuous mode [ 50.059476][ T5360] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.102902][ T5369] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.104640][ T5369] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.106568][ T5369] bridge_slave_1: entered allmulticast mode [ 50.108933][ T5369] bridge_slave_1: entered promiscuous mode [ 50.112908][ T5360] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.136736][ T5359] team0: Port device team_slave_0 added [ 50.195314][ T5356] team0: Port device team_slave_0 added [ 50.199479][ T5359] team0: Port device team_slave_1 added [ 50.206585][ T5369] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.232998][ T5356] team0: Port device team_slave_1 added [ 50.253647][ T5369] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 50.258776][ T5360] team0: Port device team_slave_0 added [ 50.314917][ T5360] team0: Port device team_slave_1 added [ 50.334397][ T5359] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 50.336256][ T5359] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.343517][ T5359] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 50.384329][ T5356] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 50.386192][ T5356] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.394410][ T5356] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 50.415772][ T5359] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 50.417672][ T5359] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.425116][ T5359] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 50.431902][ T5369] team0: Port device team_slave_0 added [ 50.450614][ T5356] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 50.453260][ T5356] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.459947][ T5356] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 50.470083][ T5369] team0: Port device team_slave_1 added [ 50.472685][ T5360] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 50.474547][ T5360] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.481171][ T5360] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 50.485352][ T5360] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 50.487164][ T5360] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.494063][ T5360] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 50.654520][ T5356] hsr_slave_0: entered promiscuous mode [ 50.657821][ T5356] hsr_slave_1: entered promiscuous mode [ 50.662555][ T5369] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 50.664869][ T5369] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.674001][ T5369] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 50.698637][ T5359] hsr_slave_0: entered promiscuous mode [ 50.702787][ T5359] hsr_slave_1: entered promiscuous mode [ 50.705478][ T5359] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 50.707828][ T5359] Cannot create hsr debugfs directory [ 50.711198][ T5369] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 50.713168][ T5369] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.721307][ T5369] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 50.751564][ T5360] hsr_slave_0: entered promiscuous mode [ 50.753905][ T5360] hsr_slave_1: entered promiscuous mode [ 50.755843][ T5360] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 50.757822][ T5360] Cannot create hsr debugfs directory [ 50.950528][ T5369] hsr_slave_0: entered promiscuous mode [ 50.953142][ T5369] hsr_slave_1: entered promiscuous mode [ 50.955222][ T5369] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 50.957221][ T5369] Cannot create hsr debugfs directory [ 51.142148][ T4778] Bluetooth: hci3: command tx timeout [ 51.142260][ T66] Bluetooth: hci0: command tx timeout [ 51.143804][ T5368] Bluetooth: hci1: command tx timeout [ 51.145140][ T5358] Bluetooth: hci2: command tx timeout [ 51.202713][ T5359] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 51.208855][ T5359] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 51.212996][ T5359] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 51.217069][ T5359] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 51.256147][ T5356] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 51.260861][ T5356] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 51.265577][ T5356] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 51.270097][ T5356] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 51.319599][ T5360] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 51.326301][ T5360] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 51.330759][ T5360] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 51.336089][ T5360] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 51.378774][ T5369] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 51.384757][ T5369] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 51.388835][ T5369] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 51.394582][ T5369] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 51.439389][ T5359] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.466537][ T5356] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.488179][ T5359] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.508136][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.510230][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.519585][ T5356] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.527430][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.529364][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.557342][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.559204][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.575324][ T1106] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.577237][ T1106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.612671][ T5369] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.618170][ T5360] 8021q: adding VLAN 0 to HW filter on device bond0 [ 51.667409][ T5359] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 51.676964][ T5360] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.687253][ T5369] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.695786][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.697732][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.704544][ T1106] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.706522][ T1106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.718170][ T1106] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.720093][ T1106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.734968][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.736917][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.790759][ T5360] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 51.793639][ T5360] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 51.826918][ T5359] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 51.850682][ T5356] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 51.880848][ T5359] veth0_vlan: entered promiscuous mode [ 51.893214][ T5359] veth1_vlan: entered promiscuous mode [ 51.926537][ T5360] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 51.930266][ T5356] veth0_vlan: entered promiscuous mode [ 51.942879][ T5359] veth0_macvtap: entered promiscuous mode [ 51.952985][ T5356] veth1_vlan: entered promiscuous mode [ 51.959477][ T5359] veth1_macvtap: entered promiscuous mode [ 51.970826][ T5359] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 51.986172][ T5359] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 51.990072][ T5359] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.993400][ T5359] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.995636][ T5359] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.997754][ T5359] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.010436][ T5369] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 52.032029][ T5356] veth0_macvtap: entered promiscuous mode [ 52.047514][ T5360] veth0_vlan: entered promiscuous mode [ 52.054631][ T5356] veth1_macvtap: entered promiscuous mode [ 52.087221][ T5360] veth1_vlan: entered promiscuous mode [ 52.108325][ T1209] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.110632][ T1209] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.136590][ T5369] veth0_vlan: entered promiscuous mode [ 52.149835][ T5356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.154900][ T5356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.160481][ T5356] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 52.169291][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.171367][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.177092][ T5356] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.180858][ T5356] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.186890][ T5356] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 52.192049][ T5369] veth1_vlan: entered promiscuous mode [ 52.199441][ T5356] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.202970][ T5356] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.205307][ T5356] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.207575][ T5356] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.211894][ T5360] veth0_macvtap: entered promiscuous mode [ 52.227272][ T5360] veth1_macvtap: entered promiscuous mode [ 52.256168][ T5369] veth0_macvtap: entered promiscuous mode [ 52.264932][ T5360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.267800][ T5360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.270333][ T5360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.273787][ T5360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.277520][ T5360] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 52.279948][ T5369] veth1_macvtap: entered promiscuous mode [ 52.295539][ T5360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.298285][ T5360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.300792][ T5360] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.308009][ T5360] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.311541][ T5360] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 52.317812][ T5360] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.320192][ T5360] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.323898][ T5360] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.326158][ T5360] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.336055][ T5419] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 52.339415][ T5369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.343000][ T5369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.345537][ T5369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.348616][ T5369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.351105][ T5369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 52.353975][ T5369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.357595][ T5369] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 52.368152][ T1099] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.370289][ T1099] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.379769][ T5369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.382583][ T5369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.385314][ T5369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.388001][ T5369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.390513][ T5369] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 52.394522][ T5369] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 52.398129][ T5369] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 52.422115][ T5369] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.424643][ T5369] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.426941][ T5369] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.429550][ T5369] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 52.438677][ T1106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.441548][ T1106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.471446][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.474701][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.504595][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.506718][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.536738][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.538860][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.563527][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 52.568422][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 52.570661][ T10] IPVS: starting estimator thread 0... [ 52.672111][ T5423] IPVS: using max 35 ests per chain, 84000 per kthread [ 52.678088][ T5428] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'. [ 52.682270][ T5398] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 52.853390][ T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 52.866271][ T5398] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 52.872502][ T5398] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.875064][ T5398] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.877690][ T5398] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.895920][ T5398] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.898660][ T5398] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.902689][ T5398] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.906707][ T5398] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.909081][ T5398] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.912094][ T5398] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.919191][ T5398] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.921528][ T5398] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.931790][ T5398] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.933178][ T5398] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.933204][ T5398] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.933217][ T5398] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.934602][ T5398] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.934627][ T5398] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.934640][ T5398] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.936516][ T5398] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.936540][ T5398] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.936553][ T5398] usb 6-1: config 0 interface 0 has no altsetting 0 [ 52.937565][ T5398] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 52.977996][ T5398] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 52.980994][ T5398] usb 6-1: config 0 interface 0 has no altsetting 0 [ 53.004264][ T5398] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 53.006693][ T5398] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 53.008981][ T5398] usb 6-1: Product: syz [ 53.010102][ T5398] usb 6-1: Manufacturer: syz [ 53.011319][ T5398] usb 6-1: SerialNumber: syz [ 53.033732][ T5398] usb 6-1: config 0 descriptor?? [ 53.052275][ T10] usb 7-1: Using ep0 maxpacket: 32 [ 53.063150][ T10] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 53.065569][ T10] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 53.067856][ T10] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 53.069185][ T5398] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 53.070457][ T10] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 81 [ 53.070487][ T10] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 53.070498][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 53.086824][ T10] usb 7-1: config 0 descriptor?? [ 53.222028][ T5368] Bluetooth: hci0: command tx timeout [ 53.222360][ T66] Bluetooth: hci3: command tx timeout [ 53.223672][ T5368] Bluetooth: hci2: command tx timeout [ 53.225058][ T66] Bluetooth: hci1: command tx timeout [ 53.264085][ T5398] usb 6-1: USB disconnect, device number 2 [ 53.268972][ T5398] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 53.638629][ T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!! [ 53.641823][ T0] NOHZ tick-stop error: local softirq work is pending, handler #41!!! [ 53.652725][ T5399] usb 7-1: USB disconnect, device number 2 [ 54.051662][ T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 54.201686][ T832] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 54.242185][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 54.253508][ T10] usb 5-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 54.256033][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 54.266098][ T10] usb 5-1: config 0 descriptor?? [ 54.275806][ T10] as10x_usb: device has been detected [ 54.279274][ T10] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 54.312854][ T10] usb 5-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 54.345359][ T10] as10x_usb: error during firmware upload part1 [ 54.347347][ T10] Registered device nBox DVB-T Dongle [ 54.363551][ T5451] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10'. [ 54.391704][ T832] usb 8-1: Using ep0 maxpacket: 32 [ 54.394834][ T832] usb 8-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 54.397130][ T832] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 54.404126][ T832] usb 8-1: config 0 descriptor?? [ 54.413102][ T832] as10x_usb: device has been detected [ 54.414915][ T832] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 54.436627][ T832] usb 8-1: DVB: registering adapter 2 frontend 0 (nBox DVB-T Dongle)... [ 54.445885][ T832] as10x_usb: error during firmware upload part1 [ 54.447883][ T832] Registered device nBox DVB-T Dongle [ 54.541785][ T5398] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 54.722057][ T5398] usb 7-1: Using ep0 maxpacket: 32 [ 54.727318][ T5398] usb 7-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 54.729830][ T5398] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 54.739220][ T5398] usb 7-1: config 0 descriptor?? [ 54.753521][ T5398] as10x_usb: device has been detected [ 54.764220][ T5398] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 54.785406][ T5398] usb 7-1: DVB: registering adapter 3 frontend 0 (nBox DVB-T Dongle)... [ 54.802424][ T5398] as10x_usb: error during firmware upload part1 [ 54.806136][ T5398] Registered device nBox DVB-T Dongle [ 55.002036][ T64] cfg80211: failed to load regulatory.db [ 55.096395][ T5460] /dev/nullb0: Can't open blockdev [ 55.257607][ T5461] random: crng reseeded on system resumption [ 55.302091][ T5368] Bluetooth: hci1: command tx timeout [ 55.302219][ T4778] Bluetooth: hci2: command tx timeout [ 55.302454][ T66] Bluetooth: hci3: command tx timeout [ 55.302493][ T66] Bluetooth: hci0: command tx timeout [ 55.667951][ T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!! [ 55.682575][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 55.684732][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 55.686879][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 55.704284][ T5400] usb 5-1: USB disconnect, device number 2 [ 55.742450][ T5400] Unregistered device nBox DVB-T Dongle [ 55.748535][ T5400] as10x_usb: device has been disconnected [ 55.775094][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 55.792497][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 55.880793][ T5465] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 55.944737][ T5405] usb 8-1: USB disconnect, device number 2 [ 55.957727][ T5405] Unregistered device nBox DVB-T Dongle [ 55.959430][ T5405] as10x_usb: device has been disconnected [ 56.105044][ T5400] usb 7-1: USB disconnect, device number 3 [ 56.114725][ T5400] Unregistered device nBox DVB-T Dongle [ 56.116340][ T5400] as10x_usb: device has been disconnected [ 56.326549][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 56.542021][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 56.740454][ T5476] netlink: 20 bytes leftover after parsing attributes in process `syz.1.17'. [ 56.839864][ T5478] overlayfs: failed to resolve './file1': -2 [ 57.337450][ T5477] warning: `syz.2.16' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 57.381701][ T5358] Bluetooth: hci0: command tx timeout [ 57.381877][ T4778] Bluetooth: hci1: command tx timeout [ 57.381917][ T5368] Bluetooth: hci3: command tx timeout [ 57.393502][ T4778] Bluetooth: hci2: command tx timeout [ 58.463344][ T5497] autofs: Bad value for 'fd' [ 58.733318][ T5499] mmap: syz.2.21 (5499) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 58.762554][ T5494] evm: overlay not supported [ 58.992068][ T5504] netlink: 8 bytes leftover after parsing attributes in process `syz.0.22'. [ 58.998361][ T5504] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 59.000720][ T5504] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 59.554217][ T5514] netlink: 'syz.2.25': attribute type 12 has an invalid length. [ 60.096539][ T5519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.26'. [ 60.100323][ T5519] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 60.108843][ T5519] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 60.282904][ T5525] syz.2.28 uses obsolete (PF_INET,SOCK_PACKET) [ 60.311712][ T5492] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 60.511727][ T5492] usb 6-1: Using ep0 maxpacket: 32 [ 60.515570][ T5492] usb 6-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 60.517920][ T5492] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.521123][ T5492] usb 6-1: config 0 descriptor?? [ 60.533423][ T5492] as10x_usb: device has been detected [ 60.535220][ T5492] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 60.553360][ T5492] usb 6-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 60.565314][ T5492] as10x_usb: error during firmware upload part1 [ 60.567645][ T5492] Registered device nBox DVB-T Dongle [ 60.693461][ T5529] autofs: Bad value for 'fd' [ 60.778148][ T39] audit: type=1804 audit(1726611863.501:2): pid=5528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.29" name="/newroot/6/bus/bus" dev="overlay" ino=57 res=1 errno=0 [ 62.629078][ T56] usb 6-1: USB disconnect, device number 3 [ 62.652734][ T56] Unregistered device nBox DVB-T Dongle [ 62.653634][ T56] as10x_usb: device has been disconnected [ 63.256063][ T5555] loop7: detected capacity change from 0 to 16384 [ 63.420719][ T5556] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 64.550462][ T5568] block nbd3: shutting down sockets [ 64.561907][ T25] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 64.741663][ T25] usb 6-1: Using ep0 maxpacket: 32 [ 64.749624][ T25] usb 6-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 64.753914][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.764125][ T25] usb 6-1: config 0 descriptor?? [ 64.764807][ T1854] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 64.773276][ T25] as10x_usb: device has been detected [ 64.777547][ T25] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 64.812301][ T25] usb 6-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 64.820403][ T25] as10x_usb: error during firmware upload part1 [ 64.823436][ T25] Registered device nBox DVB-T Dongle [ 64.941652][ T1854] usb 7-1: Using ep0 maxpacket: 32 [ 64.949434][ T1854] usb 7-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 64.954163][ T1854] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.968360][ T1854] usb 7-1: config 0 descriptor?? [ 64.981301][ T1854] as10x_usb: device has been detected [ 64.988126][ T1854] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 65.003292][ T1854] usb 7-1: DVB: registering adapter 2 frontend 0 (nBox DVB-T Dongle)... [ 65.012812][ T1854] as10x_usb: error during firmware upload part1 [ 65.024804][ T1854] Registered device nBox DVB-T Dongle [ 66.142068][ T62] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 66.321740][ T62] usb 8-1: Using ep0 maxpacket: 32 [ 66.324834][ T62] usb 8-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 66.327520][ T62] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.337608][ T62] usb 8-1: config 0 descriptor?? [ 66.342864][ T62] as10x_usb: device has been detected [ 66.345361][ T62] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 66.366156][ T62] usb 8-1: DVB: registering adapter 3 frontend 0 (nBox DVB-T Dongle)... [ 66.370345][ T62] as10x_usb: error during firmware upload part1 [ 66.370933][ T1854] usb 6-1: USB disconnect, device number 4 [ 66.376053][ T62] Registered device nBox DVB-T Dongle [ 66.417989][ T1854] Unregistered device nBox DVB-T Dongle [ 66.422863][ T5212] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 66.424234][ T1854] as10x_usb: device has been disconnected [ 66.611683][ T5212] usb 5-1: Using ep0 maxpacket: 32 [ 66.614377][ T5212] usb 5-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 66.616774][ T5212] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.620146][ T5212] usb 5-1: config 0 descriptor?? [ 66.631834][ T5212] as10x_usb: device has been detected [ 66.634532][ T5212] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 66.646690][ T5212] usb 5-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 66.653018][ T5212] as10x_usb: error during firmware upload part1 [ 66.654969][ T5212] Registered device nBox DVB-T Dongle [ 67.571470][ T5492] usb 7-1: USB disconnect, device number 4 [ 67.590329][ T5492] Unregistered device nBox DVB-T Dongle [ 67.603291][ T5492] as10x_usb: device has been disconnected [ 67.699038][ T5600] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 67.776911][ T8] usb 8-1: USB disconnect, device number 3 [ 67.789216][ T8] Unregistered device nBox DVB-T Dongle [ 67.796270][ T8] as10x_usb: device has been disconnected [ 68.358286][ T62] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 68.523653][ T25] usb 5-1: USB disconnect, device number 3 [ 68.548257][ T25] Unregistered device nBox DVB-T Dongle [ 68.560463][ T25] as10x_usb: device has been disconnected [ 68.793631][ T62] usb 7-1: unable to get BOS descriptor or descriptor too short [ 68.797151][ T62] usb 7-1: unable to read config index 0 descriptor/start: -71 [ 68.799295][ T62] usb 7-1: can't read configurations, error -71 [ 69.401775][ T25] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 69.513182][ T5620] Zero length message leads to an empty skb [ 69.601761][ T25] usb 5-1: Using ep0 maxpacket: 32 [ 69.604586][ T25] usb 5-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 69.607233][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.612619][ T25] usb 5-1: config 0 descriptor?? [ 69.617131][ T25] as10x_usb: device has been detected [ 69.619287][ T25] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 69.629635][ T25] usb 5-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 69.650786][ T25] as10x_usb: error during firmware upload part1 [ 69.652901][ T25] Registered device nBox DVB-T Dongle [ 70.034721][ T5626] netlink: 8 bytes leftover after parsing attributes in process `syz.3.54'. [ 70.040898][ T5626] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 70.048450][ T5626] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 70.882912][ T5621] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 70.890087][ T5621] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 70.904666][ T1376] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.908094][ T1376] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.930921][ T5621] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 70.932969][ T5621] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 70.938537][ T5621] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 70.940160][ T5621] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 70.946539][ T5621] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 70.948345][ T5621] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 71.129134][ T5654] /dev/nullb0: Can't open blockdev [ 71.242656][ T39] audit: type=1326 audit(1726611873.961:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5643 comm="syz.3.55" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f92579 code=0x0 [ 71.403232][ T5657] random: crng reseeded on system resumption [ 71.450023][ T5662] sp0: Synchronizing with TNC [ 71.453494][ T35] usb 5-1: USB disconnect, device number 4 [ 71.474350][ T35] Unregistered device nBox DVB-T Dongle [ 71.475548][ T35] as10x_usb: device has been disconnected [ 71.751823][ T8] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 71.931728][ T8] usb 7-1: Using ep0 maxpacket: 32 [ 71.934627][ T8] usb 7-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 71.941663][ T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.945267][ T8] usb 7-1: config 0 descriptor?? [ 71.949741][ T8] as10x_usb: device has been detected [ 71.955175][ T8] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 71.982883][ T8] usb 7-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 71.986937][ T5673] netlink: 8 bytes leftover after parsing attributes in process `syz.1.58'. [ 71.992062][ T5673] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 71.995452][ T5673] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 72.007408][ T8] as10x_usb: error during firmware upload part1 [ 72.016430][ T8] Registered device nBox DVB-T Dongle [ 72.164700][ T5676] netlink: 8 bytes leftover after parsing attributes in process `syz.3.59'. [ 72.226474][ T5680] netlink: 8 bytes leftover after parsing attributes in process `syz.0.60'. [ 72.946630][ T5692] random: crng reseeded on system resumption [ 73.265141][ T5699] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0 [ 73.528815][ T5688] process 'syz.1.61' launched './file2' with NULL argv: empty string added [ 73.774719][ T5688] vivid-003: ================= START STATUS ================= [ 73.777195][ T5688] vivid-003: Radio HW Seek Mode: Bounded [ 73.778942][ T5688] vivid-003: Radio Programmable HW Seek: false [ 73.780705][ T5688] vivid-003: RDS Rx I/O Mode: Block I/O [ 73.783156][ T5688] vivid-003: Generate RBDS Instead of RDS: false [ 73.785306][ T5688] vivid-003: RDS Reception: true [ 73.787528][ T5688] vivid-003: RDS Program Type: 0 inactive [ 73.789216][ T5688] vivid-003: RDS PS Name: inactive [ 73.791052][ T5688] vivid-003: RDS Radio Text: inactive [ 73.793002][ T5688] vivid-003: RDS Traffic Announcement: false inactive [ 73.795337][ T5688] vivid-003: RDS Traffic Program: false inactive [ 73.797819][ T5688] vivid-003: RDS Music: false inactive [ 73.799996][ T5688] vivid-003: ================== END STATUS ================== [ 74.049986][ T5707] netlink: 'syz.3.65': attribute type 1 has an invalid length. [ 74.127056][ T5708] No control pipe specified [ 74.265466][ T5706] netlink: 44 bytes leftover after parsing attributes in process `syz.0.66'. [ 74.436480][ T5712] /dev/nullb0: Can't open blockdev [ 74.594615][ T5713] random: crng reseeded on system resumption [ 74.793873][ T62] usb 7-1: USB disconnect, device number 7 [ 74.836995][ T62] Unregistered device nBox DVB-T Dongle [ 74.862016][ T62] as10x_usb: device has been disconnected [ 75.120093][ T5719] netlink: 8 bytes leftover after parsing attributes in process `syz.1.68'. [ 75.125363][ T5719] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 75.128660][ T5719] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 75.596787][ T25] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 75.802035][ T25] usb 7-1: Using ep0 maxpacket: 16 [ 75.806011][ T25] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 75.809418][ T25] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 75.815734][ T25] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 75.820132][ T25] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 75.823592][ T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 75.832765][ T25] usb 7-1: config 0 descriptor?? [ 76.189888][ T5731] netlink: 60 bytes leftover after parsing attributes in process `syz.1.72'. [ 76.198818][ T5731] netlink: 60 bytes leftover after parsing attributes in process `syz.1.72'. [ 76.297794][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 76.303345][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 76.308918][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 76.312597][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 76.315747][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 76.317731][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 76.319884][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 76.322063][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 76.324262][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 76.326886][ T25] microsoft 0003:045E:07DA.0002: unknown main item tag 0x0 [ 76.332695][ T25] HID 045e:07da: Invalid code 65791 type 1 [ 76.341002][ T5735] netlink: 8 bytes leftover after parsing attributes in process `syz.3.73'. [ 76.345954][ T5735] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 76.349246][ T5735] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 76.357782][ T25] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:045E:07DA.0002/input/input5 [ 76.400515][ T25] microsoft 0003:045E:07DA.0002: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 76.507106][ T5212] usb 7-1: USB disconnect, device number 8 [ 76.868826][ T5741] netlink: 8 bytes leftover after parsing attributes in process `syz.0.74'. [ 77.092818][ T5212] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 77.249292][ T5748] QAT: failed to copy from user. [ 77.291712][ T5212] usb 6-1: Using ep0 maxpacket: 32 [ 77.294821][ T5212] usb 6-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 77.303196][ T5212] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.315879][ T5751] netlink: 'syz.0.78': attribute type 1 has an invalid length. [ 77.318096][ T5751] netlink: 'syz.0.78': attribute type 4 has an invalid length. [ 77.320199][ T5751] netlink: 15334 bytes leftover after parsing attributes in process `syz.0.78'. [ 77.323476][ T5212] usb 6-1: config 0 descriptor?? [ 77.338641][ T5212] as10x_usb: device has been detected [ 77.342042][ T5212] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 77.358221][ T5212] usb 6-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 77.364617][ T5212] as10x_usb: error during firmware upload part1 [ 77.371872][ T5212] Registered device nBox DVB-T Dongle [ 77.435986][ T5752] netlink: 'syz.0.78': attribute type 1 has an invalid length. [ 77.440647][ T5752] netlink: 'syz.0.78': attribute type 4 has an invalid length. [ 77.443566][ T5752] netlink: 15334 bytes leftover after parsing attributes in process `syz.0.78'. [ 77.544364][ T5750] netlink: 8 bytes leftover after parsing attributes in process `syz.2.77'. [ 77.547558][ T5750] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 77.550633][ T5750] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 78.511691][ T62] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 78.701698][ T62] usb 7-1: Using ep0 maxpacket: 32 [ 78.705427][ T62] usb 7-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 78.711893][ T62] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.716145][ T62] usb 7-1: config 0 descriptor?? [ 78.737487][ T62] as10x_usb: device has been detected [ 78.739399][ T62] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 78.770990][ T62] usb 7-1: DVB: registering adapter 2 frontend 0 (nBox DVB-T Dongle)... [ 78.774523][ T62] as10x_usb: error during firmware upload part1 [ 78.776164][ T62] Registered device nBox DVB-T Dongle [ 79.322895][ T62] usb 6-1: USB disconnect, device number 5 [ 79.338980][ T62] Unregistered device nBox DVB-T Dongle [ 79.340276][ T62] as10x_usb: device has been disconnected [ 79.542641][ T5492] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 79.741773][ T5492] usb 5-1: Using ep0 maxpacket: 32 [ 79.746624][ T5492] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32 [ 79.756369][ T5492] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 79.760117][ T5492] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 79.762719][ T5492] usb 5-1: Product: syz [ 79.763887][ T5492] usb 5-1: Manufacturer: syz [ 79.765385][ T5492] usb 5-1: SerialNumber: syz [ 79.768498][ T5492] usb 5-1: config 0 descriptor?? [ 79.776751][ T5775] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 79.781299][ T5492] hub 5-1:0.0: bad descriptor, ignoring hub [ 79.783808][ T5492] hub 5-1:0.0: probe with driver hub failed with error -5 [ 79.789771][ T5492] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input6 [ 79.985523][ C0] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 79.987928][ T5492] usb 5-1: USB disconnect, device number 5 [ 80.041225][ T5789] netlink: 'syz.1.87': attribute type 1 has an invalid length. [ 80.484031][ T5793] No control pipe specified [ 80.511551][ T5793] FAULT_INJECTION: forcing a failure. [ 80.511551][ T5793] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 80.516930][ T5793] CPU: 2 UID: 0 PID: 5793 Comm: syz.3.88 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 80.519920][ T5793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.523472][ T5793] Call Trace: [ 80.524659][ T5793] [ 80.525777][ T5793] dump_stack_lvl+0x16c/0x1f0 [ 80.527499][ T5793] should_fail_ex+0x497/0x5b0 [ 80.529177][ T5793] _copy_from_user+0x30/0xf0 [ 80.530823][ T5793] get_compat_msghdr+0xa8/0x170 [ 80.532581][ T5793] ? __pfx_get_compat_msghdr+0x10/0x10 [ 80.534557][ T5793] ? __pfx___lock_acquire+0x10/0x10 [ 80.536433][ T5793] ___sys_sendmsg+0x1b0/0x1e0 [ 80.538321][ T5793] ? __pfx____sys_sendmsg+0x10/0x10 [ 80.540138][ T5793] ? find_held_lock+0x2d/0x110 [ 80.541882][ T5793] ? ksys_write+0x21c/0x260 [ 80.543525][ T5793] ? __fget_light+0x173/0x210 [ 80.545431][ T5793] __sys_sendmsg+0x117/0x1f0 [ 80.547288][ T5793] ? __pfx___sys_sendmsg+0x10/0x10 [ 80.549301][ T5793] __do_fast_syscall_32+0x73/0x120 [ 80.550840][ T5793] do_fast_syscall_32+0x32/0x80 [ 80.552133][ T5793] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.553778][ T5793] RIP: 0023:0xf7f92579 [ 80.554823][ T5793] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 80.559633][ T5793] RSP: 002b:00000000f56f556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 80.561750][ T5793] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000000 [ 80.563707][ T5793] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 80.565754][ T5793] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 80.568034][ T5793] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 80.570352][ T5793] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.572468][ T5793] [ 81.314410][ T5492] usb 7-1: USB disconnect, device number 9 [ 81.337029][ T5492] Unregistered device nBox DVB-T Dongle [ 81.339126][ T5492] as10x_usb: device has been disconnected [ 81.465966][ T5807] XFS (nullb0): Invalid superblock magic number [ 81.966658][ T5823] netlink: 4 bytes leftover after parsing attributes in process `syz.3.95'. [ 82.206574][ T5840] XFS (nullb0): Invalid superblock magic number [ 82.427277][ T5848] random: crng reseeded on system resumption [ 83.202496][ T5867] ======================================================= [ 83.202496][ T5867] WARNING: The mand mount option has been deprecated and [ 83.202496][ T5867] and is ignored by this kernel. Remove the mand [ 83.202496][ T5867] option from the mount to silence this warning. [ 83.202496][ T5867] ======================================================= [ 83.310804][ T5880] XFS (nullb0): Invalid superblock magic number [ 84.281758][ T5212] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 84.376915][ T39] audit: type=1326 audit(1726611887.101:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5902 comm="syz.1.112" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x0 [ 84.471689][ T5212] usb 8-1: Using ep0 maxpacket: 8 [ 84.481518][ T5212] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 84.485172][ T5212] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 84.487968][ T5212] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 84.491195][ T5212] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.497732][ T5212] usb 8-1: config 0 descriptor?? [ 84.681865][ T5579] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 84.708623][ T5212] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 84.770378][ T5921] /dev/nullb0: Can't open blockdev [ 84.857960][ T5922] random: crng reseeded on system resumption [ 84.861749][ T5579] usb 7-1: Using ep0 maxpacket: 32 [ 84.868057][ T5579] usb 7-1: config index 0 descriptor too short (expected 156, got 27) [ 84.870300][ T5579] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 84.876787][ T5579] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 84.879239][ T5579] usb 7-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 84.881770][ T5579] usb 7-1: Product: syz [ 84.883021][ T5579] usb 7-1: Manufacturer: syz [ 84.884303][ T5579] usb 7-1: SerialNumber: syz [ 84.888275][ T5579] usb 7-1: config 0 descriptor?? [ 84.895443][ T5579] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 84.898878][ T5579] ldusb 7-1:0.0: LD USB Device #1 now attached to major 180 minor 1 [ 84.909136][ T5891] iowarrior 8-1:0.0: Error -90 while submitting URB [ 84.918548][ T5492] usb 8-1: USB disconnect, device number 4 [ 84.921901][ T5492] iowarrior 8-1:0.0: I/O-Warror #0 now disconnected [ 85.119548][ T5579] usb 7-1: USB disconnect, device number 10 [ 85.120825][ T5579] ldusb 7-1:0.0: LD USB Device #1 now disconnected [ 85.194615][ T5931] XFS (nullb0): Invalid superblock magic number [ 85.355811][ T5941] random: crng reseeded on system resumption [ 85.478297][ T5943] mkiss: ax0: crc mode is auto. [ 85.804796][ T5954] netlink: 8 bytes leftover after parsing attributes in process `syz.2.127'. [ 85.961911][ T5579] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 86.111647][ T5400] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 86.161726][ T5579] usb 8-1: Using ep0 maxpacket: 32 [ 86.167565][ T5579] usb 8-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 86.170126][ T5579] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.180094][ T5579] usb 8-1: config 0 descriptor?? [ 86.193462][ T5579] as10x_usb: device has been detected [ 86.195957][ T5579] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 86.233558][ T5579] usb 8-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 86.251886][ T5579] as10x_usb: error during firmware upload part1 [ 86.253718][ T5579] Registered device nBox DVB-T Dongle [ 86.323340][ T5400] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 86.327977][ T5400] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 86.330528][ T5400] usb 7-1: Product: syz [ 86.337075][ T5400] usb 7-1: Manufacturer: syz [ 86.338243][ T5400] usb 7-1: SerialNumber: syz [ 86.344540][ T5958] XFS (nullb0): Invalid superblock magic number [ 86.344653][ T5400] usb 7-1: config 0 descriptor?? [ 86.459650][ T5964] random: crng reseeded on system resumption [ 86.590890][ T4802] usb 7-1: USB disconnect, device number 11 [ 87.175248][ T5976] /dev/nullb0: Can't open blockdev [ 87.293268][ T5978] random: crng reseeded on system resumption [ 87.310321][ T39] audit: type=1400 audit(1726611890.031:5): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=5D9625292F2F2E212D pid=5979 comm="syz.1.133" [ 87.671695][ T5400] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 87.836377][ T4769] usb 8-1: USB disconnect, device number 5 [ 87.854969][ T4769] Unregistered device nBox DVB-T Dongle [ 87.857737][ T4769] as10x_usb: device has been disconnected [ 87.863671][ T5400] usb 6-1: Using ep0 maxpacket: 8 [ 87.873245][ T5400] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 87.875927][ T5400] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 87.880310][ T5400] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 87.888850][ T5400] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.902261][ T5400] usb 6-1: config 0 descriptor?? [ 88.109617][ T5400] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 88.309166][ T5982] iowarrior 6-1:0.0: Error -90 while submitting URB [ 88.322513][ T62] usb 6-1: USB disconnect, device number 6 [ 88.325687][ T62] iowarrior 6-1:0.0: I/O-Warror #0 now disconnected [ 88.398959][ T5993] XFS (nullb0): Invalid superblock magic number [ 88.472254][ T6000] netlink: 4 bytes leftover after parsing attributes in process `syz.3.139'. [ 88.547158][ T6005] random: crng reseeded on system resumption [ 88.868649][ T6016] XFS (nullb0): Invalid superblock magic number [ 88.987866][ T6022] random: crng reseeded on system resumption [ 89.171208][ T6025] netlink: 4 bytes leftover after parsing attributes in process `syz.0.144'. [ 89.239876][ T6025] netlink: 64 bytes leftover after parsing attributes in process `syz.0.144'. [ 89.279901][ T6029] netlink: 24 bytes leftover after parsing attributes in process `syz.2.146'. [ 89.312325][ T6029] netlink: 12 bytes leftover after parsing attributes in process `syz.2.146'. [ 89.757004][ T6040] netlink: 4 bytes leftover after parsing attributes in process `syz.0.149'. [ 89.965860][ T6048] No control pipe specified [ 89.982286][ T5492] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 90.191784][ T5492] usb 8-1: Using ep0 maxpacket: 32 [ 90.203006][ T5492] usb 8-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 90.205301][ T5492] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.208563][ T5492] usb 8-1: config 0 descriptor?? [ 90.224762][ T5492] as10x_usb: device has been detected [ 90.226934][ T5492] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 90.248697][ T5492] usb 8-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 90.254292][ T5492] as10x_usb: error during firmware upload part1 [ 90.256915][ T5492] Registered device nBox DVB-T Dongle [ 90.514683][ T6064] XFS (nullb0): Invalid superblock magic number [ 90.648012][ T6064] random: crng reseeded on system resumption [ 90.650653][ T6077] netlink: 4 bytes leftover after parsing attributes in process `syz.2.158'. [ 90.946876][ T13] Bluetooth: (null): Invalid header checksum [ 90.950381][ T13] Bluetooth: (null): Invalid header checksum [ 91.056729][ T45] Bluetooth: (null): Invalid header checksum [ 91.525298][ T6104] No control pipe specified [ 91.557067][ T6104] overlayfs: missing 'workdir' [ 92.195986][ T5492] usb 8-1: USB disconnect, device number 6 [ 92.269437][ T5492] Unregistered device nBox DVB-T Dongle [ 92.274602][ T5492] as10x_usb: device has been disconnected [ 92.383819][ T6113] syzkaller0: entered promiscuous mode [ 92.386229][ T6113] syzkaller0: entered allmulticast mode [ 92.386291][ T6116] netlink: 4 bytes leftover after parsing attributes in process `syz.1.167'. [ 92.445493][ T6119] XFS (nullb0): Invalid superblock magic number [ 92.547299][ T6125] random: crng reseeded on system resumption [ 92.688086][ T6127] XFS (nullb0): Invalid superblock magic number [ 92.857845][ T6127] random: crng reseeded on system resumption [ 93.644180][ T6149] overlayfs: failed to resolve './file0': -2 [ 94.402125][ T6149] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR [ 94.503521][ T6157] netlink: 4 bytes leftover after parsing attributes in process `syz.2.176'. [ 94.863485][ T5400] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 94.974604][ T6167] XFS (nullb0): Invalid superblock magic number [ 95.051677][ T5400] usb 5-1: Using ep0 maxpacket: 32 [ 95.054998][ T5400] usb 5-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 95.057894][ T5400] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.063221][ T5400] usb 5-1: config 0 descriptor?? [ 95.073497][ T5400] as10x_usb: device has been detected [ 95.075317][ T5400] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 95.098947][ T6173] random: crng reseeded on system resumption [ 95.104841][ T5400] usb 5-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 95.124231][ T5400] as10x_usb: error during firmware upload part1 [ 95.126583][ T5400] Registered device nBox DVB-T Dongle [ 95.413132][ T6186] XFS (nullb0): Invalid superblock magic number [ 95.543229][ T6193] random: crng reseeded on system resumption [ 95.550603][ T6195] syzkaller0: entered promiscuous mode [ 95.555264][ T6195] syzkaller0: entered allmulticast mode [ 95.628734][ T6184] IPv6: NLM_F_CREATE should be specified when creating new route [ 96.001664][ T5400] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 96.191731][ T5400] usb 8-1: Using ep0 maxpacket: 8 [ 96.198570][ T5400] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 96.202538][ T5400] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 96.205409][ T5400] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.221963][ T5400] usb 8-1: config 0 descriptor?? [ 96.448962][ T5400] iowarrior 8-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1 [ 96.642088][ T56] usb 8-1: USB disconnect, device number 7 [ 96.648730][ T56] iowarrior 8-1:0.0: I/O-Warror #1 now disconnected [ 96.749201][ T8] usb 5-1: USB disconnect, device number 6 [ 96.777470][ T8] Unregistered device nBox DVB-T Dongle [ 96.786670][ T8] as10x_usb: device has been disconnected [ 97.084455][ T6209] netlink: 4 bytes leftover after parsing attributes in process `syz.2.189'. [ 97.167553][ T6216] netlink: 4 bytes leftover after parsing attributes in process `syz.1.191'. [ 97.214894][ T6220] XFS (nullb0): Invalid superblock magic number [ 97.321362][ T6228] random: crng reseeded on system resumption [ 97.501410][ T6235] netlink: 'syz.0.195': attribute type 1 has an invalid length. [ 97.509400][ T6235] netlink: 244 bytes leftover after parsing attributes in process `syz.0.195'. [ 97.512139][ T6235] NCSI netlink: No device for ifindex 0 [ 98.051641][ T62] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 98.251693][ T62] usb 6-1: Using ep0 maxpacket: 16 [ 98.323092][ T62] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7 [ 98.326872][ T62] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid maxpacket 50259, setting to 1024 [ 98.335698][ T62] usb 6-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f [ 98.339007][ T62] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 98.347231][ T62] usb 6-1: Product: syz [ 98.348840][ T62] usb 6-1: Manufacturer: syz [ 98.350571][ T62] usb 6-1: SerialNumber: syz [ 98.359696][ T62] usb 6-1: config 0 descriptor?? [ 98.365539][ T6239] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 98.373366][ T62] hub 6-1:0.0: bad descriptor, ignoring hub [ 98.374950][ T62] hub 6-1:0.0: probe with driver hub failed with error -5 [ 98.378963][ T62] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 98.537060][ T6236] syz.3.196 (6236) used greatest stack depth: 20608 bytes left [ 98.905897][ T6251] netlink: 4 bytes leftover after parsing attributes in process `syz.3.201'. [ 98.995714][ T4769] usb 6-1: USB disconnect, device number 7 [ 99.261876][ T35] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 99.462883][ T35] usb 8-1: Using ep0 maxpacket: 32 [ 99.466551][ T35] usb 8-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 99.468916][ T35] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.475050][ T35] usb 8-1: config 0 descriptor?? [ 99.478903][ T35] as10x_usb: device has been detected [ 99.480913][ T35] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 99.516503][ T35] usb 8-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 99.530043][ T35] as10x_usb: error during firmware upload part1 [ 99.532700][ T35] Registered device nBox DVB-T Dongle [ 99.635600][ T6261] fuse: Invalid rootmode [ 99.640725][ T6261] capability: warning: `syz.2.204' uses deprecated v2 capabilities in a way that may be insecure [ 99.871801][ T8] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 100.061867][ T8] usb 6-1: Using ep0 maxpacket: 8 [ 100.066784][ T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 100.069970][ T8] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 100.072602][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 100.077152][ T8] usb 6-1: config 0 descriptor?? [ 100.297654][ T8] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1 [ 100.505942][ T5212] usb 6-1: USB disconnect, device number 8 [ 100.509774][ T5212] iowarrior 6-1:0.0: I/O-Warror #1 now disconnected [ 100.570852][ T6273] FAULT_INJECTION: forcing a failure. [ 100.570852][ T6273] name failslab, interval 1, probability 0, space 0, times 1 [ 100.575041][ T6273] CPU: 2 UID: 0 PID: 6273 Comm: syz.0.208 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 100.577705][ T6273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 100.580536][ T6273] Call Trace: [ 100.581433][ T6273] [ 100.582300][ T6273] dump_stack_lvl+0x16c/0x1f0 [ 100.583580][ T6273] should_fail_ex+0x497/0x5b0 [ 100.584844][ T6273] ? fs_reclaim_acquire+0xae/0x160 [ 100.586194][ T6273] should_failslab+0xc2/0x120 [ 100.587444][ T6273] __kmalloc_noprof+0xcb/0x410 [ 100.588700][ T6273] ? arch_stack_walk+0x118/0x170 [ 100.590014][ T6273] constrain_params_by_rules+0x176/0xca0 [ 100.591482][ T6273] ? stack_trace_save+0x95/0xd0 [ 100.592815][ T6273] ? stack_depot_save_flags+0x28/0x900 [ 100.594298][ T6273] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 100.595907][ T6273] ? find_held_lock+0x2d/0x110 [ 100.597191][ T6273] ? __kasan_kmalloc+0xaa/0xb0 [ 100.598459][ T6273] ? snd_pcm_oss_change_params_locked+0x242/0x3a50 [ 100.600160][ T6273] ? snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 100.601847][ T6273] ? snd_pcm_oss_ioctl+0x3194/0x3780 [ 100.603320][ T6273] ? rcu_is_watching+0x12/0xc0 [ 100.604601][ T6273] ? snd_interval_refine+0x2fa/0x580 [ 100.606005][ T6273] snd_pcm_hw_refine+0x7ef/0xad0 [ 100.607320][ T6273] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 100.608759][ T6273] ? _snd_pcm_hw_param_min+0x259/0x630 [ 100.610201][ T6273] snd_pcm_oss_change_params_locked+0x651/0x3a50 [ 100.611856][ T6273] ? trace_contention_end+0xea/0x140 [ 100.613293][ T6273] ? __mutex_lock+0x1a6/0x9c0 [ 100.614532][ T6273] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 100.616289][ T6273] ? trace_contention_end+0xea/0x140 [ 100.617695][ T6273] ? snd_pcm_oss_get_active_substream+0x146/0x1d0 [ 100.619380][ T6273] ? __pfx___mutex_lock+0x10/0x10 [ 100.620854][ T6273] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 100.622699][ T6273] snd_pcm_oss_ioctl+0x3194/0x3780 [ 100.624089][ T6273] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 100.625553][ T6273] ? __fget_files+0x244/0x3f0 [ 100.626833][ T6273] ? __pfx_snd_pcm_oss_ioctl_compat+0x10/0x10 [ 100.628454][ T6273] __do_compat_sys_ioctl+0x2bd/0x330 [ 100.629881][ T6273] __do_fast_syscall_32+0x73/0x120 [ 100.631276][ T6273] do_fast_syscall_32+0x32/0x80 [ 100.632583][ T6273] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 100.634226][ T6273] RIP: 0023:0xf742e579 [ 100.635315][ T6273] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 100.640093][ T6273] RSP: 002b:00000000f56f556c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 100.642323][ T6273] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0045005 [ 100.644611][ T6273] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 100.646736][ T6273] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 100.648779][ T6273] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 100.650858][ T6273] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 100.652957][ T6273] [ 100.905398][ T6279] netlink: 4 bytes leftover after parsing attributes in process `syz.0.210'. [ 100.918301][ T8] usb 8-1: USB disconnect, device number 8 [ 100.933356][ T8] Unregistered device nBox DVB-T Dongle [ 100.934225][ T8] as10x_usb: device has been disconnected [ 101.109063][ T6285] No control pipe specified [ 101.127035][ T6285] FAULT_INJECTION: forcing a failure. [ 101.127035][ T6285] name failslab, interval 1, probability 0, space 0, times 0 [ 101.131024][ T6285] CPU: 0 UID: 0 PID: 6285 Comm: syz.0.212 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 101.134313][ T6285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 101.137448][ T6285] Call Trace: [ 101.138460][ T6285] [ 101.139281][ T6285] dump_stack_lvl+0x16c/0x1f0 [ 101.140828][ T6285] should_fail_ex+0x497/0x5b0 [ 101.142469][ T6285] ? fs_reclaim_acquire+0xae/0x160 [ 101.144055][ T6285] should_failslab+0xc2/0x120 [ 101.145373][ T6285] __kmalloc_cache_noprof+0x6b/0x310 [ 101.147024][ T6285] ? rtnl_newlink+0x49/0xa0 [ 101.148444][ T6285] rtnl_newlink+0x49/0xa0 [ 101.149709][ T6285] ? __pfx_rtnl_newlink+0x10/0x10 [ 101.151420][ T6285] rtnetlink_rcv_msg+0x3c7/0xea0 [ 101.153059][ T6285] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 101.154794][ T6285] ? __pfx___dev_queue_xmit+0x10/0x10 [ 101.156358][ T6285] netlink_rcv_skb+0x165/0x410 [ 101.158025][ T6285] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 101.159614][ T6285] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 101.161318][ T6285] ? netlink_deliver_tap+0x1ae/0xcf0 [ 101.163290][ T6285] netlink_unicast+0x53c/0x7f0 [ 101.164963][ T6285] ? __pfx_netlink_unicast+0x10/0x10 [ 101.166761][ T6285] ? __phys_addr_symbol+0x30/0x80 [ 101.168546][ T6285] ? __check_object_size+0x497/0x720 [ 101.170227][ T6285] netlink_sendmsg+0x8b8/0xd70 [ 101.171771][ T6285] ? __pfx_netlink_sendmsg+0x10/0x10 [ 101.173497][ T6285] ____sys_sendmsg+0x9ae/0xb40 [ 101.175073][ T6285] ? __pfx_____sys_sendmsg+0x10/0x10 [ 101.176891][ T6285] ? get_compat_msghdr+0x11b/0x170 [ 101.178593][ T6285] ? __pfx___lock_acquire+0x10/0x10 [ 101.180374][ T6285] ___sys_sendmsg+0x135/0x1e0 [ 101.181855][ T6285] ? __pfx____sys_sendmsg+0x10/0x10 [ 101.183606][ T6285] ? find_held_lock+0x2d/0x110 [ 101.185209][ T6285] ? ksys_write+0x21c/0x260 [ 101.186679][ T6285] ? __fget_light+0x173/0x210 [ 101.188374][ T6285] __sys_sendmsg+0x117/0x1f0 [ 101.190020][ T6285] ? __pfx___sys_sendmsg+0x10/0x10 [ 101.191801][ T6285] __do_fast_syscall_32+0x73/0x120 [ 101.193560][ T6285] do_fast_syscall_32+0x32/0x80 [ 101.195097][ T6285] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 101.197111][ T6285] RIP: 0023:0xf742e579 [ 101.198474][ T6285] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 101.204809][ T6285] RSP: 002b:00000000f56f556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 101.207660][ T6285] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000000 [ 101.210502][ T6285] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 101.213319][ T6285] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 101.216076][ T6285] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 101.218816][ T6285] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 101.221598][ T6285] [ 101.291717][ T39] audit: type=1326 audit(1726611904.011:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.2.209" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7fc00000 [ 101.297687][ T39] audit: type=1326 audit(1726611904.011:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.2.209" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf749e579 code=0x7fc00000 [ 101.304950][ T39] audit: type=1326 audit(1726611904.011:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.2.209" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7fc00000 [ 101.305262][ T6288] netlink: 8 bytes leftover after parsing attributes in process `syz.1.213'. [ 101.310854][ T39] audit: type=1326 audit(1726611904.011:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6271 comm="syz.2.209" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749e579 code=0x7fc00000 [ 101.314903][ T6288] netlink: 4 bytes leftover after parsing attributes in process `syz.1.213'. [ 101.322045][ T6288] netlink: 32 bytes leftover after parsing attributes in process `syz.1.213'. [ 101.359942][ T6291] XFS (nullb0): Invalid superblock magic number [ 101.536542][ T6299] random: crng reseeded on system resumption [ 101.802236][ T6308] netlink: 4 bytes leftover after parsing attributes in process `syz.1.219'. [ 101.955182][ T6310] FAULT_INJECTION: forcing a failure. [ 101.955182][ T6310] name failslab, interval 1, probability 0, space 0, times 0 [ 101.972651][ T6310] CPU: 0 UID: 0 PID: 6310 Comm: syz.0.218 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 101.975362][ T6310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 101.978195][ T6310] Call Trace: [ 101.979100][ T6310] [ 101.979906][ T6310] dump_stack_lvl+0x16c/0x1f0 [ 101.981194][ T6310] should_fail_ex+0x497/0x5b0 [ 101.982634][ T6310] ? fs_reclaim_acquire+0xae/0x160 [ 101.984258][ T6310] should_failslab+0xc2/0x120 [ 101.985547][ T6310] __kmalloc_cache_noprof+0x6b/0x310 [ 101.987431][ T6310] ? snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0 [ 101.989644][ T6310] snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0 [ 101.991662][ T6310] ? lockdep_hardirqs_on+0x7c/0x110 [ 101.993257][ T6310] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 101.996135][ T6310] ? kfree+0x12a/0x3b0 [ 101.997660][ T6310] ? snd_pcm_oss_change_params_locked+0x947/0x3a50 [ 101.999828][ T6310] snd_pcm_oss_change_params_locked+0x9b9/0x3a50 [ 102.002230][ T6310] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 102.003986][ T6310] ? trace_contention_end+0xea/0x140 [ 102.005567][ T6310] ? snd_pcm_oss_get_active_substream+0x146/0x1d0 [ 102.007278][ T6310] ? __pfx___mutex_lock+0x10/0x10 [ 102.008606][ T6310] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 102.010314][ T6310] snd_pcm_oss_ioctl+0x3194/0x3780 [ 102.011661][ T6310] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 102.013174][ T6310] ? __fget_files+0x244/0x3f0 [ 102.014396][ T6310] ? __pfx_snd_pcm_oss_ioctl_compat+0x10/0x10 [ 102.015933][ T6310] __do_compat_sys_ioctl+0x2bd/0x330 [ 102.017323][ T6310] __do_fast_syscall_32+0x73/0x120 [ 102.018666][ T6310] do_fast_syscall_32+0x32/0x80 [ 102.019947][ T6310] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 102.021602][ T6310] RIP: 0023:0xf742e579 [ 102.022677][ T6310] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 102.027751][ T6310] RSP: 002b:00000000f56f556c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 102.029867][ T6310] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0045005 [ 102.031917][ T6310] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 102.033978][ T6310] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 102.036049][ T6310] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 102.038107][ T6310] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 102.040166][ T6310] [ 102.098953][ T6317] XFS (nullb0): Invalid superblock magic number [ 102.220820][ T6317] random: crng reseeded on system resumption [ 102.781541][ T6342] syz.2.229: attempt to access beyond end of device [ 102.781541][ T6342] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 102.787140][ T6342] hpfs: hpfs_map_sector(): read error [ 102.804253][ T6342] netlink: 'syz.2.229': attribute type 3 has an invalid length. [ 102.806585][ T6342] netlink: 130984 bytes leftover after parsing attributes in process `syz.2.229'. [ 102.819535][ T6343] netlink: 4 bytes leftover after parsing attributes in process `syz.1.227'. [ 103.094949][ T6362] FAULT_INJECTION: forcing a failure. [ 103.094949][ T6362] name failslab, interval 1, probability 0, space 0, times 0 [ 103.098366][ T6362] CPU: 3 UID: 0 PID: 6362 Comm: syz.2.234 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 103.101147][ T6362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 103.104238][ T6362] Call Trace: [ 103.105280][ T6362] [ 103.106183][ T6362] dump_stack_lvl+0x16c/0x1f0 [ 103.107547][ T6362] should_fail_ex+0x497/0x5b0 [ 103.108892][ T6362] ? fs_reclaim_acquire+0xae/0x160 [ 103.110309][ T6362] should_failslab+0xc2/0x120 [ 103.111581][ T6362] __kmalloc_noprof+0xcb/0x410 [ 103.112947][ T6362] ? is_bpf_text_address+0x94/0x1a0 [ 103.114342][ T6362] ? kernel_text_address+0x8d/0x100 [ 103.115736][ T6362] constrain_params_by_rules+0x176/0xca0 [ 103.117306][ T6362] ? arch_stack_walk+0x118/0x170 [ 103.118685][ T6362] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 103.120591][ T6362] ? stack_trace_save+0x95/0xd0 [ 103.121973][ T6362] ? __pfx_stack_trace_save+0x10/0x10 [ 103.123778][ T6362] ? hlock_class+0x4e/0x130 [ 103.125448][ T6362] ? snd_pcm_oss_change_params_locked+0x9b9/0x3a50 [ 103.127141][ T6362] ? snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 103.128748][ T6362] ? snd_pcm_oss_ioctl+0x3194/0x3780 [ 103.130017][ T6362] ? __do_compat_sys_ioctl+0x2bd/0x330 [ 103.131347][ T6362] ? __do_fast_syscall_32+0x73/0x120 [ 103.132789][ T6362] ? do_fast_syscall_32+0x32/0x80 [ 103.134331][ T6362] ? snd_interval_refine+0x2fa/0x580 [ 103.135731][ T6362] snd_pcm_hw_refine+0x7ef/0xad0 [ 103.137046][ T6362] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 103.138480][ T6362] snd_pcm_hw_param_first+0x328/0x6b0 [ 103.139868][ T6362] snd_pcm_hw_param_near.constprop.0+0x711/0x8f0 [ 103.141399][ T6362] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 103.143414][ T6362] ? kfree+0x12a/0x3b0 [ 103.144848][ T6362] ? snd_pcm_oss_change_params_locked+0x947/0x3a50 [ 103.146797][ T6362] snd_pcm_oss_change_params_locked+0x9b9/0x3a50 [ 103.148405][ T6362] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 103.150115][ T6362] ? trace_contention_end+0xea/0x140 [ 103.151484][ T6362] ? snd_pcm_oss_get_active_substream+0x146/0x1d0 [ 103.153564][ T6362] ? __pfx___mutex_lock+0x10/0x10 [ 103.155296][ T6362] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 103.157011][ T6362] snd_pcm_oss_ioctl+0x3194/0x3780 [ 103.158308][ T6362] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 103.159732][ T6362] ? __fget_files+0x244/0x3f0 [ 103.160994][ T6362] ? __pfx_snd_pcm_oss_ioctl_compat+0x10/0x10 [ 103.162544][ T6362] __do_compat_sys_ioctl+0x2bd/0x330 [ 103.164377][ T6362] __do_fast_syscall_32+0x73/0x120 [ 103.165991][ T6362] do_fast_syscall_32+0x32/0x80 [ 103.167247][ T6362] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 103.169023][ T6362] RIP: 0023:0xf749e579 [ 103.170110][ T6362] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 103.175275][ T6362] RSP: 002b:00000000f576556c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 103.177419][ T6362] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0045005 [ 103.179384][ T6362] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 103.181692][ T6362] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 103.184357][ T6362] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 103.187108][ T6362] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 103.189941][ T6362] [ 103.620549][ T6368] netlink: 4 bytes leftover after parsing attributes in process `syz.2.235'. [ 103.989307][ T6378] netlink: 'syz.0.237': attribute type 3 has an invalid length. [ 103.991649][ T6378] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.237'. [ 104.731654][ T5579] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 104.911728][ T5579] usb 7-1: Using ep0 maxpacket: 8 [ 104.919538][ T5579] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 104.924896][ T5579] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 104.928180][ T5579] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.932510][ T5579] usb 7-1: config 0 descriptor?? [ 105.059740][ T6404] netlink: 8 bytes leftover after parsing attributes in process `syz.3.246'. [ 105.155376][ T5579] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 105.159769][ T6407] FAULT_INJECTION: forcing a failure. [ 105.159769][ T6407] name failslab, interval 1, probability 0, space 0, times 0 [ 105.164687][ T6407] CPU: 0 UID: 0 PID: 6407 Comm: syz.1.244 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 105.168839][ T6407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 105.172416][ T6407] Call Trace: [ 105.173400][ T6407] [ 105.174446][ T6407] dump_stack_lvl+0x16c/0x1f0 [ 105.176138][ T6407] should_fail_ex+0x497/0x5b0 [ 105.177700][ T6407] ? fs_reclaim_acquire+0xae/0x160 [ 105.179391][ T6407] should_failslab+0xc2/0x120 [ 105.181006][ T6407] __kmalloc_noprof+0xcb/0x410 [ 105.182666][ T6407] ? kasan_quarantine_put+0x10a/0x240 [ 105.184641][ T6407] constrain_params_by_rules+0x176/0xca0 [ 105.186551][ T6407] ? rcu_is_watching+0x12/0xc0 [ 105.188248][ T6407] ? constrain_params_by_rules+0xa0e/0xca0 [ 105.190316][ T6407] ? constrain_params_by_rules+0xa13/0xca0 [ 105.192195][ T6407] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 105.194339][ T6407] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 105.196364][ T6407] ? snd_pcm_oss_change_params_locked+0x1376/0x3a50 [ 105.198654][ T6407] ? snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 105.200862][ T6407] ? snd_interval_refine+0x2fa/0x580 [ 105.202646][ T6407] snd_pcm_hw_refine+0x7ef/0xad0 [ 105.204410][ T6407] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 105.206500][ T6407] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 105.208430][ T6407] snd_pcm_hw_param_first+0x328/0x6b0 [ 105.210231][ T6407] snd_pcm_hw_param_near.constprop.0+0x711/0x8f0 [ 105.212331][ T6407] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 105.214461][ T6407] ? calc_src_frames.isra.0+0x187/0x1d0 [ 105.216373][ T6407] ? calc_dst_frames.constprop.0.isra.0+0x103/0x130 [ 105.218555][ T6407] snd_pcm_oss_change_params_locked+0x1376/0x3a50 [ 105.220649][ T6407] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 105.222776][ T6407] ? trace_contention_end+0xea/0x140 [ 105.224591][ T6407] ? snd_pcm_oss_get_active_substream+0x146/0x1d0 [ 105.226658][ T6407] ? __pfx___mutex_lock+0x10/0x10 [ 105.228345][ T6407] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 105.230325][ T6407] snd_pcm_oss_ioctl+0x3194/0x3780 [ 105.232112][ T6407] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 105.233813][ T6407] ? __fget_files+0x244/0x3f0 [ 105.235491][ T6407] ? __pfx_snd_pcm_oss_ioctl_compat+0x10/0x10 [ 105.237601][ T6407] __do_compat_sys_ioctl+0x2bd/0x330 [ 105.239445][ T6407] __do_fast_syscall_32+0x73/0x120 [ 105.241015][ T6407] do_fast_syscall_32+0x32/0x80 [ 105.242730][ T6407] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 105.244905][ T6407] RIP: 0023:0xf7f68579 [ 105.246276][ T6407] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 105.252489][ T6407] RSP: 002b:00000000f56a456c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 105.255233][ T6407] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0045005 [ 105.257744][ T6407] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 105.260456][ T6407] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 105.263298][ T6407] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 105.265964][ T6407] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 105.268459][ T6407] [ 105.269679][ C0] vkms_vblank_simulate: vblank timer overrun [ 105.283218][ T6412] No control pipe specified [ 105.414310][ T5212] usb 7-1: USB disconnect, device number 12 [ 105.414367][ C2] iowarrior 7-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19 [ 105.436492][ T5212] iowarrior 7-1:0.0: I/O-Warror #0 now disconnected [ 105.783266][ T6422] input: syz0 as /devices/virtual/input/input7 [ 105.944345][ T6433] 9pnet_fd: Insufficient options for proto=fd [ 105.947859][ T6433] netlink: 32 bytes leftover after parsing attributes in process `syz.0.253'. [ 105.950934][ T6433] netlink: 20 bytes leftover after parsing attributes in process `syz.0.253'. [ 105.957599][ T6433] netlink: 44 bytes leftover after parsing attributes in process `syz.0.253'. [ 105.960603][ T6434] netlink: 4 bytes leftover after parsing attributes in process `syz.3.252'. [ 105.960828][ T6433] netlink: 40 bytes leftover after parsing attributes in process `syz.0.253'. [ 105.967883][ T6436] fuse: Bad value for 'group_id' [ 105.969477][ T6436] fuse: Bad value for 'group_id' [ 105.978125][ T6436] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 106.591897][ T35] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 106.804347][ T35] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 106.807242][ T35] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 106.810127][ T35] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 106.813162][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.819114][ T6442] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 106.825724][ T35] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 107.085937][ T35] usb 7-1: USB disconnect, device number 13 [ 107.442115][ T6451] FAULT_INJECTION: forcing a failure. [ 107.442115][ T6451] name failslab, interval 1, probability 0, space 0, times 0 [ 107.446206][ T6451] CPU: 1 UID: 0 PID: 6451 Comm: syz.3.259 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 107.449793][ T6451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 107.453592][ T6451] Call Trace: [ 107.454830][ T6451] [ 107.455900][ T6451] dump_stack_lvl+0x16c/0x1f0 [ 107.457378][ T6451] should_fail_ex+0x497/0x5b0 [ 107.458680][ T6451] ? fs_reclaim_acquire+0xae/0x160 [ 107.460334][ T6451] should_failslab+0xc2/0x120 [ 107.461747][ T6451] __kmalloc_noprof+0xcb/0x410 [ 107.463225][ T6451] ? arch_stack_walk+0x118/0x170 [ 107.464804][ T6451] constrain_params_by_rules+0x176/0xca0 [ 107.466537][ T6451] ? stack_trace_save+0x95/0xd0 [ 107.467891][ T6451] ? stack_depot_save_flags+0x28/0x900 [ 107.469409][ T6451] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 107.471699][ T6451] ? __kasan_kmalloc+0xaa/0xb0 [ 107.473623][ T6451] ? snd_pcm_hw_param_near.constprop.0+0xbe/0x8f0 [ 107.475957][ T6451] ? snd_pcm_oss_change_params_locked+0x1376/0x3a50 [ 107.477807][ T6451] ? snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 107.479854][ T6451] ? snd_interval_refine+0x2fa/0x580 [ 107.481832][ T6451] snd_pcm_hw_refine+0x7ef/0xad0 [ 107.483628][ T6451] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 107.485683][ T6451] ? _snd_pcm_hw_param_min+0x259/0x630 [ 107.487608][ T6451] snd_pcm_hw_param_near.constprop.0+0x597/0x8f0 [ 107.489550][ T6451] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 107.491340][ T6451] ? calc_src_frames.isra.0+0x187/0x1d0 [ 107.493090][ T6451] ? calc_dst_frames.constprop.0.isra.0+0x103/0x130 [ 107.495517][ T6451] snd_pcm_oss_change_params_locked+0x1376/0x3a50 [ 107.497887][ T6451] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 107.500169][ T6451] ? trace_contention_end+0xea/0x140 [ 107.501878][ T6451] ? snd_pcm_oss_get_active_substream+0x146/0x1d0 [ 107.504007][ T6451] ? __pfx___mutex_lock+0x10/0x10 [ 107.505924][ T6451] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 107.508182][ T6451] snd_pcm_oss_ioctl+0x3194/0x3780 [ 107.510023][ T6451] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 107.511973][ T6451] ? __fget_files+0x244/0x3f0 [ 107.513598][ T6451] ? __pfx_snd_pcm_oss_ioctl_compat+0x10/0x10 [ 107.515255][ T6451] __do_compat_sys_ioctl+0x2bd/0x330 [ 107.516716][ T6451] __do_fast_syscall_32+0x73/0x120 [ 107.518199][ T6451] do_fast_syscall_32+0x32/0x80 [ 107.519541][ T6451] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 107.521265][ T6451] RIP: 0023:0xf7f92579 [ 107.522356][ T6451] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 107.527468][ T6451] RSP: 002b:00000000f56f556c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 107.530066][ T6451] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0045005 [ 107.532104][ T6451] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 107.533253][ T6453] No control pipe specified [ 107.534152][ T6451] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 107.537456][ T6451] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 107.539521][ T6451] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 107.541592][ T6451] [ 107.984884][ T6475] XFS (nullb0): Invalid superblock magic number [ 108.212212][ T6485] random: crng reseeded on system resumption [ 109.687440][ T6504] No control pipe specified [ 109.814847][ T6511] sd 0:0:0:0: PR command failed: 1026 [ 109.817022][ T6511] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 109.819710][ T6511] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 110.091668][ T4769] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 110.271724][ T4769] usb 8-1: Using ep0 maxpacket: 32 [ 110.280107][ T4769] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 110.283986][ T4769] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 110.286903][ T4769] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 110.295808][ T4769] usb 8-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 110.298201][ T4769] usb 8-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 110.300565][ T4769] usb 8-1: Product: syz [ 110.302421][ T4769] usb 8-1: Manufacturer: syz [ 110.303998][ T4769] usb 8-1: SerialNumber: syz [ 110.311118][ T6511] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 110.319946][ T4769] input: appletouch as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:1.0/input/input8 [ 110.349192][ C3] appletouch 8-1:1.0: atp_complete: usb_submit_urb failed with result -1 [ 110.426253][ T6512] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR [ 110.547854][ T39] audit: type=1400 audit(1726611913.271:10): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=6518 comm="syz.2.276" [ 110.723613][ T6523] XFS (nullb0): Invalid superblock magic number [ 110.871722][ T6531] XFS (nullb0): Invalid superblock magic number [ 110.898624][ T6537] random: crng reseeded on system resumption [ 110.961677][ T4802] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 111.141655][ T4802] usb 6-1: Using ep0 maxpacket: 32 [ 111.144791][ T4802] usb 6-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 111.147149][ T4802] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.151163][ T4802] usb 6-1: config 0 descriptor?? [ 111.164804][ T4802] as10x_usb: device has been detected [ 111.166718][ T4802] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 111.179829][ T4802] usb 6-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 111.182937][ T4802] as10x_usb: error during firmware upload part1 [ 111.184726][ T4802] Registered device nBox DVB-T Dongle [ 111.651749][ T5492] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 111.832079][ T5492] usb 5-1: Using ep0 maxpacket: 8 [ 111.845505][ T5492] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 111.851260][ T5492] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 111.855538][ T5492] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.864346][ T5492] usb 5-1: config 0 descriptor?? [ 112.201259][ T5492] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1 [ 112.405370][ T4769] usb 5-1: USB disconnect, device number 7 [ 112.425324][ T4769] iowarrior 5-1:0.0: I/O-Warror #1 now disconnected [ 112.738300][ T4802] usb 6-1: USB disconnect, device number 9 [ 112.759833][ T4802] Unregistered device nBox DVB-T Dongle [ 112.762467][ T25] usb 8-1: USB disconnect, device number 9 [ 112.772300][ T4802] as10x_usb: device has been disconnected [ 112.775746][ T25] appletouch 8-1:1.0: input: appletouch disconnected [ 113.209615][ T6563] XFS (nullb0): Invalid superblock magic number [ 113.327929][ T6570] random: crng reseeded on system resumption [ 113.421721][ T6571] FAULT_INJECTION: forcing a failure. [ 113.421721][ T6571] name failslab, interval 1, probability 0, space 0, times 0 [ 113.427134][ T6571] CPU: 0 UID: 0 PID: 6571 Comm: syz.0.288 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 113.430650][ T6571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 113.433774][ T6571] Call Trace: [ 113.434662][ T6571] [ 113.435681][ T6571] dump_stack_lvl+0x16c/0x1f0 [ 113.437212][ T6571] should_fail_ex+0x497/0x5b0 [ 113.438669][ T6571] ? fs_reclaim_acquire+0xae/0x160 [ 113.440286][ T6571] should_failslab+0xc2/0x120 [ 113.441774][ T6571] __kmalloc_noprof+0xcb/0x410 [ 113.443261][ T6571] constrain_params_by_rules+0x176/0xca0 [ 113.445030][ T6571] ? snd_pcm_hw_param_near.constprop.0+0x73e/0x8f0 [ 113.447009][ T6571] ? __pfx_mark_lock+0x10/0x10 [ 113.448503][ T6571] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 113.450414][ T6571] ? hlock_class+0x4e/0x130 [ 113.451819][ T6571] ? mark_lock+0xb5/0xc60 [ 113.453162][ T6571] ? __pfx___lock_acquire+0x10/0x10 [ 113.454750][ T6571] ? snd_interval_refine+0x2fa/0x580 [ 113.456377][ T6571] snd_pcm_hw_refine+0x7ef/0xad0 [ 113.457922][ T6571] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 113.459596][ T6571] ? __pfx_lock_release+0x10/0x10 [ 113.461160][ T6571] ? mark_held_locks+0x9f/0xe0 [ 113.462636][ T6571] snd_pcm_hw_params+0x2ce/0x1a30 [ 113.464188][ T6571] ? snd_pcm_drop+0x230/0x2b0 [ 113.465654][ T6571] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 113.467330][ T6571] ? mark_held_locks+0x9f/0xe0 [ 113.468816][ T6571] ? _raw_spin_unlock_irq+0x23/0x50 [ 113.470421][ T6571] ? lockdep_hardirqs_on+0x7c/0x110 [ 113.472034][ T6571] snd_pcm_kernel_ioctl+0x147/0x2d0 [ 113.473661][ T6571] snd_pcm_oss_change_params_locked+0x1410/0x3a50 [ 113.475632][ T6571] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 113.477825][ T6571] ? snd_pcm_oss_get_active_substream+0x146/0x1d0 [ 113.479886][ T6571] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 113.481879][ T6571] snd_pcm_oss_get_formats+0x7f/0x350 [ 113.483545][ T6571] ? __pfx_snd_pcm_oss_get_formats+0x10/0x10 [ 113.485422][ T6571] ? __might_fault+0xe3/0x190 [ 113.486991][ T6571] snd_pcm_oss_ioctl+0x2ee1/0x3780 [ 113.488618][ T6571] ? __fget_files+0x244/0x3f0 [ 113.490117][ T6571] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 113.491814][ T6571] ? __fget_files+0x244/0x3f0 [ 113.493298][ T6571] ? __pfx_snd_pcm_oss_ioctl_compat+0x10/0x10 [ 113.495169][ T6571] __do_compat_sys_ioctl+0x2bd/0x330 [ 113.496771][ T6571] __do_fast_syscall_32+0x73/0x120 [ 113.498454][ T6571] do_fast_syscall_32+0x32/0x80 [ 113.499740][ T6571] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 113.501438][ T6571] RIP: 0023:0xf742e579 [ 113.502517][ T6571] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 113.507801][ T6571] RSP: 002b:00000000f56d456c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 113.510003][ T6571] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0045005 [ 113.512069][ T6571] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 113.514164][ T6571] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 113.516244][ T6571] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 113.518423][ T6571] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 113.520701][ T6571] [ 113.789420][ T6583] netlink: 8 bytes leftover after parsing attributes in process `syz.1.293'. [ 113.792214][ T6583] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 113.795649][ T6583] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 114.381654][ T1854] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 114.581703][ T1854] usb 5-1: Using ep0 maxpacket: 32 [ 114.584489][ T1854] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36 [ 114.588935][ T1854] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 114.591458][ T1854] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.594077][ T1854] usb 5-1: Product: syz [ 114.595175][ T1854] usb 5-1: Manufacturer: syz [ 114.597275][ T1854] usb 5-1: SerialNumber: syz [ 114.600028][ T1854] usb 5-1: config 0 descriptor?? [ 114.604809][ T6590] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 114.607887][ T1854] hub 5-1:0.0: bad descriptor, ignoring hub [ 114.609921][ T1854] hub 5-1:0.0: probe with driver hub failed with error -5 [ 114.615834][ T1854] input: syz syz as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input9 [ 114.828855][ T4802] usb 5-1: USB disconnect, device number 8 [ 114.828941][ C0] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 115.144849][ T6608] XFS (nullb0): Invalid superblock magic number [ 115.286526][ T6614] random: crng reseeded on system resumption [ 115.546192][ T6619] netlink: 4 bytes leftover after parsing attributes in process `syz.0.303'. [ 115.575034][ T6621] XFS (nullb0): Invalid superblock magic number [ 115.828820][ T6628] random: crng reseeded on system resumption [ 116.591709][ T4802] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 116.774872][ T4802] usb 6-1: Using ep0 maxpacket: 32 [ 116.778959][ T4802] usb 6-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 116.782470][ T4802] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.786178][ T4802] usb 6-1: config 0 descriptor?? [ 116.792155][ T4802] as10x_usb: device has been detected [ 116.794012][ T4802] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 116.809605][ T4802] usb 6-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 116.816270][ T4802] as10x_usb: error during firmware upload part1 [ 116.817996][ T4802] Registered device nBox DVB-T Dongle [ 116.947970][ T6638] netlink: 8 bytes leftover after parsing attributes in process `syz.0.308'. [ 116.953840][ T6638] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 116.959788][ T6638] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 116.996260][ T6639] netlink: 8 bytes leftover after parsing attributes in process `syz.3.309'. [ 118.219374][ T6649] netlink: 8 bytes leftover after parsing attributes in process `syz.3.310'. [ 118.226877][ T6649] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 118.241131][ T6649] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 118.281095][ T5492] usb 6-1: USB disconnect, device number 10 [ 118.319007][ T5492] Unregistered device nBox DVB-T Dongle [ 118.319987][ T5492] as10x_usb: device has been disconnected [ 118.672188][ T6668] XFS (nullb0): Invalid superblock magic number [ 118.865972][ T6674] random: crng reseeded on system resumption [ 118.973167][ T6681] netlink: 'syz.1.318': attribute type 10 has an invalid length. [ 119.011863][ T6681] bond0: (slave bond_slave_0): Releasing backup interface [ 119.039117][ T6680] netlink: 'syz.1.318': attribute type 10 has an invalid length. [ 119.070339][ T6683] netlink: 8 bytes leftover after parsing attributes in process `syz.3.319'. [ 119.073767][ T6683] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 119.076364][ T6683] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 119.155975][ T6685] syz.1.320: attempt to access beyond end of device [ 119.155975][ T6685] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0 [ 119.159457][ T6685] vxfs: unable to read disk superblock at 1 [ 119.162948][ T6685] syz.1.320: attempt to access beyond end of device [ 119.162948][ T6685] nbd1: rw=0, sector=16, nr_sectors = 2 limit=0 [ 119.171911][ T6685] vxfs: unable to read disk superblock at 8 [ 119.173996][ T6685] vxfs: can't find superblock. [ 119.286439][ T6695] netlink: 24 bytes leftover after parsing attributes in process `syz.1.323'. [ 119.541185][ T39] audit: type=1326 audit(1726611922.261:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6698 comm="syz.1.324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000 [ 119.550574][ T39] audit: type=1326 audit(1726611922.271:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6698 comm="syz.1.324" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f68579 code=0x7fc00000 [ 120.027977][ T6704] FAULT_INJECTION: forcing a failure. [ 120.027977][ T6704] name failslab, interval 1, probability 0, space 0, times 0 [ 120.031313][ T6704] CPU: 3 UID: 0 PID: 6704 Comm: syz.3.325 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 120.034137][ T6704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 120.036952][ T6704] Call Trace: [ 120.037847][ T6704] [ 120.038638][ T6704] dump_stack_lvl+0x16c/0x1f0 [ 120.039918][ T6704] should_fail_ex+0x497/0x5b0 [ 120.041616][ T6704] ? fs_reclaim_acquire+0xae/0x160 [ 120.043004][ T6704] should_failslab+0xc2/0x120 [ 120.044246][ T6704] __kmalloc_noprof+0xcb/0x410 [ 120.045632][ T6704] constrain_params_by_rules+0x176/0xca0 [ 120.047658][ T6704] ? __pfx___lock_acquire+0x10/0x10 [ 120.049530][ T6704] ? __pfx_mark_lock+0x10/0x10 [ 120.051265][ T6704] ? hlock_class+0x4e/0x130 [ 120.052918][ T6704] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 120.055124][ T6704] ? hlock_class+0x4e/0x130 [ 120.056755][ T6704] ? mark_lock+0xb5/0xc60 [ 120.058289][ T6704] ? __pfx___lock_acquire+0x10/0x10 [ 120.060154][ T6704] ? snd_interval_refine+0x2fa/0x580 [ 120.061930][ T6704] snd_pcm_hw_refine+0x7ef/0xad0 [ 120.063225][ T6704] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 120.064976][ T6704] ? __pfx_lock_release+0x10/0x10 [ 120.066333][ T6704] ? mark_held_locks+0x9f/0xe0 [ 120.067602][ T6704] snd_pcm_hw_params+0x2ce/0x1a30 [ 120.068954][ T6704] ? lockdep_hardirqs_on+0x7c/0x110 [ 120.070371][ T6704] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 120.071807][ T6704] ? _raw_spin_unlock_irq+0x29/0x50 [ 120.073162][ T6704] snd_pcm_kernel_ioctl+0x147/0x2d0 [ 120.074547][ T6704] snd_pcm_oss_change_params_locked+0x1410/0x3a50 [ 120.076240][ T6704] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 120.078014][ T6704] ? trace_contention_end+0xea/0x140 [ 120.079408][ T6704] ? snd_pcm_oss_get_active_substream+0x146/0x1d0 [ 120.081099][ T6704] ? __pfx___mutex_lock+0x10/0x10 [ 120.082406][ T6704] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 120.084035][ T6704] snd_pcm_oss_ioctl+0x3194/0x3780 [ 120.085400][ T6704] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 120.086771][ T6704] ? __fget_files+0x244/0x3f0 [ 120.087987][ T6704] ? __pfx_snd_pcm_oss_ioctl_compat+0x10/0x10 [ 120.089556][ T6704] __do_compat_sys_ioctl+0x2bd/0x330 [ 120.091092][ T6704] __do_fast_syscall_32+0x73/0x120 [ 120.092396][ T6704] do_fast_syscall_32+0x32/0x80 [ 120.093678][ T6704] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 120.095310][ T6704] RIP: 0023:0xf7f92579 [ 120.096398][ T6704] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 120.101619][ T6704] RSP: 002b:00000000f56f556c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 120.103896][ T6704] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0045005 [ 120.106068][ T6704] RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 120.108231][ T6704] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 120.110389][ T6704] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 120.112459][ T6704] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 120.115235][ T6704] [ 120.197543][ T6703] ------------[ cut here ]------------ [ 120.199294][ T6703] kernel BUG at arch/x86/mm/physaddr.c:28! [ 120.201350][ T6703] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 120.204048][ T6703] CPU: 2 UID: 0 PID: 6703 Comm: syz.3.325 Not tainted 6.11.0-syzkaller-02574-ga430d95c5efa #0 [ 120.207781][ T6703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 120.211023][ T6703] RIP: 0010:__phys_addr+0xd8/0x150 [ 120.212723][ T6703] Code: 48 d3 e8 48 89 c5 48 89 c6 e8 04 ee 4c 00 48 85 ed 75 11 e8 8a eb 4c 00 48 89 d8 5b 5d 41 5c c3 cc cc cc cc e8 79 eb 4c 00 90 <0f> 0b e8 71 eb 4c 00 48 c7 c0 10 60 ba 8d 48 ba 00 00 00 00 00 fc [ 120.219446][ T6703] RSP: 0018:ffffc9000c01f550 EFLAGS: 00010293 [ 120.221688][ T6703] RAX: 0000000000000000 RBX: 0000778000000000 RCX: ffffffff813e38c0 [ 120.223788][ T6703] RDX: ffff888024ecc880 RSI: ffffffff813e3947 RDI: 0000000000000006 [ 120.225975][ T6703] RBP: 0000000080000000 R08: 0000000000000006 R09: 0000000080000000 [ 120.228026][ T6703] R10: 0000778000000000 R11: 0000000000000000 R12: 0000000000000000 [ 120.230133][ T6703] R13: 0000000000000000 R14: ffff88801e93d000 R15: ffffc9000c01f680 [ 120.232225][ T6703] FS: 0000000000000000(0000) GS:ffff88802b800000(0063) knlGS:00000000f5716b40 [ 120.234641][ T6703] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 120.236361][ T6703] CR2: 0000000020bff000 CR3: 0000000025f2a000 CR4: 0000000000350ef0 [ 120.238452][ T6703] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 120.240538][ T6703] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 120.242772][ T6703] Call Trace: [ 120.243646][ T6703] [ 120.244439][ T6703] ? show_regs+0x8c/0xa0 [ 120.245574][ T6703] ? die+0x36/0xa0 [ 120.246571][ T6703] ? do_trap+0x232/0x430 [ 120.247685][ T6703] ? __phys_addr+0xd8/0x150 [ 120.248883][ T6703] ? __phys_addr+0xd8/0x150 [ 120.250094][ T6703] ? do_error_trap+0xf4/0x230 [ 120.251680][ T6703] ? __phys_addr+0xd8/0x150 [ 120.253026][ T6703] ? handle_invalid_op+0x34/0x40 [ 120.254506][ T6703] ? __phys_addr+0xd8/0x150 [ 120.256019][ T6703] ? exc_invalid_op+0x2e/0x50 [ 120.257664][ T6703] ? asm_exc_invalid_op+0x1a/0x20 [ 120.259447][ T6703] ? __phys_addr+0x50/0x150 [ 120.261066][ T6703] ? __phys_addr+0xd7/0x150 [ 120.262658][ T6703] ? __phys_addr+0xd8/0x150 [ 120.264258][ T6703] snd_pcm_mmap_data_fault+0x3f2/0x4c0 [ 120.266188][ T6703] __do_fault+0x10a/0x490 [ 120.267718][ T6703] __handle_mm_fault+0x3b47/0x5470 [ 120.269523][ T6703] ? __pfx___handle_mm_fault+0x10/0x10 [ 120.271467][ T6703] ? follow_page_pte+0x3dc/0x1cf0 [ 120.273316][ T6703] handle_mm_fault+0x498/0xa60 [ 120.275038][ T6703] __get_user_pages+0x475/0x15c0 [ 120.276862][ T6703] ? __pfx___get_user_pages+0x10/0x10 [ 120.278804][ T6703] __gup_longterm_locked+0x22e/0x1b30 [ 120.280639][ T6703] ? __pfx_lock_acquire+0x10/0x10 [ 120.282361][ T6703] ? __pfx___gup_longterm_locked+0x10/0x10 [ 120.284357][ T6703] ? rwsem_read_trylock+0x12d/0x250 [ 120.286192][ T6703] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 120.288141][ T6703] ? sanity_check_pinned_pages+0x384/0x1220 [ 120.290228][ T6703] pin_user_pages_remote+0xee/0x150 [ 120.291731][ T6703] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 120.293271][ T6703] ? down_read+0xc9/0x330 [ 120.294523][ T6703] ? unpin_user_pages_dirty_lock+0x45d/0x4e0 [ 120.296719][ T6703] ? copy_page_to_iter+0x160/0x180 [ 120.298298][ T6703] process_vm_rw_core.constprop.0+0x439/0x9f0 [ 120.300089][ T6703] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 120.302066][ T6703] ? copy_compat_iovec_from_user+0x11b/0x180 [ 120.303795][ T6703] ? copy_compat_iovec_from_user+0x80/0x180 [ 120.305680][ T6703] process_vm_rw+0x301/0x360 [ 120.307105][ T6703] ? __pfx_process_vm_rw+0x10/0x10 [ 120.308459][ T6703] ? preempt_schedule_thunk+0x1a/0x30 [ 120.310337][ T6703] ? __pfx___ia32_sys_futex_time32+0x10/0x10 [ 120.311970][ T6703] __ia32_sys_process_vm_readv+0xdf/0x1b0 [ 120.313820][ T6703] ? lockdep_hardirqs_on+0x7c/0x110 [ 120.315404][ T6703] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 120.317646][ T6703] __do_fast_syscall_32+0x73/0x120 [ 120.319374][ T6703] do_fast_syscall_32+0x32/0x80 [ 120.321130][ T6703] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 120.323318][ T6703] RIP: 0023:0xf7f92579 [ 120.324765][ T6703] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 120.330370][ T6703] RSP: 002b:00000000f571656c EFLAGS: 00000296 ORIG_RAX: 000000000000015b [ 120.332718][ T6703] RAX: ffffffffffffffda RBX: 00000000000000e8 RCX: 0000000020008400 [ 120.334974][ T6703] RDX: 0000000000000002 RSI: 0000000020000400 RDI: 00000000000002db [ 120.337615][ T6703] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 120.339889][ T6703] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 120.342510][ T6703] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 120.345096][ T6703] [ 120.346113][ T6703] Modules linked in: [ 120.349490][ T39] audit: type=1326 audit(1726611923.071:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6698 comm="syz.1.324" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f68579 code=0x7fc00000 [ 120.357657][ T6703] ---[ end trace 0000000000000000 ]--- [ 120.359950][ T6703] RIP: 0010:__phys_addr+0xd8/0x150 [ 120.363681][ T6703] Code: 48 d3 e8 48 89 c5 48 89 c6 e8 04 ee 4c 00 48 85 ed 75 11 e8 8a eb 4c 00 48 89 d8 5b 5d 41 5c c3 cc cc cc cc e8 79 eb 4c 00 90 <0f> 0b e8 71 eb 4c 00 48 c7 c0 10 60 ba 8d 48 ba 00 00 00 00 00 fc [ 120.371839][ T6703] RSP: 0018:ffffc9000c01f550 EFLAGS: 00010293 [ 120.377007][ T6703] RAX: 0000000000000000 RBX: 0000778000000000 RCX: ffffffff813e38c0 [ 120.379560][ T6703] RDX: ffff888024ecc880 RSI: ffffffff813e3947 RDI: 0000000000000006 [ 120.382377][ T6703] RBP: 0000000080000000 R08: 0000000000000006 R09: 0000000080000000 [ 120.385157][ T6703] R10: 0000778000000000 R11: 0000000000000000 R12: 0000000000000000 [ 120.387841][ T6703] R13: 0000000000000000 R14: ffff88801e93d000 R15: ffffc9000c01f680 [ 120.390535][ T6703] FS: 0000000000000000(0000) GS:ffff88802b800000(0063) knlGS:00000000f5716b40 [ 120.393736][ T6703] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 120.401772][ T6703] CR2: 00005583dfdec000 CR3: 0000000025f2a000 CR4: 0000000000350ef0 [ 120.404660][ T6703] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 120.407332][ T6703] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 120.409987][ T6703] Kernel panic - not syncing: Fatal exception [ 120.412423][ T6703] Kernel Offset: disabled [ 120.413701][ T6703] Rebooting in 86400 seconds.. VM DIAGNOSIS: 22:25:23 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=1ffff920001cdf17 RCX=ffffffff81c75bd2 RDX=ffff88801f93c880 RSI=ffffffff81c75bf1 RDI=ffffffff8ddb9b60 RBP=0000000000000000 RSP=ffffc90000e6f8a8 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=ffff88802b628a40 R12=ffffffff8ddb9b60 R13=0000000000000001 R14=000000000003d8cc R15=ffff88805e16a000 RIP=ffffffff81694e05 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f51e2fb2 CR3=0000000060c92000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000001 RBX=ffffea00015eedb4 RCX=ffffffff81d2f5f1 RDX=fffff940002bddb7 RSI=0000000000000004 RDI=ffffea00015eedb4 RBP=ffffea00015eed80 RSP=ffffc9000353f748 R8 =0000000000000001 R9 =fffff940002bddb6 R10=ffffea00015eedb7 R11=dffffc0000000000 R12=0000000000000008 R13=ffff888058d2b600 R14=dffffc0000000000 R15=ffffea00015eed80 RIP=ffffffff81d2f5f6 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7f855b8 CR3=00000000484b4000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fcd3b5 RDI=ffffffff9a5e9460 RBP=ffffffff9a5e9420 RSP=ffffc9000c01eee8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552032203a555043 R12=0000000000000000 R13=0000000000000030 R14=ffffffff84fcd350 R15=0000000000000000 RIP=ffffffff84fcd3df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b800000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020bff000 CR3=0000000025f2a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000000b626c RBX=0000000000000003 RCX=ffffffff8b094f29 RDX=ffffed1005726fda RSI=ffffffff8bb09d00 RDI=ffffffff816353dc RBP=ffffed10037e6488 RSP=ffffc90000497e08 R8 =0000000000000000 R9 =ffffed1005726fd9 R10=ffff88802b937ecb R11=0000000000000001 R12=0000000000000003 R13=ffff88801bf32440 R14=ffffffff901b3398 R15=0000000000000000 RIP=ffffffff8b09630f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f56f4fbc CR3=0000000025f2a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000