last executing test programs: 4m11.103919062s ago: executing program 3 (id=347): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x1f, 0x15, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfdfffffc, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x6d}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x19, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 4m11.053985622s ago: executing program 3 (id=351): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1) ioctl$TCSETS(r0, 0x89f2, &(0x7f0000000080)={0x6, 0xffff, 0x0, 0xd, 0x0, "5dee000000594000"}) 4m10.975841108s ago: executing program 3 (id=358): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xe, 0x0, &(0x7f0000000280)="432275e2065074ef2415f73227b2", 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 4m10.818275336s ago: executing program 3 (id=365): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x2000) readv(r0, &(0x7f0000001400)=[{&(0x7f0000001440)=""/4096, 0x1000}, {0x0, 0xe0ff}], 0x2) 4m10.593977427s ago: executing program 3 (id=375): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) 4m10.53567011s ago: executing program 3 (id=381): pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) read$FUSE(r0, &(0x7f0000004780)={0x2020}, 0x2020) vmsplice(r1, &(0x7f0000000140)=[{&(0x7f0000000100)="eb", 0x20000101}], 0x1, 0x0) 3m55.196988764s ago: executing program 32 (id=381): pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) read$FUSE(r0, &(0x7f0000004780)={0x2020}, 0x2020) vmsplice(r1, &(0x7f0000000140)=[{&(0x7f0000000100)="eb", 0x20000101}], 0x1, 0x0) 1m44.473125141s ago: executing program 0 (id=7045): bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="180000870000000000fa8479aaa4a60ee8683f03000000000000007f000000000000008268fa086f93391cfefe5092233ce65fa84054494f6267675f5db73373504666995e4a8d8ffbd63ecb7fe218c1d4d6d8e78c827585ed6b6412e69cf32ec5"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) request_key(&(0x7f0000000480)='cifs.spnego\x00', 0x0, 0x0, 0x0) 1m44.420780742s ago: executing program 0 (id=7048): r0 = msgget$private(0x0, 0x125) msgrcv(r0, 0x0, 0x0, 0x1, 0x0) msgctl$IPC_RMID(r0, 0x0) 1m44.342029646s ago: executing program 0 (id=7053): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000002d00000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1m44.313727021s ago: executing program 0 (id=7057): r0 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10700}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r0, 0x2ded, 0x4000, 0x0, 0x0, 0x0) 1m44.276204029s ago: executing program 0 (id=7061): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) fstat(r0, &(0x7f00000007c0)) 1m44.226966363s ago: executing program 0 (id=7064): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000400)={0x30, r1, 0x1, 0xfffffffe, 0xffffffff, {{0x2}, {@val={0x8}, @val={0xc, 0x99, {0x1}}}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8}]}, 0x30}, 0x1, 0x6c00, 0x0, 0xc040}, 0x0) 1m29.219081607s ago: executing program 33 (id=7064): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000400)={0x30, r1, 0x1, 0xfffffffe, 0xffffffff, {{0x2}, {@val={0x8}, @val={0xc, 0x99, {0x1}}}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8}]}, 0x30}, 0x1, 0x6c00, 0x0, 0xc040}, 0x0) 1m2.593237852s ago: executing program 5 (id=8647): r0 = socket(0x2, 0x3, 0xff) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) sendmmsg$unix(r0, &(0x7f0000002fc0)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000200)="643c87cf2bd21d995e613d73613b1e78334efea0", 0x14}, {&(0x7f0000001600)="9e62b7fe11ddfd1f43968d0cceddec211cebcf999fe07f2cd9d7803751af552e71690d2c35b38253711330da28a2d2e6720ef3a4440ca6f050c5aed13a2802103945b7c98d8556c5f64bc7c8436dba8554da46f56c35c56aef46dcdd853111f31a649958b5387eccf5b931d5e076ae7d23572fcc605a3ea735084bd6154b68c946fb9f17d999f41bb2576416e61205d0c92c7d6cd7132c77592a2d6f2d0f0e623e41fddfb94c0753d5de99570d3da687597438e48598e2fda4272910f02263ae3a197bf3d75a270dca36032e07cc1d3469cedba211988113f0dc102359d55ba5e375b037b323ba4020d5be7dc53deb6ddcf5d958ce06a7468fc4a245518030eaf653a24d96602d74bb301411f2f43b9007ffc9ce3a6559cc91a38f310e0ad53d4c66c3c8dc1e3d685f942bc9672abfa98f2c0e66e7e27ed8848689862f62e6768987cd2b377a499c2f9535c1d57b853c4ce84aec23ea02b47c8ab4e9d3b657cd6f6d9820e31b5d7cfb6f7f59ac8d351c27021c28d12e4dc5452523dfe8fcaf4e6cdb7eb60d6123d1be8e043973c36cf7ee2abb48c304f32d66cdeb3eb76680f44d166ac2dfeeac70a6ce6f541a62a37bad423737a2d81926e20ec8dc51114a8fd69b5cd194a247163b6d161d51ba2ea09ff91e9bc9e2a43ee7acdcb08fad2b5109f174e46b898477cfae79e42bbd895644d55cce4e33894a6c519a95ace312d9ae769814aac3eb70b03438fda0f0696c39a344547a407bf2b64be8bf930164effdef82e4b4235c65125deb017b369a609246d30fadfbf766b4b3485ff6299e453711e20e40fd8de05ae54bc3fd97fb3b0835471c43325a9f68e5081977d335249f04e65bc9200a464a099782c6bfd773b83f073701634837547ca7d00901bca686352f52db5482bfd875ff4b82bbe3225c607fc2c2b45174966c5f3e6176d3a53ca6f348ce1ac9ea782d962eac71ecd5cf930bd6f8a5599bb783abf4852b55bedf479bec7021a50ee014e4a852ff8e6ee60567bc2cd24a7d1e87432b68b983749b3f10f834bdfe57954bc3c2c3957df57d875e4bf89801dea2fd1da6f4391fc79741b4151a55865f2906a9a8d2536b6b4de65b1ead8cc08f97d944281f039ea386b5971bafa24d4529b97aef8cb035cdbed892947c35374d42228044d7d7dc7ed5437e8733673c173b72310e9de1967a3a106ab115e8441ca5fd2a9d442d82f28faa83dd7c71a715cf7df7fa0db2643c2369d221c023ed9be9d93ba58c9cfd23d97c07e3553ecba8cb7f450efbc8ab4bd3959b17345a2c064562fc2eae68326caa2a8bb63d0c508109cc2d35bae7b3208e86921733d1ce45742c1669e4033f5b4367b3eff15522540b36dc5781bb487dc0fc6f6c1bbde6ea3403f3cda5024dfb4965bc751d4fa3090b23c0b7eed4b0729f5787d4fd28ea6425808a7a294489ca0be8493d3aa409a8ad1251370998b4cd09ce7957ed347c696ef1e2fab91ce24107aab8efc0f4a3fcfdaef795e24ea43e9da45060fe54e034f2056a099db7023fbf32bdfe1e01ac06fbbc07ab02612d20543111ccbabcb1a869d608def1afba44f0d32514740058f450ddfacb8dad99bb96d4fffd1df7635e61b83c8bfb72a2612ca64d86451c89fff9d4dbb7dc27fc8f69ac8cb5df4ca4805b14de3c37990de25cb6a3db14c23b86ec9125f9c6aaa43aa2f146cfe997abb86711e6a508ef0b522475e25c373d17184f0baedd29bb76f79a4a9eb452398c76d0b207e5593e62ceb2f04e4bc09e7dbe60334f75888824aa5bc9287f296fc33a756b62222ec279ed18929f56eec6126392bbae36ec1519585e17be42e29340c02b5806d7635f569414a4bbea7893435c7d529935fa488ac8476f66e4c10b71c18340da5f4f66c2407dad9c851dfcab757fb5c82e9e1aad7fc61d7eb6961fe04f041863fce52228c56208462c22411cdaaf127fda315c1b082a4bf1d2a13590f0ce950519cf2c511f712defae9f6a3d8d17dba8c93c3140603abf3bcabc7d69cc227a19b38eb8a5d1d3e733bf1d1b64e0f38d227c1ecd1348f3c768b8c458dfe084172f6a26489c33e525cec34091ad7b35", 0x5c9}], 0x2}}], 0x1, 0x0) 1m2.568263992s ago: executing program 5 (id=8649): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) write$FUSE_NOTIFY_INVAL_INODE(r0, &(0x7f0000000000)={0x28, 0x2, 0x0, {0x1, 0xfffffffffffffffd}}, 0x28) 1m2.527253657s ago: executing program 5 (id=8652): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x34, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x9da}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0xd}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 1m2.472593024s ago: executing program 5 (id=8654): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) get_mempolicy(0x0, 0x0, 0x2, &(0x7f0000240000/0x1000)=nil, 0x3) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xf) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 1m2.367468271s ago: executing program 5 (id=8656): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) r1 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x1) 1m2.353159681s ago: executing program 5 (id=8658): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x26e, 0x0, 0xa9}]}) 47.254247441s ago: executing program 34 (id=8658): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x26e, 0x0, 0xa9}]}) 34.937996157s ago: executing program 2 (id=9447): r0 = openat$sndseq(0xffffff9c, &(0x7f0000001240), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0xc0a45320, &(0x7f00000001c0)={0x80, 0x0, 'client1\x00', 0x0, "706283c421ca447c", "b437067509007708e18f85bb3d22ac7a6568af9ebb8891fdffa0225452869ac0"}) r1 = openat$vmci(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) dup2(r1, r0) 34.87967941s ago: executing program 2 (id=9450): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000c, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9) tkill(0x0, 0x3) 34.700528713s ago: executing program 2 (id=9458): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) 34.663844103s ago: executing program 2 (id=9459): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) mkdir(&(0x7f0000000140)='./control\x00', 0x5) rmdir(&(0x7f0000000100)='./control\x00') 34.587459561s ago: executing program 2 (id=9461): openat$uinput(0xffffffffffffff9c, &(0x7f0000000540), 0x802, 0x0) r0 = syz_io_uring_setup(0x233, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000080)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x2}) io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0) 34.222032031s ago: executing program 2 (id=9481): socket(0x2, 0x80805, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000fccbdf2509000000050007000000000008000100010000000500080000000000666424085ecc9757cca4b0d90836630c4f37a6f58c21a8c089c996b91a309a60ed200f4a52908518cdb0570bc8be2ef1c64635028b1580322b7b70ab629f7141fb441d757e5321f48ee0019668c4031027201a0f593879d9dc6a5ac684e99b52dba093a759d8bcc79b9cb5b2750d7c1fe268e73d"], 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x20010) 34.142213102s ago: executing program 35 (id=9481): socket(0x2, 0x80805, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000fccbdf2509000000050007000000000008000100010000000500080000000000666424085ecc9757cca4b0d90836630c4f37a6f58c21a8c089c996b91a309a60ed200f4a52908518cdb0570bc8be2ef1c64635028b1580322b7b70ab629f7141fb441d757e5321f48ee0019668c4031027201a0f593879d9dc6a5ac684e99b52dba093a759d8bcc79b9cb5b2750d7c1fe268e73d"], 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x20010) 32.743250992s ago: executing program 1 (id=9521): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000001dc0)='n', 0x1}], 0x1}, 0x2004c885) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x40002002) sendmsg(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000001c0)='x', 0x1}], 0x1}, 0x4) 32.622107944s ago: executing program 1 (id=9523): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x2, 0x1, 0x0, 0x0, 0x0}) 32.621042038s ago: executing program 1 (id=9524): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x16) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00') lseek(r0, 0x1000000, 0x0) 32.555228956s ago: executing program 1 (id=9525): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000001c0)=0x299c, 0x4) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000100)=0x38, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000000c0), 0x4) 32.484496323s ago: executing program 1 (id=9526): prctl$PR_SET_SECUREBITS(0x1c, 0x2c) setuid(0xee00) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8}) 32.484286876s ago: executing program 1 (id=9527): r0 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000880)=0x10003, 0x4) sendto$inet6(r0, &(0x7f0000000000)="800037bbfa9ba1ce", 0x8, 0x0, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}, 0x3422a61a}], 0x1, 0x10102, 0x0) 17.445120903s ago: executing program 36 (id=9527): r0 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000880)=0x10003, 0x4) sendto$inet6(r0, &(0x7f0000000000)="800037bbfa9ba1ce", 0x8, 0x0, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c) recvmmsg(r0, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}, 0x3422a61a}], 0x1, 0x10102, 0x0) 1.934844932s ago: executing program 7 (id=10240): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x1, 0xdddd1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) 1.808346139s ago: executing program 7 (id=10244): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x9}, 0x1c) shutdown(r0, 0x1) sendto$inet6(r0, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 1.104263759s ago: executing program 8 (id=10264): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x1, 0x0) preadv(r0, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/148, 0x94}], 0x1, 0x1, 0x0) ioctl$MON_IOCX_GETX(r0, 0x80089203, 0x0) 953.380147ms ago: executing program 7 (id=10265): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f00000003c0)={0x0, 0x3, &(0x7f0000000380)={&(0x7f0000000240)={0x14, r1, 0x301, 0x0, 0x0, {0x5}}, 0x14}}, 0x0) syz_genetlink_get_family_id$nbd(&(0x7f0000000040), r0) 948.568451ms ago: executing program 7 (id=10266): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000080850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f00000021c0)={r2, 0x0, 0x0}, 0x10) 927.19181ms ago: executing program 7 (id=10268): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000019c0)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001d80)={0x64, r2, 0x1, 0x70bd27, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x45, 0x33, @probe_request={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1}, {0xb}, @device_b, @device_a, @initial, {0x7, 0xb49}}, @val={0x0, 0x1, @random='.'}, @val, @void, @val={0x2d, 0x1a, {0x1000, 0x2, 0x5, 0x0, {0xf, 0x2, 0x0, 0xf, 0x0, 0x1, 0x1, 0x2}, 0xe, 0x9}}, @val={0x72, 0x6}}}]}, 0x64}, 0x1, 0x0, 0x0, 0x6a845ecb4f20be60}, 0x0) 915.503895ms ago: executing program 8 (id=10269): unshare(0x26020480) r0 = inotify_init() r1 = inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x40007c0) inotify_rm_watch(r0, r1) 885.823232ms ago: executing program 7 (id=10271): r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000040)={0x1d, r1, 0x8000000000000003}, 0x18) sendmsg$nl_route_sched(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000004740)=@newtaction={0x14, 0x30, 0x1, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4c804}, 0x4091) 879.951867ms ago: executing program 8 (id=10273): r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r0, 0xee01, 0xee00) keyctl$setperm(0x5, r0, 0x200c0d32) keyctl$read(0xb, r0, 0x0, 0x0) 846.241031ms ago: executing program 8 (id=10274): openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0) r0 = syz_io_uring_setup(0x1e1e, &(0x7f0000000200)={0x0, 0xc4bc, 0x10100, 0x0, 0xbe}, &(0x7f0000002000)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22}) io_uring_enter(r0, 0x48eb, 0x1158, 0x2, 0x0, 0x0) 805.273935ms ago: executing program 8 (id=10275): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000440)={r0, 0x2000, {0x0, 0x0, 0x0, 0x8, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x1c, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03741250ceaac50104000041dd17c18e8438ef2a565ef1e833236500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b3e8772fd29f35239d200", "24431a5e77a68e174f000300ffffffffff0fe200"}}) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0) 682.524883ms ago: executing program 8 (id=10280): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000140)=ANY=[@ANYBLOB="12010002020000082505a1a440000102030109025c"], 0x0) ioctl$EVIOCRMFF(r0, 0x4004550d, 0x0) 498.824162ms ago: executing program 4 (id=10289): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000300)=@x86={0x0, 0x8, 0x8, 0x0, 0xd1, 0x39, 0x6, 0xfc, 0x3, 0x8, 0x5, 0x6, 0x0, 0x9, 0x3f, 0xe, 0x0, 0x7f, 0x0, '\x00', 0x3d, 0xe}) 452.871694ms ago: executing program 6 (id=10290): socket$kcm(0x2, 0xa, 0x2) socket$kcm(0x2, 0xa, 0x2) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00') preadv(r0, &(0x7f0000000100)=[{&(0x7f0000000140)=""/197, 0xc5}], 0x1, 0x36, 0xf5) 451.854023ms ago: executing program 6 (id=10291): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000440)={r0, 0x2000, {0x0, 0x0, 0x0, 0x8, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x1c, "339f020bbe78b39843d601010000000000080d0ec0c1b4e9b1c4369d03741250ceaac50104000041dd17c18e8438ef2a565ef1e833236500", "a1163939c787a16c1ca43f8539f3d3289737f0374c72a964a0193b3e8772fd29f35239d200", "24431a5e77a68e174f000300ffffffffff0fe200"}}) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0) 409.104219ms ago: executing program 4 (id=10292): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002d40)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d68b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced844891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c298774009d8c6a16c7da308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd805deb28c13c1ed1c0d0900846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c568cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f75bd06b4082d43e121861b5cc03f1a3361f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c78974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fca4d97a0ae75ccf11e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c21dd8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e150695ffae3a676555b10da11751865126d19336116a1e58ab727dda6b343cc97f9479136a66f552abf8fe3d134f6d69df1cffe6740f90735f66ca54fd87800b4bda4db5e68aaccf44d24e09f8a769e3ae7bf246673f15e3d1adae4384bdb7cd30a33e30466b421feb96006c810fd3830a1c75af2580727ffc604d2b04f476acc21419fad9b1baec88974da2db29b80859bde08b85c8086e4b7f1fd568042ad5396d3179c71b1dc43291e450ce9b8d7d80fcb44966d7ad4691a378700000000000000000000000000631ffc86fe0c8124536afbfc6300ee2c00000000000000000000000000000000000000000083a5765d06da91165d24bc316607e2d69344aa1c07ff7cd7bc3d17f122478b6e81077782b9c298edc2546045feff90e7aa7da88d2489fb000a4aa838f911c1a869fa55e979e033b7707df75b93cf5b8d25242741a88f2d54a7107375b25911aa11efa3a4f87fc14f180e353615b3cb9a5cf5ea843014a277c3694a5a83266f73ef039dd739187923715548d58f47d1441ca01050ef0f1161f43be997e35776e37c2b7772d0873369ba559e4a9ce9a7878a9a46f2a68adae0f3f5c0715b169ff053d8f5ab73d5f738b0edc71a287418ba45a14fd1ab423d9c392d010af2cf1356c6f78d563822afd3e8fb693ef3e1f1c02289e94b15a0a2a58e9c77a6d388004396baf8af32d0bd7fef1597b20e2eec0273012e344628a8ea5bd0a9da43078b95af7186d5bf36a2e31c0ee3e1ec6accd94b7e3b47e5268101720051b2afbffaa52d53080f7ef1120ce70f73d5a8498e0c1f7b4673fc5202bcc1159ba59b9b5c996079b6c2b9cc011b70ce48b53c7339135e0a1e7c90b91a84cfaf95af6edc881ca69cb3d869fcd87a294447e3eb627923970281e28528348f9d0157c80ffd70dd45fc9ae550e191e9f88a1f15c2d997c217bb6d5d24e88d07837851b391ffcf3aa2183952ef4d68757c7511179f0984960b907016a4ad6ba19f89794b545f983e94a980f83794c277dd644651d721a0d0546b3e69b8530d9391068d67cfb4fe879c2393b569d195f03ec59d3e728113fdf3a28800512b9cef65523490caa4f5ec79842dde683b3263197964e752ca77b966ae22e73a0cbbe549306e49d0e11662cf8bcccd8198ef44911ed6b86792086cc6c758d8c4a872041e58685d4134a5ee5063b4bb7e8035442b1cba567cfee96b3b858c9086c9eb78b25257ce3cf5dcaf2806bd099c3472fea497f7f378685c570fee08a3c93fc8461aebf2b6b34b317ca5428b30bb7c24b52977cf13254fbea74e1de45bbb678387ab263cd8089b6c23f9c35d7b7f585229cfe779e3fcfa124c48f3de71ffe55549ffe7e99c58faf3c8848bdc9642a7938a5001c042da272977e18a3498ab810fb2bfb6a842edae3e"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xfe, 0x6000002c, &(0x7f0000000100)="b9ff03316844268cb89e14f0080065e00500000a0000001177fbac141416e000030a44079f03b180006000000000845013f2325f003901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014c0000c0adc043084617d7ecf41effff38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d7da058f6efa6d1f5f7ff400"/254, 0x0, 0xfe, 0x60000000, 0x0, 0xfffffffe}, 0x2c) 349.34488ms ago: executing program 4 (id=10293): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x7, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x2c}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x5, 0x5, 0x9fd, 0x85, 0x41, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000180), 0x800, r0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r0}, 0x38) 319.770571ms ago: executing program 6 (id=10294): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0x9}, 0x1c) shutdown(r0, 0x1) sendto$inet6(r0, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 259.409997ms ago: executing program 6 (id=10295): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x8, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) pipe(&(0x7f0000000000)) 256.710326ms ago: executing program 4 (id=10296): r0 = socket(0x11, 0xa, 0x0) write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7) bind$can_raw(r0, &(0x7f0000000000), 0x10) getsockname$packet(r0, 0x0, &(0x7f0000000080)) 182.064065ms ago: executing program 4 (id=10297): bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket$kcm(0x2, 0x5, 0x84) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, 0x0, &(0x7f00000001c0)) 181.620432ms ago: executing program 4 (id=10298): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) syz_clone(0x2000211, 0x0, 0x0, 0x0, 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0xa9c00, 0x0) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x2}, 0x6) 39.63576ms ago: executing program 6 (id=10299): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) 0s ago: executing program 6 (id=10300): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x20000000000000, 0x2000, &(0x7f0000000000/0x2000)=nil}) kernel console output (not intermixed with test programs): 3][ T54] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 211.108947][ T54] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 211.114028][ T54] usb 7-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 211.118393][ T54] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 211.123978][ T54] usb 7-1: config 0 descriptor?? [ 211.128763][ T54] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 211.131479][ T54] dvb-usb: bulk message failed: -22 (3/0) [ 211.138754][ T54] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 211.143220][ T54] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 211.147920][ T54] usb 7-1: media controller created [ 211.152807][ T54] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 211.160632][ T54] dvb-usb: bulk message failed: -22 (6/0) [ 211.164821][ T54] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 211.170099][ T54] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb7/7-1/input/input20 [ 211.176587][ T54] dvb-usb: schedule remote query interval to 150 msecs. [ 211.179511][ T54] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 211.330831][ T34] usb 7-1: USB disconnect, device number 7 [ 211.334679][ T54] dvb-usb: bulk message failed: -22 (1/0) [ 211.337547][ T54] dvb-usb: error while querying for an remote control event. [ 211.375817][ T34] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 212.212376][T21842] digital: digital_start_poll: Unknown protocol [ 212.699300][T21880] __nla_validate_parse: 3 callbacks suppressed [ 212.699311][T21880] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7509'. [ 212.780098][T21885] sg_write: data in/out 124/12 bytes for SCSI command 0xc-- guessing data in; [ 212.780098][T21885] program syz.2.7511 not setting count and/or reply_len properly [ 213.018695][T21905] sg_read: process 4328 (syz.2.7521) changed security contexts after opening file descriptor, this is not allowed. [ 213.054843][T21908] netlink: 'syz.4.7524': attribute type 1 has an invalid length. [ 213.057955][T21908] netlink: 'syz.4.7524': attribute type 2 has an invalid length. [ 213.060409][T21908] netlink: 1172 bytes leftover after parsing attributes in process `syz.4.7524'. [ 213.143029][T21919] netlink: 56 bytes leftover after parsing attributes in process `syz.1.7528'. [ 213.145924][T21919] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7528'. [ 213.159069][T21921] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7529'. [ 213.189704][T21924] PKCS7: Unknown OID: [5] (bad) [ 213.191544][T21924] PKCS7: Only support pkcs7_signedData type [ 213.718363][T21995] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.090434][T22064] nbd: must specify at least one socket [ 215.742169][T22092] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7611'. [ 215.745646][T22092] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7611'. [ 216.827349][ T5306] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 216.831898][ T5306] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 216.841790][ T40] kauditd_printk_skb: 12 callbacks suppressed [ 216.841800][ T40] audit: type=1326 audit(1750423701.029:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22185 comm="syz.4.7657" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 216.842525][ T5306] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 216.857671][ T40] audit: type=1326 audit(1750423701.029:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22185 comm="syz.4.7657" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 216.863453][ T5306] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 216.864592][ T40] audit: type=1326 audit(1750423701.039:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22185 comm="syz.4.7657" exe="/syz-executor" sig=0 arch=40000003 syscall=274 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 216.870508][ T5306] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 216.875846][ T40] audit: type=1326 audit(1750423701.039:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22185 comm="syz.4.7657" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 216.883834][ T40] audit: type=1326 audit(1750423701.039:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22185 comm="syz.4.7657" exe="/syz-executor" sig=0 arch=40000003 syscall=450 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 216.896508][ T40] audit: type=1326 audit(1750423701.039:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22185 comm="syz.4.7657" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 216.905086][T22190] ALSA: mixer_oss: invalid OSS volume 'Y{UDD ' [ 216.908680][T22190] ALSA: mixer_oss: invalid OSS volume 'ߧ4cT󯆩"m!lT.Π' [ 216.912577][T22190] ALSA: mixer_oss: invalid OSS volume 'lg' [ 216.914418][T22190] ALSA: mixer_oss: invalid OSS volume ')nkKi,rWY\ZV?J`G' [ 216.917863][T22190] ALSA: mixer_oss: invalid OSS volume 'kO0$g{pl{y;_ARW' [ 216.921454][T22190] ALSA: mixer_oss: invalid OSS volume '' [ 216.924913][T22190] ALSA: mixer_oss: invalid OSS volume 'sv Fu{Qby>h%w]' [ 216.927964][T22190] ALSA: mixer_oss: invalid OSS volume 'E= v?@48@hL' [ 216.931020][T22190] ALSA: mixer_oss: invalid OSS volume '+?>3Iq0:iq|UDř' [ 216.934144][T22190] ALSA: mixer_oss: invalid OSS volume 'vӷ*xrN0ܗcAdh' [ 216.936834][T22190] ALSA: mixer_oss: invalid OSS volume 'JM %HJ[~S' [ 216.998392][T22199] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7663'. [ 217.044803][T22183] chnl_net:caif_netlink_parms(): no params data found [ 217.090022][ T6461] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.115156][ T40] audit: type=1326 audit(1750423701.309:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22219 comm="syz.2.7672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 217.127493][ T40] audit: type=1326 audit(1750423701.319:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22219 comm="syz.2.7672" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 217.137429][ T40] audit: type=1326 audit(1750423701.319:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22219 comm="syz.2.7672" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 217.147787][ T40] audit: type=1326 audit(1750423701.319:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22219 comm="syz.2.7672" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 217.206090][ T6461] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.258568][T22183] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.261596][T22183] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.263952][T22238] sp0: Synchronizing with TNC [ 217.264955][T22183] bridge_slave_0: entered allmulticast mode [ 217.269358][T22183] bridge_slave_0: entered promiscuous mode [ 217.286253][ T6461] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.301457][T22183] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.309722][T22183] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.312649][T22183] bridge_slave_1: entered allmulticast mode [ 217.319121][T22183] bridge_slave_1: entered promiscuous mode [ 217.359621][T22183] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 217.364329][T22183] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 217.402967][ T6461] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 217.445343][T22183] team0: Port device team_slave_0 added [ 217.447538][T22257] netlink: 'syz.1.7689': attribute type 1 has an invalid length. [ 217.451522][T22183] team0: Port device team_slave_1 added [ 217.493208][T22183] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 217.496025][T22183] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.506701][T22183] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.512927][T22183] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 217.523670][T22183] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.540274][T22183] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 217.609695][T22183] hsr_slave_0: entered promiscuous mode [ 217.611971][T22183] hsr_slave_1: entered promiscuous mode [ 217.625910][T22274] pim6reg: entered allmulticast mode [ 217.653757][T22274] vxcan1: left allmulticast mode [ 217.655847][T22274] pim6reg: left allmulticast mode [ 217.721574][ T6461] bridge_slave_1: left allmulticast mode [ 217.724897][ T6461] bridge_slave_1: left promiscuous mode [ 217.727073][ T6461] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.731571][ T6461] bridge_slave_0: left allmulticast mode [ 217.735445][ T6461] bridge_slave_0: left promiscuous mode [ 217.737644][ T6461] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.747245][ T6461] tipc: Resetting bearer [ 217.857055][ T6461] tipc: Disabling bearer [ 218.085372][ T6461] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 218.092712][ T6461] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 218.096424][ T6461] bond0 (unregistering): Released all slaves [ 218.102711][ T6461] bond1 (unregistering): Released all slaves [ 218.155812][T22297] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7710'. [ 218.216504][ T6461] tipc: Left network mode [ 218.254486][ T6461] IPVS: stopping master sync thread 19996 ... [ 218.327389][T22183] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 218.343814][T22183] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 218.353922][T22183] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 218.362161][T22183] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 218.407944][T22335] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7725'. [ 218.455358][T22183] 8021q: adding VLAN 0 to HW filter on device bond0 [ 218.467216][T22183] 8021q: adding VLAN 0 to HW filter on device team0 [ 218.476086][ T6451] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.479432][ T6451] bridge0: port 1(bridge_slave_0) entered forwarding state [ 218.487474][ T6451] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.491117][ T6451] bridge0: port 2(bridge_slave_1) entered forwarding state [ 218.536785][ T6461] hsr_slave_0: left promiscuous mode [ 218.539699][ T6461] hsr_slave_1: left promiscuous mode [ 218.542000][ T6461] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 218.547118][ T6461] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 218.550249][ T6461] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 218.555366][ T6461] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 218.576762][ T6461] veth1_macvtap: left promiscuous mode [ 218.578576][ T6461] veth0_macvtap: left promiscuous mode [ 218.580380][ T6461] veth1_vlan: left promiscuous mode [ 218.582068][ T6461] veth0_vlan: left promiscuous mode [ 218.973234][ T5956] Bluetooth: hci4: command tx timeout [ 219.258185][ T6461] team0 (unregistering): Port device team_slave_1 removed [ 219.329145][ T6461] team0 (unregistering): Port device team_slave_0 removed [ 219.886299][T22347] tipc: Enabling of bearer rejected, failed to enable media [ 219.947039][T22377] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7742'. [ 219.953961][T22377] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7742'. [ 219.957606][T22377] netlink: 'syz.1.7742': attribute type 7 has an invalid length. [ 220.039350][T22183] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 220.182105][T22183] veth0_vlan: entered promiscuous mode [ 220.186979][T22183] veth1_vlan: entered promiscuous mode [ 220.208460][T22183] veth0_macvtap: entered promiscuous mode [ 220.213354][T22183] veth1_macvtap: entered promiscuous mode [ 220.213448][T22415] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 220.222553][T22183] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 220.228158][T22183] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 220.233998][T22183] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.237063][T22183] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.239736][T22183] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.245511][T22183] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.273646][ T6461] IPVS: stop unused estimator thread 0... [ 220.293577][T22422] netlink: 'syz.1.7761': attribute type 1 has an invalid length. [ 220.296030][T22422] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7761'. [ 220.318818][ T6428] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 220.322093][ T6428] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 220.338209][ T6427] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 220.341631][ T6427] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 220.514418][T22451] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 220.571806][T22459] sp0: Synchronizing with TNC [ 220.741406][T22478] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 221.053002][ T5956] Bluetooth: hci4: command tx timeout [ 221.280432][T22523] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7809'. [ 221.602302][ T838] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 221.728394][T22562] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 221.732694][ T24] kernel write not supported for file /audio (pid: 24 comm: kworker/2:0) [ 221.783272][ T838] usb 10-1: too many configurations: 9, using maximum allowed: 8 [ 221.790895][ T838] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 221.797542][ T838] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.802623][ T838] usb 10-1: config 0 interface 0 has no altsetting 0 [ 221.815627][ T838] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 221.815669][ T838] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.815693][ T838] usb 10-1: config 0 interface 0 has no altsetting 0 [ 221.816694][ T838] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 221.829775][ T838] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.829802][ T838] usb 10-1: config 0 interface 0 has no altsetting 0 [ 221.830912][ T838] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 221.830950][ T838] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.830972][ T838] usb 10-1: config 0 interface 0 has no altsetting 0 [ 221.831841][ T838] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 221.831879][ T838] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.831901][ T838] usb 10-1: config 0 interface 0 has no altsetting 0 [ 221.832959][ T838] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 221.832995][ T838] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.833016][ T838] usb 10-1: config 0 interface 0 has no altsetting 0 [ 221.833866][ T838] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 221.833902][ T838] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.833924][ T838] usb 10-1: config 0 interface 0 has no altsetting 0 [ 221.834786][ T838] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 221.834822][ T838] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 221.834844][ T838] usb 10-1: config 0 interface 0 has no altsetting 0 [ 221.836706][ T838] usb 10-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 221.836727][ T838] usb 10-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 221.836744][ T838] usb 10-1: Product: syz [ 221.836757][ T838] usb 10-1: Manufacturer: syz [ 221.836770][ T838] usb 10-1: SerialNumber: syz [ 221.838730][ T838] usb 10-1: config 0 descriptor?? [ 221.846543][ T838] yurex 10-1:0.0: USB YUREX device now attached to Yurex #0 [ 222.017553][T22582] netlink: 696 bytes leftover after parsing attributes in process `syz.1.7839'. [ 222.061100][T22585] netlink: 56 bytes leftover after parsing attributes in process `syz.4.7841'. [ 222.065108][ T838] usb 10-1: USB disconnect, device number 2 [ 222.067917][T22586] overlayfs: conflicting options: nfs_export=on,index=off [ 222.069555][ T838] yurex 10-1:0.0: USB YUREX #0 now disconnected [ 222.133250][T22588] bridge0: port 2(bridge_slave_1) entered disabled state [ 222.603449][T22614] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7853'. [ 222.642938][ T836] usb 9-1: new high-speed USB device number 10 using dummy_hcd [ 222.733738][T22626] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 222.793608][ T836] usb 9-1: Using ep0 maxpacket: 16 [ 222.795009][ T836] usb 9-1: config 0 has an invalid interface number: 8 but max is 0 [ 222.795024][ T836] usb 9-1: config 0 has no interface number 0 [ 222.795041][ T836] usb 9-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 222.795054][ T836] usb 9-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 222.796333][ T836] usb 9-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 222.796347][ T836] usb 9-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 222.796357][ T836] usb 9-1: Product: syz [ 222.796364][ T836] usb 9-1: SerialNumber: syz [ 222.797743][ T836] usb 9-1: config 0 descriptor?? [ 222.834566][ T836] cm109 9-1:0.8: invalid payload size 0, expected 4 [ 222.838026][ T836] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.8/input/input21 [ 222.911745][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 222.911762][ T40] audit: type=1800 audit(1750423707.099:373): pid=22643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.7867" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0 [ 223.035736][ C3] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 223.037087][ C3] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 223.037234][ T836] usb 9-1: USB disconnect, device number 10 [ 223.037302][ C3] cm109 9-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 223.037316][ C3] cm109 9-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 223.039173][ T836] cm109 9-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 223.142690][ T5956] Bluetooth: hci4: command tx timeout [ 223.151338][T22669] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7879'. [ 223.215681][ T40] audit: type=1326 audit(1750423707.409:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22677 comm="syz.5.7885" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000 [ 223.227434][ T40] audit: type=1326 audit(1750423707.409:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22677 comm="syz.5.7885" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000 [ 223.236407][ T40] audit: type=1326 audit(1750423707.419:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22677 comm="syz.5.7885" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7fa4579 code=0x7ffc0000 [ 223.245439][ T40] audit: type=1326 audit(1750423707.439:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22677 comm="syz.5.7885" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000 [ 223.252983][ T40] audit: type=1326 audit(1750423707.439:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22677 comm="syz.5.7885" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa4579 code=0x7ffc0000 [ 223.259788][ T40] audit: type=1326 audit(1750423707.439:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22683 comm="syz.5.7885" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7fa4579 code=0x7ffc0000 [ 223.273843][ T40] audit: type=1326 audit(1750423707.469:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22677 comm="syz.5.7885" exe="/syz-executor" sig=0 arch=40000003 syscall=284 compat=1 ip=0xf7fa4579 code=0x7ffc0000 [ 223.291657][T22689] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 223.291657][T22689] program syz.2.7889 not setting count and/or reply_len properly [ 223.397640][ T40] audit: type=1326 audit(1750423707.589:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22683 comm="syz.5.7885" exe="/syz-executor" sig=0 arch=40000003 syscall=1 compat=1 ip=0xf7fa4579 code=0x7ffc0000 [ 223.405504][ T40] audit: type=1326 audit(1750423707.599:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22677 comm="syz.5.7885" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fa4598 code=0x7ffc0000 [ 223.855560][ T24] usb 9-1: new high-speed USB device number 11 using dummy_hcd [ 224.018600][ T24] usb 9-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 224.024877][ T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 224.027277][ T24] usb 9-1: Product: syz [ 224.038459][ T24] usb 9-1: Manufacturer: syz [ 224.039960][ T24] usb 9-1: SerialNumber: syz [ 224.042892][ T24] usb 9-1: config 0 descriptor?? [ 224.145441][T22785] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 224.147600][T22785] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 224.150691][T22785] vhci_hcd vhci_hcd.0: Device attached [ 224.160349][T22788] vhci_hcd: connection closed [ 224.160773][ T6461] vhci_hcd: stop threads [ 224.163476][T22791] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 224.168104][ T6461] vhci_hcd: release socket [ 224.169700][ T6461] vhci_hcd: disconnect device [ 224.329318][ T24] usb 9-1: USB disconnect, device number 11 [ 224.461918][ T838] hid-generic 0000:0000:0000.000A: item fetching failed at offset 0/1 [ 224.464809][ T838] hid-generic 0000:0000:0000.000A: probe with driver hid-generic failed with error -22 [ 224.759040][T22830] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7956'. [ 224.822514][ T24] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 224.939590][T22849] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7963'. [ 224.945628][T22849] openvswitch: netlink: nsh attr 0 has unexpected len 7 expected 0 [ 224.948922][T22849] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 224.997292][ T24] usb 7-1: config 1 interface 0 altsetting 253 has 2 endpoint descriptors, different from the interface descriptor's value: 14 [ 225.001326][ T24] usb 7-1: config 1 interface 0 has no altsetting 0 [ 225.004819][ T24] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 225.007697][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 225.010217][ T24] usb 7-1: SerialNumber: syz [ 225.222577][ T5956] Bluetooth: hci4: command tx timeout [ 225.334919][T22894] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7985'. [ 225.527571][T22911] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7993'. [ 225.560356][T22915] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 225.563808][T22915] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 225.567242][T22915] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 225.569728][T22915] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 225.591400][T22917] bridge0: entered promiscuous mode [ 225.594590][T22917] macvlan2: entered promiscuous mode [ 225.637321][ T24] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -71 [ 225.641538][ T24] usb 7-1: USB disconnect, device number 8 [ 225.838209][T22938] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8006'. [ 225.841090][T22938] openvswitch: netlink: nsh attr 5 is out of range max 3 [ 225.843887][T22938] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 225.994490][T22946] netlink: 68 bytes leftover after parsing attributes in process `syz.4.8009'. [ 225.997377][T22946] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8009'. [ 226.000287][T22946] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8009'. [ 226.004411][T22946] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8009'. [ 226.011516][T22949] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 226.040037][T22953] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8013'. [ 226.053593][T22955] tmpfs: Cannot change global quota limit on remount [ 226.160417][ T34] kernel write not supported for file /bluetooth/6lowpan_control (pid: 34 comm: kworker/3:0) [ 227.273919][T23080] netlink: 'syz.5.8075': attribute type 1 has an invalid length. [ 227.592537][ T6010] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 227.644211][T23103] macvlan3: entered promiscuous mode [ 227.646458][T23103] macvlan3: entered allmulticast mode [ 227.762883][ T6010] usb 7-1: too many configurations: 9, using maximum allowed: 8 [ 227.773350][ T6010] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 227.776134][ T6010] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 227.779403][ T6010] usb 7-1: config 0 interface 0 has no altsetting 0 [ 227.783035][ T6010] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 227.785875][ T6010] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 227.785891][ T6010] usb 7-1: config 0 interface 0 has no altsetting 0 [ 227.786638][ T6010] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 227.796099][ T6010] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 227.796115][ T6010] usb 7-1: config 0 interface 0 has no altsetting 0 [ 227.796862][ T6010] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 227.796884][ T6010] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 227.796896][ T6010] usb 7-1: config 0 interface 0 has no altsetting 0 [ 227.797607][ T6010] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 227.809271][T23121] netlink: 'syz.5.8095': attribute type 2 has an invalid length. [ 227.809955][ T6010] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 227.821269][ T6010] usb 7-1: config 0 interface 0 has no altsetting 0 [ 227.824504][ T6010] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 227.827326][ T6010] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 227.830908][ T6010] usb 7-1: config 0 interface 0 has no altsetting 0 [ 227.834363][ T6010] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 227.837231][ T6010] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 227.840776][ T6010] usb 7-1: config 0 interface 0 has no altsetting 0 [ 227.845505][ T6010] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 227.848959][ T6010] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 227.853634][ T6010] usb 7-1: config 0 interface 0 has no altsetting 0 [ 227.858335][ T6010] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 227.862062][ T6010] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 227.865851][ T6010] usb 7-1: Product: syz [ 227.867664][ T6010] usb 7-1: Manufacturer: syz [ 227.869598][ T6010] usb 7-1: SerialNumber: syz [ 227.873641][ T6010] usb 7-1: config 0 descriptor?? [ 227.880509][ T6010] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0 [ 228.059501][T23139] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 228.097891][ T6010] usb 7-1: USB disconnect, device number 9 [ 228.102932][ T6010] yurex 7-1:0.0: USB YUREX #0 now disconnected [ 228.815094][ T5306] Bluetooth: hci1: command 0x1003 tx timeout [ 228.818629][ T5956] Bluetooth: hci1: Opcode 0x1003 failed: -110 [ 229.011821][T23221] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 229.216030][T23251] input input22: cannot allocate more than FF_MAX_EFFECTS effects [ 229.403364][T23274] devtmpfs: Cannot change global quota limit on remount [ 229.564447][T23300] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 231.259550][T23429] sp0: Synchronizing with TNC [ 231.270350][T23429] [U] [ 231.542125][T23448] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 231.544534][T23448] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 231.590294][T23455] @: renamed from vlan0 (while UP) [ 231.613400][T23457] netlink: 'syz.2.8253': attribute type 7 has an invalid length. [ 231.961312][T23475] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 231.966152][T23475] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 231.980448][T23475] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 231.982869][T23475] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 231.991476][T23475] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 231.994091][T23475] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 231.999361][T23475] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 232.237073][T23526] __nla_validate_parse: 9 callbacks suppressed [ 232.237083][T23526] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8286'. [ 232.251283][T23526] netlink: 'syz.4.8286': attribute type 5 has an invalid length. [ 232.615076][T23567] netlink: 'syz.5.8306': attribute type 6 has an invalid length. [ 232.892420][ T24] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 233.042362][ T24] usb 10-1: Using ep0 maxpacket: 16 [ 233.045706][ T24] usb 10-1: config 0 has an invalid interface number: 8 but max is 0 [ 233.048298][ T24] usb 10-1: config 0 has no interface number 0 [ 233.050240][ T24] usb 10-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 233.054232][ T24] usb 10-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 233.058888][ T24] usb 10-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 233.061864][ T24] usb 10-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 233.062023][T23592] Invalid ELF header magic: != ELF [ 233.066928][ T24] usb 10-1: Product: syz [ 233.068408][ T24] usb 10-1: SerialNumber: syz [ 233.071522][ T24] usb 10-1: config 0 descriptor?? [ 233.076019][ T24] cm109 10-1:0.8: invalid payload size 0, expected 4 [ 233.079550][ T24] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.8/input/input23 [ 233.278815][ C2] cm109 10-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90 [ 233.357934][T23610] overlayfs: workdir and upperdir must reside under the same mount [ 233.486142][ C1] cm109 10-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 233.486287][ T24] usb 10-1: USB disconnect, device number 3 [ 233.489033][ C1] cm109 10-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 233.505002][T23623] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 233.508064][T23623] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 233.513378][T23623] vhci_hcd vhci_hcd.0: Device attached [ 233.518168][ T24] cm109 10-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 233.762328][ T54] usb 41-1: new low-speed USB device number 2 using vhci_hcd [ 233.782297][ T838] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 233.932329][ T5956] Bluetooth: hci2: command 0x0406 tx timeout [ 233.944000][ T838] usb 7-1: config 0 has no interfaces? [ 233.946306][ T838] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 233.949202][ T838] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 233.953287][ T838] usb 7-1: config 0 descriptor?? [ 234.023008][ T5956] Bluetooth: hci4: command 0x0c1a tx timeout [ 234.023177][ T5306] Bluetooth: hci3: command 0x040f tx timeout [ 234.160192][T23624] vhci_hcd: cannot find a urb of seqnum 64 max seqnum 1 [ 234.163798][ T1471] usb 7-1: USB disconnect, device number 10 [ 234.164520][ T6428] vhci_hcd: stop threads [ 234.167411][ T6428] vhci_hcd: release socket [ 234.171158][ T6428] vhci_hcd: disconnect device [ 234.763867][T23670] input: syz0 as /devices/virtual/input/input24 [ 235.252669][ T837] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 235.402350][ T837] usb 6-1: Using ep0 maxpacket: 16 [ 235.415341][ T837] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 235.419687][ T837] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 235.434795][ T837] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 235.440125][ T837] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 235.444149][ T837] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.449287][ T837] usb 6-1: config 0 descriptor?? [ 235.552717][T23734] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8382'. [ 235.662039][ T837] usbhid 6-1:0.0: can't add hid device: -71 [ 235.664127][ T837] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 235.668169][ T837] usb 6-1: USB disconnect, device number 10 [ 235.733730][T23746] netlink: 'syz.1.8388': attribute type 10 has an invalid length. [ 235.746508][T23746] syz_tun: entered promiscuous mode [ 235.748608][T23746] syz_tun: entered allmulticast mode [ 235.750838][T23746] team0: Port device syz_tun added [ 235.829179][T23753] kernel read not supported for file /,}@!$ (pid: 23753 comm: syz.5.8391) [ 235.835715][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 235.835725][ T40] audit: type=1800 audit(1750423720.029:385): pid=23753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.8391" name=",}@!$" dev="mqueue" ino=79383 res=0 errno=0 [ 236.012395][ T5306] Bluetooth: hci2: command 0x0406 tx timeout [ 236.092381][ T5306] Bluetooth: hci4: command 0x0c1a tx timeout [ 236.095029][ T5306] Bluetooth: hci3: command 0x040f tx timeout [ 236.511670][T23787] sg_write: data in/out 489/14 bytes for SCSI command 0x3-- guessing data in; [ 236.511670][T23787] program syz.2.8401 not setting count and/or reply_len properly [ 236.645871][T23794] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8404'. [ 236.821010][T23809] input: syz1 as /devices/virtual/input/input25 [ 236.980342][ T40] audit: type=1326 audit(1750423721.169:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23821 comm="syz.1.8418" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 236.993958][ T40] audit: type=1326 audit(1750423721.169:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23821 comm="syz.1.8418" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 237.004658][ T40] audit: type=1326 audit(1750423721.179:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23821 comm="syz.1.8418" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 237.022250][ T40] audit: type=1326 audit(1750423721.179:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23821 comm="syz.1.8418" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 237.028802][ T40] audit: type=1326 audit(1750423721.179:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23821 comm="syz.1.8418" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 237.043814][ T40] audit: type=1326 audit(1750423721.179:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23821 comm="syz.1.8418" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f05598 code=0x7ffc0000 [ 237.051927][ T40] audit: type=1326 audit(1750423721.189:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23821 comm="syz.1.8418" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f05598 code=0x7ffc0000 [ 237.060996][ T40] audit: type=1326 audit(1750423721.189:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23821 comm="syz.1.8418" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f05598 code=0x7ffc0000 [ 237.084799][ T40] audit: type=1326 audit(1750423721.189:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23821 comm="syz.1.8418" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f05598 code=0x7ffc0000 [ 237.760145][T23898] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8453'. [ 237.765594][T23898] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8453'. [ 237.838463][T23904] kvm: kvm [23903]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000079) [ 238.052977][ T9] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 238.172350][ T5956] Bluetooth: hci4: command 0x0c1a tx timeout [ 238.213939][ T9] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 238.217079][ T9] usb 7-1: config 0 interface 0 has no altsetting 0 [ 238.220888][ T9] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 238.224232][ T9] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 238.227375][ T9] usb 7-1: Product: syz [ 238.228654][ T9] usb 7-1: Manufacturer: syz [ 238.230621][ T9] usb 7-1: SerialNumber: syz [ 238.233808][ T9] usb 7-1: config 0 descriptor?? [ 238.239635][ T9] usb 7-1: selecting invalid altsetting 0 [ 238.353832][T23944] syz.1.8476: attempt to access beyond end of device [ 238.353832][T23944] loop3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 238.359699][T23944] FAT-fs (loop3): unable to read boot sector [ 238.368010][T23946] can0: slcan on ptm0. [ 238.446079][ T9] usb 7-1: USB disconnect, device number 11 [ 238.462741][T23945] can0 (unregistered): slcan off ptm0. [ 238.902345][ T54] vhci_hcd: vhci_device speed not set [ 239.046890][T24010] binder: 24009:24010 ioctl c0306201 800001c0 returned -14 [ 239.283734][ T9] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 239.326419][T24036] bridge: RTM_NEWNEIGH with unconfigured vlan 2 on bridge0 [ 239.444717][ T9] usb 7-1: config 0 has an invalid interface number: 153 but max is 0 [ 239.448093][ T9] usb 7-1: config 0 has no interface number 0 [ 239.450797][ T9] usb 7-1: config 0 interface 153 has no altsetting 0 [ 239.463741][ T9] usb 7-1: New USB device found, idVendor=1199, idProduct=6852, bcdDevice=57.34 [ 239.467111][ T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 239.470542][ T9] usb 7-1: Product: syz [ 239.473001][ T9] usb 7-1: Manufacturer: syz [ 239.474957][ T9] usb 7-1: SerialNumber: syz [ 239.479037][ T9] usb 7-1: config 0 descriptor?? [ 239.484930][ T9] sierra 7-1:0.153: Sierra USB modem converter detected [ 239.696569][ T9] usb 7-1: USB disconnect, device number 12 [ 239.697349][ T9] sierra 7-1:0.153: device disconnected [ 240.300638][T24075] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8538'. [ 240.860613][T24119] overlayfs: failed to clone lowerpath [ 241.302585][T24166] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8580'. [ 242.000247][T24216] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8603'. [ 242.049541][T24219] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8604'. [ 242.599514][ T40] kauditd_printk_skb: 588 callbacks suppressed [ 242.599531][ T40] audit: type=1326 audit(2000000000.149:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24268 comm="syz.2.8627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f15598 code=0x7ffc0000 [ 242.614514][ T40] audit: type=1326 audit(2000000000.149:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24268 comm="syz.2.8627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f15598 code=0x7ffc0000 [ 242.625035][ T40] audit: type=1326 audit(2000000000.149:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24268 comm="syz.2.8627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f15598 code=0x7ffc0000 [ 242.637048][ T40] audit: type=1326 audit(2000000000.149:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24268 comm="syz.2.8627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f15598 code=0x7ffc0000 [ 242.644307][ T40] audit: type=1326 audit(2000000000.149:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24268 comm="syz.2.8627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f15598 code=0x7ffc0000 [ 242.650838][ T40] audit: type=1326 audit(2000000000.149:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24268 comm="syz.2.8627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f15598 code=0x7ffc0000 [ 242.658951][ T40] audit: type=1326 audit(2000000000.149:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24268 comm="syz.2.8627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f15598 code=0x7ffc0000 [ 242.665757][ T40] audit: type=1326 audit(2000000000.149:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24268 comm="syz.2.8627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f15598 code=0x7ffc0000 [ 242.672502][ T40] audit: type=1326 audit(2000000000.149:991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24268 comm="syz.2.8627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f15598 code=0x7ffc0000 [ 242.679109][ T40] audit: type=1326 audit(2000000000.149:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24268 comm="syz.2.8627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f15598 code=0x7ffc0000 [ 242.702535][T24271] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 242.706466][T24271] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 242.709181][T24271] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 242.962813][T24283] bridge_slave_0: invalid flags given to default FDB implementation [ 243.053817][ T54] kernel read not supported for file /dsp1 (pid: 54 comm: kworker/1:1) [ 243.060952][T24292] program syz.5.8637 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 243.128631][T24299] block device autoloading is deprecated and will be removed. [ 243.267576][T24320] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8650'. [ 243.314826][T24328] PKCS7: Unknown OID: [5] 0.0 [ 243.316660][T24328] PKCS7: Only support pkcs7_signedData type [ 244.012321][ T54] usb 9-1: new full-speed USB device number 12 using dummy_hcd [ 244.165286][ T54] usb 9-1: config index 0 descriptor too short (expected 156, got 27) [ 244.167906][ T54] usb 9-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 244.171505][ T54] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10 [ 244.175201][ T54] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64 [ 244.182240][ T54] usb 9-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 244.186255][ T54] usb 9-1: config 0 interface 0 has no altsetting 0 [ 244.189820][ T54] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 244.193062][ T54] usb 9-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 244.195787][ T54] usb 9-1: Product: syz [ 244.197264][ T54] usb 9-1: Manufacturer: syz [ 244.198751][ T54] usb 9-1: SerialNumber: syz [ 244.201299][ T54] usb 9-1: config 0 descriptor?? [ 244.203709][T24356] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 244.206817][ T54] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 244.210405][ T54] ldusb 9-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 244.578957][ T9] usb 9-1: USB disconnect, device number 12 [ 244.582457][ T9] ldusb 9-1:0.0: LD USB Device #0 now disconnected [ 244.712356][ T54] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 244.732328][ T5956] Bluetooth: hci4: command 0x0c1a tx timeout [ 244.732783][ T5306] Bluetooth: hci3: command 0x040f tx timeout [ 244.734457][ T5950] Bluetooth: hci2: command 0x0406 tx timeout [ 244.864743][ T54] usb 6-1: Using ep0 maxpacket: 8 [ 244.869983][ T54] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 244.875319][ T54] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 244.878576][ T54] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 244.882575][ T54] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 244.886976][ T54] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 244.890587][ T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 245.106870][ T54] usb 6-1: GET_CAPABILITIES returned 0 [ 245.108808][ T54] usbtmc 6-1:16.0: can't read capabilities [ 245.137598][T24397] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8685'. [ 245.277049][T24404] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 245.279117][T24404] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 245.281105][T24404] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 245.307866][ T54] usb 6-1: USB disconnect, device number 11 [ 245.760037][T24436] kvm_intel: kvm [24435]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x2 [ 246.297908][T24484] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8726'. [ 246.650663][T24504] netlink: 27 bytes leftover after parsing attributes in process `syz.1.8735'. [ 246.692737][ T836] usb 9-1: new high-speed USB device number 13 using dummy_hcd [ 246.872704][ T836] usb 9-1: Using ep0 maxpacket: 16 [ 246.876241][ T836] usb 9-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 246.880377][ T836] usb 9-1: config 0 interface 0 has no altsetting 0 [ 246.883428][ T836] usb 9-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 246.887148][ T836] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 246.892423][ T836] usb 9-1: config 0 descriptor?? [ 247.133750][ T836] usbhid 9-1:0.0: can't add hid device: -71 [ 247.136263][ T836] usbhid 9-1:0.0: probe with driver usbhid failed with error -71 [ 247.140008][ T836] usb 9-1: USB disconnect, device number 13 [ 247.292387][ T5956] Bluetooth: hci4: command 0x0c1a tx timeout [ 247.292442][ T5950] Bluetooth: hci3: command 0x040f tx timeout [ 247.292473][ T5306] Bluetooth: hci2: command 0x0406 tx timeout [ 248.137441][T24570] netlink: 36 bytes leftover after parsing attributes in process `syz.4.8766'. [ 248.196548][T24576] binder: 24575:24576 ioctl c018620c 80000000 returned -1 [ 248.736923][T24599] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.829402][T24608] loop8: detected capacity change from 0 to 1 [ 248.834851][T24608] Dev loop8: unable to read RDB block 1 [ 248.837230][T24608] loop8: unable to read partition table [ 248.839675][T24608] loop8: partition table beyond EOD, truncated [ 248.842082][T24608] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 249.457733][ T5950] Bluetooth: hci3: unexpected event for opcode 0x2005 [ 249.704881][ T40] kauditd_printk_skb: 1402 callbacks suppressed [ 249.704892][ T40] audit: type=1326 audit(2000000007.259:2395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24664 comm="syz.4.8810" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 249.715017][ T40] audit: type=1326 audit(2000000007.259:2396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24664 comm="syz.4.8810" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f03598 code=0x7ffc0000 [ 249.721636][ T40] audit: type=1326 audit(2000000007.259:2397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24664 comm="syz.4.8810" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f03598 code=0x7ffc0000 [ 249.730351][ T40] audit: type=1326 audit(2000000007.259:2398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24664 comm="syz.4.8810" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f03598 code=0x7ffc0000 [ 249.740862][ T40] audit: type=1326 audit(2000000007.259:2399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24664 comm="syz.4.8810" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 249.748616][ T40] audit: type=1326 audit(2000000007.259:2400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24664 comm="syz.4.8810" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f03598 code=0x7ffc0000 [ 249.759206][ T40] audit: type=1326 audit(2000000007.259:2401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24664 comm="syz.4.8810" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f03598 code=0x7ffc0000 [ 249.766694][ T40] audit: type=1326 audit(2000000007.259:2402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24664 comm="syz.4.8810" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 249.775431][ T40] audit: type=1326 audit(2000000007.259:2403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24664 comm="syz.4.8810" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f03598 code=0x7ffc0000 [ 249.782266][ T40] audit: type=1326 audit(2000000007.259:2404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24664 comm="syz.4.8810" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x7ffc0000 [ 249.952663][T24683] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8825'. [ 249.955534][T24683] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8825'. [ 250.446713][T24703] sctp: [Deprecated]: syz.4.8828 (pid 24703) Use of struct sctp_assoc_value in delayed_ack socket option. [ 250.446713][T24703] Use struct sctp_sack_info instead [ 250.550188][T24714] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8831'. [ 250.574398][T24717] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8833'. [ 250.786238][T24730] netlink: 72 bytes leftover after parsing attributes in process `syz.4.8839'. [ 251.088554][ T54] kernel read not supported for file /video37 (pid: 54 comm: kworker/1:1) [ 251.200635][T24770] Failed to get privilege flags for destination (handle=0x2:0xd) [ 251.425510][T24794] ipvlan2: entered promiscuous mode [ 251.427871][T24794] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 251.430796][T24794] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 252.044785][T24813] serio: Serial port ptm0 [ 252.331107][T24834] block nbd0: Unsupported socket: shutdown callout must be supported. [ 252.684432][ T34] usb 9-1: new high-speed USB device number 14 using dummy_hcd [ 252.863343][ T34] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 252.866175][ T34] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.868666][ T34] usb 9-1: Product: syz [ 252.869987][ T34] usb 9-1: Manufacturer: syz [ 252.871482][ T34] usb 9-1: SerialNumber: syz [ 252.883376][ T34] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 252.907069][ T34] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 253.122389][ T6010] usb 9-1: USB disconnect, device number 14 [ 253.247318][T24869] loop9: detected capacity change from 0 to 8 [ 253.252633][T24869] Dev loop9: unable to read RDB block 8 [ 253.254430][T24869] loop9: unable to read partition table [ 253.256967][T24869] loop9: partition table beyond EOD, truncated [ 253.259500][T24869] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5) [ 253.932383][ T34] ath9k_htc 9-1:1.0: ath9k_htc: Target is unresponsive [ 253.935610][ T34] ath9k_htc: Failed to initialize the device [ 253.939800][ T6010] usb 9-1: ath9k_htc: USB layer deinitialized [ 254.573440][ T6449] Bluetooth: hci1: Frame reassembly failed (-84) [ 254.743459][T24958] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8941'. [ 254.796083][T24958] bridge_slave_1 (unregistering): left allmulticast mode [ 254.798912][T24958] bridge_slave_1 (unregistering): left promiscuous mode [ 254.801239][T24958] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.134195][ T1419] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.622068][T24993] netlink: 4 bytes leftover after parsing attributes in process `syz.2.8958'. [ 255.740750][T25003] gretap0: entered promiscuous mode [ 255.743172][T25003] vlan6: entered promiscuous mode [ 256.662449][ T5956] Bluetooth: hci1: command 0xfc11 tx timeout [ 256.663303][ T5950] Bluetooth: hci1: Entering manufacturer mode failed (-110) [ 256.728871][T25039] netem: invalid attributes len -3 [ 256.730527][T25039] netem: change failed [ 256.804429][T25045] loop6: detected capacity change from 0 to 63 [ 257.169213][T25068] kvm_intel: kvm [25067]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0xffffffffffffffff [ 257.600024][T25109] netlink: 'syz.1.9013': attribute type 1 has an invalid length. [ 257.602938][T25109] netlink: 224 bytes leftover after parsing attributes in process `syz.1.9013'. [ 257.722521][T25119] random: crng reseeded on system resumption [ 258.472998][ T34] kernel read not supported for file /dsp1 (pid: 34 comm: kworker/3:0) [ 258.721328][ T5956] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 258.725645][ T5956] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 258.730372][ T5956] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 258.738007][ T5956] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 258.741699][ T5956] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 258.888393][T25163] chnl_net:caif_netlink_parms(): no params data found [ 258.987007][T25163] bridge0: port 1(bridge_slave_0) entered blocking state [ 258.990112][T25163] bridge0: port 1(bridge_slave_0) entered disabled state [ 258.993708][T25163] bridge_slave_0: entered allmulticast mode [ 258.996535][T25163] bridge_slave_0: entered promiscuous mode [ 258.999895][T25163] bridge0: port 2(bridge_slave_1) entered blocking state [ 259.003126][T25163] bridge0: port 2(bridge_slave_1) entered disabled state [ 259.006187][T25163] bridge_slave_1: entered allmulticast mode [ 259.010138][T25163] bridge_slave_1: entered promiscuous mode [ 259.077406][T25163] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 259.084536][T25163] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 259.141819][T25163] team0: Port device team_slave_0 added [ 259.146733][T25163] team0: Port device team_slave_1 added [ 259.191542][T25163] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 259.195815][T25163] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 259.204883][T25163] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 259.210939][T25163] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 259.214392][T25163] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 259.225132][T25163] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 259.289369][T25163] hsr_slave_0: entered promiscuous mode [ 259.291721][T25163] hsr_slave_1: entered promiscuous mode [ 259.294223][T25163] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 259.296638][T25163] Cannot create hsr debugfs directory [ 259.448709][T25163] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 259.454635][T25163] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 259.458717][T25163] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 259.463312][T25163] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 259.513181][T25163] 8021q: adding VLAN 0 to HW filter on device bond0 [ 259.534002][T25163] 8021q: adding VLAN 0 to HW filter on device team0 [ 259.541028][ T6461] bridge0: port 1(bridge_slave_0) entered blocking state [ 259.543376][ T6461] bridge0: port 1(bridge_slave_0) entered forwarding state [ 259.551666][ T6451] bridge0: port 2(bridge_slave_1) entered blocking state [ 259.554749][ T6451] bridge0: port 2(bridge_slave_1) entered forwarding state [ 259.710317][T25163] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 259.908145][T25163] veth0_vlan: entered promiscuous mode [ 259.925210][T25163] veth1_vlan: entered promiscuous mode [ 259.953186][T25163] veth0_macvtap: entered promiscuous mode [ 259.959177][T25163] veth1_macvtap: entered promiscuous mode [ 259.974888][T25163] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 259.983345][T25163] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 259.988115][T25163] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 259.991271][T25163] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 259.995801][T25163] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 259.999122][T25163] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.043958][ T6473] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 260.046846][ T6473] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 260.059570][ T6449] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 260.065098][ T6449] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 260.451183][T25275] loop6: detected capacity change from 0 to 524287999 [ 260.771131][T25310] input: syz0 as /devices/virtual/input/input31 [ 260.822654][ T5950] Bluetooth: hci1: command tx timeout [ 261.419659][T25389] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9128'. [ 261.579364][T25393] netlink: 20 bytes leftover after parsing attributes in process `syz.6.9130'. [ 261.731567][T25407] batadv_slave_0: entered promiscuous mode [ 261.738170][T25407] batadv_slave_0: left promiscuous mode [ 261.869924][T25413] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9140'. [ 261.873334][T25413] netlink: 'syz.4.9140': attribute type 30 has an invalid length. [ 261.879705][T25413] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 261.882877][T25413] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 261.886035][T25413] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 261.888833][T25413] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 261.922029][ T40] kauditd_printk_skb: 68 callbacks suppressed [ 261.922040][ T40] audit: type=1326 audit(2000000019.469:2473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.6.9142" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 261.935317][ T40] audit: type=1326 audit(2000000019.469:2474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.6.9142" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 261.944031][ T40] audit: type=1326 audit(2000000019.469:2475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.6.9142" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 261.956234][ T40] audit: type=1326 audit(2000000019.469:2476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.6.9142" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 261.965706][ T40] audit: type=1326 audit(2000000019.479:2477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.6.9142" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 261.974724][ T40] audit: type=1326 audit(2000000019.479:2478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.6.9142" exe="/syz-executor" sig=0 arch=40000003 syscall=369 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 261.984243][ T40] audit: type=1326 audit(2000000019.479:2479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.6.9142" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 261.993268][ T40] audit: type=1326 audit(2000000019.479:2480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.6.9142" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 262.001453][ T40] audit: type=1326 audit(2000000019.479:2481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.6.9142" exe="/syz-executor" sig=0 arch=40000003 syscall=371 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 262.008525][ T40] audit: type=1326 audit(2000000019.479:2482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25416 comm="syz.6.9142" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 262.114132][T25430] netlink: 'syz.6.9147': attribute type 19 has an invalid length. [ 262.181386][T25436] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9151'. [ 262.320112][T25449] netlink: 'syz.1.9157': attribute type 1 has an invalid length. [ 262.322967][T25449] netlink: 'syz.1.9157': attribute type 4 has an invalid length. [ 262.329783][T25449] netlink: 188 bytes leftover after parsing attributes in process `syz.1.9157'. [ 262.333273][T25449] NCSI netlink: No device for ifindex 0 [ 262.683134][T25475] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9168'. [ 262.688206][T25475] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9168'. [ 262.892391][ T5950] Bluetooth: hci1: command tx timeout [ 262.989894][T25493] netlink: 'syz.4.9177': attribute type 2 has an invalid length. [ 263.323997][T25508] vivid-000: disconnect [ 263.338252][T25506] vivid-000: reconnect [ 264.010678][T25543] input: syz0 as /devices/virtual/input/input32 [ 264.404156][T25573] netlink: 'syz.6.9214': attribute type 21 has an invalid length. [ 264.973990][ T5950] Bluetooth: hci1: command tx timeout [ 265.029957][T25627] input: syz1 as /devices/virtual/input/input33 [ 265.181927][T25647] netlink: 44 bytes leftover after parsing attributes in process `syz.2.9247'. [ 265.276537][T25658] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9253'. [ 265.373724][T25669] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9258'. [ 265.706200][T25691] loop8: detected capacity change from 0 to 7 [ 265.710103][T25691] Dev loop8: unable to read RDB block 7 [ 265.711972][T25691] loop8: AHDI p1 p2 p3 [ 265.713990][T25691] loop8: partition table partially beyond EOD, truncated [ 265.716878][T25691] loop8: p1 start 1601398130 is beyond EOD, truncated [ 265.719505][T25691] loop8: p2 start 1702059890 is beyond EOD, truncated [ 266.425892][ T838] usb 9-1: new high-speed USB device number 15 using dummy_hcd [ 266.431209][T25733] overlayfs: missing 'workdir' [ 266.572298][ T838] usb 9-1: Using ep0 maxpacket: 8 [ 266.576141][ T838] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 266.580560][ T838] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16 [ 266.588118][ T838] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 266.592603][ T838] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.596323][ T838] usb 9-1: Product: syz [ 266.598198][ T838] usb 9-1: Manufacturer: syz [ 266.600164][ T838] usb 9-1: SerialNumber: syz [ 266.809425][ T838] cdc_ncm 9-1:1.0: bind() failure [ 266.813831][ T838] cdc_ncm 9-1:1.1: CDC Union missing and no IAD found [ 266.816281][ T838] cdc_ncm 9-1:1.1: bind() failure [ 266.819667][ T838] usb 9-1: USB disconnect, device number 15 [ 266.972495][ T34] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 267.052479][ T5950] Bluetooth: hci1: command tx timeout [ 267.076942][T25766] bridge0: port 2(bridge_slave_1) entered disabled state [ 267.153732][ T34] usb 6-1: unable to get BOS descriptor or descriptor too short [ 267.157935][ T34] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 267.161141][ T34] usb 6-1: can't read configurations, error -71 [ 267.418390][T25789] kernel read not supported for file /eth0 (pid: 25789 comm: syz.6.9313) [ 267.422573][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 267.422585][ T40] audit: type=1800 audit(2000000024.969:2485): pid=25789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.9313" name="eth0" dev="mqueue" ino=91345 res=0 errno=0 [ 267.668592][T25811] __nla_validate_parse: 1 callbacks suppressed [ 267.668607][T25811] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9322'. [ 267.941732][T25846] batadv_slave_1: entered promiscuous mode [ 267.945001][T25843] batadv_slave_1: left promiscuous mode [ 268.041323][T25854] netlink: 'syz.6.9344': attribute type 1 has an invalid length. [ 268.261139][T25881] dlm: non-version read from control device 34 [ 268.594409][T25911] block nbd2: NBD_DISCONNECT [ 268.605726][T25911] block nbd2: Send disconnect failed -22 [ 268.608998][T25910] block nbd2: Disconnected due to user request. [ 268.611483][T25910] block nbd2: shutting down sockets [ 268.616137][T25918] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9373'. [ 268.784717][T25938] netlink: 'syz.4.9384': attribute type 14 has an invalid length. [ 270.347930][T26034] netlink: 'syz.1.9430': attribute type 3 has an invalid length. [ 270.351121][T26034] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9430'. [ 270.448556][ T40] audit: type=1326 audit(2000000027.999:2486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26037 comm="syz.1.9432" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x0 [ 271.296946][T26109] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9466'. [ 271.564390][ T6461] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 271.568741][ T6461] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.573661][ T6461] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 271.701463][ T6461] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 271.708382][ T6461] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.715155][ T6461] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 271.805152][ T5956] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 271.809644][ T5956] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 271.811955][ T6461] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 271.814125][ T5956] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 271.821814][ T5956] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 271.824626][ T5956] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 271.832574][ T6461] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.836329][ T6461] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 271.898835][T26164] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9492'. [ 271.937032][ T6461] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 271.943261][ T6461] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 271.946555][ T6461] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 272.003332][T26153] chnl_net:caif_netlink_parms(): no params data found [ 272.086455][T26153] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.088732][T26153] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.091279][T26153] bridge_slave_0: entered allmulticast mode [ 272.094234][T26153] bridge_slave_0: entered promiscuous mode [ 272.098744][T26153] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.100937][T26153] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.103666][T26153] bridge_slave_1: entered allmulticast mode [ 272.106255][T26153] bridge_slave_1: entered promiscuous mode [ 272.152545][T26190] netlink: 48 bytes leftover after parsing attributes in process `syz.6.9501'. [ 272.156539][T26153] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 272.160813][T26153] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 272.216041][ T6461] bridge_slave_0: left allmulticast mode [ 272.222939][ T6461] bridge_slave_0: left promiscuous mode [ 272.225437][ T6461] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.243143][T26198] netlink: 'syz.6.9505': attribute type 8 has an invalid length. [ 272.360645][ T6461] batman_adv: batadv0: Removing interface: gretap1 [ 272.544793][ T6461] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 272.549207][ T6461] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 272.552844][ T6461] bond0 (unregistering): Released all slaves [ 272.562592][T26153] team0: Port device team_slave_0 added [ 272.576898][T26153] team0: Port device team_slave_1 added [ 272.629718][T26153] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 272.632963][T26153] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 272.644425][T26153] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 272.654055][T26153] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 272.657015][T26153] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 272.671925][T26153] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 272.676859][ T6461] tipc: Left network mode [ 272.723902][ T6461] IPVS: stopping master sync thread 15423 ... [ 272.761033][T26153] hsr_slave_0: entered promiscuous mode [ 272.770305][T26153] hsr_slave_1: entered promiscuous mode [ 272.774221][T26153] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 272.777172][T26153] Cannot create hsr debugfs directory [ 272.933349][ T40] audit: type=1326 audit(2000000030.489:2487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26223 comm="syz.1.9517" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 272.942505][ T40] audit: type=1326 audit(2000000030.489:2488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26223 comm="syz.1.9517" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f05598 code=0x7ffc0000 [ 272.954823][ T40] audit: type=1326 audit(2000000030.489:2489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26223 comm="syz.1.9517" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 272.961640][ T40] audit: type=1326 audit(2000000030.489:2490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26223 comm="syz.1.9517" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 272.967921][ T40] audit: type=1326 audit(2000000030.489:2491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26223 comm="syz.1.9517" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f05579 code=0x7ffc0000 [ 272.974769][ T6461] hsr_slave_0: left promiscuous mode [ 272.974768][ T40] audit: type=1326 audit(2000000030.489:2492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26223 comm="syz.1.9517" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f05598 code=0x7ffc0000 [ 272.974795][ T40] audit: type=1326 audit(2000000030.489:2493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26223 comm="syz.1.9517" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f05598 code=0x7ffc0000 [ 272.993471][ T6461] hsr_slave_1: left promiscuous mode [ 272.993484][ T40] audit: type=1326 audit(2000000030.489:2494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26223 comm="syz.1.9517" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f05598 code=0x7ffc0000 [ 272.995917][ T6461] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 273.006284][ T6461] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 273.008976][ T40] audit: type=1326 audit(2000000030.489:2495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26223 comm="syz.1.9517" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f05598 code=0x7ffc0000 [ 273.017320][ T40] audit: type=1326 audit(2000000030.489:2496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26223 comm="syz.1.9517" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f05598 code=0x7ffc0000 [ 273.024661][ T6461] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 273.029435][ T6461] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 273.065105][ T6461] veth1_macvtap: left allmulticast mode [ 273.067568][ T6461] veth1_macvtap: left promiscuous mode [ 273.070103][ T6461] veth0_macvtap: left promiscuous mode [ 273.073742][ T6461] veth1_vlan: left promiscuous mode [ 273.076045][ T6461] veth0_vlan: left promiscuous mode [ 273.862346][ T5950] Bluetooth: hci2: command tx timeout [ 274.446311][ T6461] team0 (unregistering): Port device team_slave_1 removed [ 274.519241][ T6461] team0 (unregistering): Port device team_slave_0 removed [ 274.980730][T26153] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 274.990412][T26153] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 275.001251][T26153] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 275.007310][T26153] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 275.070335][T26153] 8021q: adding VLAN 0 to HW filter on device bond0 [ 275.081782][T26153] 8021q: adding VLAN 0 to HW filter on device team0 [ 275.089488][ T6427] bridge0: port 1(bridge_slave_0) entered blocking state [ 275.091870][ T6427] bridge0: port 1(bridge_slave_0) entered forwarding state [ 275.107464][ T6427] bridge0: port 2(bridge_slave_1) entered blocking state [ 275.109811][ T6427] bridge0: port 2(bridge_slave_1) entered forwarding state [ 275.267741][T26153] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 275.385574][ T6461] IPVS: stop unused estimator thread 0... [ 275.418392][T26286] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9538'. [ 275.431146][T26153] veth0_vlan: entered promiscuous mode [ 275.437152][T26153] veth1_vlan: entered promiscuous mode [ 275.464621][T26153] veth0_macvtap: entered promiscuous mode [ 275.469825][T26153] veth1_macvtap: entered promiscuous mode [ 275.475678][T26292] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9540'. [ 275.479376][T26153] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 275.487315][T26153] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 275.491048][T26153] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.494881][T26153] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.498134][T26153] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.501643][T26153] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 275.555561][ T6461] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 275.558963][ T6461] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 275.572342][ T6461] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 275.575642][ T6461] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 275.836203][T26322] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9554'. [ 275.933036][ T5950] Bluetooth: hci2: command tx timeout [ 277.667737][T26394] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 277.840781][T26402] netlink: 'syz.7.9588': attribute type 1 has an invalid length. [ 278.014282][ T5950] Bluetooth: hci2: command tx timeout [ 278.144142][ T1471] kernel read not supported for file /dsp1 (pid: 1471 comm: kworker/0:2) [ 278.715601][T26489] veth1_to_bond: entered allmulticast mode [ 278.717761][T26489] veth1_to_bond: entered promiscuous mode [ 278.719951][T26487] veth1_to_bond: left promiscuous mode [ 278.722162][T26487] veth1_to_bond: left allmulticast mode [ 278.802286][ T34] usb 11-1: new high-speed USB device number 2 using dummy_hcd [ 278.972636][T26505] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9636'. [ 278.983467][ T34] usb 11-1: config 0 has no interfaces? [ 278.985257][ T34] usb 11-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 278.988656][ T34] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.000612][ T34] usb 11-1: config 0 descriptor?? [ 279.202993][T26523] netlink: 56 bytes leftover after parsing attributes in process `syz.7.9646'. [ 279.209175][ T34] usb 11-1: USB disconnect, device number 2 [ 279.314326][T26535] netlink: 'syz.7.9651': attribute type 83 has an invalid length. [ 279.436921][T26545] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9656'. [ 279.441565][T26545] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9656'. [ 279.764846][T26563] openvswitch: netlink: Message has 4 unknown bytes. [ 279.917873][T26578] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9672'. [ 280.102890][ T5950] Bluetooth: hci2: command tx timeout [ 280.532413][ T1471] usb 12-1: new high-speed USB device number 2 using dummy_hcd [ 280.682255][ T1471] usb 12-1: Using ep0 maxpacket: 8 [ 280.685468][ T1471] usb 12-1: config 0 has no interfaces? [ 280.689433][ T1471] usb 12-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 280.692910][ T1471] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.695571][ T1471] usb 12-1: Product: syz [ 280.696923][ T1471] usb 12-1: Manufacturer: syz [ 280.698396][ T1471] usb 12-1: SerialNumber: syz [ 280.701324][ T1471] usb 12-1: config 0 descriptor?? [ 280.910395][ T6029] usb 12-1: USB disconnect, device number 2 [ 281.029769][T26610] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9688'. [ 281.303101][ T40] kauditd_printk_skb: 322 callbacks suppressed [ 281.303116][ T40] audit: type=1326 audit(2000000038.859:2819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26622 comm="syz.6.9694" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 281.317319][ T40] audit: type=1326 audit(2000000038.859:2820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26622 comm="syz.6.9694" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 281.326607][ T40] audit: type=1326 audit(2000000038.859:2821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26622 comm="syz.6.9694" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 281.335524][ T40] audit: type=1326 audit(2000000038.859:2822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26622 comm="syz.6.9694" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 281.347781][ T40] audit: type=1326 audit(2000000038.859:2823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26622 comm="syz.6.9694" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 281.358139][ T40] audit: type=1326 audit(2000000038.859:2824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26622 comm="syz.6.9694" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 281.365354][ T40] audit: type=1326 audit(2000000038.859:2825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26622 comm="syz.6.9694" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 281.373834][ T40] audit: type=1326 audit(2000000038.859:2826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26622 comm="syz.6.9694" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 281.382944][ T40] audit: type=1326 audit(2000000038.859:2827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26622 comm="syz.6.9694" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 281.390859][ T40] audit: type=1326 audit(2000000038.859:2828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26622 comm="syz.6.9694" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 281.631039][T26643] input: syz0 as /devices/virtual/input/input34 [ 281.757877][T26662] netlink: 72 bytes leftover after parsing attributes in process `syz.6.9713'. [ 281.781070][T26664] input: syz0 as /devices/virtual/input/input35 [ 281.850626][T26672] vxcan1: tx address claim with dest, not broadcast [ 283.064351][T26714] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9737'. [ 283.140528][T26722] netlink: 60 bytes leftover after parsing attributes in process `syz.6.9740'. [ 283.301153][T26728] overlayfs: workdir and upperdir must be separate subtrees [ 283.499698][T26752] netlink: 'syz.4.9755': attribute type 21 has an invalid length. [ 283.503463][T26752] netlink: 156 bytes leftover after parsing attributes in process `syz.4.9755'. [ 283.518390][T26752] netlink: 'syz.4.9755': attribute type 21 has an invalid length. [ 283.520877][T26752] netlink: 156 bytes leftover after parsing attributes in process `syz.4.9755'. [ 283.771618][T26769] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9761'. [ 283.916786][T26783] libceph: resolve '0' (ret=-3): failed [ 283.976439][T26789] netlink: 256 bytes leftover after parsing attributes in process `syz.7.9771'. [ 283.979326][T26789] netlink: 56 bytes leftover after parsing attributes in process `syz.7.9771'. [ 284.312336][ T837] usb 12-1: new high-speed USB device number 3 using dummy_hcd [ 284.342381][ T1471] usb 9-1: new high-speed USB device number 16 using dummy_hcd [ 284.473978][ T837] usb 12-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 284.477481][ T837] usb 12-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 284.482072][ T837] usb 12-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 284.485817][ T837] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 284.490156][ T837] usb 12-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 284.503356][ T1471] usb 9-1: Using ep0 maxpacket: 32 [ 284.504355][ T837] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 284.506604][ T1471] usb 9-1: config index 0 descriptor too short (expected 156, got 27) [ 284.508782][ T837] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 284.511283][ T1471] usb 9-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 284.514664][ T837] usb 12-1: Product: syz [ 284.518061][ T1471] usb 9-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 284.519738][ T837] usb 12-1: Manufacturer: syz [ 284.523715][ T1471] usb 9-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 284.530630][ T1471] usb 9-1: config 0 interface 0 has no altsetting 0 [ 284.533612][ T837] cdc_wdm 12-1:1.0: skipping garbage [ 284.535394][ T1471] usb 9-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 284.535873][ T837] cdc_wdm 12-1:1.0: skipping garbage [ 284.538693][ T1471] usb 9-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 284.544366][ T837] cdc_wdm 12-1:1.0: cdc-wdm0: USB WDM device [ 284.544939][ T1471] usb 9-1: Product: syz [ 284.546895][ T837] cdc_wdm 12-1:1.0: Unknown control protocol [ 284.548227][ T1471] usb 9-1: Manufacturer: syz [ 284.552253][ T1471] usb 9-1: SerialNumber: syz [ 284.554860][ T1471] usb 9-1: config 0 descriptor?? [ 284.557780][ T1471] ldusb 9-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 284.561220][ T1471] ldusb 9-1:0.0: LD USB Device #1 now attached to major 180 minor 1 [ 284.740525][ T837] usb 12-1: USB disconnect, device number 3 [ 284.784846][ T1471] kernel read not supported for file /audio1 (pid: 1471 comm: kworker/0:2) [ 286.394871][T26868] Attempt to restore checkpoint with obsolete wellknown handles [ 286.939400][ T40] kauditd_printk_skb: 1580 callbacks suppressed [ 286.939416][ T40] audit: type=1326 audit(2000000044.489:4409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26884 comm="syz.6.9815" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 286.962405][ T40] audit: type=1326 audit(2000000044.489:4410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26884 comm="syz.6.9815" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 286.970356][ T40] audit: type=1326 audit(2000000044.489:4411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26884 comm="syz.6.9815" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 286.979514][ T40] audit: type=1326 audit(2000000044.489:4412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26884 comm="syz.6.9815" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 286.987301][ T40] audit: type=1326 audit(2000000044.489:4413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26884 comm="syz.6.9815" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 286.995006][ T40] audit: type=1326 audit(2000000044.489:4414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26884 comm="syz.6.9815" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 287.002422][ T40] audit: type=1326 audit(2000000044.489:4415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26884 comm="syz.6.9815" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 287.009113][ T40] audit: type=1326 audit(2000000044.489:4416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26884 comm="syz.6.9815" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 287.018193][ T40] audit: type=1326 audit(2000000044.489:4417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26884 comm="syz.6.9815" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 287.025678][ T40] audit: type=1326 audit(2000000044.489:4418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26884 comm="syz.6.9815" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 287.027118][T26887] netlink: 27 bytes leftover after parsing attributes in process `syz.7.9816'. [ 287.110098][ T6009] usb 9-1: USB disconnect, device number 16 [ 287.113250][ T6009] ldusb 9-1:0.0: LD USB Device #1 now disconnected [ 287.144308][T26897] bond0: (slave macsec1): Error -34 calling dev_set_mtu [ 287.328947][T26911] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 287.333029][ T6449] Bluetooth: hci4: Frame reassembly failed (-84) [ 288.307022][T26927] bond0: entered promiscuous mode [ 288.308650][T26927] bond_slave_0: entered promiscuous mode [ 288.310673][T26927] bond_slave_1: entered promiscuous mode [ 288.313504][T26927] mac80211_hwsim hwsim18 wlan1: entered promiscuous mode [ 288.316887][T26927] hsr1: entered promiscuous mode [ 288.485900][T26939] netlink: 'syz.6.9841': attribute type 16 has an invalid length. [ 288.489198][T26939] netlink: 'syz.6.9841': attribute type 17 has an invalid length. [ 288.493095][ T5306] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 288.497284][ T5306] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 288.508612][ T5306] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 288.512625][ T5306] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 288.516678][ T5306] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 288.543446][T17587] syz_tun (unregistering): left promiscuous mode [ 288.545428][T17587] syz_tun (unregistering): left allmulticast mode [ 288.552619][T17587] team0: Port device syz_tun removed [ 288.586469][T26949] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9845'. [ 288.589286][T26949] ipvlan1: vlans aren't supported yet for dev_uc|mc_add() [ 288.647809][ T6427] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.700833][T26940] chnl_net:caif_netlink_parms(): no params data found [ 288.757096][ T6427] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.814386][T26940] bridge0: port 1(bridge_slave_0) entered blocking state [ 288.816982][T26940] bridge0: port 1(bridge_slave_0) entered disabled state [ 288.819501][T26940] bridge_slave_0: entered allmulticast mode [ 288.823866][T26940] bridge_slave_0: entered promiscuous mode [ 288.842009][ T6427] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.852928][T26940] bridge0: port 2(bridge_slave_1) entered blocking state [ 288.855793][T26940] bridge0: port 2(bridge_slave_1) entered disabled state [ 288.858148][T26940] bridge_slave_1: entered allmulticast mode [ 288.861280][T26940] bridge_slave_1: entered promiscuous mode [ 288.864058][T26976] netlink: 12 bytes leftover after parsing attributes in process `syz.7.9855'. [ 288.903623][T26940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 288.915274][ T6427] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.924527][T26940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 288.980582][T26940] team0: Port device team_slave_0 added [ 288.984839][T26940] team0: Port device team_slave_1 added [ 289.037152][T26940] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 289.040081][T26940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 289.051398][T26940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 289.060197][T26940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 289.062791][T26940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 289.072256][T26940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 289.140108][T26940] hsr_slave_0: entered promiscuous mode [ 289.142939][T26940] hsr_slave_1: entered promiscuous mode [ 289.145485][T26940] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 289.148103][T26940] Cannot create hsr debugfs directory [ 289.150226][ T6427] team0: left allmulticast mode [ 289.153737][ T6427] team_slave_0: left allmulticast mode [ 289.156862][ T6427] team_slave_1: left allmulticast mode [ 289.159135][ T6427] bridge0: port 3(team0) entered disabled state [ 289.164892][ T6427] bridge_slave_1: left allmulticast mode [ 289.167414][ T6427] bridge_slave_1: left promiscuous mode [ 289.169601][ T6427] bridge0: port 2(bridge_slave_1) entered disabled state [ 289.173468][ T6427] bridge_slave_0: left allmulticast mode [ 289.175322][ T6427] bridge_slave_0: left promiscuous mode [ 289.177436][ T6427] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.372431][ T5956] Bluetooth: hci4: command 0x1003 tx timeout [ 289.372484][ T5950] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 289.511700][ T6427] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 289.514894][ T6427] bond_slave_0: left allmulticast mode [ 289.517938][ T6427] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 289.525326][ T6427] bond_slave_1: left allmulticast mode [ 289.528087][ T6427] bond0 (unregistering): Released all slaves [ 289.603571][ T6427] tipc: Disabling bearer [ 289.610593][ T6427] tipc: Disabling bearer [ 289.617789][ T6427] tipc: Left network mode [ 289.702834][T26940] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 289.707671][T26940] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 289.715111][T26940] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 289.721368][T26940] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 289.772301][ T838] usb 9-1: new high-speed USB device number 17 using dummy_hcd [ 289.815142][ T6427] hsr_slave_0: left promiscuous mode [ 289.817234][ T6427] hsr_slave_1: left promiscuous mode [ 289.819553][ T6427] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 289.822538][ T6427] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 289.826332][ T6427] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 289.829362][ T6427] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 289.853361][ T6427] veth0_to_bond: left promiscuous mode [ 289.855692][ T6427] veth1_macvtap: left promiscuous mode [ 289.857826][ T6427] veth0_macvtap: left promiscuous mode [ 289.860030][ T6427] veth1_vlan: left promiscuous mode [ 289.862125][ T6427] veth0_vlan: left promiscuous mode [ 289.932452][ T838] usb 9-1: Using ep0 maxpacket: 16 [ 289.935926][ T838] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 289.939644][ T838] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 289.939740][T27031] ALSA: mixer_oss: invalid OSS volume 'Y' [ 289.952300][ T838] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 289.956289][ T838] usb 9-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 289.959092][ T838] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 289.964072][ T838] usb 9-1: config 0 descriptor?? [ 290.398649][ T838] shield 0003:0955:7214.000B: unknown main item tag 0x0 [ 290.412361][ T838] shield 0003:0955:7214.000B: unknown main item tag 0x0 [ 290.414497][ T838] shield 0003:0955:7214.000B: unknown main item tag 0x0 [ 290.422275][ T838] shield 0003:0955:7214.000B: unknown main item tag 0x0 [ 290.424420][ T838] shield 0003:0955:7214.000B: unknown main item tag 0x0 [ 290.486725][ T838] input: HID 0955:7214 Haptics as /devices/virtual/input/input36 [ 290.520250][ T838] shield 0003:0955:7214.000B: Registered Thunderstrike controller [ 290.528617][ T838] shield 0003:0955:7214.000B: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.4-1/input0 [ 290.574868][ T5950] Bluetooth: hci5: command tx timeout [ 290.578026][T27014] random: crng reseeded on system resumption [ 290.653472][ T838] shield 0003:0955:7214.000B: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 290.655606][ T836] kernel write not supported for file [eventfd] (pid: 836 comm: kworker/3:2) [ 290.660155][ T6010] usb 9-1: USB disconnect, device number 17 [ 290.662934][ T838] shield 0003:0955:7214.000B: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 290.666802][ T838] shield 0003:0955:7214.000B: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 290.670364][ T838] shield 0003:0955:7214.000B: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 290.753805][ T6427] team_slave_1 (unregistering): left promiscuous mode [ 290.759032][ T6427] team0 (unregistering): Port device team_slave_1 removed [ 290.833239][ T6427] team_slave_0 (unregistering): left promiscuous mode [ 290.837452][ T6427] team0 (unregistering): Port device team_slave_0 removed [ 291.352624][T26940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 291.362894][T26940] 8021q: adding VLAN 0 to HW filter on device team0 [ 291.369673][ T6428] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.371962][ T6428] bridge0: port 1(bridge_slave_0) entered forwarding state [ 291.377768][ T6447] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.380084][ T6447] bridge0: port 2(bridge_slave_1) entered forwarding state [ 291.509865][T26940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 291.620139][T27078] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9894'. [ 291.648723][T27073] hub 1-0:1.0: USB hub found [ 291.650581][T27073] hub 1-0:1.0: 2 ports detected [ 291.670040][T26940] veth0_vlan: entered promiscuous mode [ 291.684025][T26940] veth1_vlan: entered promiscuous mode [ 291.708998][T26940] veth0_macvtap: entered promiscuous mode [ 291.715846][T26940] veth1_macvtap: entered promiscuous mode [ 291.731035][T26940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 291.736486][T26940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 291.743288][T26940] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 291.746005][T26940] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 291.748855][T26940] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 291.751937][T26940] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 291.801255][ T6451] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.805066][ T6451] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.819072][ T6428] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.821615][ T6428] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.875402][ T6427] IPVS: stop unused estimator thread 0... [ 292.107703][T27132] binder: 27130:27132 ioctl c0306201 80000540 returned -14 [ 292.142146][T27134] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9921'. [ 292.232387][ T6028] usb 11-1: new high-speed USB device number 3 using dummy_hcd [ 292.241417][T27148] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9927'. [ 292.245144][T27148] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9927'. [ 292.377218][T27166] syzkaller1: tun_chr_ioctl cmd 1074025672 [ 292.379144][T27166] syzkaller1: ignored: set checksum disabled [ 292.383444][ T6028] usb 11-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 292.386303][ T6028] usb 11-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 292.389538][ T6028] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 292.394565][ T6028] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 292.397975][ T6028] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 292.402760][ T6028] usb 11-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 292.405621][ T6028] usb 11-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 292.408499][ T6028] usb 11-1: Product: syz [ 292.409386][T27167] hub 1-0:1.0: USB hub found [ 292.409851][ T6028] usb 11-1: Manufacturer: syz [ 292.411525][T27167] hub 1-0:1.0: 2 ports detected [ 292.415708][ T6028] cdc_wdm 11-1:1.0: skipping garbage [ 292.417404][ T6028] cdc_wdm 11-1:1.0: skipping garbage [ 292.419694][ T6028] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device [ 292.421606][ T6028] cdc_wdm 11-1:1.0: Unknown control protocol [ 292.540426][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.543951][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.546564][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.549679][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.552809][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.555256][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.558013][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.560531][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.563029][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.565785][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.568604][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.571232][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.575074][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.577320][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.579744][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.582638][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.584979][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.587789][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.591252][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.593695][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.596281][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.598701][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.601160][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.604645][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.607144][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.609487][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.611971][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.614390][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.616928][ T54] hid-generic 0001:0000:0000.000C: unknown main item tag 0x0 [ 292.619801][T27186] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 292.620154][ T54] hid-generic 0001:0000:0000.000C: hidraw0: HID vffffff.ff Device [syz0] on syz0 [ 292.625120][ T6028] usb 11-1: USB disconnect, device number 3 [ 292.627224][T27186] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.662372][ T5950] Bluetooth: hci5: command tx timeout [ 292.721311][T27186] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 292.725653][T27186] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.794063][T27186] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 292.797334][T27186] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.862593][T27186] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 292.866393][T27186] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 292.937980][T27186] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 292.941067][T27186] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 292.948321][T27186] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 292.951222][T27186] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 292.958375][T27186] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 292.960852][T27186] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 292.968120][T27186] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 292.970573][T27186] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.072954][T27194] hub 1-0:1.0: USB hub found [ 293.075526][T27194] hub 1-0:1.0: 2 ports detected [ 293.075811][T27200] netlink: 92 bytes leftover after parsing attributes in process `syz.7.9947'. [ 293.327665][T27229] hub 1-0:1.0: USB hub found [ 293.329339][T27229] hub 1-0:1.0: 2 ports detected [ 293.426765][T27241] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9967'. [ 293.613573][T27264] vivid-007: ================= START STATUS ================= [ 293.615965][T27264] vivid-007: Enable Output Cropping: true [ 293.618022][T27264] vivid-007: Enable Output Composing: true [ 293.619860][T27264] vivid-007: Enable Output Scaler: true [ 293.621774][T27264] vivid-007: Tx RGB Quantization Range: Automatic [ 293.625929][T27264] vivid-007: Transmit Mode: HDMI [ 293.627562][T27264] vivid-007: Hotplug Present: 0x00000000 [ 293.629350][T27264] vivid-007: RxSense Present: 0x00000000 [ 293.631175][T27264] vivid-007: EDID Present: 0x00000000 [ 293.633008][T27264] vivid-007: ================== END STATUS ================== [ 293.814251][T27278] netlink: 'syz.6.9985': attribute type 1 has an invalid length. [ 294.152845][T27314] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 294.156843][T27314] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 294.215698][T27318] random: crng reseeded on system resumption [ 294.280629][T27328] netlink: 'syz.8.10008': attribute type 16 has an invalid length. [ 294.291862][T27328] netlink: 'syz.8.10008': attribute type 17 has an invalid length. [ 294.527461][T27350] sp0: Synchronizing with TNC [ 294.670991][ T40] kauditd_printk_skb: 491 callbacks suppressed [ 294.671002][ T40] audit: type=1326 audit(2000000052.219:4910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27356 comm="syz.6.10021" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705e579 code=0x0 [ 294.732285][ T5950] Bluetooth: hci5: command tx timeout [ 295.592547][T27401] 9pnet_fd: p9_fd_create_unix (27401): problem connecting socket: qY3aK: -111 [ 295.627193][ T40] audit: type=1326 audit(2000000053.179:4911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27398 comm="syz.6.10039" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 295.636240][ T40] audit: type=1326 audit(2000000053.179:4912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27398 comm="syz.6.10039" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 295.646918][ T40] audit: type=1326 audit(2000000053.179:4913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27398 comm="syz.6.10039" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 295.657424][ T40] audit: type=1326 audit(2000000053.179:4914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27398 comm="syz.6.10039" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 295.666793][ T40] audit: type=1326 audit(2000000053.179:4915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27398 comm="syz.6.10039" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 295.677163][ T40] audit: type=1326 audit(2000000053.179:4916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27398 comm="syz.6.10039" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 295.685043][ T40] audit: type=1326 audit(2000000053.179:4917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27398 comm="syz.6.10039" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 295.690781][T27408] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.691904][ T40] audit: type=1326 audit(2000000053.179:4918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27398 comm="syz.6.10039" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 295.705627][ T40] audit: type=1326 audit(2000000053.179:4919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27398 comm="syz.6.10039" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 295.733082][T27411] sp0: Synchronizing with TNC [ 295.754428][T27413] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10045'. [ 295.757714][T27413] netlink: 'syz.6.10045': attribute type 20 has an invalid length. [ 295.760197][T27413] netlink: 'syz.6.10045': attribute type 21 has an invalid length. [ 295.790861][T27408] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.888322][T27420] netlink: 'syz.8.10048': attribute type 9 has an invalid length. [ 295.924905][T27408] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.985764][T27408] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.098550][T27408] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.107088][T27408] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.117660][T27408] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.125248][T27408] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 296.730863][T27458] netlink: 52 bytes leftover after parsing attributes in process `syz.7.10066'. [ 296.812414][ T5950] Bluetooth: hci5: command tx timeout [ 296.903965][T27469] netlink: 32 bytes leftover after parsing attributes in process `syz.7.10071'. [ 296.904073][T27465] netlink: 'syz.6.10070': attribute type 1 has an invalid length. [ 296.910743][T27465] nbd: error processing sock list [ 296.912814][T27465] block nbd0: shutting down sockets [ 298.033375][T27485] netlink: 52 bytes leftover after parsing attributes in process `syz.8.10076'. [ 298.352361][ T34] usb 13-1: new high-speed USB device number 2 using dummy_hcd [ 298.442091][T27517] bridge0: entered promiscuous mode [ 298.446479][T27517] macvlan2: entered promiscuous mode [ 298.502340][ T34] usb 13-1: Using ep0 maxpacket: 8 [ 298.514493][ T34] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 298.518453][ T34] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 298.522587][ T34] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 298.526642][ T34] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 298.531962][ T34] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 298.535525][ T34] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 298.749273][ T34] usb 13-1: GET_CAPABILITIES returned 0 [ 298.751076][ T34] usbtmc 13-1:16.0: can't read capabilities [ 298.953044][ T24] usb 13-1: USB disconnect, device number 2 [ 299.452565][ T1471] usb 11-1: new high-speed USB device number 4 using dummy_hcd [ 299.538320][T27570] netlink: 212376 bytes leftover after parsing attributes in process `syz.8.10118'. [ 299.607729][ T1471] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 299.615997][ T1471] usb 11-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 299.619906][ T1471] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.632147][ T1471] usb 11-1: config 0 descriptor?? [ 299.658601][T27576] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 299.756304][T27576] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 299.843175][ T40] kauditd_printk_skb: 74 callbacks suppressed [ 299.843186][ T40] audit: type=1326 audit(2000000057.399:4994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27590 comm="syz.7.10128" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 299.854501][ T40] audit: type=1326 audit(2000000057.399:4995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27590 comm="syz.7.10128" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f985a7 code=0x7ffc0000 [ 299.856009][T27576] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 299.863003][ T40] audit: type=1326 audit(2000000057.399:4996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27590 comm="syz.7.10128" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 299.863758][ T1471] usbhid 11-1:0.0: can't add hid device: -71 [ 299.863830][ T1471] usbhid 11-1:0.0: probe with driver usbhid failed with error -71 [ 299.865312][ T1471] usb 11-1: USB disconnect, device number 4 [ 299.881770][ T40] audit: type=1326 audit(2000000057.399:4997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27590 comm="syz.7.10128" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 299.892297][ T40] audit: type=1326 audit(2000000057.399:4998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27590 comm="syz.7.10128" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 299.899318][ T40] audit: type=1326 audit(2000000057.399:4999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27590 comm="syz.7.10128" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 299.913578][ T40] audit: type=1326 audit(2000000057.399:5000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27590 comm="syz.7.10128" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f985a7 code=0x7ffc0000 [ 299.920879][ T40] audit: type=1326 audit(2000000057.399:5001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27590 comm="syz.7.10128" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 299.928668][ T40] audit: type=1326 audit(2000000057.399:5002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27590 comm="syz.7.10128" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f985a7 code=0x7ffc0000 [ 299.936291][ T40] audit: type=1326 audit(2000000057.399:5003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27590 comm="syz.7.10128" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f98579 code=0x7ffc0000 [ 299.980492][T27576] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.055319][T27576] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.062115][T27576] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.070910][T27576] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.079504][T27576] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 300.599346][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.603319][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.605623][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.608207][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.610854][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.615394][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.618499][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.621505][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.624211][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.626669][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.628994][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.631296][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.633743][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.636028][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.639201][ T836] hid-generic 00A0:0008:0003.000D: unknown main item tag 0x0 [ 300.645485][ T836] hid-generic 00A0:0008:0003.000D: hidraw0: HID v0.05 Device [syz1] on syz0 [ 300.688888][T27653] netlink: 'syz.8.10157': attribute type 7 has an invalid length. [ 301.139079][T27701] random: crng reseeded on system resumption [ 301.284713][T27713] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.347809][T27725] syz.8.10189: attempt to access beyond end of device [ 301.347809][T27725] loop8: rw=6144, sector=128, nr_sectors = 8 limit=0 [ 301.352138][T27725] gfs2: error -5 reading superblock [ 301.374883][T27713] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.464194][T27713] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.475378][T27737] netlink: 28 bytes leftover after parsing attributes in process `syz.4.10197'. [ 301.540820][T27713] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.616591][T27713] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.635062][T27713] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.647626][T27713] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.659005][T27713] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 302.194651][T27772] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.245047][T27772] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.287944][T27772] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.335374][T27772] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 302.373315][ T6029] kernel read not supported for file /dsp (pid: 6029 comm: kworker/1:5) [ 303.417825][T27817] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 303.485733][T27817] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 303.555884][T27821] loop6: detected capacity change from 0 to 524287999 [ 303.558103][T27821] buffer_io_error: 24 callbacks suppressed [ 303.558111][T27821] Buffer I/O error on dev loop6, logical block 0, async page read [ 303.562526][T27821] Buffer I/O error on dev loop6, logical block 0, async page read [ 303.565104][T27821] Buffer I/O error on dev loop6, logical block 0, async page read [ 303.567589][T27821] Buffer I/O error on dev loop6, logical block 0, async page read [ 303.570226][T27821] Buffer I/O error on dev loop6, logical block 0, async page read [ 303.575021][T27821] Buffer I/O error on dev loop6, logical block 0, async page read [ 303.576333][T27817] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 303.578261][T27821] Buffer I/O error on dev loop6, logical block 0, async page read [ 303.584768][T27821] Buffer I/O error on dev loop6, logical block 0, async page read [ 303.587256][T27821] ldm_validate_partition_table(): Disk read failed. [ 303.589350][T27821] Buffer I/O error on dev loop6, logical block 0, async page read [ 303.591866][T27821] Buffer I/O error on dev loop6, logical block 0, async page read [ 303.594511][T27821] Dev loop6: unable to read RDB block 0 [ 303.596518][T27821] loop6: unable to read partition table [ 303.598313][T27821] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 303.636908][T27817] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 303.653934][T27821] ldm_validate_partition_table(): Disk read failed. [ 303.656363][T27821] Dev loop6: unable to read RDB block 0 [ 303.658584][T27821] loop6: unable to read partition table [ 303.660493][T27821] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 303.710785][T27817] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.719402][T27817] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.732795][T27817] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.747166][T27817] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.235326][T27772] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.241724][T27772] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.249355][T27772] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.258938][T27772] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.517197][T27872] block nbd8: NBD_DISCONNECT [ 304.997427][T27915] loop6: detected capacity change from 0 to 524287999 [ 305.000156][T27915] ldm_validate_partition_table(): Disk read failed. [ 305.006498][T27915] Dev loop6: unable to read RDB block 0 [ 305.008408][T27915] loop6: unable to read partition table [ 305.010226][T27915] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 305.076116][T27915] ldm_validate_partition_table(): Disk read failed. [ 305.078341][T27915] Dev loop6: unable to read RDB block 0 [ 305.080267][T27915] loop6: unable to read partition table [ 305.082512][T27915] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 305.360099][T27943] loop6: detected capacity change from 0 to 524287999 [ 305.364191][T27943] ldm_validate_partition_table(): Disk read failed. [ 305.367095][T27943] Dev loop6: unable to read RDB block 0 [ 305.369562][T27943] loop6: unable to read partition table [ 305.371885][T27943] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 305.434289][T27943] ldm_validate_partition_table(): Disk read failed. [ 305.436659][T27943] Dev loop6: unable to read RDB block 0 [ 305.439737][T27943] loop6: unable to read partition table [ 305.449949][T27943] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 305.562580][ T24] usb 13-1: new high-speed USB device number 3 using dummy_hcd [ 305.712577][ T24] usb 13-1: Using ep0 maxpacket: 8 [ 305.716723][ T24] usb 13-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 305.720298][ T24] usb 13-1: config 0 has no interfaces? [ 305.723818][ T24] usb 13-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 305.726551][ T24] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 305.728946][ T24] usb 13-1: Product: syz [ 305.730268][ T24] usb 13-1: Manufacturer: syz [ 305.731765][ T24] usb 13-1: SerialNumber: syz [ 305.734689][ T24] usb 13-1: config 0 descriptor?? [ 305.788541][T27957] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 305.793082][T27957] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 305.804674][T27957] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 305.809683][T27957] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 305.812362][T27957] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 305.818274][T27957] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 305.821744][T27957] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 305.825019][T27957] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 305.840035][T27539] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] SMP KASAN NOPTI [ 305.840207][T27957] Bluetooth: hci5: Opcode 0x0406 failed: -4 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 305.844827][T27539] KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f] [ 305.844848][T27539] CPU: 1 UID: 0 PID: 27539 Comm: kbnepd bnep0 Not tainted 6.16.0-rc2-syzkaller-00231-g75f5f23f8787 #0 PREEMPT(full) [ 305.844870][T27539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 305.844881][T27539] RIP: 0010:klist_put+0x4d/0x1b0 [ 305.862996][T27539] Code: c1 ea 03 80 3c 02 00 0f 85 5f 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 23 49 83 e4 fe 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 2e 01 00 00 4c 89 e7 4d 8b 74 24 58 e8 2c 20 0d [ 305.870997][T27539] RSP: 0018:ffffc9000c607950 EFLAGS: 00010202 [ 305.873469][T27539] RAX: dffffc0000000000 RBX: ffff88805eea3060 RCX: ffffffff825fb61d [ 305.876762][T27539] RDX: 000000000000000b RSI: ffffffff8b71c035 RDI: 0000000000000058 [ 305.879947][T27539] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 305.883147][T27539] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 [ 305.886242][T27539] R13: 0000000000000001 R14: ffffc9000c607b38 R15: 0000000000000000 [ 305.889435][T27539] FS: 0000000000000000(0000) GS:ffff88809765f000(0000) knlGS:0000000000000000 [ 305.893050][T27539] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 305.895732][T27539] CR2: 00000000574664c0 CR3: 000000005c705000 CR4: 0000000000352ef0 [ 305.898864][T27539] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 305.901251][T27539] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 305.903655][T27539] Call Trace: [ 305.904724][T27539] [ 305.905673][T27539] device_del+0x1d8/0x9f0 [ 305.907048][T27539] ? __pfx_device_del+0x10/0x10 [ 305.908567][T27539] ? netdev_unregister_kobject+0x2da/0x540 [ 305.910352][T27539] unregister_netdevice_many_notify+0x1903/0x2700 [ 305.912327][T27539] ? rcu_is_watching+0x12/0xc0 [ 305.913803][T27539] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 305.915870][T27539] ? rtnl_net_dev_lock+0x146/0x360 [ 305.917463][T27539] ? __pfx___mutex_lock+0x10/0x10 [ 305.919021][T27539] unregister_netdevice_queue+0x305/0x3f0 [ 305.920758][T27539] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 305.922633][T27539] ? rtnl_net_dev_lock+0x28/0x360 [ 305.924193][T27539] ? rtnl_net_dev_lock+0x146/0x360 [ 305.925748][T27539] ? rtnl_lock+0x9/0x20 [ 305.927020][T27539] ? rtnl_net_dev_lock+0x146/0x360 [ 305.928602][T27539] unregister_netdev+0x1f/0x60 [ 305.930059][T27539] bnep_session+0x224e/0x2d80 [ 305.931533][T27539] ? __smp_call_single_queue+0x161/0x2f0 [ 305.933235][T27539] ? __pfx_bnep_session+0x10/0x10 [ 305.934790][T27539] ? do_raw_spin_lock+0x12c/0x2b0 [ 305.936341][T27539] ? __pfx_woken_wake_function+0x10/0x10 [ 305.938050][T27539] ? rcu_is_watching+0x12/0xc0 [ 305.939502][T27539] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 305.941300][T27539] ? lockdep_hardirqs_on+0x7c/0x110 [ 305.942851][T27539] ? __kthread_parkme+0x19e/0x250 [ 305.944380][T27539] ? __pfx_bnep_session+0x10/0x10 [ 305.945901][T27539] kthread+0x3c5/0x780 [ 305.947168][T27539] ? __pfx_kthread+0x10/0x10 [ 305.948602][T27539] ? rcu_is_watching+0x12/0xc0 [ 305.950096][T27539] ? __pfx_kthread+0x10/0x10 [ 305.951574][T27539] ret_from_fork+0x5d7/0x6f0 [ 305.953004][T27539] ? __pfx_kthread+0x10/0x10 [ 305.954432][T27539] ret_from_fork_asm+0x1a/0x30 [ 305.955927][T27539] [ 305.956904][T27539] Modules linked in: [ 305.958438][T27539] ---[ end trace 0000000000000000 ]--- [ 305.960233][T27539] RIP: 0010:klist_put+0x4d/0x1b0 [ 305.961885][T27539] Code: c1 ea 03 80 3c 02 00 0f 85 5f 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 23 49 83 e4 fe 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 2e 01 00 00 4c 89 e7 4d 8b 74 24 58 e8 2c 20 0d [ 305.967895][T27539] RSP: 0018:ffffc9000c607950 EFLAGS: 00010202 [ 305.969786][T27539] RAX: dffffc0000000000 RBX: ffff88805eea3060 RCX: ffffffff825fb61d [ 305.972731][T27539] RDX: 000000000000000b RSI: ffffffff8b71c035 RDI: 0000000000000058 [ 305.975410][T27539] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 305.976056][ T5998] usb 13-1: USB disconnect, device number 3 [ 305.977898][T27539] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 [ 305.983006][T27539] R13: 0000000000000001 R14: ffffc9000c607b38 R15: 0000000000000000 [ 305.985607][T27539] FS: 0000000000000000(0000) GS:ffff88809765f000(0000) knlGS:0000000000000000 [ 305.988747][T27539] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 305.991413][T27539] CR2: 00000000574664c0 CR3: 000000005c705000 CR4: 0000000000352ef0 [ 305.994600][T27539] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 305.997242][T27539] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 305.999718][T27539] Kernel panic - not syncing: Fatal exception [ 306.002607][T27539] Kernel Offset: disabled [ 306.004117][T27539] Rebooting in 86400 seconds.. VM DIAGNOSIS: 12:49:50 Registers: info registers vcpu 0 CPU#0 RAX=000000000013360c RBX=0000000000000000 RCX=ffffffff8b7c4be9 RDX=ffffed1005646646 RSI=ffffffff8c1562e0 RDI=ffffffff81918571 RBP=fffffbfff1c52ef0 RSP=ffffffff8e207e08 R8 =0000000000000000 R9 =ffffed1005646645 R10=ffff88802b23322b R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e297780 R14=ffffffff90a83250 R15=0000000000000000 RIP=ffffffff8b7c374f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809755f000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000003090effc CR3=0000000064a4b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001f800000000 0000000900000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000000003a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85580c55 RDI=ffffffff9b06da00 RBP=ffffffff9b06d9c0 RSP=ffffc9000c6072b8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000004153414b R12=0000000000000000 R13=000000000000003a R14=ffffffff9b06d9c0 R15=ffffffff85580bf0 RIP=ffffffff85580c7f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809765f000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000574664c0 CR3=000000005c705000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000006000000000 0000000100000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000006000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000080080783 RBX=0000000000000000 RCX=ffff8880445b9070 RDX=000000000000009d RSI=ffffffff86a504b8 RDI=ffff8880445b92d0 RBP=0000000000000001 RSP=ffffc90000538b60 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000005c99 R12=0000000000000001 R13=0000000000004a38 R14=ffff8880445b9070 R15=0000000000000001 RIP=ffffffff86a504ff RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809775f000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7f96e40 CR3=000000004c4fc000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7432ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff91499620 RDX=0000000000000005 RSI=0000000000000001 RDI=ffffffff90c1dd40 RBP=ffffc9000360f128 RSP=ffffc9000360f070 R8 =ffffffff91499624 R9 =0000000000000000 R10=ffffc9000360f0e0 R11=0000000000010b3b R12=ffffc9000360f130 R13=ffffc9000360f0e0 R14=0000000000000005 R15=0000000000000000 RIP=ffffffff816a8cba RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809785f000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fffd6db6ecc CR3=000000004a025000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=ee89ec1c5faf0f18 aa8ec412ec7b259b ee89ec1c5faf0f18 aa8ec412ec7b259b ee89ec1c5faf0f18 aa8ec412ec7b259b ee89ec1c5faf0f18 aa8ec412ec7b259b ZMM18=8f460a8b1355f49a 40f0c20cc5536648 8f460a8b1355f49a 40f0c20cc5536648 8f460a8b1355f49a 40f0c20cc5536648 8f460a8b1355f49a 40f0c20cc5536648 ZMM19=ec45000000000000 0000000000000005 ec45000000000000 0000000000000004 ec45000000000000 0000000000000003 ec45000000000000 0000000000000002 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2b900307f7de0800 2b8803c894bfdfec 470c080980030980 022b800306800200 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0800040074d20034 2f646601ffffffff fffffffff5080680 0300040002800800 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000201c708000801 48e400306d656d70 2f7665642f01ffff ffffffffffffe908 ZMM24=c5536648c5536648 c5536648c5536648 c5536648c5536648 c5536648c5536648 c5536648c5536648 c5536648c5536648 c5536648c5536648 c5536648c5536648 ZMM25=40f0c20c40f0c20c 40f0c20c40f0c20c 40f0c20c40f0c20c 40f0c20c40f0c20c 40f0c20c40f0c20c 40f0c20c40f0c20c 40f0c20c40f0c20c 40f0c20c40f0c20c ZMM26=1355f49a1355f49a 1355f49a1355f49a 1355f49a1355f49a 1355f49a1355f49a 1355f49a1355f49a 1355f49a1355f49a 1355f49a1355f49a 1355f49a1355f49a ZMM27=8f460a8b8f460a8b 8f460a8b8f460a8b 8f460a8b8f460a8b 8f460a8b8f460a8b 8f460a8b8f460a8b 8f460a8b8f460a8b 8f460a8b8f460a8b 8f460a8b8f460a8b ZMM28=000000600000005f 0000005e0000005d 0000005c0000005b 0000005a00000059 0000005800000057 0000005600000055 0000005400000053 0000005200000051 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=eb450000eb450000 eb450000eb450000 eb450000eb450000 eb450000eb450000 eb450000eb450000 eb450000eb450000 eb450000eb450000 eb450000eb450000