last executing test programs: 8.097338421s ago: executing program 3 (id=1733): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) socket(0x400000000010, 0x3, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff) r2 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) recvmmsg$unix(r2, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0) sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, 0x0, 0x0) 6.909877459s ago: executing program 3 (id=1738): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r1, &(0x7f0000000700)={&(0x7f0000000040)=@id={0x1e, 0x3, 0x1, {0x4e20}}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000200)="6f19c9", 0x3}], 0x1, 0x0, 0x0, 0x4000000}, 0x800) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r2}, 0x10) capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x1000, 0x10ffff, 0xfffffffd, 0x0, 0xfffff05b}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x11, 0x7b, 0x80000001, 0x4, 0x41282, 0xffffffffffffffff, 0x7fff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x1a, 0xf, &(0x7f0000000000)=@ringbuf={{0x18, 0x2}, {{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0x2}, {}, {0x85, 0x0, 0x0, 0x9c}}}, &(0x7f0000000200)='GPL\x00'}, 0x90) r4 = socket$inet(0x2, 0x2, 0x1) setsockopt$inet_int(r4, 0x0, 0x13, &(0x7f0000000040)=0x7, 0x4) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) setpriority(0x0, 0x0, 0x10000) timerfd_settime(0xffffffffffffffff, 0x3, 0x0, 0x0) mq_open(&(0x7f0000000180)='\r\x00elinu\xef\xe3elinux\x00\x96\xf6\x92\n#*\xac\x05\xce\xf8D\\\x9a\xe6[]L+\xf6\v\xe8\xf2\xd3\b\x15\n\xb8F!Q9o\x1f#\xbdt\r\xfb\"\x18%\xfdM\xaf_t\xd2\xdcJ\x10\a\xbab\x1a\xdf\xb1\xbdU\xd7Lo\xe7\xac\x81\x10k\xce-\xf5@\xbb\x9d;\xe8\xf6\xffQ\x04\xaai\x92k\x1b;\xddM\xa2\xe1-\x0e\xd8\xde\x00\xff\x18\xdd\bL\xfb\xa2.\xb6{\xb5\x85#\x88\xdc\xf0\x0f\x05\xf1\xc4 \xdeV\x80q\xf7\x04\xf5\x85T\x1f\xc2S]*\xc9lw\xd3J\xc5\xe8\x02\xcb\xbbAHxr\xac\xb77F\xdf\x1c\xcb\xd4\xce\x88L\xf1\xf9[\x98\xd4+pTx\x95\xb5\x1b]x\x1a\x95\xe1c6\xe7`83\xb7n#\xe0\xc1_\xec\xba\xde\a\x8b\xc5\x86woo\xbc\x1c\xa3r\x82\xf3enq-\x90/\xed\xff\xad+\x03\x10\t\xda\xfd\xa2\xd0\xef4\n%\xf1\xd8', 0x6e93ebbbcc0884f2, 0x0, 0x0) 5.998521512s ago: executing program 3 (id=1742): socket$key(0xf, 0x3, 0x2) socket$key(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4b, 0x9, 0x8, 0x0, 0x400003}, 0x0) getsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x20, 0x0, &(0x7f0000001040)=0x5d) syz_usb_connect(0x0, 0x5f, 0x0, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001400)=@newtaction={0x48, 0x30, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [{0x34, 0x1, [@m_pedit={0x30, 0x1, 0x0, 0x0, {{0xa}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4081}, 0x2400c800) write$6lowpan_control(r2, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b) 5.531004314s ago: executing program 0 (id=1744): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x40, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000026c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}]}], {0xfffffffffffffd2f}}, 0x78}, 0x1, 0x0, 0x0, 0x4000}, 0x884) socket$nl_generic(0x10, 0x3, 0x10) 4.611763756s ago: executing program 0 (id=1749): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) socket(0xa, 0x3, 0x3a) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f00000000c0)={0x2, &(0x7f0000000040)=[{0x40, 0x25, 0x2, 0x8}, {0x6, 0x0, 0x6, 0x1}]}, 0x8) bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x2}, 0x6) setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000340)={'pim6reg\x00', 0x2}) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040f610100"], 0x7) shmctl$SHM_INFO(0x0, 0xe, 0x0) ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0) 4.374428646s ago: executing program 2 (id=1751): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000100)=@req={0x3fc, 0x4000}, 0x10) r3 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0) r4 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42) ioctl$LOOP_CONFIGURE(r4, 0x4c0a, 0x0) recvfrom(r2, &(0x7f0000000140)=""/104, 0x68, 0x12020, 0x0, 0x0) clock_settime(0x0, 0x0) quotactl$Q_GETINFO(0xffffffff80000501, &(0x7f00000001c0)=@nbd={'/dev/nbd', 0x0}, 0x0, 0x0) 3.687824105s ago: executing program 1 (id=1755): socket(0x2b, 0x80801, 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0x3, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x7c}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40010) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket(0x2c, 0x4, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setrlimit(0xc, 0x0) add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0xfffff, 0xffffffffffffffff) 3.599326221s ago: executing program 0 (id=1756): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x84, &(0x7f0000000000), 0x90) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000e40)={&(0x7f0000000280)={0x2, 0x4e23, @remote}, 0x10, &(0x7f0000000600)=[{0x0}], 0x1}, 0x40) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0xf8e14000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) r3 = syz_io_uring_setup(0x487, &(0x7f00000000c0)={0x0, 0x9010, 0x100, 0x4, 0x165}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000000140)={&(0x7f0000001000)={[{0x0, 0x5, 0x3, 0x700}]}, 0x1, 0x1}, 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x0, r2, 0x0, 0x0, 0x0, 0x60, 0x1, {0x1}}) io_uring_enter(r3, 0x3517, 0x173d, 0x42, 0x0, 0x0) 3.261579357s ago: executing program 2 (id=1757): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) socket(0x2, 0xa, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000002e40)='./file0\x00', 0xc0240, 0x0) mount$9p_unix(&(0x7f0000004ac0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000059c0)='./file0\x00', &(0x7f0000005a00), 0x0, &(0x7f0000005a40)) 2.658241535s ago: executing program 0 (id=1758): pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x1000, 0x0, @loopback}, 0x1c) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=0x0) timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) splice(r1, 0x0, r0, 0x0, 0x10000008ebc, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) socket$nl_netfilter(0x10, 0x3, 0xc) openat$dir(0xffffffffffffff9c, 0x0, 0x140, 0x1a0) socketpair$unix(0x1, 0x2, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) 2.604021584s ago: executing program 1 (id=1759): syz_open_dev$video(0x0, 0x101, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) r1 = socket$inet(0x2, 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={0xffffffffffffffff}, 0x13f, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r2, &(0x7f0000000180)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e25, 0x10001, @local, 0xb}, r3}}, 0x30) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, 0x0, 0x0) mount_setattr(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x100004, 0x10001d, 0x40000}, 0x20) write$RDMA_USER_CM_CMD_CONNECT(r2, 0x0, 0x0) write$RDMA_USER_CM_CMD_NOTIFY(r2, &(0x7f00000000c0)={0xf, 0x8, 0xfa00, {r3, 0x4}}, 0x10) setsockopt$inet_mreqn(r1, 0x0, 0x28, 0x0, 0x0) sendmsg$ETHTOOL_MSG_PAUSE_SET(r0, 0x0, 0x0) 2.599324761s ago: executing program 3 (id=1760): sched_setscheduler(0x0, 0x1, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58) r5 = accept4(r4, 0x0, 0x0, 0x800) recvmmsg$unix(r5, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x28, 0x2b, 0xb, 0x20000000, 0x0, {0x5}, [@typed={0xa, 0x3, 0x0, 0x0, @str='{yzr\n\xe1'}, @nested={0x8, 0x1, 0x0, 0x1, [@typed={0x4, 0xe8, 0x0, 0x0, @binary}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x8000) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) io_uring_enter(0xffffffffffffffff, 0x3517, 0x173d, 0x42, 0x0, 0x0) 2.360914039s ago: executing program 1 (id=1761): socket$inet_udplite(0x2, 0x2, 0x88) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) socket(0x10, 0x3, 0x6) r1 = open(&(0x7f0000000000)='.\x00', 0x800000, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xa, 0x4, &(0x7f0000000180)=ANY=[@ANYRES32=r1], 0x0, 0x9, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback=0xd33638f234726102, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, r1, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, &(0x7f0000000180)) 2.310129251s ago: executing program 1 (id=1762): socket$nl_route(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) lsm_set_self_attr(0x66, 0x0, 0x20, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x9, 0x6, 0x0, 0x5}, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) ioctl$USBDEVFS_CLEAR_HALT(r3, 0xc0105502, &(0x7f0000000300)={0x1, 0x1}) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d) 1.922052635s ago: executing program 2 (id=1763): r0 = socket$inet(0x2, 0x3, 0x6) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r2, 0xfffffffc) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x30, r5, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x6}]}]}, 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x28, r7, 0x1, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1a}]}]}, 0x28}}, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) 1.848972088s ago: executing program 2 (id=1764): ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)={0x24, 0x0, 0x1, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r0}, @void}}, [@NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x60000}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x8abb29e09f442f35, 0xffffffffffffffff, 0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = dup(0xffffffffffffffff) write$6lowpan_enable(r1, 0x0, 0x0) r2 = syz_io_uring_setup(0x239, 0x0, &(0x7f0000000180)=0x0, 0x0) syz_io_uring_submit(r3, 0x0, 0x0) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r4 = openat$audio(0xffffffffffffff9c, 0x0, 0xa2442, 0x0) ioctl$SNDCTL_DSP_SYNC(r4, 0x5001, 0x0) r5 = socket$kcm(0x10, 0x2, 0x0) ioctl$sock_ifreq(0xffffffffffffffff, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'}) bind$rose(0xffffffffffffffff, &(0x7f00000002c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x5, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x40) connect$rose(0xffffffffffffffff, &(0x7f00000001c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x40) sendmsg$kcm(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a001000000002800000128c", 0x2e}], 0x1}, 0x0) 1.079302523s ago: executing program 1 (id=1765): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, 0x0, 0x0) io_setup(0x82, 0x0) syz_open_procfs(0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_NMI(r4, 0xae9a) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 1.07907325s ago: executing program 2 (id=1766): r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x80001) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r2, 0x400448de, &(0x7f0000000080)) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x1}) io_setup(0x2ae1, &(0x7f0000000180)=0x0) r4 = eventfd2(0x10000, 0x800) prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000ff4000/0x2000)=nil) io_submit(r3, 0x1, &(0x7f0000004200)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x40, r1, &(0x7f00000001c0)="20520fdd26bf4a7ce6cdcbc4af395590c42900eee3a1669387719013b2b2a3b4", 0x20, 0x0, 0x0, 0x3, r4}]) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) mprotect(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x5) r5 = ioctl$USERFAULTFD_IOC_NEW(0xffffffffffffffff, 0xaa00) ioctl$UFFDIO_WAKE(r5, 0x8010aa02, &(0x7f0000000000)={&(0x7f0000572000/0x2000)=nil, 0x2000}) r6 = syz_io_uring_complete(r0) syz_emit_ethernet(0x32, &(0x7f0000000000)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @multicast1}, {0x4e24, 0x17c1, 0x10, 0x0, @gue={{0x2, 0x0, 0x3, 0xfc}}}}}}}, 0x0) ioctl$PPPIOCSACTIVE(r6, 0x40087446, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x4, 0xe8, 0x40, 0x8}]}) 1.078921176s ago: executing program 3 (id=1767): ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, &(0x7f00000000c0)={'pcl816\x00', [0x8001, 0x4, 0x1, 0x5, 0x67, 0xcc7, 0x8, 0x7, 0xa, 0x4, 0xfffffffe, 0x1, 0x820, 0x1, 0x6, 0xfffffeff, 0x979d, 0x1a44d, 0xf7ffffe3, 0x40000003, 0x89, 0x2, 0xf27, 0x20001e58, 0xfffffbff, 0x8, 0x3c, 0x8, 0x9, 0x10000, 0xfffffff8]}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_io_uring_setup(0x498, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x400246}, &(0x7f0000000340)=0x0, &(0x7f00000006c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) syz_io_uring_submit(r4, r5, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000100)=@IORING_OP_LINKAT={0x27, 0x8, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1}) io_uring_enter(r3, 0x4c6e, 0xc67a, 0x8, 0x0, 0x0) 1.074999781s ago: executing program 0 (id=1773): openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180), &(0x7f00000001c0)) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$NL80211_CMD_SET_MAC_ACL(r1, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)={0x80, 0x0, 0x100, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x6e}}}}, [@NL80211_ATTR_MAC_ADDRS={0x58, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @broadcast}, {0xa}, {0xa, 0x6, @device_b}, {0xa}, {0xa, 0x6, @broadcast}, {0xa}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x440}, 0x40009d0) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8) bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x70, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x40810}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0xffff}, 0x8) close(r2) 180.208326ms ago: executing program 0 (id=1768): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socket$igmp6(0xa, 0x3, 0x2) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$alg(0x26, 0x5, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, 0x0, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000001580)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in=@local, 0x0, 0x0, 0x4e24, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0xfffffffffffffffe}, {0x0, 0x0, 0x0, 0x5c}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x4d2, 0x33}, 0x0, @in=@private=0xa010100, 0x3506, 0x0, 0x2, 0xb7, 0x2}}, 0xe8) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x1c) 172.415905ms ago: executing program 3 (id=1769): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) pipe2(0x0, 0x0) timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) splice(r1, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0) r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xf691, 0x10100, 0x3, 0x169}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x708, 0x41e3, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) r6 = memfd_create(&(0x7f0000000080), 0x0) socket$vsock_stream(0x28, 0x1, 0x0) splice(r5, 0x0, r6, 0x0, 0x408cd, 0x0) 63.157396ms ago: executing program 1 (id=1770): socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000) sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x20, 0x7, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x84) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}}) madvise(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x4) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x48, 0x10, 0x1, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x2102, 0x22008}, [@IFLA_IFNAME={0x14, 0x3, 'netdevsim0\x00'}, @IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_LINK_STATE={0xc, 0x5, {0x4, 0x6}}]}]}]}, 0x48}}, 0x0) r3 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r3, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000001980)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f00000011c0)={{0x14}, [@NFT_MSG_DELTABLE={0x160, 0x2, 0xa, 0x5, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_USERDATA={0x5b, 0x6, "e45210619979608d2bcebfefe998015e6811f74afb243a5c139705071b27c0a91ae12f3d7fdd9e355ef1b564a01575f30b05f7dcbb23a374aad0bf20ce85c84fa23b16788c8d0a968985c5b76004593b6bef62484b74c1"}, @NFTA_TABLE_USERDATA={0x18, 0x6, "47549738d9768a7b37fe4945686cd38f9c9ef0b0"}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_USERDATA={0xb6, 0x6, "47447792f75f6a79819376b3fbabbdf8cc674502bbe138974c00a0a6223fef0e50ac8c5e26e10c2b9bd7bba3ec5f8d31d3faf4540dd91e0cc70d309fedabdcecaa33f43bffaea70d4b6cc6147c473a5266049c794675365f4a3663aefab9e0102b5d81bed0cbf08d7f26cbe54616287fe9e16c1161e6c538baf0073d34b7fc64b08c02c7477909bc8be03fdc5b330fc0a286eda6e3091f96484820b7310ef473e0cf8faf80f5ed9f43235bac84f996d4b4f9"}]}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x401, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSET={0x180, 0x9, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xa}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x4}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xbc}, @NFTA_SET_DESC={0x138, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x8c, 0x2, 0x0, 0x1, [{0x44, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffffff7f}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xa7dc}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9b5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x59}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xd4e7}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}]}, {0x44, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x101}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xbaa3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x400}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc57}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}]}]}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_DESC_CONCAT={0x50, 0x2, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x80000000}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffff7}]}]}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_DESC_CONCAT={0x40, 0x2, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x81}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffffffff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x401}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2b}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}]}]}]}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}]}, @NFT_MSG_NEWRULE={0x278, 0x6, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_RULE_USERDATA={0xab, 0x7, 0x1, 0x0, "39f5b2d8feba0ee4f8278d6f0bfcbfb074a4cfe1b3b461f0cfdab58f00b3e43d20ed75d787e4ded3e9382d1f7981f4d277f1a437a47c0287b86fe0c2c438a499a2ad0fdef560354ea615f4d3c1ded6442b7906026b6c2a8bf0a917d979c081a68bb98c18509f7eaaa03310c8f9e94584d42a6b207d4c0912e246f92e7da4dd36ff499f3db9d59fb0ea5c69c67ca93fdc76200d3fd245dc0d73e67e33f9c68ccb4339e1e2c568dc"}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_RULE_USERDATA={0x8d, 0x7, 0x1, 0x0, "01721d2d4ca9da4dbb922cdbaffa33ac385e11976c32ec06a0e4e111c44bcf06e204fb982fd3454b9223f41d285fbed0998d20c8d9eb2a8f80c2f790828d774320f1efccc2f25fa3cffb424992bf24212dc3cd098d22f8487427fde9126bec97fda8bc1173a45cd560305d2cf379a03abd1d54844751eae97205a75d96b176f59dad4d4da1b0c74a4c"}, @NFTA_RULE_EXPRESSIONS={0x10c, 0x4, 0x0, 0x1, [{0x5c, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x4c, 0x2, 0x0, 0x1, [@NFTA_NG_OFFSET={0x8, 0x4, 0x1, 0x0, 0x81}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x12}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_NG_TYPE={0x8}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x7}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x17}, @NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0x80000000}, @NFTA_NG_TYPE={0x8}]}}}, {0x10, 0x1, 0x0, 0x1, @dynset={{0xb}, @void}}, {0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}, {0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x11}]}}}, {0x10, 0x1, 0x0, 0x1, @reject={{0xb}, @void}}, {0xc, 0x1, 0x0, 0x1, @fib={{0x8}, @void}}, {0x44, 0x1, 0x0, 0x1, @objref={{0xb}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_OBJREF_SET_SREG={0x8, 0x3, 0x1, 0x0, 0x11}, @NFTA_OBJREF_SET_SREG={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_OBJREF_SET_SREG={0x8, 0x3, 0x1, 0x0, 0xf}, @NFTA_OBJREF_SET_ID={0x8}, @NFTA_OBJREF_IMM_TYPE={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_OBJREF_SET_SREG={0x8, 0x3, 0x1, 0x0, 0xc}]}}}, {0x10, 0x1, 0x0, 0x1, @last={{0x9}, @void}}]}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}]}, @NFT_MSG_DELCHAIN={0x154, 0x5, 0xa, 0x3, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_CHAIN_USERDATA={0xd3, 0xc, "8796fa4cada158bf97b7176b4c3e4171d3e7e203fc7ddef312218aecd73f2a5023a239714fff92bece7931595f75018b5e5dc3962fbfbcc06415d6e3207419c9fdd5bb99f1a298054d3f79d7b0159f62bb91677a7780c10a257dbe667814e23ab70f3835b967aea08296e23e741e38601188575c1f1be550f10c4b2f83b36cb7e04cb7efe055ed18a72b7d075ed937c683ebe42ca7e9437b6915a7c0ef8989d85e8a18d966e4086c6e24cf99f284628fa92f24e6d003a7113bf8c57c9bfca934dd9d62a6e4ca4c3f1f141622efbfd6"}, @NFTA_CHAIN_HOOK={0x30, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x245ce3b7}, @NFTA_HOOK_DEV={0x14, 0x3, 'xfrm0\x00'}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x50a38782}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x31d6d180}]}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffc}]}, @NFT_MSG_DELRULE={0x40, 0x8, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_RULE_USERDATA={0x1e, 0x7, 0x1, 0x0, "eb6cb6518086beaa0dc9e380a27ea71c60541e78c8b2801cce2f"}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x784}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) 0s ago: executing program 2 (id=1771): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfe, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xffffffff, 0x11e41e7a, 0xffffffffffffffff, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x8000}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x14, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$pokeuser(0x6, r3, 0x118, 0x50000089) kernel console output (not intermixed with test programs): e 0, class 0) [ 127.286562][ T6024] em28xx 7-1:0.0: DVB interface 0 found: bulk [ 127.887045][ T6024] em28xx 7-1:0.0: unknown em28xx chip ID (0) [ 128.243253][ T7701] lo speed is unknown, defaulting to 1000 [ 128.301025][ T40] audit: type=1326 audit(1758794636.052:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.0.460" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 128.313557][ T40] audit: type=1326 audit(1758794636.052:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.0.460" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 128.317562][ T7699] kvm: requested 74590 ns i8254 timer period limited to 200000 ns [ 128.321538][ T40] audit: type=1326 audit(1758794636.072:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.0.460" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 128.331839][ T40] audit: type=1326 audit(1758794636.072:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.0.460" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 128.339818][ T40] audit: type=1326 audit(1758794636.072:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.0.460" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 128.360558][ T40] audit: type=1326 audit(1758794636.112:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.0.460" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 128.368312][ T40] audit: type=1326 audit(1758794636.132:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7697 comm="syz.0.460" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 128.377646][ T7699] kvm: requested 81295 ns i8254 timer period limited to 200000 ns [ 128.383429][ T7699] kvm: requested 182704 ns i8254 timer period limited to 200000 ns [ 128.406957][ T6024] em28xx 7-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 128.408653][ T7699] kvm: requested 75428 ns i8254 timer period limited to 200000 ns [ 128.410530][ T6024] em28xx 7-1:0.0: board has no eeprom [ 128.622049][ T7716] input: syz1 as /devices/virtual/input/input7 [ 129.485728][ T7708] em28xx 7-1:0.0: failed to get i2c transfer status from bridge register (error=-5) [ 129.543117][ T6024] em28xx 7-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 129.546238][ T6024] em28xx 7-1:0.0: dvb set to bulk mode. [ 129.548905][ T6017] em28xx 7-1:0.0: Binding DVB extension [ 129.582236][ T6017] em28xx 7-1:0.0: Registering input extension [ 130.094512][ T7732] netlink: 'syz.1.459': attribute type 5 has an invalid length. [ 130.097002][ T7732] netlink: 'syz.1.459': attribute type 2 has an invalid length. [ 130.099954][ T7732] netlink: 'syz.1.459': attribute type 1 has an invalid length. [ 130.102351][ T7732] netlink: 8 bytes leftover after parsing attributes in process `syz.1.459'. [ 130.372797][ T6652] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 130.517152][ T6017] usb 7-1: USB disconnect, device number 2 [ 130.532940][ T6017] em28xx 7-1:0.0: Disconnecting em28xx [ 130.534930][ T6017] em28xx 7-1:0.0: Closing input extension [ 130.536676][ T6652] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 130.542663][ T6652] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 130.545355][ T6652] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 130.548620][ T6652] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 130.552570][ T6652] usb 6-1: config 0 descriptor?? [ 130.556559][ T7740] tipc: Started in network mode [ 130.558343][ T7740] tipc: Node identity 32b0f7e26fc5, cluster identity 4711 [ 130.560637][ T7740] tipc: Enabled bearer , priority 0 [ 130.564450][ T7740] syzkaller0: entered promiscuous mode [ 130.566133][ T7740] syzkaller0: entered allmulticast mode [ 130.571638][ T6017] em28xx 7-1:0.0: Freeing device [ 130.574641][ T7740] tipc: Resetting bearer [ 130.579080][ T7739] tipc: Resetting bearer [ 130.587747][ T7739] tipc: Disabling bearer [ 131.690313][ T7758] netlink: 4 bytes leftover after parsing attributes in process `syz.3.470'. [ 132.366211][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.368633][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.096273][ T7788] overlayfs: failed to get index nlink (file1/file7, err=-61) [ 133.145887][ T7792] netlink: 220 bytes leftover after parsing attributes in process `syz.0.479'. [ 133.149054][ T7792] netlink: 28 bytes leftover after parsing attributes in process `syz.0.479'. [ 133.152488][ T7792] netlink: 28 bytes leftover after parsing attributes in process `syz.0.479'. [ 133.158568][ T6552] usb 6-1: USB disconnect, device number 3 [ 133.160168][ T7792] netlink: 28 bytes leftover after parsing attributes in process `syz.0.479'. [ 133.165512][ T7792] netlink: 28 bytes leftover after parsing attributes in process `syz.0.479'. [ 133.175409][ T7792] netlink: 27 bytes leftover after parsing attributes in process `syz.0.479'. [ 134.179033][ T40] kauditd_printk_skb: 29 callbacks suppressed [ 134.179048][ T40] audit: type=1800 audit(1758794641.932:227): pid=7809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.484" name="/" dev="9p" ino=2 res=0 errno=0 [ 138.231104][ T7858] syzkaller0: entered promiscuous mode [ 138.233199][ T7858] syzkaller0: entered allmulticast mode [ 140.320714][ T40] audit: type=1326 audit(1758794648.062:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.3.508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 140.329415][ T40] audit: type=1326 audit(1758794648.062:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.3.508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 140.342788][ T40] audit: type=1326 audit(1758794648.072:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.3.508" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 140.354147][ T40] audit: type=1326 audit(1758794648.072:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.3.508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 140.372794][ T40] audit: type=1326 audit(1758794648.072:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.3.508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 140.383589][ T40] audit: type=1326 audit(1758794648.072:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.3.508" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 140.396373][ T40] audit: type=1326 audit(1758794648.072:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.3.508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 140.410715][ T40] audit: type=1326 audit(1758794648.072:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.3.508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 140.418807][ T40] audit: type=1326 audit(1758794648.072:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.3.508" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 140.578179][ T40] audit: type=1326 audit(1758794648.332:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7886 comm="syz.3.508" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 140.875656][ T7899] overlayfs: failed to resolve './file0': -2 [ 141.216992][ T7907] bond1: entered allmulticast mode [ 141.219341][ T7907] 8021q: adding VLAN 0 to HW filter on device bond1 [ 141.242787][ T29] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 141.269743][ T6017] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 141.279637][ T6017] hid-generic 0000:0000:0000.0005: hidraw1: HID v0.00 Device [syz1] on syz0 [ 141.404249][ T29] usb 7-1: config 0 has no interfaces? [ 141.414850][ T29] usb 7-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 141.419145][ T29] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 141.431125][ T29] usb 7-1: Product: syz [ 141.435330][ T29] usb 7-1: Manufacturer: syz [ 141.441106][ T29] usb 7-1: SerialNumber: syz [ 141.450873][ T29] usb 7-1: config 0 descriptor?? [ 141.695417][ T29] usb 7-1: USB disconnect, device number 3 [ 143.294860][ T7939] netlink: 12 bytes leftover after parsing attributes in process `syz.1.525'. [ 143.303915][ T7937] mmap: syz.2.524 (7937) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 143.341780][ T7939] netlink: 4 bytes leftover after parsing attributes in process `syz.1.525'. [ 143.621345][ T7948] netlink: 4 bytes leftover after parsing attributes in process `syz.2.528'. [ 143.625566][ T7948] netlink: 4 bytes leftover after parsing attributes in process `syz.2.528'. [ 143.636298][ T839] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 143.640356][ T839] hid-generic 0000:0000:0000.0006: hidraw1: HID v0.00 Device [syz1] on syz0 [ 146.162861][ T1020] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 146.423819][ T1020] usb 5-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 146.427203][ T1020] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 146.429721][ T1020] usb 5-1: Product: syz [ 146.431062][ T1020] usb 5-1: Manufacturer: syz [ 146.452742][ T1020] usb 5-1: SerialNumber: syz [ 146.900303][ T1020] rtl8150 5-1:1.0: couldn't reset the device [ 146.902425][ T1020] rtl8150 5-1:1.0: probe with driver rtl8150 failed with error -5 [ 146.907460][ T1020] usb 5-1: USB disconnect, device number 5 [ 148.777157][ T8018] netlink: 4 bytes leftover after parsing attributes in process `syz.2.543'. [ 148.836119][ T8018] netlink: 4 bytes leftover after parsing attributes in process `syz.2.543'. [ 149.020358][ T8024] netlink: 168 bytes leftover after parsing attributes in process `syz.2.545'. [ 149.074450][ T8027] netlink: 184 bytes leftover after parsing attributes in process `syz.2.545'. [ 149.078453][ T8027] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 150.308737][ T8057] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 152.997903][ T29] usb 8-1: new full-speed USB device number 7 using dummy_hcd [ 153.111051][ T8100] xfrm0: entered promiscuous mode [ 153.113379][ T8100] xfrm0: entered allmulticast mode [ 153.358639][ T29] usb 8-1: config 0 has no interfaces? [ 153.362033][ T29] usb 8-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 153.364920][ T29] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.367369][ T29] usb 8-1: Product: syz [ 153.368765][ T29] usb 8-1: Manufacturer: syz [ 153.370212][ T29] usb 8-1: SerialNumber: syz [ 153.377360][ T29] usb 8-1: config 0 descriptor?? [ 153.587740][ T29] usb 8-1: USB disconnect, device number 7 [ 157.079149][ T40] kauditd_printk_skb: 6 callbacks suppressed [ 157.079160][ T40] audit: type=1804 audit(1758794664.832:244): pid=8161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.584" name="bus" dev="ramfs" ino=20638 res=1 errno=0 [ 157.112783][ T40] audit: type=1804 audit(1758794664.852:245): pid=8161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.584" name="bus" dev="ramfs" ino=20638 res=1 errno=0 [ 157.928757][ T8174] netlink: 24 bytes leftover after parsing attributes in process `syz.1.587'. [ 160.414569][ T8207] nbd1: detected capacity change from 0 to 8589934655 [ 160.535030][ T63] block nbd1: Receive control failed (result -104) [ 161.332738][ T6472] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 161.483966][ T6472] usb 5-1: config 0 has no interfaces? [ 161.487519][ T6472] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 161.490369][ T6472] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 161.493301][ T6472] usb 5-1: Product: syz [ 161.494745][ T6472] usb 5-1: Manufacturer: syz [ 161.496297][ T6472] usb 5-1: SerialNumber: syz [ 161.498911][ T6472] usb 5-1: config 0 descriptor?? [ 161.725194][ T29] usb 5-1: USB disconnect, device number 6 [ 164.614997][ T40] audit: type=1804 audit(1758794672.372:246): pid=8269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.609" name="bus" dev="ramfs" ino=22767 res=1 errno=0 [ 164.621838][ T40] audit: type=1804 audit(1758794672.372:247): pid=8269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.609" name="bus" dev="ramfs" ino=22767 res=1 errno=0 [ 164.774090][ T8274] netlink: 4 bytes leftover after parsing attributes in process `syz.1.610'. [ 166.550026][ T40] audit: type=1804 audit(1758794674.302:248): pid=8309 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.626" name="bus" dev="ramfs" ino=20750 res=1 errno=0 [ 166.563980][ T40] audit: type=1804 audit(1758794674.312:249): pid=8309 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.626" name="bus" dev="ramfs" ino=20750 res=1 errno=0 [ 167.457529][ T8327] netlink: 4 bytes leftover after parsing attributes in process `syz.2.630'. [ 168.444473][ T67] block nbd1: Connection timed out, retrying (0/1 alive) [ 168.447709][ T67] block nbd1: Connection timed out, retrying (0/1 alive) [ 168.450909][ T67] block nbd1: Connection timed out, retrying (0/1 alive) [ 168.454276][ T67] block nbd1: Connection timed out, retrying (0/1 alive) [ 168.457490][ T67] block nbd1: Dead connection, failed to find a fallback [ 168.460633][ T67] block nbd1: shutting down sockets [ 168.463627][ T67] blk_print_req_error: 123 callbacks suppressed [ 168.463638][ T67] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.470545][ T67] buffer_io_error: 122 callbacks suppressed [ 168.470556][ T67] Buffer I/O error on dev nbd1, logical block 3, async page read [ 168.476823][ T67] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.480948][ T67] Buffer I/O error on dev nbd1, logical block 2, async page read [ 168.484700][ T67] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.488794][ T67] Buffer I/O error on dev nbd1, logical block 1, async page read [ 168.492335][ T67] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.496594][ T67] Buffer I/O error on dev nbd1, logical block 0, async page read [ 168.500233][ T6740] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.504586][ T6740] Buffer I/O error on dev nbd1, logical block 0, async page read [ 168.508238][ T6740] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.512188][ T6740] Buffer I/O error on dev nbd1, logical block 1, async page read [ 168.515650][ T6740] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.519721][ T6740] Buffer I/O error on dev nbd1, logical block 2, async page read [ 168.523441][ T6740] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.527533][ T6740] Buffer I/O error on dev nbd1, logical block 3, async page read [ 168.531098][ T6740] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.535541][ T6740] Buffer I/O error on dev nbd1, logical block 0, async page read [ 168.539190][ T6740] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 168.543212][ T6740] Buffer I/O error on dev nbd1, logical block 1, async page read [ 168.549039][ T6740] ldm_validate_partition_table(): Disk read failed. [ 168.553877][ T6740] Dev nbd1: unable to read RDB block 0 [ 168.557714][ T6740] nbd1: unable to read partition table [ 168.565773][ T6740] ldm_validate_partition_table(): Disk read failed. [ 168.568650][ T6740] Dev nbd1: unable to read RDB block 0 [ 168.571214][ T6740] nbd1: unable to read partition table [ 169.393115][ T40] audit: type=1804 audit(1758794677.142:250): pid=8350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.639" name="bus" dev="ramfs" ino=23577 res=1 errno=0 [ 169.404303][ T40] audit: type=1804 audit(1758794677.152:251): pid=8350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.639" name="bus" dev="ramfs" ino=23577 res=1 errno=0 [ 169.613102][ T8355] nbd2: detected capacity change from 0 to 8589934655 [ 170.255488][ T63] block nbd2: Receive control failed (result -104) [ 170.282755][ T63] Bluetooth: hci3: command 0x0406 tx timeout [ 170.284671][ T63] Bluetooth: hci0: command 0x0406 tx timeout [ 170.286484][ T63] Bluetooth: hci1: command 0x0406 tx timeout [ 170.833651][ T6017] libceph: connect (1)[c::]:6789 error -101 [ 170.836322][ T6017] libceph: mon0 (1)[c::]:6789 connect error [ 171.013843][ T8373] ceph: No mds server is up or the cluster is laggy [ 171.236267][ T6017] libceph: connect (1)[c::]:6789 error -101 [ 171.239522][ T6017] libceph: mon0 (1)[c::]:6789 connect error [ 173.440381][ T5991] Bluetooth: hci2: link tx timeout [ 173.442398][ T5991] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 173.446824][ T5991] Bluetooth: hci2: link tx timeout [ 173.448976][ T5991] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa [ 173.914033][ T8407] nbd3: detected capacity change from 0 to 8589934655 [ 174.109148][ T8417] netlink: 24 bytes leftover after parsing attributes in process `syz.0.657'. [ 174.469259][ T5991] block nbd3: Receive control failed (result -104) [ 174.928611][ T40] audit: type=1804 audit(1758794682.682:252): pid=8435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.662" name="/newroot/177/bus" dev="tmpfs" ino=952 res=1 errno=0 [ 175.482698][ T5991] Bluetooth: hci2: command 0x0406 tx timeout [ 176.919197][ T40] audit: type=1804 audit(1758794684.672:253): pid=8448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.668" name="bus" dev="ramfs" ino=20878 res=1 errno=0 [ 176.927907][ T40] audit: type=1804 audit(1758794684.672:254): pid=8448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.668" name="bus" dev="ramfs" ino=20878 res=1 errno=0 [ 177.653879][ T67] block nbd2: Connection timed out, retrying (0/1 alive) [ 177.656321][ T67] block nbd2: Connection timed out, retrying (0/1 alive) [ 177.659261][ T67] block nbd2: Connection timed out, retrying (0/1 alive) [ 177.662197][ T67] block nbd2: Connection timed out, retrying (0/1 alive) [ 177.665368][ T6194] block nbd2: Dead connection, failed to find a fallback [ 177.668241][ T6194] block nbd2: shutting down sockets [ 177.670368][ T6194] blk_print_req_error: 123 callbacks suppressed [ 177.670380][ T6194] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 177.675725][ T6194] buffer_io_error: 122 callbacks suppressed [ 177.675734][ T6194] Buffer I/O error on dev nbd2, logical block 2, async page read [ 177.681065][ T6194] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 177.685876][ T6194] Buffer I/O error on dev nbd2, logical block 1, async page read [ 177.689205][ T6194] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 177.692584][ T6194] Buffer I/O error on dev nbd2, logical block 0, async page read [ 177.695115][ T6194] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 177.697903][ T6194] Buffer I/O error on dev nbd2, logical block 3, async page read [ 177.700380][ T6740] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 177.703386][ T6740] Buffer I/O error on dev nbd2, logical block 0, async page read [ 177.706014][ T6740] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 177.709725][ T6740] Buffer I/O error on dev nbd2, logical block 1, async page read [ 177.713235][ T6740] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 177.716932][ T6740] Buffer I/O error on dev nbd2, logical block 2, async page read [ 177.720203][ T6740] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 177.723524][ T6740] Buffer I/O error on dev nbd2, logical block 3, async page read [ 177.727070][ T6740] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 177.730824][ T6740] Buffer I/O error on dev nbd2, logical block 0, async page read [ 177.734548][ T6740] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 177.738363][ T6740] Buffer I/O error on dev nbd2, logical block 1, async page read [ 177.743974][ T6740] ldm_validate_partition_table(): Disk read failed. [ 177.748403][ T6740] Dev nbd2: unable to read RDB block 0 [ 177.752531][ T6740] nbd2: unable to read partition table [ 177.762902][ T6740] ldm_validate_partition_table(): Disk read failed. [ 177.767262][ T6740] Dev nbd2: unable to read RDB block 0 [ 177.771152][ T6740] nbd2: unable to read partition table [ 178.392723][ T6552] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 178.542668][ T6552] usb 8-1: Using ep0 maxpacket: 8 [ 178.570523][ T6552] usb 8-1: config index 0 descriptor too short (expected 5924, got 36) [ 178.573149][ T6552] usb 8-1: config 250 has an invalid interface number: 228 but max is -1 [ 178.577457][ T6552] usb 8-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 178.640655][ T6552] usb 8-1: config 250 has no interface number 0 [ 178.642704][ T6552] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 178.646208][ T6552] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 178.649370][ T6552] usb 8-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 178.652531][ T6552] usb 8-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 178.655801][ T6552] usb 8-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 178.659789][ T6552] usb 8-1: config 250 interface 228 has no altsetting 0 [ 178.663303][ T6552] usb 8-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 178.666220][ T6552] usb 8-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 178.668689][ T6552] usb 8-1: Product: syz [ 178.669950][ T6552] usb 8-1: SerialNumber: syz [ 178.673916][ T6552] hub 8-1:250.228: bad descriptor, ignoring hub [ 178.675862][ T6552] hub 8-1:250.228: probe with driver hub failed with error -5 [ 178.705307][ T40] audit: type=1804 audit(1758794686.462:255): pid=8479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.678" name="bus" dev="ramfs" ino=22898 res=1 errno=0 [ 178.713336][ T40] audit: type=1804 audit(1758794686.462:256): pid=8479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.678" name="bus" dev="ramfs" ino=22898 res=1 errno=0 [ 179.013090][ T6552] usblp 8-1:250.228: usblp0: USB Bidirectional printer dev 8 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 179.543867][ T8470] usb 8-1: reset high-speed USB device number 8 using dummy_hcd [ 179.547888][ T8470] usb 8-1: device reset changed ep0 maxpacket size! [ 179.551578][ T6472] usb 8-1: USB disconnect, device number 8 [ 179.556014][ T6472] usblp0: removed [ 179.692703][ T6472] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 179.865462][ T6472] usb 8-1: config index 0 descriptor too short (expected 1472, got 146) [ 179.868625][ T6472] usb 8-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config [ 179.893298][ T6472] usb 8-1: config 128 has no interfaces? [ 179.907410][ T6472] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 179.910848][ T6472] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 179.928405][ T6472] usb 8-1: SerialNumber: syz [ 180.052765][ T6552] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 180.207705][ T6472] usb 8-1: USB disconnect, device number 9 [ 180.226185][ T6552] usb 7-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 180.229172][ T6552] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 180.231753][ T6552] usb 7-1: Product: syz [ 180.242674][ T6552] usb 7-1: Manufacturer: syz [ 180.249560][ T6552] usb 7-1: SerialNumber: syz [ 180.701570][ T6552] rtl8150 7-1:1.0: couldn't reset the device [ 180.706560][ T6552] rtl8150 7-1:1.0: probe with driver rtl8150 failed with error -5 [ 180.742680][ T6552] usb 7-1: USB disconnect, device number 4 [ 181.990722][ T1167] block nbd3: Connection timed out, retrying (0/1 alive) [ 181.993839][ T1167] block nbd3: Connection timed out, retrying (0/1 alive) [ 181.996829][ T1167] block nbd3: Connection timed out, retrying (0/1 alive) [ 182.000005][ T1167] block nbd3: Connection timed out, retrying (0/1 alive) [ 182.003322][ T11] block nbd3: Dead connection, failed to find a fallback [ 182.007370][ T11] block nbd3: shutting down sockets [ 182.020454][ T6365] ldm_validate_partition_table(): Disk read failed. [ 182.034452][ T6365] Dev nbd3: unable to read RDB block 0 [ 182.044089][ T6365] nbd3: unable to read partition table [ 182.058244][ T6365] ldm_validate_partition_table(): Disk read failed. [ 182.062222][ T6365] Dev nbd3: unable to read RDB block 0 [ 182.068878][ T6365] nbd3: unable to read partition table [ 182.164169][ T5986] Bluetooth: hci0: unexpected event for opcode 0x0001 [ 183.466373][ T8532] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.778662][ T8536] netlink: 12 bytes leftover after parsing attributes in process `syz.2.695'. [ 183.779355][ T8532] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.846112][ T8537] bond3 (unregistering): Released all slaves [ 183.897266][ T8532] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.907789][ T8536] bridge0: port 1(geneve2) entered blocking state [ 183.909969][ T8536] bridge0: port 1(geneve2) entered disabled state [ 183.912096][ T8536] geneve2: entered allmulticast mode [ 183.915040][ T8536] geneve2: entered promiscuous mode [ 183.933887][ T40] audit: type=1326 audit(1758794691.692:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8538 comm="syz.3.697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 183.938163][ T8540] kvm: requested 74590 ns i8254 timer period limited to 200000 ns [ 183.941277][ T40] audit: type=1326 audit(1758794691.692:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8538 comm="syz.3.697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 183.951020][ T40] audit: type=1326 audit(1758794691.692:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8538 comm="syz.3.697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 183.957948][ T40] audit: type=1326 audit(1758794691.692:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8538 comm="syz.3.697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 183.969090][ T40] audit: type=1326 audit(1758794691.692:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8538 comm="syz.3.697" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 183.978011][ T40] audit: type=1326 audit(1758794691.712:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8538 comm="syz.3.697" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 183.985119][ T8540] kvm: requested 81295 ns i8254 timer period limited to 200000 ns [ 183.994483][ T8540] kvm: requested 182704 ns i8254 timer period limited to 200000 ns [ 184.001032][ T40] audit: type=1326 audit(1758794691.752:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8538 comm="syz.3.697" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 184.008828][ T40] audit: type=1326 audit(1758794691.772:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8538 comm="syz.3.697" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 184.017478][ T8540] kvm: requested 75428 ns i8254 timer period limited to 200000 ns [ 184.018845][ T40] audit: type=1326 audit(1758794691.782:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8538 comm="syz.3.697" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 184.026782][ T40] audit: type=1326 audit(1758794691.782:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8538 comm="syz.3.697" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf709e579 code=0x7ffc0000 [ 184.046954][ T8532] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.141497][ T6257] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.149473][ T6257] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.158171][ T6257] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.165867][ T6257] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.962504][ T8597] lo speed is unknown, defaulting to 1000 [ 189.612757][ T8634] nbd4: detected capacity change from 0 to 8589934655 [ 190.173023][ T5986] block nbd4: Receive control failed (result -104) [ 190.472682][ T6552] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 190.628379][ T6552] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 190.632287][ T6552] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 190.635513][ T6552] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 190.639151][ T6552] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 190.644378][ T6552] usb 7-1: config 0 descriptor?? [ 191.860220][ T5986] Bluetooth: hci2: unexpected event for opcode 0x0c05 [ 191.866394][ T8661] veth0_to_hsr: entered promiscuous mode [ 191.869225][ T8661] veth0_to_hsr: entered allmulticast mode [ 191.872213][ T8661] veth0_to_hsr: left allmulticast mode [ 191.876975][ T8661] veth0_to_hsr: left promiscuous mode [ 192.082258][ T6552] uclogic 0003:256C:006D.0007: v1 frame probing failed: -71 [ 192.086388][ T6552] uclogic 0003:256C:006D.0007: failed probing parameters: -71 [ 192.089393][ T6552] uclogic 0003:256C:006D.0007: probe with driver uclogic failed with error -71 [ 192.098120][ T6552] usb 7-1: USB disconnect, device number 5 [ 192.620176][ T8663] netlink: 12 bytes leftover after parsing attributes in process `syz.2.734'. [ 192.630245][ T8665] netlink: 'syz.1.742': attribute type 39 has an invalid length. [ 192.634570][ T8665] veth0_macvtap: left promiscuous mode [ 192.657167][ T8663] netlink: 4 bytes leftover after parsing attributes in process `syz.2.734'. [ 192.754616][ T8667] netlink: 16 bytes leftover after parsing attributes in process `syz.1.735'. [ 192.763775][ T8667] dummy0: entered promiscuous mode [ 192.769698][ T8667] dummy0: left promiscuous mode [ 193.253164][ T8681] netlink: 56 bytes leftover after parsing attributes in process `syz.2.740'. [ 193.627585][ T40] kauditd_printk_skb: 8 callbacks suppressed [ 193.627600][ T40] audit: type=1326 audit(1758794701.382:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8677 comm="syz.0.739" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f23579 code=0x0 [ 193.805489][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.807800][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.984508][ T8698] netlink: 12 bytes leftover after parsing attributes in process `syz.3.746'. [ 194.084116][ T8698] bridge1: port 1(bond3) entered blocking state [ 194.086241][ T8698] bridge1: port 1(bond3) entered disabled state [ 194.088334][ T8698] bond3: entered allmulticast mode [ 194.091097][ T8698] bond3: entered promiscuous mode [ 194.112950][ T8698] bridge1: port 2(geneve3) entered blocking state [ 194.115219][ T8698] bridge1: port 2(geneve3) entered disabled state [ 194.117416][ T8698] geneve3: entered allmulticast mode [ 194.120002][ T8698] geneve3: entered promiscuous mode [ 194.277820][ T8700] cgroup: fork rejected by pids controller in /syz1 [ 194.392760][ T29] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 194.547125][ T29] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF4, changing to 0x84 [ 194.551656][ T29] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1023 [ 194.555343][ T29] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 194.559563][ T29] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 194.568185][ T29] usb 5-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10 [ 194.571923][ T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.575743][ T29] usb 5-1: Product: syz [ 194.577185][ T29] usb 5-1: Manufacturer: syz [ 194.579035][ T29] usb 5-1: SerialNumber: syz [ 194.585136][ T29] usb 5-1: config 0 descriptor?? [ 194.588296][ T8704] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 194.591649][ T29] usb 5-1: ucan: probing device on interface #0 [ 194.594211][ T29] usb 5-1: ucan: invalid endpoint configuration [ 194.596242][ T29] usb 5-1: ucan: probe failed; try to update the device firmware [ 194.880793][ T40] audit: type=1804 audit(1758794702.632:276): pid=9704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.751" name="/newroot/183/file1" dev="fuse" ino=1 res=1 errno=0 [ 194.927492][ T9707] netlink: 'syz.2.752': attribute type 13 has an invalid length. [ 194.930830][ T9707] netlink: 'syz.2.752': attribute type 17 has an invalid length. [ 194.989558][ T1020] usb 5-1: USB disconnect, device number 7 [ 195.013060][ T9707] 8021q: adding VLAN 0 to HW filter on device bond0 [ 195.016050][ T9707] 8021q: adding VLAN 0 to HW filter on device team0 [ 195.020679][ T9707] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 197.648250][ T5515] block nbd4: Connection timed out, retrying (0/1 alive) [ 197.650536][ T5515] block nbd4: Connection timed out, retrying (0/1 alive) [ 197.653325][ T5515] block nbd4: Connection timed out, retrying (0/1 alive) [ 197.655520][ T5515] block nbd4: Connection timed out, retrying (0/1 alive) [ 197.657942][ T5515] block nbd4: Dead connection, failed to find a fallback [ 197.660429][ T5515] block nbd4: shutting down sockets [ 197.662728][ T5515] blk_print_req_error: 256 callbacks suppressed [ 197.662737][ T5515] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 197.667595][ T5515] buffer_io_error: 254 callbacks suppressed [ 197.667606][ T5515] Buffer I/O error on dev nbd4, logical block 3, async page read [ 197.672498][ T5515] I/O error, dev nbd4, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 197.675405][ T5515] Buffer I/O error on dev nbd4, logical block 2, async page read [ 197.677786][ T5515] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 197.680595][ T5515] Buffer I/O error on dev nbd4, logical block 1, async page read [ 197.683206][ T5515] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 197.685963][ T5515] Buffer I/O error on dev nbd4, logical block 0, async page read [ 197.688922][ T6740] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 197.692370][ T6740] Buffer I/O error on dev nbd4, logical block 0, async page read [ 197.704551][ T6740] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 197.707359][ T6740] Buffer I/O error on dev nbd4, logical block 1, async page read [ 197.733266][ T6740] I/O error, dev nbd4, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 197.736158][ T6740] Buffer I/O error on dev nbd4, logical block 2, async page read [ 197.738621][ T6740] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 197.741375][ T6740] Buffer I/O error on dev nbd4, logical block 3, async page read [ 197.744433][ T6740] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 197.747327][ T6740] Buffer I/O error on dev nbd4, logical block 0, async page read [ 197.749919][ T6740] I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 197.752880][ T6740] Buffer I/O error on dev nbd4, logical block 1, async page read [ 197.764142][ T6740] ldm_validate_partition_table(): Disk read failed. [ 197.767242][ T6740] Dev nbd4: unable to read RDB block 0 [ 197.769834][ T6740] nbd4: unable to read partition table [ 197.800548][ T6740] ldm_validate_partition_table(): Disk read failed. [ 197.813899][ T6740] Dev nbd4: unable to read RDB block 0 [ 197.817836][ T6740] nbd4: unable to read partition table [ 198.417201][ T9755] netlink: 12 bytes leftover after parsing attributes in process `syz.2.767'. [ 199.437956][ T9772] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 199.466849][ T9775] netlink: 4 bytes leftover after parsing attributes in process `syz.3.771'. [ 200.458692][ T9790] netlink: 12 bytes leftover after parsing attributes in process `syz.0.774'. [ 200.497875][ T9790] bridge3: port 1(bond2) entered blocking state [ 200.500390][ T9790] bridge3: port 1(bond2) entered disabled state [ 200.500805][ T5986] Bluetooth: hci0: unexpected event for opcode 0x0c05 [ 200.503395][ T9790] bond2: entered allmulticast mode [ 200.508706][ T9790] bond2: entered promiscuous mode [ 200.517334][ T9793] veth0_to_hsr: entered allmulticast mode [ 200.520126][ T9793] veth0_to_hsr: left allmulticast mode [ 200.553063][ T9790] bridge3: port 2(geneve2) entered blocking state [ 200.555886][ T9790] bridge3: port 2(geneve2) entered disabled state [ 200.558653][ T9790] geneve2: entered allmulticast mode [ 200.562257][ T9790] geneve2: entered promiscuous mode [ 200.575094][ T9795] netlink: 12 bytes leftover after parsing attributes in process `syz.3.777'. [ 200.699937][ T9799] netlink: 'syz.3.780': attribute type 5 has an invalid length. [ 202.485346][ T5986] Bluetooth: hci1: unexpected event for opcode 0x0c05 [ 202.489495][ T9824] veth0_to_hsr: entered allmulticast mode [ 202.491570][ T9824] veth0_to_hsr: left allmulticast mode [ 202.600634][ T9831] netlink: 4 bytes leftover after parsing attributes in process `syz.2.790'. [ 202.723351][ T9831] tipc: Enabling of bearer rejected, failed to enable media [ 204.397491][ T9856] netlink: 8 bytes leftover after parsing attributes in process `syz.1.799'. [ 207.542528][ T9891] netlink: 'syz.2.808': attribute type 1 has an invalid length. [ 207.613978][ T9894] binder_alloc: 9889: binder_alloc_buf, no vma [ 207.626165][ T9891] bond3: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 207.630214][ T9891] bond3: (slave ipvlan0): The slave device specified does not support setting the MAC address [ 207.634308][ T9891] bond3: (slave ipvlan0): Setting fail_over_mac to active for active-backup mode [ 207.672806][ T9900] netlink: 4 bytes leftover after parsing attributes in process `syz.2.808'. [ 207.771429][ T9905] netlink: 'syz.2.812': attribute type 1 has an invalid length. [ 207.796290][ T9905] 8021q: adding VLAN 0 to HW filter on device bond4 [ 207.823619][ T9905] vlan0: entered promiscuous mode [ 207.825267][ T9905] bond4: entered promiscuous mode [ 207.826839][ T9905] vlan0: entered allmulticast mode [ 207.828373][ T9905] bond4: entered allmulticast mode [ 207.845018][ T9905] bond4: (slave gretap1): making interface the new active one [ 207.848223][ T9905] gretap1: entered promiscuous mode [ 207.850527][ T9905] gretap1: entered allmulticast mode [ 207.854063][ T9905] bond4: (slave gretap1): Enslaving as an active interface with an up link [ 213.889926][T11312] lo speed is unknown, defaulting to 1000 [ 213.892216][T11312] lo speed is unknown, defaulting to 1000 [ 213.895617][T11312] lo speed is unknown, defaulting to 1000 [ 213.899801][T11312] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 213.908616][T11312] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 213.926149][T11312] lo speed is unknown, defaulting to 1000 [ 213.928967][T11312] lo speed is unknown, defaulting to 1000 [ 213.931469][T11312] lo speed is unknown, defaulting to 1000 [ 213.934996][T11312] lo speed is unknown, defaulting to 1000 [ 216.379687][T11448] netlink: 'syz.3.848': attribute type 1 has an invalid length. [ 216.392418][T11448] 8021q: adding VLAN 0 to HW filter on device bond4 [ 216.424549][T11448] 8021q: adding VLAN 0 to HW filter on device bond4 [ 216.426885][T11448] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address [ 216.430845][T11448] bond4: (slave vxcan3): Error -95 calling set_mac_address [ 216.477275][T11450] bond5: entered promiscuous mode [ 216.481537][T11450] 8021q: adding VLAN 0 to HW filter on device bond5 [ 216.485655][T11450] bond4: (slave bond5): Enslaving as an active interface with a down link [ 216.520542][T11448] macvlan0: entered promiscuous mode [ 216.524774][T11448] macvlan0: entered allmulticast mode [ 216.527108][T11448] bond4: entered promiscuous mode [ 216.529694][T11448] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 216.535540][T11448] bond4: left promiscuous mode [ 216.547679][ T5986] Bluetooth: hci2: unexpected event for opcode 0x0c58 [ 217.004948][T11460] lo speed is unknown, defaulting to 1000 [ 217.130035][T11460] lo speed is unknown, defaulting to 1000 [ 217.662041][T11480] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8) [ 217.665086][T11480] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 217.672920][T11480] vhci_hcd vhci_hcd.0: Device attached [ 217.678609][T11482] vhci_hcd: connection closed [ 217.681376][ T6302] vhci_hcd: stop threads [ 217.687914][ T6302] vhci_hcd: release socket [ 217.695227][ T6302] vhci_hcd: disconnect device [ 218.369548][T11497] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 219.042947][T11520] lo speed is unknown, defaulting to 1000 [ 219.136960][T11522] binder: 11519:11522 ioctl c0306201 0 returned -14 [ 219.256121][T11520] lo speed is unknown, defaulting to 1000 [ 219.872406][ T40] audit: type=1326 audit(1758794727.622:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11519 comm="syz.1.869" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf703e579 code=0x7fc00000 [ 219.883663][ T40] audit: type=1326 audit(1758794727.622:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11519 comm="syz.1.869" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf703e5a7 code=0x7fc00000 [ 219.890670][ T40] audit: type=1326 audit(1758794727.632:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11519 comm="syz.1.869" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7fc00000 [ 219.902829][ T40] audit: type=1326 audit(1758794727.632:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11519 comm="syz.1.869" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7fc00000 [ 219.910460][ T40] audit: type=1326 audit(1758794727.632:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11519 comm="syz.1.869" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7fc00000 [ 219.919032][ T40] audit: type=1326 audit(1758794727.632:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11519 comm="syz.1.869" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7fc00000 [ 219.934029][ T40] audit: type=1326 audit(1758794727.632:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11519 comm="syz.1.869" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7fc00000 [ 219.950518][ T40] audit: type=1326 audit(1758794727.632:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11519 comm="syz.1.869" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7fc00000 [ 219.973727][ T40] audit: type=1326 audit(1758794727.632:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11519 comm="syz.1.869" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7fc00000 [ 220.090023][T11541] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8) [ 220.092176][T11541] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 220.094991][T11541] vhci_hcd vhci_hcd.0: Device attached [ 220.098507][T11542] vhci_hcd: connection closed [ 220.100173][ T1143] vhci_hcd: stop threads [ 220.105069][ T1143] vhci_hcd: release socket [ 220.106530][ T1143] vhci_hcd: disconnect device [ 220.112355][ T5986] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 221.591858][T11565] netlink: 8 bytes leftover after parsing attributes in process `syz.1.887'. [ 221.595178][T11565] netlink: 12 bytes leftover after parsing attributes in process `syz.1.887'. [ 221.873127][ T838] usb 6-1: new low-speed USB device number 4 using dummy_hcd [ 222.049053][ T838] usb 6-1: config 0 has an invalid interface number: 55 but max is 0 [ 222.052172][ T838] usb 6-1: config 0 has no interface number 0 [ 222.056027][ T838] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 222.059990][ T838] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 222.064871][ T838] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 222.068966][ T838] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 222.074705][ T838] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 222.078578][ T838] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 222.085160][ T838] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 222.088882][ T838] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 222.102369][ T838] usb 6-1: config 0 descriptor?? [ 222.106028][T11569] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 222.108681][T11569] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 222.129199][ T838] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 222.335685][ T6652] usb 6-1: USB disconnect, device number 4 [ 222.339792][ T6652] ldusb 6-1:0.55: LD USB Device #0 now disconnected [ 222.904608][ T5986] Bluetooth: hci0: unexpected event 0x03 length: 1 < 11 [ 223.804420][T11603] netlink: 12 bytes leftover after parsing attributes in process `syz.1.891'. [ 223.850452][T11603] netlink: 3 bytes leftover after parsing attributes in process `syz.1.891'. [ 223.858467][T11603] batadv1: entered promiscuous mode [ 223.860441][T11603] batadv1: entered allmulticast mode [ 223.911503][T11605] netlink: 3 bytes leftover after parsing attributes in process `syz.1.891'. [ 223.919452][T11605] batadv1: entered promiscuous mode [ 223.921442][T11605] batadv1: entered allmulticast mode [ 225.935860][T11641] syz_tun: entered allmulticast mode [ 225.948431][T11641] dvmrp1: entered allmulticast mode [ 225.981614][T11640] syz_tun: left allmulticast mode [ 227.007463][T11665] syz_tun: entered allmulticast mode [ 227.066201][T11664] syz_tun: left allmulticast mode [ 227.294370][T11670] lo speed is unknown, defaulting to 1000 [ 227.768992][T11670] lo speed is unknown, defaulting to 1000 [ 228.275406][T11690] syzkaller0: entered promiscuous mode [ 228.277718][T11690] syzkaller0: entered allmulticast mode [ 228.468833][ T40] audit: type=1326 audit(1758794736.222:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11695 comm="syz.2.915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 228.503194][ T40] audit: type=1326 audit(1758794736.222:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11695 comm="syz.2.915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 228.515346][ T40] audit: type=1326 audit(1758794736.232:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11695 comm="syz.2.915" exe="/syz-executor" sig=0 arch=40000003 syscall=343 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 228.526140][ T40] audit: type=1326 audit(1758794965.244:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11695 comm="syz.2.915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 228.537819][ T40] audit: type=1326 audit(1758794965.244:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11695 comm="syz.2.915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 228.547662][ T40] audit: type=1326 audit(1758794965.244:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11695 comm="syz.2.915" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 228.559992][ T40] audit: type=1326 audit(1758794965.244:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11695 comm="syz.2.915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 228.570338][ T40] audit: type=1326 audit(1758794965.244:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11695 comm="syz.2.915" exe="/syz-executor" sig=0 arch=40000003 syscall=170 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 228.582529][ T40] audit: type=1326 audit(1758794965.244:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11695 comm="syz.2.915" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 228.595419][ T40] audit: type=1326 audit(1758794965.244:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11695 comm="syz.2.915" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 228.859866][T11703] netlink: 12 bytes leftover after parsing attributes in process `syz.2.917'. [ 228.886787][T11703] netlink: 3 bytes leftover after parsing attributes in process `syz.2.917'. [ 228.894731][T11703] batadv1: entered promiscuous mode [ 228.896998][T11703] batadv1: entered allmulticast mode [ 228.938525][T11705] netlink: 3 bytes leftover after parsing attributes in process `syz.2.917'. [ 228.946757][T11705] batadv1: entered promiscuous mode [ 228.949157][T11705] batadv1: entered allmulticast mode [ 229.178677][T11713] bond0: (slave vxlan1): Enslaving as an active interface with an up link [ 229.181517][T11711] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 229.227673][ T6273] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 229.231103][ T6273] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 229.253002][ T6273] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 229.256494][ T6273] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 229.318339][T11721] lo speed is unknown, defaulting to 1000 [ 229.428283][T11729] binder: 11720:11729 ioctl c0306201 0 returned -14 [ 229.522139][T11721] lo speed is unknown, defaulting to 1000 [ 230.415814][T11738] netlink: 'syz.2.928': attribute type 1 has an invalid length. [ 230.433867][T11738] 8021q: adding VLAN 0 to HW filter on device bond5 [ 230.457326][T11738] 8021q: adding VLAN 0 to HW filter on device bond5 [ 230.459631][T11738] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address [ 230.465801][T11738] bond5: (slave vxcan3): Error -95 calling set_mac_address [ 230.518430][T11743] bond6: entered promiscuous mode [ 230.523694][T11743] 8021q: adding VLAN 0 to HW filter on device bond6 [ 230.529250][T11743] bond5: (slave bond6): Enslaving as an active interface with a down link [ 230.576042][T11738] macvlan0: entered promiscuous mode [ 230.577753][T11738] macvlan0: entered allmulticast mode [ 230.579790][T11738] bond5: entered promiscuous mode [ 230.581965][T11738] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 230.587907][T11738] bond5: left promiscuous mode [ 231.237574][T11757] netlink: 12 bytes leftover after parsing attributes in process `syz.0.933'. [ 231.294553][T11759] netlink: 3 bytes leftover after parsing attributes in process `syz.0.933'. [ 231.308449][T11759] batadv1: entered promiscuous mode [ 231.310370][T11759] batadv1: entered allmulticast mode [ 231.311648][T11761] netlink: 8 bytes leftover after parsing attributes in process `syz.1.935'. [ 231.359837][T11757] netlink: 3 bytes leftover after parsing attributes in process `syz.0.933'. [ 231.369190][T11757] batadv1: entered promiscuous mode [ 231.371678][T11757] batadv1: entered allmulticast mode [ 231.665465][T11765] usb usb3: usbfs: process 11765 (syz.0.937) did not claim interface 0 before use [ 231.854544][T11774] trusted_key: syz.0.947 sent an empty control message without MSG_MORE. [ 232.222563][T11787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.943'. [ 232.332933][T11790] netlink: 'syz.2.944': attribute type 1 has an invalid length. [ 232.336610][T11790] netlink: 'syz.2.944': attribute type 4 has an invalid length. [ 232.339945][T11790] netlink: 15334 bytes leftover after parsing attributes in process `syz.2.944'. [ 233.422456][T11800] netlink: 'syz.2.949': attribute type 1 has an invalid length. [ 233.469402][T11800] 8021q: adding VLAN 0 to HW filter on device bond7 [ 233.580276][T11802] 8021q: adding VLAN 0 to HW filter on device bond7 [ 233.587365][T11802] bond7: (slave vxcan3): The slave device specified does not support setting the MAC address [ 233.598427][T11802] bond7: (slave vxcan3): Error -95 calling set_mac_address [ 233.641532][T11804] netlink: 28 bytes leftover after parsing attributes in process `syz.2.949'. [ 233.854479][T11800] veth7: entered promiscuous mode [ 233.898873][T11800] bond7: (slave veth7): Enslaving as an active interface with a down link [ 234.083600][T11804] 8021q: adding VLAN 0 to HW filter on device bond7 [ 234.707539][T11816] lo speed is unknown, defaulting to 1000 [ 234.856387][T11810] lo speed is unknown, defaulting to 1000 [ 234.863115][T11816] lo speed is unknown, defaulting to 1000 [ 235.128424][T11810] lo speed is unknown, defaulting to 1000 [ 236.098704][T11829] netfs: Couldn't get user pages (rc=-14) [ 238.501110][T11872] lo speed is unknown, defaulting to 1000 [ 238.584001][T11872] lo speed is unknown, defaulting to 1000 [ 239.636087][ T40] kauditd_printk_skb: 291 callbacks suppressed [ 239.636098][ T40] audit: type=1326 audit(1758794976.394:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11891 comm="syz.0.973" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 239.649386][ T40] audit: type=1326 audit(1758794976.394:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11891 comm="syz.0.973" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 239.657998][ T40] audit: type=1326 audit(1758794976.394:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11891 comm="syz.0.973" exe="/syz-executor" sig=0 arch=40000003 syscall=343 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 239.667503][ T40] audit: type=1326 audit(1758795205.413:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11891 comm="syz.0.973" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 239.676394][ T40] audit: type=1326 audit(1758795205.413:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11891 comm="syz.0.973" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 239.685936][ T40] audit: type=1326 audit(1758795205.413:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11891 comm="syz.0.973" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 239.692543][ T40] audit: type=1326 audit(1758795205.413:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11891 comm="syz.0.973" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 239.699353][ T40] audit: type=1326 audit(1758795205.413:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11891 comm="syz.0.973" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 239.706129][ T40] audit: type=1326 audit(1758795205.413:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11891 comm="syz.0.973" exe="/syz-executor" sig=0 arch=40000003 syscall=170 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 239.713020][ T40] audit: type=1326 audit(1758795205.413:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11891 comm="syz.0.973" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 239.820276][T11897] No control pipe specified [ 240.479402][T11935] netlink: 12 bytes leftover after parsing attributes in process `syz.3.982'. [ 240.510540][T11935] netlink: 3 bytes leftover after parsing attributes in process `syz.3.982'. [ 240.517445][T11935] batadv1: entered promiscuous mode [ 240.519075][T11935] batadv1: entered allmulticast mode [ 240.564381][T11942] netlink: 3 bytes leftover after parsing attributes in process `syz.3.982'. [ 240.570127][T11942] batadv1: entered promiscuous mode [ 240.572043][T11942] batadv1: entered allmulticast mode [ 240.698688][T11944] wireguard0: entered promiscuous mode [ 240.700556][T11944] wireguard0: entered allmulticast mode [ 240.707892][T11947] MPI: mpi too large (124808 bits) [ 243.927065][T12026] bridge0: port 2(syz_tun) entered blocking state [ 243.929765][T12026] bridge0: port 2(syz_tun) entered disabled state [ 243.932698][T12026] syz_tun: entered allmulticast mode [ 243.936101][T12026] syz_tun: entered promiscuous mode [ 243.939227][T12026] bridge0: port 2(syz_tun) entered blocking state [ 243.941596][T12026] bridge0: port 2(syz_tun) entered forwarding state [ 244.012268][T12026] bridge0: port 2(syz_tun) entered learning state [ 244.389566][T12036] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1009'. [ 244.398863][T12036] bridge0: port 2(syz_tun) entered disabled state [ 244.442137][T12036] syz_tun (unregistering): left allmulticast mode [ 244.444425][T12036] syz_tun (unregistering): left promiscuous mode [ 244.446658][T12036] bridge0: port 2(syz_tun) entered disabled state [ 244.775576][T12048] MTD: Couldn't look up '/dev/nullb0': -15 [ 244.779496][T12048] /dev/nullb0: Can't lookup blockdev [ 244.924149][T12052] netlink: 'syz.1.1014': attribute type 1 has an invalid length. [ 244.946193][T12052] 8021q: adding VLAN 0 to HW filter on device bond1 [ 245.039033][T12052] 8021q: adding VLAN 0 to HW filter on device bond1 [ 245.042266][T12052] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 245.072540][T12052] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 245.180255][T12054] bond2: entered promiscuous mode [ 245.185648][T12054] 8021q: adding VLAN 0 to HW filter on device bond2 [ 245.196578][T12054] bond1: (slave bond2): Enslaving as an active interface with a down link [ 245.218930][T12055] macvlan0: entered promiscuous mode [ 245.220731][T12055] macvlan0: entered allmulticast mode [ 245.222899][T12055] bond1: entered promiscuous mode [ 245.225275][T12055] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 245.228872][T12055] bond1: left promiscuous mode [ 245.330938][T12058] No control pipe specified [ 245.652865][ T5986] Bluetooth: hci0: command 0x0406 tx timeout [ 247.221544][T12088] netlink: 'syz.0.1024': attribute type 1 has an invalid length. [ 247.242298][T12088] 8021q: adding VLAN 0 to HW filter on device bond3 [ 247.275928][T12088] 8021q: adding VLAN 0 to HW filter on device bond3 [ 247.279027][T12088] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address [ 247.284455][T12088] bond3: (slave vxcan3): Error -95 calling set_mac_address [ 247.335132][T12095] bond4: entered promiscuous mode [ 247.339232][T12095] 8021q: adding VLAN 0 to HW filter on device bond4 [ 247.344710][T12095] bond3: (slave bond4): Enslaving as an active interface with a down link [ 247.395318][T12088] macvlan2: entered promiscuous mode [ 247.397448][T12088] macvlan2: entered allmulticast mode [ 247.400314][T12088] bond3: entered promiscuous mode [ 247.404279][T12088] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 247.408936][T12088] bond3: left promiscuous mode [ 248.016015][T12107] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 248.035031][T12106] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 248.189351][T12109] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 248.194314][T12109] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 248.197040][T12109] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 248.199869][T12109] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 248.203112][T12109] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 248.205694][T12109] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 248.208654][T12109] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 248.211606][T12109] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 248.215011][T12109] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 248.218046][T12109] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 248.755065][T12126] netlink: 'syz.3.1039': attribute type 1 has an invalid length. [ 248.767833][T12126] 8021q: adding VLAN 0 to HW filter on device bond6 [ 248.788685][T12126] 8021q: adding VLAN 0 to HW filter on device bond6 [ 248.791152][T12126] bond6: (slave vxcan3): The slave device specified does not support setting the MAC address [ 248.795551][T12126] bond6: (slave vxcan3): Error -95 calling set_mac_address [ 248.853821][T12132] bond7: entered promiscuous mode [ 248.856261][T12132] 8021q: adding VLAN 0 to HW filter on device bond7 [ 248.859311][T12132] bond6: (slave bond7): Enslaving as an active interface with a down link [ 249.050342][T12126] macvlan0: entered promiscuous mode [ 249.052860][T12126] macvlan0: entered allmulticast mode [ 249.055600][T12126] bond6: entered promiscuous mode [ 249.057568][T12126] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 249.083789][T12126] bond6: left promiscuous mode [ 249.722809][ T5986] Bluetooth: hci1: command 0x0406 tx timeout [ 250.478085][T12155] netlink: 'syz.1.1047': attribute type 1 has an invalid length. [ 250.495723][T12155] 8021q: adding VLAN 0 to HW filter on device bond3 [ 250.521322][T12155] 8021q: adding VLAN 0 to HW filter on device bond3 [ 250.524965][T12155] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address [ 250.528950][T12155] bond3: (slave vxcan3): Error -95 calling set_mac_address [ 250.575763][T12159] netlink: 'syz.3.1045': attribute type 2 has an invalid length. [ 250.578248][T12159] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1045'. [ 250.579297][T12160] gretap1: entered promiscuous mode [ 250.594692][T12160] bond3: (slave gretap1): making interface the new active one [ 250.597627][T12160] bond3: (slave gretap1): Enslaving as an active interface with an up link [ 250.624679][T12159] : entered promiscuous mode [ 250.703748][T12155] macvlan0: entered promiscuous mode [ 250.705613][T12155] macvlan0: entered allmulticast mode [ 250.709125][T12155] bond3: entered promiscuous mode [ 250.711951][T12155] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 250.718646][T12155] bond3: (slave macvlan0): the slave hw address is in use by the bond; giving it the hw address of gretap1 [ 250.726326][T12155] bond3: left promiscuous mode [ 251.810756][T12176] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1052'. [ 252.312723][ T29] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 252.680107][ T29] usb 5-1: Using ep0 maxpacket: 8 [ 252.683723][ T29] usb 5-1: config 0 has an invalid interface number: 55 but max is 0 [ 252.686307][ T29] usb 5-1: config 0 has no interface number 0 [ 252.688233][ T29] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 252.691538][ T29] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 252.702874][ T29] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 252.707043][ T29] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 252.711016][ T29] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 252.713916][ T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.727916][ T29] usb 5-1: config 0 descriptor?? [ 252.739682][ T29] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 252.965744][T12187] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 253.231206][T12186] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 253.236746][ T6652] usb 5-1: USB disconnect, device number 8 [ 253.239948][ T6652] ldusb 5-1:0.55: LD USB Device #0 now disconnected [ 253.315019][T12202] netlink: 'syz.3.1061': attribute type 1 has an invalid length. [ 253.347913][T12202] bond8: (slave vxcan3): The slave device specified does not support setting the MAC address [ 253.353163][T12202] bond8: (slave vxcan3): Error -95 calling set_mac_address [ 253.408652][T12206] gretap1: entered promiscuous mode [ 253.413879][T12206] bond8: (slave gretap1): making interface the new active one [ 253.417517][T12206] bond8: (slave gretap1): Enslaving as an active interface with an up link [ 253.444788][T12202] macvlan0: entered promiscuous mode [ 253.446657][T12202] macvlan0: entered allmulticast mode [ 253.448759][T12202] bond8: entered promiscuous mode [ 253.450829][T12202] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 253.458414][T12202] bond8: (slave macvlan0): the slave hw address is in use by the bond; giving it the hw address of gretap1 [ 253.466480][T12202] bond8: left promiscuous mode [ 253.518658][T12210] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1062'. [ 253.521696][T12210] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1062'. [ 253.591310][T12212] netlink: 'syz.3.1063': attribute type 1 has an invalid length. [ 253.605227][T12212] 8021q: adding VLAN 0 to HW filter on device bond9 [ 253.636547][T12212] 8021q: adding VLAN 0 to HW filter on device bond9 [ 253.639702][T12212] bond9: (slave vxcan3): The slave device specified does not support setting the MAC address [ 253.645551][T12212] bond9: (slave vxcan3): Error -95 calling set_mac_address [ 253.686161][T12214] bond10: entered promiscuous mode [ 253.690117][T12214] 8021q: adding VLAN 0 to HW filter on device bond10 [ 253.693841][T12214] bond9: (slave bond10): Enslaving as an active interface with a down link [ 253.730996][T12212] macvlan0: entered promiscuous mode [ 253.733378][T12212] macvlan0: entered allmulticast mode [ 253.735617][T12212] bond9: entered promiscuous mode [ 253.738173][T12212] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 253.743053][T12212] bond9: left promiscuous mode [ 253.920308][T12220] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1065'. [ 254.188699][T12218] syz.0.1064: page allocation failure: order:0, mode:0x10cc0(GFP_KERNEL|__GFP_NORETRY), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 254.193237][T12218] CPU: 3 UID: 0 PID: 12218 Comm: syz.0.1064 Not tainted syzkaller #0 PREEMPT(full) [ 254.193251][T12218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 254.193258][T12218] Call Trace: [ 254.193262][T12218] [ 254.193266][T12218] dump_stack_lvl+0x16c/0x1f0 [ 254.193311][T12218] warn_alloc+0x248/0x3a0 [ 254.193332][T12218] ? __pfx_warn_alloc+0x10/0x10 [ 254.193346][T12218] ? psi_memstall_leave+0x19f/0x2d0 [ 254.193359][T12218] ? __pfx___alloc_pages_direct_compact+0x10/0x10 [ 254.193372][T12218] ? psi_memstall_leave+0x1e1/0x2d0 [ 254.193385][T12218] ? psi_memstall_leave+0x1e6/0x2d0 [ 254.193399][T12218] __alloc_frozen_pages_noprof+0xea2/0x23f0 [ 254.193419][T12218] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 254.193434][T12218] ? rcu_is_watching+0x12/0xc0 [ 254.193451][T12218] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 254.193468][T12218] ? policy_nodemask+0xea/0x4e0 [ 254.193484][T12218] alloc_pages_mpol+0x1fb/0x550 [ 254.193499][T12218] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 254.193516][T12218] alloc_pages_noprof+0x131/0x390 [ 254.193531][T12218] kimage_alloc_pages+0x75/0x350 [ 254.193549][T12218] kimage_alloc_control_pages+0x153/0xa00 [ 254.193563][T12218] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 254.193578][T12218] do_kexec_load+0x478/0x8a0 [ 254.193590][T12218] ? __pfx_do_kexec_load+0x10/0x10 [ 254.193605][T12218] __ia32_compat_sys_kexec_load+0x37f/0x400 [ 254.193619][T12218] ? __pfx___ia32_compat_sys_kexec_load+0x10/0x10 [ 254.193632][T12218] ? rcu_is_watching+0x12/0xc0 [ 254.193645][T12218] __do_fast_syscall_32+0x7c/0x300 [ 254.193662][T12218] do_fast_syscall_32+0x32/0x80 [ 254.193672][T12218] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 254.193686][T12218] RIP: 0023:0xf7f23579 [ 254.193700][T12218] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 254.193710][T12218] RSP: 002b:00000000f53f555c EFLAGS: 00000296 ORIG_RAX: 000000000000011b [ 254.193720][T12218] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003 [ 254.193727][T12218] RDX: 0000000080001080 RSI: 00000000003e0000 RDI: 0000000000000000 [ 254.193733][T12218] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 254.193738][T12218] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 254.193744][T12218] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 254.193757][T12218] [ 254.193761][T12218] Mem-Info: [ 254.273681][T12218] active_anon:8738 inactive_anon:23861 isolated_anon:0 [ 254.273681][T12218] active_file:2179 inactive_file:8405 isolated_file:0 [ 254.273681][T12218] unevictable:1769 dirty:763 writeback:0 [ 254.273681][T12218] slab_reclaimable:6388 slab_unreclaimable:64078 [ 254.273681][T12218] mapped:23544 shmem:28042 pagetables:1120 [ 254.273681][T12218] sec_pagetables:316 bounce:0 [ 254.273681][T12218] kernel_misc_reclaimable:0 [ 254.273681][T12218] free:19891 free_pcp:220 free_cma:0 [ 254.288824][T12218] Node 0 active_anon:40kB inactive_anon:56kB active_file:1980kB inactive_file:364kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:1344kB dirty:504kB writeback:0kB shmem:3928kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8604kB pagetables:1076kB sec_pagetables:1140kB all_unreclaimable? yes Balloon:0kB [ 254.299476][T12218] Node 1 active_anon:33080kB inactive_anon:95136kB active_file:6764kB inactive_file:32072kB unevictable:3540kB isolated(anon):0kB isolated(file):0kB mapped:92840kB dirty:2608kB writeback:0kB shmem:108240kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6896kB pagetables:3384kB sec_pagetables:124kB all_unreclaimable? no Balloon:0kB [ 254.309565][T12218] Node 0 DMA free:1976kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 254.318698][T12218] lowmem_reserve[]: 0 288 288 288 288 [ 254.320463][T12218] Node 0 DMA32 free:15240kB boost:2048kB min:15268kB low:18572kB high:21876kB reserved_highatomic:2048KB free_highatomic:1444KB active_anon:40kB inactive_anon:56kB active_file:632kB inactive_file:1396kB unevictable:3536kB writepending:504kB present:1032196kB managed:295076kB mlocked:0kB bounce:0kB free_pcp:132kB local_pcp:0kB free_cma:0kB [ 254.340054][T12218] lowmem_reserve[]: 0 0 0 0 0 [ 254.344829][T12218] Node 1 DMA32 free:65852kB boost:20480kB min:67620kB low:79404kB high:91188kB reserved_highatomic:0KB free_highatomic:0KB active_anon:32880kB inactive_anon:95036kB active_file:6764kB inactive_file:31772kB unevictable:3540kB writepending:2608kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:908kB local_pcp:464kB free_cma:0kB [ 254.355318][T12218] lowmem_reserve[]: 0 0 0 0 0 [ 254.357322][T12218] Node 0 DMA: 2*4kB (U) 2*8kB (U) 4*16kB (U) 2*32kB (U) 3*64kB (U) 2*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 0*2048kB 0*4096kB = 1880kB [ 254.372234][T12218] Node 0 DMA32: 78*4kB (MEH) 202*8kB (UMEH) 124*16kB (UMH) 76*32kB (MEH) 46*64kB (UMH) 21*128kB (UMH) 6*256kB (UM) 1*512kB (M) 1*1024kB (H) 0*2048kB 0*4096kB = 15048kB [ 254.379047][T12218] Node 1 DMA32: 785*4kB (UME) 488*8kB (UME) 326*16kB (UME) 236*32kB (UME) 145*64kB (UME) 65*128kB (UME) 36*256kB (UME) 20*512kB (UM) 10*1024kB (UM) 0*2048kB 0*4096kB = 67108kB [ 254.391151][T12218] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 254.407777][T12218] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 254.411562][T12218] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 254.442725][T12218] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 254.445745][T12218] 37808 total pagecache pages [ 254.447556][T12218] 69 pages in swap cache [ 254.453500][T12218] Free swap = 112236kB [ 254.455597][T12218] Total swap = 124996kB [ 254.477863][T12218] 524155 pages RAM [ 254.479549][T12218] 0 pages HighMem/MovableOnly [ 254.481520][T12218] 209491 pages reserved [ 254.489537][T12218] 0 pages cma reserved [ 254.859921][T12218] kexec: Could not allocate control_code_buffer [ 255.028953][T12236] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.204609][T12236] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 255.213371][T12236] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 255.244427][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.247020][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.289175][T12236] macsec1: left promiscuous mode [ 255.291112][T12236] macsec1: left allmulticast mode [ 255.297026][T12236] bond2: left promiscuous mode [ 255.300159][T12236] gretap1: left promiscuous mode [ 255.342398][ T6273] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.346234][T12243] tipc: Enabling of bearer rejected, failed to enable media [ 255.350258][ T6273] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.354345][ T6273] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.357943][ T6273] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 255.548397][T12249] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 255.567957][T12248] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 255.589242][T12252] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1074'. [ 256.202573][T12271] tipc: Enabling of bearer rejected, failed to enable media [ 258.334895][T12308] 8021q: VLANs not supported on ip6gre0 [ 258.437216][T12312] lo: entered allmulticast mode [ 258.440616][T12310] tipc: Enabling of bearer rejected, failed to enable media [ 258.498805][T12317] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1093'. [ 259.588447][T12339] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1100'. [ 259.607515][T12341] netlink: 'syz.2.1101': attribute type 1 has an invalid length. [ 259.641770][T12341] bond8: (slave vxcan3): The slave device specified does not support setting the MAC address [ 259.647185][T12341] bond8: (slave vxcan3): Error -95 calling set_mac_address [ 259.706647][T12347] gretap2: entered promiscuous mode [ 259.711245][T12347] bond8: (slave gretap2): making interface the new active one [ 259.720163][T12347] bond8: (slave gretap2): Enslaving as an active interface with an up link [ 259.766772][T12341] macvlan0: entered promiscuous mode [ 259.768676][T12341] macvlan0: entered allmulticast mode [ 259.771370][T12341] bond8: entered promiscuous mode [ 259.773559][T12341] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 259.777913][T12341] bond8: (slave macvlan0): the slave hw address is in use by the bond; giving it the hw address of gretap2 [ 259.792497][T12341] bond8: left promiscuous mode [ 259.993852][T12355] lo: entered allmulticast mode [ 264.406234][T12449] xfrm0: left promiscuous mode [ 264.407905][T12449] xfrm0: left allmulticast mode [ 264.444739][T12449] vlan0: left promiscuous mode [ 264.446252][T12449] bond4: left promiscuous mode [ 264.447861][T12449] gretap1: left promiscuous mode [ 264.450387][T12449] vlan0: left allmulticast mode [ 264.451974][T12449] bond4: left allmulticast mode [ 264.453681][T12449] gretap1: left allmulticast mode [ 264.490149][T12449] bond6: left promiscuous mode [ 264.494555][T12449] veth7: left promiscuous mode [ 264.497941][ T5986] Bluetooth: hci1: Malformed LE Event: 0x0b [ 264.502667][T12449] wireguard0: left promiscuous mode [ 264.504412][T12449] wireguard0: left allmulticast mode [ 264.507175][T12449] gretap2: left promiscuous mode [ 265.559342][T12471] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1138'. [ 266.150610][T12483] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1140'. [ 266.528302][T12486] netlink: 'syz.3.1141': attribute type 16 has an invalid length. [ 266.531598][T12486] netlink: 'syz.3.1141': attribute type 17 has an invalid length. [ 266.568993][T12486] 8021q: adding VLAN 0 to HW filter on device bond0 [ 266.572336][T12486] 8021q: adding VLAN 0 to HW filter on device team0 [ 266.579037][T12486] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 266.585794][ T1020] lo speed is unknown, defaulting to 1000 [ 266.588306][ T1020] syz2: Port: 1 Link ACTIVE [ 266.632863][T12488] tipc: Enabled bearer , priority 0 [ 266.637009][T12488] syzkaller0: entered promiscuous mode [ 266.639265][T12488] syzkaller0: entered allmulticast mode [ 266.717073][T12488] tipc: Resetting bearer [ 266.722887][T12487] tipc: Resetting bearer [ 266.734567][T12487] tipc: Disabling bearer [ 266.887779][T12500] lo speed is unknown, defaulting to 1000 [ 266.936889][T12502] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1144'. [ 267.005510][T12500] lo speed is unknown, defaulting to 1000 [ 267.943269][ T5986] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 267.946996][ T5986] CPU: 1 UID: 0 PID: 5986 Comm: kworker/u33:5 Not tainted syzkaller #0 PREEMPT(full) [ 267.947023][ T5986] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 267.947032][ T5986] Workqueue: hci0 hci_rx_work [ 267.947051][ T5986] Call Trace: [ 267.947056][ T5986] [ 267.947060][ T5986] dump_stack_lvl+0x16c/0x1f0 [ 267.947079][ T5986] sysfs_warn_dup+0x7f/0xa0 [ 267.947094][ T5986] sysfs_create_dir_ns+0x24b/0x2b0 [ 267.947108][ T5986] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 267.947120][ T5986] ? find_held_lock+0x2b/0x80 [ 267.947134][ T5986] ? do_raw_spin_unlock+0x172/0x230 [ 267.947152][ T5986] kobject_add_internal+0x2c4/0x9b0 [ 267.947166][ T5986] kobject_add+0x16e/0x240 [ 267.947177][ T5986] ? __pfx_kobject_add+0x10/0x10 [ 267.947191][ T5986] ? kobject_put+0xab/0x5a0 [ 267.947205][ T5986] device_add+0x288/0x1aa0 [ 267.947217][ T5986] ? __pfx_dev_set_name+0x10/0x10 [ 267.947230][ T5986] ? __pfx_device_add+0x10/0x10 [ 267.947242][ T5986] ? mgmt_send_event_skb+0x2fb/0x460 [ 267.947260][ T5986] hci_conn_add_sysfs+0x17e/0x230 [ 267.947276][ T5986] le_conn_complete_evt+0x1075/0x1d70 [ 267.947294][ T5986] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 267.947307][ T5986] ? hci_event_packet+0x459/0x11c0 [ 267.947325][ T5986] hci_le_conn_complete_evt+0x23c/0x370 [ 267.947342][ T5986] hci_le_meta_evt+0x357/0x5e0 [ 267.947357][ T5986] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 267.947373][ T5986] hci_event_packet+0x682/0x11c0 [ 267.947386][ T5986] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 267.947401][ T5986] ? __pfx_hci_event_packet+0x10/0x10 [ 267.947416][ T5986] ? kcov_remote_start+0x3c9/0x6d0 [ 267.947432][ T5986] ? lockdep_hardirqs_on+0x7c/0x110 [ 267.947461][ T5986] hci_rx_work+0x2c5/0x16b0 [ 267.947477][ T5986] ? rcu_is_watching+0x12/0xc0 [ 267.947491][ T5986] process_one_work+0x9cf/0x1b70 [ 267.947516][ T5986] ? __pfx_process_one_work+0x10/0x10 [ 267.947556][ T5986] ? assign_work+0x1a0/0x250 [ 267.947574][ T5986] worker_thread+0x6c8/0xf10 [ 267.947589][ T5986] ? __kthread_parkme+0x19e/0x250 [ 267.947605][ T5986] ? __pfx_worker_thread+0x10/0x10 [ 267.947615][ T5986] kthread+0x3c5/0x780 [ 267.947632][ T5986] ? __pfx_kthread+0x10/0x10 [ 267.947663][ T5986] ? rcu_is_watching+0x12/0xc0 [ 267.947674][ T5986] ? __pfx_kthread+0x10/0x10 [ 267.947689][ T5986] ret_from_fork+0x56d/0x730 [ 267.947706][ T5986] ? __pfx_kthread+0x10/0x10 [ 267.947722][ T5986] ret_from_fork_asm+0x1a/0x30 [ 267.947743][ T5986] [ 267.947947][ T5986] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 268.063475][ T5986] Bluetooth: hci0: failed to register connection device [ 268.975300][T12533] syz.2.1155: page allocation failure: order:0, mode:0x10cc0(GFP_KERNEL|__GFP_NORETRY), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 268.979498][T12533] CPU: 1 UID: 0 PID: 12533 Comm: syz.2.1155 Not tainted syzkaller #0 PREEMPT(full) [ 268.979512][T12533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 268.979518][T12533] Call Trace: [ 268.979522][T12533] [ 268.979527][T12533] dump_stack_lvl+0x16c/0x1f0 [ 268.979547][T12533] warn_alloc+0x248/0x3a0 [ 268.979561][T12533] ? __pfx_warn_alloc+0x10/0x10 [ 268.979575][T12533] ? psi_memstall_leave+0x19f/0x2d0 [ 268.979589][T12533] ? __pfx___alloc_pages_direct_compact+0x10/0x10 [ 268.979601][T12533] ? psi_memstall_leave+0x1e1/0x2d0 [ 268.979614][T12533] ? psi_memstall_leave+0x1e6/0x2d0 [ 268.979628][T12533] __alloc_frozen_pages_noprof+0xea2/0x23f0 [ 268.979648][T12533] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 268.979666][T12533] ? lockdep_hardirqs_on+0x7c/0x110 [ 268.979684][T12533] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 268.979702][T12533] ? policy_nodemask+0xea/0x4e0 [ 268.979718][T12533] alloc_pages_mpol+0x1fb/0x550 [ 268.979732][T12533] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 268.979750][T12533] alloc_pages_noprof+0x131/0x390 [ 268.979764][T12533] kimage_alloc_pages+0x75/0x350 [ 268.979783][T12533] kimage_alloc_control_pages+0x153/0xa00 [ 268.979797][T12533] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 268.979811][T12533] do_kexec_load+0x478/0x8a0 [ 268.979823][T12533] ? __pfx_do_kexec_load+0x10/0x10 [ 268.979838][T12533] __ia32_compat_sys_kexec_load+0x37f/0x400 [ 268.979851][T12533] ? __pfx___ia32_compat_sys_kexec_load+0x10/0x10 [ 268.979868][T12533] ? rcu_is_watching+0x12/0xc0 [ 268.979881][T12533] __do_fast_syscall_32+0x7c/0x300 [ 268.979899][T12533] do_fast_syscall_32+0x32/0x80 [ 268.979909][T12533] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 268.979922][T12533] RIP: 0023:0xf70be579 [ 268.979931][T12533] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 268.979941][T12533] RSP: 002b:00000000f54ae55c EFLAGS: 00000296 ORIG_RAX: 000000000000011b [ 268.979951][T12533] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000000003 [ 268.979958][T12533] RDX: 0000000080001080 RSI: 00000000003e0000 RDI: 0000000000000000 [ 268.979964][T12533] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 268.979970][T12533] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 268.979976][T12533] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 268.979988][T12533] [ 268.979992][T12533] Mem-Info: [ 269.067693][T12533] active_anon:7004 inactive_anon:21968 isolated_anon:0 [ 269.067693][T12533] active_file:4649 inactive_file:6094 isolated_file:0 [ 269.067693][T12533] unevictable:1768 dirty:35 writeback:0 [ 269.067693][T12533] slab_reclaimable:6422 slab_unreclaimable:64421 [ 269.067693][T12533] mapped:23600 shmem:26897 pagetables:1167 [ 269.067693][T12533] sec_pagetables:319 bounce:0 [ 269.067693][T12533] kernel_misc_reclaimable:0 [ 269.067693][T12533] free:27262 free_pcp:523 free_cma:0 [ 269.085585][T12533] Node 0 active_anon:28kB inactive_anon:40kB active_file:0kB inactive_file:48kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:472kB dirty:8kB writeback:0kB shmem:3932kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8560kB pagetables:1080kB sec_pagetables:1144kB all_unreclaimable? yes Balloon:0kB [ 269.097704][T12533] Node 1 active_anon:27888kB inactive_anon:87832kB active_file:18596kB inactive_file:24328kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:93928kB dirty:132kB writeback:0kB shmem:103556kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6832kB pagetables:3588kB sec_pagetables:132kB all_unreclaimable? no Balloon:0kB [ 269.112289][T12533] Node 0 DMA free:1872kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 269.128610][T12533] lowmem_reserve[]: 0 288 288 288 288 [ 269.131935][T12533] Node 0 DMA32 free:16724kB boost:2048kB min:15268kB low:18572kB high:21876kB reserved_highatomic:4096KB free_highatomic:2528KB active_anon:152kB inactive_anon:68kB active_file:488kB inactive_file:28kB unevictable:3536kB writepending:8kB present:1032196kB managed:295076kB mlocked:0kB bounce:0kB free_pcp:112kB local_pcp:0kB free_cma:0kB [ 269.145153][T12535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1156'. [ 269.182718][T12533] lowmem_reserve[]: 0 0 0 0 0 [ 269.185028][T12533] Node 1 DMA32 free:89336kB boost:38912kB min:86052kB low:97836kB high:109620kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28288kB inactive_anon:87032kB active_file:19096kB inactive_file:24328kB unevictable:3536kB writepending:172kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:3764kB local_pcp:892kB free_cma:0kB [ 269.199286][T12533] lowmem_reserve[]: 0 0 0 0 0 [ 269.200890][T12533] Node 0 DMA: 1*4kB (U) 1*8kB (U) 5*16kB (U) 5*32kB (U) 2*64kB (U) 2*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 0*2048kB 0*4096kB = 1916kB [ 269.206290][T12533] Node 0 DMA32: 194*4kB (UMEH) 176*8kB (MEH) 119*16kB (MEH) 90*32kB (UMH) 41*64kB (MH) 18*128kB (MH) 6*256kB (MH) 4*512kB (UH) 1*1024kB (U) 0*2048kB 0*4096kB = 16504kB [ 269.282668][T12533] Node 1 DMA32: 6*4kB (E) 756*8kB (UME) 601*16kB (UME) 420*32kB (UME) 203*64kB (UME) 97*128kB (UME) 40*256kB (UME) 16*512kB (UM) 7*1024kB (UM) 3*2048kB (UM) 0*4096kB = 86280kB [ 269.289754][T12533] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 269.302988][T12533] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 269.305944][T12533] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 269.308972][T12533] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 269.311918][T12533] 39394 total pagecache pages [ 269.322801][T12533] 161 pages in swap cache [ 269.324318][T12533] Free swap = 101564kB [ 269.325697][T12533] Total swap = 124996kB [ 269.327056][T12533] 524155 pages RAM [ 269.328361][T12533] 0 pages HighMem/MovableOnly [ 269.329879][T12533] 209491 pages reserved [ 269.331225][T12533] 0 pages cma reserved [ 270.212924][ T5991] Bluetooth: hci2: command 0x0406 tx timeout [ 270.814401][T12546] syz.1.1157 (12546) used greatest stack depth: 19656 bytes left [ 270.824090][T12533] kexec: Could not allocate control_code_buffer [ 270.979268][T12559] lo speed is unknown, defaulting to 1000 [ 271.079568][T12559] lo speed is unknown, defaulting to 1000 [ 271.241102][T12540] syz.0.1164 (12540) used greatest stack depth: 17960 bytes left [ 271.586273][T12571] macsec1: left promiscuous mode [ 271.588588][T12571] macsec1: left allmulticast mode [ 271.607346][T12571] bond1: left allmulticast mode [ 271.678623][T12571] bond4: left promiscuous mode [ 271.681176][ T6287] netdevsim netdevsim0 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 271.684238][ T6287] netdevsim netdevsim0 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 271.687102][ T6287] netdevsim netdevsim0 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 271.690301][ T6287] netdevsim netdevsim0 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 271.747128][T12573] ªªªªª»: renamed from hsr0 [ 275.169749][T12618] bond5: left promiscuous mode [ 275.177233][T12618] bond7: left promiscuous mode [ 275.186027][T12618] gretap1: left promiscuous mode [ 275.195115][T12618] bond10: left promiscuous mode [ 275.282210][ T29] lo speed is unknown, defaulting to 1000 [ 275.317815][ T29] syz2: Port: 1 Link DOWN [ 277.831704][T12676] netlink: 'syz.1.1194': attribute type 1 has an invalid length. [ 277.869652][T12676] 8021q: adding VLAN 0 to HW filter on device bond4 [ 277.915689][T12676] bond4: (slave veth7): Enslaving as an active interface with a down link [ 278.008876][T12676] bond4: (slave veth0_to_bond): Enslaving as an active interface with a down link [ 278.044923][T12676] vlan0: entered allmulticast mode [ 278.046832][T12676] veth0_to_bond: entered allmulticast mode [ 278.055782][T12676] veth0_to_bond: entered promiscuous mode [ 278.065229][T12676] veth0_to_bond: left promiscuous mode [ 278.072777][T12676] veth0_to_bond: entered promiscuous mode [ 278.079109][T12676] bond4: (slave vlan0): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 278.087602][T12676] veth0_to_bond: left promiscuous mode [ 278.391384][T12691] tipc: Enabling of bearer rejected, failed to enable media [ 278.494895][T12695] IPVS: Error connecting to the multicast addr [ 281.055034][T12735] IPVS: Error connecting to the multicast addr [ 283.053755][T12774] overlayfs: failed to clone lowerpath [ 283.847682][T12784] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1232'. [ 284.901032][T12808] tipc: Enabling of bearer rejected, failed to enable media [ 285.969696][T12830] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1240'. [ 286.008880][T12832] sch_tbf: burst 1023 is lower than device lo mtu (65550) ! [ 287.056131][T12851] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 291.385605][T12915] lo speed is unknown, defaulting to 1000 [ 291.744773][T12915] lo speed is unknown, defaulting to 1000 [ 295.840889][T13012] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1288'. [ 296.245685][T13014] tipc: Enabled bearer , priority 0 [ 296.249771][T13014] syzkaller0: entered promiscuous mode [ 296.252231][T13014] syzkaller0: entered allmulticast mode [ 296.277047][T13014] tipc: Resetting bearer [ 296.284362][T13013] tipc: Resetting bearer [ 296.295847][T13013] tipc: Disabling bearer [ 297.317138][T13029] overlayfs: failed to clone lowerpath [ 298.519583][ T40] kauditd_printk_skb: 27 callbacks suppressed [ 298.519602][ T40] audit: type=1800 audit(1758795264.273:624): pid=13046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1299" name="bus" dev="ramfs" ino=36357 res=0 errno=0 [ 300.455535][T13080] overlayfs: failed to clone upperpath [ 300.866960][T13091] tipc: Enabled bearer , priority 0 [ 300.869936][T13091] syzkaller0: entered promiscuous mode [ 300.872077][T13091] syzkaller0: entered allmulticast mode [ 300.892545][T13091] tipc: Resetting bearer [ 300.897504][T13090] tipc: Resetting bearer [ 300.908320][T13090] tipc: Disabling bearer [ 301.712021][T13105] tipc: Enabling of bearer rejected, failed to enable media [ 302.343544][ T40] audit: type=1326 audit(1758795268.103:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.1321" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 302.353055][ T40] audit: type=1326 audit(1758795268.103:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.1321" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 302.360083][ T40] audit: type=1326 audit(1758795268.103:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.1321" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f235a7 code=0x7ffc0000 [ 302.368733][ T40] audit: type=1326 audit(1758795268.103:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.1321" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 302.376284][ T40] audit: type=1326 audit(1758795268.103:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.1321" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f235a7 code=0x7ffc0000 [ 302.384536][ T40] audit: type=1326 audit(1758795268.103:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.1321" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 302.392109][ T40] audit: type=1326 audit(1758795268.103:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.1321" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 302.401958][ T40] audit: type=1326 audit(1758795268.103:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.1321" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f235a7 code=0x7ffc0000 [ 302.411549][ T40] audit: type=1326 audit(1758795268.103:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13114 comm="syz.0.1321" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 305.728984][T13167] netlink: 'syz.1.1335': attribute type 5 has an invalid length. [ 305.731679][T13167] netlink: 'syz.1.1335': attribute type 7 has an invalid length. [ 305.790609][T13167] : entered promiscuous mode [ 305.856833][T13166] overlayfs: failed to clone upperpath [ 306.211218][T13177] bridge0: port 3(erspan0) entered blocking state [ 306.213451][T13177] bridge0: port 3(erspan0) entered disabled state [ 306.215500][T13177] erspan0: entered allmulticast mode [ 306.217872][T13177] erspan0: entered promiscuous mode [ 306.810499][T13182] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1342'. [ 306.989945][T13189] overlayfs: failed to clone lowerpath [ 307.283605][T13197] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1346'. [ 308.330159][T13223] sp0: Synchronizing with TNC [ 308.336317][T13223] capability: warning: `syz.0.1352' uses 32-bit capabilities (legacy support in use) [ 309.722325][T13249] netlink: 136784 bytes leftover after parsing attributes in process `syz.2.1360'. [ 309.726474][T13249] netlink: zone id is out of range [ 309.728774][T13249] netlink: zone id is out of range [ 309.732573][T13249] netlink: zone id is out of range [ 309.735315][T13249] netlink: zone id is out of range [ 309.737637][T13249] netlink: zone id is out of range [ 309.739712][T13249] netlink: zone id is out of range [ 309.741853][T13249] netlink: zone id is out of range [ 309.744602][T13249] netlink: zone id is out of range [ 309.746876][T13249] netlink: zone id is out of range [ 309.748832][T13249] netlink: zone id is out of range [ 310.070571][T13263] tipc: Enabling of bearer rejected, failed to enable media [ 310.166799][T13267] netlink: 'syz.0.1365': attribute type 5 has an invalid length. [ 310.170444][T13267] netlink: 'syz.0.1365': attribute type 7 has an invalid length. [ 310.212033][T13267] : entered promiscuous mode [ 310.654415][T13282] tipc: Enabling of bearer rejected, failed to enable media [ 311.365577][T13299] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1373'. [ 314.937737][T13353] tipc: Enabling of bearer rejected, failed to enable media [ 315.623575][T13376] netlink: 'syz.0.1394': attribute type 10 has an invalid length. [ 315.647047][T13376] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 316.694773][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.697798][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 316.971103][T13402] tipc: Enabled bearer , priority 0 [ 316.973745][T13402] syzkaller0: entered promiscuous mode [ 316.975720][T13402] syzkaller0: entered allmulticast mode [ 316.979187][T13402] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) ! [ 317.029337][T13402] tipc: Resetting bearer [ 317.033623][T13401] tipc: Resetting bearer [ 317.083888][T13401] tipc: Disabling bearer [ 317.899761][T13425] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1412'. [ 320.051946][T13457] delete_channel: no stack [ 320.381442][T13472] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1422'. [ 320.514723][T13473] netlink: 'syz.3.1416': attribute type 5 has an invalid length. [ 320.518012][T13473] netlink: 'syz.3.1416': attribute type 7 has an invalid length. [ 321.727982][ T40] kauditd_printk_skb: 1115 callbacks suppressed [ 321.727993][ T40] audit: type=1800 audit(1758795287.483:1749): pid=13490 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1428" name="bus" dev="ramfs" ino=39042 res=0 errno=0 [ 322.168829][ T40] audit: type=1800 audit(1758795287.923:1750): pid=13497 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1430" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 322.209354][T13499] tipc: Enabling of bearer rejected, failed to enable media [ 323.997429][ T40] audit: type=1800 audit(1758795289.753:1751): pid=13537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1441" name="bus" dev="ramfs" ino=40114 res=0 errno=0 [ 324.413916][T13543] overlayfs: failed to clone upperpath [ 324.515421][T13554] tipc: Enabling of bearer rejected, failed to enable media [ 325.785292][T13579] netlink: 'syz.3.1455': attribute type 3 has an invalid length. [ 325.972471][T13586] tipc: Enabling of bearer rejected, failed to enable media [ 326.806780][T13605] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1462'. [ 328.480483][T13638] delete_channel: no stack [ 329.574606][ T40] audit: type=1800 audit(1758795295.333:1752): pid=13664 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1477" name="bus" dev="ramfs" ino=40198 res=0 errno=0 [ 330.373180][T13677] tipc: Started in network mode [ 330.374859][T13677] tipc: Node identity fa1299d6708b, cluster identity 4711 [ 330.377172][T13677] tipc: Enabled bearer , priority 0 [ 330.411250][T13679] tipc: Enabling of bearer rejected, already enabled [ 331.107804][T13692] tipc: Enabling of bearer rejected, failed to enable media [ 331.165533][T13695] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1487'. [ 331.491440][ T40] audit: type=1800 audit(1758795297.243:1753): pid=13707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1490" name="bus" dev="ramfs" ino=40235 res=0 errno=0 [ 331.507711][ T6652] tipc: Node number set to 2325322198 [ 331.888756][ T6652] IPVS: starting estimator thread 0... [ 331.979603][T13716] IPVS: using max 43 ests per chain, 103200 per kthread [ 333.727040][T13742] tipc: Enabling of bearer rejected, failed to enable media [ 334.509984][T13767] netlink: 'syz.2.1506': attribute type 5 has an invalid length. [ 334.513065][T13767] netlink: 'syz.2.1506': attribute type 7 has an invalid length. [ 334.536691][T13767] : entered promiscuous mode [ 335.719197][T13787] syz.3.1514 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 336.600132][T13806] netlink: 'syz.2.1521': attribute type 4 has an invalid length. [ 336.638552][ T5986] Bluetooth: hci3: hcon ffff88804bd0c000 sent 1 < count 65535 [ 336.665889][ T5986] Bluetooth: hci3: hcon ffff88804bd0c000 sent 0 < count 169 [ 336.668724][ T5986] Bluetooth: hci3: hcon ffff88804bd0c000 sent 0 < count 2 [ 336.779984][T13815] tipc: Enabling of bearer rejected, failed to enable media [ 336.950733][T13820] team0: Port device team_slave_0 removed [ 337.141803][ T6286] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 337.146272][ T6286] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 337.164536][ T5986] Bluetooth: hci2: link tx timeout [ 337.166736][ T5986] Bluetooth: hci2: killing stalled connection 10:aa:aa:aa:aa:aa [ 337.169970][ T5986] Bluetooth: hci2: link tx timeout [ 338.572817][T13847] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1530'. [ 338.575793][T13847] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1530'. [ 338.587160][T13847] macsec1: entered promiscuous mode [ 338.589218][T13847] gretap0: entered promiscuous mode [ 338.591382][T13847] macsec1: entered allmulticast mode [ 338.593160][T13847] gretap0: entered allmulticast mode [ 339.250389][ T5986] Bluetooth: hci2: command 0x0406 tx timeout [ 339.698257][ T40] audit: type=1800 audit(1758795561.458:1754): pid=13863 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1536" name="bus" dev="ramfs" ino=40317 res=0 errno=0 [ 339.944349][T13869] capability: warning: `syz.2.1538' uses deprecated v2 capabilities in a way that may be insecure [ 340.229490][T13874] tipc: Enabling of bearer rejected, failed to enable media [ 340.261555][T13876] netlink: 'syz.1.1540': attribute type 4 has an invalid length. [ 340.264268][T13876] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1540'. [ 340.500852][T13895] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1546'. [ 341.314163][ T5991] Bluetooth: hci3: unexpected event for opcode 0x202d [ 341.784948][T13915] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1552'. [ 342.249892][ T40] audit: type=1800 audit(1758795563.999:1755): pid=13925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1554" name="bus" dev="ramfs" ino=40349 res=0 errno=0 [ 345.063628][ T40] audit: type=1326 audit(1758795566.831:1756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.0.1569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 345.105126][ T40] audit: type=1326 audit(1758795566.831:1757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.0.1569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 345.114919][ T40] audit: type=1326 audit(1758795566.831:1758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.0.1569" exe="/syz-executor" sig=0 arch=40000003 syscall=321 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 345.122743][ T40] audit: type=1326 audit(1758795566.831:1759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.0.1569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 345.130407][ T40] audit: type=1326 audit(1758795566.831:1760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.0.1569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 345.139528][ T40] audit: type=1326 audit(1758795566.831:1761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.0.1569" exe="/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 345.147664][ T40] audit: type=1326 audit(1758795566.831:1762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.0.1569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 345.154513][ T40] audit: type=1326 audit(1758795566.831:1763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.0.1569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 345.162752][ T40] audit: type=1326 audit(1758795566.831:1764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.0.1569" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 345.180778][ T40] audit: type=1326 audit(1758795566.841:1765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13951 comm="syz.0.1569" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f23579 code=0x7ffc0000 [ 346.251216][T13986] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1572'. [ 346.258723][T13985] net_ratelimit: 4052 callbacks suppressed [ 346.258735][T13985] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 347.762674][T14007] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 350.411855][T14055] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 350.414090][T14055] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 350.430622][T14055] vhci_hcd vhci_hcd.0: Device attached [ 350.725874][ T29] usb 38-1: SetAddress Request (2) to port 0 [ 350.731890][ T29] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd [ 351.054565][T14058] vhci_hcd: connection reset by peer [ 351.073047][ T6244] vhci_hcd: stop threads [ 351.074959][ T6244] vhci_hcd: release socket [ 351.078827][ T6244] vhci_hcd: disconnect device [ 353.273170][ T40] kauditd_printk_skb: 15 callbacks suppressed [ 353.273192][ T40] audit: type=1804 audit(1758795575.015:1781): pid=14107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1600" name="bus" dev="tmpfs" ino=2180 res=1 errno=0 [ 353.629530][T14116] tipc: Enabling of bearer rejected, failed to enable media [ 353.795438][ T40] audit: type=1326 audit(1758795575.535:1782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14119 comm="syz.2.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 353.802210][ T40] audit: type=1326 audit(1758795575.535:1783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14119 comm="syz.2.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 353.822932][ T40] audit: type=1326 audit(1758795575.545:1784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14119 comm="syz.2.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=321 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 353.834004][ T40] audit: type=1326 audit(1758795575.545:1785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14119 comm="syz.2.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 353.840684][ T40] audit: type=1326 audit(1758795575.545:1786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14119 comm="syz.2.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 353.854202][ T40] audit: type=1326 audit(1758795575.575:1787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14119 comm="syz.2.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=8 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 353.862377][ T40] audit: type=1326 audit(1758795575.575:1788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14119 comm="syz.2.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 353.869546][ T40] audit: type=1326 audit(1758795575.575:1789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14119 comm="syz.2.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 353.878694][ T40] audit: type=1326 audit(1758795575.575:1790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14119 comm="syz.2.1603" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 355.792175][ T29] usb 38-1: device descriptor read/8, error -110 [ 356.202780][ T29] usb usb38-port1: attempt power cycle [ 356.217183][T14144] netlink: 'syz.0.1611': attribute type 3 has an invalid length. [ 356.219683][T14144] netlink: 'syz.0.1611': attribute type 1 has an invalid length. [ 356.222933][T14144] netlink: 193500 bytes leftover after parsing attributes in process `syz.0.1611'. [ 356.846350][ T29] usb usb38-port1: unable to enumerate USB device [ 357.721134][ T5991] Bluetooth: hci2: unexpected event for opcode 0x202d [ 357.921534][T14166] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7) [ 357.923870][T14166] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 357.929904][T14166] vhci_hcd vhci_hcd.0: Device attached [ 357.935043][T14174] vhci_hcd: connection closed [ 357.937044][ T1140] vhci_hcd: stop threads [ 357.943024][ T1140] vhci_hcd: release socket [ 357.944945][ T1140] vhci_hcd: disconnect device [ 361.398728][T14223] tipc: Enabled bearer , priority 0 [ 361.402552][T14223] syzkaller0: entered promiscuous mode [ 361.404312][T14223] syzkaller0: entered allmulticast mode [ 361.445256][T14223] tipc: Resetting bearer [ 361.450875][T14222] tipc: Resetting bearer [ 361.485796][T14222] tipc: Disabling bearer [ 362.548416][T14246] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1636'. [ 362.552442][T14246] sch_tbf: burst 274 is lower than device lo mtu (65550) ! [ 362.656225][ T40] kauditd_printk_skb: 6 callbacks suppressed [ 362.656242][ T40] audit: type=1804 audit(1758795584.380:1797): pid=14247 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1634" name="bus" dev="tmpfs" ino=2021 res=1 errno=0 [ 364.817958][T14269] netlink: 'gtp': attribute type 4 has an invalid length. [ 366.077412][T14293] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 367.397270][T14306] 8021q: adding VLAN 0 to HW filter on device bond11 [ 367.422033][T14306] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 367.427982][T14306] bond11: (slave macvlan0): Enslaving as a backup interface with an up link [ 367.443073][T14306] erspan0: left allmulticast mode [ 367.444894][T14306] erspan0: left promiscuous mode [ 367.446882][T14306] bridge0: port 3(erspan0) entered disabled state [ 367.450737][T14306] bridge_slave_0: left allmulticast mode [ 367.452646][T14306] bridge_slave_0: left promiscuous mode [ 367.454570][T14306] bridge0: port 1(bridge_slave_0) entered disabled state [ 367.458329][T14306] bridge_slave_1: left allmulticast mode [ 367.460442][T14306] bridge_slave_1: left promiscuous mode [ 367.462397][T14306] bridge0: port 2(bridge_slave_1) entered disabled state [ 367.467527][T14306] bond0: (slave bond_slave_0): Releasing backup interface [ 367.471175][T14306] bond0: (slave bond_slave_1): Releasing backup interface [ 367.475781][T14306] team0: Port device team_slave_0 removed [ 367.478777][T14306] team0: Port device team_slave_1 removed [ 367.480883][T14306] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 367.483751][T14306] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 367.490543][T14306] bond1: (slave erspan1): Releasing active interface [ 367.495870][T14306] bond2: (slave geneve2): Releasing active interface [ 367.500540][T14306] bond3: left allmulticast mode [ 367.502644][T14306] bond3: left promiscuous mode [ 367.504769][T14306] bridge1: port 1(bond3) entered disabled state [ 367.508379][ T60] bond11: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 367.516961][T14306] geneve3: left allmulticast mode [ 367.519239][T14306] geneve3: left promiscuous mode [ 367.521264][T14306] bridge1: port 2(geneve3) entered disabled state [ 367.528946][T14306] bond4: (slave bond5): Releasing active interface [ 367.532560][T14306] bond6: (slave bond7): Releasing active interface [ 367.537720][T14306] bond8: (slave gretap1): Releasing active interface [ 367.541714][T14306] bond9: (slave bond10): Releasing active interface [ 367.545646][T14306] bond11: (slave macvlan0): Removing an active aggregator [ 367.549817][T14306] bond11: (slave macvlan0): Releasing backup interface [ 367.897110][T14321] tipc: Enabled bearer , priority 0 [ 367.900483][T14321] syzkaller0: entered promiscuous mode [ 367.902468][T14321] syzkaller0: entered allmulticast mode [ 367.976864][T14327] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.1654'. [ 367.982345][T14321] tipc: Resetting bearer [ 367.988184][T14320] tipc: Resetting bearer [ 368.002450][T14320] tipc: Disabling bearer [ 368.980723][T14341] tipc: Enabling of bearer rejected, failed to enable media [ 369.252932][T14349] binder: BINDER_SET_CONTEXT_MGR bad uid 60928 != 0 [ 369.255965][T14349] binder: 14345:14349 ioctl 4018620d 80000040 returned -1 [ 370.891720][T14370] tipc: Enabling of bearer rejected, failed to enable media [ 371.916594][ T29] libceph: connect (1)[c::]:6789 error -101 [ 371.919281][ T29] libceph: mon0 (1)[c::]:6789 connect error [ 371.964048][ T40] audit: type=1804 audit(1758795593.744:1798): pid=14391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1666" name="bus" dev="tmpfs" ino=2228 res=1 errno=0 [ 371.995999][T14388] ceph: No mds server is up or the cluster is laggy [ 372.306249][T14400] loop8: detected capacity change from 0 to 7 [ 372.321866][T14400] Dev loop8: unable to read RDB block 7 [ 372.325552][T14400] loop8: AHDI p1 p2 p3 [ 372.327096][T14400] loop8: partition table partially beyond EOD, truncated [ 372.331032][T14400] loop8: p1 start 1601398130 is beyond EOD, truncated [ 372.334168][T14400] loop8: p2 start 1702059890 is beyond EOD, truncated [ 372.467973][T14399] Dev loop8: unable to read RDB block 7 [ 372.470243][T14399] loop8: AHDI p1 p2 p3 [ 372.480961][T14399] loop8: partition table partially beyond EOD, truncated [ 372.484600][T14399] loop8: p1 start 1601398130 is beyond EOD, truncated [ 372.496962][T14399] loop8: p2 start 1702059890 is beyond EOD, truncated [ 372.816936][T14404] 9pnet_fd: p9_fd_create_unix (14404): address too long: ./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 373.133464][T14410] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1674'. [ 373.354953][T14410] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 373.365811][T14410] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 373.376253][T14410] bond0 (unregistering): (slave vxlan1): Releasing backup interface [ 373.382903][T14410] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 373.453109][T14410] bond0 (unregistering): Released all slaves [ 373.731766][T14415] tipc: Enabling of bearer rejected, already enabled [ 373.735886][T14418] tipc: Enabling of bearer rejected, failed to enable media [ 374.079755][T14423] netlink: 'syz.3.1681': attribute type 1 has an invalid length. [ 374.655068][T14445] tipc: Enabling of bearer rejected, already enabled [ 375.561709][T14465] 8021q: adding VLAN 0 to HW filter on device bond5 [ 375.861049][T14465] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 375.866571][T14465] bond5: (slave macvlan0): Enslaving as a backup interface with an up link [ 375.870099][T14468] bridge_slave_0: left allmulticast mode [ 375.872646][T14468] bridge_slave_0: left promiscuous mode [ 375.878900][T14468] bridge0: port 1(bridge_slave_0) entered disabled state [ 375.912564][ T60] bond5: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 375.922603][T14468] bridge_slave_1: left allmulticast mode [ 375.939798][T14468] bridge_slave_1: left promiscuous mode [ 375.958591][T14468] bridge0: port 2(bridge_slave_1) entered disabled state [ 375.984209][T14468] bond4: (slave veth0_to_bond): Releasing active interface [ 375.990590][T14468] bond0: (slave bond_slave_0): Releasing backup interface [ 375.997482][T14468] bond0: (slave bond_slave_1): Releasing backup interface [ 376.014279][T14468] team0: Port device team_slave_0 removed [ 376.022425][ T60] bond5: Warning: No 802.3ad response from the link partner for any adapters in the bond [ 376.033479][T14468] team0: Port device team_slave_1 removed [ 376.035527][T14468] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 376.043043][T14468] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 376.054984][T14468] bond1: (slave bond2): Releasing active interface [ 376.060347][T14468] bond3: (slave gretap1): Releasing active interface [ 376.065068][T14468] bond4: (slave veth7): Releasing active interface [ 376.070536][T14468] bond5: (slave macvlan0): Removing an active aggregator [ 376.074320][T14468] bond5: (slave macvlan0): Releasing backup interface [ 376.306357][T14474] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 378.104267][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.107067][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.424311][T14535] netlink: 4400 bytes leftover after parsing attributes in process `syz.0.1710'. [ 379.444958][T14535] debugfs: 'Ç`]Š •Iöq¯!¾>Ýsó³Îú*Š®!)\Ç' already exists in 'ieee80211' [ 380.043797][T14541] tipc: Enabling of bearer rejected, already enabled [ 380.048952][T14541] netem: change failed [ 380.104900][T14544] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1715'. [ 380.225336][ T40] audit: type=1804 audit(1758795602.008:1799): pid=14546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1712" name="/newroot/413/bus" dev="tmpfs" ino=2192 res=1 errno=0 [ 380.408483][T14544] bond0 (unregistering): Released all slaves [ 380.479459][T14548] 8021q: adding VLAN 0 to HW filter on device bond9 [ 380.487840][T14549] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 380.494445][T14549] bond9: (slave macvlan0): Enslaving as a backup interface with an up link [ 380.523917][T14548] bond0: (slave bond_slave_0): Releasing backup interface [ 380.527645][T14548] bond0: (slave bond_slave_1): Releasing backup interface [ 380.532600][T14548] team0: Port device team_slave_1 removed [ 380.534747][T14548] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 380.537719][T14548] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 380.542627][T14548] bond1: (slave veth3): Releasing active interface [ 380.545927][T14548] bond2: (slave erspan1): Releasing active interface [ 380.548951][T14548] geneve2: left allmulticast mode [ 380.550765][T14548] geneve2: left promiscuous mode [ 380.552575][T14548] bridge0: port 1(geneve2) entered disabled state [ 380.567504][T14548] bond4: (slave gretap1): Releasing active interface [ 380.572638][T14548] bond5: (slave bond6): Releasing active interface [ 380.576625][T14548] bond7: (slave veth7): Releasing active interface [ 380.579539][ T60] bond9: (slave macvlan0): link status up again after 0 ms [ 380.583919][T14548] bond8: (slave gretap2): Releasing active interface [ 380.588146][T14548] bond9: (slave macvlan0): Releasing backup interface [ 381.148247][T14563] tipc: Enabling of bearer rejected, failed to enable media [ 381.233672][T14555] netlink: 'syz.2.1718': attribute type 1 has an invalid length. [ 381.534338][ T5991] Bluetooth: hci1: unexpected event 0x03 length: 1 < 11 [ 381.540006][T14575] netlink: 'syz.0.1724': attribute type 1 has an invalid length. [ 381.775622][T14577] netlink: 4400 bytes leftover after parsing attributes in process `syz.2.1723'. [ 381.790931][T14577] debugfs: 'Ç`]Š •Iöq¯!¾>Ýsó³Îú*Š®!)\Ç' already exists in 'ieee80211' [ 382.220582][T14588] netlink: 'syz.0.1726': attribute type 33 has an invalid length. [ 382.224013][T14588] netlink: 152 bytes leftover after parsing attributes in process `syz.0.1726'. [ 382.230500][T14588] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1726'. [ 383.717028][T14614] netlink: 'syz.1.1732': attribute type 1 has an invalid length. [ 384.086241][ T5991] Bluetooth: hci2: unexpected event for opcode 0x0000 [ 384.425475][T14640] netlink: 'syz.2.1737': attribute type 33 has an invalid length. [ 384.428190][T14640] netlink: 152 bytes leftover after parsing attributes in process `syz.2.1737'. [ 384.483021][T14641] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1737'. [ 384.600133][T14646] netlink: 'syz.2.1739': attribute type 1 has an invalid length. [ 384.628933][ T6024] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 384.634459][T14646] bond11: (slave vxcan3): The slave device specified does not support setting the MAC address [ 384.638615][T14646] bond11: (slave vxcan3): Error -95 calling set_mac_address [ 384.685317][T14648] macvlan1: entered promiscuous mode [ 384.691206][T14648] macvlan1: entered allmulticast mode [ 384.694431][T14648] bond11: entered promiscuous mode [ 384.699537][T14648] 8021q: adding VLAN 0 to HW filter on device macvlan1 [ 384.710147][T14648] bond11: left promiscuous mode [ 384.777512][ T6024] usb 5-1: Using ep0 maxpacket: 16 [ 384.784797][ T6024] usb 5-1: config 33 has 0 interfaces, different from the descriptor's value: 9 [ 384.792345][ T6024] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6006, bcdDevice= 0.00 [ 384.796722][ T6024] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.932022][T14650] lo speed is unknown, defaulting to 1000 [ 385.011397][T14650] lo speed is unknown, defaulting to 1000 [ 385.165732][ T6472] usb 5-1: USB disconnect, device number 9 [ 385.169940][T14650] netlink: 'syz.2.1741': attribute type 13 has an invalid length. [ 385.185014][T14650] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 385.487346][T14661] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1743'. [ 385.683670][T14661] bond0 (unregistering): Released all slaves [ 386.929314][T14692] tipc: Enabling of bearer rejected, failed to enable media [ 388.101272][ T5991] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 388.104601][ T5991] Bluetooth: hci2: Injecting HCI hardware error event [ 388.108946][ T5986] Bluetooth: hci2: hardware error 0x00 [ 388.832779][T14716] 9pnet_fd: p9_fd_create_unix (14716): address too long: ./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 388.921838][T14725] netlink: 6 bytes leftover after parsing attributes in process `syz.3.1760'. [ 389.533074][T14738] netlink: 'syz.2.1764': attribute type 10 has an invalid length. [ 389.536849][T14738] team0: Device hsr_slave_0 failed to register rx_handler [ 390.174810][ T5986] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 390.974538][ T5986] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 390.979450][ T5986] Bluetooth: hci1: Injecting HCI hardware error event [ 390.984929][ T5991] Bluetooth: hci1: hardware error 0x00 [ 391.644377][ T6276] ------------[ cut here ]------------ [ 391.646501][ T6276] WARNING: CPU: 3 PID: 6276 at io_uring/io_uring.c:2980 io_ring_exit_work+0x3fc/0x10f0 [ 391.649780][ T6276] Modules linked in: [ 391.651161][ T6276] CPU: 3 UID: 0 PID: 6276 Comm: kworker/u32:44 Not tainted syzkaller #0 PREEMPT(full) [ 391.656871][ T6276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 391.660975][ T6276] Workqueue: iou_exit io_ring_exit_work [ 391.663149][ T6276] RIP: 0010:io_ring_exit_work+0x3fc/0x10f0 [ 391.665705][ T6276] Code: 0f 85 0a 0b 00 00 48 8b 05 e1 65 4b 09 4c 8b 74 24 68 31 ff 49 29 c6 4c 89 f6 e8 5f 59 e5 fc 4d 85 f6 79 12 e8 e5 5d e5 fc 90 <0f> 0b 90 48 c7 44 24 60 70 17 00 00 e8 d3 5d e5 fc 48 8b 74 24 60 [ 391.673606][ T6276] RSP: 0018:ffffc90002ebfa90 EFLAGS: 00010293 [ 391.676381][ T6276] RAX: 0000000000000000 RBX: ffff8880635846c8 RCX: ffffffff84d5ac31 [ 391.679707][ T6276] RDX: ffff888023fe8000 RSI: ffffffff84d5ac3b RDI: 0000000000000007 [ 391.683041][ T6276] RBP: ffffc90002ebfc50 R08: 0000000000000007 R09: 0000000000000000 [ 391.686402][ T6276] R10: ffffffffffffffff R11: 0000000000000000 R12: ffff888063584000 [ 391.689681][ T6276] R13: dffffc0000000000 R14: ffffffffffffffff R15: ffff888063584040 [ 391.692871][ T6276] FS: 0000000000000000(0000) GS:ffff8880977ba000(0000) knlGS:0000000000000000 [ 391.696616][ T6276] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 391.699341][ T6276] CR2: 00000000f73636bc CR3: 000000006602f000 CR4: 0000000000352ef0 [ 391.702621][ T6276] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 391.705837][ T6276] DR3: 0000000001ac000e DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 391.708419][ T6276] Call Trace: [ 391.709513][ T6276] [ 391.710749][ T6276] ? do_raw_spin_lock+0x12c/0x2b0 [ 391.712877][ T6276] ? __pfx_io_ring_exit_work+0x10/0x10 [ 391.714828][ T6276] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 391.717185][ T6276] ? debug_object_deactivate+0x1ec/0x3a0 [ 391.719106][ T6276] ? rcu_is_watching+0x12/0xc0 [ 391.720762][ T6276] process_one_work+0x9cf/0x1b70 [ 391.722829][ T6276] ? __pfx_process_one_work+0x10/0x10 [ 391.725189][ T6276] ? assign_work+0x1a0/0x250 [ 391.727231][ T6276] worker_thread+0x6c8/0xf10 [ 391.729116][ T6276] ? __pfx_worker_thread+0x10/0x10 [ 391.731221][ T6276] kthread+0x3c5/0x780 [ 391.732644][ T6276] ? __pfx_kthread+0x10/0x10 [ 391.734277][ T6276] ? rcu_is_watching+0x12/0xc0 [ 391.735910][ T6276] ? __pfx_kthread+0x10/0x10 [ 391.737529][ T6276] ret_from_fork+0x56d/0x730 [ 391.739203][ T6276] ? __pfx_kthread+0x10/0x10 [ 391.740938][ T6276] ret_from_fork_asm+0x1a/0x30 [ 391.742691][ T6276] [ 391.744065][ T6276] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 391.746544][ T6276] CPU: 3 UID: 0 PID: 6276 Comm: kworker/u32:44 Not tainted syzkaller #0 PREEMPT(full) [ 391.750512][ T6276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 391.755052][ T6276] Workqueue: iou_exit io_ring_exit_work [ 391.757532][ T6276] Call Trace: [ 391.759033][ T6276] [ 391.760276][ T6276] dump_stack_lvl+0x3d/0x1f0 [ 391.762228][ T6276] vpanic+0x6e8/0x7a0 [ 391.763929][ T6276] ? __pfx_vpanic+0x10/0x10 [ 391.765837][ T6276] ? io_ring_exit_work+0x3fc/0x10f0 [ 391.768028][ T6276] panic+0xca/0xd0 [ 391.769676][ T6276] ? __pfx_panic+0x10/0x10 [ 391.771607][ T6276] ? check_panic_on_warn+0x1f/0xb0 [ 391.773893][ T6276] check_panic_on_warn+0xab/0xb0 [ 391.775987][ T6276] __warn+0xf6/0x3c0 [ 391.777666][ T6276] ? io_ring_exit_work+0x3fc/0x10f0 [ 391.779882][ T6276] report_bug+0x3c3/0x580 [ 391.781729][ T6276] ? io_ring_exit_work+0x3fc/0x10f0 [ 391.783922][ T6276] handle_bug+0x184/0x210 [ 391.785762][ T6276] exc_invalid_op+0x17/0x50 [ 391.787664][ T6276] asm_exc_invalid_op+0x1a/0x20 [ 391.789617][ T6276] RIP: 0010:io_ring_exit_work+0x3fc/0x10f0 [ 391.792078][ T6276] Code: 0f 85 0a 0b 00 00 48 8b 05 e1 65 4b 09 4c 8b 74 24 68 31 ff 49 29 c6 4c 89 f6 e8 5f 59 e5 fc 4d 85 f6 79 12 e8 e5 5d e5 fc 90 <0f> 0b 90 48 c7 44 24 60 70 17 00 00 e8 d3 5d e5 fc 48 8b 74 24 60 [ 391.799942][ T6276] RSP: 0018:ffffc90002ebfa90 EFLAGS: 00010293 [ 391.802474][ T6276] RAX: 0000000000000000 RBX: ffff8880635846c8 RCX: ffffffff84d5ac31 [ 391.805745][ T6276] RDX: ffff888023fe8000 RSI: ffffffff84d5ac3b RDI: 0000000000000007 [ 391.809032][ T6276] RBP: ffffc90002ebfc50 R08: 0000000000000007 R09: 0000000000000000 [ 391.812374][ T6276] R10: ffffffffffffffff R11: 0000000000000000 R12: ffff888063584000 [ 391.816043][ T6276] R13: dffffc0000000000 R14: ffffffffffffffff R15: ffff888063584040 [ 391.819374][ T6276] ? io_ring_exit_work+0x3f1/0x10f0 [ 391.821294][ T6276] ? io_ring_exit_work+0x3fb/0x10f0 [ 391.823436][ T6276] ? do_raw_spin_lock+0x12c/0x2b0 [ 391.825544][ T6276] ? __pfx_io_ring_exit_work+0x10/0x10 [ 391.827638][ T6276] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 391.829947][ T6276] ? debug_object_deactivate+0x1ec/0x3a0 [ 391.832398][ T6276] ? rcu_is_watching+0x12/0xc0 [ 391.834249][ T6276] process_one_work+0x9cf/0x1b70 [ 391.836172][ T6276] ? __pfx_process_one_work+0x10/0x10 [ 391.838076][ T6276] ? assign_work+0x1a0/0x250 [ 391.839921][ T6276] worker_thread+0x6c8/0xf10 [ 391.841740][ T6276] ? __pfx_worker_thread+0x10/0x10 [ 391.843381][ T6276] kthread+0x3c5/0x780 [ 391.845005][ T6276] ? __pfx_kthread+0x10/0x10 [ 391.847058][ T6276] ? rcu_is_watching+0x12/0xc0 [ 391.848880][ T6276] ? __pfx_kthread+0x10/0x10 [ 391.850656][ T6276] ret_from_fork+0x56d/0x730 [ 391.852648][ T6276] ? __pfx_kthread+0x10/0x10 [ 391.854589][ T6276] ret_from_fork_asm+0x1a/0x30 [ 391.856614][ T6276] [ 391.858663][ T6276] Kernel Offset: disabled [ 391.860525][ T6276] Rebooting in 86400 seconds.. VM DIAGNOSIS: 10:08:19 Registers: info registers vcpu 0 CPU#0 RAX=00000002000008fd RBX=ffff888023e3c880 RCX=0000000000000830 RDX=0000000000000002 RSI=00000000000000fd RDI=0000000000000002 RBP=0000000000000008 RSP=ffffc9000341f598 R8 =0000000000000000 R9 =fffffbfff2157592 R10=ffffffff90abac97 R11=0000000000000000 R12=1ffff92000683eb4 R13=0000000000000003 R14=0000000000000001 R15=ffffc9000341f5c0 RIP=ffffffff81695748 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880974ba000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000032907ffc CR3=000000004c663000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=ad94362a42e0a900 RBX=ffffffff8e5c1420 RCX=ffffc90002eef634 RDX=0000000000000005 RSI=ffffffff8de2a0fd RDI=ffffffff8c163800 RBP=0000000000000000 RSP=ffffc90002eef628 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffffff8207866a R13=0000000000000202 R14=ffff888023e3c880 R15=0000000000000006 RIP=ffffffff81975d73 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880975ba000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f743a184 CR3=000000004c663000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000219000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000007fd2fb RBX=0000000000000002 RCX=ffffffff8b91bb29 RDX=0000000000000000 RSI=ffffffff8de4f612 RDI=ffffffff8c163800 RBP=ffffed1003bdf910 RSP=ffffc9000047fdf8 R8 =0000000000000001 R9 =ffffed1005686655 R10=ffff88802b4332ab R11=0000000000000000 R12=0000000000000002 R13=ffff88801defc880 R14=ffffffff90abac90 R15=0000000000000000 RIP=ffffffff8b91a66f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880976ba000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7367d74 CR3=0000000066046000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000000007a RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8561e895 RDI=ffffffff9b102780 RBP=ffffffff9b102740 RSP=ffffc90002ebf400 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=000000000000007a R14=ffffffff9b102740 R15=ffffffff8561e830 RIP=ffffffff8561e8bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880977ba000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73636bc CR3=000000006602f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000001ac000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000