last executing test programs: 4.290422289s ago: executing program 0 (id=1038): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = mq_open(&(0x7f00000001c0)='eth0\xd2', 0x42, 0x0, 0x0) r2 = dup2(r1, r1) mq_notify(r2, &(0x7f0000000040)={0x20000000, 0x4000000000003, 0x2}) close_range(r0, 0xffffffffffffffff, 0x0) syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x6a, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x8, 0x30, 0xd, [{{0x9, 0x4, 0x0, 0x81, 0x2, 0x3, 0x1, 0x1, 0x5, {0x9, 0x21, 0x6, 0x9, 0x1, {0x22, 0xc29}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x6, 0x7, 0x3}}, [{{0x9, 0x5, 0x2, 0x3, 0x400, 0x4, 0x9, 0xd}}]}}}]}}]}}, &(0x7f0000000340)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x310, 0x0, 0x3, 0x3b, 0x0, 0x5}, 0xbd, &(0x7f00000000c0)={0x5, 0xf, 0xbd, 0x4, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x6, "2692d71da24ca051dc7634d0a81c5e72"}, @ptm_cap={0x3}, @generic={0x9e, 0x10, 0xb, "3e54ee28d770ad9397c556508414cb8e8b306a1c60406a46a50987b4965b21c94333565b86569b78fc1d5001a24a658f35fed2952ee1e702b94f47557da0745304e7aa592be224a3e2227fef2528a4e7f9f4b5565518ec5afb759dcc432b20d3ad4e2b7a9e54a28995a5f4759cd0c0d5439da914cb495ad39f2f2689b1c29c8cbd7b530beeb7d931cc187b94b60accb11dff07ed203125823200c0"}]}, 0x4, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0xc1a}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x44e}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x1404}}, {0xbc, &(0x7f0000000280)=@string={0xbc, 0x3, "4742837aafdba4b496b074c30293ccb2b5e657b64835208414354e092e46bef6cae5d0c6b6a3ac687b4e04e9b1a547d7c192022cf2d80f4425e64678272dce1da2115f77cf66abfcfe160117f3353dc262fd685d85e7742ff22772d87a027d27596369fcce7ea7fe66e27cf44776dc75391a119688fa8c443a60d0a149aa748074c54abbae2b522c662ad1dd526fc8bc4576362ef642b8cdaeee51371e085ced46eee39d95ee2a98a1a297340a75e8067b99c2f9a9ff076791df"}}]}) 4.289806116s ago: executing program 3 (id=1040): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8) r1 = gettid() timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4, @tid=r1}, &(0x7f0000000080)) read$FUSE(r0, &(0x7f00000008c0)={0x2020}, 0xfffffef0) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0) socket$inet(0x2, 0x3, 0x6) r2 = syz_open_dev$vim2m(0x0, 0x5, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r4, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10) 3.940305673s ago: executing program 1 (id=1042): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001340)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}], {0x14}}, 0xc8}}, 0x0) r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r5) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) sendmsg$nl_route(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000a40)=@newlink={0x10c, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0xdc, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xcc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xa}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_FLAGS={0xc}, @IFLA_VLAN_FLAGS={0xc}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}]}, @IFLA_VLAN_INGRESS_QOS={0x70, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0x9}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc}]}]}}}, @IFLA_LINK={0x8}, @IFLA_PROMISCUITY={0x8}]}, 0x10c}, 0x1, 0xba01}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1806000000000000000000000200000018120000", @ANYRES32=r2, @ANYBLOB="0000000000001400b70300000000000085000000ba00b300b7000000000000009500000000000000b624ce1f55a268e506c2adc39e2d4fddc68fe616cd6d05049498426fce291c28e0b4c7d9b9676378265d6c59548fab9ac7d880a2c4761c887bfd3c78580a9814ea1463c708cc24957787"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000040)={'bridge_slave_1\x00', {0x2, 0x0, @remote}}) 3.790210549s ago: executing program 1 (id=1043): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) writev(0xffffffffffffffff, &(0x7f0000000800)=[{&(0x7f0000000500)="d5365ccb9057925e79183e7b52039eb03f625cdfdc2eea552c65b822c7d27c081c822cfd65f96874132270f88073badb2208176af8bccdf632f848635fa5760f2dfe60ecec1629fdbd1ce697b29349f0018669cb9df2c16cb90096a90e8e1bb9de3064c5f73f033c9ce338797f3a20c6535a28eadaed280e2a4efe0d9974f69f1ef4eecbf7810106f77a4b8d294adcb670ba61d59fee877bc5335e950ee8cd900a548ece63a4db0069901666c9bc7ef5832300492a3457ffe5555bb121b64b1d227b59655fa1ad", 0xc7}, {&(0x7f0000000600)="d6a6187ffa59f9462eeb2061369d2ef36db635f65a17285dbe5dea858d815b792ff4e3d4666d69cddaa941039487c078b972acd26489a54055147796cc59", 0x3e}, {&(0x7f0000000640)="c0d4e1d52e0be6884b54f98eb645e739b8e8ea09a8007adb093403dd41a44c96d6c89d5411d2bf15b24dd191e5e452bae1aaefcc7e7b2b783cf1529aff0f68227f34260bb69e1187c278d0b625682a143629fefb5923e1ef1863ae1057bc1fd0b84e174d043d0026862fee14cb0782e1e5955fd0024e8ef4a944df9ea741f5cfaa011e0d", 0x84}, {&(0x7f0000000700)="e8e61aefdc9c1f3ad6f44383b156e9dfd68ab84a511f227408281e17a0d0ea942541ad4eb379a2205ed18d81feae13932fd401d1c5a2fdefcffcc48b29e71eb0fd7e0e5e764b7941c7523432887319e1cb5af779cbe3d587734b8008a44eb110861ba2d43754ba1ee9950458bad066fe82d70871fc157da50b25caf65cc7320079445611035af1e529276eb740ecfa7d8874f17207aedce6de16ce337e8bb49d5ca0d73edd95f96bb4c370e5713506b185603ee90e275140", 0xb8}, {&(0x7f00000007c0)="f58d", 0x2}], 0x5) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0e00000004000000040000000300000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYBLOB], 0x48) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000380)={'syztnl0\x00', 0x0, 0x2f, 0xde, 0x8, 0x2, 0x4, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x10, 0x10, 0x5, 0x682f}}) r6 = openat$null(0xffffff9c, &(0x7f0000000400), 0x4c0000, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xe, 0x30acd2f, 0x1, 0xfffffff7, 0x8, r4, 0xffff, '\x00', r5, r6, 0x4, 0x1, 0x3, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000060000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bc0908000000000035090100000000009500000000070000b7020000000000007b9a00fe000000006609000000000000dbaaf0ff50000000bf8620000000000007080000f8ffffffbfa400000000000007040000f0ffffff770000000800000018220000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000100000046083f3d811a13ef5e7a782d2afe99ed58b10000000000005608000000000fa38500000007000000b700000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) syz_open_dev$loop(&(0x7f0000000300), 0x2, 0x40000) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$KDSKBENT(0xffffffffffffffff, 0x4b47, &(0x7f00000002c0)={0x0, 0x0, 0x27f}) ioctl$sock_bt_hci(r7, 0x800448d3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r8 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @empty, 0x4}], 0x1c) sendto$inet6(r8, &(0x7f0000000040)='l', 0x1, 0x7ddfdbdfafa51cdd, &(0x7f0000000100)={0xa, 0x4e23, 0x2, @loopback, 0xffffffff}, 0x1c) shutdown(r8, 0x1) 3.570105056s ago: executing program 2 (id=1044): syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xe4}, "ac42e7f7b1762cd1eca5f2c14e4c24f1b77f66182efaccfa94f77160b272c45b2d36ef6f2c93617c2b50421a0c6cd2e1b77d9d3c2194337a8c09bd8cef100e484691fd01f9f9c684f41cffaa5a1673ffb2fcef4cfe17747084ae915225ec37e65c4f43b4e27c750cbf4ce7bd8b7ef50a7f9fe4a361def7a040f6c65573a4303a938c82c96ceb22ec45355562e4cf99b6e8c649c10298eb9c5902af89c18d4b1b60de6bd7503952fed2fe0acea1e9e5464bb6caf931b99f6cf2b3521c3971da601f37f90c831e722e1995ae2ef589d8ca1a7546c337f817473330d15d436613823fb75029"}, 0xe8) syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x2, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x5, 0xa}, {0x6, 0x7, 0x1, 0xfbf6, 0x4083}}}}, 0x17) syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x3, 0xde}, @l2cap_cid_signaling={{0xda}, [@l2cap_create_chan_req={{0xc, 0xf, 0x5}, {0x1bc, 0x40, 0x6}}, @l2cap_conn_rsp={{0x3, 0x4, 0x8}, {0xf0d5, 0x1ff, 0x0, 0x2}}, @l2cap_info_rsp={{0xb, 0x8, 0xa1}, {0x8, 0x9, "99cc1e3a9586d2f7bf5ace5c44c3ee1dc2d6cf33cb5253e8f03752cdd3e4749da98b0e697b2444f528b542fcf32df0bcadb37837d1f7fd675f5290de76665b231bbf59199ba57fd60a63a35c93292a79619d0490adf93402cf7aa39b33fa2c0f9fc7654ef91ba3738f9783b2af91fec78782fb8428af6d2d037dedb77e02245af068289ca012710f77aa6fb9a94c73e2f0757f9771c9be82f71bf079fb"}}, @l2cap_conn_rsp={{0x3, 0x10, 0x8}, {0x6, 0x7, 0xf, 0xd}}, @l2cap_move_chan_req={{0xe, 0x4, 0x3}, {0x7, 0x6}}, @l2cap_conf_rsp={{0x5, 0x5, 0x9}, {0x9, 0xc, 0x800, [@l2cap_conf_fcs={0x5, 0x1, 0x1}]}}]}}, 0xe3) syz_emit_vhci(&(0x7f0000000240)=@HCI_SCODATA_PKT={0x3, {0x1, 0xbe}, "0dca4c91c20692325b7dc41e773f20d694a11087c7f113b64a5a5039b0c2ea3335e2e0978fceb34ef46efe276aa19899e61d613fd2474607048e6ffd894e70c04b6aa6542bc364fef6063f36bbc24debda81060b4a66629d9a6359c7bd8c58d6e2397ca9c2b866f475afd745e9de08649c24b18b8543cd1e81bd4ace07fae841c5e4ff6c846cfa37a8b069ce0c2496795aa7ca257baac0f630f3160fb9dbcfc2426849d86e751c134dbb9119617b62b26674cf59d2c9d39ff5739f345097"}, 0xc2) r0 = socket$igmp(0x2, 0x3, 0x2) syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) syz_emit_vhci(&(0x7f0000000500)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) syz_emit_vhci(&(0x7f0000000740)=@HCI_EVENT_PKT={0x4, @hci_ev_pscan_rep_mode={{0x20, 0x7}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x8}}}, 0xa) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000980), 0xffffffffffffffff) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x3c, r1, 0x400, 0x70bd2d, 0x25dfdbfe, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x3}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_BACKEND_IDENTIFIER={0x5, 0xa, 'f'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20044085}, 0x20000841) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000a80), 0x10) readv(r0, &(0x7f0000000cc0)=[{&(0x7f0000000c00)=""/186, 0xba}], 0x1) 3.308896972s ago: executing program 3 (id=1045): socket$nl_route(0x10, 0x3, 0x0) socket(0x2, 0x5, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback, 0x6}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "00000100ebffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00B\x00', "006e34e400"}, 0x28) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'ip_vti0\x00', 0x2000}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) sendto$inet6(r0, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137) 3.090180669s ago: executing program 0 (id=1046): ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)=ANY=[]) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e000000040000000800000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x12, 0xd, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001e000000850000000700000095"], &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000080)="0000090000980500000000000800", 0x0, 0x7fffffff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="40010000100013070000000000000000ac1414d4000000000000000000000000e000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e00000020000000000000000000000000000000032000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020001000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800160006000000"], 0x140}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) close(0xffffffffffffffff) connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0) openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r7) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/mcfilter\x00') preadv(r8, &(0x7f00000000c0)=[{&(0x7f0000000180)=""/79, 0x4f}], 0x1, 0x3ffffe, 0x1) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x74, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x38, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x8}]}}}, {0x14, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x4}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xbc}}, 0x20050800) ioctl$EVIOCGABS0(r6, 0x80184540, &(0x7f0000000280)=""/101) r9 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xffff1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r11, &(0x7f0000000000), 0xfffffecc) ioctl$KVM_GET_VCPU_EVENTS(r10, 0x4048aecb, &(0x7f0000000080)) 2.869148558s ago: executing program 1 (id=1047): ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)=ANY=[]) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e000000040000000800000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x12, 0xd, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001e000000850000000700000095"], &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000080)="0000090000980500000000000800", 0x0, 0x7fffffff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="40010000100013070000000000000000ac1414d4000000000000000000000000e000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e00000020000000000000000000000000000000032000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020001000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800160006000000"], 0x140}, 0x1, 0x0, 0x1c}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) close(0xffffffffffffffff) connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0) openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r7) r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_LIST_DEV(r7, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r8, 0xd01, 0x70bd2c, 0x25dfdbfd, {}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/mcfilter\x00') preadv(r9, &(0x7f00000000c0)=[{&(0x7f0000000180)=""/79, 0x4f}], 0x1, 0x3ffffe, 0x1) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x74, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x38, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x8}]}}}, {0x14, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x4}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xbc}}, 0x20050800) ioctl$EVIOCGABS0(r6, 0x80184540, &(0x7f0000000280)=""/101) r10 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xffff1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r12, &(0x7f0000000000), 0xfffffecc) ioctl$KVM_GET_VCPU_EVENTS(r11, 0x4048aecb, &(0x7f0000000080)) 2.710040379s ago: executing program 2 (id=1048): openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) syz_open_dev$mouse(&(0x7f0000000000), 0x1eb, 0x10002) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040), 0x4) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@ifindex, 0x1d, 0x1, 0x3, &(0x7f0000000080)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0], &(0x7f0000000180)=[0x0]}, 0x40) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x8000000000000000}, 0x18) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) openat$sequencer2(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x3, 0xa, [{}, {0x5}, {}, {}, {0x0, 0xfffffffe}, {0x0, 0x7ff}], 0x1}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="05f8ffffffffffffff000600000008000300", @ANYRES32=r4, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)={0x28, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="00070062dee8ffffff00"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) 2.417090316s ago: executing program 3 (id=1049): mknod$loop(&(0x7f0000000140)='./file0\x00', 0x200, 0x0) r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000080)={0xf0f041}) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x32314d56, 0x0, 0xa, [{}, {0x10}, {}, {}, {}, {}, {0x4000007}]}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x2) r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socket(0x10, 0x3, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) r4 = dup(r3) read$FUSE(r4, &(0x7f0000005740)={0x2020}, 0x2020) 1.990044128s ago: executing program 0 (id=1050): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x2}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x4}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0xffffffff}]}]}], {0x14, 0x10}}, 0x90}}, 0x0) r2 = socket(0x2b, 0x1, 0x1) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c) ioctl$sock_qrtr_TIOCINQ(r2, 0x8905, &(0x7f0000000080)) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x6, &(0x7f0000000240)={0xfb56, 0x0, &(0x7f0000000200)=[r2, r0, r2, r2, r1, r1]}, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bridge_slave_0\x00', 0x0}) close(0xffffffffffffffff) ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f00000001c0)) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x30, 0x10, 0xa9, 0xf2ffffff, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_MASTER={0x8}, @IFLA_MTU={0x8, 0x4, 0x7f}]}, 0x30}}, 0x0) 1.82031582s ago: executing program 0 (id=1051): syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x402) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8341) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) pipe(&(0x7f0000000140)={0xffffffffffffffff}) epoll_create(0x10000e9) r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r2 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3) ftruncate(r2, 0xffff) fcntl$addseals(r2, 0x409, 0x7) ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f0000000100)={r2, 0x0, 0x0, 0x1000}) close(0xffffffffffffffff) socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[@ANYBLOB="940000000a000200000000cedad5be000000000000", @ANYBLOB="d4f175cf838228cfbd1074bf5dffc529c0618e3a9f90809ce0e30e0876cca6224ab36bd46149431c800a5ffffae90d5c64ec0e7b949b8e8464772574f2fec13a394e76899f66e8624cf11e9f0dd135189dc1dc46ad65620e291759bb5a08e310e584be105fa69dc32c7ef5131a7c53d5c290933dd0719326bbc9a80eb9", @ANYBLOB="0000000000000000086c001a805400000000000000"], 0x94}}, 0x0) splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x8f8, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000009c0)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={&(0x7f0000000980)='sys_exit\x00'}, 0x10) setpriority(0x1, 0x0, 0x9) 1.819940215s ago: executing program 1 (id=1052): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x2}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x4}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0xffffffff}]}]}], {0x14, 0x10}}, 0x90}}, 0x0) r1 = socket(0x2b, 0x1, 0x1) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c) ioctl$sock_qrtr_TIOCINQ(r1, 0x8905, &(0x7f0000000080)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0) 1.750375689s ago: executing program 0 (id=1053): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8) r1 = gettid() timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4, @tid=r1}, &(0x7f0000000080)) read$FUSE(r0, &(0x7f00000008c0)={0x2020}, 0xfffffef0) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0) socket$inet(0x2, 0x3, 0x6) r2 = syz_open_dev$vim2m(0x0, 0x5, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x34324152}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) socket$inet(0x2, 0x4000000000000001, 0x0) 1.480008188s ago: executing program 3 (id=1054): r0 = socket$inet(0x10, 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00') bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x7, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) r3 = syz_open_procfs(0x0, &(0x7f0000000180)='map_files\x00') fchdir(r3) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r4 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$CDROM_SELECT_SPEED(r4, 0x5322, 0x8c) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) r7 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) ioctl$BLKTRACESETUP(r7, 0xc0401273, &(0x7f0000000000)={'\x00', 0x2, 0x40, 0x23137, 0xffffffffffffffff, 0x11c3adec}) ioctl$BLKTRACESTART(r7, 0x1276, 0x0) sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), r1) rt_sigpending(0x0, 0x0) pread64(r1, &(0x7f00000001c0)=""/152, 0x98, 0x5b) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="50000000100000042abd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800c0001006d6163766c616e001800028006000200010000000a0004005042245c0604000008000500", @ANYRES32=r8, @ANYBLOB="42f04ca45c5beb773e6deed0da5ae7a87c7edfc73f7d935edc04575e7735208b64cdfd1b68612a9db11bf7a40cf1baac723dedba863176899ae0591b05886366c572b2e71938294126368a26cf4398e6d67e17660649fce936a2e4b5ba085706fc7a7b8cba8647d5f8b41bee400372f8e37e"], 0x50}}, 0x80000) 1.200134272s ago: executing program 2 (id=1055): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6}]}) timer_create(0x0, 0x0, 0x0) (async) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000400)={0xffffffffffffffff, 0x0, 0x0}, 0x1c) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) (async, rerun: 64) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 64) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) (async) r4 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r3}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) (async) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000003c0)={'wlan0\x00'}) syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) (async) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x18) (async) read$FUSE(0xffffffffffffffff, &(0x7f0000003c80)={0x2020}, 0x2020) (async) io_uring_enter(r4, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r8 = socket(0x1e, 0x5, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004004}, 0x40) (async) socket$nl_route(0x10, 0x3, 0x0) connect$tipc(r8, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10) (async, rerun: 64) recvmmsg(r8, &(0x7f0000003c40)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000540)=""/228, 0xe4}], 0x1}}], 0x1, 0x0, 0x0) (rerun: 64) write(r1, &(0x7f0000000340)="23000000010006", 0x7) r9 = syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TIOCSETD(r9, 0x5423, &(0x7f0000000000)=0x15) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) 930.112338ms ago: executing program 2 (id=1056): syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9, 0xe4}, "ac42e7f7b1762cd1eca5f2c14e4c24f1b77f66182efaccfa94f77160b272c45b2d36ef6f2c93617c2b50421a0c6cd2e1b77d9d3c2194337a8c09bd8cef100e484691fd01f9f9c684f41cffaa5a1673ffb2fcef4cfe17747084ae915225ec37e65c4f43b4e27c750cbf4ce7bd8b7ef50a7f9fe4a361def7a040f6c65573a4303a938c82c96ceb22ec45355562e4cf99b6e8c649c10298eb9c5902af89c18d4b1b60de6bd7503952fed2fe0acea1e9e5464bb6caf931b99f6cf2b3521c3971da601f37f90c831e722e1995ae2ef589d8ca1a7546c337f817473330d15d436613823fb75029"}, 0xe8) syz_emit_vhci(&(0x7f0000000100)=@HCI_ACLDATA_PKT={0x2, {0x0, 0x0, 0x2, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_rsp={{0x15, 0x5, 0xa}, {0x6, 0x7, 0x1, 0xfbf6, 0x4083}}}}, 0x17) syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x1, 0x3, 0xde}, @l2cap_cid_signaling={{0xda}, [@l2cap_create_chan_req={{0xc, 0xf, 0x5}, {0x1bc, 0x40, 0x6}}, @l2cap_conn_rsp={{0x3, 0x4, 0x8}, {0xf0d5, 0x1ff, 0x0, 0x2}}, @l2cap_info_rsp={{0xb, 0x8, 0xa1}, {0x8, 0x9, "99cc1e3a9586d2f7bf5ace5c44c3ee1dc2d6cf33cb5253e8f03752cdd3e4749da98b0e697b2444f528b542fcf32df0bcadb37837d1f7fd675f5290de76665b231bbf59199ba57fd60a63a35c93292a79619d0490adf93402cf7aa39b33fa2c0f9fc7654ef91ba3738f9783b2af91fec78782fb8428af6d2d037dedb77e02245af068289ca012710f77aa6fb9a94c73e2f0757f9771c9be82f71bf079fb"}}, @l2cap_conn_rsp={{0x3, 0x10, 0x8}, {0x6, 0x7, 0xf, 0xd}}, @l2cap_move_chan_req={{0xe, 0x4, 0x3}, {0x7, 0x6}}, @l2cap_conf_rsp={{0x5, 0x5, 0x9}, {0x9, 0xc, 0x800, [@l2cap_conf_fcs={0x5, 0x1, 0x1}]}}]}}, 0xe3) syz_emit_vhci(&(0x7f0000000240)=@HCI_SCODATA_PKT={0x3, {0x1, 0xbe}, "0dca4c91c20692325b7dc41e773f20d694a11087c7f113b64a5a5039b0c2ea3335e2e0978fceb34ef46efe276aa19899e61d613fd2474607048e6ffd894e70c04b6aa6542bc364fef6063f36bbc24debda81060b4a66629d9a6359c7bd8c58d6e2397ca9c2b866f475afd745e9de08649c24b18b8543cd1e81bd4ace07fae841c5e4ff6c846cfa37a8b069ce0c2496795aa7ca257baac0f630f3160fb9dbcfc2426849d86e751c134dbb9119617b62b26674cf59d2c9d39ff5739f345097"}, 0xc2) r0 = socket$igmp(0x2, 0x3, 0x2) syz_emit_vhci(&(0x7f0000000340)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2) syz_emit_vhci(&(0x7f0000000500)=@HCI_VENDOR_PKT={0xff, 0x40}, 0x2) syz_emit_vhci(&(0x7f0000000740)=@HCI_EVENT_PKT={0x4, @hci_ev_pscan_rep_mode={{0x20, 0x7}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x8}}}, 0xa) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000980), 0xffffffffffffffff) sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x3c, r1, 0x400, 0x70bd2d, 0x25dfdbfe, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x3}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_BACKEND_IDENTIFIER={0x5, 0xa, 'f'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20044085}, 0x20000841) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000a80), 0x10) readv(r0, &(0x7f0000000cc0)=[{&(0x7f0000000c00)=""/186, 0xba}], 0x1) 929.610573ms ago: executing program 1 (id=1057): socket$nl_route(0x10, 0x3, 0x0) socket(0x2, 0x5, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback, 0x6}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "00000100ebffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00B\x00', "006e34e400"}, 0x28) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'ip_vti0\x00', 0x2000}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) sendto$inet6(r0, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137) 860.299897ms ago: executing program 0 (id=1058): ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)=ANY=[]) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e000000040000000800000007"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x12, 0xd, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b5af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001e000000850000000700000095"], &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000080)="0000090000980500000000000800", 0x0, 0x7fffffff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="40010000100013070000000000000000ac1414d4000000000000000000000000e000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e00000020000000000000000000000000000000032000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020001000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800160006000000"], 0x140}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) close(0xffffffffffffffff) connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0) openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r7) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), 0xffffffffffffffff) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/mcfilter\x00') preadv(r8, &(0x7f00000000c0)=[{&(0x7f0000000180)=""/79, 0x4f}], 0x1, 0x3ffffe, 0x1) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x74, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x38, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x8}]}}}, {0x14, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x4}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xbc}}, 0x20050800) ioctl$EVIOCGABS0(r6, 0x80184540, &(0x7f0000000280)=""/101) r9 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xffff1000, 0x2000, &(0x7f0000000000/0x2000)=nil}) r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r11, &(0x7f0000000000), 0xfffffecc) ioctl$KVM_GET_VCPU_EVENTS(r10, 0x4048aecb, &(0x7f0000000080)) 430.39563ms ago: executing program 3 (id=1059): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x2}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x4}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0xffffffff}]}]}], {0x14, 0x10}}, 0x90}}, 0x0) r2 = socket(0x2b, 0x1, 0x1) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c) ioctl$sock_qrtr_TIOCINQ(r2, 0x8905, &(0x7f0000000080)) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r2, 0x6, &(0x7f0000000240)={0xfb56, 0x0, &(0x7f0000000200)=[r2, r0, r2, r2, r1, r1]}, 0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bridge_slave_0\x00', 0x0}) close(0xffffffffffffffff) ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f00000001c0)) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x30, 0x10, 0xa9, 0xf2ffffff, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_MASTER={0x8}, @IFLA_MTU={0x8, 0x4, 0x7f}]}, 0x30}}, 0x0) 270.121789ms ago: executing program 3 (id=1060): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x2}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x48, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x4}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0xffffffff}]}]}], {0x14, 0x10}}, 0x90}}, 0x0) r2 = socket(0x2b, 0x1, 0x1) connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c) ioctl$sock_qrtr_TIOCINQ(r2, 0x8905, &(0x7f0000000080)) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0) ioctl$sock_ifreq(r0, 0x89a3, &(0x7f0000000000)={'bridge0\x00', @ifru_addrs=@l2={0x1f, 0x0, @fixed}}) 50.192295ms ago: executing program 2 (id=1061): syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x402) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8341) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) pipe(&(0x7f0000000140)={0xffffffffffffffff}) epoll_create(0x10000e9) openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r1 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3) ftruncate(r1, 0xffff) fcntl$addseals(r1, 0x409, 0x7) close(0xffffffffffffffff) socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[@ANYBLOB="940000000a000200000000cedad5be000000000000", @ANYBLOB="d4f175cf838228cfbd1074bf5dffc529c0618e3a9f90809ce0e30e0876cca6224ab36bd46149431c800a5ffffae90d5c64ec0e7b949b8e8464772574f2fec13a394e76899f66e8624cf11e9f0dd135189dc1dc46ad65620e291759bb5a08e310e584be105fa69dc32c7ef5131a7c53d5c290933dd0719326bbc9a80eb9", @ANYBLOB="0000000000000000086c001a805400000000000000"], 0x94}}, 0x0) splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x8f8, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000009c0)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000e00)={&(0x7f0000000980)='sys_exit\x00'}, 0x10) setpriority(0x1, 0x0, 0x9) 234.383µs ago: executing program 1 (id=1062): mknod$loop(&(0x7f0000000140)='./file0\x00', 0x200, 0x0) r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000080)={0xf0f041}) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x32314d56, 0x0, 0xa, [{}, {0x10}, {}, {}, {}, {}, {0x4000007}]}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x2) r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socket(0x10, 0x3, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) r4 = dup(r3) read$FUSE(r4, &(0x7f0000005740)={0x2020}, 0x2020) 0s ago: executing program 2 (id=1063): r0 = socket$kcm(0x2, 0x5, 0x84) sendmsg$inet(r0, &(0x7f0000002980)={&(0x7f0000000180)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001800)='_', 0x1}], 0x1}, 0x0) setsockopt$sock_attach_bpf(r0, 0x84, 0x1e, &(0x7f0000000000), 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848360000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0) socket$kcm(0x2, 0x5, 0x84) (async) sendmsg$inet(r0, &(0x7f0000002980)={&(0x7f0000000180)={0x2, 0x0, @dev}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001800)='_', 0x1}], 0x1}, 0x0) (async) setsockopt$sock_attach_bpf(r0, 0x84, 0x1e, &(0x7f0000000000), 0x10) (async) socket$kcm(0x10, 0x2, 0x0) (async) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848360000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0) (async) kernel console output (not intermixed with test programs): ined pid=6183 comm="syz.0.41" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x0 [ 56.640516][ T57] hid-generic 0000:0000:0000.0002: hidraw1: HID v0.00 Device [syz1] on syz1 [ 56.710260][ T30] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 57.050205][ T30] usb 5-1: Using ep0 maxpacket: 8 [ 57.053048][ T30] usb 5-1: config 0 has no interfaces? [ 57.054488][ T30] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 57.056900][ T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.074402][ T30] usb 5-1: config 0 descriptor?? [ 57.199070][ T6201] netlink: 8 bytes leftover after parsing attributes in process `syz.2.44'. [ 57.235576][ T6203] netlink: 4 bytes leftover after parsing attributes in process `syz.1.46'. [ 57.330798][ T6185] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 59.008667][ T6236] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 59.250326][ T57] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 59.445557][ T25] usb 5-1: USB disconnect, device number 3 [ 59.470286][ T57] usb 8-1: Using ep0 maxpacket: 8 [ 59.485871][ T57] usb 8-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 59.488586][ T57] usb 8-1: config 246 descriptor has 1 excess byte, ignoring [ 59.491001][ T57] usb 8-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 59.493350][ T57] usb 8-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 59.496306][ T57] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 59.499179][ T57] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 59.502044][ T57] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 59.505430][ T57] usb 8-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 59.510105][ T57] usb 8-1: config 246 descriptor has 1 excess byte, ignoring [ 59.512004][ T57] usb 8-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 59.514524][ T57] usb 8-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 59.518982][ T57] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 59.522440][ T57] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 59.525341][ T57] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 59.530549][ T57] usb 8-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 59.533183][ T57] usb 8-1: config 246 descriptor has 1 excess byte, ignoring [ 59.535435][ T57] usb 8-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 59.537903][ T57] usb 8-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 59.541286][ T57] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 59.544210][ T57] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 59.547013][ T57] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 59.558839][ T57] usb 8-1: string descriptor 0 read error: -22 [ 59.569361][ T57] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 59.607359][ T57] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 59.785707][ T57] adutux 8-1:246.0: ADU100 now attached to /dev/usb/adutux0 [ 60.074929][ T6251] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 60.190115][ T5956] Bluetooth: hci3: command 0x0405 tx timeout [ 60.501906][ T6258] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 60.504401][ T6258] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 60.506803][ T6258] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 60.509182][ T6258] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 60.511893][ T6258] geneve2: entered promiscuous mode [ 60.513372][ T6258] geneve2: entered allmulticast mode [ 60.548569][ T6258] overlayfs: failed to resolve './file1': -2 [ 60.588637][ T6261] netlink: 4 bytes leftover after parsing attributes in process `syz.1.58'. [ 60.619863][ T6262] netlink: 12 bytes leftover after parsing attributes in process `syz.2.59'. [ 60.904749][ T6275] program syz.2.63 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 60.929339][ T6275] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 61.240804][ T5999] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 61.259653][ T6280] hub 5-0:1.0: USB hub found [ 61.263297][ T6280] hub 5-0:1.0: 1 port detected [ 61.386969][ T6284] Illegal XDP return value 4294967274 on prog (id 12) dev N/A, expect packet loss! [ 61.420052][ T5999] usb 7-1: Using ep0 maxpacket: 16 [ 61.424436][ T5999] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 61.430323][ T5999] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 61.433022][ T5999] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 61.435424][ T5999] usb 7-1: Product: syz [ 61.436703][ T5999] usb 7-1: Manufacturer: syz [ 61.438133][ T5999] usb 7-1: SerialNumber: syz [ 61.447768][ T5999] usb 7-1: config 0 descriptor?? [ 61.459847][ T5999] hub 7-1:0.0: bad descriptor, ignoring hub [ 61.463525][ T5999] hub 7-1:0.0: probe with driver hub failed with error -5 [ 61.468293][ T5999] input: syz syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input6 [ 62.040206][ T2027] usb 7-1: USB disconnect, device number 2 [ 62.050097][ T57] usb 8-1: USB disconnect, device number 2 [ 62.083535][ T6305] netlink: 10 bytes leftover after parsing attributes in process `syz.3.72'. [ 62.086399][ T6305] netlink: 24 bytes leftover after parsing attributes in process `syz.3.72'. [ 62.535596][ T6312] overlay: Unknown parameter 'obj_role' [ 62.538295][ T6312] nfs: Unknown parameter '' [ 62.689337][ T6008] kernel write not supported for file /amidi2 (pid: 6008 comm: kworker/0:5) [ 62.758106][ T6336] netlink: 696 bytes leftover after parsing attributes in process `syz.3.80'. [ 63.046964][ T6348] vivid-007: disconnect [ 63.373994][ T6364] netlink: 'syz.3.89': attribute type 1 has an invalid length. [ 63.883986][ T6375] misc userio: No port type given on /dev/userio [ 63.897972][ T6347] vivid-007: reconnect [ 64.356309][ T5956] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 64.358817][ T5956] Bluetooth: hci1: SCO packet for unknown connection handle 1 [ 64.439773][ T6392] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 64.445301][ T6392] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 64.447638][ T6392] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 64.450335][ T6392] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 64.924273][ T39] audit: type=1326 audit(1734771218.693:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6413 comm="syz.1.104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 64.932972][ T39] audit: type=1326 audit(1734771218.693:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6413 comm="syz.1.104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 64.939358][ T39] audit: type=1326 audit(1734771218.703:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6413 comm="syz.1.104" exe="/syz-executor" sig=0 arch=40000003 syscall=94 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 64.945579][ T39] audit: type=1326 audit(1734771218.703:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6413 comm="syz.1.104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 64.954133][ T39] audit: type=1326 audit(1734771218.703:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6413 comm="syz.1.104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 64.959841][ T39] audit: type=1326 audit(1734771218.703:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6413 comm="syz.1.104" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 64.965935][ T39] audit: type=1326 audit(1734771218.703:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6413 comm="syz.1.104" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 64.974752][ T39] audit: type=1326 audit(1734771218.703:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6413 comm="syz.1.104" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 64.984041][ T39] audit: type=1326 audit(1734771218.703:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6413 comm="syz.1.104" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 64.996413][ T39] audit: type=1326 audit(1734771218.703:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6413 comm="syz.1.104" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 65.037412][ T6416] bond1: entered promiscuous mode [ 65.039218][ T6416] bond1: entered allmulticast mode [ 65.045325][ T6416] 8021q: adding VLAN 0 to HW filter on device bond1 [ 65.128683][ T6416] bond1 (unregistering): Released all slaves [ 65.422374][ T6422] syz.2.105 uses obsolete (PF_INET,SOCK_PACKET) [ 65.648704][ T6437] netlink: 4 bytes leftover after parsing attributes in process `syz.0.112'. [ 66.913095][ T6480] syzkaller1: entered promiscuous mode [ 66.925915][ T6480] syzkaller1: entered allmulticast mode [ 66.942311][ T6482] capability: warning: `syz.3.123' uses deprecated v2 capabilities in a way that may be insecure [ 67.211840][ T6487] tc_dump_action: action bad kind [ 67.236908][ T6487] netlink: 4 bytes leftover after parsing attributes in process `syz.0.125'. [ 67.399286][ T6508] netlink: 4 bytes leftover after parsing attributes in process `syz.2.133'. [ 67.502693][ T6523] netlink: 12 bytes leftover after parsing attributes in process `syz.0.137'. [ 67.780169][ T5999] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 67.963253][ T5999] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 67.965670][ T5999] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 67.967869][ T5999] usb 5-1: Product: syz [ 67.969019][ T5999] usb 5-1: Manufacturer: syz [ 67.970635][ T5999] usb 5-1: SerialNumber: syz [ 67.981291][ T5999] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 68.010757][ T5999] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 68.220681][ T35] usb 5-1: USB disconnect, device number 4 [ 68.360076][ T1015] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 68.513848][ T1015] usb 6-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b [ 68.516601][ T1015] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.521216][ T1015] usb 6-1: config 0 descriptor?? [ 68.525882][ T1015] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input9 [ 68.728335][ T6543] netlink: 'syz.1.140': attribute type 1 has an invalid length. [ 68.742294][ T57] usb 6-1: USB disconnect, device number 3 [ 69.070213][ T5999] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 69.072926][ T5999] ath9k_htc: Failed to initialize the device [ 69.076471][ T35] usb 5-1: ath9k_htc: USB layer deinitialized [ 69.185784][ T6563] sg_write: data in/out 11/10 bytes for SCSI command 0xfd-- guessing data in; [ 69.185784][ T6563] program syz.0.146 not setting count and/or reply_len properly [ 69.357093][ T6572] netlink: 4 bytes leftover after parsing attributes in process `syz.2.149'. [ 69.632509][ T6584] netlink: zone id is out of range [ 69.633989][ T6584] netlink: zone id is out of range [ 69.635510][ T6584] netlink: zone id is out of range [ 69.636894][ T6584] netlink: zone id is out of range [ 69.639020][ T6584] netlink: zone id is out of range [ 69.643343][ T6584] netlink: set zone limit has 8 unknown bytes [ 69.840220][ T5956] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 69.843124][ T5956] Bluetooth: hci3: SCO packet for unknown connection handle 1 [ 70.390577][ T6609] tmpfs: Bad value for 'mpol' [ 70.447265][ T6614] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 70.450245][ T6613] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 70.789066][ T6627] ebtables: wrong size: *len 120, entries_size 48, replsz 48 [ 70.834078][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.835834][ T1413] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.942785][ T6636] PM: Enabling pm_trace changes system date and time during resume. [ 70.942785][ T6636] PM: Correct system time has to be restored manually after resume. [ 71.011278][ T6641] netlink: 4 bytes leftover after parsing attributes in process `syz.0.167'. [ 72.537628][ T6700] binder: 6699:6700 ioctl c0306201 20000480 returned -22 [ 72.937783][ T6717] netlink: 4 bytes leftover after parsing attributes in process `syz.1.182'. [ 73.092460][ T6724] netlink: 28 bytes leftover after parsing attributes in process `syz.0.183'. [ 73.391537][ T6726] random: crng reseeded on system resumption [ 73.917464][ T6737] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 73.919307][ T6737] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 73.923665][ T6737] vhci_hcd vhci_hcd.0: Device attached [ 73.928685][ T6738] usbip_core: unknown command [ 73.930049][ T6738] vhci_hcd: unknown pdu 1869495609 [ 73.931404][ T6738] usbip_core: unknown command [ 73.935767][ T1132] vhci_hcd: stop threads [ 73.937351][ T1132] vhci_hcd: release socket [ 73.938561][ T1132] vhci_hcd: disconnect device [ 74.586358][ T6767] netlink: 4 bytes leftover after parsing attributes in process `syz.2.194'. [ 74.944848][ T6774] IPVS: length: 30 != 24 [ 75.328099][ T6764] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 75.331382][ T6764] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 75.337690][ T6764] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 75.342665][ T6764] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 75.344934][ T6764] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 75.351806][ T6764] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 75.355399][ T6764] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 75.357033][ T6764] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 75.359473][ T6764] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 75.406158][ T6782] block nbd2: NBD_DISCONNECT [ 75.410589][ T6782] block nbd2: NBD_DISCONNECT [ 75.480730][ T6788] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0. [ 75.488838][ T5956] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 75.490877][ T5956] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 75.496391][ T5956] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 75.499288][ T5956] Bluetooth: hci2: SCO packet for unknown connection handle 1 [ 75.766874][ T6795] block device autoloading is deprecated and will be removed. [ 75.771964][ T6795] syz.2.200: attempt to access beyond end of device [ 75.771964][ T6795] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 75.896462][ T6799] netlink: 'syz.3.203': attribute type 30 has an invalid length. [ 76.378526][ T6807] Bluetooth: MGMT ver 1.23 [ 76.600122][ T39] kauditd_printk_skb: 30 callbacks suppressed [ 76.600136][ T39] audit: type=1326 audit(1734771230.363:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6820 comm="syz.0.208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 76.610133][ T39] audit: type=1326 audit(1734771230.373:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6820 comm="syz.0.208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 76.612410][ T6812] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 76.615789][ T39] audit: type=1326 audit(1734771230.373:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6820 comm="syz.0.208" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 76.620205][ T6812] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 76.623379][ T39] audit: type=1326 audit(1734771230.373:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6820 comm="syz.0.208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 76.628205][ T6812] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 76.629560][ T39] audit: type=1326 audit(1734771230.373:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6820 comm="syz.0.208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 76.645458][ T39] audit: type=1326 audit(1734771230.373:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6820 comm="syz.0.208" exe="/syz-executor" sig=0 arch=40000003 syscall=262 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 76.651766][ T39] audit: type=1326 audit(1734771230.373:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6820 comm="syz.0.208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 76.657163][ T39] audit: type=1326 audit(1734771230.373:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6820 comm="syz.0.208" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 76.662989][ T39] audit: type=1326 audit(1734771230.373:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6820 comm="syz.0.208" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 76.671478][ T39] audit: type=1326 audit(1734771230.373:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6820 comm="syz.0.208" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 76.680505][ T6824] fuse: Bad value for 'fd' [ 78.436158][ T6902] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 78.473675][ T6899] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 78.514721][ T6909] netlink: 4 bytes leftover after parsing attributes in process `syz.0.223'. [ 78.670109][ T5956] Bluetooth: hci3: command 0x0405 tx timeout [ 78.672055][ T5956] Bluetooth: hci2: command 0x0c1a tx timeout [ 78.673789][ T5945] Bluetooth: hci1: command 0x0c1a tx timeout [ 78.963450][ T6935] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 79.273200][ T66] Bluetooth: hci1: SCO packet for unknown connection handle 201 [ 79.274363][ T66] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 79.278434][ T66] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 79.281017][ T66] Bluetooth: hci1: SCO packet for unknown connection handle 1 [ 79.761426][ T6991] Process accounting resumed [ 80.415301][ T7031] netlink: 24 bytes leftover after parsing attributes in process `syz.1.237'. [ 80.485461][ T7038] netlink: 4 bytes leftover after parsing attributes in process `syz.1.239'. [ 80.750181][ T5945] Bluetooth: hci3: command 0x0405 tx timeout [ 80.752467][ T66] Bluetooth: hci2: command 0x0c1a tx timeout [ 80.760165][ T66] Bluetooth: hci1: command 0x0c1a tx timeout [ 80.817928][ T2027] libceph: connect (1)[c::]:6789 error -101 [ 80.821142][ T2027] libceph: mon0 (1)[c::]:6789 connect error [ 80.843929][ T66] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 80.845199][ T66] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 80.849733][ T66] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 80.854301][ T66] Bluetooth: hci2: SCO packet for unknown connection handle 1 [ 80.883431][ T7063] ceph: No mds server is up or the cluster is laggy [ 81.107487][ T9] cfg80211: failed to load regulatory.db [ 81.458546][ T7103] syzkaller1: entered promiscuous mode [ 81.460232][ T7103] syzkaller1: entered allmulticast mode [ 82.093027][ T7121] team_slave_0: entered promiscuous mode [ 82.094660][ T7121] team_slave_1: entered promiscuous mode [ 82.096671][ T7121] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 82.242644][ T7130] raw_sendmsg: syz.2.252 forgot to set AF_INET. Fix it! [ 82.394173][ T7130] syz.2.252: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 82.399813][ T7130] CPU: 1 UID: 0 PID: 7130 Comm: syz.2.252 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 [ 82.403625][ T7130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 82.407595][ T7130] Call Trace: [ 82.408829][ T7130] [ 82.409931][ T7130] dump_stack_lvl+0x16c/0x1f0 [ 82.411712][ T7130] warn_alloc+0x24d/0x3a0 [ 82.413328][ T7130] ? __pfx_warn_alloc+0x10/0x10 [ 82.415119][ T7130] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 82.417226][ T7130] ? kasan_save_stack+0x42/0x60 [ 82.418991][ T7130] ? kasan_save_stack+0x33/0x60 [ 82.420784][ T7130] ? kasan_save_track+0x14/0x30 [ 82.422570][ T7130] ? __kasan_kmalloc+0xaa/0xb0 [ 82.424351][ T7130] ? xskq_create+0x52/0x1d0 [ 82.426039][ T7130] ? do_sock_setsockopt+0x222/0x480 [ 82.427951][ T7130] ? __sys_setsockopt+0x1a0/0x230 [ 82.429776][ T7130] ? __ia32_sys_setsockopt+0xbc/0x160 [ 82.431690][ T7130] __vmalloc_node_range_noprof+0x10df/0x1530 [ 82.433868][ T7130] ? xskq_create+0xfb/0x1d0 [ 82.435561][ T7130] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 82.437857][ T7130] ? xskq_create+0xfb/0x1d0 [ 82.439535][ T7130] vmalloc_user_noprof+0x6b/0x90 [ 82.441342][ T7130] ? xskq_create+0xfb/0x1d0 [ 82.442802][ T7130] xskq_create+0xfb/0x1d0 [ 82.444301][ T7130] xsk_setsockopt+0x8b0/0xac0 [ 82.446059][ T7130] ? __pfx_xsk_setsockopt+0x10/0x10 [ 82.447666][ T7130] ? find_held_lock+0x2d/0x110 [ 82.448916][ T7130] ? __pfx_xsk_setsockopt+0x10/0x10 [ 82.450338][ T7130] do_sock_setsockopt+0x222/0x480 [ 82.451681][ T7130] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 82.453195][ T7130] ? lock_acquire+0x2f/0xb0 [ 82.454400][ T7130] __sys_setsockopt+0x1a0/0x230 [ 82.455702][ T7130] __ia32_sys_setsockopt+0xbc/0x160 [ 82.457239][ T7130] ? lockdep_hardirqs_on+0x7c/0x110 [ 82.459135][ T7130] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 82.461555][ T7130] __do_fast_syscall_32+0x73/0x120 [ 82.463396][ T7130] do_fast_syscall_32+0x32/0x80 [ 82.464703][ T7130] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 82.466375][ T7130] RIP: 0023:0xf7f51579 [ 82.467776][ T7130] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 82.473126][ T7130] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 82.475420][ T7130] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000011b [ 82.478206][ T7130] RDX: 0000000000000002 RSI: 0000000020000080 RDI: 0000000000000020 [ 82.480438][ T7130] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 82.482544][ T7130] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 82.484691][ T7130] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 82.486832][ T7130] [ 82.488029][ T7130] Mem-Info: [ 82.488914][ T7130] active_anon:14824 inactive_anon:0 isolated_anon:0 [ 82.488914][ T7130] active_file:1724 inactive_file:47443 isolated_file:0 [ 82.488914][ T7130] unevictable:1768 dirty:120 writeback:0 [ 82.488914][ T7130] slab_reclaimable:11748 slab_unreclaimable:66070 [ 82.488914][ T7130] mapped:30715 shmem:9631 pagetables:796 [ 82.488914][ T7130] sec_pagetables:299 bounce:0 [ 82.488914][ T7130] kernel_misc_reclaimable:0 [ 82.488914][ T7130] free:35135 free_pcp:1883 free_cma:0 [ 82.500927][ T7130] Node 0 active_anon:4264kB inactive_anon:0kB active_file:0kB inactive_file:10044kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:5488kB dirty:16kB writeback:0kB shmem:4368kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9592kB pagetables:692kB sec_pagetables:1108kB all_unreclaimable? yes [ 82.509244][ T7130] Node 1 active_anon:55032kB inactive_anon:0kB active_file:6896kB inactive_file:179728kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:117372kB dirty:464kB writeback:0kB shmem:34156kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:2632kB pagetables:2492kB sec_pagetables:88kB all_unreclaimable? no [ 82.518060][ T7130] Node 0 DMA free:2664kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:84kB local_pcp:36kB free_cma:0kB [ 82.525689][ T7130] lowmem_reserve[]: 0 273 0 0 0 [ 82.527004][ T7130] Node 0 DMA32 free:22316kB boost:4096kB min:18000kB low:21476kB high:24952kB reserved_highatomic:4096KB active_anon:4112kB inactive_anon:0kB active_file:0kB inactive_file:10040kB unevictable:3536kB writepending:16kB present:1032196kB managed:306308kB mlocked:0kB bounce:0kB free_pcp:1484kB local_pcp:532kB free_cma:0kB [ 82.534680][ T7130] lowmem_reserve[]: 0 0 0 0 0 [ 82.535953][ T7130] Node 1 DMA32 free:116944kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:55232kB inactive_anon:0kB active_file:6896kB inactive_file:179728kB unevictable:3536kB writepending:464kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:4832kB local_pcp:1040kB free_cma:0kB [ 82.546709][ T7130] lowmem_reserve[]: 0 0 0 0 0 [ 82.548489][ T7130] Node 0 DMA: 68*4kB (UM) 29*8kB (UM) 13*16kB (UM) 21*32kB (UM) 8*64kB (UM) 4*128kB (UM) 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2664kB [ 82.554025][ T7130] Node 0 DMA32: 384*4kB (UMEH) 136*8kB (UMEH) 26*16kB (UMEH) 172*32kB (UEH) 65*64kB (UMEH) 25*128kB (UM) 9*256kB (UE) 4*512kB (UME) 2*1024kB (M) 0*2048kB 0*4096kB = 22304kB [ 82.558794][ T7130] Node 1 DMA32: 2*4kB (ME) 3*8kB (ME) 2*16kB (UE) 18*32kB (UME) 8*64kB (UME) 28*128kB (UME) 24*256kB (UM) 22*512kB (ME) 22*1024kB (UME) 13*2048kB (UME) 11*4096kB (M) = 116352kB [ 82.563697][ T7130] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 82.566186][ T7130] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 82.569335][ T7130] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 82.572846][ T7130] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 82.576265][ T7130] 58760 total pagecache pages [ 82.577984][ T7130] 0 pages in swap cache [ 82.579512][ T7130] Free swap = 124592kB [ 82.581373][ T7130] Total swap = 124996kB [ 82.582873][ T7130] 524155 pages RAM [ 82.584222][ T7130] 0 pages HighMem/MovableOnly [ 82.585766][ T7130] 206675 pages reserved [ 82.586986][ T7130] 0 pages cma reserved [ 82.682381][ T9] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 82.825874][ T7153] netlink: 4 bytes leftover after parsing attributes in process `syz.3.254'. [ 82.831846][ T66] Bluetooth: hci1: command 0x0c1a tx timeout [ 82.833959][ T66] Bluetooth: hci2: command 0x0c1a tx timeout [ 82.836113][ T5945] Bluetooth: hci3: command 0x0405 tx timeout [ 82.850023][ T9] usb 7-1: Using ep0 maxpacket: 8 [ 82.882100][ T9] usb 7-1: config index 0 descriptor too short (expected 74, got 45) [ 82.886178][ T9] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024 [ 82.897903][ T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 82.913313][ T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 82.917752][ T9] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 82.922538][ T9] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 82.925766][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.136911][ T9] usb 7-1: GET_CAPABILITIES returned 0 [ 83.138555][ T9] usbtmc 7-1:16.0: can't read capabilities [ 83.340483][ C1] usbtmc 7-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71 [ 83.343815][ T7130] usbtmc 7-1:16.0: Unable to send data, error -71 [ 83.349153][ T2027] usb 7-1: USB disconnect, device number 3 [ 83.686540][ T7183] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_virt_wifi, syncid = -2, id = 0 [ 83.692781][ T7182] IPVS: stopping backup sync thread 7183 ... [ 83.756796][ T7189] netlink: 156 bytes leftover after parsing attributes in process `syz.0.258'. [ 83.759140][ T7189] netlink: 156 bytes leftover after parsing attributes in process `syz.0.258'. [ 83.779442][ T7193] vivid-002: disconnect [ 83.781535][ T7192] vivid-002: reconnect [ 83.785057][ T7191] netlink: 8 bytes leftover after parsing attributes in process `syz.3.257'. [ 83.828696][ T66] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 83.830841][ T66] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 83.842555][ T66] Bluetooth: hci3: ACL packet for unknown connection handle 201 [ 83.844392][ T66] Bluetooth: hci3: SCO packet for unknown connection handle 1 [ 83.889731][ T7198] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 84.110109][ T5999] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 84.292056][ T5999] usb 6-1: Using ep0 maxpacket: 8 [ 84.294855][ T5999] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 84.297424][ T5999] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 84.305171][ T7246] syz.0.267: attempt to access beyond end of device [ 84.305171][ T7246] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0 [ 84.308805][ T7246] syz.0.267: attempt to access beyond end of device [ 84.308805][ T7246] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0 [ 84.324692][ T5999] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 84.327329][ T5999] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 84.340099][ T5999] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 84.343084][ T5999] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.351358][ T7246] Mount JFS Failure: -5 [ 84.352528][ T7246] jfs_mount failed w/return code = -5 [ 84.594495][ T5999] usb 6-1: usb_control_msg returned -32 [ 84.595972][ T5999] usbtmc 6-1:16.0: can't read capabilities [ 84.670150][ T39] kauditd_printk_skb: 25 callbacks suppressed [ 84.670160][ T39] audit: type=1326 audit(1734771238.433:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7296 comm="syz.3.275" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x0 [ 85.225317][ T1015] usb 6-1: USB disconnect, device number 4 [ 85.970558][ T56] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 86.125252][ T56] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 86.127700][ T56] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 86.130136][ T56] usb 5-1: Product: syz [ 86.131249][ T56] usb 5-1: Manufacturer: syz [ 86.132502][ T56] usb 5-1: SerialNumber: syz [ 86.136470][ T56] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 86.150640][ T56] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 86.195423][ T7402] netlink: 4 bytes leftover after parsing attributes in process `syz.1.285'. [ 86.435020][ T7430] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 86.437887][ T7430] netlink: 40 bytes leftover after parsing attributes in process `syz.2.290'. [ 86.591549][ T2027] usb 5-1: USB disconnect, device number 5 [ 87.313284][ T7507] netlink: 4 bytes leftover after parsing attributes in process `syz.3.301'. [ 87.342323][ T7507] befs: (nullb0): No write support. Marking filesystem read-only [ 87.345827][ T7507] befs: (nullb0): invalid magic header [ 87.390072][ T56] usb 5-1: Service connection timeout for: 256 [ 87.391917][ T56] ath9k_htc 5-1:1.0: ath9k_htc: Unable to initialize HTC services [ 87.394497][ T56] ath9k_htc: Failed to initialize the device [ 87.396226][ T7514] ntfs3(sr0): Primary boot signature is not NTFS. [ 87.396960][ T2027] usb 5-1: ath9k_htc: USB layer deinitialized [ 87.404804][ T7514] ntfs3(sr0): try to read out of volume at offset 0xf800 [ 87.482562][ T7524] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 87.501166][ T7524] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 87.713849][ T7552] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5) [ 87.716117][ T7552] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 87.719485][ T7552] vhci_hcd vhci_hcd.0: Device attached [ 87.731962][ T7553] vhci_hcd: connection closed [ 87.732766][ T45] vhci_hcd: stop threads [ 87.735084][ T45] vhci_hcd: release socket [ 87.736357][ T45] vhci_hcd: disconnect device [ 88.892343][ T7597] netlink: 80 bytes leftover after parsing attributes in process `syz.3.314'. [ 89.459919][ T7632] program syz.3.317 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 89.880219][ T63] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 90.040579][ T63] usb 6-1: Using ep0 maxpacket: 8 [ 90.044479][ T63] usb 6-1: config index 0 descriptor too short (expected 5924, got 36) [ 90.046648][ T63] usb 6-1: config 250 has an invalid interface number: 228 but max is -1 [ 90.049130][ T63] usb 6-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 90.051873][ T63] usb 6-1: config 250 has no interface number 0 [ 90.053526][ T63] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 90.056542][ T63] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 90.059242][ T63] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 90.063066][ T63] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 90.066317][ T63] usb 6-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 90.069729][ T63] usb 6-1: config 250 interface 228 has no altsetting 0 [ 90.081241][ T63] usb 6-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 90.083721][ T63] usb 6-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 90.085856][ T63] usb 6-1: Product: syz [ 90.086953][ T63] usb 6-1: SerialNumber: syz [ 90.120767][ T63] hub 6-1:250.228: bad descriptor, ignoring hub [ 90.122426][ T63] hub 6-1:250.228: probe with driver hub failed with error -5 [ 90.177954][ T66] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 90.223364][ T66] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 90.227688][ T66] Bluetooth: hci2: SCO packet for unknown connection handle 1 [ 90.326709][ T63] usblp 6-1:250.228: usblp0: USB Bidirectional printer dev 5 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 90.460125][ T56] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 90.550659][ T7696] netlink: 4 bytes leftover after parsing attributes in process `syz.2.326'. [ 90.610159][ T56] usb 8-1: Using ep0 maxpacket: 16 [ 90.613845][ T56] usb 8-1: config 0 has an invalid descriptor of length 135, skipping remainder of the config [ 90.616967][ T56] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 90.624100][ T56] usb 8-1: New USB device found, idVendor=05ac, idProduct=e4de, bcdDevice=6e.cb [ 90.626507][ T56] usb 8-1: New USB device strings: Mfr=0, Product=2, SerialNumber=0 [ 90.628598][ T56] usb 8-1: Product: syz [ 90.631906][ T56] usb 8-1: config 0 descriptor?? [ 90.636015][ T56] usbhid 8-1:0.0: couldn't find an input interrupt endpoint [ 91.253788][ T7653] usb 6-1: reset high-speed USB device number 5 using dummy_hcd [ 91.262329][ T7653] usb 6-1: device reset changed ep0 maxpacket size! [ 91.266940][ T5999] usb 6-1: USB disconnect, device number 5 [ 91.272701][ T5999] usblp0: removed [ 91.373119][ T7730] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 91.376711][ T7730] overlayfs: missing 'lowerdir' [ 91.422391][ T5999] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 91.570182][ T5999] usb 6-1: Using ep0 maxpacket: 16 [ 91.573493][ T5999] usb 6-1: config 0 has no interfaces? [ 91.577417][ T5999] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 91.580764][ T5999] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 91.583615][ T5999] usb 6-1: Product: syz [ 91.588847][ T5999] usb 6-1: Manufacturer: syz [ 91.590960][ T5999] usb 6-1: SerialNumber: syz [ 91.596552][ T5999] usb 6-1: config 0 descriptor?? [ 92.826647][ T5999] usb 6-1: USB disconnect, device number 6 [ 93.227524][ T7716] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 93.229203][ T7716] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 93.241115][ T7716] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 93.310388][ T66] Bluetooth: hci1: command 0x0c1a tx timeout [ 93.352158][ T5981] usb 8-1: USB disconnect, device number 3 [ 93.624665][ T7868] pimreg: entered allmulticast mode [ 94.405074][ T7907] netlink: 332 bytes leftover after parsing attributes in process `syz.3.344'. [ 94.540388][ T39] audit: type=1326 audit(1734771248.253:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7902 comm="syz.1.343" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 94.548355][ T39] audit: type=1326 audit(1734771248.263:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7902 comm="syz.1.343" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 94.555236][ T39] audit: type=1326 audit(1734771248.283:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7902 comm="syz.1.343" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 94.561150][ T39] audit: type=1326 audit(1734771248.293:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7902 comm="syz.1.343" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 94.569020][ T39] audit: type=1326 audit(1734771248.293:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7902 comm="syz.1.343" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 94.575031][ T39] audit: type=1326 audit(1734771248.303:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7902 comm="syz.1.343" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 94.581141][ T39] audit: type=1326 audit(1734771248.333:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7902 comm="syz.1.343" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 94.587319][ T39] audit: type=1326 audit(1734771248.343:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7902 comm="syz.1.343" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 94.595443][ T39] audit: type=1326 audit(1734771248.343:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7902 comm="syz.1.343" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 94.603489][ T39] audit: type=1326 audit(1734771248.343:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7902 comm="syz.1.343" exe="/syz-executor" sig=0 arch=40000003 syscall=379 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 94.712051][ T7912] netlink: 'syz.2.346': attribute type 10 has an invalid length. [ 94.719033][ T7912] team0: Device ipvlan1 failed to register rx_handler [ 94.754431][ T7913] netlink: 4 bytes leftover after parsing attributes in process `syz.3.345'. [ 94.930091][ T7924] openvswitch: netlink: IP tunnel dst address not specified [ 95.246673][ T66] Bluetooth: hci2: command 0x0c1a tx timeout [ 95.310072][ T66] Bluetooth: hci3: command 0x0405 tx timeout [ 95.363244][ T7902] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 95.425678][ T7928] input: syz0 as /devices/virtual/input/input10 [ 95.458670][ T7928] netlink: 728 bytes leftover after parsing attributes in process `syz.2.348'. [ 95.461674][ T7928] netlink: 16 bytes leftover after parsing attributes in process `syz.2.348'. [ 95.512075][ T66] Bluetooth: hci1: unexpected event for opcode 0x201c [ 95.598111][ T7938] netlink: 'syz.2.349': attribute type 2 has an invalid length. [ 96.290962][ T7985] netlink: 48 bytes leftover after parsing attributes in process `syz.0.356'. [ 96.516143][ T7994] pim6reg: entered allmulticast mode [ 96.530324][ T7994] pim6reg: left allmulticast mode [ 96.644150][ T7995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.357'. [ 96.720081][ T7997] binder: 7993:7997 ioctl c0306201 200001c0 returned -14 [ 96.747993][ T7989] block nbd0: shutting down sockets [ 96.790861][ T7999] syz.0.356: attempt to access beyond end of device [ 96.790861][ T7999] nbd0: rw=4096, sector=0, nr_sectors = 2 limit=0 [ 96.821401][ T7985] nbd0: detected capacity change from 0 to 20 [ 96.833406][ T5937] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 96.846502][ T5937] Buffer I/O error on dev nbd0, logical block 0, async page read [ 96.852659][ T5937] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 96.854886][ T5937] Buffer I/O error on dev nbd0, logical block 1, async page read [ 96.856807][ T5937] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 96.859885][ T5937] Buffer I/O error on dev nbd0, logical block 2, async page read [ 96.862485][ T5937] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 96.864683][ T5937] Buffer I/O error on dev nbd0, logical block 3, async page read [ 96.866702][ T5937] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 96.868922][ T5937] Buffer I/O error on dev nbd0, logical block 0, async page read [ 96.874985][ T5937] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 96.877401][ T5937] Buffer I/O error on dev nbd0, logical block 1, async page read [ 96.879400][ T5937] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 96.886531][ T5937] Buffer I/O error on dev nbd0, logical block 2, async page read [ 96.889202][ T5937] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 96.900816][ T5937] Buffer I/O error on dev nbd0, logical block 3, async page read [ 96.903101][ T5937] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 96.905613][ T5937] Buffer I/O error on dev nbd0, logical block 0, async page read [ 96.907656][ T5937] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 96.909888][ T5937] Buffer I/O error on dev nbd0, logical block 1, async page read [ 96.913849][ T5937] ldm_validate_partition_table(): Disk read failed. [ 96.916285][ T5937] Dev nbd0: unable to read RDB block 0 [ 96.918947][ T5937] nbd0: unable to read partition table [ 96.920591][ T5937] nbd0: partition table beyond EOD, truncated [ 96.926838][ T5937] ldm_validate_partition_table(): Disk read failed. [ 96.929089][ T5937] Dev nbd0: unable to read RDB block 0 [ 96.931296][ T5937] nbd0: unable to read partition table [ 96.932857][ T5937] nbd0: partition table beyond EOD, truncated [ 96.936854][ T8012] libceph: resolve '0' (ret=-3): failed [ 96.960868][ T8012] Context (ID=0x10) not attached to queue pair (handle=0x0:0x2) [ 96.968203][ T8012] netlink: 72 bytes leftover after parsing attributes in process `syz.1.358'. [ 97.014525][ T8019] netlink: 4 bytes leftover after parsing attributes in process `syz.0.360'. [ 97.209276][ T8030] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 97.218997][ T8030] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 98.088341][ T8079] netlink: 8 bytes leftover after parsing attributes in process `syz.3.365'. [ 98.091941][ T8079] netlink: 4 bytes leftover after parsing attributes in process `syz.3.365'. [ 98.291387][ T8086] netlink: 'syz.1.366': attribute type 10 has an invalid length. [ 98.345014][ T8086] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.373281][ T8086] bond0: (slave team0): Enslaving as an active interface with an up link [ 99.553491][ T66] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 99.556663][ T66] Bluetooth: hci1: Injecting HCI hardware error event [ 99.561246][ T66] Bluetooth: hci1: hardware error 0x00 [ 100.245060][ T8152] __nla_validate_parse: 4 callbacks suppressed [ 100.245074][ T8152] netlink: 4 bytes leftover after parsing attributes in process `syz.0.372'. [ 100.350771][ T5945] Bluetooth: hci2: command 0x0c1a tx timeout [ 100.797267][ T8166] bridge_slave_1: left allmulticast mode [ 100.798925][ T8166] bridge_slave_1: left promiscuous mode [ 100.802321][ T8166] bridge0: port 2(bridge_slave_1) entered disabled state [ 101.252561][ T8179] macvlan2: entered promiscuous mode [ 101.254070][ T8179] macvlan2: entered allmulticast mode [ 101.261515][ T8165] bridge_slave_0: left allmulticast mode [ 101.263016][ T8165] bridge_slave_0: left promiscuous mode [ 101.265700][ T8165] bridge0: port 1(bridge_slave_0) entered disabled state [ 101.368283][ T8175] syz.0.378: attempt to access beyond end of device [ 101.368283][ T8175] nbd0: rw=4096, sector=0, nr_sectors = 2 limit=0 [ 101.371639][ T8175] XFS (nbd0): SB validate failed with error -5. [ 101.640155][ T66] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 102.440383][ T8223] netlink: 'syz.0.389': attribute type 1 has an invalid length. [ 102.466028][ T8223] 8021q: adding VLAN 0 to HW filter on device bond2 [ 102.470362][ T8223] bond1: (slave bond2): making interface the new active one [ 102.473315][ T8223] bond1: (slave bond2): Enslaving as an active interface with an up link [ 103.140002][ C2] vcan0: j1939_tp_rxtimer: 0xffff88806d41f400: rx timeout, send abort [ 103.214711][ T66] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 103.216795][ T66] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 103.219576][ T66] Bluetooth: hci2: SCO packet for unknown connection handle 1 [ 103.644363][ C2] vcan0: j1939_tp_rxtimer: 0xffff88806d41f400: abort rx timeout. Force session deactivation [ 103.760179][ T5999] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 103.910091][ T5999] usb 6-1: Using ep0 maxpacket: 16 [ 103.915566][ T5999] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 103.919193][ T5999] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 103.922827][ T5999] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 103.927261][ T5999] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 103.930786][ T5999] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.937484][ T5999] usb 6-1: config 0 descriptor?? [ 104.040592][ T8266] netlink: 248 bytes leftover after parsing attributes in process `syz.3.396'. [ 104.103528][ T8274] ebtables: wrong size: *len 120, entries_size 144, replsz 144 [ 104.153934][ T8281] vivid-007: disconnect [ 104.176304][ T8280] tmpfs: Unknown parameter 'grpquota' [ 104.227599][ T8282] syz.0.397: attempt to access beyond end of device [ 104.227599][ T8282] nbd0: rw=0, sector=64, nr_sectors = 2 limit=0 [ 104.232887][ T8282] syz.0.397: attempt to access beyond end of device [ 104.232887][ T8282] nbd0: rw=0, sector=512, nr_sectors = 2 limit=0 [ 104.237384][ T8282] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 104.242428][ T8282] syz.0.397: attempt to access beyond end of device [ 104.242428][ T8282] nbd0: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 104.248658][ T8282] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 104.253344][ T8282] syz.0.397: attempt to access beyond end of device [ 104.253344][ T8282] nbd0: rw=0, sector=64, nr_sectors = 4 limit=0 [ 104.257937][ T8282] syz.0.397: attempt to access beyond end of device [ 104.257937][ T8282] nbd0: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 104.262406][ T8282] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 104.265745][ T8282] syz.0.397: attempt to access beyond end of device [ 104.265745][ T8282] nbd0: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 104.270567][ T8282] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 104.274171][ T8282] syz.0.397: attempt to access beyond end of device [ 104.274171][ T8282] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0 [ 104.278696][ T8282] syz.0.397: attempt to access beyond end of device [ 104.278696][ T8282] nbd0: rw=0, sector=2048, nr_sectors = 8 limit=0 [ 104.284115][ T8282] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 104.287741][ T8282] syz.0.397: attempt to access beyond end of device [ 104.287741][ T8282] nbd0: rw=0, sector=4096, nr_sectors = 8 limit=0 [ 104.293159][ T8282] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 104.298658][ T8282] UDF-fs: warning (device nbd0): udf_fill_super: No partition found (1) [ 104.380223][ T8288] netlink: 4 bytes leftover after parsing attributes in process `syz.3.402'. [ 104.406752][ T8286] input: syz0 as /devices/virtual/input/input11 [ 104.657023][ T66] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 104.662395][ T66] Bluetooth: hci3: ACL packet for unknown connection handle 201 [ 104.664608][ T66] Bluetooth: hci3: SCO packet for unknown connection handle 1 [ 104.780210][ T5999] input: HID 0955:7214 Haptics as /devices/virtual/input/input12 [ 104.910200][ T8259] random: crng reseeded on system resumption [ 104.923384][ T5999] shield 0003:0955:7214.0003: Registered Thunderstrike controller [ 104.925715][ T5999] shield 0003:0955:7214.0003: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0 [ 104.938465][ T8270] block nbd0: shutting down sockets [ 104.984059][ T9] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 104.987599][ T9] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 104.991152][ T5999] usb 6-1: USB disconnect, device number 7 [ 104.994937][ T9] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 104.997832][ T9] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 105.014415][ T8278] vivid-007: reconnect [ 105.127579][ T8308] input: syz1 as /devices/virtual/input/input13 [ 105.176798][ T8317] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 105.186813][ T8317] dlm: no locking on control device [ 105.197005][ T8317] af_packet: tpacket_rcv: packet too big, clamped from 64993 to 3944. macoff=96 [ 105.586145][ T8367] binder: 8362:8367 unknown command 0 [ 105.587713][ T8367] binder: 8362:8367 ioctl c0306201 20000080 returned -22 [ 105.590728][ T8360] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore [ 105.593918][ T8360] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 105.675712][ T8376] netlink: 4 bytes leftover after parsing attributes in process `syz.1.418'. [ 105.678801][ T8376] bridge_slave_1: left allmulticast mode [ 105.681046][ T8376] bridge_slave_1: left promiscuous mode [ 105.682663][ T8376] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.687295][ T8376] bridge_slave_0: left allmulticast mode [ 105.688879][ T8376] bridge_slave_0: left promiscuous mode [ 105.693325][ T8376] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.702779][ T8360] netlink: 16 bytes leftover after parsing attributes in process `syz.2.414'. [ 105.711982][ T8365] netlink: 'syz.3.417': attribute type 1 has an invalid length. [ 105.714135][ T8365] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.417'. [ 105.801140][ T8382] trusted_key: syz.3.417 sent an empty control message without MSG_MORE. [ 106.480031][ T39] kauditd_printk_skb: 64 callbacks suppressed [ 106.480042][ T39] audit: type=1800 audit(1734771260.233:161): pid=8411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.423" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 106.888926][ T8454] netlink: 4 bytes leftover after parsing attributes in process `syz.2.428'. [ 107.599807][ T39] audit: type=1326 audit(1734771261.363:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8498 comm="syz.0.431" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x0 [ 107.605456][ T39] audit: type=1326 audit(1734771261.363:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8498 comm="syz.0.431" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x0 [ 107.769255][ T8512] netlink: 'syz.0.433': attribute type 1 has an invalid length. [ 107.805796][ T8512] 8021q: adding VLAN 0 to HW filter on device bond3 [ 107.807950][ T8510] netlink: 20 bytes leftover after parsing attributes in process `syz.3.434'. [ 108.499922][ T8537] Invalid ELF header magic: != ELF [ 108.640644][ T1102] ata1.00: Read log 0x10 page 0x00 failed, Emask 0x1 [ 108.642370][ T1102] ata1: failed to read log page 10h (errno=-5) [ 108.643997][ T1102] ata1.00: exception Emask 0x1 SAct 0xc000 SErr 0x0 action 0x0 [ 108.645994][ T1102] ata1.00: irq_stat 0x40000000 [ 108.647258][ T1102] ata1.00: failed command: WRITE FPDMA QUEUED [ 108.648831][ T1102] ata1.00: cmd 61/c0:70:fa:6e:08/00:00:00:00:00/40 tag 14 ncq dma 98304 out [ 108.648831][ T1102] res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 108.655613][ T1102] ata1.00: status: { DRDY } [ 108.656815][ T1102] ata1.00: failed command: WRITE FPDMA QUEUED [ 108.658386][ T1102] ata1.00: cmd 61/78:78:ba:71:08/00:00:00:00:00/40 tag 15 ncq dma 61440 out [ 108.658386][ T1102] res 50/00:00:00:00:00/00:00:00:00:00/00 Emask 0x1 (device error) [ 108.663217][ T1102] ata1.00: status: { DRDY } [ 108.667902][ T1102] ata1.00: configured for UDMA/100 [ 108.669468][ T1102] ata1: EH complete [ 108.751480][ T8542] mmap: syz.0.440 (8542) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 109.995321][ T8576] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 110.023224][ T57] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 110.050448][ T8580] netlink: 4 bytes leftover after parsing attributes in process `syz.2.449'. [ 110.181577][ T57] usb 8-1: Using ep0 maxpacket: 8 [ 110.190734][ T57] usb 8-1: config 0 has an invalid interface number: 151 but max is 1 [ 110.192870][ T57] usb 8-1: config 0 has no interface number 1 [ 110.194462][ T57] usb 8-1: config 0 interface 151 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 110.197256][ T57] usb 8-1: config 0 interface 151 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83 [ 110.200579][ T57] usb 8-1: config 0 interface 151 altsetting 0 endpoint 0x83 has invalid maxpacket 64466, setting to 1024 [ 110.203478][ T57] usb 8-1: config 0 interface 151 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024 [ 110.206102][ T57] usb 8-1: config 0 interface 151 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 110.209395][ T57] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 110.212287][ T57] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 110.231267][ T57] usb 8-1: New USB device found, idVendor=0499, idProduct=500a, bcdDevice=e7.b7 [ 110.233540][ T57] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 110.235549][ T57] usb 8-1: Product: syz [ 110.236616][ T57] usb 8-1: Manufacturer: syz [ 110.237827][ T57] usb 8-1: SerialNumber: syz [ 110.248248][ T57] usb 8-1: config 0 descriptor?? [ 110.250755][ T8567] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 110.260420][ T57] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 110.266672][ T57] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 110.268721][ T57] usb 8-1: invalid MIDI in EP 0 [ 110.321963][ T57] snd-usb-audio 8-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 110.509219][ T56] usb 8-1: USB disconnect, device number 4 [ 110.676159][ T8611] binder: 8604:8611 ioctl 4018620d 0 returned -22 [ 110.900943][ T8626] netlink: 4 bytes leftover after parsing attributes in process `syz.0.452'. [ 112.305713][ T8710] netlink: 76 bytes leftover after parsing attributes in process `syz.0.456'. [ 112.310096][ T63] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 112.436325][ T8710] pimreg: entered allmulticast mode [ 112.470095][ T63] usb 7-1: Using ep0 maxpacket: 8 [ 112.473566][ T63] usb 7-1: config 7 has an invalid interface number: 161 but max is 0 [ 112.476170][ T63] usb 7-1: config 7 has no interface number 0 [ 112.477878][ T63] usb 7-1: config 7 interface 161 has no altsetting 0 [ 112.483799][ T63] usb 7-1: New USB device found, idVendor=6737, idProduct=0001, bcdDevice=4e.59 [ 112.486173][ T63] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 112.488336][ T63] usb 7-1: Product: syz [ 112.489426][ T63] usb 7-1: Manufacturer: syz [ 112.497698][ T8710] pimreg: left allmulticast mode [ 112.504275][ T63] usb 7-1: SerialNumber: syz [ 113.002423][ T66] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 113.005018][ T66] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 113.007423][ T66] Bluetooth: hci2: SCO packet for unknown connection handle 1 [ 113.011825][ T63] hub 7-1:7.161: bad descriptor, ignoring hub [ 113.015886][ T63] hub 7-1:7.161: probe with driver hub failed with error -5 [ 113.018368][ T63] cypress_m8 7-1:7.161: HID->COM RS232 Adapter converter detected [ 113.023252][ T63] cyphidcom ttyUSB0: required endpoint is missing [ 113.041192][ T63] usb 7-1: USB disconnect, device number 4 [ 113.041583][ T8727] block device autoloading is deprecated and will be removed. [ 113.043323][ T63] cypress_m8 7-1:7.161: device disconnected [ 113.587248][ T8783] netlink: 9 bytes leftover after parsing attributes in process `syz.2.464'. [ 113.808459][ T8796] loop7: detected capacity change from 0 to 16384 [ 114.118014][ T8820] netlink: 72 bytes leftover after parsing attributes in process `syz.0.468'. [ 114.132328][ T8820] netlink: 16 bytes leftover after parsing attributes in process `syz.0.468'. [ 114.155381][ T8826] syz.3.469 (8826): attempted to duplicate a private mapping with mremap. This is not supported. [ 114.245438][ T8831] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 114.260224][ T8831] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 114.317749][ T8843] netlink: 8 bytes leftover after parsing attributes in process `syz.3.473'. [ 114.324836][ T8843] netlink: 8 bytes leftover after parsing attributes in process `syz.3.473'. [ 114.328708][ T8843] geneve2: entered promiscuous mode [ 114.331945][ T8843] geneve2: entered allmulticast mode [ 114.334147][ T8843] netlink: 8 bytes leftover after parsing attributes in process `syz.3.473'. [ 114.336443][ T8843] netlink: 8 bytes leftover after parsing attributes in process `syz.3.473'. [ 114.338825][ T8843] netlink: 8 bytes leftover after parsing attributes in process `syz.3.473'. [ 114.556572][ T8848] macvlan2: left allmulticast mode [ 114.624619][ T8866] binder: 8865:8866 ioctl c00c620f 200043c0 returned -22 [ 114.783630][ T8872] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 114.818931][ T8870] ata1.00: invalid command format 189 [ 114.994720][ T39] audit: type=1326 audit(1734771268.753:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8897 comm="syz.2.482" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x0 [ 116.465301][ T8975] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 116.653777][ T8996] __nla_validate_parse: 62 callbacks suppressed [ 116.653788][ T8996] netlink: 4 bytes leftover after parsing attributes in process `syz.0.493'. [ 116.820233][ T8994] ptm ptm1: ldisc open failed (-12), clearing slot 1 [ 116.930136][ T39] audit: type=1326 audit(1734771270.673:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9017 comm="syz.2.498" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 116.936673][ T39] audit: type=1326 audit(1734771270.673:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9017 comm="syz.2.498" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 116.942268][ T39] audit: type=1326 audit(1734771270.683:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9017 comm="syz.2.498" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 116.947850][ T39] audit: type=1326 audit(1734771270.683:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9017 comm="syz.2.498" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 116.954893][ T39] audit: type=1326 audit(1734771270.683:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9017 comm="syz.2.498" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 116.960768][ T39] audit: type=1326 audit(1734771270.683:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9017 comm="syz.2.498" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 116.967373][ T39] audit: type=1326 audit(1734771270.693:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9017 comm="syz.2.498" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 116.972914][ T39] audit: type=1326 audit(1734771270.693:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9017 comm="syz.2.498" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 116.978452][ T39] audit: type=1326 audit(1734771270.693:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9017 comm="syz.2.498" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 117.615806][ T9050] netlink: 4 bytes leftover after parsing attributes in process `syz.0.501'. [ 117.678534][ T9055] netlink: 4 bytes leftover after parsing attributes in process `syz.2.503'. [ 117.758240][ T9060] netlink: 'syz.3.502': attribute type 10 has an invalid length. [ 117.817586][ T9061] ptrace attach of "/syz-executor exec"[5951] was attempted by "/syz-executor exec"[9061] [ 119.999725][ T9172] netlink: 4 bytes leftover after parsing attributes in process `syz.1.523'. [ 120.172425][ T66] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 120.175577][ T66] Bluetooth: hci3: ACL packet for unknown connection handle 201 [ 120.177929][ T66] Bluetooth: hci3: SCO packet for unknown connection handle 1 [ 120.965543][ T9221] netlink: 696 bytes leftover after parsing attributes in process `syz.0.519'. [ 121.002324][ T39] kauditd_printk_skb: 34 callbacks suppressed [ 121.002334][ T39] audit: type=1800 audit(1734771274.773:208): pid=9225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.520" name="[kvm-gmem]" dev="anon_inodefs" ino=26331 res=0 errno=0 [ 121.010887][ T9225] netlink: 'syz.1.520': attribute type 10 has an invalid length. [ 121.013193][ T9225] bond0: (slave wlan1): Opening slave failed [ 121.253131][ T9249] misc userio: Invalid payload size [ 121.254727][ T9249] misc userio: No port type given on /dev/userio [ 121.522927][ T39] audit: type=1326 audit(1734771275.293:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9265 comm="syz.1.529" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x0 [ 121.575410][ T39] audit: type=1800 audit(1734771275.343:210): pid=9271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.530" name="bus" dev="overlay" ino=701 res=0 errno=0 [ 121.692374][ T9281] netlink: 4 bytes leftover after parsing attributes in process `syz.0.531'. [ 122.419352][ T35] IPVS: starting estimator thread 0... [ 122.510473][ T9327] IPVS: using max 19 ests per chain, 45600 per kthread [ 124.840376][ T9442] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 124.847142][ T9442] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 124.856994][ T9442] bond0 (unregistering): (slave team0): Releasing backup interface [ 124.868837][ T9442] bond0 (unregistering): Released all slaves [ 125.089139][ T9466] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 125.129790][ T9472] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 125.142415][ T9474] netlink: 45 bytes leftover after parsing attributes in process `syz.2.556'. [ 125.145530][ T9472] netlink: 16 bytes leftover after parsing attributes in process `syz.3.554'. [ 125.148738][ T9472] netlink: 24 bytes leftover after parsing attributes in process `syz.3.554'. [ 125.152810][ T9472] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 125.199918][ T9472] bond2: entered allmulticast mode [ 125.202401][ T9472] 8021q: adding VLAN 0 to HW filter on device bond2 [ 125.617135][ T9509] 9pnet_fd: Insufficient options for proto=fd [ 125.782456][ T9530] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 126.074572][ T39] audit: type=1326 audit(1734771279.823:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.567" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 126.089614][ T39] audit: type=1326 audit(1734771279.823:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.567" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 126.107193][ T39] audit: type=1326 audit(1734771279.823:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.567" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 126.127842][ T39] audit: type=1326 audit(1734771279.823:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.567" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 126.139783][ T39] audit: type=1326 audit(1734771279.823:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.567" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 126.146695][ T39] audit: type=1326 audit(1734771279.823:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.567" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 126.152614][ T39] audit: type=1326 audit(1734771279.823:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.567" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 126.160756][ T39] audit: type=1326 audit(1734771279.823:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.567" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 126.168306][ T9562] netlink: 'syz.3.570': attribute type 21 has an invalid length. [ 126.171066][ T39] audit: type=1326 audit(1734771279.823:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.567" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 126.177080][ T9562] netlink: 132 bytes leftover after parsing attributes in process `syz.3.570'. [ 126.179773][ T39] audit: type=1326 audit(1734771279.823:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.567" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x7ffc0000 [ 126.655364][ T9590] netlink: 436 bytes leftover after parsing attributes in process `syz.1.573'. [ 126.794539][ T9604] netlink: 'syz.3.577': attribute type 4 has an invalid length. [ 126.797453][ T9604] netlink: 17 bytes leftover after parsing attributes in process `syz.3.577'. [ 128.267466][ T9641] Bluetooth: hci0: Opcode 0x0c20 failed: -22 [ 128.321843][ T66] Bluetooth: hci2: unexpected event 0x03 length: 1 < 11 [ 128.334499][ T9646] tmpfs: Bad value for 'mpol' [ 128.837232][ T9688] netlink: 4 bytes leftover after parsing attributes in process `syz.3.596'. [ 130.280674][ T66] Bluetooth: hci0: command tx timeout [ 130.437475][ T9786] netlink: 'syz.3.611': attribute type 10 has an invalid length. [ 130.451481][ T9786] team0: Port device geneve1 added [ 131.211563][ T9837] netlink: 4 bytes leftover after parsing attributes in process `syz.0.615'. [ 131.289770][ T39] kauditd_printk_skb: 90 callbacks suppressed [ 131.289781][ T39] audit: type=1326 audit(1734771285.053:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm="syz.2.619" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 131.300203][ T39] audit: type=1326 audit(1734771285.073:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm="syz.2.619" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 131.323313][ T39] audit: type=1326 audit(1734771285.073:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm="syz.2.619" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 131.340221][ T39] audit: type=1326 audit(1734771285.073:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm="syz.2.619" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 131.355325][ T39] audit: type=1326 audit(1734771285.073:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm="syz.2.619" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 131.375607][ T39] audit: type=1326 audit(1734771285.083:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm="syz.2.619" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 131.389372][ T39] audit: type=1326 audit(1734771285.083:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm="syz.2.619" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 131.422557][ T39] audit: type=1326 audit(1734771285.083:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm="syz.2.619" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 131.475761][ T39] audit: type=1326 audit(1734771285.083:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm="syz.2.619" exe="/syz-executor" sig=0 arch=40000003 syscall=304 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 131.507311][ T39] audit: type=1326 audit(1734771285.083:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9840 comm="syz.2.619" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 131.763463][ T9864] netlink: 8 bytes leftover after parsing attributes in process `syz.3.623'. [ 131.766405][ T9864] netlink: 24 bytes leftover after parsing attributes in process `syz.3.623'. [ 132.286995][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.288749][ T1413] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.570389][ T9919] netlink: 4 bytes leftover after parsing attributes in process `syz.2.630'. [ 133.121642][ T9948] netlink: 4 bytes leftover after parsing attributes in process `syz.3.632'. [ 133.525004][ T9974] netdevsim netdevsim2: Direct firmware load for failed with error -2 [ 133.529831][ T9974] netdevsim netdevsim2: Falling back to sysfs fallback for: [ 136.199150][T10099] netlink: 'syz.2.650': attribute type 2 has an invalid length. [ 136.212817][T10099] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 136.323346][T10115] netlink: 4 bytes leftover after parsing attributes in process `syz.0.652'. [ 137.167799][ T66] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 137.180381][ T66] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 137.184524][ T66] Bluetooth: hci3: ACL packet for unknown connection handle 201 [ 137.186622][ T66] Bluetooth: hci3: SCO packet for unknown connection handle 1 [ 137.205083][ C2] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:2. Sending cookies. [ 137.266017][ T39] kauditd_printk_skb: 56 callbacks suppressed [ 137.266027][ T39] audit: type=1326 audit(1734771291.033:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10180 comm="syz.2.661" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f51579 code=0x0 [ 137.827475][T10219] netlink: 8 bytes leftover after parsing attributes in process `syz.0.664'. [ 137.832336][T10219] syz_tun: entered promiscuous mode [ 137.834392][T10219] batadv_slave_1: entered promiscuous mode [ 138.038684][T10233] netlink: 8 bytes leftover after parsing attributes in process `syz.3.666'. [ 138.042510][T10233] netlink: 4 bytes leftover after parsing attributes in process `syz.3.666'. [ 138.125141][T10231] netlink: 'syz.0.665': attribute type 1 has an invalid length. [ 138.150074][T10231] 8021q: adding VLAN 0 to HW filter on device bond4 [ 138.161709][T10231] 8021q: adding VLAN 0 to HW filter on device bond4 [ 138.163639][T10231] bond4: (slave ip6tnl1): The slave device specified does not support setting the MAC address [ 138.166674][T10231] bond4: (slave ip6tnl1): Error -95 calling set_mac_address [ 138.346886][T10261] netlink: 196 bytes leftover after parsing attributes in process `syz.0.671'. [ 138.370704][ T39] audit: type=1326 audit(1734771292.143:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10263 comm="syz.3.672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 138.378438][ T39] audit: type=1326 audit(1734771292.143:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10263 comm="syz.3.672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 138.389337][ T39] audit: type=1326 audit(1734771292.153:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10263 comm="syz.3.672" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 138.396847][ T39] audit: type=1326 audit(1734771292.153:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10263 comm="syz.3.672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 138.404278][ T39] audit: type=1326 audit(1734771292.153:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10263 comm="syz.3.672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 138.411727][ T39] audit: type=1326 audit(1734771292.163:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10263 comm="syz.3.672" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 138.418308][ T39] audit: type=1326 audit(1734771292.163:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10263 comm="syz.3.672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 138.430045][ T39] audit: type=1326 audit(1734771292.163:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10263 comm="syz.3.672" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 138.437590][ T39] audit: type=1326 audit(1734771292.163:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10263 comm="syz.3.672" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 139.138885][T10318] ptm ptm46: ldisc open failed (-12), clearing slot 46 [ 139.519634][T10348] netlink: 20 bytes leftover after parsing attributes in process `syz.1.679'. [ 139.522018][T10348] netlink: 20 bytes leftover after parsing attributes in process `syz.1.679'. [ 139.589459][T10353] Cannot find set identified by id 0 to match [ 139.811409][T10369] netlink: 4 bytes leftover after parsing attributes in process `syz.3.685'. [ 140.667938][T10401] libceph: resolve '0' (ret=-3): failed [ 140.688273][T10401] Context (ID=0x10) not attached to queue pair (handle=0x0:0x2) [ 140.692861][T10401] netlink: 72 bytes leftover after parsing attributes in process `syz.0.689'. [ 141.110277][ T9] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 141.313372][ T66] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 141.314794][ T66] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 141.318979][ T66] Bluetooth: hci3: ACL packet for unknown connection handle 201 [ 141.321292][ T66] Bluetooth: hci3: SCO packet for unknown connection handle 1 [ 141.332999][ T9] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 141.339459][ T9] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 141.344590][ T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 141.348042][ T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 141.352187][ T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 141.363674][ T9] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 141.367270][ T9] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 141.369451][ T9] usb 5-1: Product: syz [ 141.374349][ T9] usb 5-1: Manufacturer: syz [ 141.504593][T10466] netlink: 4 bytes leftover after parsing attributes in process `syz.1.696'. [ 141.576446][ T9] cdc_wdm 5-1:1.0: skipping garbage [ 141.577975][ T9] cdc_wdm 5-1:1.0: skipping garbage [ 141.580856][ T9] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 141.582567][ T9] cdc_wdm 5-1:1.0: Unknown control protocol [ 141.649331][ T57] usb 5-1: USB disconnect, device number 6 [ 141.815682][T10489] netlink: 4 bytes leftover after parsing attributes in process `syz.2.697'. [ 142.216216][T10512] input: syz0 as /devices/virtual/input/input17 [ 142.300402][ T57] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 142.368563][ T66] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 142.461421][ T57] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 142.465708][ T57] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 142.468360][ T57] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 142.471815][ T57] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 142.475237][ T57] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 142.479297][ T57] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 142.482266][ T57] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 142.484374][ T57] usb 5-1: Product: syz [ 142.485515][ T57] usb 5-1: Manufacturer: syz [ 142.491658][ T57] cdc_wdm 5-1:1.0: skipping garbage [ 142.493427][ T57] cdc_wdm 5-1:1.0: skipping garbage [ 142.497851][ T57] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 142.500026][ T57] cdc_wdm 5-1:1.0: Unknown control protocol [ 142.514246][T10522] block device autoloading is deprecated and will be removed. [ 142.525847][T10521] md: md2 stopped. [ 142.963936][ T39] kauditd_printk_skb: 41 callbacks suppressed [ 142.963948][ T39] audit: type=1326 audit(1734771296.733:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10528 comm="syz.2.703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 142.971629][ T39] audit: type=1326 audit(1734771296.733:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10528 comm="syz.2.703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 142.978078][ T39] audit: type=1326 audit(1734771296.733:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10528 comm="syz.2.703" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 142.984390][ T39] audit: type=1326 audit(1734771296.733:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10528 comm="syz.2.703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 142.991199][ T39] audit: type=1326 audit(1734771296.733:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10528 comm="syz.2.703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 142.998151][ T39] audit: type=1326 audit(1734771296.733:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10528 comm="syz.2.703" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 143.005415][ T39] audit: type=1326 audit(1734771296.733:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10528 comm="syz.2.703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 143.012777][ T39] audit: type=1326 audit(1734771296.733:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10528 comm="syz.2.703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 143.020434][ T39] audit: type=1326 audit(1734771296.733:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10528 comm="syz.2.703" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 143.027634][ T39] audit: type=1326 audit(1734771296.733:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10528 comm="syz.2.703" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 143.062486][ C0] cdc_wdm 5-1:1.0: Stall on int endpoint [ 143.064033][ C0] cdc_wdm 5-1:1.0: Cannot schedule work [ 143.066101][ C0] cdc_wdm 5-1:1.0: Stall on int endpoint [ 143.068549][ C0] cdc_wdm 5-1:1.0: Stall on int endpoint [ 143.070613][ C0] cdc_wdm 5-1:1.0: Cannot schedule work [ 143.074284][ C0] cdc_wdm 5-1:1.0: Stall on int endpoint [ 143.078175][ C0] cdc_wdm 5-1:1.0: Stall on int endpoint [ 143.080463][ C0] cdc_wdm 5-1:1.0: Stall on int endpoint [ 143.082757][ C0] cdc_wdm 5-1:1.0: Stall on int endpoint [ 143.084978][ C0] cdc_wdm 5-1:1.0: Stall on int endpoint [ 143.087060][ C0] cdc_wdm 5-1:1.0: Cannot schedule work [ 143.089225][ C0] cdc_wdm 5-1:1.0: Stall on int endpoint [ 143.090134][ T57] usb 5-1: USB disconnect, device number 7 [ 143.091102][ C0] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 143.097048][ C0] cdc_wdm 5-1:1.0: Unexpected error -71 [ 144.259795][T10543] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 144.529314][T10551] netlink: 332 bytes leftover after parsing attributes in process `syz.1.708'. [ 144.573675][T10555] netlink: 4 bytes leftover after parsing attributes in process `syz.1.716'. [ 144.901044][T10561] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 145.323734][T10563] overlayfs: failed to resolve './file0': -2 [ 145.490664][T10552] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 146.058716][T10576] netlink: 4 bytes leftover after parsing attributes in process `syz.2.715'. [ 146.518534][T10595] netlink: 44 bytes leftover after parsing attributes in process `syz.0.721'. [ 146.540078][T10595] netlink: 43 bytes leftover after parsing attributes in process `syz.0.721'. [ 146.542432][T10595] netlink: 'syz.0.721': attribute type 6 has an invalid length. [ 146.544692][T10595] netlink: 'syz.0.721': attribute type 5 has an invalid length. [ 146.546698][T10595] netlink: 43 bytes leftover after parsing attributes in process `syz.0.721'. [ 147.593304][ T66] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 147.616329][ T66] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 147.621821][ T66] Bluetooth: hci3: ACL packet for unknown connection handle 201 [ 147.624471][ T66] Bluetooth: hci3: SCO packet for unknown connection handle 1 [ 148.073524][T10631] netlink: 8 bytes leftover after parsing attributes in process `syz.0.732'. [ 148.283590][T10637] netlink: 'syz.2.735': attribute type 10 has an invalid length. [ 148.285948][T10637] bond0: (slave wlan1): Opening slave failed [ 148.586847][T10641] Process accounting resumed [ 148.730120][ T2027] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 148.880099][ T2027] usb 8-1: Using ep0 maxpacket: 8 [ 148.883201][ T2027] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 148.885814][ T2027] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 148.901602][ T2027] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 148.904866][ T2027] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 148.908733][ T2027] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 148.920913][ T2027] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.991050][T10655] loop6: detected capacity change from 0 to 524287999 [ 148.996534][ C2] blk_print_req_error: 130 callbacks suppressed [ 148.996545][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 149.000760][ C2] buffer_io_error: 130 callbacks suppressed [ 149.000771][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 149.007504][ C2] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 149.010856][ C3] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 149.013426][ C3] Buffer I/O error on dev loop6, logical block 1, async page read [ 149.015502][T10655] Dev loop6: unable to read RDB block 8 [ 149.017178][ C0] I/O error, dev loop6, sector 24 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 149.019577][ C0] Buffer I/O error on dev loop6, logical block 3, async page read [ 149.021676][T10655] loop6: unable to read partition table [ 149.021824][ C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 149.023231][T10655] loop_reread_partitions: partition scan of loop6 (3 ) failed (rc=-5) [ 149.028105][ T1132] loop: Write error at byte offset 1, length 4096. [ 149.030295][ C0] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 149.032734][ C0] Buffer I/O error on dev loop6, logical block 0, lost async page write [ 149.054351][ C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 149.056840][ C0] Buffer I/O error on dev loop6, logical block 0, async page read [ 149.058882][ C0] I/O error, dev loop6, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 149.061351][ C0] Buffer I/O error on dev loop6, logical block 1, async page read [ 149.063298][ C0] I/O error, dev loop6, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 149.065483][ C0] Buffer I/O error on dev loop6, logical block 2, async page read [ 149.067447][ C0] I/O error, dev loop6, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 149.069762][ C0] Buffer I/O error on dev loop6, logical block 3, async page read [ 149.071691][ C0] Buffer I/O error on dev loop6, logical block 4, async page read [ 149.073667][ C0] Buffer I/O error on dev loop6, logical block 5, async page read [ 149.090082][ T5359] ldm_validate_partition_table(): Disk read failed. [ 149.102453][ T5359] Dev loop6: unable to read RDB block 0 [ 149.108415][ T5359] loop6: unable to read partition table [ 149.126222][ T2027] usb 8-1: GET_CAPABILITIES returned 0 [ 149.127691][ T2027] usbtmc 8-1:16.0: can't read capabilities [ 149.232508][T10651] netlink: 8 bytes leftover after parsing attributes in process `syz.2.739'. [ 149.235039][T10651] netlink: 24 bytes leftover after parsing attributes in process `syz.2.739'. [ 149.327794][ T39] kauditd_printk_skb: 97 callbacks suppressed [ 149.327805][ T39] audit: type=1326 audit(1734771303.093:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz.3.737" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 149.338803][ T39] audit: type=1326 audit(1734771303.103:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz.3.737" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 149.350547][ T39] audit: type=1326 audit(1734771303.123:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10663 comm="syz.3.737" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 149.470762][ T39] audit: type=1326 audit(1734771303.123:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz.3.737" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 149.477092][ T39] audit: type=1326 audit(1734771303.123:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz.3.737" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 149.490071][ T39] audit: type=1326 audit(1734771303.243:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz.3.737" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 149.540620][ T39] audit: type=1326 audit(1734771303.243:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz.3.737" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 149.546147][ T39] audit: type=1326 audit(1734771303.243:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz.3.737" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 149.562597][ T39] audit: type=1326 audit(1734771303.243:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz.3.737" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 149.568393][ T39] audit: type=1326 audit(1734771303.243:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10644 comm="syz.3.737" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f70579 code=0x7ffc0000 [ 149.591835][ T35] usb 8-1: USB disconnect, device number 5 [ 149.618311][T10668] netlink: 4 bytes leftover after parsing attributes in process `syz.2.743'. [ 149.691398][T10671] netlink: 4 bytes leftover after parsing attributes in process `syz.0.744'. [ 150.242937][T10689] netlink: 4 bytes leftover after parsing attributes in process `syz.1.749'. [ 150.351880][T10695] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.41 [ 150.353693][T10695] PKCS7: Only support pkcs7_signedData type [ 151.588967][ T1133] Bluetooth: hci4: Frame reassembly failed (-84) [ 152.077320][T10729] netlink: 36 bytes leftover after parsing attributes in process `syz.3.761'. [ 152.337912][T10741] vivid-007: disconnect [ 152.762320][T10748] netlink: 4 bytes leftover after parsing attributes in process `syz.2.763'. [ 153.610027][ T63] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 153.619739][T10760] netlink: 4 bytes leftover after parsing attributes in process `syz.2.767'. [ 153.630199][ T66] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 153.643229][T10715] vivid-007: reconnect [ 155.005627][T10786] netlink: 596 bytes leftover after parsing attributes in process `syz.2.772'. [ 155.302557][ T39] kauditd_printk_skb: 101 callbacks suppressed [ 155.302573][ T39] audit: type=1326 audit(1734771309.073:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10798 comm="syz.2.778" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 155.316529][ T39] audit: type=1326 audit(1734771309.073:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10798 comm="syz.2.778" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 155.323147][ T39] audit: type=1326 audit(1734771309.073:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10798 comm="syz.2.778" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 155.328447][ T39] audit: type=1326 audit(1734771309.073:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10798 comm="syz.2.778" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 155.334112][ T39] audit: type=1326 audit(1734771309.073:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10798 comm="syz.2.778" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 155.339671][ T39] audit: type=1326 audit(1734771309.073:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10798 comm="syz.2.778" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 155.345829][ T39] audit: type=1326 audit(1734771309.073:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10798 comm="syz.2.778" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 155.351618][ T39] audit: type=1326 audit(1734771309.073:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10798 comm="syz.2.778" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 155.356875][ T39] audit: type=1326 audit(1734771309.073:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10798 comm="syz.2.778" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 155.362346][ T39] audit: type=1326 audit(1734771309.073:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10798 comm="syz.2.778" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 155.407249][T10801] team0: Port device team_slave_0 removed [ 155.414179][T10801] team0: Port device team_slave_1 removed [ 155.416125][T10801] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 155.418129][T10801] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 155.426000][T10801] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 155.428275][T10801] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 155.439385][T10801] team0: Port device geneve1 removed [ 155.490966][T10801] netlink: 20 bytes leftover after parsing attributes in process `syz.3.779'. [ 155.536216][T10804] netlink: 4 bytes leftover after parsing attributes in process `syz.3.780'. [ 156.262004][T10827] bridge_slave_1: left allmulticast mode [ 156.263545][T10827] bridge_slave_1: left promiscuous mode [ 156.265339][T10827] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.485921][T10831] netlink: 4 bytes leftover after parsing attributes in process `syz.3.789'. [ 157.479842][T10850] vivid-007: disconnect [ 158.238758][T10863] netlink: 4 bytes leftover after parsing attributes in process `syz.2.800'. [ 158.314704][T10849] vivid-007: reconnect [ 158.500771][T10871] netlink: 4 bytes leftover after parsing attributes in process `syz.2.802'. [ 158.580996][T10874] netlink: 4 bytes leftover after parsing attributes in process `syz.3.803'. [ 159.035869][T10883] 9pnet_fd: Insufficient options for proto=fd [ 159.327225][T10889] netlink: 'syz.1.806': attribute type 1 has an invalid length. [ 159.337815][T10889] 8021q: adding VLAN 0 to HW filter on device bond0 [ 159.757790][T10906] netlink: 4 bytes leftover after parsing attributes in process `syz.1.814'. [ 160.230589][T10924] netlink: 4 bytes leftover after parsing attributes in process `syz.3.818'. [ 160.493785][T10930] netlink: 4 bytes leftover after parsing attributes in process `syz.0.820'. [ 160.683949][T10935] netlink: 4 bytes leftover after parsing attributes in process `syz.2.821'. [ 160.879280][T10944] vivid-007: disconnect [ 161.723840][T10943] vivid-007: reconnect [ 161.731413][T10953] 9pnet_virtio: no channels available for device syz [ 161.733950][T10953] 9pnet_virtio: no channels available for device syz [ 161.736286][T10953] 9pnet_virtio: no channels available for device syz [ 161.779079][T10953] 9pnet_virtio: no channels available for device syz [ 161.801566][T10953] 9pnet_virtio: no channels available for device syz [ 161.803840][T10953] 9pnet_virtio: no channels available for device syz [ 161.806458][T10953] 9pnet_virtio: no channels available for device syz [ 161.808424][T10953] 9pnet_virtio: no channels available for device syz [ 161.821947][T10953] 9pnet_virtio: no channels available for device syz [ 161.823860][T10953] 9pnet_virtio: no channels available for device syz [ 161.825677][T10953] 9pnet_virtio: no channels available for device syz [ 161.827533][T10953] 9pnet_virtio: no channels available for device syz [ 161.840381][T10953] 9pnet_virtio: no channels available for device syz [ 161.855038][T10953] 9pnet_virtio: no channels available for device syz [ 161.857988][T10953] 9pnet_virtio: no channels available for device syz [ 161.860760][T10953] 9pnet_virtio: no channels available for device syz [ 161.863088][T10953] 9pnet_virtio: no channels available for device syz [ 161.865415][T10953] 9pnet_virtio: no channels available for device syz [ 161.867725][T10953] 9pnet_virtio: no channels available for device syz [ 161.870106][T10953] 9pnet_virtio: no channels available for device syz [ 161.872556][T10953] 9pnet_virtio: no channels available for device syz [ 161.874883][T10953] 9pnet_virtio: no channels available for device syz [ 161.877184][T10953] 9pnet_virtio: no channels available for device syz [ 161.879533][T10953] 9pnet_virtio: no channels available for device syz [ 161.884877][T10953] 9pnet_virtio: no channels available for device syz [ 161.887904][T10953] 9pnet_virtio: no channels available for device syz [ 161.890978][T10953] 9pnet_virtio: no channels available for device syz [ 161.894109][T10953] 9pnet_virtio: no channels available for device syz [ 161.897164][T10953] 9pnet_virtio: no channels available for device syz [ 161.900336][T10953] 9pnet_virtio: no channels available for device syz [ 161.902655][T10953] 9pnet_virtio: no channels available for device syz [ 161.904729][T10953] 9pnet_virtio: no channels available for device syz [ 161.925878][T10966] bridge_slave_1: left allmulticast mode [ 161.927963][T10966] bridge_slave_1: left promiscuous mode [ 161.930953][T10966] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.026579][T10963] netlink: 36 bytes leftover after parsing attributes in process `syz.1.832'. [ 162.029485][T10963] gretap0: entered promiscuous mode [ 163.440071][ T2027] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 163.532019][T11008] Unknown options in mask 7 [ 163.535028][T11008] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 163.537556][T11008] /dev/nullb0: Can't open blockdev [ 163.565053][T11010] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 4, id = 0 [ 163.602377][ T2027] usb 7-1: Using ep0 maxpacket: 8 [ 163.605373][ T2027] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 163.608669][ T2027] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 163.612600][ T2027] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 163.615811][ T2027] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 163.620514][ T2027] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 163.623452][ T2027] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.623751][T11009] netlink: 28 bytes leftover after parsing attributes in process `syz.1.844'. [ 163.829238][ T2027] usb 7-1: GET_CAPABILITIES returned 0 [ 163.830682][ T2027] usbtmc 7-1:16.0: can't read capabilities [ 164.040083][ T63] usb 7-1: USB disconnect, device number 5 [ 164.312082][T11032] netlink: 4 bytes leftover after parsing attributes in process `syz.1.851'. [ 164.580852][ T39] kauditd_printk_skb: 100 callbacks suppressed [ 164.580867][ T39] audit: type=1326 audit(1734771318.353:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.2.852" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 164.600622][ T39] audit: type=1326 audit(1734771318.363:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.2.852" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 164.620106][ T39] audit: type=1326 audit(1734771318.363:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.2.852" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 164.627563][ T39] audit: type=1326 audit(1734771318.363:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.2.852" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 164.634691][ T39] audit: type=1326 audit(1734771318.363:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.2.852" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 164.642103][ T39] audit: type=1326 audit(1734771318.363:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.2.852" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 164.649506][ T39] audit: type=1326 audit(1734771318.363:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.2.852" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 164.657364][ T39] audit: type=1326 audit(1734771318.363:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.2.852" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 164.670166][ T39] audit: type=1326 audit(1734771318.363:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.2.852" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 164.677801][ T39] audit: type=1326 audit(1734771318.363:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.2.852" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 164.895863][T11054] netlink: 4 bytes leftover after parsing attributes in process `syz.3.857'. [ 165.577196][T11071] netlink: 4 bytes leftover after parsing attributes in process `syz.0.860'. [ 165.577905][T11072] netlink: 4 bytes leftover after parsing attributes in process `syz.1.861'. [ 165.806788][T11080] vivid-007: disconnect [ 166.416997][T11079] vivid-007: reconnect [ 167.414532][T11109] netlink: 4 bytes leftover after parsing attributes in process `syz.0.871'. [ 167.663980][T11119] vivid-007: disconnect [ 168.366451][T11118] vivid-007: reconnect [ 168.404519][T11137] netlink: 8 bytes leftover after parsing attributes in process `syz.2.880'. [ 168.650083][ T35] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 168.810088][ T35] usb 7-1: Using ep0 maxpacket: 8 [ 168.813628][ T35] usb 7-1: config index 0 descriptor too short (expected 5924, got 36) [ 168.815896][ T35] usb 7-1: config 250 has an invalid interface number: 228 but max is -1 [ 168.818064][ T35] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 168.820851][ T35] usb 7-1: config 250 has no interface number 0 [ 168.822530][ T35] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 168.825554][ T35] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 168.828236][ T35] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 168.834263][ T35] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 168.836933][ T35] usb 7-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 168.840816][ T35] usb 7-1: config 250 interface 228 has no altsetting 0 [ 168.843719][ T35] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 168.846113][ T35] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 168.848252][ T35] usb 7-1: Product: syz [ 168.849388][ T35] usb 7-1: SerialNumber: syz [ 168.853167][ T35] hub 7-1:250.228: bad descriptor, ignoring hub [ 168.854885][ T35] hub 7-1:250.228: probe with driver hub failed with error -5 [ 169.112125][ T35] usblp 7-1:250.228: usblp0: USB Bidirectional printer dev 6 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 169.148991][T11144] syz.3.882: attempt to access beyond end of device [ 169.148991][T11144] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0 [ 169.153276][T11144] efs: cannot read volume header [ 169.313475][T11163] vivid-007: disconnect [ 169.313793][T11137] program syz.2.880 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 169.730367][T11137] usb 7-1: reset high-speed USB device number 6 using dummy_hcd [ 170.154973][T11162] vivid-007: reconnect [ 170.264412][T11182] netlink: 4 bytes leftover after parsing attributes in process `syz.3.894'. [ 170.422394][ T63] usb 7-1: USB disconnect, device number 6 [ 170.425833][ T63] usblp0: removed [ 170.429465][ T39] kauditd_printk_skb: 109 callbacks suppressed [ 170.429475][ T39] audit: type=1326 audit(1734771324.193:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11185 comm="syz.0.895" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 170.440527][ T39] audit: type=1326 audit(1734771324.193:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11185 comm="syz.0.895" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 170.447847][ T39] audit: type=1326 audit(1734771324.193:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11185 comm="syz.0.895" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 170.453823][ T39] audit: type=1326 audit(1734771324.193:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11185 comm="syz.0.895" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 170.459747][ T39] audit: type=1326 audit(1734771324.203:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11185 comm="syz.0.895" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 170.468841][ T39] audit: type=1326 audit(1734771324.203:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11185 comm="syz.0.895" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 170.476622][ T39] audit: type=1326 audit(1734771324.203:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11185 comm="syz.0.895" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 170.490818][ T39] audit: type=1326 audit(1734771324.203:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11185 comm="syz.0.895" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 170.498746][ T39] audit: type=1326 audit(1734771324.203:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11185 comm="syz.0.895" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 170.506911][ T39] audit: type=1326 audit(1734771324.203:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11185 comm="syz.0.895" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 170.538333][T11191] netlink: 4 bytes leftover after parsing attributes in process `syz.0.897'. [ 171.080064][ T63] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 171.211733][T11201] vivid-007: disconnect [ 171.241111][ T63] usb 7-1: Using ep0 maxpacket: 8 [ 171.245393][ T63] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 171.248013][ T63] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 171.252262][ T63] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 171.254975][ T63] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 171.258613][ T63] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 171.263861][ T63] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.469800][ T63] usb 7-1: GET_CAPABILITIES returned 0 [ 171.474480][ T63] usbtmc 7-1:16.0: can't read capabilities [ 171.966485][ T2027] usb 7-1: USB disconnect, device number 7 [ 172.071938][T11200] vivid-007: reconnect [ 172.530616][ T5945] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 172.539418][ T5945] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 172.543624][ T5945] Bluetooth: hci3: SCO packet for unknown connection handle 1 [ 173.068782][T11232] netlink: 4 bytes leftover after parsing attributes in process `syz.0.908'. [ 173.378182][T11242] netlink: 4 bytes leftover after parsing attributes in process `syz.1.911'. [ 174.636120][T11267] vivid-007: disconnect [ 175.536253][T11266] vivid-007: reconnect [ 175.635236][ T39] kauditd_printk_skb: 51 callbacks suppressed [ 175.635296][ T39] audit: type=1326 audit(1734771329.403:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.0.921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 175.657100][ T39] audit: type=1326 audit(1734771329.413:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.0.921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 175.658521][ T5945] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 175.680223][ T39] audit: type=1326 audit(1734771329.413:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.0.921" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 175.685182][ T5945] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 175.687934][ T39] audit: type=1326 audit(1734771329.413:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.0.921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 175.687954][ T39] audit: type=1326 audit(1734771329.413:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.0.921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 175.687971][ T39] audit: type=1326 audit(1734771329.413:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.0.921" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 175.692798][ T5945] Bluetooth: hci3: SCO packet for unknown connection handle 1 [ 175.710176][ T39] audit: type=1326 audit(1734771329.413:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.0.921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 175.715144][T11281] netlink: 4 bytes leftover after parsing attributes in process `syz.2.922'. [ 175.719563][ T39] audit: type=1326 audit(1734771329.413:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.0.921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 175.719583][ T39] audit: type=1326 audit(1734771329.413:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.0.921" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 175.735694][ T39] audit: type=1326 audit(1734771329.413:945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11276 comm="syz.0.921" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe2579 code=0x7ffc0000 [ 177.049202][ T65] Bluetooth: hci4: Frame reassembly failed (-84) [ 177.056481][T11309] netlink: 4 bytes leftover after parsing attributes in process `syz.0.929'. [ 177.163912][T11313] vivid-007: disconnect [ 177.280373][ T57] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 177.450352][ T57] usb 6-1: Using ep0 maxpacket: 32 [ 177.454230][ T57] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 177.461424][ T57] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 177.463889][ T57] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 177.466042][ T57] usb 6-1: Product: syz [ 177.467195][ T57] usb 6-1: Manufacturer: syz [ 177.468497][ T57] usb 6-1: SerialNumber: syz [ 177.480753][ T57] usb 6-1: config 0 descriptor?? [ 177.737705][ T831] usb 6-1: USB disconnect, device number 8 [ 178.192661][T11312] vivid-007: reconnect [ 178.245871][ T66] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 178.247257][ T66] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 178.252098][ T66] Bluetooth: hci2: SCO packet for unknown connection handle 1 [ 178.343569][T11329] bridge_slave_0: left allmulticast mode [ 178.347355][T11329] bridge_slave_0: left promiscuous mode [ 178.348896][T11329] bridge0: port 1(bridge_slave_0) entered disabled state [ 178.404778][T11332] netlink: 4 bytes leftover after parsing attributes in process `syz.2.935'. [ 179.070199][ T66] Bluetooth: hci4: command 0xfc11 tx timeout [ 179.070330][ T5945] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 180.655644][T11378] bridge_slave_0: left allmulticast mode [ 180.657242][T11378] bridge_slave_0: left promiscuous mode [ 180.657613][ T39] kauditd_printk_skb: 51 callbacks suppressed [ 180.657623][ T39] audit: type=1326 audit(1734771334.423:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11379 comm="syz.2.948" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 180.658765][T11378] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.668756][ T39] audit: type=1326 audit(1734771334.423:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11379 comm="syz.2.948" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 180.674419][ T39] audit: type=1326 audit(1734771334.423:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11379 comm="syz.2.948" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 180.680017][ T39] audit: type=1326 audit(1734771334.423:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11379 comm="syz.2.948" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 180.685523][ T39] audit: type=1326 audit(1734771334.423:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11379 comm="syz.2.948" exe="/syz-executor" sig=0 arch=40000003 syscall=286 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 180.691150][ T39] audit: type=1326 audit(1734771334.423:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11379 comm="syz.2.948" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 180.696618][ T39] audit: type=1326 audit(1734771334.423:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11379 comm="syz.2.948" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 180.702201][ T39] audit: type=1326 audit(1734771334.423:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11379 comm="syz.2.948" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 180.707732][ T39] audit: type=1326 audit(1734771334.433:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11379 comm="syz.2.948" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 180.714063][ T39] audit: type=1326 audit(1734771334.433:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11379 comm="syz.2.948" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x7ffc0000 [ 181.044053][T11406] vivid-007: disconnect [ 181.414623][T11412] netlink: 20 bytes leftover after parsing attributes in process `syz.0.954'. [ 181.901463][T11404] vivid-007: reconnect [ 182.557298][ T5945] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 182.558482][ T5945] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 182.562714][ T5945] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 182.564738][ T5945] Bluetooth: hci2: SCO packet for unknown connection handle 1 [ 183.109489][T11454] vivid-007: disconnect [ 183.672977][T11459] netlink: 4 bytes leftover after parsing attributes in process `syz.0.968'. [ 183.940341][T11453] vivid-007: reconnect [ 183.976233][T11464] netlink: 3 bytes leftover after parsing attributes in process `syz.2.969'. [ 184.268298][T11485] bond0: (slave bond_slave_0): Releasing backup interface [ 184.274403][T11485] bond0: (slave bond_slave_1): Releasing backup interface [ 184.284702][T11485] team_slave_0: left promiscuous mode [ 184.295310][T11485] team0: Port device team_slave_0 removed [ 184.298716][T11485] team_slave_1: left promiscuous mode [ 184.303640][T11485] team0: Port device team_slave_1 removed [ 184.305982][T11485] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 184.308318][T11485] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 184.312247][T11485] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 184.314457][T11485] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 184.450466][T11485] team0: Mode changed to "broadcast" [ 184.453876][T11485] vlan0: entered promiscuous mode [ 184.461081][T11485] team0: Port device vlan0 added [ 184.473799][T11485] tipc: Started in network mode [ 184.475306][T11485] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 184.477360][T11485] tipc: Enabled bearer , priority 6 [ 184.561839][ T5945] Bluetooth: hci2: SCO packet for unknown connection handle 201 [ 184.563276][ T5945] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 184.567464][ T5945] Bluetooth: hci2: ACL packet for unknown connection handle 201 [ 184.569709][ T5945] Bluetooth: hci2: SCO packet for unknown connection handle 1 [ 185.526640][T11507] netlink: 4 bytes leftover after parsing attributes in process `syz.3.983'. [ 185.528183][ T2296] tipc: Node number set to 11578026 [ 186.680531][ T2027] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 186.837610][ T2027] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 186.841090][ T2027] usb 8-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 186.844664][ T2027] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 186.847888][ T2027] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 186.852975][ T2027] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 186.857356][ T2027] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 186.859746][ T2027] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 186.860440][T11540] netlink: 4 bytes leftover after parsing attributes in process `syz.2.992'. [ 186.862608][ T2027] usb 8-1: Product: syz [ 186.865774][ T2027] usb 8-1: Manufacturer: syz [ 186.870684][ T2027] cdc_wdm 8-1:1.0: skipping garbage [ 186.872170][ T2027] cdc_wdm 8-1:1.0: skipping garbage [ 186.874049][ T2027] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 186.875704][ T2027] cdc_wdm 8-1:1.0: Unknown control protocol [ 187.083942][T11530] netlink: 12 bytes leftover after parsing attributes in process `syz.3.988'. [ 187.086394][T11530] netlink: 60 bytes leftover after parsing attributes in process `syz.3.988'. [ 187.089104][T11530] netlink: 12 bytes leftover after parsing attributes in process `syz.3.988'. [ 187.091987][T11530] netlink: 60 bytes leftover after parsing attributes in process `syz.3.988'. [ 187.094285][T11530] netlink: 104 bytes leftover after parsing attributes in process `syz.3.988'. [ 187.098696][ T2296] usb 8-1: USB disconnect, device number 7 [ 187.401564][T11545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.993'. [ 187.770706][T11559] tmpfs: Bad value for 'mpol' [ 187.798303][T11562] vivid-007: disconnect [ 188.630662][T11561] vivid-007: reconnect [ 189.251172][T11584] __nla_validate_parse: 2 callbacks suppressed [ 189.251185][T11584] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1004'. [ 189.639449][T11599] delete_channel: no stack [ 189.643972][T11598] delete_channel: no stack [ 189.686020][T11604] vivid-007: disconnect [ 190.517671][T11603] vivid-007: reconnect [ 190.554639][T11620] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1015'. [ 190.664058][ T5945] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 190.665536][ T5945] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 190.673877][ T5945] Bluetooth: hci3: ACL packet for unknown connection handle 201 [ 190.677707][ T5945] Bluetooth: hci3: SCO packet for unknown connection handle 1 [ 191.572597][T11640] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1021'. [ 191.826168][T11651] vivid-007: disconnect [ 192.660353][T11650] vivid-007: reconnect [ 193.515022][T11698] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1034'. [ 193.575301][T11701] vivid-007: disconnect [ 193.713587][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.715461][ T1413] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.408147][T11700] vivid-007: reconnect [ 194.690114][ T25] usb 5-1: new full-speed USB device number 8 using dummy_hcd [ 194.797942][T11729] tipc: Started in network mode [ 194.799354][T11729] tipc: Node identity ea16b63f047a, cluster identity 4711 [ 194.801478][T11729] tipc: Enabled bearer , priority 0 [ 194.803652][T11729] syzkaller0: entered promiscuous mode [ 194.805098][T11729] syzkaller0: entered allmulticast mode [ 194.809782][T11728] tipc: Resetting bearer [ 194.827263][T11728] tipc: Disabling bearer [ 194.861671][ T25] usb 5-1: not running at top speed; connect to a high speed hub [ 194.864483][ T25] usb 5-1: config 1 interface 0 altsetting 129 endpoint 0x2 has invalid maxpacket 1024, setting to 64 [ 194.867491][ T25] usb 5-1: config 1 interface 0 has no altsetting 0 [ 194.873853][ T25] usb 5-1: New USB device found, idVendor=056a, idProduct=006a, bcdDevice= 0.40 [ 194.876358][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 194.878505][ T25] usb 5-1: Product: ᐄ [ 194.879678][ T25] usb 5-1: Manufacturer: ю [ 194.881107][ T25] usb 5-1: SerialNumber: 䉇窃뒤낖썴錂닌뙗㕈萠㔔ॎ䘮원ꎶ梬乻ꖱ흇鋁Ⰲ䐏硆ⴧ᷎ᆢ睟曏ﲫ᛾ᜁ㗳숽ﵢ嵨⽴⟲ɺ❽捙ﱩ绎ﺧ癇痜ᨹ阑愈䒌怺ꇐꩉ聴앴뭊⮮ⱒ⩦潒볈癅⸶䋶춸㝑ࠞ鷣頪ꊡ㒗甊ۨ饻蓼ᄅ朇 [ 194.892953][T11715] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 195.104987][ T25] usbhid 5-1:1.0: can't add hid device: -71 [ 195.106639][ T25] usbhid 5-1:1.0: probe with driver usbhid failed with error -71 [ 195.112867][ T25] usb 5-1: USB disconnect, device number 8 [ 195.633025][T11742] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1046'. [ 196.324261][T11755] vivid-007: disconnect [ 196.926394][T11751] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 197.213379][T11754] vivid-007: reconnect [ 197.499056][ T39] kauditd_printk_skb: 43 callbacks suppressed [ 197.499066][ T39] audit: type=1326 audit(1734771351.263:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11775 comm="syz.2.1055" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f51579 code=0x0 [ 197.868354][T11786] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1058'. [ 198.732504][T11803] vivid-007: disconnect [ 198.751508][T11805] netlink: 'syz.2.1063': attribute type 10 has an invalid length. [ 198.769910][T11805] veth0_vlan: left promiscuous mode [ 198.773229][T11805] veth0_vlan: entered promiscuous mode [ 198.775646][T11805] [ 198.776297][T11805] ============================================ [ 198.777878][T11805] WARNING: possible recursive locking detected [ 198.779685][T11805] 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 Not tainted [ 198.781575][T11805] -------------------------------------------- [ 198.784326][T11805] syz.2.1063/11805 is trying to acquire lock: [ 198.785893][T11805] ffff88804c3f8e00 (team->team_lock_key#3){+.+.}-{4:4}, at: team_device_event+0x2c7/0x770 [ 198.788443][T11805] [ 198.788443][T11805] but task is already holding lock: [ 198.790346][T11805] ffff88804c3f8e00 (team->team_lock_key#3){+.+.}-{4:4}, at: team_add_slave+0x9c/0x1ff0 [ 198.792800][T11805] [ 198.792800][T11805] other info that might help us debug this: [ 198.794878][T11805] Possible unsafe locking scenario: [ 198.794878][T11805] [ 198.796761][T11805] CPU0 [ 198.797619][T11805] ---- [ 198.798488][T11805] lock(team->team_lock_key#3); [ 198.799777][T11805] lock(team->team_lock_key#3); [ 198.801056][T11805] [ 198.801056][T11805] *** DEADLOCK *** [ 198.801056][T11805] [ 198.803107][T11805] May be due to missing lock nesting notation [ 198.803107][T11805] [ 198.805214][T11805] 2 locks held by syz.2.1063/11805: [ 198.806577][T11805] #0: ffffffff8fabfc48 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x5e4/0x1d70 [ 198.808874][T11805] #1: ffff88804c3f8e00 (team->team_lock_key#3){+.+.}-{4:4}, at: team_add_slave+0x9c/0x1ff0 [ 198.811439][T11805] [ 198.811439][T11805] stack backtrace: [ 198.812947][T11805] CPU: 0 UID: 0 PID: 11805 Comm: syz.2.1063 Not tainted 6.13.0-rc3-syzkaller-00193-ge9b8ffafd20a #0 [ 198.815809][T11805] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 198.818533][T11805] Call Trace: [ 198.819403][T11805] [ 198.820176][T11805] dump_stack_lvl+0x116/0x1f0 [ 198.821394][T11805] print_deadlock_bug+0x2e3/0x410 [ 198.822708][T11805] __lock_acquire+0x2117/0x3c40 [ 198.823971][T11805] ? __pfx___lock_acquire+0x10/0x10 [ 198.825325][T11805] ? find_held_lock+0x2d/0x110 [ 198.826572][T11805] lock_acquire.part.0+0x11b/0x380 [ 198.827891][T11805] ? team_device_event+0x2c7/0x770 [ 198.829219][T11805] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 198.830674][T11805] ? rcu_is_watching+0x12/0xc0 [ 198.831918][T11805] ? trace_lock_acquire+0x14e/0x1f0 [ 198.833262][T11805] ? team_device_event+0x2c7/0x770 [ 198.834626][T11805] ? lock_acquire+0x2f/0xb0 [ 198.835752][T11805] ? team_device_event+0x2c7/0x770 [ 198.837026][T11805] __mutex_lock+0x19b/0xa60 [ 198.838147][T11805] ? team_device_event+0x2c7/0x770 [ 198.839480][T11805] ? team_device_event+0x2c7/0x770 [ 198.840747][T11805] ? __pfx___mutex_lock+0x10/0x10 [ 198.842012][T11805] ? team_device_event+0x2c7/0x770 [ 198.843326][T11805] team_device_event+0x2c7/0x770 [ 198.844610][T11805] notifier_call_chain+0xb7/0x410 [ 198.845908][T11805] ? __pfx_team_device_event+0x10/0x10 [ 198.847345][T11805] call_netdevice_notifiers_info+0xbe/0x140 [ 198.848885][T11805] __dev_notify_flags+0x12d/0x2e0 [ 198.850179][T11805] ? __pfx___dev_notify_flags+0x10/0x10 [ 198.851606][T11805] ? __dev_change_flags+0x3d9/0x720 [ 198.852944][T11805] ? __pfx___dev_change_flags+0x10/0x10 [ 198.854406][T11805] dev_change_flags+0x10c/0x160 [ 198.855663][T11805] vlan_device_event+0xdfc/0x2120 [ 198.856967][T11805] ? __pfx_dsa_user_netdevice_event+0x10/0x10 [ 198.858542][T11805] ? __pfx_phonet_device_notify+0x10/0x10 [ 198.860010][T11805] ? __pfx_vlan_device_event+0x10/0x10 [ 198.861411][T11805] ? __pfx_br_device_event+0x10/0x10 [ 198.862779][T11805] ? raw_notifier+0xa4/0x860 [ 198.864029][T11805] ? isotp_notifier+0xa4/0x6d0 [ 198.865281][T11805] ? bcm_notifier+0xa8/0x820 [ 198.866481][T11805] ? cgw_notifier+0xa2/0x390 [ 198.867675][T11805] ? lockdep_rtnl_is_held+0x26/0x40 [ 198.869031][T11805] notifier_call_chain+0xb7/0x410 [ 198.870346][T11805] ? __pfx_vlan_device_event+0x10/0x10 [ 198.871754][T11805] call_netdevice_notifiers_info+0xbe/0x140 [ 198.873279][T11805] dev_open+0x144/0x160 [ 198.874396][T11805] ? __pfx_dev_open+0x10/0x10 [ 198.875607][T11805] ? team_add_slave+0x257/0x1ff0 [ 198.876883][T11805] ? team_add_slave+0x775/0x1ff0 [ 198.878155][T11805] team_add_slave+0xa8c/0x1ff0 [ 198.879404][T11805] ? __pfx_team_add_slave+0x10/0x10 [ 198.880744][T11805] ? __lock_acquire+0x15a9/0x3c40 [ 198.882044][T11805] ? __pfx_team_add_slave+0x10/0x10 [ 198.883388][T11805] do_set_master+0x1bc/0x230 [ 198.884576][T11805] do_setlink.constprop.0+0xa0d/0x3f20 [ 198.885988][T11805] ? __pfx_lock_release+0x10/0x10 [ 198.887286][T11805] ? __pfx_do_setlink.constprop.0+0x10/0x10 [ 198.888797][T11805] ? lock_acquire.part.0+0x11b/0x380 [ 198.890155][T11805] ? __mutex_trylock_common+0xea/0x250 [ 198.891558][T11805] ? __pfx___mutex_trylock_common+0x10/0x10 [ 198.893069][T11805] ? rtnl_newlink+0x5e4/0x1d70 [ 198.894341][T11805] ? rcu_is_watching+0x12/0xc0 [ 198.895551][T11805] ? trace_contention_end+0xee/0x140 [ 198.896835][T11805] ? __mutex_lock+0x1cc/0xa60 [ 198.897993][T11805] ? rtnl_newlink+0x5e4/0x1d70 [ 198.899238][T11805] ? __pfx___mutex_lock+0x10/0x10 [ 198.900548][T11805] ? apparmor_capable+0x114/0x1d0 [ 198.901847][T11805] ? netlink_ns_capable+0xfa/0x130 [ 198.903179][T11805] rtnl_newlink+0x131c/0x1d70 [ 198.904391][T11805] ? __pfx_rtnl_newlink+0x10/0x10 [ 198.905693][T11805] ? __pfx___lock_acquire+0x10/0x10 [ 198.907045][T11805] ? kmem_cache_free+0x152/0x4c0 [ 198.908321][T11805] ? aa_get_newest_label+0x376/0x680 [ 198.909681][T11805] ? find_held_lock+0x2d/0x110 [ 198.910927][T11805] ? find_held_lock+0x2d/0x110 [ 198.912160][T11805] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 198.913478][T11805] ? __pfx_lock_release+0x10/0x10 [ 198.914815][T11805] ? trace_lock_acquire+0x14e/0x1f0 [ 198.916161][T11805] ? __pfx_rtnl_newlink+0x10/0x10 [ 198.917447][T11805] rtnetlink_rcv_msg+0x95b/0xea0 [ 198.918682][T11805] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 198.920086][T11805] ? __pfx___dev_queue_xmit+0x10/0x10 [ 198.921468][T11805] netlink_rcv_skb+0x165/0x410 [ 198.922716][T11805] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 198.924121][T11805] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 198.925490][T11805] ? netlink_deliver_tap+0x1ae/0xca0 [ 198.926851][T11805] netlink_unicast+0x53c/0x7f0 [ 198.928077][T11805] ? __pfx_netlink_unicast+0x10/0x10 [ 198.929449][T11805] ? __phys_addr_symbol+0x30/0x80 [ 198.930753][T11805] ? __check_object_size+0x488/0x710 [ 198.932116][T11805] netlink_sendmsg+0x8b8/0xd70 [ 198.933352][T11805] ? __pfx_netlink_sendmsg+0x10/0x10 [ 198.934718][T11805] ____sys_sendmsg+0x9ae/0xb40 [ 198.935965][T11805] ? __pfx_____sys_sendmsg+0x10/0x10 [ 198.937322][T11805] ? get_compat_msghdr+0x11b/0x170 [ 198.938663][T11805] ___sys_sendmsg+0x135/0x1e0 [ 198.939903][T11805] ? __pfx____sys_sendmsg+0x10/0x10 [ 198.941247][T11805] ? __pfx_lock_release+0x10/0x10 [ 198.942557][T11805] ? trace_lock_acquire+0x14e/0x1f0 [ 198.943892][T11805] ? __fget_files+0x206/0x3a0 [ 198.945109][T11805] __sys_sendmsg+0x16e/0x220 [ 198.946300][T11805] ? __pfx___sys_sendmsg+0x10/0x10 [ 198.947621][T11805] ? __ia32_sys_futex_time32+0x1da/0x460 [ 198.949095][T11805] __do_fast_syscall_32+0x73/0x120 [ 198.950429][T11805] do_fast_syscall_32+0x32/0x80 [ 198.951690][T11805] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 198.953324][T11805] RIP: 0023:0xf7f51579 [ 198.954390][T11805] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 198.959312][T11805] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 198.961447][T11805] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000600 [ 198.963483][T11805] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 198.965529][T11805] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 198.967559][T11805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 198.969608][T11805] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 198.971644][T11805] [ 199.562259][T11802] vivid-007: reconnect VM DIAGNOSIS: 08:55:52 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000039 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85142675 RDI=ffffffff9a6672c0 RBP=ffffffff9a667280 RSP=ffffc9000ccde380 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=0000000000000039 R14=ffffffff85142610 R15=0000000000000000 RIP=ffffffff8514269f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000006cd84000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ba0cb9ad6fa4e315 8386338098dd3e7d ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d11e3467c673539d 497a4dbac5390237 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 470e73fab7f3a124 f3759d46990ed306 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 773e5eba8bf6de63 e3391625fb842605 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000008540 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007900000000 732bd74e067aa275 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007900000079 0000000000000079 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007900966980 732aced6706ae148 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 732ccc460006d8c9 000000006f8f9b36 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cb63fe4923ef3d77 c1bbb7e7d15362bb ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c86f6e8eca588f0f 327f72b550624628 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000054d8bc RBX=0000000000000001 RCX=ffffffff8b1a3819 RDX=ffffed10056a6fee RSI=ffffffff8bb16e40 RDI=ffffffff81702e19 RBP=ffffed10039dc910 RSP=ffffc9000047fe08 R8 =0000000000000000 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000001 R12=0000000000000001 R13=ffff88801cee4880 R14=ffffffff901ce390 R15=0000000000000000 RIP=ffffffff8b1a4bff RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=0000000071990000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001b000000000 0000000400000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=0000000000000001 RCX=ffffffff90bd9a14 RDX=ffffc90028c076c0 RSI=ffffc90028c07bc0 RDI=ffffc90028c076b8 RBP=ffffc90028c07bc0 RSP=ffffc90028c07620 R8 =0000000000000001 R9 =ffffffff90bd9a18 R10=ffffc90028c076b8 R11=00000000000111a4 R12=0000000000000008 R13=ffffc90028c076b8 R14=ffffc90028c076c0 R15=ffffc90028c07be8 RIP=ffffffff8148ec8c RFL=00000287 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f463fb45280 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=0000000012c9c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000004080 Opmask01=00000000100001ff Opmask02=00000000ffffffff Opmask03=0008004000040442 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000556ca9ad17a0 0000556ca9acf800 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffc82b1d80 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffc82b1320 0000003000000010 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 00ff000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cbeb6be3fa7c0211 7373261a8c154a1d ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737373e2 7373737373737373 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c6f682f30706f6f 6c2f6b636f6c622f 6c6175747269762f 736563697665642f ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f646e756f732f00 682e6c6974752f64 65726168732f6372 732f2e2e2f2e2e00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c6f682f30706f6f 6c2f6b636f6c622f 6c6175747269762f 736563697665642f ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000007900 737265646c6f682f 30706f6f6c2f6b63 6f6c622f6c617574 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000004d 4554535953425553 0000000000000021 000000000000302e ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 39303a6500305f65 6b69727473726564 6e7568742f796c70 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4d457f7fffffdf71 55537f7eedffcf54 00007f6ebfffdf7d 5f547f7fbffefd80 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a263b383a3a263a 383a3a26493b3a3a 26483b3a3a264b3b 3a0a00307f617930 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005546004e1b00 000052453f411b00 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000002 RBX=0000000000000001 RCX=ffffffff813f6455 RDX=ffff888022a18000 RSI=0000000000000000 RDI=0000000000000007 RBP=0000000000000001 RSP=ffffc900239a7a80 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000002 R11=0000000000000000 R12=0000000000000002 R13=0000000000000003 R14=dffffc0000000000 R15=0000000000000001 RIP=ffffffff81994ef0 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0003 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=0000000071990000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000