last executing test programs: 9.41066401s ago: executing program 0 (id=2282): socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) r1 = getpid() r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe55}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000, 0x0) r4 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) sendfile(r4, r3, 0x0, 0x80009) openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$NFT_MSG_GETCHAIN(r4, &(0x7f00000005c0)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000580)={0x0}}, 0x48840) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount(&(0x7f0000000000)=@nullb, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080)='vxfs\x00', 0x18642, 0x0) openat$uhid(0xffffffffffffff9c, 0x0, 0x0, 0x0) r5 = socket(0x10, 0x803, 0x0) sendto(r5, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r5, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x7b}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000340)={0x0, 0x3, 0xb38}, &(0x7f0000000380)=0x8) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r5, 0x84, 0x77, &(0x7f0000000440)={r6, 0x25, 0x6, [0x3634, 0x4, 0x4, 0x0, 0x2, 0x8000]}, &(0x7f0000000480)=0x14) r7 = syz_open_pts(r0, 0x0) r8 = dup3(r7, r0, 0x0) ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000100)) ioctl$TIOCSTI(r8, 0x5412, &(0x7f0000000000)) sendmsg$NFT_MSG_GETTABLE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="20000000010a03000000000000000000020000000900010073797a30000000004d00bc867e53d54fade5f8cbdeae519999aebf91a18dbc8974608ac8694b02e0d13746acdd9eda551a32128f6c5a6e77b9bf9f025767e340a68352071bc6b2edf65555ca2a87b6e275390451f5bd026b1f26699c8d2a5745521f1bba1781b26b0ab235b8f8d2d00f70f6241119e3ab480b23feeabfaaebef4e2e81f9f8fb7917bc4852fdcf28b779d60aba45b7e56a57e299e0b04521773941db63b896a5b11c99cea6d9dc297110b5fe85c7d5f613fd0408db92e80fbd6ae46d02fa5dcecade2f152494c4ca00f23cf0"], 0x20}}, 0x0) 8.049920469s ago: executing program 1 (id=2286): ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0) r0 = eventfd(0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000900)=ANY=[@ANYBLOB="1c00000019000104c01636f299b3e31b0000000000000000649e7c8d5d28265129abdba7ce37a102b3ee0b595f2afad8cd0a448d0963d9ee30d3dca10cd4ff4a83ebb9ce6abd0eeb93eb6ba962ff02192d3973b5b634a09bb76c8e1516f2232ba6eec84470ff6c8ed115404c66898f735539fc10dc4399db3b403b05906475181061996cc222d75cca6ba0eeb53c3c92a0676ccd81f1a751c8368373dbd83ac16912c35150adda22d58873a03b7672dc01cc5edbcc50a9d3b7a8750b231c5de8ddbd6f3d914084b31b9ed3fb90b65ffb935347c371202d7cdb4a0292dc862fee72b7ed14d89bf6a49241cfa31f5ff6ec6572f93b8647229ae87400"/261], 0x1c}}, 0x0) ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000700)={0x1, 0x0, [{0x1, 0xb3, &(0x7f0000000740)=""/179}]}) ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f00000005c0)={0x1, r0}) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0}) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/83, &(0x7f0000000880)=""/72}) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000000)=0x1) ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x541b, &(0x7f0000000540)={0x1}) accept4(r1, 0x0, &(0x7f00000001c0), 0x800) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = socket$inet(0xa, 0x801, 0x84) connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r2, 0x8) r3 = accept4(r2, 0x0, 0x0, 0x0) sendmsg$kcm(r3, &(0x7f0000001440)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)="a7", 0x1}], 0x1}, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000340)={0x0, 0x4}, 0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000040), &(0x7f0000000080)=0x8) r4 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000022c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797ad00000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_DELCHAIN={0x74, 0x5, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_CHAIN_HOOK={0x44, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x4398b102}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_HOOK_DEV={0x14, 0x3, 'caif0\x00'}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth0_virt_wifi\x00'}]}, @NFTA_CHAIN_FLAGS={0x8}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x5}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x1}]}], {0x14}}, 0x9c}}, 0x4000) ioctl$SG_BLKTRACESETUP(r4, 0xc0481273, 0x0) socket$inet6(0xa, 0x800, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x0, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bf"], 0x0}, 0x90) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000940)='rxrpc_recvmsg\x00', r6}, 0x10) 7.761399826s ago: executing program 0 (id=2287): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = getpid() r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) prctl$PR_SET_THP_DISABLE(0x41, 0x9) sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) shutdown(r0, 0x1) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_int(r3, 0x29, 0x13, &(0x7f0000000040)=0x1, 0x4) ioctl$sock_SIOCBRADDBR(r3, 0x89a0, &(0x7f0000000040)='team_slave_0\x00') openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) io_uring_setup(0x497c, &(0x7f00000001c0)) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6], 0x48}}, 0x0) 7.090559777s ago: executing program 2 (id=2289): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = getpid() r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) prctl$PR_SET_THP_DISABLE(0x41, 0x9) sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) shutdown(r0, 0x1) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_int(r3, 0x29, 0x13, &(0x7f0000000040)=0x1, 0x4) ioctl$sock_SIOCBRADDBR(r3, 0x89a0, &(0x7f0000000040)='team_slave_0\x00') openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) io_uring_setup(0x497c, &(0x7f00000001c0)) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x48}}, 0x0) 6.911647532s ago: executing program 1 (id=2290): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x882) r3 = syz_io_uring_setup(0x4072, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f00000001c0)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r2, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)='_', 0x1}, {0x0}], 0x2}) io_uring_enter(r3, 0x567, 0x0, 0x0, 0x0, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) fcntl$setstatus(r6, 0x4, 0x0) io_setup(0x2e, &(0x7f0000000100)=0x0) io_submit(r7, 0x1, &(0x7f0000000500)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r6, &(0x7f0000000540)='^', 0x1}]) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff) eventfd(0x15d) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x7}, @hci_rp_read_rssi={{}, {0x0, 0xc9}}}}, 0xa) sendmsg$NL80211_CMD_JOIN_MESH(r6, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x20, r8, 0x100, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_HANDLE_DFS={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x20000080) r10 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x3c, r12, 0x8, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_TX_RATES={0x20, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x1c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_VHT={0x14}]}]}]}, 0x3c}}, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r1, 0x1) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x3a, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x2}]}}}}}}}, 0x0) syz_emit_ethernet(0x6a, &(0x7f0000000140)=ANY=[], 0x0) socket$inet6(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'syztnl0\x00', 0x0}) read$FUSE(r0, &(0x7f0000000480)={0x2020}, 0x2020) lseek(r0, 0xfffffffffffffff5, 0x1) 6.610414438s ago: executing program 0 (id=2291): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/12, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057000000"], 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r3 = socket$packet(0x11, 0x2, 0x300) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r4) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r5 = inotify_init1(0x0) fcntl$setown(r5, 0x8, 0xffffffffffffffff) fcntl$getownex(r5, 0x10, &(0x7f0000000140)={0x0, 0x0}) r7 = syz_open_procfs(r6, &(0x7f0000000040)='fd/4\x00') ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r7, 0x40086610, &(0x7f0000000180)={@id={0x2, 0x300, @b}}) setsockopt$packet_int(r3, 0x107, 0xa, 0x0, 0x0) setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000017c0)=ANY=[@ANYBLOB="b702000009000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065060400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebfc75b5b0f4e4309ebcdac5f7a860c008cbdd3b4c3b7f28754860c9c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81078545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc272cd3d7e8d974927676468ff2d86e0ffac94792ed9cf6b40b3cf252a47c05ae8a70d57cc3e067d1867b54d24e20000000000000020009ebf84d3b042d6e432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3cf96f9483ff19a6471bf5abc742d9cbcfb964b11b31034694a6aad86cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed32da90864987f30926c9013eec3b86836ae50447aa5a79f40c235000000453302712c3d8fc4e2b61adb0695e800000000d4f4e91f0000002c33df424d1bafe5725c8a404724f8a4f1cda7997b65954f74097579b91da309b887af2485c2d9ab09b506000000000000000bf7b2ff4602aec1eea200000064881c5630521a08e051374cf05c921a06fb7818000000009dc8d95e0e5b365d10e1004dae58b3b5b89709b0ff47b200000000004000cbef88811dc8c1b27ac7d9a6bb70f60eb9c01dd2fc79b85e4d961498f3a80131d21d856177a2189f45d011ef1da5c6d57bb8fd387ccea9c3899a914e47e82f040000009d81003f927355408f87264797d3fa970949793b94329d580500d1f91c0d22587e05a61e3d8576ca168e88d7a9af95b04a37c27bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e75fa39643adac1322c87ca253ff2fb1882760d6feab16bacdf83c11816dbe959ebc5ec479c8319f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2df636a65eb1d672bf2000000cda8462cc9b16624998be65683321e970000000009b8e20762c1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49e61a4de808a38ba3512d64dc71867df4eee3f1ff791cf7c9862f98b45852e4b2f78721b978a2df2f2a29a387c6f0576b36038f819286eca99a6a434811cf2a117d775fe986a49fb82cf5f15972d5ab18f1045384501adabb20f7b0e15ff47f1744e2341b59034959a1289ba6e243668e6735305707e3de7652bfc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc0f3d1d503d7a54b49e1ae6c5aa620d27e91aa0aa0ed6fcacfc91fbb4c256409e54daefbb107c381fa729ff5f3907d93430da178d685d7730f5e129438a5214f722096d29863301b0b811f69145d3fbd78a9059e454474f92e65828b018174a9f4738b8c71fbdeac26ab95e02f9a847182766964976b1fccdb9f35721e43e33883cf16ed1343fb7429eb395123b0a4262b7023c22039b9002589a378ed4c6267965af78b861bd025312538cec97966b8973d4e299d9802264d06e40ae118e1d242d1128dcedeb44030df12ef68f78215d65f96eb55db8cbcb060008000d988374f85451a694ffe38a1d03916ff1eec72b31c98d42e1a1bda1290de1a499a5a385b31112a48ba3e6d6849914c1788a7aca37177cc341fff44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553e4ece78d4c1501c70f5d81e0725d5b273755c0000000000000000aa4234ff82182952a76233d18e7d49638aeb04e7a9e9e7eafb7c255372795d2d192a0a33cab0f5bf2e93e0544fcdf2df2bc6ce96e5a11993d54f97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a923655800a2c88cce004505ab45d8f5f88aa887bbce5c18970428516f6099bdbb2cd7a2356397f1a0a23e662e2a6c4834400cbaa41c3c574e6e6aefb7a68da5ec1ae49f968bbe0e0bf9878516f553639f5b4828e92019b61f5874be1c7cdd9482df50bc24a8a1fa10d291390eb84e26a2e8dbeaa45604b05a116c1210a7540bf81005044273f5a8ffc538db289350eb248e483bd8920efcf30a798c2b636243e0a37262ca47dfeefa753ba528f7ba77e825051ce69b4475d7d714ba0c636e6ae9f710411d30ef424aeaabe057c7df6ff8f767bcd9012e1047c686f5ccb76ab3a5df53cbc22ba7ea8f6a8e220bb4d83de1e4dc19d6c1be841503850803bc2c2d5e0e34270a7f1cca0c6c53a8e5f891f7a793a70da62d6d88fbb90d220acc687931b42d6be83ab870da3c0a567f5e65ec0457f4ad2a4ec0b671b36388afd5520a8483a4b11f7d02a41b315f0f9e59f47668d68a74838d6976e12fd45200014041dffacbf60892ec8bd7560686f137a806d3dfaba900b47cac62f828342fff009adb5b2251461a1b9d6ba625b8fe04e69a1a4be2696f0000000086e172932e03000000000000005942e1b9d6dc28ab8e19e1111dd893e801015642faf21eef40d6e7de3ef62c4bc5ff17e7aeb2841098f845d1cc9ec4eee79c298fb0ba939b13707044e2e9cc0d350438c1c8c6bb9a38c6ac5ca0d9cf1f3d6915f25cb26edfc28b3079b97df32601240e454db103fb0c4a14c16837394d2b3673a3f160d3a7b83ecd0509ce9eba0c7bf7843799b1b56a234f9eaab8a3f14f1472bb6aaeb8ac9ee4054605558ab31f339f6a4caf2ee2fd01f34dca3300000000000000000000000000000000f59f8e6e00000000c44130098d833a24000000000095e6f945ba9a941cef5e70b8c152321e24b5b29bcf374dcf5a29a35d76e6e2bf8df95462690a4fc9ec8129e92b6ebb4b40a992a75d3c5954d0bfc87db24d856359079b29b3c374d081c300b2cfaa596d24e800ef8e2201f2fb7a9946f89f9f31f7cbd603fd7f8898c70b5c65f2e28f22e1a79a6af3a54861b07f124642e98389557affbdede09b5566a4a1ee73b20846810030a754acddcdafe3ceeeebc0b5f2fedfe7d198e3067f3dbac9441a9ab8409cbbb7e15b9ae3944097de34de2001c8533a3766e6e4c4c4702ccb932a27a3962814cd6aa8fc684beeaa3932efae3a9052be8eec1e95f6ad8d41dd34829503ba4b66e27154cb6e34aa13450522df1723130b6fb9bec59ae347c93f00e40e293c98d849a33f773c743728992f40faccd5c23130a1c6bfd6fc661bca1598137ddd1090ded672f5a48a40cab3f640c8241a364cbde0f188eec7da7bccafbd5bf28a46f0eecc6b550471b0b0770c6a5a411c0e0b19e15a461e7c6833ba936e214b013f2819ec6572a43b5cd32b11d7e4f8dcf8f7820a17b7b2ee6178a03351dd25091e46bfd82a3979b9cad109fd6217cd52aa81bdabd50826a674bd16b8f7e6aed12a305366599f5f029a7b24558c02750500002f1c19d16a6f391906000000cc0bbbfb8c698ecc137d96711100e0108d3bd2afed0b279ebf0527552a9331e646c424b14ffbb815622bfd2f635855bed1b164d0a56bd104be069854111c5b26ec3c652b5f0a6b9676dae987ec23456ba05a4dfb15321ef6b76e7e547a688c67ab531cfc784c9f940d9fb0464a6cce635e14b80dc5c1c64e75e6bd5355d84f8df272f18f58c570e7afd83ee77f157c146aa747b728969aeb4aba1d8f9de14275bf4a53e95235ae13768ab3fb8ab6ea50e884c2ea98e6400bf0c5ae2887cd1da0e57ccfdf5eca2b455247efcc13102846c0a85f20c80007c0ce6efce627b95b8ad3003385de97101678fb2163ecea6e70a77a6fbc089e31a5ccece932229b8f79faa6863d6857c3d9a9710f9f8ad16eeb8342278f311cbc226498028234d21466892983378fe64acbb44f694cd78e43c74aa75505cb1c91b189f8f89f233a05f5cd4e173a373178557843dd705268f74a9e5429945503195aefd6706b584d8408c9652b3fe68500747f7ee8375fa559c3ad195d3795df1a8364cd13acc3256ee4634c73eeb6954d0fcf09ab84df0b8900e0c6fea2ccb600ae7a4b128cae19df160e7c207b89132d1d5bdc9ffc79f0549b82df521817651d5fead5128205b92ccdccc69407ab556217af277af911dbd456dfc43dd061b6c91485dcc208cf0b3d0bf851de413f5de5ec015e296914afab6411109355e027ce04990d9aae251b9deb11b7db45b9f15b7b55d8fdbedd9e6cf891205694f02be8b9ea8ecd41308a0e1b93ae3435bfa88b440b1f701b4d0fc49c82193f27f8023b630ea97edbf3bf421a0a1a2b4ac7bb30bcd1cdd172c0df37408fd6827bb03e8742fc1c7a2befd1299928c5f79e846a8dc7ca648d960a759e6711b69776896a9656d59af6d44bc5348229fa84ae78af8421a22c4b4c17a3d24a4a0104000000000000d77cc4eef51c2b417c8c7458ddd7dd9d1a863bf0a9e1a30a19020490038017a5c7e474c83302a2c2b5c976dacf3dda7191c757f208000000000000005f7ed983f65723fbb36b9b51abb0dbcd33570000000000000000251aa4f139d0485ffcf89f01639fd1579a3802f720a0215c720a97071f5065a23642a58275dbca444b00e2e5835185d5d5b2796eb0fe32cf3b0633f58ecc7648c3c6efe82f93a3008052416512eea30ea9472e0b456a652883c0907323cf03be193ad0438cdef7a98a1671a1918df310dc4bfd61c3db4819ab1c57b348a8ff1ed36364a20fe846f11d045de81f069bac8425b31c5d08b433562ffb318c1285011f9b78b2401989384311101e452f54661ecdb2514a6ae50dbdd422de0f0f8c670000000000390be79688f80c4c314cb1b14afcaa5d23f9032e0ec51f45f447d6a7c798fcf7e60e2180e289410801e4f03a0e140f388f25b92da1025d8409e171a2336ed71cca86eb4658fe06df286e0e20276b0618eeffd05774f15686cd9d3182ca2fec863875f305fed6baf48a594db12582a38cfdffffffffffffff0cf8d920517835fe7d09cfcb624f6931f1cc6f6b71f58de9ddc38e0c43992f6bc57a718d0cfd197b5324b4e05ef1caa96db3ae1f2f2e5791faba2ebbe1a6faf21f2748fb1fb6743c3ca8af4e6b02518c9b7fdc1b5721eb1c3ed98db25536f74ac7861afc94544e52dcb5c60460a05802e3b437ac977bfa26b887a2443e8d559c58187f004eb82b07937df6e96f77ed551926bec4e0188fae10a35d1c5f1768ac6be829be1827f9df303160df18597efba46f1babc3d74adc31ca71bdab9079e4288881b434484eadde9da6b81802842abd462d546c59d87acc014f81d3414759bda12d2a2c6bc1bfa807bd3101eb227184a61107b6d0618e2a3b842671e084ac3f0ff94dc48b51601247318ab4d1c5106458000000000008000000000000cfee0107e6c2fe8639d926829fdbbd86bf591a8c3c235d8939af9d923f648165881a6c29997234406200b3b1c321cc158dbe17123eace3000000000000000000000000000000000000796de6ae4ae40bdf9a6e8c5dc29562262af9cd54e8e3ecc7e3c8cba0ecc791683496c4e5c1a5729714d9f9031f49b400cd2667b4ea6df54809615a4f973f93e6ccec72f16ff998e29ed99df733680a9d5cea57f99cc139b6ea9014f3000000000000000000000000000000000000feeab45a4046a622b0dceb413e4e39b7317e92cbed46b41ab5115bfb542c933783d750852dfdc6656aaf15e10615a88821f2f1bc53969b52d6852755e7681ad5beda80b38ccd34116b99f50b4fdd967b3f20f260455412b675639a26c76840cce40e323bde9d673fceda0ad6981565c8a183d928903b4f4472dde41b6dcd75314c31e704dfcb222c8359fe88944f852242270c932abfaeece0843d708f5cd25b2a63ae1e79723c1c3c013836b47da0a35d0f34c0705caae54024cf8ade6396ff44482284f415e5769d9ae8688a8d5516690aae9ce1c785262734723519b042a161e6efabf263a46ba92254a51ff6502470f3038cf6d8d991931cfd82ea97e1b596133e7754908d912d1054d174f5a731c019f152a5ca2e48599b6d563bfcd8c0950f4292769217a6e309452b14e64ae64ad58ced33582a1b3d2e0c300059fb1ee78cdddb827293de267d64bf47c3c8c419683c948e46de8cea0b232da00ff39ebef3b73b3d6fbeecd3f9ff06b7e08ed8ce2b9b9cf2e08975f5959fa7028f68c525ab173c0c553d21bd1e9176abdf799e7a08d2f3c14e1ca99d525bc3af0ca0f48f145c65b10dfc67803aab67f6b631d3d7e237fec4bc6eacc364b7cdd925973705d40c5a614e354d9b92357845d15ea41ad3e3a98396131f835e17f0cbfbdc59453991e689f9ce19bd4a3b4121e5a8b5dbb519b5556cb70603ceac0b7ca02cb05a01afa3164ca428add947673cdba49a0e6e8aeeddf52c0f0ef224c69a3c96c2fddf56d74c4ae7"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0x7ffffffc}, [@call={0x85, 0x0, 0x0, 0x17}, @printk={@lu}]}, &(0x7f0000000ac0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r8 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r8, 0x0, 0x0) recvmmsg(r8, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$uhid(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x12, 0x4, 0x4, 0x10007ff}, 0x48) 6.558504437s ago: executing program 1 (id=2292): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x5e, 0x40, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000001600), 0x0, r0}, 0x38) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) write(r2, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='syscall\x00') read$FUSE(r3, &(0x7f0000005380)={0x2020}, 0x2020) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000300)={0xffffffffffffffff}, 0x13f, 0x1}}, 0x20) write$RDMA_USER_CM_CMD_DESTROY_ID(r3, &(0x7f00000003c0)={0x1, 0x10, 0xfa00, {&(0x7f0000000180), r4}}, 0x18) ioctl$TCXONC(r0, 0x540a, 0x2) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00000000c0)={0x7, 0x0, 0x0, 0x0, 0x0, "4102000000ff000000000006bbff0f00"}) r5 = syz_open_pts(0xffffffffffffffff, 0x48f00) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[], 0xdc}}, 0x0) sendmsg$inet(r5, 0x0, 0x4004141) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000005c0)=ANY=[@ANYBLOB="188099000000000008000000000000000095000000000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90) r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0) r7 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049e9) close(r7) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='net/dev\x00') read$FUSE(r6, &(0x7f00000021c0)={0x2020}, 0xfffffffffffffdd0) mount(&(0x7f0000000200), &(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='gadgetfs\x00', 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0x15, &(0x7f0000000340)={r0, 0xe0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x6f) 5.616110343s ago: executing program 2 (id=2294): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = dup(r3) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000008000082000040"]) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r6 = socket$kcm(0x2, 0xa, 0x2) r7 = openat$fuse(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) read$FUSE(r7, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r8 = getpid() process_vm_readv(r8, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000680)={0x2020}, 0x2020) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000002b80)=ANY=[@ANYRES8=r4], 0x150) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000080)=0x5, 0x4) r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/stat\x00', 0x0, 0x0) pread64(r9, &(0x7f00000002c0)=""/40, 0x28, 0x4f) dup(0xffffffffffffffff) mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0), 0x0) ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500002c00000000002f9078ac1e0001e000ff70453018cdfb9793eebbef90050033e9ce8be7f5922fa05bdc2daeb501000065580018907804000000000000000800000000000000"], 0x3e) syz_emit_ethernet(0x68, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000008300dd60a24b9f00322b00fe8000000000000000000000000000bb000000000000000000000000b75ca6e2139e5d5c00000001000002010000040000000000000000000022907804000000080000000000000000000000141a419e551481b9079400000000"], 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) 5.151811912s ago: executing program 0 (id=2295): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = getpid() r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) prctl$PR_SET_THP_DISABLE(0x41, 0x9) sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) shutdown(r0, 0x1) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_int(r3, 0x29, 0x13, &(0x7f0000000040)=0x1, 0x4) ioctl$sock_SIOCBRADDBR(r3, 0x89a0, &(0x7f0000000040)='team_slave_0\x00') openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) io_uring_setup(0x497c, &(0x7f00000001c0)) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) sendmsg$nl_route(r4, 0x0, 0x0) 4.740866806s ago: executing program 2 (id=2296): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f000000c380)='/proc/crypto\x00', 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) read$FUSE(r1, &(0x7f0000002240)={0x2020}, 0x2020) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000380)={0x2, &(0x7f0000000300)=[{0x5, 0xc8, 0xff, 0x81}, {0x1, 0x1, 0xff}]}) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)={0x120, 0x12, 0x305, 0x0, 0x25dfdbff, {0x2}, [@nested={0xf9, 0xa3, 0x0, 0x1, [@generic="95f0e8fcf6e21cdcd04a45df57e6760e6ce7d4c544e4437d90535f4765b01ecf11f324fe2892529ff147a5c887dfae3ed26aee8aa178e1049e1055e822b14451d38c0cade9e3c383091fb848af06ea37b89bd6191cdb516aecaa388ee9daa800321a9b1abb6c11e4c80d5a3098bd1c755bd260c63f5cd5e6abce25b976e3f9223966d8b93a6801dd028bbcdeb04d31c9e36f443c5a2fd4fd7398942de3b22d3ac750bc589c711282dccfd2566881d5b7827ee4b7e6f7c43cc715019f90b3b911e00bd121b2bb2eb5d93b643adf35c69bddd4aa7b59e041565ac0c475d2cd55f9bad117a7b4afae062e559ddc5b39bb2bc9422b9b47"]}, @nested={0x10, 0x81a, 0x0, 0x1, [@typed={0x4, 0x54}, @typed={0x8, 0xd6, 0x0, 0x0, @uid}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x40904}, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x2}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x21, 0x3, 0x410, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x4b0, 0xffffffff, 0xffffffff, 0x4b0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private2, @private2, [], [], 'veth0\x00', 'syzkaller1\x00'}, 0x0, 0x218, 0x23c, 0x0, {}, [@common=@inet=@hashlimit2={{0x150}, {'sit0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x8, 0x5}}}, @inet=@rpfilter={{0x24}}]}, @common=@unspec=@NFQUEUE1={0x24, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@ipv6={@empty, @mcast1, [], [], 'batadv0\x00', 'veth1\x00'}, 0x0, 0xa4, 0x10c}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x46c) prctl$PR_SET_IO_FLUSHER(0x39, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10) fsopen(&(0x7f0000000040)='cgroup\x00', 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) mount$9p_tcp(&(0x7f0000000500), &(0x7f0000000540)='./file0\x00', &(0x7f0000000580), 0x0, &(0x7f0000000000)={'trans=tcp,', {}, 0x2c, {[{@privport}]}}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x8, &(0x7f0000000100)=[{0x0, 0x0, 0x1f, 0x3}, {0x3, 0x24, 0x0, 0x6}, {0x81, 0x9, 0x81}, {0x9c0b, 0x2, 0x0, 0x2}, {0x8, 0x1, 0x3, 0x9}, {0x0, 0x9e, 0xa3, 0x3}, {0x5, 0x7, 0x80, 0x9641}, {0x5, 0x93, 0x80, 0x7}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x3, &(0x7f0000000040)=[{0x35, 0x0, 0x1}, {}, {0x6}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 4.429998377s ago: executing program 3 (id=2297): r0 = getpid() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000140)='GPL\x00'}, 0x90) sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[], 0x24d8}], 0x1}, 0x0) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="affb282cbeeb9587d7e2f0b6095d4f07f9ce", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = openat$null(0xffffffffffffff9c, 0x0, 0x1, 0x0) sendfile(r5, r4, 0x0, 0x80009) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81e8943c, &(0x7f0000000480)={0x0, ""/256, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000000680)={r6, 0x4}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r2, 0xc0709411, &(0x7f0000000340)={{r6, 0x800, 0xd3af, 0x3, 0x4, 0x2, 0x1, 0x7, 0x690c, 0xc, 0xfffffffa, 0xa6, 0x3, 0x9, 0x800000000}, 0x50, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r7 = syz_open_dev$ndb(0x0, 0x0, 0x0) ioctl$NBD_SET_TIMEOUT(r7, 0xab09, 0x5) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r7, 0xab00, r8) ioctl$NBD_DO_IT(r7, 0xab03) r9 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) 3.841302936s ago: executing program 0 (id=2298): syz_open_dev$tty1(0xc, 0x4, 0x1) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', 0x0, 0x0, &(0x7f0000000840)=ANY=[]) socket(0x2c, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0xffffffffffffff34) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x328}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mount$pvfs2(&(0x7f0000000100), &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200), 0x1, &(0x7f0000000900)=ANY=[]) r2 = open(&(0x7f0000000080)='./file1\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x15) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) io_setup(0x7, &(0x7f0000000000)=0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) mount$9p_fd(0x20100000, 0x0, 0x0, 0xc4804, 0x0) setxattr$incfs_id(&(0x7f0000000240)='./file1\x00', &(0x7f0000000880), &(0x7f00000008c0)={'0000000000000000000000000000000', 0x31}, 0x20, 0x6) io_submit(r3, 0x1, &(0x7f0000000700)=[0x0]) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000000500)={{{@in6=@private1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@multicast1}}, 0x0) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000003c0)={{{@in6=@local, @in=@broadcast, 0x4e24, 0x0, 0x4e22, 0x0, 0x2, 0x140, 0x20, 0x2b, 0x0, r6}, {0x7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3, 0x2}, {0x1, 0xffffffffffffffff, 0x3, 0xfffffffffffff800}, 0x2, 0x6eebb6, 0x0, 0x3, 0x0, 0x1}, {{@in6=@private1}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}, 0xe4) socket$inet_udplite(0x2, 0x2, 0x88) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x12, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000791238"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90) io_setup(0x200, &(0x7f0000000200)) 3.467103419s ago: executing program 2 (id=2299): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = getpid() r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) prctl$PR_SET_THP_DISABLE(0x41, 0x9) sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) shutdown(r0, 0x1) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_int(r3, 0x29, 0x13, &(0x7f0000000040)=0x1, 0x4) ioctl$sock_SIOCBRADDBR(r3, 0x89a0, &(0x7f0000000040)='team_slave_0\x00') openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) io_uring_setup(0x497c, &(0x7f00000001c0)) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6], 0x48}}, 0x0) 3.135810352s ago: executing program 3 (id=2300): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x882) r3 = syz_io_uring_setup(0x4072, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f00000001c0)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r2, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)='_', 0x1}, {0x0}], 0x2}) io_uring_enter(r3, 0x567, 0x0, 0x0, 0x0, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) fcntl$setstatus(r6, 0x4, 0x0) io_setup(0x2e, &(0x7f0000000100)=0x0) io_submit(r7, 0x1, &(0x7f0000000500)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r6, &(0x7f0000000540)='^', 0x1}]) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff) eventfd(0x15d) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) syz_emit_vhci(&(0x7f0000000100)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x7}, @hci_rp_read_rssi={{}, {0x0, 0xc9}}}}, 0xa) sendmsg$NL80211_CMD_JOIN_MESH(r6, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x20, r8, 0x100, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_HANDLE_DFS={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x20000080) r10 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) r12 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x3c, r12, 0x8, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_TX_RATES={0x20, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x1c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_VHT={0x14}]}]}]}, 0x3c}}, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r1, 0x1) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x3a, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0x2, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x2}]}}}}}}}, 0x0) syz_emit_ethernet(0x6a, &(0x7f0000000140)=ANY=[], 0x0) socket$inet6(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'syztnl0\x00', 0x0}) read$FUSE(r0, &(0x7f0000000480)={0x2020}, 0x2020) lseek(r0, 0xfffffffffffffff5, 0x1) 2.970208027s ago: executing program 1 (id=2301): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = getpid() r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) prctl$PR_SET_THP_DISABLE(0x41, 0x9) sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) shutdown(r0, 0x1) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_int(r3, 0x29, 0x13, &(0x7f0000000040)=0x1, 0x4) ioctl$sock_SIOCBRADDBR(r3, 0x89a0, &(0x7f0000000040)='team_slave_0\x00') openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) io_uring_setup(0x497c, &(0x7f00000001c0)) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) 2.816889707s ago: executing program 3 (id=2302): r0 = socket(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$nl_generic(0x11, 0x3, 0x10) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB]}, 0x50) syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r1) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000280)={'batadv0\x00', 0x0}) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000f80)=ANY=[@ANYBLOB="0005002b085ca3906313b808f4d0d3f3cadc0f00000000000000e8c41298090016f3ff0e335106d5309ed28bfc682f5cd9244bfa86f6933b0f980875539881348216e984ba09b6914bb757d32820e96054da2043cc104331f76e9a13c828540bc85f453178f8c5d2591e01981963edd0aed066f7649916e57633025f80f8ae86e5b94839a889b1779b6471698dc045bcf405d25b74264786d65b6cf935325330aec5ca136f2338", @ANYBLOB="000227bd700000dcdf250c000000740403807c0003802c00018004000300050002000000000008000100060000000500020000000000070002002c400000040003004c000180110002002f6465762f6e65742f74756e00000000040003000a0002002b2f3a2624000000080002006e61740004000300040003000a0002007663616e30000000080001001b00000024000500c5720d683317249248ce195ef05ce75a544d9a74de66a8b430cd470459fee0009401038028000180080001000600000004000300080001000800000008000100050000000500020000000000240001800800010004000000080001001000000008000100feffffff08000100c40c0000440001800f00020073797a6b616c6c657231000008000100ff010000040003000400030008000100010000000400030008000100aac9000004000300080001000a000000600001800800010000000000110002002f6465762f6e65742f74756e0000000008000100fbffffff040003000500020000000000110002002f6465762f6e65742f74756e00000000080002002d7b5d00080001000600000008000100f8ffffff380001800400030008000100030000000400030008000100010001000400030007000200235e000008000100000000000700020028240000140001800a0002002b21297d5e000000040003000c00018008000100445c00001c0001800400030008000100020000000500020000000000040003002c0001800400030008000100000000000800010004000000110002002f6465762f6e65742f74756e00000000530004003cae9a6625efbf1c08e1a7192d335e6f7731631ba702556bf6805a7d5dea74994f4d61434a37fadd8c8fdf12ac7bf0a1fa01de9f56f4f0b9b5062a7f83c2d2508ccc0f85a7203861a9601a959b8f1400f40003803c00018008000100070000000f00020073797a6b616c6c6572310000040003000a0002007663616e3000000008000100340000000800010000000000140001800800010006000000040003000400030020000180110002002f6465762f6e65742f74756e0000000008000100ff0300003c000180110002002f6465762f6e65742f74756e000000000d0002002d5e5e28215c297b00000000110002002f6465762f6e65742f74756e000000000c0001800800010001800000200001800f00020073797a6b616c6c65723100000a0002007663616e30000000100001800800010005000000040003000800018004000300f4000500fb62142afff3b55f4924619f820efee5dcbef196d85a455c796e0fedaab8095747b4f08718d2df2ea9912ead5ba99dd78e7344df63c42b4aa1f894b72081d58f81e328c87e114ac96fc226e97b728753a64ff60fa9f0cb677d81b82edb301790d5239b95b6410eb936926b743a699f69476afc5fafbabba2ac22b4f6aed010640e0e9e8347581332fd4e5a86cb31b6a9cc8471885a8d9a819fd0cde63bf98a6a2d44befa72f1432f7346880e3798948d55f259808f73cf5099be870c4baa6df1afd7345ef2f8d500e8fec27c316b1162f2bd522eec798bc24da423a7eb973647d2e8693636bd04800004ebd1c0c1b8917800018014000200766574683000000000000000000000000800030002000000140002006e657470636930000000000000000000140002006d6163766c616e3100000000000000000800030002000000080003000000000008000300020000000800030003000000080003000100000008000100", @ANYRES32=r2], 0x500}, 0x1, 0x0, 0x0, 0x40000}, 0x1) socket$inet_smc(0x2b, 0x1, 0x0) r3 = getpid() bpf$PROG_LOAD(0x5, 0x0, 0x0) process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640), 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'vcan0\x00'}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40841, 0x0) r5 = socket$kcm(0x2, 0xa, 0x2) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000100)) r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r8 = socket$kcm(0xa, 0x5, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffc3) ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x8916, &(0x7f0000000000)) dup3(r7, r6, 0x0) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, 0x0, &(0x7f00000001c0)) write$tun(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="00001b1de4356c052e79aaaaaaaaaaaa88a800008100000086dd6017785c00182f0000000000000000000000000000000000fe80000000000000000000000000000e800086dd"], 0xfdef) 2.427447s ago: executing program 0 (id=2303): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x1, 0x2, 0x2, 0x1901, 0x1, 0x1adf, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x2, 0x3}, 0x48) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x324) r2 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'}) sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) r3 = userfaultfd(0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000040)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_WRITEPROTECT(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2}) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000400)={&(0x7f0000b36000/0x12000)=nil, &(0x7f0000841000/0x4000)=nil, 0x12000}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$UFFDIO_CONTINUE(r4, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1}) syz_io_uring_setup(0x6866, &(0x7f00000003c0)={0x0, 0x0, 0x2000}, &(0x7f0000000080), &(0x7f0000000140)) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) syz_open_procfs$userns(0x0, &(0x7f00000002c0)) userfaultfd(0x80001) 2.180410749s ago: executing program 3 (id=2304): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000040000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000400)={0x1, 0x58, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, &(0x7f0000000140), &(0x7f0000000200), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10) r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000180)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x4}, @exit, @initr0, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @exit], &(0x7f00000000c0)='GPL\x00'}, 0x78) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r3, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) write$cgroup_int(r2, &(0x7f0000000100), 0x1001) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x2, 0x0, 0x3, 0x40, r0, 0x9, '\x00', r1, r2, 0x5, 0x3, 0x0, 0x4}, 0x4a) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb3}, [@ldst={0x3, 0x1, 0x1, 0x4, 0x8, 0x20, 0xffffffffffffffff}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}]}, &(0x7f0000000080)='syzkaller\x00', 0x9, 0x12, &(0x7f0000000200)=""/18, 0x41000, 0x18, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x1, 0x10, 0xff, 0xffffffff}, 0x10, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000300)=[{0x0, 0x5, 0x2, 0x4}], 0x10, 0x3}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x12, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x8006}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, 0x0, 0x0}, 0x90) r5 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r5, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x0, 0x0) setsockopt$inet_int(r5, 0x0, 0x7, &(0x7f0000000180)=0x6, 0x4) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r7, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15) r8 = dup(r7) write$FUSE_BMAP(r8, &(0x7f0000000080)={0x18}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$FUSE_NOTIFY_RETRIEVE(r8, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r7]) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x0) 2.020441643s ago: executing program 2 (id=2305): r0 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000400)=ANY=[@ANYBLOB="e000000010000b0500000000000000006f6d8864d22a3f2ffaa46c88bca90000002b0e13e735a3184f1b3d6da2f1acfac0ee50d2b184b27db1f302de337c0004060000000000bf852c89867f6691b01b2d44e4ff285f2873882fbd9423debbb86f9dba4a2dba4dbe076c02262600c446a567de243ab0d67683f7bb11c9cab3b3eed8a8bef4ff1631aa78acefca03c1a66db4424a8ba100022db228bb7b5eb5100100000000000000a0912086d9f4606d2e4cc898739222c5d3a83cb6b707f3336336ebb7d68100000011000080a64a6f8911da357ba323a96d7500000000000016e54fc6f222e083d8094411a49f53a634f4aab204d70b8715c8f186326bf7d68d57f3050d6d3eff148eaa7699950b6a5bbb6f458ed89f3b857a801d2faccb609ad7cdd9fd0f84b027ed72277a"], 0xe0}], 0x1}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'wlan1\x00'}) sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x44) syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) ioctl$MON_IOCG_STATS(0xffffffffffffffff, 0x9204, 0x0) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) r4 = getpid() process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440) r6 = accept4(r5, 0x0, 0x0, 0x0) sendmmsg(r6, &(0x7f0000006840)=[{{0x0, 0x0, &(0x7f0000003080)=[{&(0x7f0000000440)="5ff17db605ade75363a0530733408850aaf311cbe0", 0x7ffff000}, {&(0x7f0000000600)="8882d1dc72424e1fd8dd4b9a691db9a3f2d539b0ed59d1d1b67695f356653c71087b5fe7c96758a0f47f379517352fe067a0c327617260dcd520", 0x3a}, {&(0x7f0000002c40)='E', 0x1}], 0x3}}], 0x1, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043ef502"], 0xf8) r7 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r7, &(0x7f000047b000)={0xa, 0x4e23, 0x0, @empty}, 0x1c) r8 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r8, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) accept4(r7, 0x0, 0x0, 0x0) sendmmsg$inet6(r8, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$unix(r1, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0) setsockopt$sock_int(r2, 0x1, 0x2a, &(0x7f0000000000), 0x4) io_setup(0x2, &(0x7f0000000040)) 1.740658893s ago: executing program 1 (id=2306): r0 = getpid() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe55}, 0x80) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000140)='GPL\x00'}, 0x90) sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[], 0x24d8}], 0x1}, 0x0) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="affb282cbeeb9587d7e2f0b6095d4f07f9ce", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = openat$null(0xffffffffffffff9c, 0x0, 0x1, 0x0) sendfile(r5, r4, 0x0, 0x80009) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81e8943c, &(0x7f0000000480)={0x0, ""/256, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000000680)={r6, 0x4}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r2, 0xc0709411, &(0x7f0000000340)={{r6, 0x800, 0xd3af, 0x3, 0x4, 0x2, 0x1, 0x7, 0x690c, 0xc, 0xfffffffa, 0xa6, 0x3, 0x9, 0x800000000}}) r7 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) ioctl$NBD_SET_TIMEOUT(r7, 0xab09, 0x5) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r7, 0xab00, r8) ioctl$NBD_DO_IT(r7, 0xab03) openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) r9 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) 1.213802392s ago: executing program 3 (id=2307): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f000000c380)='/proc/crypto\x00', 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) read$FUSE(r1, &(0x7f0000002240)={0x2020}, 0x2020) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000380)={0x2, &(0x7f0000000300)=[{0x5, 0xc8, 0xff, 0x81}, {0x1, 0x1, 0xff}]}) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)={0x120, 0x12, 0x305, 0x0, 0x25dfdbff, {0x2}, [@nested={0xf9, 0xa3, 0x0, 0x1, [@generic="95f0e8fcf6e21cdcd04a45df57e6760e6ce7d4c544e4437d90535f4765b01ecf11f324fe2892529ff147a5c887dfae3ed26aee8aa178e1049e1055e822b14451d38c0cade9e3c383091fb848af06ea37b89bd6191cdb516aecaa388ee9daa800321a9b1abb6c11e4c80d5a3098bd1c755bd260c63f5cd5e6abce25b976e3f9223966d8b93a6801dd028bbcdeb04d31c9e36f443c5a2fd4fd7398942de3b22d3ac750bc589c711282dccfd2566881d5b7827ee4b7e6f7c43cc715019f90b3b911e00bd121b2bb2eb5d93b643adf35c69bddd4aa7b59e041565ac0c475d2cd55f9bad117a7b4afae062e559ddc5b39bb2bc9422b9b47"]}, @nested={0x10, 0x81a, 0x0, 0x1, [@typed={0x4, 0x54}, @typed={0x8, 0xd6, 0x0, 0x0, @uid}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x40904}, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x2}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x21, 0x3, 0x540, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x4b0, 0xffffffff, 0xffffffff, 0x4b0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private2, @private2, [], [], 'veth0\x00', 'syzkaller1\x00'}, 0x0, 0x1f4, 0x218, 0x0, {}, [@common=@inet=@hashlimit2={{0x150}, {'sit0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x8, 0x5}}}]}, @common=@unspec=@NFQUEUE1={0x24, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@ipv6={@empty, @mcast1, [], [], 'batadv0\x00', 'veth1\x00'}, 0x0, 0x1f8, 0x260, 0x0, {}, [@common=@inet=@policy={{0x154}, {[{@ipv6=@private1, [], @ipv4=@remote}, {@ipv6=@dev, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {@ipv4=@multicast2, [], @ipv6=@loopback}, {@ipv6=@rand_addr=' \x01\x00', [], @ipv4=@local}]}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x59c) prctl$PR_SET_IO_FLUSHER(0x39, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10) fsopen(&(0x7f0000000040)='cgroup\x00', 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'}) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) mount$9p_tcp(&(0x7f0000000500), &(0x7f0000000540)='./file0\x00', &(0x7f0000000580), 0x0, &(0x7f0000000000)={'trans=tcp,', {}, 0x2c, {[{@privport}]}}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x8, &(0x7f0000000100)=[{0x0, 0x0, 0x1f, 0x3}, {0x3, 0x24, 0x0, 0x6}, {0x81, 0x9, 0x81}, {0x9c0b, 0x2, 0x0, 0x2}, {0x8, 0x1, 0x3, 0x9}, {0x0, 0x9e, 0xa3, 0x3}, {0x5, 0x7, 0x80, 0x9641}, {0x5, 0x93, 0x80, 0x7}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x3, &(0x7f0000000040)=[{0x35, 0x0, 0x1}, {}, {0x6}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 499.64745ms ago: executing program 1 (id=2308): r0 = getpid() r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000140)='GPL\x00'}, 0x90) sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[], 0x24d8}], 0x1}, 0x0) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="affb282cbeeb9587d7e2f0b6095d4f07f9ce", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x0, 0x1}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = openat$null(0xffffffffffffff9c, 0x0, 0x1, 0x0) sendfile(r5, r4, 0x0, 0x80009) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81e8943c, &(0x7f0000000480)={0x0, ""/256, 0x0}) ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000000680)={r6, 0x4}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r2, 0xc0709411, &(0x7f0000000340)={{r6, 0x800, 0xd3af, 0x3, 0x4, 0x2, 0x1, 0x7, 0x690c, 0xc, 0xfffffffa, 0xa6, 0x3, 0x9, 0x800000000}, 0x50, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r7 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) ioctl$NBD_SET_TIMEOUT(r7, 0xab09, 0x5) socketpair(0x1e, 0x1, 0x0, 0x0) ioctl$NBD_SET_SOCK(r7, 0xab00, 0xffffffffffffffff) ioctl$NBD_DO_IT(r7, 0xab03) r8 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0) 422.994169ms ago: executing program 2 (id=2309): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x5}]}}, 0x0, 0x2a}, 0x20) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) close(r1) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) r3 = socket$inet6(0xa, 0x3, 0x2f) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000003c0)={{{@in6=@dev, @in6=@remote, 0x0, 0x8, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x6c}, 0x0, @in6=@local}}, 0xe8) connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000da29b5408205c4005fac000000010902120001000000000904"], 0x0) syz_usb_control_io$uac1(r5, 0x0, 0x0) close(r1) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000180)={r4, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x67, 0x8, 0xd6ba5602775ea2d6, 0x0}}, 0x10) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r6, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r6}, 0x0, 0x0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r6, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10) r8 = socket$netlink(0x10, 0x3, 0x0) connect$tipc(r1, &(0x7f00000002c0)=@name={0x1e, 0x2, 0x1, {{0x660314cfb23f2c1, 0x2}, 0x2}}, 0x10) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000001c0)={'veth1_to_batadv\x00', 0x0}) unshare(0x62040200) r10 = gettid() sendmsg$nl_route(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r9, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r10], 0x28}}, 0x0) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, r0, 0x4002, 0x5}, 0x48) 0s ago: executing program 3 (id=2310): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = getpid() r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d0000006700000005000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) prctl$PR_SET_THP_DISABLE(0x41, 0x9) sendto$inet6(r0, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c) shutdown(r0, 0x1) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_int(r3, 0x29, 0x13, &(0x7f0000000040)=0x1, 0x4) ioctl$sock_SIOCBRADDBR(r3, 0x89a0, &(0x7f0000000040)='team_slave_0\x00') openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) io_uring_setup(0x497c, &(0x7f00000001c0)) socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0x48}}, 0x0) kernel console output (not intermixed with test programs): fig 0 has no interfaces? [ 571.730222][ T56] usb 5-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00 [ 571.734245][ T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 571.748867][ T56] usb 5-1: config 0 descriptor?? [ 571.904233][ T5377] usb 8-1: USB disconnect, device number 32 [ 572.166297][T12220] netlink: 'syz.2.1584': attribute type 9 has an invalid length. [ 572.169692][T12220] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1584'. [ 572.356631][ T5377] usb 8-1: new high-speed USB device number 33 using dummy_hcd [ 572.539895][ T5377] usb 8-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 572.544506][ T5377] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 572.555263][ T5377] usb 8-1: config 0 descriptor?? [ 572.753320][T11009] block nbd2: Receive control failed (result -104) [ 572.757456][T12219] block nbd2: shutting down sockets [ 573.206809][ T2787] usb 8-1: USB disconnect, device number 33 [ 573.974257][ T56] usb 5-1: USB disconnect, device number 27 [ 574.405236][T12241] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1590'. [ 575.013242][T12245] input: syz0 as /devices/virtual/input/input24 [ 575.168998][T12247] ip_tunnel: non-ECT from 172.30.0.1 with TOS=0x2 [ 576.237735][T12256] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1593'. [ 576.259341][T12256] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 576.263247][T12256] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 576.297157][T12256] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 576.300415][T12256] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 577.448487][T12259] Bluetooth: MGMT ver 1.23 [ 578.021046][T12262] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 578.889567][T12278] netlink: 'syz.1.1598': attribute type 3 has an invalid length. [ 578.893292][T12278] netlink: 130984 bytes leftover after parsing attributes in process `syz.1.1598'. [ 578.913873][T12275] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1598'. [ 579.778588][T12287] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1600'. [ 579.937129][ T5377] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 580.154086][ T5377] usb 6-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 580.160006][ T5377] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 580.186952][ T5377] usb 6-1: config 0 descriptor?? [ 580.537815][T12302] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1604'. [ 580.687828][T12308] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1606'. [ 580.861550][ T5377] usb 6-1: USB disconnect, device number 26 [ 580.876702][T12313] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 580.881076][T12313] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 580.884829][T12313] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 580.888843][T12313] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 581.635557][ T39] audit: type=1800 audit(1724840185.712:467): pid=12330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1608" name="bus" dev="overlay" ino=375 res=0 errno=0 [ 581.665409][T12329] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1609'. [ 582.010044][T12336] input: syz0 as /devices/virtual/input/input26 [ 582.097743][T12340] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1612'. [ 582.751754][T12346] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1614'. [ 583.156227][T12355] cgroup: Need name or subsystem set [ 583.747912][T12364] netlink: 'syz.3.1625': attribute type 9 has an invalid length. [ 583.751110][T12364] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1625'. [ 584.254647][T11009] block nbd3: Receive control failed (result -104) [ 584.258754][T12368] block nbd3: shutting down sockets [ 584.317611][T12371] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 584.321424][T12371] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 584.386689][T12371] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 584.595848][T12373] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1619'. [ 585.866138][T12389] netlink: 'syz.0.1622': attribute type 9 has an invalid length. [ 585.870229][T12389] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1622'. [ 586.121521][T12394] nbd: device at index 1 is going down [ 586.198233][T12392] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1623'. [ 586.277873][T11009] block nbd0: Receive control failed (result -104) [ 586.281182][T12390] block nbd0: shutting down sockets [ 586.552709][T12400] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1627'. [ 586.734260][T12406] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1629'. [ 587.435696][T12425] input: syz0 as /devices/virtual/input/input27 [ 587.651648][T12429] overlayfs: overlapping lowerdir path [ 587.710450][T12429] input input28: cannot allocate more than FF_MAX_EFFECTS effects [ 587.736135][T12432] ip_tunnel: non-ECT from 172.30.0.3 with TOS=0x2 [ 587.840803][T12435] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1635'. [ 588.716792][ T983] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 588.898902][ T983] usb 6-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 588.902909][ T983] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 588.925670][ T983] usb 6-1: config 0 descriptor?? [ 588.987547][T12442] netlink: 'syz.3.1637': attribute type 9 has an invalid length. [ 588.990046][T12442] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1637'. [ 589.481300][T12441] block nbd3: shutting down sockets [ 589.685097][ T983] usb 6-1: USB disconnect, device number 27 [ 589.980377][T12446] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1638'. [ 590.432823][T12451] 9pnet_fd: p9_fd_create_tcp (12451): problem binding to privport [ 590.473958][ T39] audit: type=1326 audit(1724840194.542:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12450 comm="syz.0.1640" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0 [ 590.487176][T12452] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1639'. [ 591.516908][ T66] Bluetooth: hci8: Controller not accepting commands anymore: ncmd = 0 [ 591.522522][ T66] Bluetooth: hci8: Injecting HCI hardware error event [ 591.527520][ T66] Bluetooth: hci8: hardware error 0x00 [ 591.578539][T12473] netlink: 'syz.0.1643': attribute type 9 has an invalid length. [ 591.583065][T12473] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1643'. [ 592.006245][ C3] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 592.160753][T11009] block nbd0: Receive control failed (result -104) [ 592.168105][T12474] block nbd0: shutting down sockets [ 592.651045][T12486] netlink: 'syz.1.1648': attribute type 10 has an invalid length. [ 592.659677][T12486] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 592.664871][T12486] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 593.209495][ T39] audit: type=1326 audit(1724840197.292:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12478 comm="syz.3.1646" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 593.306534][ T56] usb 7-1: new high-speed USB device number 29 using dummy_hcd [ 593.498596][ T56] usb 7-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 593.502766][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 593.516018][ T56] usb 7-1: config 0 descriptor?? [ 593.616638][ T66] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 594.010928][ T56] usb 7-1: USB disconnect, device number 29 [ 594.545820][T12501] input: syz0 as /devices/virtual/input/input29 [ 594.716388][T12508] ip_tunnel: non-ECT from 172.30.0.4 with TOS=0x2 [ 596.026558][ T25] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 596.218171][ T25] usb 6-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 596.221975][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 596.238199][ T25] usb 6-1: config 0 descriptor?? [ 596.793016][ T25] usb 6-1: USB disconnect, device number 28 [ 597.543161][T12536] netlink: 'syz.1.1656': attribute type 9 has an invalid length. [ 597.545965][T12536] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1656'. [ 597.641705][T12537] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1658'. [ 597.775761][T12537] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1658'. [ 597.936620][T12537] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1658'. [ 598.106578][ T5377] usb 8-1: new high-speed USB device number 34 using dummy_hcd [ 598.297925][ T5377] usb 8-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 598.303148][ T5377] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 598.309669][ T5377] usb 8-1: config 0 descriptor?? [ 598.866716][ T5377] usb 8-1: USB disconnect, device number 34 [ 598.899276][T12557] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1663'. [ 598.981483][T11057] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 599.174185][T11057] usb 5-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 599.179384][T11057] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 599.184671][T11057] usb 5-1: config 0 descriptor?? [ 599.252325][T12568] input: syz0 as /devices/virtual/input/input30 [ 599.293934][T12566] netlink: 'syz.2.1667': attribute type 1 has an invalid length. [ 599.302248][T12566] netlink: 240 bytes leftover after parsing attributes in process `syz.2.1667'. [ 599.427754][T12571] ip_tunnel: non-ECT from 172.30.0.2 with TOS=0x2 [ 599.708327][T12584] fuse: Bad value for 'fd' [ 599.741576][T11057] usb 5-1: USB disconnect, device number 28 [ 600.117515][T12593] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1671'. [ 600.290491][T12598] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(11) [ 600.292691][T12598] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 600.296208][T12598] vhci_hcd vhci_hcd.0: Device attached [ 600.340570][T12599] vhci_hcd: connection closed [ 600.344232][T12121] vhci_hcd: stop threads [ 600.348618][T12121] vhci_hcd: release socket [ 600.350723][T12121] vhci_hcd: disconnect device [ 600.698586][T12604] netlink: 'syz.0.1672': attribute type 9 has an invalid length. [ 600.701855][T12604] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1672'. [ 600.966555][ T5345] Bluetooth: hci5: command 0x0406 tx timeout [ 601.218568][T11009] block nbd0: Receive control failed (result -104) [ 601.226336][T12605] block nbd0: shutting down sockets [ 601.592211][T12614] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1675'. [ 601.837575][T11393] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 602.028183][T11393] usb 5-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 602.031941][T11393] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 602.052849][T11393] usb 5-1: config 0 descriptor?? [ 602.619674][ T833] usb 5-1: USB disconnect, device number 29 [ 603.416186][T12635] input: syz0 as /devices/virtual/input/input31 [ 603.433524][T12639] xt_HMARK: spi-set and port-set can't be combined [ 604.056544][ T35] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 604.246858][ T35] usb 5-1: Using ep0 maxpacket: 8 [ 604.252520][ T35] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 604.256609][ T35] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 604.272374][ T35] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 604.293837][ T35] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 604.321192][ T35] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 604.346555][ T35] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 604.371359][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 604.642500][T12656] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1684'. [ 604.765483][ T35] usb 5-1: usb_control_msg returned -32 [ 604.767743][ T35] usbtmc 5-1:16.0: can't read capabilities [ 604.786534][ T35] usb 5-1: USB disconnect, device number 30 [ 605.091195][T12641] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1681'. [ 605.727960][T12663] netlink: 'syz.1.1685': attribute type 9 has an invalid length. [ 605.731330][T12663] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1685'. [ 606.390903][T12671] netlink: 'syz.2.1695': attribute type 9 has an invalid length. [ 606.394378][T12671] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1695'. [ 606.897619][T12678] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1689'. [ 606.906696][T12670] block nbd2: shutting down sockets [ 607.456614][ T833] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 607.606747][ T64] usb 7-1: new high-speed USB device number 30 using dummy_hcd [ 607.664957][T12687] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1691'. [ 607.684284][ T833] usb 5-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 607.688402][ T833] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 607.694809][ T833] usb 5-1: config 0 descriptor?? [ 607.828838][ T64] usb 7-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 607.832385][ T64] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 607.844162][ T64] usb 7-1: config 0 descriptor?? [ 608.207962][T12691] netlink: 248 bytes leftover after parsing attributes in process `syz.1.1693'. [ 608.222144][ T56] usb 5-1: USB disconnect, device number 31 [ 608.230352][T12691] 9pnet_fd: p9_fd_create_tcp (12691): problem binding to privport [ 608.240706][ T39] audit: type=1326 audit(1724840212.322:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12690 comm="syz.1.1693" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f52579 code=0x0 [ 608.357758][ T833] usb 7-1: USB disconnect, device number 30 [ 609.026002][T12705] IPVS: sync thread started: state = BACKUP, mcast_ifn = ip6_vti0, syncid = 1, id = 0 [ 609.132185][T12703] netlink: 'syz.0.1696': attribute type 9 has an invalid length. [ 609.135439][T12703] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1696'. [ 609.366623][T12713] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1698'. [ 609.510892][T12714] netlink: 'syz.2.1697': attribute type 9 has an invalid length. [ 609.515296][T12714] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1697'. [ 609.677625][T11009] block nbd0: Receive control failed (result -104) [ 609.682145][T12709] block nbd0: shutting down sockets [ 609.808828][ T66] block nbd2: Receive control failed (result -104) [ 609.850464][T12712] block nbd2: shutting down sockets [ 609.856241][T12716] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1699'. [ 610.016049][T12723] tipc: Can't bind to reserved service type 1 [ 610.376786][T10774] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 610.456742][T12733] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1702'. [ 610.568910][T10774] usb 6-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 610.573216][T10774] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 610.579831][T10774] usb 6-1: config 0 descriptor?? [ 611.268813][T12744] netlink: 248 bytes leftover after parsing attributes in process `syz.2.1706'. [ 611.294547][T12744] 9pnet_fd: p9_fd_create_tcp (12744): problem binding to privport [ 611.304645][ T39] audit: type=1326 audit(1724840215.382:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12743 comm="syz.2.1706" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x0 [ 611.317754][T11057] usb 6-1: USB disconnect, device number 29 [ 611.506661][ T35] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 611.582456][T12748] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1707'. [ 611.689721][ T35] usb 5-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 611.693799][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 611.712676][ T35] usb 5-1: config 0 descriptor?? [ 612.063318][T12756] netlink: 'syz.1.1709': attribute type 9 has an invalid length. [ 612.074441][T12756] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1709'. [ 612.278065][ T833] usb 5-1: USB disconnect, device number 32 [ 613.327760][T12771] usb usb5: usbfs: process 12771 (syz.3.1713) did not claim interface 0 before use [ 613.399594][T12769] input: syz0 as /devices/virtual/input/input33 [ 614.547016][T12786] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1716'. [ 615.116654][ T833] usb 8-1: new high-speed USB device number 35 using dummy_hcd [ 615.338665][ T833] usb 8-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 615.343360][ T833] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 615.349631][ T833] usb 8-1: config 0 descriptor?? [ 615.446611][T11057] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 615.636037][T11057] usb 5-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 615.640578][T11057] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 615.649793][T11057] usb 5-1: config 0 descriptor?? [ 615.839189][ T833] usb 8-1: USB disconnect, device number 35 [ 616.163871][T11393] usb 5-1: USB disconnect, device number 33 [ 616.621112][T12819] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 616.792417][T12813] netlink: 'syz.2.1721': attribute type 10 has an invalid length. [ 616.793435][ T5377] usb 8-1: new high-speed USB device number 36 using dummy_hcd [ 616.814634][T12813] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 616.824220][T12813] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 616.829602][T12813] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 616.976847][ T5377] usb 8-1: Using ep0 maxpacket: 32 [ 616.981117][ T5377] usb 8-1: config index 0 descriptor too short (expected 156, got 27) [ 616.984315][ T5377] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 616.990665][ T5377] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 616.995585][ T5377] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 617.001192][ T5377] usb 8-1: config 0 interface 0 has no altsetting 0 [ 617.008276][ T5377] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 617.021989][ T5377] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 617.026720][ T5377] usb 8-1: Product: syz [ 617.029693][ T5377] usb 8-1: Manufacturer: syz [ 617.033398][ T5377] usb 8-1: SerialNumber: syz [ 617.083643][ T5377] usb 8-1: config 0 descriptor?? [ 617.095301][ T5377] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 617.133477][ T5377] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 617.328020][T12815] ldusb 8-1:0.0: Write buffer overflow, 2147479232 bytes dropped [ 617.388798][T12822] input: syz0 as /devices/virtual/input/input34 [ 617.674693][T12828] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1725'. [ 618.075497][ T983] usb 8-1: USB disconnect, device number 36 [ 618.108736][ T983] ldusb 8-1:0.0: LD USB Device #0 now disconnected [ 618.896845][T12842] 9pnet: Unknown protocol version 9 [ 618.933298][T12837] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1727'. [ 619.170252][T12845] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1729'. [ 619.916738][ T35] usb 7-1: new high-speed USB device number 31 using dummy_hcd [ 620.047265][T12857] netlink: 'syz.3.1732': attribute type 9 has an invalid length. [ 620.050473][T12857] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1732'. [ 620.076829][ T56] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 620.119204][ T35] usb 7-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 620.122985][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 620.135171][ T35] usb 7-1: config 0 descriptor?? [ 620.278394][ T56] usb 5-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 620.282344][ T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 620.297496][ T56] usb 5-1: config 0 descriptor?? [ 620.635120][ T66] block nbd3: Receive control failed (result -104) [ 620.639593][T12856] block nbd3: shutting down sockets [ 620.666635][T12862] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1735'. [ 620.715501][ T35] usb 7-1: USB disconnect, device number 31 [ 620.852113][ T56] usb 5-1: USB disconnect, device number 34 [ 621.183902][T12869] vivid-001: disconnect [ 621.422265][T12867] vivid-001: reconnect [ 621.744107][T12881] 9pnet: Unknown protocol version 9 [ 621.945590][T12885] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1741'. [ 622.224542][ T39] audit: type=1326 audit(1724840226.302:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12874 comm="syz.2.1738" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7fc00000 [ 622.248853][ T39] audit: type=1326 audit(1724840226.302:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12874 comm="syz.2.1738" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f11579 code=0x7fc00000 [ 622.260763][ T39] audit: type=1326 audit(1724840226.302:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12874 comm="syz.2.1738" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7fc00000 [ 622.290732][ T39] audit: type=1326 audit(1724840226.302:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12874 comm="syz.2.1738" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7fc00000 [ 622.302987][ T39] audit: type=1326 audit(1724840226.302:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12874 comm="syz.2.1738" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7fc00000 [ 622.319861][ T39] audit: type=1326 audit(1724840226.302:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12874 comm="syz.2.1738" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x7fc00000 [ 622.511400][T12889] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1742'. [ 622.832800][T12894] netlink: 'syz.1.1744': attribute type 9 has an invalid length. [ 622.836267][T12894] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1744'. [ 623.170218][T12899] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1745'. [ 623.229122][T12900] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1746'. [ 623.385971][T12900] debugfs: Directory 'ü !' with parent 'ieee80211' already present! [ 623.806645][ T2787] usb 7-1: new high-speed USB device number 32 using dummy_hcd [ 623.998680][ T2787] usb 7-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 624.003182][ T2787] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 624.015822][ T2787] usb 7-1: config 0 descriptor?? [ 624.360973][T12914] netlink: 252 bytes leftover after parsing attributes in process `syz.1.1751'. [ 624.448332][T12914] 9pnet_fd: p9_fd_create_tcp (12914): problem binding to privport [ 624.496663][ T39] audit: type=1326 audit(1724840228.562:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12913 comm="syz.1.1751" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f52579 code=0x0 [ 624.536583][T12916] overlayfs: missing 'lowerdir' [ 624.612041][ T2787] usb 7-1: USB disconnect, device number 32 [ 625.692040][T12935] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1755'. [ 625.695079][T12937] netlink: 'syz.0.1756': attribute type 9 has an invalid length. [ 625.701732][T12937] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1756'. [ 626.199480][ T66] block nbd0: Receive control failed (result -104) [ 626.214793][T12940] block nbd0: shutting down sockets [ 626.488182][T12944] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1757'. [ 626.618783][T12950] 9pnet: Unknown protocol version 9 [ 626.796811][ T66] Bluetooth: hci7: Controller not accepting commands anymore: ncmd = 0 [ 626.801080][ T66] Bluetooth: hci7: Injecting HCI hardware error event [ 626.806728][T11009] Bluetooth: hci7: hardware error 0x00 [ 627.236257][T12961] capability: warning: `syz.1.1761' uses 32-bit capabilities (legacy support in use) [ 627.426716][T12963] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1762'. [ 627.472986][T12963] 9pnet_fd: p9_fd_create_tcp (12963): problem binding to privport [ 627.495308][ T39] audit: type=1326 audit(1724840231.582:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12962 comm="syz.3.1762" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 627.622110][T12968] netem: incorrect gi model size [ 627.624672][T12968] netem: change failed [ 627.786627][ T64] usb 7-1: new high-speed USB device number 33 using dummy_hcd [ 627.968386][ T64] usb 7-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 627.972384][ T64] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 627.981245][ T64] usb 7-1: config 0 descriptor?? [ 628.151128][T12974] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1766'. [ 628.585094][T12984] netlink: 'syz.3.1768': attribute type 9 has an invalid length. [ 628.592652][T12984] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1768'. [ 628.655253][ T2787] usb 7-1: USB disconnect, device number 33 [ 628.886567][T11009] Bluetooth: hci7: Opcode 0x0c03 failed: -110 [ 629.053628][T12989] 9pnet: Unknown protocol version 9 [ 629.147226][ T66] block nbd3: Receive control failed (result -104) [ 629.152996][T12982] block nbd3: shutting down sockets [ 629.601594][ T1380] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.948645][T12997] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.1771' sets config #0 [ 629.991980][T12997] Unknown options in mask 7 [ 630.144695][T12998] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1772'. [ 630.911790][T13018] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1776'. [ 631.069139][T13018] 9pnet_fd: p9_fd_create_tcp (13018): problem binding to privport [ 631.114368][ T39] audit: type=1326 audit(1724840235.202:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13017 comm="syz.2.1776" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x0 [ 631.154799][T13021] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1777'. [ 631.312264][T13025] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1778'. [ 631.629731][T13028] netlink: 'syz.3.1779': attribute type 9 has an invalid length. [ 631.651564][T13028] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1779'. [ 632.249601][ T66] block nbd3: Receive control failed (result -104) [ 632.320901][T13035] netlink: 'syz.2.1781': attribute type 9 has an invalid length. [ 632.324434][T13035] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1781'. [ 632.400940][T13029] block nbd3: shutting down sockets [ 632.661347][T13040] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1782'. [ 632.829461][T11009] block nbd2: Receive control failed (result -104) [ 632.834500][T13037] block nbd2: shutting down sockets [ 632.926774][T13048] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1784'. [ 633.106581][T13043] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 633.386803][T13051] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1785'. [ 634.115520][T13068] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1788'. [ 634.611930][T13073] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1789'. [ 635.059901][T13077] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1790'. [ 635.337474][T13085] netlink: 'syz.1.1792': attribute type 9 has an invalid length. [ 635.352038][T13085] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1792'. [ 635.682336][T13090] dvmrp0: entered allmulticast mode [ 635.905601][T13091] netlink: 'syz.2.1793': attribute type 9 has an invalid length. [ 635.924178][T13091] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1793'. [ 636.146557][ T56] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 636.337216][ T56] usb 5-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 636.341303][ T56] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 636.382484][T11009] block nbd2: Receive control failed (result -104) [ 636.389873][ T56] usb 5-1: config 0 descriptor?? [ 636.422508][T13094] block nbd2: shutting down sockets [ 636.468658][T13102] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1796'. [ 636.859649][T13105] 9pnet_fd: p9_fd_create_tcp (13105): problem binding to privport [ 636.876429][ T39] audit: type=1326 audit(1724840240.952:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13104 comm="syz.2.1798" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x0 [ 637.023043][ T35] usb 5-1: USB disconnect, device number 35 [ 637.382566][T13112] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1800'. [ 638.026892][T13118] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1801'. [ 638.238029][T13125] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1803'. [ 638.534002][T13134] netlink: 'syz.3.1805': attribute type 9 has an invalid length. [ 638.541758][T13134] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1805'. [ 638.714691][T13135] netlink: 'syz.0.1806': attribute type 9 has an invalid length. [ 638.726131][T13135] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1806'. [ 639.024320][T11009] block nbd3: Receive control failed (result -104) [ 639.030678][T13130] block nbd3: shutting down sockets [ 639.178582][ T66] block nbd0: Receive control failed (result -104) [ 639.243320][T13133] block nbd0: shutting down sockets [ 639.592447][T13142] 9pnet_fd: p9_fd_create_tcp (13142): problem binding to privport [ 639.641688][ T39] audit: type=1326 audit(1724840243.722:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13141 comm="syz.3.1809" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73be579 code=0x0 [ 640.148507][T13155] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1812'. [ 640.555346][T13161] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1813'. [ 641.015555][T13164] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1815'. [ 641.864380][T13173] netlink: 'syz.3.1817': attribute type 9 has an invalid length. [ 641.868113][T13173] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1817'. [ 642.424132][ T66] block nbd3: Receive control failed (result -104) [ 642.434913][T13172] block nbd3: shutting down sockets [ 642.952713][T13180] netlink: 'syz.1.1818': attribute type 9 has an invalid length. [ 642.957530][T13180] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1818'. [ 643.469970][T13189] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1822'. [ 644.053772][T13194] netlink: 'syz.1.1823': attribute type 9 has an invalid length. [ 644.086713][T13194] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1823'. [ 644.404196][T13200] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1824'. [ 644.478900][T13203] 9pnet: Unknown protocol version 9p2000. [ 644.811538][T13202] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1825'. [ 645.292507][T13209] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1828'. [ 645.683350][T13217] netlink: 'syz.3.1830': attribute type 9 has an invalid length. [ 645.686592][T13217] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1830'. [ 645.696558][ T983] usb 7-1: new high-speed USB device number 34 using dummy_hcd [ 645.781863][T13223] netlink: 'syz.1.1831': attribute type 9 has an invalid length. [ 645.798335][T13223] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1831'. [ 645.886680][ T983] usb 7-1: Using ep0 maxpacket: 16 [ 645.891262][ T983] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 645.897254][ T983] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 645.903208][ T983] usb 7-1: New USB device strings: Mfr=1, Product=0, SerialNumber=14 [ 645.912055][ T983] usb 7-1: Manufacturer: syz [ 645.914138][ T983] usb 7-1: SerialNumber: syz [ 645.937561][ T983] usb 7-1: config 0 descriptor?? [ 645.987014][ T983] em28xx 7-1:0.0: New device syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 645.997432][ T983] em28xx 7-1:0.0: DVB interface 0 found: bulk [ 646.267586][ T66] block nbd3: Receive control failed (result -104) [ 646.272302][T13222] block nbd3: shutting down sockets [ 647.077113][ T983] em28xx 7-1:0.0: unknown em28xx chip ID (0) [ 647.166269][ T983] em28xx 7-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 647.171187][ T983] em28xx 7-1:0.0: board has no eeprom [ 647.249079][ T983] em28xx 7-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 647.255168][ T983] em28xx 7-1:0.0: dvb set to bulk mode. [ 647.263228][ T5377] em28xx 7-1:0.0: Binding DVB extension [ 647.277492][ T983] usb 7-1: USB disconnect, device number 34 [ 647.281205][ T983] em28xx 7-1:0.0: Disconnecting em28xx [ 647.368284][ T5377] em28xx 7-1:0.0: Registering input extension [ 647.386688][ T983] em28xx 7-1:0.0: Closing input extension [ 647.424688][ T983] em28xx 7-1:0.0: Freeing device [ 647.873814][T13241] netlink: 'syz.3.1835': attribute type 9 has an invalid length. [ 647.877230][T13241] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1835'. [ 648.026156][T13242] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1836'. [ 648.498000][ T66] block nbd3: Receive control failed (result -104) [ 648.501965][T13244] block nbd3: shutting down sockets [ 648.798529][T13253] 9pnet: Unknown protocol version 9p2000. [ 649.236672][ T5377] usb 8-1: new high-speed USB device number 37 using dummy_hcd [ 649.428731][ T5377] usb 8-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 649.432073][ T5377] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 649.437549][ T5377] usb 8-1: config 0 descriptor?? [ 649.932743][T13266] netlink: 'syz.0.1840': attribute type 9 has an invalid length. [ 649.947236][T13266] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1840'. [ 650.178629][T13269] netlink: 'syz.2.1841': attribute type 9 has an invalid length. [ 650.182367][T13269] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1841'. [ 650.222712][T12199] usb 8-1: USB disconnect, device number 37 [ 650.544079][ T66] block nbd0: Receive control failed (result -104) [ 650.558172][T13262] block nbd0: shutting down sockets [ 650.672411][T11009] block nbd2: Receive control failed (result -104) [ 650.718805][T13267] block nbd2: shutting down sockets [ 651.121056][T13274] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1842'. [ 651.714355][T13281] loop7: detected capacity change from 0 to 16384 [ 652.516102][T13289] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1847'. [ 652.807076][T13295] 9pnet: Unknown protocol version 9p2000. [ 653.159159][T12199] usb 7-1: new high-speed USB device number 35 using dummy_hcd [ 653.356378][T12199] usb 7-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 653.360639][T12199] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 653.408394][T12199] usb 7-1: config 0 descriptor?? [ 653.631757][T13302] netlink: 'syz.3.1852': attribute type 9 has an invalid length. [ 653.635273][T13302] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1852'. [ 653.740827][T13303] netlink: 'syz.0.1851': attribute type 9 has an invalid length. [ 653.750090][T13303] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1851'. [ 654.007965][ T5377] usb 7-1: USB disconnect, device number 35 [ 654.161563][ T66] block nbd3: Receive control failed (result -104) [ 654.173371][T13308] block nbd0: shutting down sockets [ 654.215393][T13307] block nbd3: shutting down sockets [ 654.723360][T13317] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1855'. [ 654.958907][T13321] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1857'. [ 655.776789][T13314] Process accounting resumed [ 656.113338][T13330] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1859'. [ 656.236603][T13329] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1858'. [ 656.610491][ T63] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 656.795932][ T63] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 656.963942][ T66] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 656.973357][ T66] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 656.988382][ T63] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 656.990264][ T66] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 657.007366][ T66] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 657.011222][ T66] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 657.014689][ T66] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 657.099822][ T63] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 657.254779][T13310] tmpfs: Bad value for 'mpol' [ 657.404766][T13343] netlink: 'syz.0.1863': attribute type 9 has an invalid length. [ 657.408351][T13343] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1863'. [ 657.527773][ T63] bridge_slave_1: left allmulticast mode [ 657.530220][ T63] bridge_slave_1: left promiscuous mode [ 657.532753][ T63] bridge0: port 2(bridge_slave_1) entered disabled state [ 657.580714][ T63] bridge_slave_0: left allmulticast mode [ 657.584101][ T63] bridge_slave_0: left promiscuous mode [ 657.593812][ T63] bridge0: port 1(bridge_slave_0) entered disabled state [ 657.889895][T11009] block nbd0: Receive control failed (result -104) [ 657.903594][T13340] block nbd0: shutting down sockets [ 658.329270][ T63] dvmrp0 (unregistering): left allmulticast mode [ 658.662934][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 658.673527][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 658.688690][ T63] bond0 (unregistering): Released all slaves [ 658.795003][T13348] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1865'. [ 659.058349][ T63] IPVS: stopping backup sync thread 12705 ... [ 659.117773][T11009] Bluetooth: hci8: command tx timeout [ 659.263521][T13334] chnl_net:caif_netlink_parms(): no params data found [ 659.536784][T13358] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1867'. [ 659.611273][T13358] 9pnet_fd: p9_fd_create_tcp (13358): problem binding to privport [ 659.687760][ T39] audit: type=1326 audit(1724840263.772:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.0.1867" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0 [ 659.834408][T13334] bridge0: port 1(bridge_slave_0) entered blocking state [ 659.851662][T13334] bridge0: port 1(bridge_slave_0) entered disabled state [ 659.854965][T13334] bridge_slave_0: entered allmulticast mode [ 659.861103][T13334] bridge_slave_0: entered promiscuous mode [ 659.872703][T13359] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1866'. [ 659.975513][T13334] bridge0: port 2(bridge_slave_1) entered blocking state [ 659.979896][T13334] bridge0: port 2(bridge_slave_1) entered disabled state [ 659.983426][T13334] bridge_slave_1: entered allmulticast mode [ 659.993901][T13334] bridge_slave_1: entered promiscuous mode [ 660.148926][T13334] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 660.179593][T13334] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 660.533728][T13334] team0: Port device team_slave_0 added [ 660.558703][T13334] team0: Port device team_slave_1 added [ 660.769767][T13334] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 660.772990][T13334] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 660.784816][T13334] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 660.807134][T13381] 9pnet_virtio: no channels available for device syz [ 660.832922][T13334] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 660.835762][T13334] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 660.873616][T13334] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 661.164810][T13378] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1871'. [ 661.206538][T11009] Bluetooth: hci8: command tx timeout [ 661.414893][T13334] hsr_slave_0: entered promiscuous mode [ 661.461520][T13334] hsr_slave_1: entered promiscuous mode [ 661.506921][T13334] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 661.509912][T13334] Cannot create hsr debugfs directory [ 662.558660][T13400] netlink: 'syz.2.1874': attribute type 9 has an invalid length. [ 662.561935][T13400] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1874'. [ 662.742226][T13399] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1873'. [ 662.998159][T11009] block nbd2: Receive control failed (result -104) [ 663.002022][T13402] block nbd2: shutting down sockets [ 663.276657][T11009] Bluetooth: hci8: command tx timeout [ 663.719302][T13405] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 664.031807][T13412] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1877'. [ 664.060014][T13412] 9pnet_fd: p9_fd_create_tcp (13412): problem binding to privport [ 664.098289][ T39] audit: type=1326 audit(1724840268.182:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13411 comm="syz.2.1877" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x0 [ 664.542941][T13334] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 664.647415][ T63] hsr_slave_0: left promiscuous mode [ 664.650817][ T63] hsr_slave_1: left promiscuous mode [ 664.699673][ T63] veth1_macvtap: left promiscuous mode [ 664.702098][ T63] veth0_macvtap: left promiscuous mode [ 664.704582][ T63] veth1_vlan: left promiscuous mode [ 664.706939][ T63] veth0_vlan: left promiscuous mode [ 665.030402][T13419] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 665.247992][T12199] usb 7-1: new high-speed USB device number 36 using dummy_hcd [ 665.361270][T11009] Bluetooth: hci8: command tx timeout [ 665.396546][ T2787] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 665.520437][T12199] usb 7-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 665.524384][T12199] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 665.544781][T12199] usb 7-1: config 0 descriptor?? [ 665.656862][ T2787] usb 5-1: Using ep0 maxpacket: 8 [ 665.675747][ T2787] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 665.686747][ T2787] usb 5-1: config 246 descriptor has 1 excess byte, ignoring [ 665.704369][ T2787] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 665.710307][ T2787] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 665.716223][ T2787] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 665.733572][ T2787] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 665.780356][ T2787] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 665.784807][ T2787] usb 5-1: config 246 descriptor has 1 excess byte, ignoring [ 665.799487][ T2787] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 665.818557][ T2787] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 665.827096][ T2787] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 665.831823][ T2787] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 665.856538][ T2787] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 665.860491][ T2787] usb 5-1: config 246 descriptor has 1 excess byte, ignoring [ 665.863960][ T2787] usb 5-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 665.869317][ T2787] usb 5-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 665.875091][ T2787] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 665.881227][ T2787] usb 5-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 665.904858][ T2787] usb 5-1: string descriptor 0 read error: -22 [ 665.910251][ T2787] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 665.914977][ T2787] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 665.931130][ T2787] adutux 5-1:246.0: interrupt endpoints not found [ 667.081231][ T63] team0 (unregistering): Port device team_slave_1 removed [ 667.291631][ T63] team0 (unregistering): Port device team_slave_0 removed [ 668.587037][ T5377] usb 5-1: USB disconnect, device number 36 [ 668.789432][T13334] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 668.812926][T13334] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 668.860122][T13430] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1881'. [ 668.940731][T13334] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 669.433229][T13438] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1882'. [ 669.563275][T13446] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1883'. [ 670.143579][T13334] 8021q: adding VLAN 0 to HW filter on device bond0 [ 670.193462][T13334] 8021q: adding VLAN 0 to HW filter on device team0 [ 670.209797][T11528] bridge0: port 1(bridge_slave_0) entered blocking state [ 670.213755][T11528] bridge0: port 1(bridge_slave_0) entered forwarding state [ 670.228501][T11528] bridge0: port 2(bridge_slave_1) entered blocking state [ 670.232434][T11528] bridge0: port 2(bridge_slave_1) entered forwarding state [ 670.385002][ T56] usb 7-1: USB disconnect, device number 36 [ 670.585541][T13464] netlink: 'syz.0.1884': attribute type 9 has an invalid length. [ 670.592185][T13464] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1884'. [ 670.890815][T11009] block nbd0: Receive control failed (result -104) [ 670.895008][T13334] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 670.904645][T13469] block nbd0: shutting down sockets [ 671.049119][T13475] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1886'. [ 671.411945][T13334] veth0_vlan: entered promiscuous mode [ 671.445886][T13334] veth1_vlan: entered promiscuous mode [ 671.504289][T13334] veth0_macvtap: entered promiscuous mode [ 671.520738][T13334] veth1_macvtap: entered promiscuous mode [ 671.604964][T13334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 671.653175][T13334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 671.666569][T13334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 671.671159][T13334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 671.687704][T13334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 671.691838][T13334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 671.696006][T13334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 671.707147][T13334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 671.713260][T13334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 671.751568][T13334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 671.774767][T13334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 671.802460][T13334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 671.811310][T13334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 671.814881][T13334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 671.818787][T13334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 671.836721][T13334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 671.848903][T13334] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 671.868237][T13334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 671.873448][T13334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 671.878491][T13334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 671.883444][T13334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 671.903218][T13334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 671.907718][T13334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 671.911403][T13334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 671.915474][T13334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 671.926630][T13334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 671.930645][T13334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 671.936860][T13334] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 671.940799][T13334] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 671.954104][T13334] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 671.962175][T13491] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1889'. [ 672.109899][T13334] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 672.114180][T13334] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 672.136538][T13334] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 672.141947][T13334] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 672.312019][T13495] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1890'. [ 672.732016][ T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 672.735320][ T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 672.916959][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 672.935673][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 673.367128][T13506] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1892'. [ 673.487965][T11057] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 673.688755][T11057] usb 6-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 673.693280][T11057] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 673.709272][T11057] usb 6-1: config 0 descriptor?? [ 673.847556][T13513] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1894'. [ 674.283908][ T5400] usb 6-1: USB disconnect, device number 30 [ 675.399381][T13528] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1897'. [ 675.730113][T13532] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1898'. [ 675.830989][T13532] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 675.835656][T13532] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 675.891116][T13532] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 675.947424][T13532] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 676.576700][T13537] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1899'. [ 677.043418][T13550] usb usb8: usbfs: interface 0 claimed by hub while 'syz.2.1901' sets config #0 [ 677.116351][T13551] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1903'. [ 677.155197][T13542] Unknown options in mask 7 [ 677.239522][ T39] audit: type=1326 audit(1724840281.312:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13539 comm="syz.0.1900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7fc00000 [ 677.276171][ T39] audit: type=1326 audit(1724840281.312:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13539 comm="syz.0.1900" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf744e579 code=0x7fc00000 [ 677.305382][ T39] audit: type=1326 audit(1724840281.312:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13539 comm="syz.0.1900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7fc00000 [ 677.336568][ T39] audit: type=1326 audit(1724840281.312:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13539 comm="syz.0.1900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7fc00000 [ 677.356080][ T39] audit: type=1326 audit(1724840281.312:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13539 comm="syz.0.1900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7fc00000 [ 677.409660][ T39] audit: type=1326 audit(1724840281.312:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13539 comm="syz.0.1900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7fc00000 [ 677.419858][ T39] audit: type=1326 audit(1724840281.312:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13539 comm="syz.0.1900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7fc00000 [ 677.436633][ T39] audit: type=1326 audit(1724840281.312:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13539 comm="syz.0.1900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7fc00000 [ 677.445599][ T39] audit: type=1326 audit(1724840281.322:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13539 comm="syz.0.1900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7fc00000 [ 677.463772][ T39] audit: type=1326 audit(1724840281.322:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13539 comm="syz.0.1900" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7fc00000 [ 677.535898][T13557] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1904'. [ 678.119115][T13570] netlink: 'syz.1.1907': attribute type 9 has an invalid length. [ 678.123629][T13570] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.1907'. [ 678.670577][T13579] netlink: 'syz.0.1908': attribute type 9 has an invalid length. [ 678.674839][T13579] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.1908'. [ 678.973833][T13575] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1909'. [ 679.179234][T11009] block nbd0: Receive control failed (result -104) [ 679.183199][T13576] block nbd0: shutting down sockets [ 680.768412][T13598] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1913'. [ 680.914691][T13605] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11) [ 680.917698][T13605] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 680.990636][T13606] vhci_hcd: connection closed [ 680.996827][T13605] vhci_hcd vhci_hcd.0: Device attached [ 681.018377][T12121] vhci_hcd: stop threads [ 681.020689][T12121] vhci_hcd: release socket [ 681.023985][T12121] vhci_hcd: disconnect device [ 681.425637][T13614] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1915'. [ 682.233478][T13622] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1917'. [ 682.504296][T13632] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1920'. [ 682.850419][T13637] netem: incorrect gi model size [ 682.853337][T13637] netem: change failed [ 683.928187][T13665] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1927'. [ 684.295641][T13669] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1928'. [ 684.311854][T13670] Driver unsupported XDP return value 0 on prog (id 523) dev N/A, expect packet loss! [ 684.481202][T13672] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11) [ 684.487551][T13672] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 684.495574][T13672] vhci_hcd vhci_hcd.0: Device attached [ 684.547634][T13673] vhci_hcd: connection closed [ 684.576106][ T63] vhci_hcd: stop threads [ 684.591256][ T63] vhci_hcd: release socket [ 684.593077][ T63] vhci_hcd: disconnect device [ 684.808917][T13677] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1930'. [ 684.986927][T13683] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1931'. [ 685.886841][T13692] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 686.130377][T13691] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1933'. [ 687.078623][T13706] netlink: 'syz.0.1934': attribute type 10 has an invalid length. [ 687.157365][T13706] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 688.789129][T13726] vxcan0: tx drop: invalid da for name 0x0000000000000001 [ 688.797604][T13726] netlink: 'syz.1.1942': attribute type 10 has an invalid length. [ 688.801282][T13726] bridge0: port 4(team0) entered blocking state [ 688.818338][T13726] bridge0: port 4(team0) entered disabled state [ 688.843847][T13726] team0: entered allmulticast mode [ 688.845864][T13726] team_slave_0: entered allmulticast mode [ 688.848649][T13726] team_slave_1: entered allmulticast mode [ 688.873536][T13726] team0: entered promiscuous mode [ 688.918826][T13726] team_slave_0: entered promiscuous mode [ 688.936745][T13726] team_slave_1: entered promiscuous mode [ 688.955331][T13726] bridge0: port 4(team0) entered blocking state [ 688.959172][T13726] bridge0: port 4(team0) entered forwarding state [ 689.195468][T13739] netlink: 'syz.2.1944': attribute type 9 has an invalid length. [ 689.216605][T13739] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1944'. [ 689.554656][T11009] block nbd2: Receive control failed (result -104) [ 689.560493][T13735] block nbd2: shutting down sockets [ 689.865948][T13743] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1946'. [ 690.677632][T13751] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1948'. [ 691.040380][ T1380] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.128863][ T39] kauditd_printk_skb: 30 callbacks suppressed [ 691.128879][ T39] audit: type=1326 audit(1724840295.212:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13755 comm="syz.0.1950" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0 [ 692.392119][T13781] input: syz1 as /devices/virtual/input/input36 [ 692.568134][T11428] udevd[11428]: setting owner of /dev/input/event3 to uid=0, gid=104 failed: No such file or directory [ 693.789955][T13785] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 694.047804][T13791] netlink: 'syz.3.1956': attribute type 9 has an invalid length. [ 694.050947][T13791] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1956'. [ 694.308969][T13794] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1957'. [ 694.423854][T11009] block nbd3: Receive control failed (result -104) [ 694.444783][T13793] block nbd3: shutting down sockets [ 694.775469][T13797] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1958'. [ 695.388632][T13796] Process accounting resumed [ 695.591118][T13804] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1961'. [ 695.853500][ T83] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 696.081352][ T83] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 696.229299][ T83] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 696.379974][ T83] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 696.446563][T12199] usb 8-1: new high-speed USB device number 38 using dummy_hcd [ 696.461505][T13812] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1962'. [ 696.468137][T13812] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 696.471853][T13812] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 696.482908][T13812] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 696.487796][T13812] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 696.512976][ T66] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 696.521385][ T66] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 696.530006][ T66] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 696.547260][ T66] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 696.551992][ T66] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 696.557297][ T66] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 696.643537][T12199] usb 8-1: Using ep0 maxpacket: 16 [ 696.661458][T12199] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 696.681098][T12199] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 696.685202][T12199] usb 8-1: New USB device strings: Mfr=1, Product=0, SerialNumber=14 [ 696.689296][T12199] usb 8-1: Manufacturer: syz [ 696.691468][T12199] usb 8-1: SerialNumber: syz [ 696.699628][T12199] usb 8-1: config 0 descriptor?? [ 696.707370][T12199] em28xx 8-1:0.0: New device syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 696.710935][T12199] em28xx 8-1:0.0: DVB interface 0 found: bulk [ 696.864597][ T83] team0: left allmulticast mode [ 696.866805][ T83] team_slave_0: left allmulticast mode [ 696.877935][ T83] team_slave_1: left allmulticast mode [ 696.890852][ T83] team0: left promiscuous mode [ 696.896717][ T83] team_slave_0: left promiscuous mode [ 696.923268][ T83] team_slave_1: left promiscuous mode [ 696.939868][ T83] bridge0: port 4(team0) entered disabled state [ 696.961973][ T83] bond0: left allmulticast mode [ 696.964380][ T83] bond_slave_0: left allmulticast mode [ 696.967875][ T83] bond_slave_1: left allmulticast mode [ 696.979361][ T83] bridge0: port 3(bond0) entered disabled state [ 697.052329][ T83] bridge_slave_1: left allmulticast mode [ 697.054712][ T83] bridge_slave_1: left promiscuous mode [ 697.057363][ T83] bridge0: port 2(bridge_slave_1) entered disabled state [ 697.073858][ T83] bridge_slave_0: left allmulticast mode [ 697.112159][ T83] bridge_slave_0: left promiscuous mode [ 697.115052][ T83] bridge0: port 1(bridge_slave_0) entered disabled state [ 697.846928][T12199] em28xx 8-1:0.0: unknown em28xx chip ID (0) [ 697.890538][ T64] usb 7-1: new high-speed USB device number 37 using dummy_hcd [ 697.968347][T12199] em28xx 8-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 697.971508][T12199] em28xx 8-1:0.0: board has no eeprom [ 698.089044][ T64] usb 7-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 698.093136][ T64] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 698.102727][ T64] usb 7-1: config 0 descriptor?? [ 698.136869][T12199] em28xx 8-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 698.144973][T12199] em28xx 8-1:0.0: dvb set to bulk mode. [ 698.149335][ T2787] em28xx 8-1:0.0: Binding DVB extension [ 698.155591][ T83] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 698.164581][ T83] bond_slave_0: left promiscuous mode [ 698.249089][ T83] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 698.250303][ T2787] em28xx 8-1:0.0: Registering input extension [ 698.267332][ T83] bond_slave_1: left promiscuous mode [ 698.272408][ T83] bond0 (unregistering): Released all slaves [ 698.404652][ T56] usb 8-1: USB disconnect, device number 38 [ 698.421682][ T56] em28xx 8-1:0.0: Disconnecting em28xx [ 698.423904][ T56] em28xx 8-1:0.0: Closing input extension [ 698.472453][ T56] em28xx 8-1:0.0: Freeing device [ 698.646698][T11009] Bluetooth: hci6: command tx timeout [ 698.834018][T13813] chnl_net:caif_netlink_parms(): no params data found [ 699.176682][T13838] veth0_to_hsr: entered promiscuous mode [ 699.418779][ T56] usb 7-1: USB disconnect, device number 37 [ 699.513676][T13851] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1968'. [ 699.654554][T13837] veth0_to_hsr: left promiscuous mode [ 699.770688][T13813] bridge0: port 1(bridge_slave_0) entered blocking state [ 699.776640][T13813] bridge0: port 1(bridge_slave_0) entered disabled state [ 699.780094][T13813] bridge_slave_0: entered allmulticast mode [ 699.783800][T13813] bridge_slave_0: entered promiscuous mode [ 699.794300][ C2] vkms_vblank_simulate: vblank timer overrun [ 699.925545][T13813] bridge0: port 2(bridge_slave_1) entered blocking state [ 699.931313][T13813] bridge0: port 2(bridge_slave_1) entered disabled state [ 699.935184][T13813] bridge_slave_1: entered allmulticast mode [ 699.943746][T13813] bridge_slave_1: entered promiscuous mode [ 700.089256][T12121] Bluetooth: hci9: Frame reassembly failed (-84) [ 700.102847][T13862] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 700.109458][T13860] netlink: 240 bytes leftover after parsing attributes in process `syz.2.1971'. [ 700.134322][T13813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 700.142909][T13813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 700.153372][ T1102] Bluetooth: hci9: Frame reassembly failed (-84) [ 700.153881][T13860] 9pnet_fd: p9_fd_create_tcp (13860): problem binding to privport [ 700.192469][ T39] audit: type=1326 audit(1724840304.272:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13859 comm="syz.2.1971" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x0 [ 700.316350][T13865] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1969'. [ 700.427713][ C2] vkms_vblank_simulate: vblank timer overrun [ 700.433215][T13813] team0: Port device team_slave_0 added [ 700.443149][T13813] team0: Port device team_slave_1 added [ 700.611763][T13813] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 700.614055][T13813] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 700.634979][T13813] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 700.670349][T13813] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 700.691817][T13813] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 700.708804][T13813] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 700.725563][ T66] Bluetooth: hci6: command tx timeout [ 700.748723][T13872] tmpfs: Bad value for 'mpol' [ 700.929887][T13813] hsr_slave_0: entered promiscuous mode [ 700.933889][T13813] hsr_slave_1: entered promiscuous mode [ 700.977847][T13813] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 700.982204][T13813] Cannot create hsr debugfs directory [ 701.176908][T13875] netlink: 'syz.2.1974': attribute type 9 has an invalid length. [ 701.180901][T13875] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1974'. [ 701.300576][T13872] ntfs3: nullb0: Primary boot signature is not NTFS. [ 701.305618][T13872] ntfs3: nullb0: try to read out of volume at offset 0x3e7ffffe00 [ 701.765173][ T66] block nbd2: Receive control failed (result -104) [ 701.772160][T13879] block nbd2: shutting down sockets [ 702.156638][T11009] Bluetooth: hci9: Opcode 0x1003 failed: -110 [ 702.666921][ T56] usb 8-1: new high-speed USB device number 39 using dummy_hcd [ 702.796631][T11009] Bluetooth: hci6: command tx timeout [ 702.858642][ T56] usb 8-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 702.863698][ T56] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 702.868854][ T56] usb 8-1: config 0 descriptor?? [ 703.566680][T13906] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1979'. [ 703.642065][T13912] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1980'. [ 704.009464][ T56] usb 8-1: USB disconnect, device number 39 [ 704.107214][ T83] hsr_slave_0: left promiscuous mode [ 704.115133][ T83] hsr_slave_1: left promiscuous mode [ 704.192744][ T83] veth1_macvtap: left promiscuous mode [ 704.195495][ T83] veth0_macvtap: left promiscuous mode [ 704.198418][ T83] veth1_vlan: left promiscuous mode [ 704.201047][ T83] veth0_vlan: left promiscuous mode [ 704.796032][T13930] syz.2.1983: attempt to access beyond end of device [ 704.796032][T13930] nbd2: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 704.830599][T13930] SQUASHFS error: Failed to read block 0x0: -5 [ 704.835673][T13930] unable to read squashfs_super_block [ 704.876539][T11009] Bluetooth: hci6: command tx timeout [ 706.157578][T13936] netlink: 'syz.3.1985': attribute type 9 has an invalid length. [ 706.161546][T13936] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1985'. [ 706.537929][ T83] team0 (unregistering): Port device team_slave_1 removed [ 706.567577][T11009] block nbd3: Receive control failed (result -104) [ 706.574683][T13935] block nbd3: shutting down sockets [ 706.753767][ T83] team0 (unregistering): Port device team_slave_0 removed [ 708.058942][T13813] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 708.128491][T13813] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 708.143196][T13813] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 708.184580][T13813] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 708.433623][T13954] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 708.629622][T13813] 8021q: adding VLAN 0 to HW filter on device bond0 [ 708.673054][T13813] 8021q: adding VLAN 0 to HW filter on device team0 [ 708.728771][ T1102] bridge0: port 1(bridge_slave_0) entered blocking state [ 708.731919][ T1102] bridge0: port 1(bridge_slave_0) entered forwarding state [ 708.746913][ T833] IPVS: starting estimator thread 0... [ 708.751554][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 708.757817][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 708.803401][T13947] vxcan0: tx drop: invalid da for name 0x0000000000000001 [ 708.887128][T13963] IPVS: using max 22 ests per chain, 52800 per kthread [ 709.055267][T13947] netlink: 'syz.2.1987': attribute type 10 has an invalid length. [ 709.060760][T13947] bridge0: port 4(team0) entered blocking state [ 709.069978][T13947] bridge0: port 4(team0) entered disabled state [ 709.076905][T13947] team0: entered allmulticast mode [ 709.079228][T13947] team_slave_0: entered allmulticast mode [ 709.082006][T13947] team_slave_1: entered allmulticast mode [ 709.099229][T13947] team0: entered promiscuous mode [ 709.101527][T13947] team_slave_0: entered promiscuous mode [ 709.105013][T13947] team_slave_1: entered promiscuous mode [ 709.108986][T13947] bridge0: port 4(team0) entered blocking state [ 709.111763][T13947] bridge0: port 4(team0) entered forwarding state [ 709.550885][T13813] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 709.680423][T13813] veth0_vlan: entered promiscuous mode [ 709.707657][T13813] veth1_vlan: entered promiscuous mode [ 709.747706][T13977] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1989'. [ 709.891933][T13813] veth0_macvtap: entered promiscuous mode [ 709.921263][T13813] veth1_macvtap: entered promiscuous mode [ 709.963584][T13813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 709.985366][T13813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 710.002243][T13813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 710.011257][T13813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 710.027360][T13813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 710.031425][T13813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 710.056625][T13813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 710.060990][T13813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 710.065086][T13813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 710.096502][T13813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 710.100833][T13813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 710.105366][T13813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 710.126501][T13813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 710.131348][T13813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 710.148498][T13813] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 710.156039][T13813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 710.176487][T13813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 710.180769][T13813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 710.185142][T13813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 710.199418][T13813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 710.204209][T13813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 710.216519][T13813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 710.221198][T13813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 710.225426][T13813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 710.246692][T13813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 710.253020][T13813] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 710.271954][T13813] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 710.302963][T13813] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 710.313247][T13813] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 710.317384][T13813] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 710.802950][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 710.807168][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 710.869518][T14010] block device autoloading is deprecated and will be removed. [ 710.954486][ T56] IPVS: starting estimator thread 0... [ 710.965995][ T1102] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 710.976494][ T1102] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 711.056737][T14013] IPVS: using max 22 ests per chain, 52800 per kthread [ 711.374315][ T833] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 711.434117][T14022] netlink: 'syz.3.1995': attribute type 9 has an invalid length. [ 711.441865][T14022] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.1995'. [ 711.562424][ T833] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64 [ 711.568961][ T833] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e [ 711.600112][ T833] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 711.644854][ T833] usb 5-1: config 0 descriptor?? [ 711.692669][T14023] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1970'. [ 712.038995][T11009] block nbd3: Receive control failed (result -104) [ 712.057685][T14024] block nbd3: shutting down sockets [ 712.095312][ T833] ath6kl: Failed to submit usb control message: -71 [ 712.098766][ T833] ath6kl: unable to send the bmi data to the device: -71 [ 712.101895][ T833] ath6kl: Unable to send get target info: -71 [ 712.140925][ T833] ath6kl: Failed to init ath6kl core: -71 [ 712.145263][ T833] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 712.184828][ T833] usb 5-1: USB disconnect, device number 37 [ 712.738879][ T39] audit: type=1804 audit(1724840316.812:527): pid=14038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1998" name="/newroot/31/file0" dev="fuse" ino=1 res=1 errno=0 [ 712.942424][T14041] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1999'. [ 712.960491][T14041] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1999'. [ 713.492575][T14048] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2000'. [ 714.757020][ T39] audit: type=1326 audit(1724840318.842:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14064 comm="syz.1.2006" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x0 [ 714.940868][T14069] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2006'. [ 715.030572][T14066] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2005'. [ 715.812809][T14079] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2015'. [ 716.166407][ T25] usb 8-1: new high-speed USB device number 40 using dummy_hcd [ 716.390353][ T25] usb 8-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 716.394602][ T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 716.408832][ T25] usb 8-1: config 0 descriptor?? [ 716.799249][T14084] netlink: 248 bytes leftover after parsing attributes in process `syz.0.2009'. [ 716.935258][T14084] 9pnet_fd: p9_fd_create_tcp (14084): problem binding to privport [ 717.010178][ T39] audit: type=1326 audit(1724840321.082:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14083 comm="syz.0.2009" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0 [ 717.094530][ T25] usb 8-1: USB disconnect, device number 40 [ 717.646647][ T39] audit: type=1326 audit(1724840321.712:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14089 comm="syz.1.2010" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x0 [ 717.872841][T14099] Invalid ELF section header size [ 719.416987][T10774] usb 7-1: new high-speed USB device number 38 using dummy_hcd [ 719.618404][T14116] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2025'. [ 719.622457][T14116] netlink: 5 bytes leftover after parsing attributes in process `syz.0.2025'. [ 719.634834][T14116] IPv6: Can't replace route, no match found [ 719.646576][T10774] usb 7-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 719.652890][T10774] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 719.661710][T10774] usb 7-1: config 0 descriptor?? [ 719.825083][T14118] nvme_fabrics: missing parameter 'transport=%s' [ 719.828313][T14118] nvme_fabrics: missing parameter 'nqn=%s' [ 720.384117][T10774] usb 7-1: USB disconnect, device number 38 [ 721.368080][T14128] netlink: 'syz.2.2019': attribute type 9 has an invalid length. [ 721.374667][T14128] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2019'. [ 721.445359][T14131] netlink: 248 bytes leftover after parsing attributes in process `syz.0.2021'. [ 721.515644][T14131] 9pnet_fd: p9_fd_create_tcp (14131): problem binding to privport [ 721.527534][ T39] audit: type=1326 audit(1724840325.612:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14129 comm="syz.0.2021" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x0 [ 721.817837][T14133] usb usb8: usbfs: process 14133 (syz.1.2020) did not claim interface 0 before use [ 721.852953][T11009] block nbd2: Receive control failed (result -104) [ 721.856726][T14130] block nbd2: shutting down sockets [ 722.627155][T14142] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2024'. [ 722.704265][T14149] xt_NFQUEUE: number of total queues is 0 [ 722.822822][T14150] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 723.495427][T14155] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2029'. [ 723.721290][T14164] overlay: Unknown parameter 'permit_directio' [ 724.183878][T14165] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2030'. [ 725.086910][ T39] audit: type=1326 audit(1724840329.152:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14174 comm="syz.3.2033" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x0 [ 725.224193][T14178] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2041'. [ 725.427208][T14183] overlay: ./file0 is not a directory [ 726.224195][T14189] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2036'. [ 726.402386][T11009] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0 [ 726.406794][T11009] Bluetooth: hci6: Injecting HCI hardware error event [ 726.412512][ T66] Bluetooth: hci6: hardware error 0x00 [ 728.242525][T14206] 9pnet_virtio: no channels available for device syz [ 728.295173][T14210] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2043'. [ 728.569950][ T66] Bluetooth: hci6: Opcode 0x0c03 failed: -110 [ 728.614060][T11393] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 728.683475][T14216] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2045'. [ 728.825294][T11393] usb 5-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 728.836300][T11393] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 728.844816][T11393] usb 5-1: config 0 descriptor?? [ 729.361976][ T25] usb 5-1: USB disconnect, device number 38 [ 730.119786][ T39] audit: type=1326 audit(1724840334.202:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14224 comm="syz.2.2047" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x0 [ 730.276835][ T983] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 730.339471][T14232] Invalid ELF section header size [ 730.495092][ T983] usb 6-1: New USB device found, idVendor=1ac7, idProduct=0001, bcdDevice=cc.19 [ 730.499426][ T983] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 730.503390][ T983] usb 6-1: Product: syz [ 730.505089][ T983] usb 6-1: Manufacturer: syz [ 730.508916][ T983] usb 6-1: SerialNumber: syz [ 730.513921][ T983] usb 6-1: config 0 descriptor?? [ 731.546737][ T8] usb 6-1: USB disconnect, device number 31 [ 731.616617][ T39] audit: type=1326 audit(1724840335.682:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14249 comm="syz.3.2053" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x0 [ 731.771785][T14252] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2053'. [ 731.893038][T14255] netlink: 'syz.0.2052': attribute type 9 has an invalid length. [ 731.915550][T14255] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2052'. [ 732.385535][ T66] block nbd0: Receive control failed (result -104) [ 732.389791][T14254] block nbd0: shutting down sockets [ 732.841539][T14266] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2057'. [ 735.920315][T14302] netlink: 'syz.1.2066': attribute type 9 has an invalid length. [ 735.923727][T14302] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2066'. [ 736.696586][T14310] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2067'. [ 737.338952][T14326] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2069'. [ 738.314044][T14338] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2072'. [ 739.675802][T14356] netlink: 'syz.1.2078': attribute type 9 has an invalid length. [ 739.691179][T14356] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2078'. [ 739.933919][ C2] vkms_vblank_simulate: vblank timer overrun [ 740.968102][ T1295] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 741.020802][T14368] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2080'. [ 741.224059][ T1295] usb 5-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b [ 741.246012][ T1295] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 741.263685][ T1295] usb 5-1: config 0 descriptor?? [ 741.607093][ T39] audit: type=1326 audit(1724840345.692:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14370 comm="syz.1.2081" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x0 [ 741.785965][ T1295] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 741.792018][ T1295] asix 5-1:0.0: probe with driver asix failed with error -71 [ 741.797943][ T1295] usb 5-1: USB disconnect, device number 39 [ 742.926538][ T1295] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 743.117164][ T1295] usb 5-1: Using ep0 maxpacket: 32 [ 743.121525][ T1295] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 743.125816][ T1295] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 743.136906][ T1295] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 743.146732][ T1295] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 743.156688][ T1295] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 743.160908][ T1295] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 743.167076][ T1295] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 743.171995][ T1295] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 743.178388][ T1295] usb 5-1: config 0 descriptor?? [ 743.248764][T14402] netlink: 'syz.2.2086': attribute type 9 has an invalid length. [ 743.282954][T14402] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2086'. [ 743.414343][ T1295] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 40 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 743.887592][ T66] block nbd2: Receive control failed (result -104) [ 743.915863][T14399] block nbd2: shutting down sockets [ 744.722929][T14411] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2091'. [ 744.984820][ T39] audit: type=1800 audit(1724840349.062:536): pid=14415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2092" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 745.021775][ T39] audit: type=1804 audit(1724840349.082:537): pid=14415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2092" name="SYSV00000000" dev="hugetlbfs" ino=0 res=1 errno=0 [ 745.041731][ T39] audit: type=1804 audit(1724840349.082:538): pid=14415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2092" name="SYSV00000000" dev="hugetlbfs" ino=0 res=1 errno=0 [ 745.212716][T11393] usb 5-1: USB disconnect, device number 40 [ 745.218286][T11393] usblp0: removed [ 745.499296][ T25] usb 6-1: new high-speed USB device number 32 using dummy_hcd [ 745.605739][T14420] netlink: 'syz.3.2094': attribute type 9 has an invalid length. [ 745.610135][T14420] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2094'. [ 745.698935][ T25] usb 6-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 745.707054][ T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 745.717066][ T25] usb 6-1: config 0 descriptor?? [ 745.844256][T14424] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2095'. [ 746.182434][ T66] block nbd3: Receive control failed (result -104) [ 746.187308][T14423] block nbd3: shutting down sockets [ 746.512241][ T25] usb 6-1: USB disconnect, device number 32 [ 746.956862][ T66] Bluetooth: hci8: Controller not accepting commands anymore: ncmd = 0 [ 746.961094][ T66] Bluetooth: hci8: Injecting HCI hardware error event [ 746.967338][T11009] Bluetooth: hci8: hardware error 0x00 [ 749.073408][T14467] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2105'. [ 749.120434][T11009] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 749.396981][T14472] netlink: 'syz.0.2106': attribute type 9 has an invalid length. [ 749.400336][T14472] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2106'. [ 749.877386][T14482] gfs2: gfs2 mount does not exist [ 749.910549][T14475] block nbd0: shutting down sockets [ 751.457611][ T64] usb 8-1: new high-speed USB device number 41 using dummy_hcd [ 751.649081][ T64] usb 8-1: Using ep0 maxpacket: 32 [ 751.655326][ T64] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 751.662541][ T64] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 751.677946][ T64] usb 8-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 751.681774][ T64] usb 8-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 751.704507][ T64] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 751.712770][ T64] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 751.718655][ T64] usb 8-1: Product: syz [ 751.720705][ T64] usb 8-1: Manufacturer: syz [ 751.724217][ T64] usb 8-1: SerialNumber: syz [ 751.748865][T14506] netlink: 'syz.0.2115': attribute type 9 has an invalid length. [ 751.756077][T14506] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2115'. [ 752.098291][ T64] cdc_ncm 8-1:1.0: bind() failure [ 752.110152][ T64] cdc_ncm 8-1:1.1: CDC Union missing and no IAD found [ 752.113181][ T64] cdc_ncm 8-1:1.1: bind() failure [ 752.144745][ T64] usb 8-1: USB disconnect, device number 41 [ 752.286635][T11009] block nbd0: Receive control failed (result -104) [ 752.291190][T14508] block nbd0: shutting down sockets [ 752.494765][ T1380] ieee802154 phy1 wpan1: encryption failed: -22 [ 752.702507][T14510] syzkaller0: entered promiscuous mode [ 752.705017][T14510] syzkaller0: entered allmulticast mode [ 752.723507][T14512] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2117'. [ 752.758141][T14512] 9pnet_fd: p9_fd_create_tcp (14512): problem binding to privport [ 752.764838][T14510] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 752.773605][ T39] audit: type=1326 audit(1724840356.852:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14511 comm="syz.1.2117" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x0 [ 753.688960][T14526] ax25_connect(): syz.2.2119 uses autobind, please contact jreuter@yaina.de [ 756.272353][T14516] wg2: entered allmulticast mode [ 756.280787][T14522] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2118'. [ 756.620935][T14544] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2124'. [ 756.941929][ T5400] usb 7-1: new high-speed USB device number 39 using dummy_hcd [ 757.138485][ T5400] usb 7-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 757.143181][ T5400] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 757.152508][ T5400] usb 7-1: config 0 descriptor?? [ 757.683644][ T64] usb 7-1: USB disconnect, device number 39 [ 758.019416][T14560] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2128'. [ 758.154221][T14560] 9pnet_fd: p9_fd_create_tcp (14560): problem binding to privport [ 758.193138][ T39] audit: type=1326 audit(1724840362.272:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14558 comm="syz.3.2128" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x0 [ 758.366251][T14564] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 758.634088][T14570] netlink: 'syz.2.2129': attribute type 9 has an invalid length. [ 758.634110][T14570] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2129'. [ 758.757391][ T2787] usb 5-1: new high-speed USB device number 41 using dummy_hcd [ 758.961743][ T2787] usb 5-1: Using ep0 maxpacket: 8 [ 758.970978][ T2787] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 758.976008][ T2787] usb 5-1: config 246 has an invalid descriptor of length 0, skipping remainder of the config [ 759.035442][ T2787] usb 5-1: config 246 has 0 interfaces, different from the descriptor's value: 42 [ 759.058132][ T2787] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 759.061639][ T2787] usb 5-1: config 246 has an invalid descriptor of length 0, skipping remainder of the config [ 759.077837][ T2787] usb 5-1: config 246 has 0 interfaces, different from the descriptor's value: 42 [ 759.123878][ T2787] usb 5-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 759.128504][ T2787] usb 5-1: config 246 has an invalid descriptor of length 0, skipping remainder of the config [ 759.133900][ T2787] usb 5-1: config 246 has 0 interfaces, different from the descriptor's value: 42 [ 759.195847][T11009] block nbd2: Receive control failed (result -104) [ 759.209161][T14568] block nbd2: shutting down sockets [ 759.218044][ T2787] usb 5-1: string descriptor 0 read error: -22 [ 759.221041][ T2787] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 759.286728][ T2787] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 759.682255][T14581] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2132'. [ 759.690040][T14581] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2132'. [ 761.647011][ T64] usb 5-1: USB disconnect, device number 41 [ 761.652276][T14595] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2137'. [ 761.737761][ T56] usb 7-1: new high-speed USB device number 40 using dummy_hcd [ 761.949332][ T56] usb 7-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 761.952398][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 761.966834][ T56] usb 7-1: config 0 descriptor?? [ 763.024737][ T8] usb 7-1: USB disconnect, device number 40 [ 763.032882][T14608] netlink: 'syz.3.2141': attribute type 9 has an invalid length. [ 763.043482][T14605] orangefs_mount: mount request failed with -4 [ 763.046953][T14608] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2141'. [ 763.177697][T11009] block nbd3: Receive control failed (result -104) [ 763.247618][T12986] block nbd3: shutting down sockets [ 763.884693][T14624] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2143'. [ 764.174536][T14627] mkiss: ax0: crc mode is auto. [ 764.286541][T14627] netlink: 'syz.2.2144': attribute type 4 has an invalid length. [ 765.515488][T14635] netlink: 'syz.2.2146': attribute type 9 has an invalid length. [ 765.520067][T14635] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2146'. [ 766.064755][T11009] block nbd2: Receive control failed (result -104) [ 766.071967][T14634] block nbd2: shutting down sockets [ 766.555478][T14641] netlink: 'syz.3.2147': attribute type 9 has an invalid length. [ 766.561905][T14641] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2147'. [ 766.968622][T11009] block nbd3: Receive control failed (result -104) [ 766.988065][T14639] block nbd3: shutting down sockets [ 767.082889][T14656] netlink: 'syz.1.2151': attribute type 9 has an invalid length. [ 767.096687][T14656] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2151'. [ 768.075527][T14669] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2154'. [ 769.677389][ C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 770.077873][ C3] vkms_vblank_simulate: vblank timer overrun [ 770.649925][T14694] netlink: 'syz.3.2160': attribute type 9 has an invalid length. [ 770.658032][T14694] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2160'. [ 770.917535][ C3] vkms_vblank_simulate: vblank timer overrun [ 771.022995][T11009] block nbd3: Receive control failed (result -104) [ 771.027939][T14697] block nbd3: shutting down sockets [ 771.104523][T14698] netlink: 'syz.0.2161': attribute type 9 has an invalid length. [ 771.109483][T14698] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2161'. [ 771.362549][T11009] block nbd0: Receive control failed (result -104) [ 771.363547][T14699] block nbd0: shutting down sockets [ 771.531699][T14702] Process accounting resumed [ 772.531052][T14707] netlink: 'syz.0.2163': attribute type 9 has an invalid length. [ 772.534205][T14707] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2163'. [ 772.537061][T14710] syzkaller0: entered promiscuous mode [ 772.540932][T14710] syzkaller0: entered allmulticast mode [ 772.808433][T11009] block nbd0: Receive control failed (result -104) [ 772.812274][T14711] block nbd0: shutting down sockets [ 772.854374][T14716] bridge0: port 2(bridge_slave_1) entered disabled state [ 772.859443][T14716] bridge0: port 1(bridge_slave_0) entered disabled state [ 772.873087][T14716] bridge0: entered promiscuous mode [ 772.875862][T14716] bridge0: entered allmulticast mode [ 772.955284][T14716] netlink: 'syz.1.2166': attribute type 72 has an invalid length. [ 772.961559][T14716] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2166'. [ 773.563837][T14729] netlink: 'syz.2.2170': attribute type 3 has an invalid length. [ 773.568186][T14729] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2170'. [ 773.818834][T14733] netlink: 'syz.1.2172': attribute type 9 has an invalid length. [ 773.822126][T14733] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2172'. [ 775.263032][T14747] netlink: 'syz.1.2184': attribute type 9 has an invalid length. [ 775.284018][T14747] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2184'. [ 775.824873][T14750] syzkaller0: entered promiscuous mode [ 775.847926][T14750] syzkaller0: entered allmulticast mode [ 778.756562][T11393] usb 8-1: new high-speed USB device number 42 using dummy_hcd [ 778.968936][T11393] usb 8-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 778.973109][T11393] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 778.987665][T11393] usb 8-1: config 0 descriptor?? [ 779.487296][ T5377] usb 8-1: USB disconnect, device number 42 [ 780.006257][T14805] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2191'. [ 780.366081][T14811] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2193'. [ 780.449992][T14811] 9pnet_fd: p9_fd_create_tcp (14811): problem binding to privport [ 780.487841][ T39] audit: type=1326 audit(1724840384.572:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14810 comm="syz.3.2193" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x0 [ 780.845546][ T5377] usb 6-1: new high-speed USB device number 33 using dummy_hcd [ 781.048730][ T5377] usb 6-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 781.053740][ T5377] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 781.064971][ T5377] usb 6-1: config 0 descriptor?? [ 781.533872][T14819] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 781.670672][ T5377] usb 6-1: USB disconnect, device number 33 [ 781.956771][ T8] usb 8-1: new high-speed USB device number 43 using dummy_hcd [ 782.136738][ T8] usb 8-1: Using ep0 maxpacket: 8 [ 782.142894][ T8] usb 8-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 782.147635][ T8] usb 8-1: config 246 descriptor has 1 excess byte, ignoring [ 782.151451][ T8] usb 8-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 782.169106][ T8] usb 8-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 782.174007][ T8] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 782.196526][ T8] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 782.221773][ T8] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 782.246971][ T8] usb 8-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 782.250595][ T8] usb 8-1: config 246 descriptor has 1 excess byte, ignoring [ 782.253808][ T8] usb 8-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 782.269988][ T8] usb 8-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 782.275037][ T8] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 782.280294][ T8] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 782.302545][ T8] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 782.347534][ T8] usb 8-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 782.351210][ T8] usb 8-1: config 246 descriptor has 1 excess byte, ignoring [ 782.354569][ T8] usb 8-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 782.359208][ T8] usb 8-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 782.394215][ T8] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 782.415577][ T8] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 782.435496][ T8] usb 8-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 782.536802][ T8] usb 8-1: string descriptor 0 read error: -22 [ 782.539923][ T8] usb 8-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 782.544038][ T8] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 782.552526][ T8] adutux 8-1:246.0: ADU100 now attached to /dev/usb/adutux0 [ 782.619831][T14829] tmpfs: Bad value for 'mpol' [ 783.639277][ T8] usb 8-1: USB disconnect, device number 43 [ 784.696764][T14848] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2202'. [ 784.781445][T14849] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2203'. [ 785.936669][ T56] usb 7-1: new high-speed USB device number 41 using dummy_hcd [ 786.130899][ T56] usb 7-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 786.135401][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 786.149550][ T56] usb 7-1: config 0 descriptor?? [ 786.155238][T14862] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2207'. [ 786.759152][ T1295] usb 7-1: USB disconnect, device number 41 [ 787.135473][ T66] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 787.142077][ T66] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 787.161209][ T66] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 787.202169][ T66] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 787.206349][ T66] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 787.211179][ T66] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 788.221818][T14873] chnl_net:caif_netlink_parms(): no params data found [ 788.623587][T14894] netlink: 'syz.3.2214': attribute type 9 has an invalid length. [ 788.637724][T14894] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2214'. [ 788.792394][T14873] bridge0: port 1(bridge_slave_0) entered blocking state [ 788.796354][T14873] bridge0: port 1(bridge_slave_0) entered disabled state [ 788.800970][T14873] bridge_slave_0: entered allmulticast mode [ 788.836399][T14873] bridge_slave_0: entered promiscuous mode [ 788.912557][T14873] bridge0: port 2(bridge_slave_1) entered blocking state [ 788.926634][T14873] bridge0: port 2(bridge_slave_1) entered disabled state [ 788.930221][T14873] bridge_slave_1: entered allmulticast mode [ 788.948253][T14873] bridge_slave_1: entered promiscuous mode [ 789.220725][T11009] block nbd3: Receive control failed (result -104) [ 789.252866][T14898] block nbd3: shutting down sockets [ 789.277320][T11009] Bluetooth: hci9: command tx timeout [ 789.286912][T14873] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 789.299873][T14873] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 789.494096][T14901] netlink: 'syz.2.2215': attribute type 2 has an invalid length. [ 789.499384][T14873] team0: Port device team_slave_0 added [ 789.505291][T14873] team0: Port device team_slave_1 added [ 789.507807][T14901] netlink: 105116 bytes leftover after parsing attributes in process `syz.2.2215'. [ 789.656694][T14905] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2217'. [ 789.667982][T14873] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 789.671888][T14873] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 789.696567][T14873] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 789.710245][T14873] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 789.714615][T14873] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 789.743358][T14873] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 789.757942][T14905] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2217'. [ 790.083204][T14873] hsr_slave_0: entered promiscuous mode [ 790.157452][T14873] hsr_slave_1: entered promiscuous mode [ 790.200121][T14873] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 790.204530][T14873] Cannot create hsr debugfs directory [ 790.742073][T14873] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 790.756084][T14873] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 790.812255][T14918] netdevsim netdevsim2: Direct firmware load for ng failed with error -2 [ 790.816654][T14918] netdevsim netdevsim2: Falling back to sysfs fallback for: ng [ 790.986728][T14873] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 790.993768][T14873] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 791.240019][T14873] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 791.244927][T14873] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 791.356839][T11009] Bluetooth: hci9: command tx timeout [ 791.381971][T14873] bond0: (slave netdevsim0): Releasing backup interface [ 791.406162][T14873] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 791.425847][T14873] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 791.844735][T14873] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 791.883796][T14873] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 791.927301][T14873] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 791.973327][T14873] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 792.179770][T14873] 8021q: adding VLAN 0 to HW filter on device bond0 [ 792.200773][T14873] 8021q: adding VLAN 0 to HW filter on device team0 [ 792.231766][T12121] bridge0: port 1(bridge_slave_0) entered blocking state [ 792.235911][T12121] bridge0: port 1(bridge_slave_0) entered forwarding state [ 792.297687][T12121] bridge0: port 2(bridge_slave_1) entered blocking state [ 792.301755][T12121] bridge0: port 2(bridge_slave_1) entered forwarding state [ 793.064816][T14873] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 793.125777][T14873] veth0_vlan: entered promiscuous mode [ 793.154374][T14873] veth1_vlan: entered promiscuous mode [ 793.188700][T14873] veth0_macvtap: entered promiscuous mode [ 793.197850][T14873] veth1_macvtap: entered promiscuous mode [ 793.216379][T14873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.223968][T14873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.229556][T14873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.235039][T14873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.240736][T14873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.245476][T14873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.250237][T14873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.255716][T14873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.260073][T14873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.264367][T14873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.269553][T14873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.273860][T14873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.279114][T14873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.282838][T14873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.286316][T14873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.291103][T14873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.297626][T14873] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 793.309562][T14873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 793.314053][T14873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.319876][T14873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 793.325141][T14873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.336642][T14873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 793.341420][T14873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.344536][T14873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 793.354410][T14873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.361175][T14873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 793.365501][T14873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.370807][T14873] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 793.383429][T14873] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.389775][T14873] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 793.396291][T14873] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 793.407696][T14873] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 793.411652][T14873] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 793.415754][T14873] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 793.458561][T11009] Bluetooth: hci9: command tx timeout [ 793.746163][ T1102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 793.756292][ T1102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 793.835502][T14952] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2227'. [ 793.902738][ T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 793.906222][ T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 794.747759][T14969] cgroup: noprefix used incorrectly [ 795.526687][T11009] Bluetooth: hci9: command tx timeout [ 796.126556][ T5377] usb 5-1: new high-speed USB device number 42 using dummy_hcd [ 796.306618][ T5377] usb 5-1: Using ep0 maxpacket: 32 [ 796.320321][ T5377] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 796.396697][ T5377] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 796.400640][ T5377] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 796.425898][ T5377] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 81 [ 796.436989][ T5377] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 796.440902][ T5377] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 796.451959][ T5377] usb 5-1: config 0 descriptor?? [ 796.776138][T12199] usb 5-1: USB disconnect, device number 42 [ 797.386563][ T833] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 797.579171][ T833] usb 5-1: Using ep0 maxpacket: 32 [ 797.588162][ T833] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 797.591925][ T833] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 797.645349][ T833] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 797.720932][ T833] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 81 [ 797.795419][ T833] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 797.810994][ T833] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 797.868493][ T833] usb 5-1: config 0 descriptor?? [ 798.217832][ T1295] usb 5-1: USB disconnect, device number 43 [ 798.334753][T14998] exFAT-fs (nullb0): invalid boot record signature [ 798.363913][T14998] exFAT-fs (nullb0): failed to read boot sector [ 798.374006][T14998] exFAT-fs (nullb0): failed to recognize exfat type [ 798.750713][T15013] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2240'. [ 798.832647][T15013] 9pnet_fd: p9_fd_create_tcp (15013): problem binding to privport [ 798.930047][ T39] audit: type=1326 audit(1724840403.012:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15012 comm="syz.3.2240" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x0 [ 799.144508][T15016] netlink: 'syz.1.2241': attribute type 3 has an invalid length. [ 799.148504][T15016] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2241'. [ 800.554027][ T39] audit: type=1326 audit(1724840404.632:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15029 comm="syz.1.2246" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x0 [ 800.746637][ T5400] usb 5-1: new high-speed USB device number 44 using dummy_hcd [ 800.958756][ T5400] usb 5-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 800.962746][ T5400] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 800.978562][ T5400] usb 5-1: config 0 descriptor?? [ 801.563321][T15039] Process accounting resumed [ 801.575878][ T25] usb 5-1: USB disconnect, device number 44 [ 801.799323][T15045] netlink: 'syz.2.2249': attribute type 9 has an invalid length. [ 801.813029][T15045] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2249'. [ 802.416167][T11009] block nbd2: Receive control failed (result -104) [ 802.422703][T15044] block nbd2: shutting down sockets [ 803.469153][T15058] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2253'. [ 803.940805][T15058] 9pnet_fd: p9_fd_create_tcp (15058): problem binding to privport [ 803.975380][ T39] audit: type=1326 audit(1724840408.052:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15057 comm="syz.1.2253" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x0 [ 804.046154][T15062] orangefs_mount: mount request failed with -4 [ 804.183221][T15036] syz.3.2245 (15036) used greatest stack depth: 20640 bytes left [ 805.031237][T15072] netlink: 'syz.0.2255': attribute type 3 has an invalid length. [ 805.035584][T15072] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.2255'. [ 805.204409][T15073] tmpfs: Bad value for 'mpol' [ 806.529413][T15090] netlink: 'syz.2.2260': attribute type 9 has an invalid length. [ 806.533200][T15090] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2260'. [ 807.117297][T11009] block nbd2: Receive control failed (result -104) [ 807.131995][T15089] block nbd2: shutting down sockets [ 807.636889][ T833] usb 5-1: new high-speed USB device number 45 using dummy_hcd [ 807.842137][T15110] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2266'. [ 807.860448][ T833] usb 5-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 807.867070][ T833] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 807.887340][T15106] netdevsim netdevsim3: Direct firmware load for ng failed with error -2 [ 807.906194][ T833] usb 5-1: config 0 descriptor?? [ 807.923889][T15110] 9pnet_fd: p9_fd_create_tcp (15110): problem binding to privport [ 807.927894][T15106] netdevsim netdevsim3: Falling back to sysfs fallback for: ng [ 807.960840][ T39] audit: type=1326 audit(1724840412.022:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15109 comm="syz.1.2266" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x0 [ 808.478486][ T5377] usb 5-1: USB disconnect, device number 45 [ 809.086680][ T39] audit: type=1326 audit(1724840413.152:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15123 comm="syz.1.2269" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x0 [ 809.933367][T15144] netlink: 'syz.0.2273': attribute type 9 has an invalid length. [ 809.937689][T15144] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.2273'. [ 811.036182][T11009] Bluetooth: hci9: Received unexpected HCI Event 0x00 [ 811.286633][ T2787] usb 7-1: new high-speed USB device number 42 using dummy_hcd [ 811.326397][T15160] netdevsim netdevsim0: Direct firmware load for ng failed with error -2 [ 811.336553][T15160] netdevsim netdevsim0: Falling back to sysfs fallback for: ng [ 811.469577][ T2787] usb 7-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 811.473712][ T2787] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 811.493360][ T2787] usb 7-1: config 0 descriptor?? [ 811.798953][T15166] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2279'. [ 811.816124][ C2] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 812.395359][T11393] usb 7-1: USB disconnect, device number 42 [ 813.150190][T15187] (unnamed net_device) (uninitialized): option arp_validate: invalid value (524288) [ 813.330970][T15194] netlink: 'syz.2.2285': attribute type 9 has an invalid length. [ 813.334173][T15194] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.2285'. [ 813.922307][ T1380] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.437964][T15204] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2287'. [ 815.285749][T15223] EXT4-fs warning (device sda1): ext4_resize_fs:2018: can't read last block, resize aborted [ 815.576709][ T5400] usb 8-1: new high-speed USB device number 44 using dummy_hcd [ 815.779398][ T5400] usb 8-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f [ 815.783745][ T5400] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 815.799520][ T5400] usb 8-1: config 0 descriptor?? [ 816.548247][ T56] usb 8-1: USB disconnect, device number 44 [ 817.002251][T15239] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2296'. [ 817.148765][T15239] 9pnet_fd: p9_fd_create_tcp (15239): problem binding to privport [ 817.230768][ T39] audit: type=1326 audit(1724840421.312:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15238 comm="syz.2.2296" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f11579 code=0x0 [ 817.697238][T15242] netlink: 'syz.3.2297': attribute type 9 has an invalid length. [ 817.706529][T15242] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.2297'. [ 818.657286][T15245] orangefs_mount: mount request failed with -4 [ 818.843682][T15249] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2299'. [ 820.117954][T15275] netlink: 'syz.1.2306': attribute type 9 has an invalid length. [ 820.122847][T15275] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2306'. [ 820.597753][T15280] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2307'. [ 820.757364][T15280] 9pnet_fd: p9_fd_create_tcp (15280): problem binding to privport [ 820.812457][ T39] audit: type=1326 audit(1724840424.892:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15279 comm="syz.3.2307" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x0 [ 821.310104][T15284] netlink: 'syz.1.2308': attribute type 9 has an invalid length. [ 821.314306][T15284] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.2308'. [ 821.640304][T12199] usb 7-1: new high-speed USB device number 43 using dummy_hcd [ 821.773545][T15262] ------------[ cut here ]------------ [ 821.777708][T15262] WARNING: CPU: 0 PID: 15262 at mm/page_table_check.c:207 __page_table_check_ptes_set+0x2fa/0x3e0 [ 821.784955][T15262] Modules linked in: [ 821.789450][T15262] CPU: 0 UID: 0 PID: 15262 Comm: syz.0.2303 Not tainted 6.11.0-rc5-syzkaller-00057-g86987d84b968 #0 [ 821.794055][T15262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 821.798904][T15262] RIP: 0010:__page_table_check_ptes_set+0x2fa/0x3e0 [ 821.801715][T15262] Code: e9 91 fe ff ff e8 e6 42 97 ff 48 8b 2c 24 31 ff 83 e5 02 48 89 ee e8 45 45 97 ff 48 85 ed 0f 84 85 00 00 00 e8 c7 42 97 ff 90 <0f> 0b 90 e9 e9 fd ff ff e8 b9 42 97 ff eb 69 cc cc cc e8 af 42 97 [ 821.809958][T15262] RSP: 0000:ffffc90003d7fa28 EFLAGS: 00010293 [ 821.812585][T15262] RAX: 0000000000000000 RBX: ffff88806e616000 RCX: ffffffff81f3d6cb [ 821.818409][T15262] RDX: ffff88801945a440 RSI: ffffffff81f3d6d9 RDI: 0000000000000007 [ 821.821773][T15262] RBP: 0000000000000002 R08: 0000000000000007 R09: 0000000000000000 [ 821.825059][T15262] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000001 [ 821.828142][T15262] R13: ffff88801188cc00 R14: 0000000000000001 R15: 1ffff920007aff47 [ 821.830966][T15262] FS: 0000000000000000(0000) GS:ffff88802c000000(0063) knlGS:00000000579e5440 [ 821.834311][T15262] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 821.837543][T15262] CR2: 00000000200002c0 CR3: 000000006d44a000 CR4: 0000000000350ef0 [ 821.841015][T15262] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 821.844438][T15262] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 821.847598][T15262] Call Trace: [ 821.848868][T15262] [ 821.850184][T15262] ? show_regs+0x8c/0xa0 [ 821.851825][T15262] ? __warn+0xe5/0x3c0 [ 821.853463][T15262] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 821.856258][T15262] ? report_bug+0x3c0/0x580 [ 821.858546][T15262] ? handle_bug+0x3d/0x70 [ 821.860443][T15262] ? exc_invalid_op+0x17/0x50 [ 821.862561][T15262] ? asm_exc_invalid_op+0x1a/0x20 [ 821.864781][T15262] ? __page_table_check_ptes_set+0x2eb/0x3e0 [ 821.867516][T15262] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 821.870128][T15262] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 821.872472][T15262] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 821.874903][T15262] ? find_held_lock+0x2d/0x110 [ 821.877179][T15262] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 821.879914][T15262] ? rcu_read_unlock+0x17/0x60 [ 821.882030][T15262] set_ptes.constprop.0+0x193/0x1d0 [ 821.884168][T15262] ? __pfx_set_ptes.constprop.0+0x10/0x10 [ 821.886692][T15262] do_swap_page+0x1243/0x3e00 [ 821.888612][T15262] ? __pfx_do_swap_page+0x10/0x10 [ 821.890580][T15262] ? pte_offset_map_nolock+0xfe/0x1c0 [ 821.892604][T15262] ? __pfx_pte_offset_map_nolock+0x10/0x10 [ 821.894640][T15262] __handle_mm_fault+0x146b/0x5350 [ 821.896792][T15262] ? down_read_trylock+0x1ed/0x3f0 [ 821.899013][T15262] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 821.901204][T15262] ? __pfx___handle_mm_fault+0x10/0x10 [ 821.903712][T15262] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 821.906075][T15262] handle_mm_fault+0x44e/0x7b0 [ 821.908196][T15262] ? __pkru_allows_pkey+0x52/0xb0 [ 821.910491][T15262] do_user_addr_fault+0x60d/0x13f0 [ 821.912474][T15262] exc_page_fault+0x5c/0xc0 [ 821.922571][T15262] asm_exc_page_fault+0x26/0x30 [ 821.927634][T15262] RIP: 0023:0xf7291311 [ 821.929464][T15262] Code: 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 f3 a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1 e9 73 02 66 a5 a5 eb e8 66 90 66 90 66 90 66 90 66 90 90 8b 44 24 0c 39 44 24 [ 821.937660][T15262] RSP: 002b:00000000ffc45e7c EFLAGS: 00010202 [ 821.940310][T15262] RAX: 0000000000000000 RBX: 00000000f7430ff4 RCX: 0000000000000002 SYZFAIL: failed to recv rpc [ 821.943864][T15262] RDX: 0000000000000008 RSI: 00000000f6d503ae RDI: 00000000200002c0 fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 821.948068][T15262] RBP: 00000000ffc460f8 R08: 0000000000000000 R09: 0000000000000000 [ 821.951787][T15262] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 821.955456][T15262] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 821.959182][T15262] [ 821.960635][T15262] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 821.963768][T15262] CPU: 0 UID: 0 PID: 15262 Comm: syz.0.2303 Not tainted 6.11.0-rc5-syzkaller-00057-g86987d84b968 #0 [ 821.968465][T15262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 821.973091][T15262] Call Trace: [ 821.974408][T15262] [ 821.975587][T15262] dump_stack_lvl+0x3d/0x1f0 [ 821.977597][T15262] panic+0x6dc/0x7c0 [ 821.979299][T15262] ? __pfx_panic+0x10/0x10 [ 821.981216][T15262] ? show_trace_log_lvl+0x363/0x500 [ 821.983445][T15262] ? check_panic_on_warn+0x1f/0xb0 [ 821.985622][T15262] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 821.988043][T15262] check_panic_on_warn+0xab/0xb0 [ 821.990650][T15262] __warn+0xf1/0x3c0 [ 821.992553][T15262] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 821.995188][T15262] report_bug+0x3c0/0x580 [ 821.997047][T15262] handle_bug+0x3d/0x70 [ 821.998881][T15262] exc_invalid_op+0x17/0x50 [ 822.000952][T15262] asm_exc_invalid_op+0x1a/0x20 [ 822.003094][T15262] RIP: 0010:__page_table_check_ptes_set+0x2fa/0x3e0 [ 822.006005][T15262] Code: e9 91 fe ff ff e8 e6 42 97 ff 48 8b 2c 24 31 ff 83 e5 02 48 89 ee e8 45 45 97 ff 48 85 ed 0f 84 85 00 00 00 e8 c7 42 97 ff 90 <0f> 0b 90 e9 e9 fd ff ff e8 b9 42 97 ff eb 69 cc cc cc e8 af 42 97 [ 822.014291][T15262] RSP: 0000:ffffc90003d7fa28 EFLAGS: 00010293 [ 822.016951][T15262] RAX: 0000000000000000 RBX: ffff88806e616000 RCX: ffffffff81f3d6cb [ 822.020373][T15262] RDX: ffff88801945a440 RSI: ffffffff81f3d6d9 RDI: 0000000000000007 [ 822.023843][T15262] RBP: 0000000000000002 R08: 0000000000000007 R09: 0000000000000000 [ 822.027305][T15262] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000001 [ 822.030830][T15262] R13: ffff88801188cc00 R14: 0000000000000001 R15: 1ffff920007aff47 [ 822.034638][T15262] ? __page_table_check_ptes_set+0x2eb/0x3e0 [ 822.037149][T15262] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 822.039788][T15262] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 822.042427][T15262] ? find_held_lock+0x2d/0x110 [ 822.044905][T15262] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 822.049295][T15262] ? rcu_read_unlock+0x17/0x60 [ 822.051438][T15262] set_ptes.constprop.0+0x193/0x1d0 [ 822.053872][T15262] ? __pfx_set_ptes.constprop.0+0x10/0x10 [ 822.056764][T15262] do_swap_page+0x1243/0x3e00 [ 822.059182][T15262] ? __pfx_do_swap_page+0x10/0x10 [ 822.061871][T15262] ? pte_offset_map_nolock+0xfe/0x1c0 [ 822.064610][T15262] ? __pfx_pte_offset_map_nolock+0x10/0x10 [ 822.067292][T15262] __handle_mm_fault+0x146b/0x5350 [ 822.069576][T15262] ? down_read_trylock+0x1ed/0x3f0 [ 822.071954][T15262] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 822.074728][T15262] ? __pfx___handle_mm_fault+0x10/0x10 [ 822.077690][T15262] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 822.080663][T15262] handle_mm_fault+0x44e/0x7b0 [ 822.082975][T15262] ? __pkru_allows_pkey+0x52/0xb0 [ 822.085629][T15262] do_user_addr_fault+0x60d/0x13f0 [ 822.087719][T15262] exc_page_fault+0x5c/0xc0 [ 822.089409][T15262] asm_exc_page_fault+0x26/0x30 [ 822.091107][T15262] RIP: 0023:0xf7291311 [ 822.092616][T15262] Code: 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 f3 a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1 e9 73 02 66 a5 a5 eb e8 66 90 66 90 66 90 66 90 66 90 90 8b 44 24 0c 39 44 24 [ 822.115978][T15262] RSP: 002b:00000000ffc45e7c EFLAGS: 00010202 [ 822.119122][T15262] RAX: 0000000000000000 RBX: 00000000f7430ff4 RCX: 0000000000000002 [ 822.122754][T15262] RDX: 0000000000000008 RSI: 00000000f6d503ae RDI: 00000000200002c0 [ 822.126364][T15262] RBP: 00000000ffc460f8 R08: 0000000000000000 R09: 0000000000000000 [ 822.129726][T15262] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 822.133217][T15262] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 822.136787][T15262] [ 822.138932][T15262] Kernel Offset: disabled [ 822.141589][T15262] Rebooting in 86400 seconds.. VM DIAGNOSIS: 10:20:26 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84fa7a25 RDI=ffffffff9511c240 RBP=ffffffff9511c200 RSP=ffffc90003d7f3e0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000038 R14=ffffffff84fa79c0 R15=0000000000000000 RIP=ffffffff84fa7a4f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000200002c0 CR3=000000006d44a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000011e9813 RBX=0000000000000001 RCX=ffffffff8b057f59 RDX=0000000000000000 RSI=ffffffff8b4cd060 RDI=ffffffff8bb059e0 RBP=ffffed1002ce1910 RSP=ffffc90000477e08 R8 =0000000000000001 R9 =ffffed1005826fd9 R10=ffff88802c137ecb R11=0000000000000000 R12=0000000000000001 R13=ffff88801670c880 R14=ffffffff901147d8 R15=0000000000000000 RIP=ffffffff8b05934f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020028000 CR3=000000006d44a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000110000 Opmask01=0000000000000010 Opmask02=0000000000000001 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffe84310210 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f6e3a6d5e007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4b1f485e005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3033322e202e656e 6960206f6365633d 6a62206e20203932 373639000a2e2738 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000004 RBX=ffffffff902ec498 RCX=0000000000000000 RDX=1ffffffff205d895 RSI=ffffffff813c82ea RDI=0000000000000005 RBP=ffffffff902ec4b8 RSP=ffffc90003546df8 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000009 R11=0000000000000000 R12=ffffffff8244f9e1 R13=ffffffff90b4b676 R14=dffffc0000000000 R15=ffffffff902ec4a8 RIP=ffffffff813c8311 RFL=00000a06 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f92c43c9d00 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005649976e610f CR3=0000000027744000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 ZMM17=7bdd866297738b47 47fdef2a2b750d27 7bdd866297738b47 47fdef2a2b750d27 7bdd866297738b47 47fdef2a2b750d27 7bdd866297738b47 47fdef2a2b750d27 ZMM18=a48fcd44aa510d97 00cdc29e74c2637f a48fcd44aa510d97 00cdc29e74c2637f a48fcd44aa510d97 00cdc29e74c2637f a48fcd44aa510d97 00cdc29e74c2637f ZMM19=b216000000000000 0000000000000004 b216000000000000 0000000000000003 b216000000000000 0000000000000002 b216000000000000 0000000000000001 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=47fdef2a47fdef2a 47fdef2a47fdef2a 47fdef2a47fdef2a 47fdef2a47fdef2a 47fdef2a47fdef2a 47fdef2a47fdef2a 47fdef2a47fdef2a 47fdef2a47fdef2a ZMM22=97738b4797738b47 97738b4797738b47 97738b4797738b47 97738b4797738b47 97738b4797738b47 97738b4797738b47 97738b4797738b47 97738b4797738b47 ZMM23=7bdd86627bdd8662 7bdd86627bdd8662 7bdd86627bdd8662 7bdd86627bdd8662 7bdd86627bdd8662 7bdd86627bdd8662 7bdd86627bdd8662 7bdd86627bdd8662 ZMM24=74c2637f74c2637f 74c2637f74c2637f 74c2637f74c2637f 74c2637f74c2637f 74c2637f74c2637f 74c2637f74c2637f 74c2637f74c2637f 74c2637f74c2637f ZMM25=00cdc29e00cdc29e 00cdc29e00cdc29e 00cdc29e00cdc29e 00cdc29e00cdc29e 00cdc29e00cdc29e 00cdc29e00cdc29e 00cdc29e00cdc29e 00cdc29e00cdc29e ZMM26=aa510d97aa510d97 aa510d97aa510d97 aa510d97aa510d97 aa510d97aa510d97 aa510d97aa510d97 aa510d97aa510d97 aa510d97aa510d97 aa510d97aa510d97 ZMM27=a48fcd44a48fcd44 a48fcd44a48fcd44 a48fcd44a48fcd44 a48fcd44a48fcd44 a48fcd44a48fcd44 a48fcd44a48fcd44 a48fcd44a48fcd44 a48fcd44a48fcd44 ZMM28=000000500000004f 0000004e0000004d 0000004c0000004b 0000004a00000049 0000004800000047 0000004600000045 0000004400000043 0000004200000041 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=b0160000b0160000 b0160000b0160000 b0160000b0160000 b0160000b0160000 b0160000b0160000 b0160000b0160000 b0160000b0160000 b0160000b0160000 info registers vcpu 3 CPU#3 RAX=ffffc9000042d000 RBX=ffff88801980dc00 RCX=ffffffff816d0661 RDX=1ffff11003301b06 RSI=ffffffff85f3f0d4 RDI=ffff88801980d830 RBP=0000000000000001 RSP=ffffc900005f0ea8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffc9000042d008 R13=ffff88801980d828 R14=ffff888019852800 R15=0000000000000000 RIP=ffffffff85f3f122 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020254000 CR3=0000000074c7c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e9a61de0c0b3a487 9882d8af32585146 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 62899e65b5a25c12 652c7b8b6df90c94 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 20baff6fe4426200 cf1af240c2dec7fa ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b8efd58dd0c3dcdf bd3688860b767f6a ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001b780 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 33fe008000540080 01f2d4f7af3e0080 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000001000000 29ea000095560080 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 01f2d4cc01000000 8e5c008001f2d421 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000001f2ddfe 01f2d50801000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 169edc8ed028a9ba 943a1a6efabbf8d8 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a453c5aa4cfff9e5 d131423c7f4778d3 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000