last executing test programs: 601.831248ms ago: executing program 1 (id=9171): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x8) bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) 541.371574ms ago: executing program 1 (id=9174): r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"}) ioctl$EVIOCGLED(r0, 0x80404519, &(0x7f0000000940)=""/255) 495.3863ms ago: executing program 0 (id=9178): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x15, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000fcffffff000000008000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000002e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 423.698444ms ago: executing program 0 (id=9179): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000180), 0x10) sendmsg$can_bcm(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x2}, 0x10, &(0x7f0000000140)={&(0x7f0000002180)=ANY=[], 0x48}}, 0x0) 423.419169ms ago: executing program 0 (id=9180): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000ac0)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @range={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}}, 0x0) 322.46196ms ago: executing program 0 (id=9183): r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x59, 0x0, 'syz1\x00', 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0x40405515, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x8, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000000000000000, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}) 320.840403ms ago: executing program 0 (id=9186): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_TRAP_SET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)={0x58, r1, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x82}}]}, 0x58}}, 0x0) 264.183881ms ago: executing program 1 (id=9187): r0 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_bond\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_red={{0x8}, {0x4}}]}, 0x30}}, 0x0) 263.649038ms ago: executing program 2 (id=9189): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0xe) r0 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r0, 0x107, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0x4) 263.39124ms ago: executing program 0 (id=9190): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r0, &(0x7f000000ec80)=[{{&(0x7f00000027c0)={0xa, 0x4e22, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c, &(0x7f0000003a40)=[{&(0x7f0000002800)='R', 0x1}], 0x1}}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f000000fd00)=[@in={0x2, 0x4e22, @private=0xa010101}, @in6={0xa, 0x4e22, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}], 0x2c) 263.199958ms ago: executing program 2 (id=9191): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="200000005f0005"], 0x20}}, 0x0) 213.520034ms ago: executing program 3 (id=9192): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@mpls_getroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0x1c, 0x14}, [@RTA_DST={0x8}]}, 0x24}}, 0x0) 213.173185ms ago: executing program 1 (id=9193): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40)={0x0, 0x4000}) 212.413949ms ago: executing program 2 (id=9194): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x20, 0x0, 0x7, 0x3, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}}, 0x0) sendmsg$NFNL_MSG_ACCT_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x14, 0x3, 0x7, 0x5}, 0x14}}, 0x0) 212.179471ms ago: executing program 3 (id=9195): r0 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0xfffffffffffffff9, 0x0, 0xffffffffffffff72, 0xc}) io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0) 161.873868ms ago: executing program 1 (id=9196): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b3241078b089b39353b0e1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b33300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) 161.542426ms ago: executing program 2 (id=9197): mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000a00)={'filter\x00', 0x7, 0x4, 0x4f0, 0x220, 0x110, 0x408, 0x408, 0x408, 0x408, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @loopback, @multicast2, 0xf, 0xffffffff}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@broadcast, @broadcast, @rand_addr=0x64010102, 0xf}}}, {{@uncond, 0xc0, 0x1e8}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x8, 'system_u:object_r:nvram_device_t:s0\x00'}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x540) 84.161623ms ago: executing program 2 (id=9198): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_X86_BUS_LOCK_EXIT(r1, 0x4068aea3, &(0x7f0000000180)={0xc1, 0x0, 0x3}) 83.409621ms ago: executing program 3 (id=9199): setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) ioctl$SIOCPNGETOBJECT(0xffffffffffffffff, 0x89e0, 0x0) syz_emit_vhci(&(0x7f0000002980)=@HCI_EVENT_PKT={0x4, @hci_ev_change_link_key_complete={{0x9, 0x3}, {0x0, 0xc8}}}, 0x6) 83.304065ms ago: executing program 3 (id=9200): r0 = socket$inet_smc(0x2b, 0x1, 0x0) listen(r0, 0x0) listen(r0, 0x0) 17.615163ms ago: executing program 3 (id=9201): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) process_mrelease(r1, 0x0) 17.1576ms ago: executing program 2 (id=9202): r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x109801, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000080)=0x74000000) write$dsp(r0, &(0x7f0000002000)='`', 0x88020) 16.754161ms ago: executing program 1 (id=9203): munmap(&(0x7f0000000000/0x2000)=nil, 0x2000) r0 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_SEND_PRIO(r0, 0x6b, 0x3, &(0x7f0000000000), 0x4) 0s ago: executing program 3 (id=9204): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x3, 0x8, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000009b00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x0, 0x52, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 0s ago: executing program 1 (id=9205): syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x1046, 0x0, 0x0, 0x0, 0x0}, 0x0, 0x0) r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="cc000000000000009e"]) kernel console output (not intermixed with test programs): itch: netlink: Flow key attr not present in new flow. [ 105.934564][T14551] Bluetooth: hci0: Opcode 0x0401 failed: -4 [ 106.058561][T14697] kernel profiling enabled (shift: 7) [ 106.266771][T14738] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048) [ 106.287569][T14741] ebtables: wrong size: *len 264, entries_size 144, replsz 144 [ 106.591440][T14807] validate_nla: 3 callbacks suppressed [ 106.591453][T14807] netlink: 'syz.1.4272': attribute type 1 has an invalid length. [ 106.591846][T14808] (unnamed net_device) (uninitialized): peer notification delay (512) is not a multiple of miimon (5), value rounded to 510 ms [ 106.594282][T14807] netlink: 'syz.1.4272': attribute type 2 has an invalid length. [ 106.735424][T14838] kernel read not supported for file / (pid: 14838 comm: syz.3.4289) [ 106.738634][ T39] audit: type=1800 audit(2000000043.901:23947): pid=14838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4289" name=08 dev="mqueue" ino=37505 res=0 errno=0 [ 106.826503][T14867] --map-set only usable from mangle table [ 106.959140][T14900] ata1.00: non-matching transfer count (1530558389/0) [ 107.053891][T14925] Malformed UNC in devname [ 107.053891][T14925] [ 107.056799][T14925] CIFS: VFS: Malformed UNC in devname [ 107.174571][T14952] netlink: 'syz.1.4342': attribute type 1 has an invalid length. [ 107.415727][ T5996] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 107.510276][T15026] ipt_ECN: cannot use operation on non-tcp rule [ 107.560742][T15030] lo speed is unknown, defaulting to 1000 [ 107.574173][ T5996] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 107.602989][T15038] block device autoloading is deprecated and will be removed. [ 107.608536][T15038] syz.3.4384: attempt to access beyond end of device [ 107.608536][T15038] ram200: rw=2048, sector=18446744073709551608, nr_sectors = 8 limit=8192 [ 107.643314][ T25] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 107.683219][ T25] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 107.704127][T15049] netlink: 'syz.3.4390': attribute type 10 has an invalid length. [ 107.706446][T15049] team0: entered promiscuous mode [ 107.707944][T15049] team_slave_1: entered promiscuous mode [ 107.709983][T15049] bridge0: port 3(team0) entered blocking state [ 107.712090][T15049] bridge0: port 3(team0) entered disabled state [ 107.716298][T15049] team0: entered allmulticast mode [ 107.718247][T15049] team_slave_1: entered allmulticast mode [ 107.721783][T15049] bridge0: port 3(team0) entered blocking state [ 107.723581][T15049] bridge0: port 3(team0) entered forwarding state [ 107.762304][ T5996] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 107.772395][ T1444] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 107.862015][ T5996] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 107.885370][T15077] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 107.932208][ T1444] usb 5-1: Using ep0 maxpacket: 8 [ 107.941096][T11541] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 107.948245][ T1444] usb 5-1: config 0 has an invalid interface number: 151 but max is 1 [ 107.951807][ T1444] usb 5-1: config 0 has no interface number 1 [ 107.954234][ T1444] usb 5-1: config 0 interface 151 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 107.958374][ T1444] usb 5-1: config 0 interface 151 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83 [ 107.963495][ T1444] usb 5-1: config 0 interface 151 altsetting 0 endpoint 0x83 has invalid maxpacket 64466, setting to 1024 [ 107.969055][ T1444] usb 5-1: config 0 interface 151 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024 [ 107.974127][ T1444] usb 5-1: config 0 interface 151 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 107.979106][ T1444] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 107.980393][ T5996] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 107.983298][ T1444] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 107.994939][ T1444] usb 5-1: New USB device found, idVendor=0499, idProduct=500a, bcdDevice=e7.b7 [ 107.996167][T15093] netlink: 'syz.2.4410': attribute type 1 has an invalid length. [ 107.998837][ T1444] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 108.005564][ T1444] usb 5-1: Product: syz [ 108.007163][ T1444] usb 5-1: Manufacturer: syz [ 108.008881][ T1444] usb 5-1: SerialNumber: syz [ 108.012744][ T1444] usb 5-1: config 0 descriptor?? [ 108.015616][T15031] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 108.021074][ T1444] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 108.026390][ T1444] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 108.029464][ T1444] usb 5-1: invalid MIDI in EP 0 [ 108.055889][ T1444] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 108.059821][ T5967] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 108.123171][T15111] netlink: 'syz.2.4417': attribute type 16 has an invalid length. [ 108.139473][ T5967] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 108.240727][ T25] usb 5-1: USB disconnect, device number 4 [ 108.375020][T15147] netlink: 'syz.1.4435': attribute type 11 has an invalid length. [ 108.379280][T15147] __nla_validate_parse: 16 callbacks suppressed [ 108.379289][T15147] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.4435'. [ 108.458446][T15159] veth1_macvtap: left promiscuous mode [ 108.786626][T15203] netlink: 140 bytes leftover after parsing attributes in process `syz.3.4463'. [ 108.799393][T15209] Scaler: ================= START STATUS ================= [ 108.808486][T15209] Scaler: ================== END STATUS ================== [ 109.007914][T15248] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4486'. [ 109.012851][T15250] netlink: 'syz.2.4487': attribute type 10 has an invalid length. [ 109.015738][T15250] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4487'. [ 109.019882][T15250] ipvlan1: entered promiscuous mode [ 109.021910][T15250] ipvlan1: entered allmulticast mode [ 109.025720][T15250] bridge0: port 2(ipvlan1) entered blocking state [ 109.029542][T15250] bridge0: port 2(ipvlan1) entered disabled state [ 109.033841][T15250] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check. [ 109.076318][T15261] xt_CHECKSUM: unsupported CHECKSUM operation f4 [ 109.113972][T15269] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 109.128382][T15272] netlink: 'syz.0.4497': attribute type 3 has an invalid length. [ 109.135803][T15272] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.4497'. [ 109.271301][ T1324] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 109.417492][T15318] netlink: 'syz.3.4519': attribute type 1 has an invalid length. [ 109.443872][ T1324] usb 6-1: New USB device found, idVendor=0403, idProduct=da73, bcdDevice=dc.8d [ 109.449338][ T1324] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.458101][ T1324] usb 6-1: config 0 descriptor?? [ 109.463939][T15323] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request [ 109.474939][ T1324] usb 6-1: NDI device with a latency value of 1 [ 109.508755][T15331] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.512620][T15331] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.515817][T15331] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.520785][T15331] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.524765][T15331] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 109.529086][T15331] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 109.565375][T15337] openvswitch: netlink: IP tunnel dst address not specified [ 109.629294][T15348] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4534'. [ 109.633429][T15348] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4534'. [ 109.675137][ T1324] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected [ 109.681683][ T1324] ftdi_sio ttyUSB0: unknown device type: 0xdc8d [ 109.691923][ T1324] usb 6-1: USB disconnect, device number 3 [ 109.695166][ T1324] ftdi_sio 6-1:0.0: device disconnected [ 109.736686][ T39] audit: type=1326 audit(2000000046.925:23948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15361 comm="syz.2.4541" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 109.750179][ T39] audit: type=1326 audit(2000000046.935:23949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15361 comm="syz.2.4541" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 109.759058][ T39] audit: type=1326 audit(2000000046.935:23950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15361 comm="syz.2.4541" exe="/syz-executor" sig=0 arch=40000003 syscall=110 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 109.772892][ T39] audit: type=1326 audit(2000000046.935:23951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15361 comm="syz.2.4541" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 109.874102][T15383] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 109.877277][T15383] overlayfs: missing 'lowerdir' [ 110.037694][T15409] ipt_REJECT: TCP_RESET invalid for non-tcp [ 110.367457][T15471] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 110.557342][T15502] tmpfs: Bad value for 'mpol' [ 110.702779][T15518] random: crng reseeded on system resumption [ 110.713645][T15518] Unrecognized hibernate image header format! [ 110.716302][T15518] PM: hibernation: Image mismatch: architecture specific data [ 111.325252][T15529] Cannot find add_set index 3 as target [ 111.391039][T15544] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4624'. [ 111.399447][T15544] netlink: 72 bytes leftover after parsing attributes in process `syz.1.4624'. [ 111.404898][T15544] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check. [ 111.422324][T15547] cgroup: name respecified [ 111.433047][T15551] random: crng reseeded on system resumption [ 111.639408][T15591] block device autoloading is deprecated and will be removed. [ 111.644515][T15591] syz.1.4649: attempt to access beyond end of device [ 111.644515][T15591] md0: rw=2048, sector=18446744073709551608, nr_sectors = 8 limit=0 [ 111.769557][T15621] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4664'. [ 111.816345][T15635] program syz.1.4671 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 111.875838][T15647] validate_nla: 1 callbacks suppressed [ 111.875858][T15647] netlink: 'syz.0.4677': attribute type 4 has an invalid length. [ 112.033721][T15683] Timeout policy `syz0' can only be used by L3 protocol number 0 [ 112.150968][T15709] Unknown options in mask 7 [ 112.167601][T15712] xt_CT: You must specify a L4 protocol and not use inversions on it [ 112.262881][T15723] bond2: entered promiscuous mode [ 112.336862][T15740] Cannot find del_set index 4 as target [ 112.463697][T15764] kAFS: unparsable volume name [ 112.795425][T15824] syz.0.4765: attempt to access beyond end of device [ 112.795425][T15824] sr0: rw=6144, sector=128, nr_sectors = 8 limit=128 [ 112.808235][T15824] gfs2: error -5 reading superblock [ 112.882891][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 112.882905][ T39] audit: type=1326 audit(2000000050.096:23954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15844 comm="syz.1.4775" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1579 code=0x7ffc0000 [ 112.896483][ T39] audit: type=1326 audit(2000000050.106:23955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15844 comm="syz.1.4775" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1579 code=0x7ffc0000 [ 112.904869][ T39] audit: type=1326 audit(2000000050.116:23956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15844 comm="syz.1.4775" exe="/syz-executor" sig=0 arch=40000003 syscall=29 compat=1 ip=0xf7fe1579 code=0x7ffc0000 [ 112.920930][T15850] ata3.00: invalid multi_count 1 ignored [ 113.172113][T15892] netlink: 'syz.2.4798': attribute type 11 has an invalid length. [ 113.265894][T15908] x_tables: ip_tables: MASQUERADE target: used from hooks INPUT, but only usable from POSTROUTING [ 113.394910][T15926] netlink: 'syz.3.4816': attribute type 1 has an invalid length. [ 113.397676][T15926] __nla_validate_parse: 6 callbacks suppressed [ 113.397690][T15926] netlink: 157116 bytes leftover after parsing attributes in process `syz.3.4816'. [ 113.405758][T15926] nbd: couldn't find device at index 16 [ 113.486579][ C3] ata1: illegal qc_active transition (00000000->00000800) [ 113.686220][T15963] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 113.756740][T15979] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4838'. [ 113.799492][T15985] befs: (nullb0): No write support. Marking filesystem read-only [ 113.806809][T15985] befs: (nullb0): invalid magic header [ 113.809764][T15989] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes [ 113.811066][ T1100] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300) [ 113.818797][ T1100] ata1.00: configured for UDMA/100 [ 113.874048][T15999] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4847'. [ 113.963188][T16015] trusted_key: encrypted_key: hex blob is missing [ 113.982099][T16018] random: crng reseeded on system resumption [ 113.994602][T16018] PM: hibernation: Image mismatch: memory size [ 114.166270][T16050] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4873'. [ 114.255056][T16063] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT [ 114.410129][T16083] (syz.3.4889,16083,3):ocfs2_fill_super:990 ERROR: superblock probe failed! [ 114.413337][T16083] (syz.3.4889,16083,3):ocfs2_fill_super:1178 ERROR: status = -22 [ 114.468936][T16095] netlink: 'syz.2.4895': attribute type 1 has an invalid length. [ 114.471500][T16095] netlink: 'syz.2.4895': attribute type 3 has an invalid length. [ 114.474221][T16095] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4895'. [ 114.478528][T16095] NCSI netlink: No device for ifindex 0 [ 114.511465][T16101] 9p: Unknown Cache mode or invalid value fscache0[?Tcu; [ 114.530554][T16105] can0: slcan on ptm0. [ 114.555468][T16107] cgroup: subsys name conflicts with all [ 114.626199][T16103] can0 (unregistered): slcan off ptm0. [ 114.654874][T16117] netlink: 'syz.1.4906': attribute type 1 has an invalid length. [ 114.695795][T16123] befs: (loop3): No write support. Marking filesystem read-only [ 114.698802][T16123] syz.1.4909: attempt to access beyond end of device [ 114.698802][T16123] loop3: rw=0, sector=0, nr_sectors = 2 limit=0 [ 114.703950][T16123] befs: (loop3): unable to read superblock [ 114.798501][ T39] audit: type=1326 audit(2000000052.027:23957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16138 comm="syz.2.4917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 114.813144][ T39] audit: type=1326 audit(2000000052.027:23958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16138 comm="syz.2.4917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 114.822267][ T39] audit: type=1326 audit(2000000052.027:23959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16138 comm="syz.2.4917" exe="/syz-executor" sig=0 arch=40000003 syscall=105 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 114.833054][ T39] audit: type=1326 audit(2000000052.037:23960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16138 comm="syz.2.4917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 114.842830][ T39] audit: type=1326 audit(2000000052.037:23961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16138 comm="syz.2.4917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 114.938671][T16159] netlink: 'syz.2.4927': attribute type 1 has an invalid length. [ 114.941620][T16159] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.4927'. [ 114.945837][T16159] netlink: 1 bytes leftover after parsing attributes in process `syz.2.4927'. [ 115.112139][ T39] audit: type=1326 audit(2000000052.328:23962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16180 comm="syz.1.4938" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1579 code=0x7ffc0000 [ 115.133160][ T39] audit: type=1326 audit(2000000052.338:23963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16180 comm="syz.1.4938" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1579 code=0x7ffc0000 [ 115.179307][T16192] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4944'. [ 115.226722][T16199] program syz.1.4946 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 115.344893][T16221] xt_bpf: check failed: parse error [ 115.483721][T16252] program syz.2.4970 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 115.796132][T16298] xt_bpf: check failed: parse error [ 115.851745][T16304] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4995'. [ 115.885654][T16306] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4997'. [ 115.924020][T16310] SET target dimension over the limit! [ 116.186475][T16341] netlink: 'syz.2.5013': attribute type 75 has an invalid length. [ 116.495356][T16385] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 116.498093][T16385] IPv6: NLM_F_CREATE should be set when creating new route [ 116.500713][T16385] IPv6: NLM_F_CREATE should be set when creating new route [ 116.586979][T16403] random: crng reseeded on system resumption [ 116.654477][T16412] sock: sock_set_timeout: `syz.1.5049' (pid 16412) tries to set negative timeout [ 116.941278][T16443] : entered promiscuous mode [ 116.995230][ C2] sr 2:0:0:0: [sr0] tag#8 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 116.999086][ C2] sr 2:0:0:0: [sr0] tag#8 CDB: ATA command pass through(16) [ 117.001794][ C2] sr 2:0:0:0: [sr0] tag#8 CDB[00]: 85 36 b6 0b fa 5e b8 4e a4 5b 21 00 00 00 00 00 [ 117.005221][ C2] sr 2:0:0:0: [sr0] tag#8 CDB[10]: 00 [ 117.131157][T16455] syz.0.5069: attempt to access beyond end of device [ 117.131157][T16455] nbd0: rw=0, sector=1, nr_sectors = 1 limit=0 [ 117.137049][T16455] VFS: could not find a valid V7 on nbd0. [ 117.225557][T16465] program syz.3.5076 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 117.229183][T16465] ata1.00: invalid transfer count 0 [ 117.673652][T16527] netlink: 'syz.1.5106': attribute type 4 has an invalid length. [ 117.780676][ T1444] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 117.838280][T16540] netlink: 'syz.1.5111': attribute type 1 has an invalid length. [ 117.841662][T16540] netlink: 'syz.1.5111': attribute type 2 has an invalid length. [ 117.877157][T16543] xt_CT: You must specify a L4 protocol and not use inversions on it [ 117.931267][ T1444] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 117.933730][ T1444] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 117.938239][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 117.938254][ T39] audit: type=1326 audit(2000000055.172:23966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16549 comm="syz.2.5117" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 117.939886][ T1444] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 117.946099][ T39] audit: type=1326 audit(2000000055.172:23967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16549 comm="syz.2.5117" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 117.947407][ T1444] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 117.951396][ T39] audit: type=1326 audit(2000000055.182:23968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16549 comm="syz.2.5117" exe="/syz-executor" sig=0 arch=40000003 syscall=175 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 117.956487][ T1444] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 117.959212][ T39] audit: type=1326 audit(2000000055.182:23969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16549 comm="syz.2.5117" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 117.974394][ T1444] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 117.974413][ T1444] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 117.974423][ T1444] usb 5-1: Product: syz [ 117.974430][ T1444] usb 5-1: Manufacturer: syz [ 117.977503][ T1444] cdc_wdm 5-1:1.0: skipping garbage [ 117.982617][ T39] audit: type=1326 audit(2000000055.182:23970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16549 comm="syz.2.5117" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 117.984293][ T1444] cdc_wdm 5-1:1.0: skipping garbage [ 117.996019][ T1444] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 117.999601][ T1444] cdc_wdm 5-1:1.0: Unknown control protocol [ 118.144662][T16566] netlink: 'syz.2.5125': attribute type 5 has an invalid length. [ 118.184635][T16515] cdc_wdm 5-1:1.0: Error submitting int urb - -90 [ 118.190111][ T1444] usb 5-1: USB disconnect, device number 5 [ 118.476949][T16599] __nla_validate_parse: 9 callbacks suppressed [ 118.476966][T16599] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5140'. [ 118.483926][T16599] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5140'. [ 118.892776][T16666] Bluetooth: MGMT ver 1.23 [ 119.093092][ T39] audit: type=1800 audit(2000000056.337:23971): pid=16685 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5183" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 119.135081][ T6001] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 119.242991][T16709] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5193'. [ 119.248627][T16709] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5193'. [ 119.252052][T16709] Zero length message leads to an empty skb [ 119.309860][ T6001] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 119.314154][ T6001] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 119.314177][ T6001] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 119.314212][ T6001] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 119.314232][ T6001] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 119.315692][ T6001] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 119.332426][ T6001] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 119.332452][ T6001] usb 8-1: Product: syz [ 119.332467][ T6001] usb 8-1: Manufacturer: syz [ 119.339155][ T6001] cdc_wdm 8-1:1.0: skipping garbage [ 119.343203][ T6001] cdc_wdm 8-1:1.0: skipping garbage [ 119.346029][ T6001] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 119.346049][ T6001] cdc_wdm 8-1:1.0: Unknown control protocol [ 119.350454][T16721] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5199'. [ 119.401137][T16725] mkiss: ax0: crc mode is auto. [ 119.404222][T16729] Bluetooth: MGMT ver 1.23 [ 119.478023][T16733] netlink: 'syz.1.5205': attribute type 1 has an invalid length. [ 119.481570][T16733] netlink: 9348 bytes leftover after parsing attributes in process `syz.1.5205'. [ 119.485358][T16733] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5205'. [ 119.512185][T16735] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5206'. [ 119.515646][T16735] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5206'. [ 119.547351][T16662] cdc_wdm 8-1:1.0: Error submitting int urb - -90 [ 119.550429][ T830] usb 8-1: USB disconnect, device number 4 [ 119.788857][T16765] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5215'. [ 120.661248][T16851] openvswitch: netlink: Message has 237 unknown bytes. [ 120.663784][T16851] openvswitch: netlink: Actions may not be safe on all matching packets [ 120.994379][T16904] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 121.001556][T16907] openvswitch: netlink: Actions may not be safe on all matching packets [ 121.107625][T16930] netlink: 'syz.3.5292': attribute type 1 has an invalid length. [ 121.144892][T16936] ALSA: mixer_oss: invalid OSS volume 'Y{UDD ' [ 121.144907][T16936] ALSA: mixer_oss: invalid OSS volume 'ߧ4cT󯆩"m!lT.Π' [ 121.144916][T16936] ALSA: mixer_oss: invalid OSS volume 'lg' [ 121.144923][T16936] ALSA: mixer_oss: invalid OSS volume ')nkKi,rWY\ZV?J`G' [ 121.144941][T16936] ALSA: mixer_oss: invalid OSS volume 'kO0$g{pl{y;_ARW' [ 121.144949][T16936] ALSA: mixer_oss: invalid OSS volume '' [ 121.144959][T16936] ALSA: mixer_oss: invalid OSS volume 'sv Fu{Qby>h%w]' [ 121.144970][T16936] ALSA: mixer_oss: invalid OSS volume 'E= v?@48@hL' [ 121.144977][T16936] ALSA: mixer_oss: invalid OSS volume '+?>3Iq0:iq|UDř' [ 121.144988][T16936] ALSA: mixer_oss: invalid OSS volume 'vӷ*xrN0ܗcAdh' [ 121.144994][T16936] ALSA: mixer_oss: invalid OSS volume 'JM %HJ[~S' [ 121.447973][T16957] /dev/sr0: Can't open blockdev [ 121.480180][ T39] audit: type=1326 audit(2000000058.735:23972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16969 comm="syz.0.5310" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 121.487822][ T39] audit: type=1326 audit(2000000058.735:23973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16969 comm="syz.0.5310" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 121.493687][ T39] audit: type=1326 audit(2000000058.745:23974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16969 comm="syz.0.5310" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 121.500369][ T39] audit: type=1326 audit(2000000058.745:23975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16969 comm="syz.0.5310" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 121.597395][T16983] team0: Port device macvlan1 added [ 121.765529][ T25] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 121.803182][T17005] netlink: 'syz.0.5327': attribute type 29 has an invalid length. [ 121.814083][T17005] netlink: 'syz.0.5327': attribute type 29 has an invalid length. [ 121.916913][ T25] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 121.920259][ T25] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 121.923953][ T25] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 121.927506][ T25] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 121.931232][ T25] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 121.936896][ T25] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 121.940771][ T25] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 121.944945][ T25] usb 6-1: Product: syz [ 121.948745][ T25] usb 6-1: Manufacturer: syz [ 121.969609][ T25] cdc_wdm 6-1:1.0: skipping garbage [ 121.971497][ T25] cdc_wdm 6-1:1.0: skipping garbage [ 121.974266][ T25] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 121.976497][ T25] cdc_wdm 6-1:1.0: Unknown control protocol [ 121.994781][T17022] overlayfs: only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed. [ 122.184847][T16976] cdc_wdm 6-1:1.0: Error submitting int urb - -90 [ 122.190279][T11541] usb 6-1: USB disconnect, device number 4 [ 122.460191][T17067] bad cache= option: none [ 122.460191][T17067] [ 122.463824][T17067] CIFS: VFS: bad cache= option: none [ 122.706108][T17096] netlink: 'syz.2.5370': attribute type 1 has an invalid length. [ 122.738309][T17098] netlink: 'syz.1.5371': attribute type 1 has an invalid length. [ 123.341785][T17156] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 123.574140][T17178] program syz.3.5411 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 123.792437][T17200] netlink: 'syz.2.5420': attribute type 142 has an invalid length. [ 124.150956][ T39] kauditd_printk_skb: 5 callbacks suppressed [ 124.150970][ T39] audit: type=1326 audit(2000000061.414:23981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17240 comm="syz.1.5439" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe1579 code=0x0 [ 124.263108][T17256] __nla_validate_parse: 12 callbacks suppressed [ 124.263121][T17256] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5445'. [ 124.297571][T11541] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 124.347343][ T5957] Bluetooth: hci1: command 0x0406 tx timeout [ 124.368650][ T1444] IPVS: starting estimator thread 0... [ 124.457074][T11541] usb 7-1: Using ep0 maxpacket: 32 [ 124.457082][T17269] IPVS: using max 34 ests per chain, 81600 per kthread [ 124.464691][T11541] usb 7-1: config index 0 descriptor too short (expected 35577, got 27) [ 124.469497][T11541] usb 7-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 124.472169][T11541] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 124.474683][T11541] usb 7-1: config 1 has no interface number 0 [ 124.476377][T11541] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 124.480287][T11541] usb 7-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 124.485123][T11541] usb 7-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 124.490877][T11541] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.506364][T11541] snd_usb_pod 7-1:1.1: Line 6 Pocket POD found [ 125.023904][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.026913][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.030699][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.034502][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.037874][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.040607][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.043247][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.046203][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.048964][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.051905][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.053161][T17291] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.5460'. [ 125.054904][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.054961][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.055056][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.059598][T17291] openvswitch: netlink: Geneve option length err (len 3060, max 255). [ 125.061572][T11541] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now attached [ 125.063911][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.080520][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.084410][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.089205][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.092294][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.094818][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.097934][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.100528][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.103926][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.106948][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.109575][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.112056][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.114553][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.117483][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.120239][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.123189][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.126095][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.127778][T17295] nbd: couldn't find a device at index 4096 [ 125.128741][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.133099][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.135739][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.138351][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.140964][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.143535][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.147939][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.151768][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.154719][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.157805][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.161015][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.163892][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.166899][ T25] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 125.180042][ T25] hid-generic 0000:0000:0000.0002: hidraw1: HID v0.00 Device [syz0] on syz0 [ 125.182034][T17299] mkiss: ax0: crc mode is auto. [ 125.200435][T15109] udevd[15109]: failed to send result of seq 15912 to main daemon: Connection refused [ 125.222534][ T5960] udevd[5960]: failed to send result of seq 15913 to main daemon: Transport endpoint is not connected [ 125.275481][ T5967] usb 7-1: USB disconnect, device number 4 [ 125.280571][ T5967] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now disconnected [ 125.323972][T17309] [U]  [ 125.419035][T17323] sp0: Synchronizing with TNC [ 125.462025][T17331] netlink: 'syz.0.5481': attribute type 30 has an invalid length. [ 125.535863][T17341] smc: net device bond0 applied user defined pnetid SYZ0 [ 125.674768][T17364] x_tables: ip_tables: udp match: only valid for protocol 17 [ 125.731863][T17368] mkiss: ax0: crc mode is auto. [ 125.742458][ T39] audit: type=1326 audit(2000000062.998:23982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17369 comm="syz.1.5500" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe1579 code=0x0 [ 125.792052][T17374] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5501'. [ 125.877063][T17383] tmpfs: Cannot retroactively limit inodes [ 125.991033][T17394] syz.2.5509[17394] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 125.991144][T17394] syz.2.5509[17394] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 125.991257][T17394] syz.2.5509[17394] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 126.037747][T17396] ata3.00: invalid multi_count 1 ignored [ 126.224099][T17417] netlink: 188 bytes leftover after parsing attributes in process `syz.2.5521'. [ 126.227625][T17417] netlink: 'syz.2.5521': attribute type 1 has an invalid length. [ 126.706041][T17450] tmpfs: Cannot retroactively limit inodes [ 126.846472][T17434] syz.3.5529 (17434): drop_caches: 2 [ 126.873513][T17434] syz.3.5529 (17434): drop_caches: 2 [ 126.910065][T17469] netlink: 'syz.1.5545': attribute type 1 has an invalid length. [ 126.942197][T17474] ata1.00: invalid command format 189 [ 126.970645][T17479] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5551'. [ 126.971054][T17480] IPVS: sync thread started: state = BACKUP, mcast_ifn = sit0, syncid = 0, id = 0 [ 127.105391][T17503] ata3.00: invalid multi_count 1 ignored [ 127.120911][T17508] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5565'. [ 127.546353][T17563] netlink: 'syz.1.5591': attribute type 11 has an invalid length. [ 127.701382][T17572] tipc: Enabling of bearer rejected, failed to enable media [ 128.127734][ T5967] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 128.277442][ T5967] usb 5-1: Using ep0 maxpacket: 32 [ 128.282312][ T5967] usb 5-1: config index 0 descriptor too short (expected 35577, got 27) [ 128.284685][ T5967] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 128.287054][ T5967] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 128.291876][ T5967] usb 5-1: config 1 has no interface number 0 [ 128.293841][ T5967] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 128.296846][ T5967] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 128.300549][ T5967] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 128.302865][ T5967] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.309821][ T5967] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found [ 128.869351][ T5967] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now attached [ 129.022446][ T25] IPVS: starting estimator thread 0... [ 129.055231][T17684] overlayfs: workdir and upperdir must be separate subtrees [ 129.083844][ T25] usb 5-1: USB disconnect, device number 6 [ 129.088508][ T25] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected [ 129.116495][T17681] IPVS: using max 22 ests per chain, 52800 per kthread [ 129.299684][T17713] netlink: 'syz.1.5661': attribute type 1 has an invalid length. [ 129.303495][T17713] netlink: 3 bytes leftover after parsing attributes in process `syz.1.5661'. [ 129.303762][T17714] tipc: Started in network mode [ 129.308055][T17714] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711 [ 129.310800][T17714] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb [ 129.314693][T17714] tipc: Enabled bearer , priority 0 [ 129.413733][ T39] audit: type=1326 audit(2000000066.687:23983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17726 comm="syz.3.5667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 129.425383][ T39] audit: type=1326 audit(2000000066.687:23984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17726 comm="syz.3.5667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 129.434646][ T39] audit: type=1326 audit(2000000066.697:23985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17726 comm="syz.3.5667" exe="/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 129.443781][ T39] audit: type=1326 audit(2000000066.697:23986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17726 comm="syz.3.5667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 129.455855][ T39] audit: type=1326 audit(2000000066.697:23987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17726 comm="syz.3.5667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 129.462059][ T39] audit: type=1326 audit(2000000066.697:23988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17726 comm="syz.3.5667" exe="/syz-executor" sig=0 arch=40000003 syscall=9 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 129.465625][T17731] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5668'. [ 129.470918][ T39] audit: type=1326 audit(2000000066.707:23989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17726 comm="syz.3.5667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 129.480165][ T39] audit: type=1326 audit(2000000066.707:23990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17726 comm="syz.3.5667" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 130.221703][T17832] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5715'. [ 130.258590][T17836] sg_write: data in/out 196608/1 bytes for SCSI command 0xdb-- guessing data in; [ 130.258590][T17836] program syz.2.5717 not setting count and/or reply_len properly [ 130.425964][ T6001] tipc: Node number set to 1 [ 130.757859][T17907] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5750'. [ 131.254825][T17978] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5784'. [ 131.513833][T18019] netlink: 'syz.2.5804': attribute type 1 has an invalid length. [ 131.516731][T18019] openvswitch: netlink: Actions may not be safe on all matching packets [ 131.634517][T18040] tipc: New replicast peer: 100.1.1.1 [ 131.636107][T18040] tipc: Enabled bearer , priority 0 [ 131.678523][T18049] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5818'. [ 131.707811][T18051] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5819'. [ 132.034405][T18081] openvswitch: netlink: Actions may not be safe on all matching packets [ 132.082129][ T1409] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.084099][ T1409] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.220724][T18104] hugetlbfs: Bad value 'A' for mount option 'nr_inodes' [ 132.220724][T18104] [ 132.254706][T18108] netlink: 'syz.0.5845': attribute type 29 has an invalid length. [ 132.301725][T18114] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5848'. [ 132.345706][T18122] sp0: Synchronizing with TNC [ 132.609557][ T39] audit: type=1326 audit(2000000069.893:23991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18167 comm="syz.0.5873" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 132.616346][ T39] audit: type=1326 audit(2000000069.893:23992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18167 comm="syz.0.5873" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 133.131521][T18211] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5894'. [ 134.055512][T11541] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 134.062507][T11541] hid-generic 0000:0000:0000.0003: hidraw1: HID v0.00 Device [syz1] on syz0 [ 134.113360][T18267] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5921'. [ 134.125832][T18267] : entered promiscuous mode [ 134.132633][T18270] sg_read: process 2796 (syz.0.5922) changed security contexts after opening file descriptor, this is not allowed. [ 134.385215][T18292] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5933'. [ 134.452119][T18298] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.5936'. [ 134.455284][T18298] openvswitch: netlink: Multiple metadata blocks provided [ 134.636925][T18322] vlan1: entered allmulticast mode [ 134.639139][T18322] veth0_vlan: entered allmulticast mode [ 134.664019][ T39] kauditd_printk_skb: 3 callbacks suppressed [ 134.664033][ T39] audit: type=1326 audit(2000000071.946:23996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18325 comm="syz.3.5949" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 134.673761][ T39] audit: type=1326 audit(2000000071.946:23997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18325 comm="syz.3.5949" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 134.683302][ T39] audit: type=1326 audit(2000000071.956:23998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18325 comm="syz.3.5949" exe="/syz-executor" sig=0 arch=40000003 syscall=451 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 134.695275][ T39] audit: type=1326 audit(2000000071.956:23999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18325 comm="syz.3.5949" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 134.703127][ T39] audit: type=1326 audit(2000000071.956:24000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18325 comm="syz.3.5949" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 135.000723][T18372] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5970'. [ 135.003771][T18372] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5970'. [ 135.055828][T18384] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5975'. [ 135.055844][T18384] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5975'. [ 135.194207][T18400] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 135.768011][T18464] bridge0: port 3(team0) entered disabled state [ 135.770698][T18464] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.773549][T18464] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.782520][T18464] team0: left allmulticast mode [ 135.784576][T18464] team_slave_1: left allmulticast mode [ 135.787579][T18464] bridge0: port 3(team0) entered disabled state [ 135.797559][T18464] bridge_slave_1: left allmulticast mode [ 135.799739][T18464] bridge_slave_1: left promiscuous mode [ 135.802881][T18464] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.810051][T18464] bridge_slave_0: left allmulticast mode [ 135.812408][T18464] bridge_slave_0: left promiscuous mode [ 135.815382][T18464] bridge0: port 1(bridge_slave_0) entered disabled state [ 136.322995][T18515] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6039'. [ 136.358896][T18520] netlink: 'syz.2.6040': attribute type 4 has an invalid length. [ 136.362804][T18520] netlink: 17 bytes leftover after parsing attributes in process `syz.2.6040'. [ 136.578515][T18556] lo speed is unknown, defaulting to 1000 [ 136.816450][T18597] netlink: 96 bytes leftover after parsing attributes in process `syz.3.6073'. [ 137.246541][T18675] mkiss: ax0: crc mode is auto. [ 137.305295][ T39] audit: type=1326 audit(2000000074.589:24001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18685 comm="syz.2.6115" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe4579 code=0x0 [ 137.405220][T18697] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6119'. [ 137.469799][ T39] audit: type=1326 audit(2000000074.750:24002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18702 comm="syz.1.6122" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe1579 code=0x0 [ 139.736423][T18872] __nla_validate_parse: 2 callbacks suppressed [ 139.736435][T18872] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.6204'. [ 139.741062][T18872] openvswitch: netlink: Unknown VXLAN extension attribute 0 [ 139.797933][T18884] netlink: 'syz.3.6210': attribute type 10 has an invalid length. [ 139.827594][T18892] IPVS: stopping master sync thread 6721 ... [ 139.835478][T18890] sp0: Synchronizing with TNC [ 139.996192][ T1444] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 140.000082][ T1444] hid-generic 0000:0000:0000.0004: hidraw1: HID v0.00 Device [syz0] on syz0 [ 140.015467][T18924] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6231'. [ 140.201712][T18960] "syz.0.6249" (18960) uses obsolete ecb(arc4) skcipher [ 141.182459][T19044] befs: Invalid gid -1, using default [ 141.183909][T19044] befs: (nullb0): No write support. Marking filesystem read-only [ 141.186153][T19044] befs: (nullb0): invalid magic header [ 141.509377][T19107] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6314'. [ 141.646651][T19133] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.6327'. [ 141.649587][T19133] openvswitch: netlink: IP tunnel attribute has 3056 unknown bytes. [ 141.718989][T19145] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.6333'. [ 141.722888][T19145] openvswitch: netlink: ERSPAN option length err (len 3060, max 255). [ 141.809771][T19161] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6337'. [ 141.855517][T19167] sp0: Synchronizing with TNC [ 141.858426][T19166] [U] [ 142.056681][T19197] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6360'. [ 142.134157][T19215] netlink: 64 bytes leftover after parsing attributes in process `syz.2.6368'. [ 142.268225][T19238] netlink: 'syz.3.6379': attribute type 1 has an invalid length. [ 142.270402][T19238] netlink: 9396 bytes leftover after parsing attributes in process `syz.3.6379'. [ 142.476367][T19270] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6394'. [ 142.605240][T19290] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.607297][T19290] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.634409][T19290] bridge_slave_1: left allmulticast mode [ 142.636481][T19290] bridge_slave_1: left promiscuous mode [ 142.640175][T19290] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.647133][T19292] support for the xor transformation has been removed. [ 142.651690][T19290] bridge_slave_0: left allmulticast mode [ 142.653421][T19290] bridge_slave_0: left promiscuous mode [ 142.655164][T19290] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.144866][T19334] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.155536][T19334] bridge_slave_0: left allmulticast mode [ 143.158201][T19334] bridge_slave_0: left promiscuous mode [ 143.161530][T19334] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.460665][T19356] : renamed from bond0 (while UP) [ 143.515137][T19359] CIFS mount error: No usable UNC path provided in device string! [ 143.515137][T19359] [ 143.518786][T19359] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 143.716517][T19374] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 143.827426][ T5957] Bluetooth: hci2: command 0x0405 tx timeout [ 144.513885][T19411] netlink: 'syz.0.6460': attribute type 10 has an invalid length. [ 144.688697][T19432] veth0_vlan: left allmulticast mode [ 144.714289][T19432] veth0_vlan: left promiscuous mode [ 144.717851][T19432] veth0_vlan: entered promiscuous mode [ 144.720163][T19432] veth0_vlan: entered allmulticast mode [ 144.867098][ T39] audit: type=1326 audit(2000000082.167:24003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19457 comm="syz.2.6483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 144.873709][ T39] audit: type=1326 audit(2000000082.167:24004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19457 comm="syz.2.6483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 144.875739][T19460] __nla_validate_parse: 5 callbacks suppressed [ 144.875751][T19460] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6484'. [ 144.880978][ T39] audit: type=1326 audit(2000000082.167:24005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19457 comm="syz.2.6483" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 144.893038][ T39] audit: type=1326 audit(2000000082.167:24006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19457 comm="syz.2.6483" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 144.901685][ T39] audit: type=1326 audit(2000000082.167:24007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19457 comm="syz.2.6483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 144.908355][ T39] audit: type=1326 audit(2000000082.167:24008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19457 comm="syz.2.6483" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 144.913901][ T39] audit: type=1326 audit(2000000082.167:24009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19457 comm="syz.2.6483" exe="/syz-executor" sig=0 arch=40000003 syscall=1 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 145.486980][T19508] mkiss: ax0: crc mode is auto. [ 146.244678][T19564] sp0: Synchronizing with TNC [ 146.761201][T19616] MTD: Couldn't look up 'mountinfo': -2 [ 146.798372][T19622] netlink: 'syz.0.6560': attribute type 178 has an invalid length. [ 146.940230][T19638] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 146.944701][T19638] overlayfs: missing 'lowerdir' [ 147.285099][T19672] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6583'. [ 147.341084][T19679] i801_smbus 0000:00:1f.3: Illegal SMBus block read size 0 [ 147.373027][T19682] affs: No valid root block on device nbd0 [ 147.406355][T19688] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 147.409642][T19688] openvswitch: netlink: Actions may not be safe on all matching packets [ 147.906753][T19762] autofs: Bad value for 'fd' [ 148.156918][T19777] netlink: 'syz.1.6632': attribute type 1 has an invalid length. [ 148.159075][T19777] netlink: 9388 bytes leftover after parsing attributes in process `syz.1.6632'. [ 148.224635][T19783] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 148.391293][T19803] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6645'. [ 148.451309][ T39] audit: type=1326 audit(2000000085.739:24010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19808 comm="syz.3.6648" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 148.462444][ T39] audit: type=1326 audit(2000000085.739:24011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19808 comm="syz.3.6648" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 148.470402][ T39] audit: type=1326 audit(2000000085.759:24012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19808 comm="syz.3.6648" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 148.522420][T19819] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6653'. [ 148.532768][T19819] netlink: 277 bytes leftover after parsing attributes in process `syz.0.6653'. [ 148.535988][T19819] netlink: 277 bytes leftover after parsing attributes in process `syz.0.6653'. [ 149.122402][ T1324] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 150.157136][T19904] blktrace: Concurrent blktraces are not allowed on sg0 [ 150.495268][T19948] netlink: 88 bytes leftover after parsing attributes in process `syz.1.6713'. [ 150.928309][T19983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6729'. [ 151.011223][T19991] tipc: Enabling of bearer rejected, already enabled [ 151.317822][T20033] (unnamed net_device) (uninitialized): (slave virt_wifi0): Device is not bonding slave [ 151.320555][T20033] (unnamed net_device) (uninitialized): option active_slave: invalid value (virt_wifi0) [ 151.528771][T20067] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6771'. [ 151.783340][T20113] [U] [ 151.784825][T20113] [U] [ 151.785842][T20113] [U] [ 151.786895][T20113] [U] [ 151.788641][T20113] [U] [ 151.789702][T20113] [U] [ 151.790725][T20113] [U] [ 151.791779][T20113] [U] [ 151.795246][T20113] [U] [ 151.796089][T20113] [U] [ 151.796876][T20113] [U] [ 151.797668][T20113] [U] [ 151.799528][T20113] [U] [ 151.800336][T20113] [U] [ 151.801112][T20113] [U] [ 151.801887][T20113] [U] [ 151.803907][T20113] [U] [ 151.805554][T20113] [U] [ 151.806785][T20113] [U] [ 151.808024][T20113] [U] [ 151.809289][T20113] [U] [ 151.810344][T20113] [U] [ 151.811397][T20113] [U] [ 151.812463][T20113] [U] [ 151.813893][T20113] [U] [ 151.814924][T20113] [U] [ 151.815956][T20113] [U] [ 151.816968][T20113] [U] [ 151.820721][T20113] [U] [ 151.821868][T20113] [U] [ 151.822965][T20113] [U] [ 151.823130][T20116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 151.824029][T20113] [U] [ 151.827549][T20116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 151.827566][T20116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 151.829957][T20113] [U] [ 151.835037][T20116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 151.835657][T20113] [U] [ 151.836565][T20116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 151.840327][T20113] [U] [ 151.841405][T20116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 151.845118][T20113] [U] [ 151.846732][T20113] [U] [ 151.849727][T20116] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 151.850331][T20113] [U] [ 151.852875][T20116] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 151.854717][T20113] [U] [ 151.860768][T20113] [U] [ 151.865974][T20113] [U] [ 151.867601][T20113] [U] [ 151.869059][T20113] [U] [ 151.870478][T20113] [U] [ 151.872396][T20113] [U] [ 151.873473][T20113] [U] [ 151.874517][T20113] [U] [ 151.875545][T20113] [U] [ 151.876811][T20113] [U] [ 151.877827][T20113] [U] [ 151.878884][T20113] [U] [ 151.879948][T20113] [U] [ 151.881326][T20113] [U] [ 151.882410][T20113] [U] [ 151.883366][T20113] [U] [ 151.884404][T20113] [U] [ 151.885684][T20113] [U] [ 151.886731][T20113] [U] [ 151.887749][T20113] [U] [ 151.888946][T20113] [U] [ 151.890165][T20113] [U] [ 151.891244][T20113] [U] [ 151.892311][T20113] [U] [ 151.893363][T20113] [U] [ 151.894842][T20113] [U] [ 151.895917][T20113] [U] [ 151.897514][T20113] [U] [ 151.898740][T20113] [U] [ 151.904441][T20113] [U] [ 151.905262][T20113] [U] [ 151.906016][T20113] [U] [ 151.906729][T20113] [U] [ 151.907809][T20113] [U] [ 151.908547][T20113] [U] [ 151.909279][T20113] [U] [ 151.910015][T20113] [U] [ 151.911732][T20113] [U] [ 151.912632][T20113] [U] [ 151.913661][T20113] [U] [ 151.914549][T20113] [U] [ 151.915567][T20113] [U] [ 151.916539][T20113] [U] [ 151.917389][T20113] [U] [ 151.918338][T20113] [U] [ 151.919387][T20113] [U] [ 151.920261][T20113] [U] [ 151.921178][T20113] [U] [ 151.922118][T20113] [U] [ 151.923680][T20113] [U] [ 151.924685][T20113] [U] [ 151.925491][T20113] [U] [ 151.926274][T20113] [U] [ 151.927282][T20113] [U] [ 151.928165][T20113] [U] [ 151.928910][T20113] [U] [ 151.929648][T20113] [U] [ 151.932101][T20113] [U] [ 151.932859][T20113] [U] [ 151.933573][T20113] [U] [ 151.934300][T20113] [U] [ 151.935126][T20113] [U] [ 151.935873][T20113] [U] [ 151.936602][T20113] [U] [ 151.937349][T20113] [U] [ 151.938238][T20113] [U] [ 151.938989][T20113] [U] [ 151.939722][T20113] [U] [ 151.940506][T20113] [U] [ 151.942370][T20113] [U] [ 151.943287][T20113] [U] [ 151.944355][T20113] [U] [ 151.945427][T20113] [U] [ 151.946513][T20113] [U] [ 151.947500][T20113] [U] [ 151.948514][T20113] [U] [ 151.949492][T20113] [U] [ 151.950903][T20113] [U] [ 151.951658][T20113] [U] [ 151.952420][T20113] [U] [ 151.953181][T20113] [U] [ 151.953998][T20113] [U] [ 151.954731][T20113] [U] [ 151.955443][T20113] [U] [ 151.956358][T20113] [U] [ 151.957379][T20113] [U] [ 151.958320][T20113] [U] [ 151.959188][T20113] [U] [ 151.965860][T20111] [U] [ 152.003359][T20125] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6799'. [ 152.077428][T20131] lo speed is unknown, defaulting to 1000 [ 152.315804][T20145] netlink: 'syz.2.6806': attribute type 5 has an invalid length. [ 152.465764][ T39] kauditd_printk_skb: 5 callbacks suppressed [ 152.465778][ T39] audit: type=1326 audit(2000000089.761:24018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20160 comm="syz.2.6814" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 152.489769][ T39] audit: type=1326 audit(2000000089.761:24019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20160 comm="syz.2.6814" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 152.499891][ T39] audit: type=1326 audit(2000000089.781:24020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20160 comm="syz.2.6814" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 152.510670][ T39] audit: type=1326 audit(2000000089.781:24021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20160 comm="syz.2.6814" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 152.522279][ T39] audit: type=1326 audit(2000000089.781:24022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20160 comm="syz.2.6814" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 152.532029][ T39] audit: type=1326 audit(2000000089.781:24023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20160 comm="syz.2.6814" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 152.540060][ T39] audit: type=1326 audit(2000000089.781:24024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20160 comm="syz.2.6814" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 152.551653][ T39] audit: type=1326 audit(2000000089.781:24025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20160 comm="syz.2.6814" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 152.559296][ T39] audit: type=1326 audit(2000000089.781:24026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20160 comm="syz.2.6814" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 152.567678][ T39] audit: type=1326 audit(2000000089.781:24027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20160 comm="syz.2.6814" exe="/syz-executor" sig=0 arch=40000003 syscall=363 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 152.628522][T20174] netlink: 'syz.2.6817': attribute type 1 has an invalid length. [ 152.632225][T20174] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.6817'. [ 153.094004][T20224] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0' [ 153.224606][T20240] digital: digital_start_poll: Unknown protocol [ 153.425810][T20256] fuse: Invalid rootmode [ 154.084007][T20314] netlink: 'syz.1.6881': attribute type 7 has an invalid length. [ 154.087014][T20314] netlink: 'syz.1.6881': attribute type 8 has an invalid length. [ 154.117345][T20317] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6883'. [ 154.511379][T20342] netlink: 76 bytes leftover after parsing attributes in process `syz.3.6895'. [ 154.697194][T20367] overlayfs: conflicting options: nfs_export=on,index=off [ 154.862765][T20393] lo speed is unknown, defaulting to 1000 [ 155.136844][T20424] netlink: 188 bytes leftover after parsing attributes in process `syz.0.6933'. [ 155.141158][T20424] netlink: 'syz.0.6933': attribute type 1 has an invalid length. [ 155.216745][T20438] use of bytesused == 0 is deprecated and will be removed in the future, [ 155.220563][T20438] use the actual size instead. [ 155.277903][T20444] lo speed is unknown, defaulting to 1000 [ 155.585718][T20474] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6958'. [ 155.589133][T20474] netlink: 56 bytes leftover after parsing attributes in process `syz.2.6958'. [ 155.592480][T20474] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6958'. [ 155.681803][T20484] random: crng reseeded on system resumption [ 155.755464][T20484] Restarting kernel threads ... done. [ 155.794878][T20493] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6966'. [ 155.962188][T20514] netlink: 'syz.1.6975': attribute type 9 has an invalid length. [ 155.965314][T20514] netlink: 134712 bytes leftover after parsing attributes in process `syz.1.6975'. [ 156.187344][T20541] lo speed is unknown, defaulting to 1000 [ 156.967826][T20620] netlink: 'syz.0.7023': attribute type 1 has an invalid length. [ 156.971085][T20620] netlink: 9352 bytes leftover after parsing attributes in process `syz.0.7023'. [ 156.974379][T20620] netlink: 'syz.0.7023': attribute type 1 has an invalid length. [ 156.977195][T20620] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7023'. [ 157.031893][T20622] tipc: Failed to obtain node identity [ 157.034024][T20622] tipc: Enabling of bearer rejected, failed to enable media [ 157.368339][T20641] netlink: 'syz.3.7034': attribute type 1 has an invalid length. [ 157.371021][T20641] netlink: 9344 bytes leftover after parsing attributes in process `syz.3.7034'. [ 157.374349][T20641] netlink: 'syz.3.7034': attribute type 1 has an invalid length. [ 157.502463][T20657] pim6reg: entered allmulticast mode [ 157.507909][T20657] pim6reg: left allmulticast mode [ 157.758188][ T5996] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 157.918155][ T5996] usb 7-1: Using ep0 maxpacket: 8 [ 157.921845][ T5996] usb 7-1: config 0 has an invalid interface number: 55 but max is 0 [ 157.928627][ T5996] usb 7-1: config 0 has no interface number 0 [ 157.930562][ T5996] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 157.934289][ T5996] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 157.938702][ T5996] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 157.942337][ T5996] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 157.946476][ T5996] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 157.949409][ T5996] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.954019][ T5996] usb 7-1: config 0 descriptor?? [ 157.960160][ T5996] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 158.169306][T20733] overlay: filesystem on ./file0 is read-only [ 158.171560][ T5996] usb 7-1: USB disconnect, device number 5 [ 158.176410][ T5996] ldusb 7-1:0.55: LD USB Device #0 now disconnected [ 158.231609][T20740] tipc: Started in network mode [ 158.233004][T20740] tipc: Node identity , cluster identity 4711 [ 158.234966][T20740] tipc: Failed to set node id, please configure manually [ 158.236891][T20740] tipc: Enabling of bearer rejected, failed to enable media [ 158.270380][T20744] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.7082'. [ 158.365719][T20755] netlink: 'syz.0.7087': attribute type 11 has an invalid length. [ 158.367770][T20755] netlink: 140 bytes leftover after parsing attributes in process `syz.0.7087'. [ 158.788574][T20796] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 158.790775][T20796] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 158.793858][T20796] vhci_hcd vhci_hcd.0: Device attached [ 158.827961][ T5996] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 158.828872][T20802] /dev/nbd3: Can't open blockdev [ 158.978033][ T60] vhci_hcd: vhci_device speed not set [ 158.982670][ T5996] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 158.986534][ T5996] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 158.990212][ T5996] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 158.993836][ T5996] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.999087][T20778] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 159.005650][ T5996] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 159.047959][ T60] usb 37-1: new full-speed USB device number 2 using vhci_hcd [ 159.059414][ T1324] usb 5-1: new low-speed USB device number 7 using dummy_hcd [ 159.220223][ T1324] usb 5-1: config 0 has no interfaces? [ 159.221798][ T1324] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 159.222379][ T5996] usb 6-1: USB disconnect, device number 5 [ 159.224464][ T1324] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.225320][ T1324] usb 5-1: config 0 descriptor?? [ 159.439114][ T1324] usb 5-1: USB disconnect, device number 7 [ 159.444568][T20797] vhci_hcd: connection reset by peer [ 159.448098][ T11] vhci_hcd: stop threads [ 159.449385][ T11] vhci_hcd: release socket [ 159.453666][ T11] vhci_hcd: disconnect device [ 159.508359][ T60] vhci_hcd: vhci_device speed not set [ 159.794837][T20869] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 159.996626][ T5996] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 160.002423][ T5996] hid-generic 0000:0000:0000.0005: hidraw1: HID v0.00 Device [syz0] on syz0 [ 160.002944][T20901] program syz.3.7156 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 160.048399][T20895] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.060143][T20907] netlink: 'syz.0.7159': attribute type 62 has an invalid length. [ 160.158034][T20895] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.415545][T20895] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.433540][T20936] can0: slcan on ptm0. [ 160.489665][T20895] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.528110][T20935] can0 (unregistered): slcan off ptm0. [ 160.535309][T20949] tmpfs: Cannot change global quota limit on remount [ 160.629658][T20895] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.632984][T20961] tipc: Enabled bearer , priority 10 [ 160.638725][T20895] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.645071][T20895] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.651859][T20895] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.826863][T20982] __nla_validate_parse: 3 callbacks suppressed [ 160.826876][T20982] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7195'. [ 160.997545][T21009] program syz.0.7207 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 161.006545][T21011] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7212'. [ 161.087275][ T60] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 161.193842][T21032] netlink: 191384 bytes leftover after parsing attributes in process `syz.0.7218'. [ 161.196503][T21032] netlink: 8446 bytes leftover after parsing attributes in process `syz.0.7218'. [ 161.235619][T21034] Invalid ELF header len 5 [ 161.249138][ T60] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 161.253556][ T60] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 161.258071][ T60] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 161.262014][ T60] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.267823][T20985] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 161.268873][T21040] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7222'. [ 161.272187][ T60] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 161.482433][ T60] usb 7-1: USB disconnect, device number 6 [ 161.705870][T21063] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7233'. [ 162.116064][T21097] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7250'. [ 162.302083][T21129] netlink: 'syz.0.7266': attribute type 10 has an invalid length. [ 162.306993][T21129] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.7266'. [ 162.417097][T21141] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7271'. [ 162.527829][T21161] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7280'. [ 162.728115][T21184] can0: slcan on ptm0. [ 162.803424][T21183] can0 (unregistered): slcan off ptm0. [ 162.901660][T21203] openvswitch: netlink: Actions may not be safe on all matching packets [ 162.966715][ T39] kauditd_printk_skb: 10 callbacks suppressed [ 162.966726][ T39] audit: type=1326 audit(2000000100.265:24038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21213 comm="syz.0.7301" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73ce579 code=0x0 [ 163.242649][ T39] audit: type=1326 audit(2000000100.545:24039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21143 comm="syz.3.7273" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7fc00000 [ 163.465959][T21236] netlink: 'syz.3.7308': attribute type 5 has an invalid length. [ 163.534114][T21240] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 163.536403][T21240] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 163.542209][T21240] vhci_hcd vhci_hcd.0: Device attached [ 163.726802][ T25] vhci_hcd: vhci_device speed not set [ 163.797338][ T25] usb 43-1: new full-speed USB device number 2 using vhci_hcd [ 164.158183][T21304] vivid-001: disconnect [ 164.160921][T21302] vivid-001: reconnect [ 164.536499][T21355] ./file0: Can't lookup blockdev [ 164.936333][ T5971] Bluetooth: hci2: command 0x0405 tx timeout [ 165.188750][T21438] blktrace: Concurrent blktraces are not allowed on nbd2 [ 165.404392][T21473] syz.0.7421[21473] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 165.404488][T21473] syz.0.7421[21473] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 165.409920][T21473] syz.0.7421[21473] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 165.644887][T21502] tipc: Started in network mode [ 165.654145][T21502] tipc: Node identity e0000002, cluster identity 4711 [ 165.657137][T21502] tipc: Enabling of bearer rejected, failed to enable media [ 166.064050][ T39] audit: type=1326 audit(2000000103.366:24040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21554 comm="syz.2.7459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 166.069986][ T39] audit: type=1326 audit(2000000103.366:24041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21554 comm="syz.2.7459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 166.075762][ T39] audit: type=1326 audit(2000000103.376:24042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21554 comm="syz.2.7459" exe="/syz-executor" sig=0 arch=40000003 syscall=444 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 166.082752][ T39] audit: type=1326 audit(2000000103.376:24043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21554 comm="syz.2.7459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 166.087449][T21557] __nla_validate_parse: 6 callbacks suppressed [ 166.087471][T21557] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7460'. [ 166.090565][ T39] audit: type=1326 audit(2000000103.376:24044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21554 comm="syz.2.7459" exe="/syz-executor" sig=0 arch=40000003 syscall=445 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 166.104871][ T39] audit: type=1326 audit(2000000103.376:24045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21554 comm="syz.2.7459" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 166.400012][ T39] audit: type=1326 audit(2000000103.706:24046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21591 comm="syz.1.7477" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1579 code=0x7ffc0000 [ 166.412969][ T39] audit: type=1326 audit(2000000103.706:24047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21591 comm="syz.1.7477" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1579 code=0x7ffc0000 [ 166.548280][T21241] vhci_hcd: connection reset by peer [ 166.550857][ T68] vhci_hcd: stop threads [ 166.551926][ T68] vhci_hcd: release socket [ 166.553507][ T68] vhci_hcd: disconnect device [ 166.611514][T21617] netlink: 191416 bytes leftover after parsing attributes in process `syz.1.7488'. [ 166.740572][T21635] program syz.2.7497 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 166.907820][T21655] syz.1.7507: attempt to access beyond end of device [ 166.907820][T21655] nbd1: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 166.911593][T21655] XFS (nbd1): SB validate failed with error -5. [ 167.182735][ T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x4 [ 167.185164][ T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x2 [ 167.188802][ T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 167.191959][ T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 167.194893][ T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 167.197927][ T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 167.200767][ T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 167.204021][ T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 167.208548][ T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 167.211594][ T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 167.214671][ T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 167.217997][ T35] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 167.223418][ T35] hid-generic 0000:3000000:0000.0006: hidraw1: HID v0.00 Device [sy] on syz0 [ 167.271977][T21712] lo speed is unknown, defaulting to 1000 [ 167.687911][T21732] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7540'. [ 167.690607][T21732] netlink: 'syz.0.7540': attribute type 10 has an invalid length. [ 167.692756][T21732] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7540'. [ 167.774382][T21713] syz.2.7532 (21713): drop_caches: 1 [ 167.801743][T21713] syz.2.7532 (21713): drop_caches: 1 [ 167.932928][T21758] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 168.171206][T21781] openvswitch: netlink: Actions may not be safe on all matching packets [ 168.604108][T21839] netlink: 'syz.1.7591': attribute type 1 has an invalid length. [ 168.687501][T21851] syz.2.7595: attempt to access beyond end of device [ 168.687501][T21851] nbd2: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 168.692991][T21851] XFS (nbd2): SB validate failed with error -5. [ 168.925693][ T25] vhci_hcd: vhci_device speed not set [ 169.331070][ T39] kauditd_printk_skb: 4 callbacks suppressed [ 169.331085][ T39] audit: type=1326 audit(2000000106.636:24052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21935 comm="syz.1.7633" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe1579 code=0x0 [ 169.975639][ T5971] Bluetooth: hci2: command 0x0405 tx timeout [ 170.447538][T22012] netlink: 'syz.2.7668': attribute type 1 has an invalid length. [ 170.452244][T22012] netlink: 244 bytes leftover after parsing attributes in process `syz.2.7668'. [ 170.501744][ T35] hid-generic 0000:0000:0000.0007: item fetching failed at offset 0/1 [ 170.506713][ T35] hid-generic 0000:0000:0000.0007: probe with driver hid-generic failed with error -22 [ 170.522077][T22022] openvswitch: netlink: Actions may not be safe on all matching packets [ 170.557538][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.560973][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.563358][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.571434][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.573732][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.576671][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.579158][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.581978][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.585741][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.588409][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.590719][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.592715][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.595059][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.597949][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.600596][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.602776][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.605137][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.608776][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.611605][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.613653][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.616202][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.618934][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.621800][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.624681][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.627649][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.630634][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.633949][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.637643][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.641464][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.644896][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.647207][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.649161][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.651056][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.653212][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.655452][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.658259][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.660637][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.663036][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.666551][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.669663][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.672798][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.676461][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.679266][ T8] hid-generic 0001:0000:0000.0008: unknown main item tag 0x0 [ 170.688974][ T8] hid-generic 0001:0000:0000.0008: hidraw1: HID v7.f7 Device [syz1] on syz1 [ 171.261149][T22083] vivid-007: disconnect [ 171.263788][T22081] vivid-007: reconnect [ 171.338644][T22088] usb usb8: usbfs: process 22088 (syz.2.7702) did not claim interface 0 before use [ 171.618548][T22119] netlink: 'syz.0.7717': attribute type 11 has an invalid length. [ 172.067208][ T5971] Bluetooth: hci2: command 0x0405 tx timeout [ 172.403477][T22201] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7753'. [ 172.436900][ T39] audit: type=1326 audit(2000000109.747:24053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22208 comm="syz.0.7758" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 172.443600][ T39] audit: type=1326 audit(2000000109.747:24054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22208 comm="syz.0.7758" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 172.451372][ T39] audit: type=1326 audit(2000000109.747:24055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22208 comm="syz.0.7758" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 172.457914][ T39] audit: type=1326 audit(2000000109.747:24056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22208 comm="syz.0.7758" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 172.464356][ T39] audit: type=1326 audit(2000000109.747:24057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22208 comm="syz.0.7758" exe="/syz-executor" sig=0 arch=40000003 syscall=12 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 172.472249][ T39] audit: type=1326 audit(2000000109.747:24058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22208 comm="syz.0.7758" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 172.849676][T22273] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 172.855862][T22273] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 172.860917][T22273] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 172.863054][T22273] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 172.873894][T22273] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 172.877139][T22273] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 172.883304][T22273] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 172.885755][T22273] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 172.890322][ T39] audit: type=1326 audit(2000000110.197:24059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22279 comm="syz.3.7792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 172.897687][ T39] audit: type=1326 audit(2000000110.197:24060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22279 comm="syz.3.7792" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 172.914993][ T39] audit: type=1326 audit(2000000110.197:24061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22279 comm="syz.3.7792" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 173.291491][T22342] tipc: Enabling of bearer rejected, failed to enable media [ 173.418363][ T5957] Bluetooth: hci2: unexpected event for opcode 0x2027 [ 173.565088][ T60] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 173.725030][ T60] usb 7-1: Using ep0 maxpacket: 8 [ 173.735139][ T60] usb 7-1: config 0 has an invalid interface number: 52 but max is 0 [ 173.737444][ T60] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 173.740548][ T60] usb 7-1: config 0 has no interface number 0 [ 173.742701][ T60] usb 7-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 173.747813][ T60] usb 7-1: config 0 interface 52 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 173.751903][ T60] usb 7-1: config 0 interface 52 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 173.756023][ T60] usb 7-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 173.760639][ T60] usb 7-1: config 0 interface 52 has no altsetting 0 [ 173.762515][ T60] usb 7-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00 [ 173.765716][ T60] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.768872][ T60] usb 7-1: config 0 descriptor?? [ 173.891136][T22414] tipc: Enabling of bearer rejected, failed to enable media [ 173.982233][ T60] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.52/input/input22 [ 174.271724][ T6001] usb 7-1: USB disconnect, device number 7 [ 174.290868][T22434] tipc: Enabled bearer , priority 0 [ 174.424216][T22441] wireguard: wg2: Could not create IPv4 socket [ 174.471516][T22445] net_ratelimit: 1054 callbacks suppressed [ 174.471534][T22445] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 174.475198][T22445] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 174.477559][T22445] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 174.479276][T22445] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 174.484220][T22445] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 174.486403][T22445] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 174.489564][T22445] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 174.491690][T22445] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 174.493596][T22445] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 174.495312][T22445] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 174.897736][T22477] netlink: 'syz.2.7886': attribute type 9 has an invalid length. [ 174.900991][T22477] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.7886'. [ 174.939738][T22477] netlink: 'syz.2.7886': attribute type 9 has an invalid length. [ 174.942882][T22477] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.7886'. [ 175.114454][T22482] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7888'. [ 175.417485][ T1324] tipc: Node number set to 3758096386 [ 175.539143][T22527] netlink: 'syz.2.7910': attribute type 1 has an invalid length. [ 175.541357][T22527] netlink: 9344 bytes leftover after parsing attributes in process `syz.2.7910'. [ 175.545239][T22527] netlink: 'syz.2.7910': attribute type 1 has an invalid length. [ 175.909059][T22548] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7920'. [ 176.017439][T22554] lo speed is unknown, defaulting to 1000 [ 177.140137][T22600] mkiss: ax0: crc mode is auto. [ 177.309365][T22611] netlink: 'syz.1.7949': attribute type 1 has an invalid length. [ 177.613277][T22616] IPVS: persistence engine module ip_vs_pe_sjp not found [ 178.274936][ T5967] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 178.434773][ T5967] usb 7-1: Using ep0 maxpacket: 16 [ 178.440471][ T5967] usb 7-1: config 0 has an invalid interface number: 8 but max is 0 [ 178.443707][ T5967] usb 7-1: config 0 has no interface number 0 [ 178.446346][ T5967] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 178.450520][ T5967] usb 7-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 178.462092][ T5967] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 178.467582][ T5967] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 178.470729][ T5967] usb 7-1: Product: syz [ 178.472531][ T5967] usb 7-1: SerialNumber: syz [ 178.475371][ T5967] usb 7-1: config 0 descriptor?? [ 178.478189][ T5967] cm109 7-1:0.8: invalid payload size 0, expected 4 [ 178.481161][ T5967] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.8/input/input23 [ 178.675442][T22701] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7990'. [ 178.691367][T22703] netlink: 168 bytes leftover after parsing attributes in process `syz.3.7991'. [ 178.694146][T22703] netlink: 'syz.3.7991': attribute type 2 has an invalid length. [ 178.697135][T22703] netlink: 60 bytes leftover after parsing attributes in process `syz.3.7991'. [ 178.697138][ C1] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 178.697193][ T57] usb 7-1: USB disconnect, device number 8 [ 178.697267][ C1] cm109 7-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 178.714691][ T57] cm109 7-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 178.921378][T22723] netlink: 168 bytes leftover after parsing attributes in process `syz.0.8002'. [ 178.924852][T22723] netlink: 76 bytes leftover after parsing attributes in process `syz.0.8002'. [ 179.072405][T22734] syz.0.8006: vmalloc error: size 1982232576, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 179.078595][T22734] CPU: 0 UID: 0 PID: 22734 Comm: syz.0.8006 Not tainted 6.12.0-rc5-syzkaller-00308-g3e5e6c9900c3 #0 [ 179.082565][T22734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 179.086409][T22734] Call Trace: [ 179.087906][T22734] [ 179.089253][T22734] dump_stack_lvl+0x16c/0x1f0 [ 179.091364][T22734] warn_alloc+0x24d/0x3a0 [ 179.093403][T22734] ? __pfx_warn_alloc+0x10/0x10 [ 179.095413][T22734] ? __pfx___lock_acquire+0x10/0x10 [ 179.097321][T22734] ? get_ctrl+0x394/0x4f0 [ 179.098776][T22734] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 179.100779][T22734] __vmalloc_node_range_noprof+0x11a7/0x15a0 [ 179.102646][T22734] ? __mutex_trylock_common+0xea/0x250 [ 179.104770][T22734] ? __pfx___mutex_trylock_common+0x10/0x10 [ 179.106889][T22734] ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650 [ 179.110058][T22734] ? rcu_is_watching+0x12/0xc0 [ 179.111825][T22734] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 179.114030][T22734] ? rcu_is_watching+0x12/0xc0 [ 179.115816][T22734] ? rcu_is_watching+0x12/0xc0 [ 179.117700][T22734] ? trace_kmalloc+0x2d/0xe0 [ 179.119550][T22734] ? __kmalloc_node_noprof.cold+0x5a/0x5f [ 179.121774][T22734] ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650 [ 179.124257][T22734] __kvmalloc_node_noprof+0x14f/0x1a0 [ 179.126182][T22734] ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650 [ 179.128904][T22734] __v4l2_ctrl_modify_dimensions+0x1c7/0x650 [ 179.131269][T22734] vivid_update_format_cap+0x127b/0x2530 [ 179.131977][T22738] netlink: 'syz.3.8008': attribute type 1 has an invalid length. [ 179.133372][T22734] ? __pfx_vivid_update_format_cap+0x10/0x10 [ 179.136307][T22738] netlink: 9380 bytes leftover after parsing attributes in process `syz.3.8008'. [ 179.138046][T22734] ? v4l2_match_dv_timings+0x1df/0x1010 [ 179.138087][T22734] vivid_vid_cap_s_dv_timings+0xc0f/0xfb0 [ 179.146998][T22734] vidioc_s_dv_timings+0xa5/0xc0 [ 179.148863][T22734] ? v4l_stub_s_dv_timings+0x1b/0x60 [ 179.150695][T22734] __video_do_ioctl+0xaf0/0xf00 [ 179.152370][T22734] ? __pfx___video_do_ioctl+0x10/0x10 [ 179.154368][T22734] ? __might_fault+0xe3/0x190 [ 179.156057][T22734] video_usercopy+0x426/0x1500 [ 179.157739][T22734] ? __pfx___video_do_ioctl+0x10/0x10 [ 179.159668][T22734] ? __pfx_video_usercopy+0x10/0x10 [ 179.161970][T22734] v4l2_ioctl+0x1ba/0x250 [ 179.163896][T22734] v4l2_compat_ioctl32+0x214/0x2c0 [ 179.166166][T22734] ? __pfx_v4l2_compat_ioctl32+0x10/0x10 [ 179.168893][T22734] __do_compat_sys_ioctl+0x259/0x2b0 [ 179.170953][T22734] __do_fast_syscall_32+0x73/0x120 [ 179.172802][T22734] do_fast_syscall_32+0x32/0x80 [ 179.174496][T22734] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 179.176702][T22734] RIP: 0023:0xf73ce579 [ 179.178281][T22734] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 179.185487][T22734] RSP: 002b:00000000f56b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 179.188796][T22734] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0845657 [ 179.192054][T22734] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000 [ 179.195393][T22734] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 179.198464][T22734] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 179.201077][T22734] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 179.203839][T22734] [ 179.208750][T22734] Mem-Info: [ 179.209910][T22734] active_anon:16130 inactive_anon:34 isolated_anon:0 [ 179.209910][T22734] active_file:1217 inactive_file:1143 isolated_file:0 [ 179.209910][T22734] unevictable:768 dirty:353 writeback:0 [ 179.209910][T22734] slab_reclaimable:5934 slab_unreclaimable:62522 [ 179.209910][T22734] mapped:16195 shmem:3372 pagetables:903 [ 179.209910][T22734] sec_pagetables:319 bounce:0 [ 179.209910][T22734] kernel_misc_reclaimable:0 [ 179.209910][T22734] free:68389 free_pcp:6472 free_cma:0 [ 179.228974][T22734] Node 0 active_anon:716kB inactive_anon:136kB active_file:1192kB inactive_file:676kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:208kB dirty:0kB writeback:0kB shmem:1544kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9768kB pagetables:1300kB sec_pagetables:1172kB all_unreclaimable? yes [ 179.242021][T22734] Node 1 active_anon:63880kB inactive_anon:0kB active_file:3676kB inactive_file:3896kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:64572kB dirty:1412kB writeback:0kB shmem:11944kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3096kB pagetables:2312kB sec_pagetables:104kB all_unreclaimable? no [ 179.254078][T22734] Node 0 DMA free:2176kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:520kB local_pcp:232kB free_cma:0kB [ 179.266474][T22734] lowmem_reserve[]: 0 273 0 0 0 [ 179.268794][T22734] Node 0 DMA32 free:21664kB boost:2048kB min:15952kB low:19428kB high:22904kB reserved_highatomic:2048KB active_anon:716kB inactive_anon:136kB active_file:1192kB inactive_file:676kB unevictable:1536kB writepending:0kB present:1032196kB managed:306284kB mlocked:0kB bounce:0kB free_pcp:1836kB local_pcp:308kB free_cma:0kB [ 179.281875][T22734] lowmem_reserve[]: 0 0 0 0 0 [ 179.283994][T22734] Node 1 DMA32 free:249716kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:63880kB inactive_anon:0kB active_file:3676kB inactive_file:3896kB unevictable:1536kB writepending:1412kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:24036kB local_pcp:13560kB free_cma:0kB [ 179.294158][T22734] lowmem_reserve[]: 0 0 0 0 0 [ 179.296320][T22734] Node 0 DMA: 90*4kB (U) 41*8kB (U) 15*16kB (U) 17*32kB (U) 5*64kB (U) 3*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2176kB [ 179.301218][T22734] Node 0 DMA32: 51*4kB (UMEH) 42*8kB (UME) 42*16kB (UME) 53*32kB (UME) 73*64kB (UMEH) 35*128kB (UME) 17*256kB (UME) 6*512kB (UME) 2*1024kB (U) 0*2048kB 0*4096kB = 21532kB [ 179.335660][T22734] Node 1 DMA32: 615*4kB (UME) 967*8kB (UME) 328*16kB (UME) 454*32kB (UME) 491*64kB (UME) 152*128kB (UME) 60*256kB (UME) 36*512kB (UME) 28*1024kB (UME) 10*2048kB (UM) 21*4096kB (UM) = 249812kB [ 179.344079][T22734] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 179.354397][T22734] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 179.359037][T22734] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 179.363397][T22734] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=1 hugepages_size=2048kB [ 179.367914][T22734] 5899 total pagecache pages [ 179.369562][T22734] 167 pages in swap cache [ 179.371194][T22734] Free swap = 113048kB [ 179.372768][T22734] Total swap = 124996kB [ 179.374447][T22734] 524155 pages RAM [ 179.375905][T22734] 0 pages HighMem/MovableOnly [ 179.377860][T22734] 206681 pages reserved [ 179.379339][T22734] 0 pages cma reserved [ 179.542000][T22771] netlink: 756 bytes leftover after parsing attributes in process `syz.2.8024'. [ 179.547222][T22771] netlink: 104 bytes leftover after parsing attributes in process `syz.2.8024'. [ 179.583109][ T39] kauditd_printk_skb: 5 callbacks suppressed [ 179.583127][ T39] audit: type=1326 audit(2000000116.887:24067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22777 comm="syz.3.8027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 179.594574][ T39] audit: type=1326 audit(2000000116.887:24068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22777 comm="syz.3.8027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 179.602849][ T39] audit: type=1326 audit(2000000116.897:24069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22777 comm="syz.3.8027" exe="/syz-executor" sig=0 arch=40000003 syscall=399 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 179.609159][ T39] audit: type=1326 audit(2000000116.897:24070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22777 comm="syz.3.8027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 179.615251][ T39] audit: type=1326 audit(2000000116.897:24071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22777 comm="syz.3.8027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 179.622790][ T39] audit: type=1326 audit(2000000116.897:24072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22777 comm="syz.3.8027" exe="/syz-executor" sig=0 arch=40000003 syscall=400 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 179.631211][ T39] audit: type=1326 audit(2000000116.897:24073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22777 comm="syz.3.8027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 179.637482][ T39] audit: type=1326 audit(2000000116.897:24074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22777 comm="syz.3.8027" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 179.692288][T22792] net_ratelimit: 2115 callbacks suppressed [ 179.692307][T22792] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 179.783681][T22806] netlink: 'syz.0.8040': attribute type 5 has an invalid length. [ 179.840614][T22812] infiniband syz1: set active [ 179.842483][T22812] infiniband syz1: set active [ 179.903343][T22817] infiniband syz1: set active [ 179.903682][T22817] infiniband syz1: set active [ 180.276317][T22876] tipc: Started in network mode [ 180.278402][T22876] tipc: Node identity aaaaaaaaaa35, cluster identity 4711 [ 180.281175][T22876] tipc: Enabled bearer , priority 0 [ 180.337543][T22882] syz.1.8077: attempt to access beyond end of device [ 180.337543][T22882] nbd1: rw=0, sector=64, nr_sectors = 1 limit=0 [ 180.337753][T22882] syz.1.8077: attempt to access beyond end of device [ 180.337753][T22882] nbd1: rw=0, sector=256, nr_sectors = 1 limit=0 [ 180.337796][T22882] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 180.337925][T22882] syz.1.8077: attempt to access beyond end of device [ 180.337925][T22882] nbd1: rw=0, sector=512, nr_sectors = 1 limit=0 [ 180.337951][T22882] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 180.337960][T22882] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 180.337967][T22882] UDF-fs: Scanning with blocksize 512 failed [ 180.339386][T22882] syz.1.8077: attempt to access beyond end of device [ 180.339386][T22882] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0 [ 180.376983][T22882] syz.1.8077: attempt to access beyond end of device [ 180.376983][T22882] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0 [ 180.377039][T22882] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 180.377159][T22882] syz.1.8077: attempt to access beyond end of device [ 180.377159][T22882] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 180.378230][T22888] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8080'. [ 180.393916][T22882] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 180.393952][T22882] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 180.393969][T22882] UDF-fs: Scanning with blocksize 1024 failed [ 180.395297][T22882] syz.1.8077: attempt to access beyond end of device [ 180.395297][T22882] nbd1: rw=0, sector=64, nr_sectors = 4 limit=0 [ 180.406767][T22882] syz.1.8077: attempt to access beyond end of device [ 180.406767][T22882] nbd1: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 180.406809][T22882] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 180.406866][T22882] syz.1.8077: attempt to access beyond end of device [ 180.406866][T22882] nbd1: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 180.406888][T22882] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 180.406897][T22882] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 180.406904][T22882] UDF-fs: Scanning with blocksize 2048 failed [ 180.408265][T22882] syz.1.8077: attempt to access beyond end of device [ 180.408265][T22882] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0 [ 180.408353][T22882] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 180.408443][T22882] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 180.408460][T22882] UDF-fs: warning (device nbd1): udf_load_vrs: No anchor found [ 180.408472][T22882] UDF-fs: Scanning with blocksize 4096 failed [ 180.408481][T22882] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1) [ 180.750634][T22911] hfsplus: invalid gid specified [ 180.752399][T22911] hfsplus: unable to parse mount options [ 181.048299][T22941] dvmrp8: left allmulticast mode [ 181.175193][T22954] program syz.0.8108 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 181.405032][ T5967] tipc: Node number set to 10463914 [ 181.592734][T22914] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 181.683272][T23016] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8133'. [ 181.708195][ T39] audit: type=1326 audit(2000000119.007:24075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23022 comm="syz.3.8136" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 181.725014][ T39] audit: type=1326 audit(2000000119.007:24076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23022 comm="syz.3.8136" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f30579 code=0x7ffc0000 [ 181.752563][T23029] mkiss: ax0: crc mode is auto. [ 181.860949][T23043] blktrace: Concurrent blktraces are not allowed on sg0 [ 181.870860][T23043] relay: one or more items not logged [item size (48) > sub-buffer size (1)] [ 181.971224][T23053] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 181.986376][T23053] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 182.078057][T23072] netlink: 'syz.3.8160': attribute type 1 has an invalid length. [ 182.195140][T23082] Bluetooth: MGMT ver 1.23 [ 182.542068][T23122] IPVS: Error connecting to the multicast addr [ 182.845196][T23141] netlink: 'syz.0.8193': attribute type 1 has an invalid length. [ 183.817914][T23239] overlayfs: workdir and upperdir must be separate subtrees [ 184.019659][T23254] gfs2: path_lookup on c::: returned error -2 [ 186.317583][T23401] overlayfs: failed to resolve 'up': -2 [ 186.617137][ T39] kauditd_printk_skb: 24 callbacks suppressed [ 186.617154][ T39] audit: type=1326 audit(2000000123.918:24101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23434 comm="syz.0.8329" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 186.630955][ T39] audit: type=1326 audit(2000000123.918:24102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23434 comm="syz.0.8329" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 186.640765][ T39] audit: type=1326 audit(2000000123.938:24103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23434 comm="syz.0.8329" exe="/syz-executor" sig=0 arch=40000003 syscall=234 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 186.651097][ T39] audit: type=1326 audit(2000000123.938:24104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23434 comm="syz.0.8329" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 186.660029][ T39] audit: type=1326 audit(2000000123.938:24105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23434 comm="syz.0.8329" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 186.909472][T23464] __nla_validate_parse: 7 callbacks suppressed [ 186.909493][T23464] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8343'. [ 187.004773][ T57] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 187.157127][ T57] usb 6-1: Using ep0 maxpacket: 8 [ 187.161524][ T57] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 187.165358][ T57] usb 6-1: config 0 has no interface number 0 [ 187.168191][ T57] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 187.172505][ T57] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 187.176101][ T57] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 187.179011][ T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.182752][ T57] usb 6-1: config 0 descriptor?? [ 187.190229][ T57] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 187.389077][ T8] usb 6-1: USB disconnect, device number 6 [ 187.394240][ T8] iowarrior 6-1:0.1: I/O-Warror #0 now disconnected [ 188.475559][T23611] tipc: Started in network mode [ 188.476934][T23611] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711 [ 188.483225][T23611] tipc: Enabled bearer , priority 0 [ 188.697988][T23647] mkiss: ax0: crc mode is auto. [ 188.887404][T23672] netlink: 72 bytes leftover after parsing attributes in process `syz.2.8421'. [ 188.921842][T23676] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8423'. [ 189.613979][ T57] tipc: Node number set to 4269801488 [ 189.643302][T23775] delete_channel: no stack [ 189.648048][T23772] delete_channel: no stack [ 189.876755][T23811] mkiss: ax0: crc mode is auto. [ 189.922871][T23817] netlink: 24 bytes leftover after parsing attributes in process `syz.1.8487'. [ 190.010877][T23827] netlink: 'syz.2.8491': attribute type 13 has an invalid length. [ 190.089846][T23844] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8499'. [ 190.127511][T23849] can0: slcan on ptm0. [ 190.204182][T23847] can0 (unregistered): slcan off ptm0. [ 190.302698][T23877] sp0: Synchronizing with TNC [ 190.555456][T23906] dlm: plock device version mismatch: kernel (1.2.0), user (1.536871104.0) [ 190.791307][T23932] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.8540'. [ 190.794304][T23932] openvswitch: netlink: VXLAN extension message has 13 unknown bytes. [ 190.966372][T23950] lo speed is unknown, defaulting to 1000 [ 191.663524][T24023] openvswitch: netlink: Unknown key attributes 1 [ 191.965465][T24084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8611'. [ 191.974037][T24084] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8611'. [ 192.064655][T24103] netlink: 'syz.0.8620': attribute type 1 has an invalid length. [ 192.067150][T24103] netlink: 157116 bytes leftover after parsing attributes in process `syz.0.8620'. [ 192.373385][T24148] team0: Device wg2 is of different type [ 192.840669][T24212] netlink: 16410 bytes leftover after parsing attributes in process `syz.3.8670'. [ 193.005374][T24234] openvswitch: netlink: Actions may not be safe on all matching packets [ 193.194643][T24268] nd_bus ndbus0: __nd_ioctl:bus unknown input size cmd: cmd_call field: 1 [ 193.269692][T24278] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8702'. [ 193.293413][T24282] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8704'. [ 193.496769][ T1409] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.499616][ T1409] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.843098][T24359] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8741'. [ 193.961316][T24372] pim6reg: entered allmulticast mode [ 193.966143][T24372] pim6reg: left allmulticast mode [ 194.146783][T24405] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8762'. [ 194.209747][T24415] netlink: 'syz.3.8767': attribute type 4 has an invalid length. [ 194.212806][T24415] netlink: 17 bytes leftover after parsing attributes in process `syz.3.8767'. [ 194.369611][T24437] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8777'. [ 194.388052][T24439] netlink: 'syz.2.8779': attribute type 4 has an invalid length. [ 194.449074][T24453] binder: 24452:24453 unknown command 0 [ 194.450626][T24453] binder: 24452:24453 ioctl c0306201 20000140 returned -22 [ 194.974380][T24502] openvswitch: netlink: Message has 5 unknown bytes. [ 194.979346][T24504] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 195.702797][T24539] nbd: must specify a device to reconfigure [ 195.827174][T24555] syz.0.8834: vmalloc error: size 1982232576, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 195.827928][T24555] CPU: 1 UID: 0 PID: 24555 Comm: syz.0.8834 Not tainted 6.12.0-rc5-syzkaller-00308-g3e5e6c9900c3 #0 [ 195.827956][T24555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 195.827969][T24555] Call Trace: [ 195.827978][T24555] [ 195.827987][T24555] dump_stack_lvl+0x16c/0x1f0 [ 195.828016][T24555] warn_alloc+0x24d/0x3a0 [ 195.828050][T24555] ? __pfx_warn_alloc+0x10/0x10 [ 195.828087][T24555] ? get_ctrl+0x394/0x4f0 [ 195.828113][T24555] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 195.828153][T24555] __vmalloc_node_range_noprof+0x11a7/0x15a0 [ 195.828182][T24555] ? __mutex_trylock_common+0xea/0x250 [ 195.828221][T24555] ? vivid_update_format_cap+0x126e/0x2530 [ 195.828247][T24555] ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650 [ 195.828270][T24555] ? rcu_is_watching+0x12/0xc0 [ 195.828297][T24555] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 195.828328][T24555] ? trace_kmalloc+0x2d/0xe0 [ 195.828356][T24555] ? __kmalloc_node_noprof.cold+0x5a/0x5f [ 195.828380][T24555] ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650 [ 195.828404][T24555] __kvmalloc_node_noprof+0x14f/0x1a0 [ 195.828437][T24555] ? __v4l2_ctrl_modify_dimensions+0x1c7/0x650 [ 195.828459][T24555] __v4l2_ctrl_modify_dimensions+0x1c7/0x650 [ 195.828486][T24555] vivid_update_format_cap+0x127b/0x2530 [ 195.828518][T24555] ? __pfx_vivid_update_format_cap+0x10/0x10 [ 195.828540][T24555] ? __pfx___mutex_lock+0x10/0x10 [ 195.828560][T24555] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 195.828598][T24555] vidioc_s_input+0x2d4/0x19b0 [ 195.828626][T24555] vivid_s_input+0x76/0xc0 [ 195.828652][T24555] ? v4l_enable_media_source+0xb0/0xe0 [ 195.828679][T24555] v4l_s_input+0xee/0x150 [ 195.828709][T24555] __video_do_ioctl+0xaf0/0xf00 [ 195.828743][T24555] ? __pfx___video_do_ioctl+0x10/0x10 [ 195.828769][T24555] ? __might_fault+0xe3/0x190 [ 195.828800][T24555] video_usercopy+0x426/0x1500 [ 195.828830][T24555] ? __pfx___video_do_ioctl+0x10/0x10 [ 195.828860][T24555] ? __pfx_video_usercopy+0x10/0x10 [ 195.828907][T24555] v4l2_ioctl+0x1ba/0x250 [ 195.828938][T24555] v4l2_compat_ioctl32+0x214/0x2c0 [ 195.828963][T24555] ? __pfx_v4l2_compat_ioctl32+0x10/0x10 [ 195.828993][T24555] __do_compat_sys_ioctl+0x259/0x2b0 [ 195.829032][T24555] __do_fast_syscall_32+0x73/0x120 [ 195.829054][T24555] do_fast_syscall_32+0x32/0x80 [ 195.829074][T24555] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 195.829096][T24555] RIP: 0023:0xf73ce579 [ 195.829114][T24555] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 195.829131][T24555] RSP: 002b:00000000f56b655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 195.829152][T24555] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0045627 [ 195.829166][T24555] RDX: 0000000020000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 195.829179][T24555] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 195.829198][T24555] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 195.829212][T24555] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 195.829240][T24555] [ 195.829249][T24555] Mem-Info: [ 195.829259][T24555] active_anon:389 inactive_anon:15582 isolated_anon:0 [ 195.829259][T24555] active_file:1279 inactive_file:11530 isolated_file:0 [ 195.829259][T24555] unevictable:768 dirty:392 writeback:0 [ 195.829259][T24555] slab_reclaimable:5943 slab_unreclaimable:63264 [ 195.829259][T24555] mapped:16225 shmem:3068 pagetables:986 [ 195.829259][T24555] sec_pagetables:321 bounce:0 [ 195.829259][T24555] kernel_misc_reclaimable:0 [ 195.829259][T24555] free:83038 free_pcp:2039 free_cma:0 [ 195.829308][T24555] Node 0 active_anon:584kB inactive_anon:112kB active_file:2088kB inactive_file:676kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:288kB dirty:0kB writeback:0kB shmem:1556kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9864kB pagetables:1208kB sec_pagetables:1176kB all_unreclaimable? yes [ 195.829355][T24555] Node 1 active_anon:972kB inactive_anon:62216kB active_file:3028kB inactive_file:45444kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:64612kB dirty:1568kB writeback:0kB shmem:10716kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4672kB pagetables:2736kB sec_pagetables:108kB all_unreclaimable? no [ 195.829401][T24555] Node 0 DMA free:2972kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:128kB local_pcp:72kB free_cma:0kB [ 195.829450][T24555] lowmem_reserve[]: 0 273 0 0 0 [ 195.829489][T24555] Node 0 DMA32 free:25492kB boost:6144kB min:20048kB low:23524kB high:27000kB reserved_highatomic:2048KB active_anon:584kB inactive_anon:112kB active_file:2088kB inactive_file:676kB unevictable:1536kB writepending:0kB present:1032196kB managed:306284kB mlocked:0kB bounce:0kB free_pcp:1808kB local_pcp:608kB free_cma:0kB [ 195.829540][T24555] lowmem_reserve[]: 0 0 0 0 0 [ 195.829577][T24555] Node 1 DMA32 free:303688kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:972kB inactive_anon:62216kB active_file:3028kB inactive_file:45444kB unevictable:1536kB writepending:1568kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:6220kB local_pcp:3640kB free_cma:0kB [ 195.829631][T24555] lowmem_reserve[]: 0 0 0 0 0 [ 195.829670][T24555] Node 0 DMA: 77*4kB (U) 37*8kB (UM) 22*16kB (UM) 37*32kB (UM) 5*64kB (M) 4*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2972kB [ 195.829791][T24555] Node 0 DMA32: 25*4kB (UEH) 138*8kB (UMEH) 100*16kB (UME) 172*32kB (UME) 78*64kB (UME) 28*128kB (UME) 15*256kB (UME) 5*512kB (UME) 2*1024kB (U) 0*2048kB 0*4096kB = 25332kB [ 195.829878][T24555] Node 1 DMA32: 685*4kB (UME) 980*8kB (UME) 517*16kB (UME) 548*32kB (UME) 411*64kB (UME) 103*128kB (UME) 45*256kB (UME) 28*512kB (UME) 19*1024kB (UM) 13*2048kB (UM) 38*4096kB (UM) = 303460kB [ 195.829973][T24555] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 195.829982][T24555] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 195.829990][T24555] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 195.829998][T24555] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=1 hugepages_size=2048kB [ 195.830007][T24555] 16084 total pagecache pages [ 195.830011][T24555] 207 pages in swap cache [ 195.830015][T24555] Free swap = 111768kB [ 195.830019][T24555] Total swap = 124996kB [ 195.830023][T24555] 524155 pages RAM [ 195.830027][T24555] 0 pages HighMem/MovableOnly [ 195.830031][T24555] 206681 pages reserved [ 195.830035][T24555] 0 pages cma reserved [ 195.845420][T24559] autofs: Bad value for 'uid' [ 196.084407][T24559] autofs: Bad value for 'uid' [ 196.245450][ T39] audit: type=1326 audit(2000000133.548:24106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24604 comm="syz.2.8859" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 196.254282][ T39] audit: type=1326 audit(2000000133.548:24107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24604 comm="syz.2.8859" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 196.261010][ T39] audit: type=1326 audit(2000000133.548:24108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24604 comm="syz.2.8859" exe="/syz-executor" sig=0 arch=40000003 syscall=146 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 196.270156][ T39] audit: type=1326 audit(2000000133.548:24109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24604 comm="syz.2.8859" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 196.278119][ T39] audit: type=1326 audit(2000000133.548:24110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24604 comm="syz.2.8859" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe4579 code=0x7ffc0000 [ 196.352216][T24621] usb usb8: usbfs: process 24621 (syz.3.8866) did not claim interface 0 before use [ 196.440563][T24630] autofs: Bad value for 'fd' [ 196.795519][T24709] Option 'o]c' to dns_resolver key: bad/missing value [ 197.305380][T24794] netlink: 'syz.0.8951': attribute type 1 has an invalid length. [ 197.341876][T24801] netlink: 'syz.0.8953': attribute type 16 has an invalid length. [ 197.344970][T24801] netlink: 'syz.0.8953': attribute type 3 has an invalid length. [ 197.348031][T24801] __nla_validate_parse: 5 callbacks suppressed [ 197.348048][T24801] netlink: 64066 bytes leftover after parsing attributes in process `syz.0.8953'. [ 197.359301][T24803] netlink: zone id is out of range [ 197.367596][T24803] netlink: set zone limit has 4 unknown bytes [ 197.516492][T24830] CUSE: DEVNAME unspecified [ 197.629359][T24848] trusted_key: encrypted_key: key trusted:syz not found [ 197.720232][T24859] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8980'. [ 198.288579][T24925] netlink: 24 bytes leftover after parsing attributes in process `syz.0.9012'. [ 198.375141][T24937] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9018'. [ 198.505459][T24941] /dev/sr0: Can't open blockdev [ 198.556114][T24957] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9027'. [ 198.562135][T24957] netlink: 173 bytes leftover after parsing attributes in process `syz.2.9027'. [ 198.629919][T24948] /dev/sr0: Can't open blockdev [ 198.692748][ T39] audit: type=1326 audit(2000000135.988:24111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24970 comm="syz.0.9034" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 198.703457][ T39] audit: type=1326 audit(2000000135.988:24112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24970 comm="syz.0.9034" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 198.734565][ T39] audit: type=1326 audit(2000000135.988:24113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24970 comm="syz.0.9034" exe="/syz-executor" sig=0 arch=40000003 syscall=315 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 198.743113][ T39] audit: type=1326 audit(2000000135.988:24114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24970 comm="syz.0.9034" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 198.752070][ T39] audit: type=1326 audit(2000000135.988:24115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24970 comm="syz.0.9034" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x7ffc0000 [ 198.767008][T24979] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9037'. [ 198.810243][T24983] usb usb4: usbfs: process 24983 (syz.0.9039) did not claim interface 0 before use [ 199.140903][T25030] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9063'. [ 199.150468][T25032] netlink: 48569 bytes leftover after parsing attributes in process `syz.2.9064'. [ 199.283921][T25048] netlink: 276 bytes leftover after parsing attributes in process `syz.0.9070'. [ 199.754623][T25106] hub 1-0:1.0: USB hub found [ 199.756742][T25106] hub 1-0:1.0: 2 ports detected [ 199.779125][T25119] sp0: Synchronizing with TNC [ 199.784918][T25119] sp0: Found TNC [ 199.787771][T25117] [U] ` [ 200.563166][T25238] 9pnet_fd: p9_fd_create_tcp (25238): problem binding to privport [ 200.686024][T25243] /dev/sr0: Can't open blockdev [ 200.814828][T25254] /dev/sr0: Can't open blockdev [ 200.865543][T25276] A link change request failed with some changes committed already. Interface wg0 may have been left with an inconsistent configuration, please check. [ 201.292168][T25328] program syz.1.9205 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 201.296977][T25328] [ 201.298118][T25328] ====================================================== [ 201.301083][T25328] WARNING: possible circular locking dependency detected [ 201.303782][T25328] 6.12.0-rc5-syzkaller-00308-g3e5e6c9900c3 #0 Not tainted [ 201.307174][T25328] ------------------------------------------------------ [ 201.311750][T25328] syz.1.9205/25328 is trying to acquire lock: [ 201.314048][T25328] ffff888068d6e200 (&trie->lock){....}-{2:2}, at: trie_delete_elem+0xb0/0x820 [ 201.317730][T25328] [ 201.317730][T25328] but task is already holding lock: [ 201.320604][T25328] ffff88802b73ee98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 [ 201.325070][T25328] [ 201.325070][T25328] which lock already depends on the new lock. [ 201.325070][T25328] [ 201.329204][T25328] [ 201.329204][T25328] the existing dependency chain (in reverse order) is: [ 201.332752][T25328] [ 201.332752][T25328] -> #3 (&rq->__lock){-.-.}-{2:2}: [ 201.335284][T25328] _raw_spin_lock_nested+0x31/0x40 [ 201.336958][T25328] raw_spin_rq_lock_nested+0x29/0x130 [ 201.338735][T25328] task_rq_lock+0xcf/0x3b0 [ 201.340626][T25328] cgroup_move_task+0x82/0x250 [ 201.342614][T25328] css_set_move_task+0x288/0x5f0 [ 201.344622][T25328] cgroup_post_fork+0x1c6/0x910 [ 201.346637][T25328] copy_process+0x5759/0x6ee0 [ 201.348791][T25328] kernel_clone+0xfd/0x960 [ 201.350768][T25328] user_mode_thread+0xb4/0xf0 [ 201.352688][T25328] rest_init+0x23/0x2b0 [ 201.354586][T25328] start_kernel+0x3e4/0x4d0 [ 201.356981][T25328] x86_64_start_reservations+0x18/0x30 [ 201.359633][T25328] x86_64_start_kernel+0xb2/0xc0 [ 201.361599][T25328] common_startup_64+0x13e/0x148 [ 201.363652][T25328] [ 201.363652][T25328] -> #2 (&p->pi_lock){-.-.}-{2:2}: [ 201.366043][T25328] _raw_spin_lock_irqsave+0x3a/0x60 [ 201.367896][T25328] try_to_wake_up+0xa1/0x14f0 [ 201.369905][T25328] autoremove_wake_function+0x16/0x150 [ 201.372147][T25328] __wake_up_common+0x131/0x1e0 [ 201.374115][T25328] __wake_up+0x31/0x60 [ 201.375955][T25328] wakeup_kswapd+0x45e/0x640 [ 201.378334][T25328] wake_all_kswapds+0x182/0x2e0 [ 201.381006][T25328] __alloc_pages_noprof+0x189c/0x25a0 [ 201.383077][T25328] new_slab+0xca/0x3f0 [ 201.384282][T25328] ___slab_alloc+0xd1d/0x16f0 [ 201.385763][T25328] __slab_alloc.constprop.0+0x56/0xb0 [ 201.387893][T25328] kmem_cache_alloc_node_noprof+0xed/0x310 [ 201.390187][T25328] do_kmem_cache_create+0x1a8/0x700 [ 201.392310][T25328] __kmem_cache_create_args+0x242/0x3c0 [ 201.394115][T25328] can_init+0xa9/0x1a0 [ 201.395381][T25328] do_one_initcall+0x128/0x630 [ 201.396784][T25328] kernel_init_freeable+0x58f/0x8b0 [ 201.398290][T25328] kernel_init+0x1c/0x2b0 [ 201.399916][T25328] ret_from_fork+0x45/0x80 [ 201.401734][T25328] ret_from_fork_asm+0x1a/0x30 [ 201.404491][T25328] [ 201.404491][T25328] -> #1 (&pgdat->kswapd_wait){....}-{2:2}: [ 201.408650][T25328] _raw_spin_lock_irqsave+0x3a/0x60 [ 201.410762][T25328] __wake_up+0x1c/0x60 [ 201.412033][T25328] wakeup_kswapd+0x45e/0x640 [ 201.413445][T25328] wake_all_kswapds+0x182/0x2e0 [ 201.415101][T25328] __alloc_pages_noprof+0x189c/0x25a0 [ 201.417193][T25328] ___kmalloc_large_node+0x84/0x1b0 [ 201.419198][T25328] __kmalloc_large_node_noprof+0x1c/0x70 [ 201.421230][T25328] __kmalloc_node_noprof.cold+0x5/0x5f [ 201.423033][T25328] bpf_map_kmalloc_node+0x98/0x4a0 [ 201.425529][T25328] trie_update_elem+0x1ef/0xdb0 [ 201.427645][T25328] bpf_map_update_value+0x2c1/0x6c0 [ 201.429816][T25328] generic_map_update_batch+0x454/0x5f0 [ 201.431689][T25328] bpf_map_do_batch+0x576/0x640 [ 201.433446][T25328] __sys_bpf+0x1c9f/0x5780 [ 201.434911][T25328] __ia32_sys_bpf+0x76/0xe0 [ 201.436354][T25328] __do_fast_syscall_32+0x73/0x120 [ 201.437966][T25328] do_fast_syscall_32+0x32/0x80 [ 201.439828][T25328] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 201.442809][T25328] [ 201.442809][T25328] -> #0 (&trie->lock){....}-{2:2}: [ 201.445913][T25328] __lock_acquire+0x250b/0x3ce0 [ 201.448227][T25328] lock_acquire.part.0+0x11b/0x380 [ 201.450018][T25328] _raw_spin_lock_irqsave+0x3a/0x60 [ 201.452048][T25328] trie_delete_elem+0xb0/0x820 [ 201.454121][T25328] bpf_prog_3ffd2c70e20892c6+0x43/0x4c [ 201.456359][T25328] bpf_trace_run2+0x231/0x590 [ 201.458049][T25328] trace_tlb_flush+0xf3/0x170 [ 201.459633][T25328] switch_mm_irqs_off+0x395/0xb10 [ 201.461267][T25328] __schedule+0xc6c/0x5730 [ 201.462757][T25328] preempt_schedule_common+0x44/0xc0 [ 201.465945][T25328] preempt_schedule_thunk+0x1a/0x30 [ 201.468082][T25328] vprintk_emit+0x44f/0x6f0 [ 201.469827][T25328] vprintk+0x7f/0xa0 [ 201.471458][T25328] _printk+0xc8/0x100 [ 201.473025][T25328] scsi_ioctl+0x560/0x1840 [ 201.474760][T25328] sg_ioctl+0xaca/0x26b0 [ 201.476318][T25328] compat_ptr_ioctl+0x6b/0xa0 [ 201.478084][T25328] __do_compat_sys_ioctl+0x259/0x2b0 [ 201.482192][T25328] __do_fast_syscall_32+0x73/0x120 [ 201.484352][T25328] do_fast_syscall_32+0x32/0x80 [ 201.486217][T25328] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 201.488808][T25328] [ 201.488808][T25328] other info that might help us debug this: [ 201.488808][T25328] [ 201.492657][T25328] Chain exists of: [ 201.492657][T25328] &trie->lock --> &p->pi_lock --> &rq->__lock [ 201.492657][T25328] [ 201.496667][T25328] Possible unsafe locking scenario: [ 201.496667][T25328] [ 201.498836][T25328] CPU0 CPU1 [ 201.500675][T25328] ---- ---- [ 201.502620][T25328] lock(&rq->__lock); [ 201.504061][T25328] lock(&p->pi_lock); [ 201.506549][T25328] lock(&rq->__lock); [ 201.509275][T25328] lock(&trie->lock); [ 201.511204][T25328] [ 201.511204][T25328] *** DEADLOCK *** [ 201.511204][T25328] [ 201.514456][T25328] 2 locks held by syz.1.9205/25328: [ 201.516370][T25328] #0: ffff88802b73ee98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 [ 201.519788][T25328] #1: ffffffff8ddb7800 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1c2/0x590 [ 201.523163][T25328] [ 201.523163][T25328] stack backtrace: [ 201.525745][T25328] CPU: 3 UID: 0 PID: 25328 Comm: syz.1.9205 Not tainted 6.12.0-rc5-syzkaller-00308-g3e5e6c9900c3 #0 [ 201.529478][T25328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 201.533402][T25328] Call Trace: [ 201.534742][T25328] [ 201.535947][T25328] dump_stack_lvl+0x116/0x1f0 [ 201.537888][T25328] print_circular_bug+0x419/0x5d0 [ 201.540232][T25328] check_noncircular+0x31a/0x400 [ 201.542246][T25328] ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10 [ 201.544801][T25328] ? __pfx_check_noncircular+0x10/0x10 [ 201.546425][T25328] ? lockdep_lock+0x1b8/0x200 [ 201.548046][T25328] ? __pfx_lockdep_lock+0x10/0x10 [ 201.549572][T25328] ? hlock_class+0x4e/0x130 [ 201.550985][T25328] __lock_acquire+0x250b/0x3ce0 [ 201.552577][T25328] ? __pfx___lock_acquire+0x10/0x10 [ 201.554425][T25328] ? __lock_acquire+0xbdd/0x3ce0 [ 201.555792][T25328] lock_acquire.part.0+0x11b/0x380 [ 201.557413][T25328] ? trie_delete_elem+0xb0/0x820 [ 201.559232][T25328] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 201.561099][T25328] ? rcu_is_watching+0x12/0xc0 [ 201.562888][T25328] ? trace_lock_acquire+0x14a/0x1d0 [ 201.564483][T25328] ? trie_delete_elem+0xb0/0x820 [ 201.566070][T25328] ? lock_acquire+0x2f/0xb0 [ 201.567508][T25328] ? trie_delete_elem+0xb0/0x820 [ 201.569076][T25328] _raw_spin_lock_irqsave+0x3a/0x60 [ 201.570467][T25328] ? trie_delete_elem+0xb0/0x820 [ 201.571933][T25328] trie_delete_elem+0xb0/0x820 [ 201.573461][T25328] ? bpf_trace_run2+0x1c2/0x590 [ 201.575152][T25328] bpf_prog_3ffd2c70e20892c6+0x43/0x4c [ 201.577595][T25328] bpf_trace_run2+0x231/0x590 [ 201.580151][T25328] ? __pfx_bpf_trace_run2+0x10/0x10 [ 201.582943][T25328] ? __phys_addr+0xbc/0x150 [ 201.584682][T25328] ? trace_tlb_flush+0x51/0x170 [ 201.586467][T25328] trace_tlb_flush+0xf3/0x170 [ 201.588381][T25328] switch_mm_irqs_off+0x395/0xb10 [ 201.590305][T25328] ? pid_list_refill_irq+0x1d0/0x5d0 [ 201.592143][T25328] __schedule+0xc6c/0x5730 [ 201.593463][T25328] ? __pfx__prb_read_valid+0x10/0x10 [ 201.595169][T25328] ? __up_console_sem+0x85/0xe0 [ 201.596996][T25328] ? __pfx___schedule+0x10/0x10 [ 201.599191][T25328] ? __up_console_sem+0x8f/0xe0 [ 201.600873][T25328] ? lockdep_hardirqs_on+0x7c/0x110 [ 201.602561][T25328] ? preempt_schedule_thunk+0x1a/0x30 [ 201.604655][T25328] preempt_schedule_common+0x44/0xc0 [ 201.606680][T25328] preempt_schedule_thunk+0x1a/0x30 [ 201.608665][T25328] ? vprintk_emit+0x44a/0x6f0 [ 201.610926][T25328] vprintk_emit+0x44f/0x6f0 [ 201.613201][T25328] ? __pfx_vprintk_emit+0x10/0x10 [ 201.615540][T25328] vprintk+0x7f/0xa0 [ 201.617244][T25328] _printk+0xc8/0x100 [ 201.618992][T25328] ? __pfx__printk+0x10/0x10 [ 201.620872][T25328] ? find_held_lock+0x2d/0x110 [ 201.622634][T25328] scsi_ioctl+0x560/0x1840 [ 201.624520][T25328] ? __pfx_scsi_ioctl+0x10/0x10 [ 201.626847][T25328] ? tomoyo_path_number_perm+0x190/0x5b0 [ 201.629166][T25328] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 201.631232][T25328] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 201.633412][T25328] ? do_vfs_ioctl+0x513/0x1950 [ 201.635168][T25328] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 201.636984][T25328] sg_ioctl+0xaca/0x26b0 [ 201.638427][T25328] ? __pfx_sg_ioctl+0x10/0x10 [ 201.639975][T25328] ? trace_lock_acquire+0x14a/0x1d0 [ 201.642259][T25328] ? __fget_files+0x244/0x3f0 [ 201.643917][T25328] ? __pfx_sg_ioctl+0x10/0x10 [ 201.645647][T25328] compat_ptr_ioctl+0x6b/0xa0 [ 201.647637][T25328] ? __pfx_compat_ptr_ioctl+0x10/0x10 [ 201.649846][T25328] __do_compat_sys_ioctl+0x259/0x2b0 [ 201.651920][T25328] __do_fast_syscall_32+0x73/0x120 [ 201.653935][T25328] do_fast_syscall_32+0x32/0x80 [ 201.655665][T25328] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 201.657848][T25328] RIP: 0023:0xf7fe1579 [ 201.659330][T25328] Code: Unable to access opcode bytes at 0xf7fe154f. [ 201.661684][T25328] RSP: 002b:00000000f576655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 201.664244][T25328] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000001 [ 201.666759][T25328] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 201.669440][T25328] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 201.672814][T25328] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 201.675910][T25328] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 201.678208][T25328] [ 201.690767][ C0] vkms_vblank_simulate: vblank timer overrun VM DIAGNOSIS: 05:21:43 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813c483e RDX=ffffffff8da957c0 RSI=ffffffff813c485b RDI=0000000000000000 RBP=ffff88802b73ee80 RSP=ffffc90000007a30 R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=000000000003ee80 R12=0000000000000003 R13=0000000000000003 R14=ffff88802b43fdc0 R15=ffffed10056e7dd0 RIP=ffffffff813c485c RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f73f5008 CR3=0000000063b0a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88802b7467a0 RCX=ffffc9000cc52000 RDX=0000000000040000 RSI=ffffffff81809826 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90003a67788 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=00000000000a201e R12=ffffed10056e8cf5 R13=0000000000000001 R14=ffff88802b7467a8 R15=ffff88802b540100 RIP=ffffffff8180982d RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f71f22d0 CR3=00000000676dc000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff813c483e RDX=ffff88801b768000 RSI=ffffffff813c485b RDI=0000000000000000 RBP=ffff88802b63fdd4 RSP=ffffc90000540a30 R8 =0000000000000000 R9 =0000000000000001 R10=0000000000000001 R11=000000000003ee80 R12=0000000000000001 R13=0000000000000001 R14=ffff88802b63fdc0 R15=00000000000c0000 RIP=ffffffff813c485c RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f74a5008 CR3=000000004a07c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85046005 RDI=ffffffff9a6432e0 RBP=ffffffff9a6432a0 RSP=ffffc90021f9ed58 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000002d R14=ffffffff85045fa0 R15=0000000000000000 RIP=ffffffff8504602f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f72a90e0 CR3=0000000070ee6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000