last executing test programs: 15.120232884s ago: executing program 3 (id=5802): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000003900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=[@op={0x10, 0x117, 0x3, 0x7fada9efb9697432}], 0x10}], 0x1, 0x0) 15.003365392s ago: executing program 3 (id=5804): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) read$FUSE(0xffffffffffffffff, 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) read$FUSE(r4, &(0x7f0000000b40)={0x2020}, 0x2020) write$FUSE_DIRENTPLUS(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="5001000000000000dffe15df83ba7111"], 0x150) pipe2$9p(0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5) setsockopt$inet_udp_encap(r5, 0x11, 0x64, &(0x7f0000000080)=0x5, 0x4) dup(0xffffffffffffffff) mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0), 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500002c00000000002f9078ac1e0001e000ff70453018cdfb9793eebbef90050033e9ce8be7f5922fa05bdc2daeb501000065580018907804000000000000000800000000000000"], 0x3e) 9.94281701s ago: executing program 3 (id=5821): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x0, 0x3}, 0x8}, 0x90) r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r0, &(0x7f0000001340)=',', 0x1, 0x0, &(0x7f0000001400)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)="c2", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) shutdown(r0, 0x1) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000005c0), 0x14) 9.853174593s ago: executing program 3 (id=5822): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r4 = openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$RTC_SET_TIME(r4, 0x4024700a, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_NEW_KEY(r5, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000cc0)={0x2c, r2, 0x1, 0x0, 0x0, {{0xa}, {@val={0x8}, @void}}, [@NL80211_ATTR_KEY={0x10, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT_MGMT={0x4, 0xa}, @NL80211_KEY_IDX={0x5, 0x2, 0x6}]}]}, 0x2c}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000340)={'wlan1\x00'}) sendmsg$NL80211_CMD_START_NAN(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40400000}, 0xc, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x3050}, 0x90) r6 = socket$unix(0x1, 0x5, 0x0) r7 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_UIE_ON(r7, 0x7003) ioctl$RTC_AIE_ON(r7, 0x7001) ioctl$RTC_SET_TIME(r7, 0x4024700a, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x17, 0x0, 0x4f}) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYRES64=r0, @ANYRES16=r2, @ANYRES32=r5, @ANYRESOCT=r5], 0x24}, 0x1, 0x0, 0x0, 0x881}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x28}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x58}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1, 0x10, 0x0, 0x40000}, 0x90) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0xe8, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0xbc, 0xe, {{{}, {}, @device_a, @device_b}, 0x0, @default, 0x0, @void, @val, @val={0x3, 0x1}, @void, @void, @val={0x5, 0x71, {0x7, 0xbc, 0xa, "aa621bac19544af41e81262c4e354e288760f4ac140b6f11d442da65681c690b4669ca120c82969052887149b8b41b71396f8c3d1095b6f44eacab19355db79347ee2cae21a4541fa3dca56c4d014328d663d0d52609caab0d9b0970f2dd516ee5c4d22d64d576075bfdddec1954"}}, @void, @void, @void, @val={0x2d, 0x1a}, @void, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @beacon]}, 0xe8}, 0x1, 0x0, 0x0, 0x200400f1}, 0x0) setgroups(0x0, 0x0) r9 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)={0x0, "7fa83dab0d3366512d5be841797d7df93815e60c650932d7ec32e239af37da22bb8a299a5f539d3c7f18a266d61654fead1f5509316491a77a08835ac6cae26a"}, 0x48, 0xfffffffffffffffd) keyctl$chown(0x4, r9, 0xffffffffffffffff, 0xee00) 8.55286281s ago: executing program 3 (id=5830): mknod$loop(&(0x7f0000000140)='./file0\x00', 0x1fff, 0x0) r0 = signalfd4(0xffffffffffffffff, &(0x7f00000004c0), 0x8, 0x0) r1 = io_uring_setup(0x3e76, &(0x7f0000000000)) creat(&(0x7f0000000000)='./file0\x00', 0x0) dup2(r0, r1) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) 8.397373392s ago: executing program 3 (id=5831): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) close(r0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) preadv(r2, &(0x7f0000000480)=[{&(0x7f0000000380)=""/27, 0x24}, {&(0x7f0000000540)=""/162}], 0x200000ce, 0x2, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nfc(&(0x7f00000000c0), r4) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000001c0)="bfd8a574ae21663526e700b76c1a74230836571facd3ce5ebda5bb51de608e4b", 0x20) syz_open_dev$hiddev(&(0x7f0000000300), 0x8, 0x200200) sendmsg$NFC_CMD_DISABLE_SE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="b6720e2278da4b5bd01f5c028e34b76f71b96e64e1c0eeec4b8c5001c0400daf79e794babea12bec27c91bfea9b533e7afa8b816296692158dc2553ae7d14269229e202a00247eb350ba95288a37d3027271ad38240385dc76b387f6a4bee9777eb832a69050212e808e76eb9271c5d4445871ed8cfb7267109cc2109f2040860ff96513c6b400"/148, @ANYRES16=r5, @ANYBLOB="0100000000000000000007000000fc84cedf4c77220dfde039a373b92a27821de92801b28271fb3603760e2199000090c5d8a990652b8f5407ea98820bb6226baa9a2ec7000000c2baacc0ae9da405f4205653afe337d56e3effbd8c58686e8b73ea061afe00217d3fcca73a003a50e60209dec7d7830bd39cea5d665aee388d484761aefc7bf8698ddd213d85b1b9f301a275a4bc135b92546e9406c8a5504521f0edfadc379be56b10d006c5be75e277ef9178ae0d453d259c840eddff56cdddadcb79b94a47b5310be11b7425598781c4f7c61355d3e9968dd1c90062df60711349746dac5cec5d7a3ba9ad909afae54cec0b393170d2abf74ae5e73f88983dfcd0ed08bb68e75b090c94d55ed1b295523601e0d834ddb02c23f87b2b1e7fb2e15d327d4111596a199a02a9d103fe098c6688e42a2b07f57b5abd2a624a93375e66c4383bd8bbd462bbe313b35dac2d89187aad6d4fc73f1b3d8ba36acd8a6cebf12a1360cae899dbb9f39fc759870f1290ab492aa689487a6f2e5831d87b9068e4c55cf33b7f3c24c716797cc0ff8c32b895e3a24b75395fbeaa03b1dbe727c3ece72b50deb53ea60a9d3590bc64d65005c267db7b9ec950b0593e0e9922d3007ad76cdf1f6879e016263050217297384973c1b76e3f3dbdda9734373c3500cf68f689b1fa001d4597b997af15e1c17ada86122dc046050447d9b2a902b1a13621b5f45ebf1b913b3d339f00"/553, @ANYRESOCT=r5], 0x14}}, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r6 = userfaultfd(0x801) ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r6, 0xc028aa05, &(0x7f0000000000)={&(0x7f0000370000/0x4000)=nil, &(0x7f0000779000/0x1000)=nil, 0x4000, 0x3, 0x2}) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r7 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r7, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) sendmsg$inet6(r7, &(0x7f0000000140)={&(0x7f0000000080)={0xa, 0x4e22, 0x80000, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="a400000029000000390000008412020700000000fc000000000000000000000000000001ff020000000000000000000000000001fe8000000000000000000000000000bb2001000000000000000000000000000100000000000000000000000000000000ff020000000000000000000000000001fe8000000000000000000000000000bb0000000000000000000000000000000020010000000000000000000000000000ba911e9e2ffa6f94f7c94e03617cc43fd814260e5855be0a9c7b9aacd8ed9c5aa4751473b6b480dbaced3cdc29912d216a198d56eb45d6969a01f39ede102c90d4fe1af182284959e7f4bc32ad4bf26f775b70654c69"], 0xa4}, 0x0) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000022c0)=ANY=[@ANYRES8], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x5}, 0x10}, 0x90) 6.917314186s ago: executing program 1 (id=5842): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000dc0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) writev(r1, &(0x7f0000000100)=[{&(0x7f0000000200)="cbf9c94c5b095327a89b4e8825cf8764931360fe211e2402b94f4e0a3fce58e62210dff494694c6a51e790ec77a3aa35b212d9227612d0b60e387f086fc0482973d52560a15f11099d82e6c6c70b7c58cc98bc174f0e9b12465111107ad90c87cee3ada76df92ddbd9a1cfbdd009eac20b0d644f3b387d5cfcf968c8f30a54f4d63a2cdfed7feedf62705ed92cfe7b8223bd191d5d6006", 0x97}], 0x1) recvmmsg(r1, &(0x7f0000000880)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000140)=""/150, 0x96}], 0x1}}], 0x1, 0x0, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5) ioctl$AUTOFS_IOC_CATATONIC(r2, 0x800443d2, 0x20000000) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x0) 6.642209668s ago: executing program 1 (id=5846): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c0002"], 0xdc}}, 0x0) 6.530598078s ago: executing program 1 (id=5848): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0104000000000000000002000000400004803c0001800c00010062697477697365002c000280080003400000000108000140000000160c000480050001003f0000000800024000000016040005800900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000abd8db3ffe614c0175b6f14de688d271d90e7e4f88324fbdd27f526b0d87ba5a0bba9212641446eff6dee3b5a0e756699a35793d149c335478d513087f19626efa9d53c1790731db17529264bd676761c"], 0x94}}, 0x0) r1 = memfd_create(&(0x7f0000000440)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+ \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz\x03\x00\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92 \x00*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\f\xc9\xc5H\x0f;\xd3\xe2\at\x9bJ\xe6\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xee\xdc\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)\xdeA\x1ed\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97\xf6\xb8\xebN\xe2\x18\x04[\xabW}\xb1\xffo\xae~=\x9dd\x9f\x92\xd2[\xb8\xb6\x1a\x02c\xa1\xd1H\xb7@\x06\x96s\xef\xee\x92\xfaC\x15+\x84%h1O\xe2\xb8\xd3\x19R\x00\f\n\x1cpEn\xad\xa7IRf\xc65\x15<}\xb8\x05\xe4\xb7\x9e\xf3\xda\xdavzB\xf8qj\x9e\xe4\xbd\x05\xcfx\xb5\x12\t\xe0\xf2\'f\xf4+\xb3\xdeA6\x10O\xdd\x9c\xf7B', 0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002200), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000240)={0x38, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x1c, 0x2c, 0x0, 0x1, [{0x8}, {0x8, 0x0, 0x7f}, {0x8, 0x0, 0x7f}]}]}, 0x38}}, 0x0) r6 = memfd_create(&(0x7f0000000a00)='\x00\x06\xa5\xb1\xb9\x13I\x05\xf9\xd3{*\x13\x9f\x9f\x01{\xc9\xe2\xe2\x98A\\\xf9\\\x1e\xc8\xe9\xb5A/5s\x86\xb70\xf0\x9c\xbdP\xdd\x02-Y*\x00\xa5\xc2\xac\'\xcad\x9cH\xc4Pv\xfbx\xd7\\G\xdc\xf5\xfbHb\x7f\x94\x91\xad\xf1\xf1\xc2\x8b\x1bS%\xf0\x1f\x8bo\x88%\xe76\xb9>\xce\x92\x96\xc7\xe1\xb5\x00\xe8\x18\xca\x00\x00P\xdb\x19N\xd0\x95W\x03\x19\xa2\xf2, \x9c\xdd,\x8a\x1et\x15\x84\x13\x88\xbf\x17\xfc\x17\x03`?B\xda\xb2\x96X\xb2\x1e\xa5\xf1M\x8b0\xbb}\xdb\n\xb8\xe5\x9dC\xa0\b\x9e\x80\x1c<6\x9a\xc0\xcc\xe5\xd9\x10\xc0Z', 0x2) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="040e04000f08"], 0x7) fsetxattr$trusted_overlay_redirect(r6, &(0x7f00000000c0), 0x0, 0x0, 0x0) r7 = epoll_create(0x6) syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_req={{0x34, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0x9) r8 = openat$uhid(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) write$UHID_CREATE(r8, &(0x7f00000002c0)={0x0, {'syz1\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000540)=""/32, 0x20}}, 0x120) syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000040341a02080000000000010902"], 0x0) r9 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) ioctl$HIDIOCGFEATURE(r9, 0xc0404807, 0x0) r10 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ptype\x00') preadv(r10, &(0x7f0000000340)=[{&(0x7f0000000380)=""/214, 0xd6}], 0x1, 0x49, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r10, 0x6, &(0x7f0000000080)={0x80000000, 0x0, &(0x7f0000000000)=[r6, r6, r7]}, 0x3) r11 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r12 = dup2(r7, r11) close_range(r12, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305829, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x4000}) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) socket$phonet_pipe(0x23, 0x5, 0x2) 3.450070818s ago: executing program 1 (id=5864): mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00') pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@dfltgid}]}}) r4 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0) sendfile(r4, r0, 0x0, 0x80000000) 3.332898053s ago: executing program 1 (id=5866): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x158, 0x10, 0x133, 0x0, 0x0, {{@in=@loopback, @in6=@remote}, {@in, 0x0, 0x32}, @in6=@mcast2, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_aead={0x4c, 0x12, {{'rfc4543(rfc4106-gcm-aesni)\x00'}}}, @encap={0x1c, 0x16, {0x0, 0x0, 0x0, @in6=@private1}}]}, 0x158}}, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000001000)=ANY=[@ANYBLOB='trans=virtio,noextend,access=any,cache=fscache,version=9p2000.u']) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r1 = open(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) getdents(r1, &(0x7f0000000180)=""/98, 0x62) lstat(&(0x7f0000000340)='./file0\x00', &(0x7f00000003c0)) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) getxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)=@known='user.syz\x00', &(0x7f0000000240)=""/239, 0xef) ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r1, 0xc00864c0, &(0x7f00000000c0)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) r3 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0185648, &(0x7f0000000080)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x0, 0x2, '\x00', @value64}}) write$char_usb(r2, &(0x7f0000000080)='0', 0x1) timer_create(0x0, 0x0, &(0x7f0000000000)) timer_settime(0x0, 0x1, 0x0, 0x0) 2.418950454s ago: executing program 2 (id=5873): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0104000000000000000002000000400004803c0001800c00010062697477697365002c000280080003400000000108000140000000160c000480050001003f0000000800024000000016040005800900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000abd8db3ffe614c0175b6f14de688d271d90e7e4f88324fbdd27f526b0d87ba5a0bba9212641446eff6dee3b5a0e756699a35793d149c335478d513087f19626efa9d53c1790731db17529264bd676761c"], 0x94}}, 0x0) r1 = memfd_create(&(0x7f0000000440)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+ \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz\x03\x00\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92 \x00*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\f\xc9\xc5H\x0f;\xd3\xe2\at\x9bJ\xe6\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xee\xdc\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)\xdeA\x1ed\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97\xf6\xb8\xebN\xe2\x18\x04[\xabW}\xb1\xffo\xae~=\x9dd\x9f\x92\xd2[\xb8\xb6\x1a\x02c\xa1\xd1H\xb7@\x06\x96s\xef\xee\x92\xfaC\x15+\x84%h1O\xe2\xb8\xd3\x19R\x00\f\n\x1cpEn\xad\xa7IRf\xc65\x15<}\xb8\x05\xe4\xb7\x9e\xf3\xda\xdavzB\xf8qj\x9e\xe4\xbd\x05\xcfx\xb5\x12\t\xe0\xf2\'f\xf4+\xb3\xdeA6\x10O\xdd\x9c\xf7B', 0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002200), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000240)={0x38, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x1c, 0x2c, 0x0, 0x1, [{0x8}, {0x8, 0x0, 0x7f}, {0x8, 0x0, 0x7f}]}]}, 0x38}}, 0x0) r6 = memfd_create(&(0x7f0000000a00)='\x00\x06\xa5\xb1\xb9\x13I\x05\xf9\xd3{*\x13\x9f\x9f\x01{\xc9\xe2\xe2\x98A\\\xf9\\\x1e\xc8\xe9\xb5A/5s\x86\xb70\xf0\x9c\xbdP\xdd\x02-Y*\x00\xa5\xc2\xac\'\xcad\x9cH\xc4Pv\xfbx\xd7\\G\xdc\xf5\xfbHb\x7f\x94\x91\xad\xf1\xf1\xc2\x8b\x1bS%\xf0\x1f\x8bo\x88%\xe76\xb9>\xce\x92\x96\xc7\xe1\xb5\x00\xe8\x18\xca\x00\x00P\xdb\x19N\xd0\x95W\x03\x19\xa2\xf2, \x9c\xdd,\x8a\x1et\x15\x84\x13\x88\xbf\x17\xfc\x17\x03`?B\xda\xb2\x96X\xb2\x1e\xa5\xf1M\x8b0\xbb}\xdb\n\xb8\xe5\x9dC\xa0\b\x9e\x80\x1c<6\x9a\xc0\xcc\xe5\xd9\x10\xc0Z', 0x2) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="040e04000f08"], 0x7) fsetxattr$trusted_overlay_redirect(r6, &(0x7f00000000c0), 0x0, 0x0, 0x0) r7 = epoll_create(0x6) syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_user_passkey_req={{0x34, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0x9) r8 = openat$uhid(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) write$UHID_CREATE(r8, &(0x7f00000002c0)={0x0, {'syz1\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000540)=""/32, 0x20}}, 0x120) syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000040341a02080000000000010902"], 0x0) r9 = syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) ioctl$HIDIOCGFEATURE(r9, 0xc0404807, 0x0) r10 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ptype\x00') preadv(r10, &(0x7f0000000340)=[{&(0x7f0000000380)=""/214, 0xd6}], 0x1, 0x49, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r10, 0x6, &(0x7f0000000080)={0x80000000, 0x0, &(0x7f0000000000)=[r6, r6, r7]}, 0x3) r11 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r12 = dup2(r7, r11) close_range(r12, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x40305829, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x4000}) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) socket$phonet_pipe(0x23, 0x5, 0x2) 1.300225655s ago: executing program 0 (id=5878): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) read$FUSE(0xffffffffffffffff, 0x0, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = getpid() process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) read$FUSE(r4, &(0x7f0000000b40)={0x2020}, 0x2020) write$FUSE_DIRENTPLUS(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="5001000000000000dffe15df83ba7111"], 0x150) pipe2$9p(0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5) setsockopt$inet_udp_encap(r5, 0x11, 0x64, &(0x7f0000000080)=0x5, 0x4) dup(0xffffffffffffffff) mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0), 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500002c00000000002f9078ac1e0001e000ff70453018cdfb9793eebbef90050033e9ce8be7f5922fa05bdc2daeb501000065580018907804000000000000000800000000000000"], 0x3e) 855.144978ms ago: executing program 2 (id=5879): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x0, 0x3}, 0x8}, 0x90) r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r0, &(0x7f0000001340)=',', 0x1, 0x0, &(0x7f0000001400)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)="c2", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) shutdown(r0, 0x1) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000005c0), 0x14) 760.952635ms ago: executing program 2 (id=5880): ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3000000003080101ff593c54f10000000000000005000300f85131b80c00048008000140000000000600024000000000"], 0x30}}, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_PKTINFO(r2, 0x10e, 0x3, &(0x7f00000000c0)=0xffff, 0x4) execve(0x0, 0x0, 0x0) r3 = syz_open_dev$usbmon(&(0x7f0000000200), 0x5056, 0x440000) ioctl$MON_IOCQ_URB_LEN(r3, 0x9201) fadvise64(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000c00)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_ecred_reconf_req={{0x19, 0x2, 0x4}}}}, 0x11) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, &(0x7f0000000100)=0x17f, 0x4) mount$bind(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x2040000, 0x0) write(r2, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24) recvmmsg(r2, &(0x7f0000006340)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001740)=""/17, 0x11}}], 0x1, 0x0, 0x0) syz_extract_tcp_res(&(0x7f0000000080)={0x41424344, 0x41424344}, 0x0, 0x4) syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, @local, {[], {{0x0, 0x4e22, r4, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000006700), 0x0, 0x0) read$usbmon(r5, &(0x7f0000006740)=""/11, 0xb) 715.343335ms ago: executing program 2 (id=5881): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000500142603600e1208000f0000000401a80016002000014004000000035c0461c1d60008000000000000fb8000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f0f49e119c849ea6e5a0fc55e4cde205a214d6102d6dcbf33fb5ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6cc", 0xd8}], 0x1}, 0x0) 620.891271ms ago: executing program 2 (id=5882): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000600)={{{@in=@private, @in6=@private2}}, {{@in=@remote}, 0x0, @in=@local}}, &(0x7f0000000080)=0xe4) 620.362968ms ago: executing program 2 (id=5883): sched_setaffinity(0x0, 0x0, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) socket$netlink(0x10, 0x3, 0x0) chdir(&(0x7f0000000100)='./file0\x00') openat$vmci(0xffffff9c, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffd64) syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000003040)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_io_uring_setup(0x6bfa, &(0x7f00000012c0)={0x0, 0x0, 0x10100}, &(0x7f00000000c0), &(0x7f0000000140)) r1 = memfd_secret(0x0) ftruncate(r1, 0x5) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2, 0x11, r1, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, 0x0) setuid(r3) r4 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) futex(&(0x7f000000cffc), 0x0, 0x1, 0x0, &(0x7f0000048000)=0xfffffff2, 0x0) ioctl$VIDIOC_CROPCAP(r4, 0xc02c563a, &(0x7f00000000c0)={0xa}) prlimit64(0x0, 0x0, &(0x7f0000000040)={0x0, 0x200000000000}, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000e40)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000002c0)={0x800}, 0x0, 0x18}) 449.316188ms ago: executing program 0 (id=5884): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000700)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}}, 0x0) 321.218456ms ago: executing program 0 (id=5885): syz_open_dev$sndpcmc(&(0x7f0000000380), 0x0, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000009000)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) mlockall(0x7) 201.456023ms ago: executing program 1 (id=5886): r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) connect$llc(r0, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x10) sendmmsg$inet(r0, &(0x7f0000008200)=[{{&(0x7f0000005540)={0x2, 0x4e23, @private=0xa010100}, 0x10, 0x0}}, {{&(0x7f0000007c80)={0x2, 0x4e23, @private=0xa010100}, 0x10, 0x0}}], 0x2, 0x0) 198.308283ms ago: executing program 0 (id=5887): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = io_uring_setup(0x1de1, &(0x7f00000009c0)={0x0, 0x0, 0x40}) io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000000)=[@ioring_restriction_sqe_flags_required], 0x6) 80.507415ms ago: executing program 0 (id=5888): getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {0x7, r0}, [@MDBA_SET_ENTRY={0x20, 0x1, {r0, 0x0, 0x0, 0x0, {@ip4=@rand_addr=0xe0000000, 0x800}}}]}, 0x38}}, 0x0) r1 = socket(0x10, 0x803, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {0x7, r3}, [@MDBA_SET_ENTRY={0x20, 0x1, {r3, 0x0, 0x0, 0x0, {@ip4=@rand_addr=0xe0000000, 0x800}}}]}, 0x38}}, 0x0) r4 = socket(0x10, 0x803, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r5, &(0x7f0000000840)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000880)=0x40) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {0x7, r6}, [@MDBA_SET_ENTRY={0x20, 0x1, {r6, 0x0, 0x0, 0x0, {@ip4=@rand_addr=0xe0000000, 0x800}}}]}, 0x38}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000300)={'syztnl1\x00', &(0x7f0000000600)={'ip_vti0\x00', 0x0, 0x10, 0x10, 0x1, 0x8, {{0x43, 0x4, 0x0, 0x28, 0x10c, 0x64, 0x0, 0xd0, 0x4, 0x0, @loopback, @broadcast, {[@timestamp_addr={0x44, 0x34, 0x57, 0x1, 0x3, [{@remote, 0xfffffff8}, {@dev={0xac, 0x14, 0x14, 0x2d}, 0x800}, {@empty, 0x8000}, {@loopback, 0x8}, {@loopback, 0x9}, {@empty, 0x2}]}, @lsrr={0x83, 0x23, 0x99, [@multicast1, @local, @multicast2, @loopback, @local, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2]}, @timestamp_prespec={0x44, 0x3c, 0x1d, 0x3, 0x7, [{@multicast2, 0x4}, {@remote, 0x5}, {@rand_addr=0x64010100, 0x4}, {@empty, 0x1fffe00}, {@rand_addr=0x64010100, 0xffffbca4}, {@multicast1, 0x5}, {@multicast2, 0xeb}]}, @end, @generic={0x8c, 0x9, "c37ca1089bd0aa"}, @cipso={0x86, 0x28, 0x2, [{0x5, 0x10, "45ceb7134a00659ef3ff82fa63d3"}, {0x7, 0x2}, {0x7, 0x10, "6e9b4f25508720ed826270316ab5"}]}, @end, @timestamp={0x44, 0x20, 0xe6, 0x0, 0x9, [0x2, 0x4, 0x0, 0x8, 0xd4, 0x2, 0x2]}, @generic={0x86, 0xf, "9e805e0e3b829a0383be00777a"}]}}}}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000480)={'syztnl2\x00', &(0x7f0000000740)={'ip6_vti0\x00', 0x0, 0x4, 0xfe, 0x4, 0x5, 0xc, @dev={0xfe, 0x80, '\x00', 0x2c}, @local, 0xf8a8, 0x7800, 0x6, 0x3}}) sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000007c0)={&(0x7f0000000980)={0x408, 0x0, 0x400, 0x70bd29, 0x25dfdbfb, {}, [{{0x8, 0x1, r0}, {0x4}}, {{0x8, 0x1, r3}, {0xbc, 0x2, 0x0, 0x1, [{0x44, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x14, 0x4, [{0xfff, 0x0, 0x3b, 0x1a8}, {0xff, 0x9, 0x0, 0x10001}]}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x81}}}]}}, {{0x8}, {0x188, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x5c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x2c, 0x4, [{0xfff, 0x1, 0x20, 0x3}, {0x0, 0xf9, 0x1, 0x3}, {0xfffd, 0x9, 0x7}, {0x6, 0x28, 0x0, 0x1}, {0xe5de, 0x4a, 0x81, 0x7fffffff}]}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8, 0x1, r6}, {0x140, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x5}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x7, 0x3f, 0x7, 0x3}, {0x6, 0x7, 0x3f, 0x3f}, {0x8, 0x4, 0x3, 0x7ff}]}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xfff}}, {0x8, 0x6, r8}}}]}}]}, 0x408}, 0x1, 0x0, 0x0, 0x8010}, 0x80) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(r9, 0x40086602, &(0x7f0000000080)) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) write$cgroup_int(r11, &(0x7f0000000380), 0x101bf) ioctl$EXT4_IOC_MOVE_EXT(r10, 0x40305829, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0xc660}) r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000001716733ea2a76358988aed0b8d7a20c93d3400b8a60040e1d3978f8deedf2ea518f19183a528f13a96becd38952e9dda828b10a941e81d50e1ffaea0fde178bc9847ea5835eccaaebdf29fa0b26a3535023721968ab9671f8d431158483569bbc6e45d05cf6a8b9c7f1364224a37e9eb42e39479a95700f7a65fe8ca60fae3e5de1765c709140f0fb68dc5584524e90a8376426babd3b4ed6420a3cceb3a27b9b02cc607451cd7cb4a0e2a5565d00de873f7784115218fcafafa3023a323648f66dbe812b332f6107fa0f8bd2f495ddb553165ead15aa576338a7bec0cb0801a256c9b129bfc773e1ca13f08753b333a7ca07409a3746fb4bd2e455a715143d5b9ca6d18421cbb99ce086d525020ac3b61cc80e5e80fd0eda419b067d893997f1f3fef377710"], &(0x7f0000000140)='syzkaller\x00', 0x4, 0x91, &(0x7f00000008c0)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x3}, 0x10}, 0x90) r13 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_inet_SIOCSIFADDR(r13, 0x891b, &(0x7f0000000000)={'lo\x00', {0x2, 0x0, @multicast1=0xac14140a}}) pwritev(r13, &(0x7f0000000180)=[{&(0x7f00000003c0)="b0239f7ee43a775fb7613625839c64777bfbe213a746e880b2892485265bee64e4fa0c1330f6b016a2ee623ec1c172215b07c4966bc4fa76fdbf45330b9cac0cc8fa9a7b0e2a850d00c9da7fe3869f0ce1a23fb2b050cbdf0a6896c7058673dcf4f7ade322a898baced9597fa431c0fd939ad36202d798d2a7bee46a7dc231bf2c957288d68d1df1c5b013", 0x8b}, {&(0x7f00000000c0)="763ebafb531c5f4ba700217bbe47026950036ac4725ba99d31b3588563034e658ddb27086556641eb60caf8d28899316", 0x30}], 0x2, 0xc5, 0xb8f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r12}, 0x10) ioctl$EXT4_IOC_MIGRATE(r10, 0x6609) 0s ago: executing program 0 (id=5889): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x20) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000b00)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20000000}, {0x85, 0x0, 0x0, 0x72}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) kernel console output (not intermixed with test programs): 2][ T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 506.857334][ T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 506.868572][ T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 506.885160][ T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 506.904885][ T9] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 506.910067][ T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 506.916127][ T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 506.922813][ T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 506.938379][ T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 506.947345][ T9] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 506.954205][ T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt [ 506.959282][ T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 506.966339][ T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10 [ 506.981708][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.990826][ T9] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 507.004591][ T9] usb 7-1: string descriptor 0 read error: -22 [ 507.007555][ T9] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 507.013764][ T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 507.027966][ T9] adutux 7-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 507.264748][T16735] usb 7-1: Couldn't submit interrupt_out_urb -90 [ 507.270484][ T1387] usb 7-1: USB disconnect, device number 17 [ 507.790376][T16761] vlan0: entered promiscuous mode [ 507.913227][T16761] vlan0 (unregistering): left promiscuous mode [ 508.191806][T16775] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4199'. [ 508.582421][T16789] SET target dimension over the limit! [ 509.003669][T16810] Cannot find add_set index 0 as target [ 509.182429][ T39] audit: type=1800 audit(1720650113.892:2504): pid=16820 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4221" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0 [ 509.221181][ T39] audit: type=1800 audit(1720650113.932:2505): pid=16820 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4221" name="SYSV00000000" dev="hugetlbfs" ino=5 res=0 errno=0 [ 509.302847][T16822] IPVS: set_ctl: invalid protocol: 60 172.30.1.3:20003 [ 509.947265][T16843] SET target dimension over the limit! [ 510.339565][T16853] input: syz0 as /devices/virtual/input/input31 [ 511.728827][ T39] audit: type=1326 audit(1720650116.432:2506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16865 comm="syz.2.4234" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7476579 code=0x0 [ 511.773121][T16868] netlink: 'syz.0.4235': attribute type 11 has an invalid length. [ 511.779503][T16868] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4235'. [ 512.286293][T16880] sctp: [Deprecated]: syz.0.4239 (pid 16880) Use of int in maxseg socket option. [ 512.286293][T16880] Use struct sctp_assoc_value instead [ 512.573375][ T5252] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 512.791276][ T5252] usb 5-1: config 0 has an invalid interface number: 230 but max is 0 [ 512.795947][ T5252] usb 5-1: config 0 has an invalid interface number: 48 but max is 0 [ 512.800433][ T5252] usb 5-1: config 0 contains an unexpected descriptor of type 0x1, skipping [ 512.804679][ T5252] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 512.810264][ T5252] usb 5-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 512.814395][ T5252] usb 5-1: config 0 has no interface number 0 [ 512.817409][ T5252] usb 5-1: config 0 has no interface number 1 [ 512.822794][ T5252] usb 5-1: config 0 interface 230 altsetting 0 endpoint 0x4 has invalid maxpacket 1023, setting to 64 [ 512.828795][ T5252] usb 5-1: config 0 interface 230 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 14 [ 512.840001][ T5252] usb 5-1: too many endpoints for config 0 interface 48 altsetting 31: 64, using maximum allowed: 30 [ 512.845109][ T5252] usb 5-1: config 0 interface 48 altsetting 31 bulk endpoint 0xB has invalid maxpacket 1024 [ 512.850658][ T5252] usb 5-1: config 0 interface 48 altsetting 31 has a duplicate endpoint with address 0x4, skipping [ 512.855418][ T5252] usb 5-1: config 0 interface 48 altsetting 31 has an invalid descriptor for endpoint zero, skipping [ 512.862550][ T5252] usb 5-1: config 0 interface 48 altsetting 31 has a duplicate endpoint with address 0x6, skipping [ 512.868119][ T5252] usb 5-1: config 0 interface 48 altsetting 31 has 8 endpoint descriptors, different from the interface descriptor's value: 64 [ 512.871401][T16900] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4247'. [ 512.876010][ T5252] usb 5-1: config 0 interface 48 has no altsetting 0 [ 512.884395][ T5252] usb 5-1: New USB device found, idVendor=0c52, idProduct=2832, bcdDevice=fb.70 [ 512.890054][ T5252] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 512.894648][ T5252] usb 5-1: Product: syz [ 512.897202][ T5252] usb 5-1: Manufacturer: syz [ 512.900721][ T5252] usb 5-1: SerialNumber: syz [ 512.926748][ T5252] usb 5-1: config 0 descriptor?? [ 512.948747][ T5252] ftdi_sio 5-1:0.230: FTDI USB Serial Device converter detected [ 512.963108][ T5252] ftdi_sio ttyUSB0: unknown device type: 0xfb70 [ 513.247797][T16908] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4250'. [ 513.335353][T16910] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4251'. [ 514.053953][ C2] vkms_vblank_simulate: vblank timer overrun [ 514.586300][T16931] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4259'. [ 515.180329][ T5252] ftdi_sio 5-1:0.48: FTDI USB Serial Device converter detected [ 515.193025][ T5252] ftdi_sio ttyUSB1: unknown device type: 0xfb70 [ 515.201106][ T5252] usb 5-1: USB disconnect, device number 23 [ 515.206705][ T5252] ftdi_sio 5-1:0.230: device disconnected [ 515.224397][ T5252] ftdi_sio 5-1:0.48: device disconnected [ 515.762513][T16949] netlink: 'syz.2.4266': attribute type 1 has an invalid length. [ 515.768976][T16949] netlink: 'syz.2.4266': attribute type 3 has an invalid length. [ 515.783017][T16949] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4266'. [ 515.920120][T16953] syz.3.4268 (16953) used greatest stack depth: 19584 bytes left [ 516.092821][T16962] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4272'. [ 516.302428][T16975] netlink: 'syz.2.4275': attribute type 1 has an invalid length. [ 516.306007][T16975] netlink: 'syz.2.4275': attribute type 3 has an invalid length. [ 516.313862][T16975] netlink: 224 bytes leftover after parsing attributes in process `syz.2.4275'. [ 516.641928][ T1387] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 516.646503][ T1387] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0 [ 516.667291][ T1387] hid-generic 0000:0000:0000.0012: hidraw1: HID v0.00 Device [syz0] on syz1 [ 517.766433][T17010] xt_CONNSECMARK: invalid mode: 0 [ 518.250536][T17024] sd 0:0:0:0: PR command failed: 1026 [ 518.253099][T17024] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 518.261705][T17024] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 518.820580][ T5245] libceph: connect (1)[c::]:6789 error -22 [ 518.828903][ T5245] libceph: mon0 (1)[c::]:6789 connect error [ 518.969182][T17044] ceph: No mds server is up or the cluster is laggy [ 519.091811][ T5245] libceph: connect (1)[c::]:6789 error -22 [ 519.095427][ T5245] libceph: mon0 (1)[c::]:6789 connect error [ 519.257276][T17057] sd 0:0:0:0: PR command failed: 1026 [ 519.260422][T17057] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 519.264389][T17057] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 519.460494][T17067] xt_CONNSECMARK: invalid mode: 0 [ 519.874773][T17088] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4321'. [ 520.262423][T17096] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.4324'. [ 521.035587][T17109] binder: 17107:17109 unknown command 0 [ 521.040918][T17109] binder: 17107:17109 ioctl c0306201 20000a80 returned -22 [ 521.291141][T17124] netlink: 256 bytes leftover after parsing attributes in process `syz.2.4338'. [ 521.306838][T14434] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0 [ 521.318873][T14434] hid-generic 0000:0000:0000.0013: unknown main item tag 0x0 [ 521.324549][T14434] hid-generic 0000:0000:0000.0013: hidraw1: HID v0.00 Device [syz0] on syz1 [ 521.755052][T17136] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4342'. [ 521.873699][T17138] binder: 17137:17138 unknown command 0 [ 521.876517][T17138] binder: 17137:17138 ioctl c0306201 20000a80 returned -22 [ 521.923302][ T39] audit: type=1326 audit(1720650126.632:2507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17139 comm="syz.2.4344" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x0 [ 522.206056][T17147] netlink: 256 bytes leftover after parsing attributes in process `syz.1.4347'. [ 522.512500][T17155] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.4351'. [ 522.916424][T17175] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4359'. [ 523.013464][ T5245] libceph: connect (1)[c::]:6789 error -22 [ 523.016932][ T5245] libceph: mon0 (1)[c::]:6789 connect error [ 523.120625][T17194] sctp: [Deprecated]: syz.2.4363 (pid 17194) Use of int in maxseg socket option. [ 523.120625][T17194] Use struct sctp_assoc_value instead [ 523.156699][T17184] ceph: No mds server is up or the cluster is laggy [ 523.250575][T17198] input: syz0 as /devices/virtual/input/input32 [ 523.419361][T14434] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 523.606539][T14434] usb 7-1: config 0 has an invalid interface number: 230 but max is 0 [ 523.610574][T14434] usb 7-1: config 0 has an invalid interface number: 48 but max is 0 [ 523.620433][T14434] usb 7-1: config 0 contains an unexpected descriptor of type 0x1, skipping [ 523.628942][T14434] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 523.634474][T14434] usb 7-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 523.643320][T14434] usb 7-1: config 0 has no interface number 0 [ 523.648772][T14434] usb 7-1: config 0 has no interface number 1 [ 523.652152][T14434] usb 7-1: config 0 interface 230 altsetting 0 endpoint 0x4 has invalid maxpacket 1023, setting to 64 [ 523.667233][T14434] usb 7-1: config 0 interface 230 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 14 [ 523.675425][T14434] usb 7-1: too many endpoints for config 0 interface 48 altsetting 31: 64, using maximum allowed: 30 [ 523.681870][T14434] usb 7-1: config 0 interface 48 altsetting 31 bulk endpoint 0xB has invalid maxpacket 1024 [ 523.686269][T14434] usb 7-1: config 0 interface 48 altsetting 31 has a duplicate endpoint with address 0x4, skipping [ 523.692508][T14434] usb 7-1: config 0 interface 48 altsetting 31 has an invalid descriptor for endpoint zero, skipping [ 523.697954][T14434] usb 7-1: config 0 interface 48 altsetting 31 has a duplicate endpoint with address 0x6, skipping [ 523.704607][T14434] usb 7-1: config 0 interface 48 altsetting 31 has 8 endpoint descriptors, different from the interface descriptor's value: 64 [ 523.711306][T14434] usb 7-1: config 0 interface 48 has no altsetting 0 [ 523.719036][T14434] usb 7-1: New USB device found, idVendor=0c52, idProduct=2832, bcdDevice=fb.70 [ 523.724060][T14434] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 523.735128][T14434] usb 7-1: Product: syz [ 523.737531][T14434] usb 7-1: Manufacturer: syz [ 523.747694][T14434] usb 7-1: SerialNumber: syz [ 523.753567][T14434] usb 7-1: config 0 descriptor?? [ 523.759691][T14434] ftdi_sio 7-1:0.230: FTDI USB Serial Device converter detected [ 523.764683][T14434] ftdi_sio ttyUSB0: unknown device type: 0xfb70 [ 524.654074][T17250] input: syz0 as /devices/virtual/input/input33 [ 524.935101][T17254] overlayfs: failed to resolve './file0': -2 [ 525.982431][T14434] ftdi_sio 7-1:0.48: FTDI USB Serial Device converter detected [ 525.991568][T14434] ftdi_sio ttyUSB1: unknown device type: 0xfb70 [ 526.020034][T14434] usb 7-1: USB disconnect, device number 18 [ 526.035362][T14434] ftdi_sio 7-1:0.230: device disconnected [ 526.062562][T14434] ftdi_sio 7-1:0.48: device disconnected [ 526.065182][T17271] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.4399'. [ 526.615595][T17301] sctp: [Deprecated]: syz.2.4410 (pid 17301) Use of int in maxseg socket option. [ 526.615595][T17301] Use struct sctp_assoc_value instead [ 526.928329][ T5245] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 527.111006][ T5245] usb 7-1: config 0 has an invalid interface number: 230 but max is 0 [ 527.115808][ T5245] usb 7-1: config 0 has an invalid interface number: 48 but max is 0 [ 527.127185][ T5245] usb 7-1: config 0 contains an unexpected descriptor of type 0x1, skipping [ 527.134884][ T5245] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 527.142394][ T5245] usb 7-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 527.147089][ T5245] usb 7-1: config 0 has no interface number 0 [ 527.154581][ T5245] usb 7-1: config 0 has no interface number 1 [ 527.158531][ T5245] usb 7-1: config 0 interface 230 altsetting 0 endpoint 0x4 has invalid maxpacket 1023, setting to 64 [ 527.167266][ T5245] usb 7-1: config 0 interface 230 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 14 [ 527.175084][ T5245] usb 7-1: too many endpoints for config 0 interface 48 altsetting 31: 64, using maximum allowed: 30 [ 527.182576][ T5245] usb 7-1: config 0 interface 48 altsetting 31 bulk endpoint 0xB has invalid maxpacket 1024 [ 527.188123][ T5245] usb 7-1: config 0 interface 48 altsetting 31 has a duplicate endpoint with address 0x4, skipping [ 527.194387][ T5245] usb 7-1: config 0 interface 48 altsetting 31 has an invalid descriptor for endpoint zero, skipping [ 527.198991][ T5245] usb 7-1: config 0 interface 48 altsetting 31 has a duplicate endpoint with address 0x6, skipping [ 527.203828][ T5245] usb 7-1: config 0 interface 48 altsetting 31 has 8 endpoint descriptors, different from the interface descriptor's value: 64 [ 527.210029][ T5245] usb 7-1: config 0 interface 48 has no altsetting 0 [ 527.223038][ T5245] usb 7-1: New USB device found, idVendor=0c52, idProduct=2832, bcdDevice=fb.70 [ 527.228357][ T5245] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 527.233395][ T5245] usb 7-1: Product: syz [ 527.236030][ T5245] usb 7-1: Manufacturer: syz [ 527.239817][ T5245] usb 7-1: SerialNumber: syz [ 527.260627][ T5245] usb 7-1: config 0 descriptor?? [ 527.272762][ T5245] ftdi_sio 7-1:0.230: FTDI USB Serial Device converter detected [ 527.288393][ T5245] ftdi_sio ttyUSB0: unknown device type: 0xfb70 [ 527.506307][ T5210] Bluetooth: hci4: Unknown advertising packet type: 0x70 [ 527.506635][ T5210] Bluetooth: hci4: adv larger than maximum supported [ 527.512499][ T5210] Bluetooth: hci4: Malformed LE Event: 0x0d [ 527.754695][T17318] dvmrp0: entered allmulticast mode [ 528.394464][T17327] veth1_to_hsr: entered promiscuous mode [ 528.418118][T17327] veth1_to_hsr: left promiscuous mode [ 529.553957][ T5245] ftdi_sio 7-1:0.48: FTDI USB Serial Device converter detected [ 529.568412][ T5245] ftdi_sio ttyUSB1: unknown device type: 0xfb70 [ 529.614925][ T5245] usb 7-1: USB disconnect, device number 19 [ 529.645202][ T5245] ftdi_sio 7-1:0.230: device disconnected [ 529.661490][ T5245] ftdi_sio 7-1:0.48: device disconnected [ 530.282269][T17374] sctp: [Deprecated]: syz.3.4437 (pid 17374) Use of int in maxseg socket option. [ 530.282269][T17374] Use struct sctp_assoc_value instead [ 530.392822][T17377] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 530.484475][T17380] netlink: 'syz.0.4442': attribute type 1 has an invalid length. [ 530.622789][T17380] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 530.630856][T17380] bond1: (slave batadv1): Enslaving as a backup interface with an up link [ 530.768383][ T39] audit: type=1326 audit(1720650135.472:2508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17393 comm="syz.2.4447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 530.787709][ T39] audit: type=1326 audit(1720650135.482:2509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17393 comm="syz.2.4447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 530.807519][ T39] audit: type=1326 audit(1720650135.492:2510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17393 comm="syz.2.4447" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 530.825782][ T39] audit: type=1326 audit(1720650135.492:2511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17393 comm="syz.2.4447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 530.827226][T17380] bond1 (unregistering): (slave batadv1): Releasing backup interface [ 530.835310][ T39] audit: type=1326 audit(1720650135.492:2512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17393 comm="syz.2.4447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 530.880708][ T39] audit: type=1326 audit(1720650135.522:2513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17393 comm="syz.2.4447" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 530.903192][ T39] audit: type=1326 audit(1720650135.522:2514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17393 comm="syz.2.4447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 530.912586][ T39] audit: type=1326 audit(1720650135.522:2515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17393 comm="syz.2.4447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 530.939520][ T39] audit: type=1326 audit(1720650135.532:2516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17393 comm="syz.2.4447" exe="/syz-executor" sig=0 arch=40000003 syscall=364 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 530.993407][ T39] audit: type=1326 audit(1720650135.532:2517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17393 comm="syz.2.4447" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 531.000481][T17380] bond1 (unregistering): Released all slaves [ 531.916390][T17410] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4452'. [ 531.918938][ C2] vxcan0: j1939_tp_txtimer: 0xffff88802b08ec00: tx aborted with unknown reason: -2 [ 533.205260][ T1092] Bluetooth: Short BCSP packet [ 533.807965][T17448] netlink: 4272 bytes leftover after parsing attributes in process `syz.3.4468'. [ 533.812706][T17448] netlink: 'syz.3.4468': attribute type 1 has an invalid length. [ 533.816364][T17448] netlink: 113 bytes leftover after parsing attributes in process `syz.3.4468'. [ 534.444027][T17456] create_pit_timer: 4 callbacks suppressed [ 534.444045][T17456] kvm: requested 40228 ns i8254 timer period limited to 200000 ns [ 534.726491][ T9] kernel write not supported for file [eventfd] (pid: 9 comm: kworker/0:1) [ 535.218987][ T5210] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 535.219734][T16129] Bluetooth: hci6: command 0x1003 tx timeout [ 535.916534][T17514] netlink: 4272 bytes leftover after parsing attributes in process `syz.2.4497'. [ 535.921515][T17514] netlink: 'syz.2.4497': attribute type 1 has an invalid length. [ 535.924677][T17514] netlink: 113 bytes leftover after parsing attributes in process `syz.2.4497'. [ 536.727884][T17539] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4506'. [ 536.891505][T17555] binder: BC_ATTEMPT_ACQUIRE not supported [ 536.898459][T17555] binder: 17552:17555 ioctl c0306201 20000040 returned -22 [ 537.331087][T17581] netlink: 'syz.3.4524': attribute type 1 has an invalid length. [ 537.334547][T17581] netlink: 'syz.3.4524': attribute type 3 has an invalid length. [ 537.338144][T17581] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4524'. [ 537.343174][T17581] NCSI netlink: No device for ifindex 0 [ 538.577820][T17665] trusted_key: encrypted_key: insufficient parameters specified [ 538.913827][T17675] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4564'. [ 539.076254][T17670] IPVS: Error connecting to the multicast addr [ 539.155514][T17681] binder: BC_ATTEMPT_ACQUIRE not supported [ 539.178015][T17681] binder: 17679:17681 ioctl c0306201 20000040 returned -22 [ 539.363282][T17490] Bluetooth: hci4: link tx timeout [ 539.366423][T17490] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 539.389570][ T5217] Bluetooth: hci4: link tx timeout [ 539.391999][ T5217] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 539.408506][ T5217] Bluetooth: hci4: link tx timeout [ 539.411409][ T5217] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 539.415316][ T5217] Bluetooth: hci4: link tx timeout [ 539.417860][ T5217] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 539.422521][ T5217] Bluetooth: hci4: link tx timeout [ 539.425463][ T5217] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 539.429016][ T5217] Bluetooth: hci4: link tx timeout [ 539.430990][ T5217] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 539.582786][T17709] binder: BC_ATTEMPT_ACQUIRE not supported [ 539.588489][T17709] binder: 17707:17709 ioctl c0306201 20000040 returned -22 [ 540.099189][T17722] netlink: 'syz.2.4583': attribute type 1 has an invalid length. [ 540.208072][T17725] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 540.222695][T17725] bond1: (slave batadv1): Enslaving as a backup interface with an up link [ 540.270765][T17730] trusted_key: encrypted_key: insufficient parameters specified [ 540.357674][T17722] bond1 (unregistering): (slave batadv1): Releasing backup interface [ 540.370983][T17722] bond1 (unregistering): Released all slaves [ 540.772844][T17735] IPVS: Error connecting to the multicast addr [ 541.043391][ T39] kauditd_printk_skb: 12 callbacks suppressed [ 541.043410][ T39] audit: type=1326 audit(1720650145.742:2530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17747 comm="syz.1.4592" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7417579 code=0x0 [ 541.464316][ T5217] Bluetooth: hci4: command 0x0406 tx timeout [ 542.293618][T17771] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4601'. [ 542.324968][T17771] 8021q: adding VLAN 0 to HW filter on device team1 [ 542.350331][T17771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4601'. [ 542.845750][T17783] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 542.976971][ T39] audit: type=1804 audit(1720650147.682:2531): pid=17783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.4607" name="/newroot/324/bus/file0" dev="overlay" ino=36575302 res=1 errno=0 [ 543.177659][T17791] tipc: Enabling of bearer rejected, failed to enable media [ 543.401765][T17791] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 543.810775][T17799] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4613'. [ 544.000190][T17807] program syz.0.4615 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 544.616307][ T5217] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 544.643152][ T5217] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 544.656614][ T5217] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 544.703279][ T5217] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 544.714070][ T5217] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 544.719135][ T5217] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 544.926860][T17832] chnl_net:caif_netlink_parms(): no params data found [ 545.061895][ T45] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.201145][T17832] bridge0: port 1(bridge_slave_0) entered blocking state [ 545.205342][T17845] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 545.215422][T17832] bridge0: port 1(bridge_slave_0) entered disabled state [ 545.224481][T17832] bridge_slave_0: entered allmulticast mode [ 545.228482][T17832] bridge_slave_0: entered promiscuous mode [ 545.321459][ T45] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.339985][T17832] bridge0: port 2(bridge_slave_1) entered blocking state [ 545.343201][T17832] bridge0: port 2(bridge_slave_1) entered disabled state [ 545.346670][T17832] bridge_slave_1: entered allmulticast mode [ 545.355009][ T39] audit: type=1804 audit(1720650150.042:2532): pid=17845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.4630" name="/newroot/177/bus/file0" dev="overlay" ino=36575302 res=1 errno=0 [ 545.377256][T17832] bridge_slave_1: entered promiscuous mode [ 545.482493][ T45] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.566323][ T39] audit: type=1326 audit(1720650150.272:2533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17858 comm="syz.3.4636" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf746a579 code=0x0 [ 545.626769][T17860] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4634'. [ 545.661895][ T45] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.679753][T17832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 545.687810][T17832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 545.866178][T17832] team0: Port device team_slave_0 added [ 545.875126][T17832] team0: Port device team_slave_1 added [ 545.976612][T17832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 545.980939][T17832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 546.006622][T17832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 546.013776][T17832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 546.044094][T17832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 546.058366][T17832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 546.242880][T17832] hsr_slave_0: entered promiscuous mode [ 546.247472][T17832] hsr_slave_1: entered promiscuous mode [ 546.253989][T17832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 546.257613][T17832] Cannot create hsr debugfs directory [ 546.288006][ T45] bridge_slave_1: left allmulticast mode [ 546.291881][ T45] bridge_slave_1: left promiscuous mode [ 546.295566][ T45] bridge0: port 2(bridge_slave_1) entered disabled state [ 546.302480][ T45] bridge_slave_0: left allmulticast mode [ 546.305107][ T45] bridge_slave_0: left promiscuous mode [ 546.307782][ T45] bridge0: port 1(bridge_slave_0) entered disabled state [ 546.739407][ T5217] Bluetooth: hci6: command tx timeout [ 547.231984][ T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 547.258906][ T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 547.301551][ T45] bond0 (unregistering): Released all slaves [ 547.430128][ T45] : left promiscuous mode [ 547.896961][T17917] netlink: 'syz.1.4653': attribute type 1 has an invalid length. [ 547.905337][T17917] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.4653'. [ 548.782359][ T45] hsr_slave_0: left promiscuous mode [ 548.821888][ T45] hsr_slave_1: left promiscuous mode [ 548.824464][ T5217] Bluetooth: hci6: command tx timeout [ 548.839614][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 548.852366][ T45] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 548.863105][ T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 548.865692][ T39] audit: type=1326 audit(1720650153.572:2534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17945 comm="syz.2.4660" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7476579 code=0x0 [ 548.888824][ T45] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 548.989999][ T45] veth1_macvtap: left promiscuous mode [ 548.992657][ T45] veth0_macvtap: left promiscuous mode [ 548.995096][ T45] veth1_vlan: left promiscuous mode [ 548.997131][ T45] veth0_vlan: left promiscuous mode [ 550.839723][T17971] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 550.899474][ T5217] Bluetooth: hci6: command tx timeout [ 550.915450][T17973] cgroup: none used incorrectly [ 551.880613][ T45] team0 (unregistering): Port device team_slave_1 removed [ 552.210535][ T45] team0 (unregistering): Port device team_slave_0 removed [ 552.989031][ T5217] Bluetooth: hci6: command tx timeout [ 553.912242][T17832] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 553.935707][T17832] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 553.955670][T17832] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 553.980989][T17832] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 554.004612][T17995] cgroup: none used incorrectly [ 554.048965][T17997] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4676'. [ 554.172624][T17832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 554.203245][T17832] 8021q: adding VLAN 0 to HW filter on device team0 [ 554.216173][ T976] bridge0: port 1(bridge_slave_0) entered blocking state [ 554.219608][ T976] bridge0: port 1(bridge_slave_0) entered forwarding state [ 554.263211][ T976] bridge0: port 2(bridge_slave_1) entered blocking state [ 554.266371][ T976] bridge0: port 2(bridge_slave_1) entered forwarding state [ 554.451683][ T45] IPVS: stop unused estimator thread 0... [ 554.533409][T17832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 554.622329][T17832] veth0_vlan: entered promiscuous mode [ 554.634926][T17832] veth1_vlan: entered promiscuous mode [ 554.667520][T17832] veth0_macvtap: entered promiscuous mode [ 554.675638][T17832] veth1_macvtap: entered promiscuous mode [ 554.710967][T17832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 554.716122][T17832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 554.720758][T17832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 554.726294][T17832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 554.732456][T17832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 554.739094][T17832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 554.746299][T17832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 554.761745][T17832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 554.771588][T17832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 554.781700][T17832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 554.786059][T17832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 554.790479][T17832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 554.794685][T17832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 554.805271][T17832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 554.814541][T17832] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 554.817704][T17832] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 554.822473][T18012] CIFS: Unable to determine destination address [ 554.823055][T17832] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 554.845047][T17832] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 554.948105][ T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 554.955530][ T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 555.030188][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 555.036489][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 555.560258][T18018] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4626'. [ 555.602022][T18022] cgroup: none used incorrectly [ 556.308441][T18039] block device autoloading is deprecated and will be removed. [ 557.074272][T18056] netlink: 44 bytes leftover after parsing attributes in process `syz.0.4701'. [ 557.148838][T18059] Unknown gid [ 557.224779][T18061] netlink: 104 bytes leftover after parsing attributes in process `syz.0.4703'. [ 557.433753][T18064] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 558.099343][T18081] tmpfs: Bad value for 'mpol' [ 558.161158][T18083] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4712'. [ 558.313449][T18087] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 558.578805][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 559.055157][T18114] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 559.368548][T18119] netlink: 500 bytes leftover after parsing attributes in process `syz.3.4726'. [ 559.605583][T18133] CIFS: Unable to determine destination address [ 560.200548][ T5217] Bluetooth: hci6: ACL packet for unknown connection handle 0 [ 560.868296][T18151] netlink: 500 bytes leftover after parsing attributes in process `syz.0.4737'. [ 561.336698][T18160] Unknown gid [ 561.613162][T18164] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 562.050331][T18176] mkiss: ax0: crc mode is auto. [ 562.178379][ T5217] Bluetooth: hci6: command tx timeout [ 562.311074][T18184] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4753'. [ 562.704651][T18197] netlink: 500 bytes leftover after parsing attributes in process `syz.2.4759'. [ 562.718732][ T827] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 562.824164][T18201] mkiss: ax0: crc mode is auto. [ 562.909800][T18205] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4763'. [ 562.945192][ T827] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 562.952517][ T827] usb 5-1: New USB device found, idVendor=046d, idProduct=1017, bcdDevice= 0.00 [ 562.956686][ T827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 562.972812][ T827] usb 5-1: config 0 descriptor?? [ 562.986469][ T827] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 563.186715][T18214] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4767'. [ 563.196685][ T5252] usb 5-1: USB disconnect, device number 24 [ 563.318325][ T1387] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 563.529432][ T1387] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 563.533002][ T1387] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 563.537417][ T1387] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 563.558318][ T1387] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 563.566019][ T1387] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 563.570951][ T1387] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 563.574560][ T1387] usb 7-1: Product: syz [ 563.576502][ T1387] usb 7-1: Manufacturer: syz [ 563.585222][ T1387] cdc_wdm 7-1:1.0: skipping garbage [ 563.588120][ T1387] cdc_wdm 7-1:1.0: skipping garbage [ 563.590964][T18224] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4772'. [ 563.594166][ T1387] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 563.598956][ T1387] cdc_wdm 7-1:1.0: Unknown control protocol [ 563.697969][T18226] mkiss: ax0: crc mode is auto. [ 563.793004][ T827] kernel read not supported for file /video7 (pid: 827 comm: kworker/2:2) [ 563.814842][ T5252] usb 7-1: USB disconnect, device number 20 [ 563.990926][T18240] loop7: detected capacity change from 0 to 16384 [ 564.283692][T18253] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4784'. [ 564.486245][T18258] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4786'. [ 564.890457][ T827] kernel read not supported for file /video7 (pid: 827 comm: kworker/2:2) [ 565.194225][T18280] Unknown gid [ 565.286253][T18284] netlink: 'syz.3.4797': attribute type 4 has an invalid length. [ 565.648031][ T35] kernel read not supported for file /video7 (pid: 35 comm: kworker/3:0) [ 566.138715][T18308] trusted_key: encrypted_key: hex blob is missing [ 566.352677][ T39] audit: type=1804 audit(1720650171.062:2535): pid=18292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.4799" name="/newroot/365/bus/file0" dev="overlay" ino=1978 res=1 errno=0 [ 566.377884][T18312] netlink: 'syz.0.4809': attribute type 4 has an invalid length. [ 567.139754][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 567.593945][T18344] netlink: 'syz.0.4821': attribute type 4 has an invalid length. [ 567.705298][ T39] audit: type=1326 audit(1720650172.412:2536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18345 comm="syz.0.4822" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x0 [ 568.214144][ T39] audit: type=1804 audit(1720650172.912:2537): pid=18354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.4825" name="/newroot/369/bus/file0" dev="overlay" ino=2007 res=1 errno=0 [ 568.421256][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 569.211264][T18363] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4829'. [ 569.428570][T18368] netlink: 'syz.1.4831': attribute type 4 has an invalid length. [ 569.795873][T18372] netlink: 'syz.2.4833': attribute type 1 has an invalid length. [ 569.804017][T18372] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.4833'. [ 570.451698][T18388] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4841'. [ 570.635602][T18393] loop7: detected capacity change from 0 to 16384 [ 570.880753][ T39] audit: type=1326 audit(1720650175.592:2538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18398 comm="syz.2.4844" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x0 [ 570.989308][ T5217] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0 [ 570.995194][ T5217] Bluetooth: hci6: Injecting HCI hardware error event [ 571.002332][T17490] Bluetooth: hci6: hardware error 0x00 [ 571.837533][T18415] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 571.843283][T18415] overlayfs: failed to set xattr on upper [ 571.845838][T18415] overlayfs: ...falling back to redirect_dir=nofollow. [ 571.849858][T18415] overlayfs: ...falling back to index=off. [ 571.852702][T18415] overlayfs: ...falling back to uuid=null. [ 571.898017][T18415] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 571.981272][T18417] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4851'. [ 573.058713][T17490] Bluetooth: hci6: Opcode 0x0c03 failed: -110 [ 573.094393][T18438] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4859'. [ 573.607115][T18449] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 573.610342][T18449] overlayfs: failed to set xattr on upper [ 573.612832][T18449] overlayfs: ...falling back to redirect_dir=nofollow. [ 573.615994][T18449] overlayfs: ...falling back to index=off. [ 573.627581][T18449] overlayfs: ...falling back to uuid=null. [ 573.676462][T18449] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 574.127742][ T39] audit: type=1804 audit(1720650178.832:2539): pid=18458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4867" name="/newroot/1080/bus/file0" dev="overlay" ino=5733 res=1 errno=0 [ 574.387497][T18469] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4871'. [ 574.398653][T18469] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4871'. [ 575.747655][T18522] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4895'. [ 575.752460][T18522] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4895'. [ 576.088360][ T976] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 576.281313][ T976] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 576.286315][ T976] usb 5-1: config 0 has no interfaces? [ 576.289297][ T976] usb 5-1: New USB device found, idVendor=045a, idProduct=5210, bcdDevice= 1.01 [ 576.293513][ T976] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 576.299263][ T976] usb 5-1: config 0 descriptor?? [ 576.578394][ T39] audit: type=1326 audit(1720650181.282:2540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18513 comm="syz.0.4893" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 576.585002][ T976] usb 5-1: USB disconnect, device number 25 [ 576.587971][ T39] audit: type=1326 audit(1720650181.282:2541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18513 comm="syz.0.4893" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 576.588001][ T39] audit: type=1326 audit(1720650181.282:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18513 comm="syz.0.4893" exe="/syz-executor" sig=0 arch=40000003 syscall=218 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 576.588027][ T39] audit: type=1326 audit(1720650181.282:2543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18513 comm="syz.0.4893" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 576.588051][ T39] audit: type=1326 audit(1720650181.282:2544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18513 comm="syz.0.4893" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 576.588077][ T39] audit: type=1326 audit(1720650181.282:2545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18513 comm="syz.0.4893" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 576.588102][ T39] audit: type=1326 audit(1720650181.282:2546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18513 comm="syz.0.4893" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 576.588130][ T39] audit: type=1326 audit(1720650181.292:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18513 comm="syz.0.4893" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 576.588154][ T39] audit: type=1326 audit(1720650181.292:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18513 comm="syz.0.4893" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 576.970370][T18531] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 577.652967][T18560] bridge0: trying to set multicast query interval below minimum, setting to 100 (1000ms) [ 577.934986][T18568] netlink: 64 bytes leftover after parsing attributes in process `syz.3.4912'. [ 580.671776][T18648] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4939'. [ 580.840228][T18658] tmpfs: Bad value for 'mpol' [ 581.557305][T18678] netlink: 80 bytes leftover after parsing attributes in process `syz.3.4950'. [ 581.875321][T17490] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 582.755594][T18711] netlink: 80 bytes leftover after parsing attributes in process `syz.2.4960'. [ 583.431591][T18724] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 583.434921][T18724] overlayfs: failed to set xattr on upper [ 583.438007][T18724] overlayfs: ...falling back to redirect_dir=nofollow. [ 583.468330][T18724] overlayfs: ...falling back to index=off. [ 583.471221][T18724] overlayfs: ...falling back to uuid=null. [ 583.517850][T18724] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 584.273607][T18732] program syz.3.4968 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 585.058647][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 586.856444][T18758] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 586.859713][T18758] overlayfs: failed to set xattr on upper [ 586.862471][T18758] overlayfs: ...falling back to redirect_dir=nofollow. [ 586.865663][T18758] overlayfs: ...falling back to index=off. [ 586.877275][T18758] overlayfs: ...falling back to uuid=null. [ 586.992913][T18758] infiniband Syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 587.421679][T18772] autofs: Bad value for 'uid' [ 587.426053][ T5217] Bluetooth: hci4: ACL packet for unknown connection handle 457 [ 587.949379][ T5217] Bluetooth: hci4: command 0x0406 tx timeout [ 588.614592][T18794] syz.3.4991 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 588.874801][T18813] autofs: Bad value for 'uid' [ 589.407894][T17490] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 590.017179][T17490] Bluetooth: hci4: SCO packet for unknown connection handle 201 [ 590.568316][ T35] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 590.800667][ T35] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 590.804922][ T35] usb 7-1: config 0 has no interfaces? [ 590.807194][ T35] usb 7-1: New USB device found, idVendor=045a, idProduct=5210, bcdDevice= 1.01 [ 590.818758][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 590.828168][ T35] usb 7-1: config 0 descriptor?? [ 591.062557][ T39] kauditd_printk_skb: 5 callbacks suppressed [ 591.062573][ T39] audit: type=1326 audit(1720650195.772:2554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18855 comm="syz.2.5014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 591.074862][ T35] usb 7-1: USB disconnect, device number 21 [ 591.085838][ T39] audit: type=1326 audit(1720650195.772:2555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18855 comm="syz.2.5014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 591.108320][ T39] audit: type=1326 audit(1720650195.772:2556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18855 comm="syz.2.5014" exe="/syz-executor" sig=0 arch=40000003 syscall=218 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 591.117903][ T39] audit: type=1326 audit(1720650195.772:2557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18855 comm="syz.2.5014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 591.138502][ T39] audit: type=1326 audit(1720650195.772:2558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18855 comm="syz.2.5014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 591.146924][ T39] audit: type=1326 audit(1720650195.772:2559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18855 comm="syz.2.5014" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 591.178464][ T39] audit: type=1326 audit(1720650195.772:2560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18855 comm="syz.2.5014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 591.208346][ T39] audit: type=1326 audit(1720650195.772:2561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18855 comm="syz.2.5014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 591.218090][ T39] audit: type=1326 audit(1720650195.772:2562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18855 comm="syz.2.5014" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 591.231598][ T39] audit: type=1326 audit(1720650195.772:2563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18855 comm="syz.2.5014" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7476579 code=0x7ffc0000 [ 594.380195][T18956] netlink: 'syz.2.5047': attribute type 138 has an invalid length. [ 594.385927][T18956] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5047'. [ 594.821374][T18965] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5049'. [ 595.223191][T18976] ipt_REJECT: TCP_RESET invalid for non-tcp [ 595.388325][T17490] Bluetooth: hci4: unexpected event for opcode 0x2028 [ 596.543025][T19012] ipt_REJECT: TCP_RESET invalid for non-tcp [ 596.994188][T19024] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5066'. [ 597.427925][T19038] binder: 19037:19038 ioctl c0306201 200001c0 returned -14 [ 597.991150][T19066] fuse: Bad value for 'fd' [ 598.298342][ T35] usb 5-1: new full-speed USB device number 26 using dummy_hcd [ 598.480126][ T35] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 598.485056][ T35] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 494, setting to 64 [ 598.500309][ T35] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64 [ 598.505883][ T35] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 598.515302][ T35] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 598.521068][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 598.525887][ T35] usb 5-1: SerialNumber: syz [ 598.532394][T19066] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 598.540041][T19066] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 598.544961][ T35] cdc_acm 5-1:1.0: Control and data interfaces are not separated! [ 598.594742][T19087] ipt_REJECT: TCP_RESET invalid for non-tcp [ 598.797415][ T35] cdc_acm 5-1:1.0: ttyACM0: USB ACM device [ 598.809157][ T35] usb 5-1: USB disconnect, device number 26 [ 599.721981][T19116] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5103'. [ 600.132757][T19133] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5109'. [ 600.138365][T19133] netlink: 'syz.1.5109': attribute type 30 has an invalid length. [ 600.819230][T19147] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5116'. [ 600.825992][T19147] netlink: 'syz.0.5116': attribute type 5 has an invalid length. [ 600.887430][T19153] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5116'. [ 601.025435][T19162] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5121'. [ 601.134194][ T5217] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 601.141650][ T5217] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 601.147225][ T5217] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 601.177663][ T5217] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 601.193944][ T5217] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 601.201188][ T5217] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 601.415287][T19164] chnl_net:caif_netlink_parms(): no params data found [ 601.544275][T19164] bridge0: port 1(bridge_slave_0) entered blocking state [ 601.547762][T19164] bridge0: port 1(bridge_slave_0) entered disabled state [ 601.553729][T19164] bridge_slave_0: entered allmulticast mode [ 601.557644][T19164] bridge_slave_0: entered promiscuous mode [ 601.564185][T19164] bridge0: port 2(bridge_slave_1) entered blocking state [ 601.567212][T19164] bridge0: port 2(bridge_slave_1) entered disabled state [ 601.572804][T19164] bridge_slave_1: entered allmulticast mode [ 601.576424][T19164] bridge_slave_1: entered promiscuous mode [ 601.646403][T19164] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 601.653709][T19164] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 601.724425][T19164] team0: Port device team_slave_0 added [ 601.729847][T19164] team0: Port device team_slave_1 added [ 601.802213][T19164] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 601.805777][T19164] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 601.817871][T19164] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 601.824758][T19164] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 601.829409][T19164] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 601.857237][T19164] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 601.948805][T19164] hsr_slave_0: entered promiscuous mode [ 601.967073][T19164] hsr_slave_1: entered promiscuous mode [ 601.971799][T19164] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 601.974937][T19164] Cannot create hsr debugfs directory [ 602.073028][T19181] veth1_macvtap: left promiscuous mode [ 602.075525][T19181] macsec0: entered allmulticast mode [ 602.125142][T19184] veth1_macvtap: entered promiscuous mode [ 602.127810][T19184] veth1_macvtap: entered allmulticast mode [ 602.675436][T19164] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 602.853264][T19164] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 602.902904][T19203] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5132'. [ 602.976570][T19164] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 603.140445][T19164] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 603.312514][ T5217] Bluetooth: hci5: command tx timeout [ 603.336044][T19164] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 603.391088][T19164] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 603.418129][T19164] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 603.426009][T19164] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 603.579061][T19164] 8021q: adding VLAN 0 to HW filter on device bond0 [ 603.597315][T19164] 8021q: adding VLAN 0 to HW filter on device team0 [ 603.608798][ T827] bridge0: port 1(bridge_slave_0) entered blocking state [ 603.612694][ T827] bridge0: port 1(bridge_slave_0) entered forwarding state [ 603.630140][ T827] bridge0: port 2(bridge_slave_1) entered blocking state [ 603.633637][ T827] bridge0: port 2(bridge_slave_1) entered forwarding state [ 604.082836][T19164] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 604.117330][ T5217] Bluetooth: hci4: ISO packet for unknown connection handle 0 [ 604.266080][T19164] veth0_vlan: entered promiscuous mode [ 604.287606][T19164] veth1_vlan: entered promiscuous mode [ 604.352860][T19164] veth0_macvtap: entered promiscuous mode [ 604.371848][T19164] veth1_macvtap: entered promiscuous mode [ 604.405458][T19222] veth1_macvtap: left promiscuous mode [ 604.409052][T19222] macsec0: entered allmulticast mode [ 604.434975][T19164] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 604.470186][T19164] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 604.477207][T19164] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 604.485496][T19164] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 604.490383][T19164] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 604.495866][T19164] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 604.502072][T19164] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 604.506811][T19164] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 604.515720][T19164] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 604.527507][T19222] veth1_macvtap: entered promiscuous mode [ 604.577747][T19222] veth1_macvtap: entered allmulticast mode [ 604.621265][T19164] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 604.625859][T19164] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 604.638379][T19164] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 604.648353][T19164] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 604.652630][T19164] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 604.657055][T19164] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 604.663199][T19164] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 604.667807][T19164] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 604.675169][T19164] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 604.761188][T19164] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 604.798387][T19164] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 604.802653][T19164] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 604.806639][T19164] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 605.004497][T15993] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 605.008060][T15993] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 605.039469][ T103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 605.046274][ T103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 605.180637][T19233] random: crng reseeded on system resumption [ 605.388306][ T5217] Bluetooth: hci5: command tx timeout [ 607.464076][ T5217] Bluetooth: hci5: command tx timeout [ 608.141143][T19306] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5167'. [ 609.543771][ T5217] Bluetooth: hci5: command tx timeout [ 610.528671][ T5217] Bluetooth: hci5: ISO packet for unknown connection handle 0 [ 610.778586][T19375] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5196'. [ 610.899900][T19380] overlayfs: missing 'lowerdir' [ 610.967018][ T39] kauditd_printk_skb: 4 callbacks suppressed [ 610.967036][ T39] audit: type=1326 audit(1720650215.672:2568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19374 comm="syz.1.5196" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7417579 code=0x0 [ 614.329496][T19451] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5222'. [ 614.431003][ T39] audit: type=1326 audit(1720650219.142:2569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19450 comm="syz.0.5222" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x0 [ 614.877383][ T5217] Bluetooth: hci5: Received unexpected HCI Event 0x00 [ 615.253596][T19487] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 615.341990][ T39] audit: type=1326 audit(1720650220.052:2570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19496 comm="syz.0.5240" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 615.356249][ T39] audit: type=1326 audit(1720650220.052:2571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19496 comm="syz.0.5240" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 615.365745][ T39] audit: type=1326 audit(1720650220.052:2572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19496 comm="syz.0.5240" exe="/syz-executor" sig=0 arch=40000003 syscall=97 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 615.385564][T19501] netlink: 'syz.2.5239': attribute type 2 has an invalid length. [ 615.388759][T19501] netlink: 'syz.2.5239': attribute type 1 has an invalid length. [ 615.391686][ T39] audit: type=1326 audit(1720650220.052:2573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19496 comm="syz.0.5240" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 615.402116][ T39] audit: type=1326 audit(1720650220.052:2574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19496 comm="syz.0.5240" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 615.424784][ T39] audit: type=1326 audit(1720650220.052:2575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19496 comm="syz.0.5240" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 615.432745][ T39] audit: type=1326 audit(1720650220.052:2576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19496 comm="syz.0.5240" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 615.439808][ T39] audit: type=1326 audit(1720650220.052:2577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19496 comm="syz.0.5240" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 615.587472][T19505] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5242'. [ 616.222915][ T39] kauditd_printk_skb: 47 callbacks suppressed [ 616.222930][ T39] audit: type=1326 audit(1720650220.932:2625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19524 comm="syz.0.5250" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x0 [ 616.494759][T19534] sctp: [Deprecated]: syz.0.5250 (pid 19534) Use of int in max_burst socket option deprecated. [ 616.494759][T19534] Use struct sctp_assoc_value instead [ 616.620171][ T39] audit: type=1326 audit(1720650221.332:2626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19540 comm="syz.3.5254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x7ffc0000 [ 616.634671][ T39] audit: type=1326 audit(1720650221.332:2627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19540 comm="syz.3.5254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x7ffc0000 [ 616.650697][ T39] audit: type=1326 audit(1720650221.332:2628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19540 comm="syz.3.5254" exe="/syz-executor" sig=0 arch=40000003 syscall=97 compat=1 ip=0xf73f4579 code=0x7ffc0000 [ 616.678729][ T39] audit: type=1326 audit(1720650221.332:2629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19540 comm="syz.3.5254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x7ffc0000 [ 616.688705][ T39] audit: type=1326 audit(1720650221.332:2630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19540 comm="syz.3.5254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x7ffc0000 [ 616.707295][ T39] audit: type=1326 audit(1720650221.332:2631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19540 comm="syz.3.5254" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73f4579 code=0x7ffc0000 [ 616.718255][ T39] audit: type=1326 audit(1720650221.332:2632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19540 comm="syz.3.5254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x7ffc0000 [ 616.735119][ T39] audit: type=1326 audit(1720650221.332:2633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19540 comm="syz.3.5254" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x7ffc0000 [ 616.745626][ T39] audit: type=1326 audit(1720650221.332:2634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19540 comm="syz.3.5254" exe="/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf73f4579 code=0x7ffc0000 [ 617.061292][T19552] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5259'. [ 617.237169][T19564] netlink: 'syz.1.5260': attribute type 2 has an invalid length. [ 617.250246][T19564] netlink: 'syz.1.5260': attribute type 1 has an invalid length. [ 617.416573][T19576] netlink: 256 bytes leftover after parsing attributes in process `syz.3.5269'. [ 618.059379][ T5217] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 618.124352][ T5217] Bluetooth: hci4: unexpected event for opcode 0x202a [ 618.338860][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 618.661622][ T5217] Bluetooth: hci4: ISO packet for unknown connection handle 0 [ 618.797035][T19613] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 618.851119][ T103] bond0: (slave bond_slave_0): interface is now down [ 618.858637][ T103] bond0: (slave bond_slave_1): interface is now down [ 618.890293][ T1092] bond0: (slave bond_slave_0): interface is now down [ 618.893864][ T1092] bond0: (slave bond_slave_1): interface is now down [ 618.936947][ T103] bond0: (slave bond_slave_0): interface is now down [ 618.940162][ T103] bond0: (slave bond_slave_1): interface is now down [ 618.955416][ T103] bond0: now running without any active interface! [ 619.247680][T19622] netlink: 'syz.2.5287': attribute type 1 has an invalid length. [ 619.842732][T19639] netlink: 'syz.2.5296': attribute type 1 has an invalid length. [ 619.971467][T19643] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5297'. [ 620.522333][T19651] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 620.536775][T19651] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 621.118587][ T5252] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 621.238712][ T39] kauditd_printk_skb: 81 callbacks suppressed [ 621.238729][ T39] audit: type=1326 audit(1720650225.952:2716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19666 comm="syz.0.5305" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 621.252787][ T39] audit: type=1326 audit(1720650225.962:2717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19666 comm="syz.0.5305" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 621.264336][ T39] audit: type=1326 audit(1720650225.972:2718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19666 comm="syz.0.5305" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 621.300499][ T5252] usb 7-1: Using ep0 maxpacket: 32 [ 621.307281][ T5252] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 621.313334][ T5252] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 621.323913][ T5252] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 621.379426][ T5252] usb 7-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 621.384091][ T5252] usb 7-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 621.406433][ T5252] usb 7-1: Product: syz [ 621.409094][ T5252] usb 7-1: Manufacturer: syz [ 621.412496][ T5252] usb 7-1: SerialNumber: syz [ 621.423619][ T5252] input: appletouch as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/input/input35 [ 621.424093][T19675] program syz.3.5309 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 621.448438][ T39] audit: type=1800 audit(1720650226.152:2719): pid=19678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.5307" name="/" dev="fuse" ino=1 res=0 errno=0 [ 621.531639][T19680] ALSA: mixer_oss: invalid OSS volume '' [ 621.654317][ C3] vkms_vblank_simulate: vblank timer overrun [ 621.695438][ T30] usb 7-1: USB disconnect, device number 22 [ 621.718013][ T30] appletouch 7-1:1.0: input: appletouch disconnected [ 622.490326][T19701] team0: Port device macvlan1 added [ 623.165716][T19740] team0: Port device macvlan1 added [ 623.171916][T19741] dlm: no local IP address has been set [ 623.175680][T19741] dlm: cannot start dlm midcomms -107 [ 623.825740][T19761] dlm: no local IP address has been set [ 623.830831][T19761] dlm: cannot start dlm midcomms -107 [ 624.000399][T19772] team0: Port device macvlan1 added [ 624.067183][T19776] loop7: detected capacity change from 0 to 16384 [ 624.110861][T19778] syzkaller1: entered promiscuous mode [ 624.113692][T19778] syzkaller1: entered allmulticast mode [ 624.297177][T19776] I/O error, dev loop7, sector 4352 op 0x0:(READ) flags 0x80700 phys_seg 16 prio class 0 [ 624.307423][T19779] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 624.313411][T19779] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 624.892621][ T39] audit: type=1800 audit(1720650229.602:2720): pid=19829 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.5362" name="/" dev="fuse" ino=1 res=0 errno=0 [ 625.467617][T19856] syzkaller0: entered promiscuous mode [ 625.471010][T19856] syzkaller0: entered allmulticast mode [ 628.123703][T19876] loop7: detected capacity change from 0 to 16384 [ 628.248141][ T69] I/O error, dev loop7, sector 256 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 628.261852][ T69] Buffer I/O error on dev loop7, logical block 32, lost async page write [ 628.293253][T19876] I/O error, dev loop7, sector 5376 op 0x0:(READ) flags 0x80700 phys_seg 20 prio class 0 [ 628.297982][T19877] I/O error, dev loop7, sector 264 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 628.302409][T19877] Buffer I/O error on dev loop7, logical block 33, lost async page write [ 628.768093][T19883] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5389'. [ 628.776842][T19883] netlink: 173 bytes leftover after parsing attributes in process `syz.3.5389'. [ 629.106151][T19913] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5403'. [ 629.107528][T19907] syzkaller0: entered promiscuous mode [ 629.113917][T19907] syzkaller0: entered allmulticast mode [ 629.129551][T19913] netlink: 173 bytes leftover after parsing attributes in process `syz.2.5403'. [ 629.872526][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 632.405596][T19928] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5409'. [ 632.450801][T19929] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5409'. [ 632.604758][T19955] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma? [ 633.068589][ T827] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 633.258406][ T827] usb 7-1: Using ep0 maxpacket: 32 [ 633.265792][ T827] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 633.270696][ T827] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 633.274661][ T827] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 633.282807][ T827] usb 7-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22 [ 633.286370][ T827] usb 7-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131 [ 633.289454][ T827] usb 7-1: Product: syz [ 633.291501][ T827] usb 7-1: Manufacturer: syz [ 633.294111][ T827] usb 7-1: SerialNumber: syz [ 633.312531][ T827] input: appletouch as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/input/input37 [ 633.630701][ T1387] usb 7-1: USB disconnect, device number 23 [ 633.685325][ T1387] appletouch 7-1:1.0: input: appletouch disconnected [ 633.756480][T19976] x_tables: ip_tables: osf match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT/FORWARD [ 633.759021][T19978] Malformed UNC in devname [ 633.759021][T19978] [ 633.764597][T19978] CIFS: VFS: Malformed UNC in devname [ 634.260449][T19997] pic_ioport_write: 59 callbacks suppressed [ 634.260474][T19997] kvm: pic: level sensitive irq not supported [ 634.265326][T19997] kvm: pic: single mode not supported [ 634.268128][T19997] kvm: pic: level sensitive irq not supported [ 634.287082][T19997] kvm: pic: level sensitive irq not supported [ 634.313104][T19997] kvm: pic: level sensitive irq not supported [ 634.316837][T19997] kvm: pic: single mode not supported [ 634.328941][ T1092] Bluetooth: (null): Invalid header checksum [ 634.333956][ T12] Bluetooth: (null): Invalid header checksum [ 635.068649][T20028] input: syz1 as /devices/virtual/input/input38 [ 635.151366][T20028] vti0: entered allmulticast mode [ 635.658938][ T74] Bluetooth: (null): Invalid header checksum [ 635.662426][ T74] Bluetooth: (null): Invalid header checksum [ 635.698407][T20048] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5463'. [ 635.765557][T20048] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5463'. [ 636.165364][ T5217] Bluetooth: hci4: ACL packet for unknown connection handle 201 [ 636.450621][T20068] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5472'. [ 636.554592][T20068] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5472'. [ 636.878639][ T45] Bluetooth: (null): Invalid header checksum [ 636.896090][ T45] Bluetooth: (null): Invalid header checksum [ 637.004778][T20091] kvm: pic: level sensitive irq not supported [ 637.005218][T20091] kvm: pic: single mode not supported [ 637.008037][T20091] kvm: pic: level sensitive irq not supported [ 637.023938][T20091] kvm: pic: level sensitive irq not supported [ 637.048994][T20091] kvm: pic: level sensitive irq not supported [ 637.052997][T20091] kvm: pic: single mode not supported [ 637.366501][T20104] loop7: detected capacity change from 0 to 16384 [ 637.497174][ T69] I/O error, dev loop7, sector 128 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 637.502355][ T69] Buffer I/O error on dev loop7, logical block 16, lost async page write [ 637.582987][T20114] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma? [ 637.629987][T20104] I/O error, dev loop7, sector 5632 op 0x0:(READ) flags 0x80700 phys_seg 10 prio class 0 [ 637.631321][T20107] I/O error, dev loop7, sector 136 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 637.649825][T20107] Buffer I/O error on dev loop7, logical block 17, lost async page write [ 637.858600][ T35] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 638.048304][ T35] usb 5-1: Using ep0 maxpacket: 32 [ 638.053234][ T35] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 638.057298][ T35] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 638.062168][ T35] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 638.066107][ T35] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 638.070983][ T35] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8 [ 638.077433][ T35] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 638.081176][ T35] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 638.084774][ T35] usb 5-1: Product: syz [ 638.086740][ T35] usb 5-1: Manufacturer: syz [ 638.089875][ T35] usb 5-1: SerialNumber: syz [ 638.371507][ T35] cdc_ncm 5-1:1.0: bind() failure [ 638.390778][ T35] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found [ 638.393582][ T35] cdc_ncm 5-1:1.1: bind() failure [ 638.405509][ T35] usb 5-1: USB disconnect, device number 27 [ 639.209919][T20146] kvm: pic: level sensitive irq not supported [ 639.210351][T20146] kvm: pic: single mode not supported [ 639.212997][T20146] kvm: pic: level sensitive irq not supported [ 639.283076][T20146] pic_ioport_write: 1 callbacks suppressed [ 639.283096][T20146] kvm: pic: level sensitive irq not supported [ 639.295489][T20146] kvm: pic: single mode not supported [ 640.252345][T20160] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma? [ 640.762865][T20170] kvm: pic: level sensitive irq not supported [ 640.763242][T20170] kvm: pic: single mode not supported [ 640.765977][T20170] kvm: pic: level sensitive irq not supported [ 640.790992][T20170] kvm: pic: level sensitive irq not supported [ 640.855598][T20170] kvm: pic: level sensitive irq not supported [ 640.860416][T20170] kvm: pic: single mode not supported [ 640.867421][T20182] openvswitch: netlink: Key type 16156 is out of range max 32 [ 641.028547][T20179] overlay: Bad value for 'redirect_dir' [ 643.146615][T20205] kvm: pic: level sensitive irq not supported [ 643.147050][T20205] kvm: pic: single mode not supported [ 643.150057][T20205] kvm: pic: level sensitive irq not supported [ 643.175932][T20205] kvm: pic: level sensitive irq not supported [ 643.213567][T20205] kvm: pic: level sensitive irq not supported [ 643.218655][T20205] kvm: pic: single mode not supported [ 643.534887][ T39] audit: type=1326 audit(1720650248.242:2721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20217 comm="syz.0.5533" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x0 [ 643.746282][T20221] Invalid ELF section header overflow [ 644.278489][T20239] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5542'. [ 644.448306][ T30] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 644.484586][T20243] kvm: pic: level sensitive irq not supported [ 644.485035][T20243] kvm: pic: single mode not supported [ 644.487515][T20243] kvm: pic: level sensitive irq not supported [ 644.514256][T20243] kvm: pic: level sensitive irq not supported [ 644.611597][T20243] kvm: pic: level sensitive irq not supported [ 644.614385][T20243] kvm: pic: single mode not supported [ 644.628365][ T30] usb 7-1: Using ep0 maxpacket: 32 [ 644.646219][ T30] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 644.650628][ T30] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 644.654425][ T30] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 644.659249][ T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 644.663495][ T30] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 644.667852][ T30] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 644.674457][ T30] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 644.680055][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 644.687187][ T30] usb 7-1: config 0 descriptor?? [ 644.729601][T20259] xt_NFQUEUE: number of total queues is 0 [ 644.836949][T20263] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 644.907784][ T30] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 24 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 644.917946][ T30] usb 7-1: USB disconnect, device number 24 [ 644.930952][ T30] usblp0: removed [ 645.195272][T20282] xt_NFQUEUE: number of total queues is 0 [ 645.362251][T20290] openvswitch: netlink: Key type 16156 is out of range max 32 [ 645.488350][ T30] usb 7-1: new high-speed USB device number 25 using dummy_hcd [ 645.566929][T20285] overlay: Bad value for 'redirect_dir' [ 645.678646][ T30] usb 7-1: Using ep0 maxpacket: 32 [ 645.684966][ T30] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 645.713432][ T30] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 645.738390][ T30] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 645.757014][ T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 645.772018][ T30] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 645.783770][ T30] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 645.796473][ T30] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 645.809838][ T30] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 645.821062][ T30] usb 7-1: config 0 descriptor?? [ 646.038511][ T35] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 646.048438][T20233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 646.052955][T20233] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 646.053970][ T30] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 25 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 646.249157][ T35] usb 5-1: Using ep0 maxpacket: 16 [ 646.258298][ T35] usb 5-1: config 1 has an invalid descriptor of length 115, skipping remainder of the config [ 646.262828][ T35] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 646.266294][ T35] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 646.291507][ T35] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 646.295180][ T35] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 646.300496][ T35] usb 5-1: Product: syz [ 646.302404][ T35] usb 5-1: Manufacturer: syz [ 646.304477][ T35] usb 5-1: SerialNumber: syz [ 646.320375][ T35] usb 5-1: selecting invalid altsetting 1 [ 646.579509][T20289] netlink: 'syz.0.5563': attribute type 10 has an invalid length. [ 646.612197][T20289] batman_adv: batadv0: Adding interface: team0 [ 646.628316][T20289] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 646.648753][T20289] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 646.668482][T20293] netlink: 'syz.0.5563': attribute type 10 has an invalid length. [ 646.671990][T20293] netlink: 2 bytes leftover after parsing attributes in process `syz.0.5563'. [ 646.677280][T20293] team0: entered promiscuous mode [ 646.680468][T20293] team_slave_0: entered promiscuous mode [ 646.691191][T20293] team_slave_1: entered promiscuous mode [ 646.700672][T20293] macvlan1: entered promiscuous mode [ 646.714553][T20293] 8021q: adding VLAN 0 to HW filter on device team0 [ 646.728769][T20293] batman_adv: batadv0: Interface activated: team0 [ 646.738504][T20293] batman_adv: batadv0: Interface deactivated: team0 [ 646.749381][T20293] batman_adv: batadv0: Removing interface: team0 [ 646.766355][T20293] bridge0: port 3(team0) entered blocking state [ 646.778637][T20293] bridge0: port 3(team0) entered disabled state [ 646.788653][T20293] team0: entered allmulticast mode [ 646.790816][T20293] team_slave_0: entered allmulticast mode [ 646.800590][T20293] team_slave_1: entered allmulticast mode [ 646.808421][T20293] macvlan1: entered allmulticast mode [ 646.830556][T20293] bridge0: port 3(team0) entered blocking state [ 646.833222][T20293] bridge0: port 3(team0) entered forwarding state [ 646.896281][ T35] cdc_ncm 5-1:1.0: bind() failure [ 646.913502][ T35] usb 5-1: USB disconnect, device number 28 [ 647.186163][ T5252] usb 7-1: USB disconnect, device number 25 [ 647.191606][ T5252] usblp0: removed [ 647.335941][T20317] tun0: tun_chr_ioctl cmd 1074025675 [ 647.343029][T20317] tun0: persist disabled [ 648.007525][T20336] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 649.039360][T20366] syzkaller1: left promiscuous mode [ 649.045679][T20366] syzkaller1: left allmulticast mode [ 649.234481][T20371] openvswitch: netlink: Key type 16156 is out of range max 32 [ 649.401822][T20369] overlay: Bad value for 'redirect_dir' [ 650.228395][ T35] usb 7-1: new high-speed USB device number 26 using dummy_hcd [ 650.408309][ T35] usb 7-1: Using ep0 maxpacket: 32 [ 650.414111][ T35] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 650.419409][ T35] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 650.425642][ T35] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 650.433254][ T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 650.438828][ T35] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 650.445165][ T35] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 650.471970][ T35] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 650.475798][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 650.481345][ T35] usb 7-1: config 0 descriptor?? [ 650.749021][ T35] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 26 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 650.763025][ T35] usb 7-1: USB disconnect, device number 26 [ 650.774472][ T35] usblp0: removed [ 651.308911][ T35] usb 7-1: new high-speed USB device number 27 using dummy_hcd [ 651.489237][ T35] usb 7-1: Using ep0 maxpacket: 32 [ 651.493693][ T35] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 651.497390][ T35] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 651.518385][ T35] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 651.522577][ T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 651.539012][ T35] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 651.543859][ T35] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 651.558543][ T35] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 651.567526][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 651.581451][ T35] usb 7-1: config 0 descriptor?? [ 651.840468][T20374] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 651.848702][T20374] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 651.848813][ T35] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 27 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 652.213674][T20410] overlayfs: metacopy file 'file0' has too small xattr [ 652.978150][ T827] usb 7-1: USB disconnect, device number 27 [ 652.987881][ T827] usblp0: removed [ 653.097414][T20430] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 653.558799][ T35] usb 7-1: new high-speed USB device number 28 using dummy_hcd [ 653.758319][ T35] usb 7-1: Using ep0 maxpacket: 32 [ 653.765793][ T35] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 653.774949][ T35] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 653.787069][ T35] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 653.791873][ T35] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=9 [ 653.800255][ T35] usb 7-1: Product: syz [ 653.805129][ T35] usb 7-1: Manufacturer: syz [ 653.809933][ T35] usb 7-1: SerialNumber: syz [ 654.096010][ T35] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 28 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 654.356524][ T35] usb 7-1: USB disconnect, device number 28 [ 654.372294][ T35] usblp0: removed [ 654.774328][T20460] overlayfs: metacopy file 'file0' has too small xattr [ 654.838346][ T976] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 655.038328][ T976] usb 5-1: Using ep0 maxpacket: 32 [ 655.058588][ T976] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 655.062553][ T976] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 655.066133][ T976] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 655.070664][ T976] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 655.075277][ T976] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 655.079751][ T976] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 655.085569][ T976] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 655.095407][ T976] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 655.102351][ T976] usb 5-1: config 0 descriptor?? [ 655.349021][ T976] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 29 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 655.367868][ T976] usb 5-1: USB disconnect, device number 29 [ 655.398941][ T976] usblp0: removed [ 655.948387][ T976] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 656.079445][ T35] usb 7-1: new high-speed USB device number 29 using dummy_hcd [ 656.138401][ T976] usb 5-1: Using ep0 maxpacket: 32 [ 656.168617][ T976] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 656.176069][ T976] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 656.202773][ T976] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 656.224640][ T976] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 656.230178][ T976] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 656.234793][ T976] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 656.240521][ T976] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 656.244995][ T976] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 656.259074][ T976] usb 5-1: config 0 descriptor?? [ 656.321461][ T35] usb 7-1: Using ep0 maxpacket: 16 [ 656.329889][ T35] usb 7-1: config 1 has an invalid descriptor of length 115, skipping remainder of the config [ 656.335281][ T35] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 656.342623][ T35] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 656.353230][ T35] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 656.357398][ T35] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 656.361699][ T35] usb 7-1: Product: syz [ 656.363685][ T35] usb 7-1: Manufacturer: syz [ 656.365782][ T35] usb 7-1: SerialNumber: syz [ 656.383431][ T35] usb 7-1: selecting invalid altsetting 1 [ 656.507340][T20457] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 656.507857][ T976] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 30 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 656.512316][T20457] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 656.609216][T20487] netlink: 'syz.2.5630': attribute type 10 has an invalid length. [ 656.626591][T20487] batman_adv: batadv0: Adding interface: team0 [ 656.629572][T20487] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 656.642451][T20487] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 656.664914][T20487] netlink: 'syz.2.5630': attribute type 10 has an invalid length. [ 656.669467][T20487] netlink: 2 bytes leftover after parsing attributes in process `syz.2.5630'. [ 656.673965][T20487] team0: entered promiscuous mode [ 656.676451][T20487] team_slave_0: entered promiscuous mode [ 656.680207][T20487] team_slave_1: entered promiscuous mode [ 656.693974][T20487] macvlan1: entered promiscuous mode [ 656.699873][T20487] 8021q: adding VLAN 0 to HW filter on device team0 [ 656.703367][T20487] batman_adv: batadv0: Interface activated: team0 [ 656.706533][T20487] batman_adv: batadv0: Interface deactivated: team0 [ 656.715626][T20487] batman_adv: batadv0: Removing interface: team0 [ 656.730288][T20487] bridge0: port 3(team0) entered blocking state [ 656.733290][T20487] bridge0: port 3(team0) entered disabled state [ 656.736342][T20487] team0: entered allmulticast mode [ 656.739317][T20487] team_slave_0: entered allmulticast mode [ 656.742040][T20487] team_slave_1: entered allmulticast mode [ 656.744628][T20487] macvlan1: entered allmulticast mode [ 656.746955][T20487] veth1_vlan: entered allmulticast mode [ 656.752261][T20487] bridge0: port 3(team0) entered blocking state [ 656.755046][T20487] bridge0: port 3(team0) entered forwarding state [ 656.777827][ T35] cdc_ncm 7-1:1.0: bind() failure [ 656.787941][ T35] usb 7-1: USB disconnect, device number 29 [ 657.640346][ T1387] usb 5-1: USB disconnect, device number 30 [ 657.648069][ T1387] usblp0: removed [ 657.712549][T20545] rtc_cmos 00:05: Alarms can be up to one day in the future [ 657.813966][T20552] openvswitch: netlink: Flow key attr not present in new flow. [ 658.236105][T20540] rtc_cmos 00:05: Alarms can be up to one day in the future [ 658.535573][T20591] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 659.130166][ C2] hpet: Lost 1 RTC interrupts [ 659.229807][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 659.251423][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 659.256683][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 659.272002][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 659.293754][ T827] rtc rtc0: __rtc_set_alarm: err=-22 [ 659.347092][T20613] rtc_cmos 00:05: Alarms can be up to one day in the future [ 659.422608][ C2] hpet: Lost 1 RTC interrupts [ 659.518174][ C2] hpet: Lost 1 RTC interrupts [ 659.956209][T20609] rtc_cmos 00:05: Alarms can be up to one day in the future [ 660.122970][T20633] ceph: No source [ 660.487249][T20656] qrtr: Invalid version 48 [ 660.493588][T20656] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5687'. [ 660.515461][T20656] loop0: detected capacity change from 0 to 7 [ 660.526531][T20656] Dev loop0: unable to read RDB block 7 [ 660.530816][T20656] loop0: unable to read partition table [ 660.533670][T20656] loop0: partition table beyond EOD, truncated [ 660.537491][T20656] loop_reread_partitions: partition scan of loop0 (被xڬdƤݡ [ 660.537491][T20656] ) failed (rc=-5) [ 660.553519][ T5217] Bluetooth: hci4: unexpected event for opcode 0x200f [ 660.864144][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 660.879102][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 660.883747][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 660.889641][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 660.899565][ T827] rtc rtc0: __rtc_set_alarm: err=-22 [ 660.977771][T20670] cgroup: Unknown subsys name 'fowner>00000000000000000000' [ 661.653783][T20708] ceph: No source [ 661.708512][ T35] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 661.888332][ T35] usb 5-1: Using ep0 maxpacket: 32 [ 661.903972][ T35] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 661.907859][ T35] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 661.912053][ T35] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 661.915635][ T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 661.919954][ T35] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 661.923721][ T35] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 661.928989][ T35] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 661.932756][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 661.937986][ T35] usb 5-1: config 0 descriptor?? [ 662.130323][T20717] qrtr: Invalid version 48 [ 662.146432][T20717] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5715'. [ 662.172380][ T35] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 31 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 662.187721][ T35] usb 5-1: USB disconnect, device number 31 [ 662.194032][ T35] usblp0: removed [ 662.201430][T20717] loop0: detected capacity change from 0 to 7 [ 662.213726][T20717] Dev loop0: unable to read RDB block 7 [ 662.217563][T20717] loop0: unable to read partition table [ 662.221106][T20717] loop0: partition table beyond EOD, truncated [ 662.227032][T20717] loop_reread_partitions: partition scan of loop0 (被xڬdƤݡ [ 662.227032][T20717] ) failed (rc=-5) [ 662.594877][ T39] audit: type=1326 audit(1720650267.302:2722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20739 comm="syz.1.5726" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7417579 code=0x7ffc0000 [ 662.606296][ T39] audit: type=1326 audit(1720650267.302:2723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20739 comm="syz.1.5726" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7417579 code=0x7ffc0000 [ 662.616446][ T39] audit: type=1326 audit(1720650267.312:2724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20739 comm="syz.1.5726" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7417579 code=0x7ffc0000 [ 662.674445][ T39] audit: type=1326 audit(1720650267.312:2725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20739 comm="syz.1.5726" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7417579 code=0x7ffc0000 [ 662.685521][ T39] audit: type=1326 audit(1720650267.312:2726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20739 comm="syz.1.5726" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7417579 code=0x7ffc0000 [ 662.699638][ T39] audit: type=1326 audit(1720650267.322:2727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20739 comm="syz.1.5726" exe="/syz-executor" sig=0 arch=40000003 syscall=368 compat=1 ip=0xf7417579 code=0x7ffc0000 [ 662.702105][T20745] ptrace attach of "/syz-executor exec"[16127] was attempted by ""[20745] [ 662.718734][ T39] audit: type=1326 audit(1720650267.322:2728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20739 comm="syz.1.5726" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7417579 code=0x7ffc0000 [ 662.828376][ T35] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 662.868462][T20743] qrtr: Invalid version 48 [ 662.882836][T20743] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5727'. [ 662.921529][T20743] loop0: detected capacity change from 0 to 7 [ 662.938433][T20743] Dev loop0: unable to read RDB block 7 [ 662.941055][T20743] loop0: unable to read partition table [ 662.958628][T20743] loop0: partition table beyond EOD, truncated [ 662.961549][T20743] loop_reread_partitions: partition scan of loop0 (被xڬdƤݡ [ 662.961549][T20743] ) failed (rc=-5) [ 663.010742][ T35] usb 5-1: Using ep0 maxpacket: 32 [ 663.015560][ T35] usb 5-1: config index 0 descriptor too short (expected 29220, got 36) [ 663.019969][ T35] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 663.024125][ T35] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 663.028085][ T35] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 663.032604][ T35] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 663.045679][ T35] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 663.051298][ T35] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 663.054979][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 663.061625][ T35] usb 5-1: config 0 descriptor?? [ 663.189551][T20763] sp0: Synchronizing with TNC [ 663.206522][T20762] [U] ` [ 663.294726][ T35] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 32 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 663.294844][T20699] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 663.306428][T20699] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 663.372291][T20769] ptrace attach of "/syz-executor exec"[16127] was attempted by ""[20769] [ 663.652386][ T30] usb 5-1: USB disconnect, device number 32 [ 663.664014][ T30] usblp0: removed [ 663.967169][T20794] sp0: Synchronizing with TNC [ 664.003740][T20793] [U] ` [ 664.361179][T20808] cgroup: Unknown subsys name 'fowner>00000000000000000000' [ 664.578848][ T5217] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 664.594028][ T5217] Bluetooth: hci4: Injecting HCI hardware error event [ 664.600122][ T5217] Bluetooth: hci4: hardware error 0x00 [ 664.696345][T20818] qrtr: Invalid version 48 [ 664.700875][T20818] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5758'. [ 664.749888][T20818] loop0: detected capacity change from 0 to 7 [ 664.757807][T20818] Dev loop0: unable to read RDB block 7 [ 664.764034][T20823] sp0: Synchronizing with TNC [ 664.765600][T20818] loop0: unable to read partition table [ 664.791121][T20822] [U] ` [ 664.850613][T20818] loop0: partition table beyond EOD, truncated [ 664.854918][T20818] loop_reread_partitions: partition scan of loop0 (被xڬdƤݡ [ 664.854918][T20818] ) failed (rc=-5) [ 665.330189][T20834] rtc_cmos 00:05: Alarms can be up to one day in the future [ 665.499319][T20836] cgroup: Unknown subsys name 'fowner>00000000000000000000' [ 665.971932][T20843] netlink: 'syz.0.5767': attribute type 12 has an invalid length. [ 665.976138][T20843] netlink: 'syz.0.5767': attribute type 29 has an invalid length. [ 665.980029][T20843] netlink: 'syz.0.5767': attribute type 2 has an invalid length. [ 665.983747][T20843] netlink: 'syz.0.5767': attribute type 2 has an invalid length. [ 665.988095][T20843] netlink: 'syz.0.5767': attribute type 1 has an invalid length. [ 665.992460][T20843] netlink: 'syz.0.5767': attribute type 37 has an invalid length. [ 665.995666][T20843] netlink: 'syz.0.5767': attribute type 2 has an invalid length. [ 665.999131][T20843] bridge0: port 1(bridge_slave_0) entered disabled state [ 666.013719][T20832] rtc_cmos 00:05: Alarms can be up to one day in the future [ 666.171198][T20848] sp0: Synchronizing with TNC [ 666.209278][T20847] [U] ` [ 666.258576][T17490] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 666.267300][T17490] Bluetooth: hci5: Injecting HCI hardware error event [ 666.274077][ T5210] Bluetooth: hci5: hardware error 0x00 [ 666.538597][T20862] openvswitch: netlink: Key type 16156 is out of range max 32 [ 666.542612][T20865] hpfs: Bad magic ... probably not HPFS [ 666.668630][ T5217] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 666.732983][T20859] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 666.734570][T20856] overlay: Bad value for 'redirect_dir' [ 666.782876][T20859] kvm: pic: non byte read [ 666.787083][T20859] kvm: pic: level sensitive irq not supported [ 666.787547][T20859] kvm: pic: non byte read [ 666.808641][T20859] kvm: pic: level sensitive irq not supported [ 666.810856][T20859] kvm: pic: non byte read [ 666.820217][T20859] kvm: pic: level sensitive irq not supported [ 666.826068][T20859] kvm: pic: non byte read [ 666.852396][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 666.857259][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 666.884074][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 666.887954][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 666.902582][ T827] rtc rtc0: __rtc_set_alarm: err=-22 [ 667.540307][T20884] rtc_cmos 00:05: Alarms can be up to one day in the future [ 668.133764][T17490] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 668.142503][T17490] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 668.146734][T17490] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 668.160630][T17490] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 668.190789][T17490] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 668.197960][T17490] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 668.333221][T20881] rtc_cmos 00:05: Alarms can be up to one day in the future [ 668.348278][ T74] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.349604][ T5210] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 668.574740][ T74] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.727640][ T74] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 668.740404][T20904] netdevsim netdevsim2 @: renamed from netdevsim0 (while UP) [ 668.811209][T20902] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 668.835943][T20902] kvm: pic: non byte read [ 668.841283][T20902] kvm: pic: level sensitive irq not supported [ 668.842710][T20902] kvm: pic: non byte read [ 668.850985][T20902] kvm: pic: level sensitive irq not supported [ 668.851477][T20902] kvm: pic: non byte read [ 668.861193][T20902] kvm: pic: level sensitive irq not supported [ 668.861769][T20902] kvm: pic: non byte read [ 668.893669][ T74] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 669.062788][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 669.067163][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 669.075143][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 669.084109][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 669.087692][ T827] rtc rtc0: __rtc_set_alarm: err=-22 [ 669.100027][T20914] hpfs: Bad magic ... probably not HPFS [ 669.180991][ T74] bridge_slave_1: left allmulticast mode [ 669.183498][ T74] bridge_slave_1: left promiscuous mode [ 669.186240][ T74] bridge0: port 2(bridge_slave_1) entered disabled state [ 669.194677][ T74] bridge_slave_0: left allmulticast mode [ 669.197334][ T74] bridge_slave_0: left promiscuous mode [ 669.201126][ T74] bridge0: port 1(bridge_slave_0) entered disabled state [ 669.815645][T20926] rtc_cmos 00:05: Alarms can be up to one day in the future [ 669.986517][ C0] vkms_vblank_simulate: vblank timer overrun [ 670.209686][ T74] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 670.237153][ T74] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 670.253155][ T74] bond0 (unregistering): Released all slaves [ 670.258669][ T5210] Bluetooth: hci0: command tx timeout [ 670.267797][ T74] bond1 (unregistering): Released all slaves [ 670.318417][ T74] bond2 (unregistering): Released all slaves [ 670.365646][T20891] chnl_net:caif_netlink_parms(): no params data found [ 670.456010][T20923] rtc_cmos 00:05: Alarms can be up to one day in the future [ 670.786954][T20944] hfs: can't find a HFS filesystem on dev nullb0 [ 670.848621][T20891] bridge0: port 1(bridge_slave_0) entered blocking state [ 670.849729][T20934] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 670.875343][T20891] bridge0: port 1(bridge_slave_0) entered disabled state [ 670.889927][T20891] bridge_slave_0: entered allmulticast mode [ 670.901086][T20891] bridge_slave_0: entered promiscuous mode [ 670.933787][T20934] kvm: pic: non byte read [ 670.937695][T20934] kvm: pic: level sensitive irq not supported [ 670.941669][T20934] kvm: pic: non byte read [ 670.972691][T20934] kvm: pic: level sensitive irq not supported [ 670.990883][T20934] kvm: pic: level sensitive irq not supported [ 670.997822][T20891] bridge0: port 2(bridge_slave_1) entered blocking state [ 671.008464][T20891] bridge0: port 2(bridge_slave_1) entered disabled state [ 671.012278][T20891] bridge_slave_1: entered allmulticast mode [ 671.016413][T20891] bridge_slave_1: entered promiscuous mode [ 671.350252][ T5245] rtc_cmos 00:05: Alarms can be up to one day in the future [ 671.354628][ T5245] rtc_cmos 00:05: Alarms can be up to one day in the future [ 671.394917][ T5245] rtc_cmos 00:05: Alarms can be up to one day in the future [ 671.401343][ T5245] rtc_cmos 00:05: Alarms can be up to one day in the future [ 671.404669][ T5245] rtc rtc0: __rtc_set_alarm: err=-22 [ 671.434317][T20891] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 671.452123][T20891] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 671.507830][T20972] netlink: 'syz.0.5810': attribute type 12 has an invalid length. [ 671.517356][T20972] netlink: 'syz.0.5810': attribute type 29 has an invalid length. [ 671.527539][T20972] netlink: 'syz.0.5810': attribute type 2 has an invalid length. [ 671.537818][T20972] netlink: 'syz.0.5810': attribute type 2 has an invalid length. [ 671.541751][T20972] netlink: 'syz.0.5810': attribute type 1 has an invalid length. [ 671.558395][T20972] netlink: 'syz.0.5810': attribute type 37 has an invalid length. [ 671.562419][T20972] netlink: 'syz.0.5810': attribute type 2 has an invalid length. [ 671.566015][T20972] bridge0: port 1(bridge_slave_0) entered disabled state [ 671.765779][T20891] team0: Port device team_slave_0 added [ 671.800928][ T74] hsr_slave_0: left promiscuous mode [ 671.813471][ T74] hsr_slave_1: left promiscuous mode [ 671.819900][ T74] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 671.826209][ T74] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 671.845590][ T74] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 671.851364][ T74] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 671.860560][T20982] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 671.981999][ T74] veth1_macvtap: left allmulticast mode [ 671.984257][ T74] veth1_macvtap: left promiscuous mode [ 671.986404][ T74] veth0_macvtap: left promiscuous mode [ 671.989312][ T74] veth1_vlan: left promiscuous mode [ 671.991967][ T74] veth0_vlan: left promiscuous mode [ 672.338515][ T5210] Bluetooth: hci0: command tx timeout [ 673.834807][ T74] team0 (unregistering): Port device team_slave_1 removed [ 673.905915][ C0] vkms_vblank_simulate: vblank timer overrun [ 674.072017][ T74] team0 (unregistering): Port device team_slave_0 removed [ 674.418518][ T5210] Bluetooth: hci0: command tx timeout [ 675.522271][T20891] team0: Port device team_slave_1 added [ 675.841941][T20891] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 675.855490][T20891] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 675.886922][T20891] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 675.909471][T20891] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 675.912077][T20891] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 675.939614][T20891] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 676.147591][T20891] hsr_slave_0: entered promiscuous mode [ 676.170484][T20891] hsr_slave_1: entered promiscuous mode [ 676.178273][T20891] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 676.181885][T20891] Cannot create hsr debugfs directory [ 676.479216][T21011] rtc_cmos 00:05: Alarms can be up to one day in the future [ 676.505535][ T5210] Bluetooth: hci0: command tx timeout [ 677.043573][T21007] rtc_cmos 00:05: Alarms can be up to one day in the future [ 677.393947][ T5245] hid (null): unknown global tag 0xc [ 677.404774][ T5245] hid-generic 0000:0000:0000.0014: unknown main item tag 0x0 [ 677.408063][ T5245] hid-generic 0000:0000:0000.0014: unknown global tag 0xc [ 677.416902][ T5245] hid-generic 0000:0000:0000.0014: item 0 2 1 12 parsing failed [ 677.425963][ T5245] hid-generic 0000:0000:0000.0014: probe with driver hid-generic failed with error -22 [ 677.448598][T20891] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 677.458034][T20891] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 677.482233][T20891] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 677.489559][T20891] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 677.546375][T21031] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 677.573995][ C2] hpet_rtc_timer_reinit: 9 callbacks suppressed [ 677.574012][ C2] hpet: Lost 1 RTC interrupts [ 677.582786][T21031] picdev_read: 2 callbacks suppressed [ 677.582803][T21031] kvm: pic: non byte read [ 677.590354][T21031] kvm: pic: level sensitive irq not supported [ 677.591149][T21031] kvm: pic: non byte read [ 677.596953][T20891] 8021q: adding VLAN 0 to HW filter on device bond0 [ 677.632229][T20891] 8021q: adding VLAN 0 to HW filter on device team0 [ 677.634178][T21031] kvm: pic: level sensitive irq not supported [ 677.637314][T21031] kvm: pic: non byte read [ 677.644316][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 677.647985][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 677.660787][T21031] kvm: pic: level sensitive irq not supported [ 677.661689][T21031] kvm: pic: non byte read [ 677.665648][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 677.668865][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 677.690019][ T827] usb 7-1: new high-speed USB device number 30 using dummy_hcd [ 677.891763][ T827] usb 7-1: config index 0 descriptor too short (expected 25970, got 36) [ 677.895780][ T827] usb 7-1: config 116 has too many interfaces: 99, using maximum allowed: 32 [ 677.905280][ T827] usb 7-1: config 116 has an invalid descriptor of length 0, skipping remainder of the config [ 677.927958][ T827] usb 7-1: config 116 has 0 interfaces, different from the descriptor's value: 99 [ 677.941265][ T827] usb 7-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 677.945021][ T827] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 677.998031][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 678.002452][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 678.006608][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 678.017408][ T827] rtc_cmos 00:05: Alarms can be up to one day in the future [ 678.031189][ T827] rtc rtc0: __rtc_set_alarm: err=-22 [ 678.048073][T20891] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 678.100747][T20891] veth0_vlan: entered promiscuous mode [ 678.111151][T20891] veth1_vlan: entered promiscuous mode [ 678.154493][T20891] veth0_macvtap: entered promiscuous mode [ 678.191761][T20891] veth1_macvtap: entered promiscuous mode [ 678.208907][T20891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 678.213602][T20891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.218047][T20891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 678.223462][T21066] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 678.225667][T20891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.232626][T20891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 678.237135][T20891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.245195][T20891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 678.250816][T20891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.256926][T20891] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 678.263594][T20891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 678.268029][T20891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.275034][ T35] usb 7-1: USB disconnect, device number 30 [ 678.277246][T20891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 678.284106][T20891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.289342][T20891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 678.305475][T20891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.310657][T20891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 678.315215][T20891] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 678.326289][T20891] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 678.349099][T20891] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 678.352873][T20891] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 678.357060][T20891] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 678.368726][T20891] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 678.435278][ T1095] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 678.438947][ T1095] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 678.466597][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 678.470420][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 678.693797][T21078] cgroup: noprefix used incorrectly [ 678.790522][T21080] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5837'. [ 678.921558][T21085] netlink: 'syz.2.5839': attribute type 21 has an invalid length. [ 678.927105][T21085] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5839'. [ 678.990133][T21089] netlink: 'syz.2.5841': attribute type 22 has an invalid length. [ 678.993525][T21089] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5841'. [ 679.015093][T21089] netlink: 'syz.2.5841': attribute type 22 has an invalid length. [ 679.193997][T21099] cgroup: noprefix used incorrectly [ 679.298624][ T5245] usb 7-1: new high-speed USB device number 31 using dummy_hcd [ 679.302870][T21103] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5846'. [ 679.438702][ T827] hid (null): unknown global tag 0xc [ 679.443640][ T827] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0 [ 679.448652][ T827] hid-generic 0000:0000:0000.0015: unknown global tag 0xc [ 679.451597][ T827] hid-generic 0000:0000:0000.0015: item 0 2 1 12 parsing failed [ 679.455360][ T827] hid-generic 0000:0000:0000.0015: probe with driver hid-generic failed with error -22 [ 679.499907][ T5245] usb 7-1: too many configurations: 9, using maximum allowed: 8 [ 679.504241][T21111] netlink: 'syz.0.5850': attribute type 21 has an invalid length. [ 679.504336][ T5245] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 679.507579][T21111] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5850'. [ 679.513205][ T5245] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 679.523726][ T5245] usb 7-1: config 0 interface 0 has no altsetting 0 [ 679.527680][ T5245] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 679.533929][ T5245] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 679.544171][ T5245] usb 7-1: config 0 interface 0 has no altsetting 0 [ 679.548085][ T5245] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 679.553859][ T5245] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 679.557791][ T5245] usb 7-1: config 0 interface 0 has no altsetting 0 [ 679.563201][ T5245] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 679.566629][ T5245] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 679.570844][ T5245] usb 7-1: config 0 interface 0 has no altsetting 0 [ 679.574643][ T5245] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 679.578695][ T5245] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 679.583895][ T5245] usb 7-1: config 0 interface 0 has no altsetting 0 [ 679.587614][ T5245] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 679.591150][ T5245] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 679.595237][ T5245] usb 7-1: config 0 interface 0 has no altsetting 0 [ 679.598475][ T5245] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 679.601429][ T5245] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 679.604981][ T5245] usb 7-1: config 0 interface 0 has no altsetting 0 [ 679.607969][ T5245] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 679.611795][ T5245] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 679.616308][ T5245] usb 7-1: config 0 interface 0 has no altsetting 0 [ 679.621329][ T5245] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 679.624887][ T5245] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 679.630282][ T5245] usb 7-1: Product: syz [ 679.631809][ T5245] usb 7-1: Manufacturer: syz [ 679.633465][ T5245] usb 7-1: SerialNumber: syz [ 679.637236][ T5245] usb 7-1: config 0 descriptor?? [ 679.642665][ T5245] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0 [ 681.979087][ C2] usb 7-1: yurex_control_callback - control failed: -2 [ 682.004905][ T5245] usb 7-1: USB disconnect, device number 31 [ 682.014729][ T5245] yurex 7-1:0.0: USB YUREX #0 now disconnected [ 682.218602][T21137] netlink: 'syz.2.5859': attribute type 21 has an invalid length. [ 682.222466][T21137] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5859'. [ 682.648929][T21153] netlink: 'syz.1.5866': attribute type 22 has an invalid length. [ 682.652500][T21153] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5866'. [ 682.656552][T21153] netlink: 'syz.1.5866': attribute type 22 has an invalid length. [ 682.818535][T17490] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 682.822952][T17490] Bluetooth: hci0: Injecting HCI hardware error event [ 682.833677][ T5210] Bluetooth: hci0: hardware error 0x00 [ 683.402959][T21161] netlink: 'syz.0.5869': attribute type 21 has an invalid length. [ 683.407219][T21161] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5869'. [ 683.528442][ T1387] hid (null): unknown global tag 0xc [ 683.533176][ T1387] hid-generic 0000:0000:0000.0016: unknown main item tag 0x0 [ 683.536584][ T1387] hid-generic 0000:0000:0000.0016: unknown global tag 0xc [ 683.543114][ T1387] hid-generic 0000:0000:0000.0016: item 0 2 1 12 parsing failed [ 683.547490][ T1387] hid-generic 0000:0000:0000.0016: probe with driver hid-generic failed with error -22 [ 683.838325][ T5260] usb 7-1: new high-speed USB device number 32 using dummy_hcd [ 684.041572][ T5260] usb 7-1: config index 0 descriptor too short (expected 25970, got 36) [ 684.044821][ T5260] usb 7-1: config 116 has too many interfaces: 99, using maximum allowed: 32 [ 684.048545][ T5260] usb 7-1: config 116 has an invalid descriptor of length 0, skipping remainder of the config [ 684.058910][ T5260] usb 7-1: config 116 has 0 interfaces, different from the descriptor's value: 99 [ 684.064194][ T5260] usb 7-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 684.075246][ T5260] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 684.384789][ T5245] usb 7-1: USB disconnect, device number 32 [ 684.898450][ T5210] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 685.225730][T21188] netlink: 'syz.2.5881': attribute type 21 has an invalid length. [ 685.229696][T21188] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5881'. [ 685.949407][T21208] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 685.958173][T21208] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 685.964368][T21208] CPU: 2 PID: 21208 Comm: syz.0.5889 Not tainted 6.10.0-rc7-syzkaller-00025-ga19ea421490d #0 [ 685.969186][T21208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 685.975296][T21208] RIP: 0010:dev_map_enqueue+0x31/0x3e0 [ 685.978324][T21208] Code: 56 41 55 49 89 d5 41 54 49 89 fc 55 48 89 f5 53 48 83 ec 08 e8 e0 fb d9 ff 4c 89 e2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 86 03 00 00 49 8d 7c 24 18 49 8b 1c 24 48 b8 00 [ 685.987524][T21208] RSP: 0018:ffffc900224776f0 EFLAGS: 00010246 [ 685.990316][T21208] RAX: dffffc0000000000 RBX: 000000000000000e RCX: ffffc900042b2000 [ 685.994002][T21208] RDX: 0000000000000000 RSI: ffffffff81b492b0 RDI: 0000000000000000 [ 685.996817][T21208] RBP: ffff888053f3f070 R08: 0000000000000005 R09: 0000000000000000 [ 686.000542][T21208] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 [ 686.004389][T21208] R13: ffff888000a0c000 R14: 0000000000000000 R15: 000000000000026a [ 686.008611][T21208] FS: 0000000000000000(0000) GS:ffff88802c200000(0063) knlGS:00000000f5d8cb40 [ 686.013012][T21208] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 686.016186][T21208] CR2: 00000000f71e21a0 CR3: 000000001ce44000 CR4: 0000000000350ef0 [ 686.020805][T21208] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 686.024879][T21208] DR3: 00000000fee0000e DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 686.031026][T21208] Call Trace: [ 686.032514][T21208] [ 686.033828][T21208] ? show_regs+0x8c/0xa0 [ 686.035720][T21208] ? die_addr+0x4f/0xd0 [ 686.037557][T21208] ? exc_general_protection+0x155/0x230 [ 686.040007][T21208] ? asm_exc_general_protection+0x26/0x30 [ 686.042743][T21208] ? dev_map_enqueue+0x20/0x3e0 [ 686.044999][T21208] ? dev_map_enqueue+0x31/0x3e0 [ 686.047202][T21208] xdp_do_redirect_frame+0x1b8/0x590 [ 686.049471][T21208] bpf_test_run_xdp_live+0x4a3/0x1bb0 [ 686.052486][T21208] ? __pfx_bpf_test_run_xdp_live+0x10/0x10 [ 686.055019][T21208] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 686.057581][T21208] ? find_held_lock+0x2d/0x110 [ 686.059756][T21208] ? __might_fault+0xe3/0x190 [ 686.061883][T21208] ? _copy_from_user+0x5d/0xf0 [ 686.063922][T21208] ? bpf_test_init.isra.0+0x111/0x150 [ 686.066229][T21208] bpf_prog_test_run_xdp+0x82d/0x1530 [ 686.068439][T21208] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 686.071062][T21208] ? fput+0x32/0x390 [ 686.073048][T21208] ? __bpf_prog_get+0xa0/0x2f0 [ 686.075221][T21208] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 686.077851][T21208] __sys_bpf+0x1787/0x5830 [ 686.079648][T21208] ? __pfx___sys_bpf+0x10/0x10 [ 686.081722][T21208] ? __pfx_futex_wait+0x10/0x10 [ 686.083889][T21208] ? do_futex+0x123/0x350 [ 686.085635][T21208] ? __pfx_do_futex+0x10/0x10 [ 686.087503][T21208] ? __pfx___ia32_sys_futex_time32+0x10/0x10 [ 686.090024][T21208] ? kcov_ioctl+0x268/0x730 [ 686.092975][T21208] __ia32_sys_bpf+0x76/0xe0 [ 686.095336][T21208] __do_fast_syscall_32+0x73/0x120 [ 686.098101][T21208] do_fast_syscall_32+0x32/0x80 [ 686.100198][T21208] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 686.102875][T21208] RIP: 0023:0xf7474579 [ 686.104947][T21208] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 686.112976][T21208] RSP: 002b:00000000f5d8c57c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 686.116206][T21208] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000240 [ 686.119631][T21208] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 686.124302][T21208] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 686.127701][T21208] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 686.131035][T21208] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 686.134944][T21208] [ 686.136332][T21208] Modules linked in: [ 686.138404][T21208] ---[ end trace 0000000000000000 ]--- [ 686.140976][T21208] RIP: 0010:dev_map_enqueue+0x31/0x3e0 [ 686.143316][T21208] Code: 56 41 55 49 89 d5 41 54 49 89 fc 55 48 89 f5 53 48 83 ec 08 e8 e0 fb d9 ff 4c 89 e2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 86 03 00 00 49 8d 7c 24 18 49 8b 1c 24 48 b8 00 [ 686.152062][T21208] RSP: 0018:ffffc900224776f0 EFLAGS: 00010246 [ 686.154689][T21208] RAX: dffffc0000000000 RBX: 000000000000000e RCX: ffffc900042b2000 [ 686.157917][T21208] RDX: 0000000000000000 RSI: ffffffff81b492b0 RDI: 0000000000000000 [ 686.160962][T21208] RBP: ffff888053f3f070 R08: 0000000000000005 R09: 0000000000000000 [ 686.164428][T21208] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 [ 686.167927][T21208] R13: ffff888000a0c000 R14: 0000000000000000 R15: 000000000000026a [ 686.171323][T21208] FS: 0000000000000000(0000) GS:ffff88802c200000(0063) knlGS:00000000f5d8cb40 [ 686.174705][T21208] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 686.177285][T21208] CR2: 00000000f71e21a0 CR3: 000000001ce44000 CR4: 0000000000350ef0 [ 686.179055][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 686.180360][T21208] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 686.187569][T21208] DR3: 00000000fee0000e DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 686.191040][T21208] Kernel panic - not syncing: Fatal exception in interrupt [ 686.214215][T21208] Kernel Offset: disabled [ 686.216162][T21208] Rebooting in 86400 seconds.. VM DIAGNOSIS: 21:37:49 Registers: info registers vcpu 0 CPU#0 RAX=0000000000e06834 RBX=0000000000000000 RCX=ffffffff8adc1c19 RDX=ffffed1005806fde RSI=ffffffff8b8fb560 RDI=ffffffff8167257c RBP=fffffbfff1b12af8 RSP=ffffffff8d807e20 R8 =0000000000000000 R9 =ffffed1005806fdd R10=ffff88802c037eeb R11=0000000000000001 R12=0000000000000000 R13=ffffffff8d8957c0 R14=ffffffff8fe29410 R15=0000000000000000 RIP=ffffffff8adc300f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f51b2d91 CR3=0000000046d1a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000fee0000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88801d023000 RCX=0000000000000000 RDX=1ffffd1ff5a2d298 RSI=ffffffff8b8fb560 RDI=ffffffff8d494b48 RBP=ffffe8ffad1694c0 RSP=ffffc90000598da0 R8 =0000000000000000 R9 =fffffbfff1fc5282 R10=ffffffff8fe29417 R11=0000000000000004 R12=0000000000000004 R13=0000000000000001 R14=ffff88801d023000 R15=0000000000000000 RIP=ffffffff81696df1 RFL=00000802 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020008000 CR3=0000000046d1a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff84f94350 RDI=ffffffff94d59e00 RBP=ffffffff94d59dc0 RSP=ffffc900224770f8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000004153414b R12=0000000000000000 R13=0000000000000020 R14=fffffbfff29ab412 R15=dffffc0000000000 RIP=ffffffff84f94377 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c200000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f71e21a0 CR3=000000001ce44000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000fee0000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000003 RBX=1ffff920001c5ee6 RCX=1ffffffff1fc58db RDX=0000000000000000 RSI=ffffffff8b8fb560 RDI=ffffffff8d494b58 RBP=0000000000000003 RSP=ffffc90000e2f720 R8 =0000000000000000 R9 =fffffbfff1fc5282 R10=ffffffff8fe29417 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=ffffffff8dbb4ea0 R15=0000000000000000 RIP=ffffffff816cbeff RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f72c2d50 CR3=0000000000e7a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=00000000fee0000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000