last executing test programs: 5m44.616174616s ago: executing program 2 (id=2406): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000240)={0x1, 0x0, [{0x40000073}]}) 5m44.431267593s ago: executing program 2 (id=2409): r0 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe) pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff}, 0x80) keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0xa1) keyctl$update(0x2, r0, &(0x7f0000000140)="c4", 0x1) 5m44.422095169s ago: executing program 2 (id=2411): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = creat(&(0x7f0000000280)='./file0\x00', 0xb0) socket$xdp(0x2c, 0x3, 0x0) sync_file_range(r0, 0x800000000976, 0x80, 0x3) 5m44.372664233s ago: executing program 2 (id=2414): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000280)='./file0\x00', 0x0, 0x97801, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x112) 5m44.288952193s ago: executing program 2 (id=2416): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000000"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x12, 0x4, 0x4, 0xc}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000001800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8a00fe00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 5m44.101551755s ago: executing program 2 (id=2417): r0 = landlock_create_ruleset(&(0x7f00000000c0)={0x8008}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) 5m44.028261843s ago: executing program 32 (id=2417): r0 = landlock_create_ruleset(&(0x7f00000000c0)={0x8008}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) 3m14.165705999s ago: executing program 3 (id=5237): capset(0x0, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2}) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00^\x00%'], 0x24}], 0x1}, 0x0) r0 = socket(0x10, 0x3, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 3m14.095052451s ago: executing program 3 (id=5238): socket(0x28, 0x801, 0x0) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000000)="03684a7b99a4fde940f3ec0d105ea2c8267323117153aa4a4f099c3835a607cd5cbd77b83cc33d13bbb6c6bcae59db739af84a4b5d34bffc145f3cc27ed3d4f9d9b3103699a1e1cc4ddfb6c1afd07ddfc18e358cd62649479724ce867fefc0a15041bee9f6084842fb982d5c2cf1488d668b741c64f0a6fd2643e729ac5a56462a6b64d5a0a751fda4fadf63ba0dc2fd14ecbf546918db77095545b41ab170e5d6e8ec8bf9ce9b8d53b832e90c701fe52af7999f8fd509577ead1be27891ada8564167f2c7d2eea1c1c9c65d8e151c58ddee43ec34e74d330ec50cbbb2bb21892c7ca995066e3cbea8a69d94dc6bcef5f3c0ef630e774d092ea58627f3e09c66a9c7d1abcf4f8f8af87f4269df288aca9bbf758275ce9695256e764d185a91a7570fca3aab16c75ecaff6b8dda371c3226d6ec6e55c5c4d8cfc5c33892bacc956a3613bcfa849da1b5e070a7911d7488b3e628d9339718e8b821f1bb5d5c45f0316bb563d0a442801412dfd5a4d61ca657e04d6686f7d5863d57954400aeee8e79be8f3cc4cbb3d4b91269df039c3d3543e500b90a2bdc6eb60cc7afab7b5187d88fbd76e6212ea29e872b73f925287bdc808b4a4f8ec7f8aa08bc90b29e217c3eef69d8deae4141f4f9bd110b7bde9320e7b45f422e9a6111bcaf99c9911e46e219d3bab477926bd5d2e78d4cd0eca133c232b1e863fd7799dbf609f3670b323e5518e8f4bd36e9b3da2c68a28eaec9cac688b4dd0b73adc24a8c7acc264399b7facbc2f43e8e40b6cae9f8e956d1dbfe259f12bae75ad362c354050ffdd6e954f2d7615fafce888bd6f672a81c9fd4318caba765069c0a425e898bf7611b77f0fe61c27d318159dba42f011900246c64557d27b77aef928ab04a147baca37863cf998a2ac30b903c0314449ddb218887c309ec7184c8c733f5d4e7b2d79516e9531c9a5becf8294d6ccd777f285b13160e1c949d3069c6c66c0daa62bac679bc9b69825398d1c290d765e882fa2c8708b20ccec885ab6785dc22696b61c109ff84bc5407932c3e5bf12069a68b8e3333a26d3dd390ef9bc01b86013fbcb5c28a1f4d2b8084f1502fccc4027a124c3629d8f4a8befd14b597cebda5f94f36050a31b95087cbac347788a71a90e87f2187fae600aa42719c05c2859cb30ae0fd58a7bba681f7a6027a00583071def2c9a94456e5d9acb9fd2d11fdea524582489c02377bf7f590948985c769b3822cb6366681d79113c6a6c752f2475caba77b7b2e8f293d7fd9b991f63e254c98dec94f4f3def4fee9cdb56ff3ba7fe6a718cbe9a7f04710e257ea8a49d6605266048fc122d4f3173d4b04b3e282bd3c5198d7fcb72ec38e0b07dd8a541b2807e601e5a0a01f07a281e0e1a261c65977088a54597efd0997c59647aeebb2605a89705eeff3ec780e302e24b23a0cbe4f81367c3f118545f01328d22eb8e802667389143166a9db9477c9b58eb5c76a19b8f8b2692b0d356003f08ae54dfc820d8e357ecbf91fb7e212cbef1262171abaf2f613a5bb59b783cad476fec50d16ca0ac13c08a59a3097e6e3fde700a4b987d10311fc22d4aa210956cd859799f78010e4c0f25b715876aa253df15009490f71be3b0022875161f537c70b14bdb9e2d87a5a11b414a1198533c7de6fc4d22228133bc26b19d9f1e7627b14c72e3c39d3fa2186a42e50a0d1867dc312f94c7209d51475ed4aa80b2ccb0557a40422bf7317de2fdf3296727723a2d23babd5e23f7c3edf4942bb485b95a122e6aba41b8f80f684f84605462448d5a4fd66dfe9bbf80590b9999b4780d4f4f189a20f4400b2975df85b584c8c8f9fa3095f13aede1f52dac98be358b0a0d72bed4df71cd23973e326179580268c4e5d1be4b2ae2e1e2dba913998faa6088af128fc8fd3ae26203a898882b67d86d63f6ee8f8e216337330db6d928facf9d0ca273845ee5b33a0a136aeb48b7c52d3b95fe73efaf06197ec8753ee0349f19db8730917d0f18a2de9602d3b887bc583ff64dfee67e2bdf4d5cc1c341b89acd3dd5176d2c15ec2a77120b8a49591ca438ae36c52845e5dca550e539da9ba2a2eda49be316f3d6d4b7c83666bd4759940347c29dedd273adac722630a940e104316b4806553ded47132be4e31a50600f5a4dd56825b245b7aae853f56f79e0ec31f7b5db945ee3bb92865acb0d8828598e77446ee50ecd8bf5e7ccbd963445a09e3be215709b0b3bff2e9d12e6549924338f236b4ff973682e2e03fbf6b167e3b3a0f8c3f3c1e8d0e21a71937c918cabab50dd74c011a1a5531cfcf88a5df5fa58f17715f7c7b3a64d9dab6f20a596288969191420ed71daccbae7c1ec88bf74811b5e1f4bd306f3d810c4f3600df2903ffdf8db40ac7153fd93327a1065cf2c4590c8ba9f9391eb6aa600cb42aff8793e4721afeb3d470beda45dad9adfc6f4fdb24eafc63792f5015c656ca37cee82b7ee382bda31d786d6e03d4c8611c4ca464e2360ca747815c9eebd38c8fc7d5eea2db96b29d771a96dc5c884029077125bcc31980564555d21ecce5d0388e1bc1e618c7dfb31b02b1a6730db7eda387dd4ceb96f65178bb088e81133e5086f73c458f84139685ef930945a51979faeab539e4964244709dcb8b38f575d3a3ec1328a0df65fb34241db7cb3250b8ae0dbc44670d2b5cc3a1785d8d281c05256ef2beee3b202d8bce053e55ce1fb2bb208e65d488ae24484b00c2e343fc3544ca546406688022db6e29ceca9539ec095a2a2cfc5f516230f75fc961c5de1e8d33222331f57db02cac5f9208029c6114d041bb1cc7f959f77511f5790a564600c018afc253e5ecd5010bd769b45a04296ca09e87fb63bf3d3b51dd8b3f6d4426a03c0944d09dff654c5718ab1fef063caba34029be6811502e8bb785011dd1e34b0c192915adeeb40faad0725a8f9a62acf61b944a271d20567f350cdee22d76e3cc5966ba742d9c43823af19ba74c60da0df0c5f4e7e26af7224147774a1f8ae09f929066e1769ffb3c40ba9fed13d2670b9e865a155426ed5c83648c0ad34e46f5308b455e0835730fe529668b606f3f52b0d04534d0e14bc0ff0f742359550e6980ac9978455adb3de0f292af12a3700453e035a49eafe98fc0d7f26e42a6c41f380448607b7c96291f98fa6bbd7e32c249a49171f8fa81762a490a1ce5c39d66d35c6ed6c0679440c06197c2e24d48e1de81c711164c02820816afb5393d3d6c801c3c062ac46d1494f52c45ca36faf94894eec9d71e1be6c7256f4aee8dc080156b28623c821ef8d1826ebf0a41332620f42589270e142561374c825e828e2bd9ae41fd34959db48319d54ffe7a1b58ae8f7361cbaee8e26e0e7e1b7f125f8cd99788825efd01c38ec987904190a0ad52bc20cd36cc7209f9269ac87b2fa44d2456661d3056d893cf912c69ae6b2b83d0c781a6d6c33df1910867b71257ab74e244e3ebbac07445069418fe2e440a384e16feedf8e3165676e67866430eb6a8a5334620d8c2cda15b0328bb0c50630886353f95241cf4f3b647a4ff812c70e1b074c4befdc70fbfdbf868bcc81652034b5bfa831f1b686724046dcd17ac91ace83711e9ec7465d14c9d508bce93676a58ef7dae37221436865ad34ac2fd691e3b3e12aee6736dbdeec9b1c05fcedf8b9ced547259a1a40471ebe8b4bfda69d2f884da025e2809fb9f159150bbcb331ca3c502012a7fe76b4fc2771976aeb624ad7f2d72c707f5f19d8ded84581ac5afa697ff99d27d88c9588fe769839c9cc9d6786a0f814667527c53b6253b1825bfe17e7d734d96d61da0ae7349d0922774fa9b4baf332a4568e32cafa417ec659c4ad72cd656a1e2c59c8dee38890ed3acd8b4f8657de41f670106c38c38ba1a553f0f589a57c61f5105d70e0c0953459383cb9337ca972cda1d2cd3056eb07f21c1f5b995a04997fecf501bb201c67fd2afe4d44fedea595969b6b3706087b0f59d2ddbb099d60436a94f0ba33282b29f6e914fe92add4b33cf70b680b905cfa2b2ccb00b9967f99806e8d69783fd35a2d7fbb424e9fde2647609aecb0208bc3864bf95f05e50ba12123edaca8de927b338dfcb3cc597947c606c08315061a7fec98c48f480e2febd26fcc8dc12289aeb0adefa2c2be1766a5bc74ef1aab6c2cdbdfbf1810d956bc889c8e614b7b933ff6e336bb208db5b592775fe71c3ebfad5f47e0d074e1c0cb36761481ec677794f23c3698bd35875719f242e3fc939bc3668f9723f31effe189dabdf4ebbed073eab952c88f13059eee22230bc7724d7266b15726a0b0898cdd274e3e56d0a356166b5d16456249e9e92e84e39f61c0ecdf99ec2cd230440c03fd21cf68f27306628d35ea47367775f39d20a07f3959b38d49e3674061fc1018b647047ad39f77027878badd29927c5806f95aebde5f070fed28ed34052550678d3c6b677a3b5a46f76a98264c42206bf62caa95df5437092b68e025ee9ce2ad733b6db3ec97fd33cdc3b2f77ee90dd86d8bd289ae1a437c86f4153ddcff5e846347bfecc1499bb42980e4fa91790faee1b1991dfead5d7c460348631f0469b2b9e8f65207a00985511e0c41f441d9a3154f5a0298c172fd7135d4bf95c11cdf1769db1cc55f392aec309037599327a7c53c10a56d1ace8ad19186a2fc75dfa9d657c114eae99c1c1a6b4a58440718bea82290bd1c2a67048938c381648ea2b2c7110d748c9c8d782f20430b1427b51d7036e55b0997c6f75717db67a82c88d3647ee036b49392f0467d6010b32f9de3e5e79ef082c5bb975d11d2bf76a97f7159c11a7753db8a065d3126ccda9abbebd2c54374e389942c24b27435868fadb45bb060d3c1084b211e2afa8dfaa2d8dab8dc47fe10e6c32afece7c4976176a7c66d704125c0948c238c843b41b0246be1f50f8e07884cfe7ae8885ca06339a339c8d5978b079e0eb78facfa1dc67ca70733dfefc6c868ca149e0661b70e0134870a3107c8c46711fed14f892d6fc66d95306838688f13b19e904416a8d161cc33527878b38ad10b1c08db21457b2075608be7300d39748e4fcebe02b190f3e8ed32a0ef734b11ca43a21f5f809bba795f5aa0ea01050021d0f5213620af5b08fda6421a42b7c82804a20a6ef6d471babf76f46538327f943476d1d109a3f0dc531233d6f93d8dc27f4745735085f92adf63d617b373fba24f289035710e69eb80da12d36e8eaec22620ffaabadfb824bd5fc309a2c74959505856b5b890bba8f22bc571a9d87e93ba3b9aba6dcf26f7076c0c2e271641835ea25fd49d96c69d4fb8bb8731bd2cbc75146aed10d269f9060462339cde8830b535920be3dbf143eace0f1ea9469b95a64fbd7e5057eb880d4422cbf97cfc3f7140251d4923580ca2113f345cf24a66499ceffd2e39dc4fd74cf448638962957b409f0d218c165c13ffe107aa1dd1d9a02092cd46cf2b353dd2d2ca7b8a7ae8eda0ee18bba269bbffed0c7d400497aee4da0896cf6329d76ccea098fbef9075412d1c2a3644cf0f202b884303d204314ae92c56217b2feb5e7c1e15a99fbdd655fb8f6bbc3ab1259bf03b2ee17c5b7e9443695177ec5040eeff3fc36ceafe143393d76a3d735cfe6c9b632e52dbe64dc1265961e8a27ee9f76c0add9e0581e474d7678214f5b64c932903715befc6b766611f1d7e495573b9a3e009cfcb0ffef7ac57c3561badbfa41c119e541180aa2364de61a601699cd1bf3de01d15794b728e1444efd6ffa1e57d95489c8df91fbc057b66dd6d9f3a01b19f36bc99f0b54ed1f9905067dd1608bce47f5ff1981a25184aacd39e331d8ff3dfa7c012d7e667a69249cb4803b23f7eeaab8ed29c69ba3d2a1b88821ffefc5825650c53b6364f38e0a178312f5d29d5375423cceabc8e1c4e51a566ba3f9b176b858c8860440ff8ebdde725640d2dff6b9160bb69f188755b0ff766b410704cda4c33e1ae2c73b5799a00d2f55de73109728b350302b64df2ce3eaf2e0c6561009b60c2701ac493076305e97ed20c3b42f40b2bc7f13bba4ab8181e2085b07930c6f5579205dff696902be824e65ddc774e886e8d261fe74712a31e406b0f7725b4559d7ad0f27a1a870261aa5bb8a720e7c89ba933770d48821416de070df1abcc6eee1147c20bda090d940aeee2bd48c0f3d94675d9b9cf1a62ba50e31a7af0714dd8325d5fb7142e88c4d22ddb8f0278ee6ba88e361524e291b6d000f6523ad4188b021da9ef4a634ed09eb2002b9c726746c9ffc32f261edb448106aa1e2daaed865255fd1d296fedbbb2de3f7c1f15935e52006492b632ad125aa1e000c9d71bdb945792668e16b26122a3fd7cba1a40db8083068c5c48fd2aaa621c87d9f5621bba442fc26839030dbe4e37fda4046d6503bb03e0f928de25d4cd4e2a40ec93c9021dfcbb25f6e2c943cc85eba8123340d6364949581e8c8c2913d59dafe4297672c0b9e7418485f00cbcf672a588904beb3c074bebf339815b91c7c374ceed5a701e1ade8f5d87ca536120116307ac259577a8e12958425317c482d2c7089bf3d83e12318d1526107a050f3c094492de7255b22e18ca2ff261b3ed197f2f8e67b71b1c5a6a04b99158b58e9baad75201aabe13254617d0de0a9073af62491c67fc18d1ccbf7686a85a99b39e9d7d9c85a0777e47c9fd0e10c932c20f13ef287b44b9b706ec818aa0c48a10caac58a9b8355e84bc820698c2501f0c12e1b67df701cfcbe72dc47a2c87d43753ebfdb24cc838507e241d9fcd3d4955a373209ccda903a3ffced05e4232f2cca9bba197fdba8a9357cb1d6da6d9b4095027dc03e17d59ebc2d358e171da0044df102b193c79390ebcb58023b40c621df71e064b0056bfcf1eaee1eca85357cd1ac78feaa54bbbd85596977ba85003ea60d8685f4e3b756e4f81453077396590fa214f672929e81569442023667b798c24e06ee20dbf64cfccb51b2bca4e2a5b0df137bb37ab3e2854dc7e1b879866a72a5809b563596cc9fd3e53abdbccfd5dbc60662252ddc5c290d72230d79b7504b40fdb45ded2f02e926652c1e04ea4c1c488025ad1098adeebe98e385ab1caec4b9eb4d3bbd5ef3ddf1fd0d72784604a989558fd37f6d4fee20609090b3331e254fec98414a2c54589ee01c9429b7cb574b9167efede1d966a227bf2a8e422f38680d77d3c555cf1117e7d7e804ad730c36a78b7846473d6481bd0839bd3e6982ed47246c370a90b76e5b88de202346fb20b8b6b5ecb6a90b8478d17b175a1821df75b48ecc34866fe5c8960bf64d5ff92831bb9357474bec65e0dd1699b0f0340ee5ac5e9e9d3df66edca20201371fc21ad80aacd49c6b0abcfee9c876c15edcfccde823b55b61cb7b254487ef8c8781a22043f4adaf25df34580a6b3904fd014b50c59fa90eff75fa5fd32aaec9aa10df8a2b9b824952e475c964533942bbe30f4167a11fc15d548e0a31f911030569722f0c67e79e90483f6f0bee1c7f80face1a1b0f940c891be688cb16394f6c07fd29b5f248c211d1f76ec1292755d8bd963e191b3a8851472fbbd2cb732f4fd9fef3a8fb29aea097328173fdeaf56fa2279e86fb954306b040c960d0b601b3a741c96cf1f0bd1172f848585cb3b57d7d2e2a84914526f5a6f9895cf5aa4425b4dbf9f59037756a0321bba204a737e36277e86fd268f6047921f4f8fab69dfee137c07874f12f89084e7117e2c9221690a27f880f17d08d56f9dbc96ffef3920b55fb773dde72e1ba35f3e0c9872e339508281426ab04941df4885f7e0293149f1642c2573e2b6594b8fd953ae2468cf917cdaa0692cf461e3628860935def39af78af5e1540147ab1c70c3ab7f7c76abea0d8541feb43e632d7a2cc7bef15a4700304048ecf135968d0a9644ce899aad05b186a2224bab3836248cc6137472203ebceb29b3e87610df12417ee722f309c54b2e65591d8b929440f3ec43ee9ff8f7b7710668e4312610d1591303d5270394da0ab61e4515af5215dc81137f0dc90f951972731f8d98ceb8b4ea38da7d8dc153ccbae5068781eaf9a4a7b11b4319090261b61aa65a8536292eb5392020eb285b2db07f81e7f764d65037050f1e3748593474c6c1dc11cfcb56e1c916157280098a437265e1c682cbfed717e7275bc6c3bb6c6ef7f0f9fdd19ef82ff2c82284c3a061f57b21d3705aff97710108a7d1217a7ea3feda021d20f1fdca94bbef67e0aeaa3db6ccc2d060f7b33707fe19cb2d0232f1239373bb38e666cbbbf3a697c6d0e957ec6730f56034440e789a7a37304d09eb742f21019a77c608cf578162a55d0aea113c051b110b5281ed8b6638d2b31604e965cb019f2f106bc4e96d1313c70612f1ff18afdce7926270dd242c49cc53792f160d1e143e04d7eb3ca40828b153fac466bc53a084281987b47b806a4ef668859eb9035ef68e9c20bd6bb790fdf6f921569b4e97fae5b7edc761b4944c1d6d90f4df40bc3203ed838d4c61cdeb7a9bbb68d59b2cc00125eecaf06b759ac1b9dd68028225d0a60efa499e4436962362727011eef6cc55962dd4ffe2fd3892907e837045883cc9ba8892ab265a31924f3055d4dee68feff05d9f10ebdf1e8c1c1e7001b5b02a7fe26b9c0641e054ae37854187fb1bb6e9fae05b09e85a1e0e14bc801f2d8b9a178a9a72b147e137e0d83192664a88a3aca4fb6a4f0c5787b20c31bc5975dfbc8bcff8987573bd14b1ca434d93452e67ed01c60be99e535bb3f848888d224520b61cfc1de2d6b2ebef9f24674c31aada52784a0b7b60f351653c71d546cf951e6b4a0d917ac6afd0a713f41833f9f74a3a7d3c19b523299666da2b48676ca7aafebadef05b3bbf4b6b62834046f51d3d4582fb4c9de27a3f5e992853368e4f17f9dba27c8c4438307fc7405f53fb27cc81c1521452a1a5edb0cabdf7a73b1cab0675b619fd5a0fadb7147776e74695c042d9d8bfda045bcef7542b42249f34c7590605d0201a762390f2fee5f3cdb488426609c663c9fc4dc2a5277f3f589a14e6dcc202dfcd89bb148a368ff1792d230c19934143d2c260dbdfb334af863b856e415febd22fba01c568d8f48dba6d92f493cd1164a376f006d55db609cc2c9532a9f56da3b06e3db2a05f797eed57892e2fb677541324bcd763cf4669e7a871e322d0cc6e21befe3c767976f058dbe7a059d673c94c7ac5d49178bf19d32907b6fe66a92cc8ea30a858da43f74354390d6e97021da50812c59a78915e5b33221531bfa054c594ce3a2300e5a7d712773181901dfcf6922e980566fa62b1f2b669a27fbecce29e9be6d22058463e350163f33d18ce92a72d1b470857b6a37998aec5672521a8f0d66ab2bd01de516036ec47d1f63b95b437dc6d5a0168189d5a963cb0a80a9a5f20b03515396e3525f0ab13b0c1e5dd051b4c930da6d57ab6f7dd94ab3e689e0355af0b34871296152a76cce170d7b14d471ee4d9daa93de4ed755f30d45344f724288c17e4b22583158f1305ff55fecf7d526e207fa609886e14c9a168bf364b049409f63590f18a5515de8c1fd8c5a9710b6e33d2ecd01466b799f14be787612b8f17df0c05483a16097c0a504880249e28f1e067663c640a550a8c7ad9d090f7b2e902c5c20936869a5f3d3a014817f90babf847b43cf67ec23f120ae4abc63a418d1d99f359fc2c33a5bb34e1f5780576111a88c5ede834bc41e498548ddd128f9e884f4cd3e1bf1aaa1204079ce74e709306f38f2d6859128fc35d3a74c534ff1dccadfc8fe41f1be9510349af8710eb6d2dbc758be12b65622dad1cf48abc2fc409f5ed6a3af8d0b6548643c46dfba9db4e5827475e6e317c9c018a4dd5de391cc9cca85ec527537e26949e5091baca4f0b563d4c3969f15115e5ccdeb9e40788fe12f9d32d9488a70ae53b819726e4483ea6bbcb76f99775ca5e4f93c76edae462c08d596209f985aa55ef5e786701edcee8d831dd6dc0fee9ad01b6bdd63e886a5e55bdc593390c81e18dfd8c685b81306bad6b7a19a86b2bab5cbf4754708422e99f8f2497d798b3db565e709bcbba4c376c1c60b22b994fe8fdcb25215d505511cc1927f6a35344023d5da0a3ac0830e6aa80f5f7f0d94a67c99c6b22717078aecba2a599daa2acc054cda25e3965172e5fef464ec19aa71de5e84b6de30cc673fbab8c441ea37bfb3fc321a504371bc0996702e9be38db762e339ad7ad66dc2caa887e4ab60272d7963f85b14c941d31e545b85c640427302efe7142f0e0897a8c623ce57da213fbc2d1f90677142fd48cafca0b2934e572833ed6473218d0513dd1f6ecc578e5a1109ddae552b3be0cfe7246d7682a59fe9ae783a0f318d1800d5c466c80c5fd3facd0340f455f081068dd2cda5cda744018d902217152b6c05d37c090f8348b0471053152c2a4570fbab3f6dc30c8e49a63b88a00b3aac75180a633692e35ea976821694e133eb8bb4d31237d002fce1dd2ce55528dafcef2f0e00690562d144bb0e19576ce6ab72deac22067d8edac916b1b07e4eb57ff0b885b1b79f37dcf88135eedc17ffd948b61e4df4985033bcf891dd5b1448c8668947a271d93d03ce31216810a6bb45a6c5a12e290d97a60ad4b5c7384cf19421ac1ca64d346b50771e0b50e5caf1d9dfe056e8da247aa502ff04c8e29ca810a1d3ec7a89bc17dba2936f03a80228171f7999b3f2768617970efe57b14011c80666ac4999a568ebef74e2ca14df0ff6f0fcd47c538be96aaca1e65b53b98447101e49672b48167c0afc1afffe669b0f9718bd3305805c292db9738740b362564e4691cbdf061db1ed3f9db1f8bed82939f835d14f46818e3eb4e25f7a8d77d9d0d7913c45d8a81115c1a5e37b1d3bd1b7b5e6afaaefc81d9700bf83506fbf15457bc0f59f7008cc803efdcb6d39e388f6b28e80d47134265cc5438804b12d50e61a489da829dca05792d2ac182ba747331e88a7118f7dd38067f7d38f37be362260effacbc33863bb47aeebbadeae648a1090718266eedd2ed5a2c23f168759198aa92b2ac45c2a68ff212f29260e641a38541b066d39df4e95cd1c8e7e6ffae1b8017e6f629db3910b07496c8a81e4e66ac2321fd9e7ebfecf5bf6e922d7a79fb710a2d42dad1916c9b186c2c50c818fdb1afa19be867d943ee98f732fe3a01364281c0f6d0eb64a278721dc7bff5316256b0f4251abbd9b8ba7c7c12a3bf02a1fbc9ca94b965588fbc82343d07df8e06eaa5ed2137fec129351d80a9048a7d78b31ffaf2e388864a763c4af7aa53000e0bb2eb8ac0e4272cbb79dc6a7d65890f125c523c7cfddacdedbe87938aca915c92c807dab26be7d748827d4e3188676312ef1ac8460b29e8e715f4075e33104ce82e6785aadf17a7cf82d2a705e9f2d0fd25810ba33d76e54b48eda3effc01f37c89db38af81922fadc8c3361fe74ed51eac5e4437108106ffdedb339b406c082d62a8bf718989846d23f966e1ea39103010f767b3a6f0a0a2041b1dafcb787e69ffad75ed2a0081b92a4136ad5ae557c55a4b6219a390103428181ab36f329ad182a92957495c", 0x2000, 0x0) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)=ANY=[@ANYBLOB="2800000014001901000000000000000228"], 0x28}}, 0x0) readv(r0, &(0x7f0000002700)=[{&(0x7f0000002000)=""/23, 0x17}], 0x1) 3m14.032530991s ago: executing program 3 (id=5241): r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0d00000004000000040000000701"], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000880), 0xde9, r1}, 0x38) 3m13.965381132s ago: executing program 3 (id=5245): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x41) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x1805406, 0x0) mount$bind(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0xa06006, 0x0) 3m13.965060771s ago: executing program 3 (id=5247): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 3m13.695497961s ago: executing program 3 (id=5253): openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}}) io_uring_enter(r0, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0) 3m13.582647936s ago: executing program 33 (id=5253): openat$binder_debug(0xffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}}) io_uring_enter(r0, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0) 37.234626199s ago: executing program 4 (id=8726): pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r2, 0xffffffffffffffff, 0x0) 37.234295415s ago: executing program 4 (id=8729): mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000180)='bfs\x00', 0x2208004, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newlink={0x40, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4, 0x30}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x40}, 0x1, 0x0, 0x0, 0x24004000}, 0x4) 37.144332054s ago: executing program 4 (id=8731): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180) openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x103a42, 0x32) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) r0 = openat2$dir(0xffffff9c, &(0x7f00000000c0)='./file0/file1\x00', &(0x7f0000000140)={0x40, 0x110, 0x2}, 0x18) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000280)={0x8000000000000001, 0x3, 0x5, 0xfffffffb}) 37.083143548s ago: executing program 4 (id=8732): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) close(r0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) fcntl$setstatus(r0, 0x4, 0x2000) 37.082312955s ago: executing program 4 (id=8734): r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB=' '], 0x40}}], 0x1, 0x40000) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40086602, &(0x7f0000000000)) r1 = syz_create_resource$binfmt(&(0x7f0000000400)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') openat$binfmt(0xffffffffffffff9c, r1, 0x41, 0x1ff) renameat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) 37.014090319s ago: executing program 4 (id=8736): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x2) pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xfecc) 21.814519299s ago: executing program 34 (id=8736): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x2) pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xfecc) 2.33777362s ago: executing program 0 (id=9310): syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00') mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net\x00') prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) fchdir(r0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) 1.472796703s ago: executing program 0 (id=9318): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x40000, 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) write(r0, &(0x7f0000001340)="89d87df03855", 0x6) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000007c0)=[0x5], 0x0, 0x0, 0x4c}}, 0xa3) 1.429512789s ago: executing program 6 (id=9319): connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x29}}, 0x2, 0x0, 0x200}}, 0x2e) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\'\x00\x00\x00\a'], 0x50) pwrite64(0xffffffffffffffff, &(0x7f0000000000)='2', 0x1, 0x4fed0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 1.35211254s ago: executing program 6 (id=9321): pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x88f, &(0x7f0000000300)={0x0, 0x400aee2, 0x2, 0x1, 0x317}, &(0x7f0000000200)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x300) vmsplice(r0, &(0x7f0000000280)=[{&(0x7f0000001340)="ff", 0x1}], 0x1, 0x0) 1.270436954s ago: executing program 0 (id=9322): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0xbf09, 0x10100, 0x1, 0x35f}, 0x0, &(0x7f0000000100)) io_uring_enter(r1, 0x46f3, 0x0, 0x60, 0x0, 0x0) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000006c0)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40) 1.270138102s ago: executing program 6 (id=9323): unshare(0x6a040000) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000001040)={'lo\x00', {0x2, 0x4e1e, @broadcast}}) r1 = socket(0x10, 0x2, 0x0) fcntl$addseals(0xffffffffffffffff, 0x409, 0x175f4f549867005f) sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="540000002000010000000000000000000200200003000000000000001400110076657468305f6d616376746170000000080002"], 0x54}}, 0x0) 1.100190814s ago: executing program 0 (id=9325): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) splice(r0, 0x0, r2, 0x0, 0x88000cc, 0x1000000000000000) fcntl$setpipe(r1, 0x407, 0x1000000300007) write$eventfd(r1, &(0x7f0000000240), 0xffffff14) 1.057105646s ago: executing program 6 (id=9326): openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x94) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040), 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000300), 0x37db, r0}, 0x38) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000700)={r0}, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x1f, 0x10, &(0x7f0000000880)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a}, 0x90) 971.354374ms ago: executing program 6 (id=9327): sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1) r2 = eventfd(0x5f0) ioctl$KVM_IOEVENTFD(r1, 0x40a0ae49, &(0x7f0000000080)={0x7ff, 0x26000, 0x0, r2}) ioctl$KVM_SET_MEMORY_ATTRIBUTES(r1, 0x4020aed2, &(0x7f0000000000)={0x30000, 0x600000, 0x8}) 760.742241ms ago: executing program 6 (id=9328): syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00') mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net\x00') prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) fchdir(r0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) 760.587032ms ago: executing program 5 (id=9329): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000000000040d90455a018000000000109022400010000000009040100010300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000ac0)={0x2c, &(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x14, 0x0, 0x207, 0x70bd26, 0x25dfdbfe}, 0x14}}, 0x4008080) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000040)=""/95) 562.503082ms ago: executing program 1 (id=9333): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8) close(r1) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$LINK_DETACH(0x22, 0x0, 0x0) bpf$LINK_DETACH(0x22, 0x0, 0x0) 484.278473ms ago: executing program 1 (id=9334): mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x4) fcntl$setstatus(r0, 0x4, 0x42000) read$FUSE(r0, &(0x7f00000040c0)={0x2020}, 0x2020) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x10113}], 0x1) 403.910463ms ago: executing program 1 (id=9335): mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x7542d000) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000002c0)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x5}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1, 0x2}) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2) 195.251414ms ago: executing program 5 (id=9336): r0 = syz_io_uring_setup(0x3380, &(0x7f0000000180)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f00000000c0)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[@ANYBLOB='5'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x1a, 0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2020, 0x0, {0x1}}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 193.942949ms ago: executing program 1 (id=9337): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x801, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000380)={{0x0, 0xfff, 0x4b, 0x8009}, 'syz0\x00', 0x11}) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000780), 0xfffffffffffffffe, 0x2) r2 = dup3(r1, r0, 0x0) write$evdev(r2, 0x0, 0x0) 185.764499ms ago: executing program 5 (id=9338): sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1) r2 = eventfd(0x5f0) ioctl$KVM_IOEVENTFD(r1, 0x40a0ae49, &(0x7f0000000080)={0x7ff, 0x26000, 0x0, r2}) ioctl$KVM_SET_MEMORY_ATTRIBUTES(r1, 0x4020aed2, &(0x7f0000000000)={0x30000, 0x600000, 0x8}) 123.136222ms ago: executing program 0 (id=9339): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8d40, 0x0) r1 = getpid() r2 = syz_pidfd_open(r1, 0x0) setns(r2, 0x24020000) umount2(&(0x7f0000000040)='.\x00', 0x2) ioctl$TIOCGPTPEER(r0, 0x5441, 0x3) 122.819695ms ago: executing program 5 (id=9340): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e0000000400000004"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x15, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000000100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000008200000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000a80)={r2, 0x0, 0x0}, 0x10) 122.402265ms ago: executing program 1 (id=9341): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0xbf09, 0x10100, 0x1, 0x35f}, 0x0, &(0x7f0000000100)) io_uring_enter(r1, 0x46f3, 0x0, 0x60, 0x0, 0x0) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000006c0)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40) 103.732361ms ago: executing program 5 (id=9342): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001300)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r2, {0x1, 0x2400}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x100}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0) 8.060512ms ago: executing program 5 (id=9343): r0 = socket$inet6(0xa, 0x3, 0x3c) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff274"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0xfffffffe, @loopback}, 0x1c) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1) 7.900906ms ago: executing program 0 (id=9344): r0 = socket$phonet(0x23, 0x2, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) recvmsg(r1, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000b00)=""/191, 0xbf}, 0x102) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_GET_SCAN(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000380)={0x1c, r2, 0xf21, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000015}, 0x44000) 0s ago: executing program 1 (id=9345): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94) write$P9_RVERSION(r0, &(0x7f0000000540)=ANY=[@ANYRESHEX, @ANYBLOB="caaddb98bb30"], 0x13) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x5], 0x0, 0x0, 0x1}}, 0x40) kernel console output (not intermixed with test programs): omm="syz.0.6307" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 386.780251][ T40] audit: type=1326 audit(1769727803.745:6406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20590 comm="syz.0.6307" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 386.787300][ T40] audit: type=1326 audit(1769727803.745:6407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20590 comm="syz.0.6307" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 386.797601][ T40] audit: type=1326 audit(1769727803.745:6408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20590 comm="syz.0.6307" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 386.892576][T20603] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6313'. [ 387.593247][ T53] usb 10-1: new low-speed USB device number 10 using dummy_hcd [ 387.745175][ T53] usb 10-1: config 168 descriptor has 1 excess byte, ignoring [ 387.748395][ T53] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 387.752878][ T53] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 387.757724][ T53] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 387.762192][ T53] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 387.768109][ T53] usb 10-1: config 168 descriptor has 1 excess byte, ignoring [ 387.771314][ T53] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 387.775745][ T53] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 387.780593][ T53] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 387.785138][ T53] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 387.790918][ T53] usb 10-1: config 168 descriptor has 1 excess byte, ignoring [ 387.793993][ T53] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 387.797974][ T53] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 387.802363][ T53] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 387.807089][ T53] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 387.815465][ T53] usb 10-1: string descriptor 0 read error: -22 [ 387.818193][ T53] usb 10-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 387.822027][ T53] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 387.835964][ T53] adutux 10-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 387.863398][ T830] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 388.013219][ T830] usb 5-1: Using ep0 maxpacket: 8 [ 388.016268][ T830] usb 5-1: config 0 interface 0 has no altsetting 0 [ 388.018316][ T830] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 388.020914][ T830] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 388.024998][ T830] usb 5-1: config 0 descriptor?? [ 388.437283][ T830] usbhid 5-1:0.0: can't add hid device: -71 [ 388.441123][ T830] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 388.450989][ T830] usb 5-1: USB disconnect, device number 34 [ 388.705252][T20680] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6348'. [ 388.708102][T20680] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6348'. [ 388.711112][T20680] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6348'. [ 390.045409][ T53] usb 10-1: USB disconnect, device number 10 [ 390.332278][T20746] loop9: detected capacity change from 0 to 7 [ 390.470239][ C0] invalid error, dev loop9, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 390.474460][ C0] buffer_io_error: 327 callbacks suppressed [ 390.474474][ C0] Buffer I/O error on dev loop9, logical block 0, lost async page write [ 390.481186][ C3] invalid error, dev loop9, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2 [ 390.486214][ C3] Buffer I/O error on dev loop9, logical block 0, lost async page write [ 391.246380][ T5937] Bluetooth: hci0: command 0x1407 tx timeout [ 391.248953][ T5941] Bluetooth: hci0: Opcode 0x1407 failed: -110 [ 391.265209][T20821] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6409'. [ 391.468450][T20842] netlink: 212336 bytes leftover after parsing attributes in process `syz.4.6421'. [ 391.511217][T20844] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1 [ 391.702868][T20865] binder: 20864:20865 ioctl c0306201 800003c0 returned -22 [ 392.153425][T20911] netlink: 304 bytes leftover after parsing attributes in process `syz.4.6450'. [ 392.317518][T20921] netlink: 'syz.1.6456': attribute type 12 has an invalid length. [ 392.320178][T20921] netlink: 'syz.1.6456': attribute type 29 has an invalid length. [ 392.322687][T20921] netlink: 148 bytes leftover after parsing attributes in process `syz.1.6456'. [ 392.326171][T20921] netlink: 'syz.1.6456': attribute type 1 has an invalid length. [ 392.361607][T20925] netlink: 'syz.4.6458': attribute type 4 has an invalid length. [ 392.560435][T20945] netlink: 428 bytes leftover after parsing attributes in process `syz.1.6467'. [ 392.564455][T20945] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6467'. [ 392.693737][ T6238] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 392.853272][ T6238] usb 5-1: Using ep0 maxpacket: 8 [ 392.856627][ T6238] usb 5-1: config 0 interface 0 has no altsetting 0 [ 392.858891][ T6238] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 392.861790][ T6238] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 392.870298][ T6238] usb 5-1: config 0 descriptor?? [ 393.298940][ T6238] hid_parser_main: 8 callbacks suppressed [ 393.298962][ T6238] mcp2221 0003:04D8:00DD.001D: unknown main item tag 0x0 [ 393.303779][ T6238] mcp2221 0003:04D8:00DD.001D: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 393.501802][ T1334] usb 5-1: USB disconnect, device number 35 [ 393.773370][ T53] usb 10-1: new high-speed USB device number 11 using dummy_hcd [ 393.923304][ T53] usb 10-1: Using ep0 maxpacket: 8 [ 393.927108][ T53] usb 10-1: config index 0 descriptor too short (expected 301, got 45) [ 393.929984][ T53] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 393.933884][ T53] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 393.937663][ T53] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 393.941446][ T53] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 393.946152][ T53] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 393.949252][ T53] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 394.166405][ T53] usb 10-1: GET_CAPABILITIES returned 0 [ 394.168316][ T53] usbtmc 10-1:16.0: can't read capabilities [ 394.367558][ T61] usb 10-1: USB disconnect, device number 11 [ 394.776309][T21038] syzkaller1: entered promiscuous mode [ 394.778148][T21038] syzkaller1: entered allmulticast mode [ 395.291025][T21073] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 396.043033][T21115] netlink: 240 bytes leftover after parsing attributes in process `syz.0.6545'. [ 396.301283][T21125] syzkaller1: entered promiscuous mode [ 396.303120][T21125] syzkaller1: entered allmulticast mode [ 396.517857][ T6238] kernel write not supported for file bpf-prog (pid: 6238 comm: kworker/0:3) [ 396.559617][T21152] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 396.608005][T21158] netlink: 'syz.1.6565': attribute type 1 has an invalid length. [ 396.611336][T21158] netlink: 40 bytes leftover after parsing attributes in process `syz.1.6565'. [ 396.673752][ T6238] kernel write not supported for file bpf-prog (pid: 6238 comm: kworker/0:3) [ 396.747158][T21176] all (unregistering): Released all slaves [ 396.813909][T21181] kvm: apic: phys broadcast and lowest prio [ 396.955981][T21192] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6579'. [ 397.635802][T21221] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6591'. [ 398.346742][T21248] netlink: 'syz.1.6601': attribute type 12 has an invalid length. [ 398.350054][T21248] netlink: 'syz.1.6601': attribute type 29 has an invalid length. [ 398.353320][T21248] netlink: 148 bytes leftover after parsing attributes in process `syz.1.6601'. [ 398.356991][T21248] netlink: 'syz.1.6601': attribute type 1 has an invalid length. [ 398.550409][T21260] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 398.557014][T21260] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 398.562552][T21260] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 398.565692][T19445] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 398.566057][T21260] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 398.571971][T21260] batman_adv: batadv0: Removing interface: macvlan2 [ 398.604195][T21264] tipc: Enabled bearer , priority 10 [ 398.687008][T21266] mkiss: ax0: crc mode is auto. [ 398.717560][T19445] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 398.721502][T19445] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 398.728570][T19445] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 398.736377][T19445] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 398.739559][T19445] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 398.751527][T19445] usb 5-1: config 0 descriptor?? [ 399.200182][T19445] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 399.202922][T19445] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 399.209642][T19445] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 399.212797][T19445] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 399.216212][T19445] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 399.219486][T19445] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 399.222625][T19445] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 399.226107][T19445] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 399.229228][T19445] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 399.231948][T19445] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 399.244717][T19445] plantronics 0003:047F:FFFF.001E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 399.468055][ T53] usb 5-1: USB disconnect, device number 36 [ 399.883612][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 400.413505][T21340] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 400.423552][T21342] fuse: Bad value for 'fd' [ 400.677769][T21361] syzkaller1: entered promiscuous mode [ 400.679561][T21361] syzkaller1: entered allmulticast mode [ 400.821586][T21377] input: syz1 as /devices/virtual/input/input53 [ 400.988087][T21389] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6666'. [ 401.146085][ T1469] libceph: connect (1)[c::]:6789 error -13 [ 401.148558][ T1469] libceph: mon0 (1)[c::]:6789 connect error [ 401.428363][ T1469] libceph: connect (1)[c::]:6789 error -13 [ 401.432094][ T1469] libceph: mon0 (1)[c::]:6789 connect error [ 401.655861][T21426] sctp: [Deprecated]: syz.4.6679 (pid 21426) Use of int in maxseg socket option. [ 401.655861][T21426] Use struct sctp_assoc_value instead [ 401.914507][T21450] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6690'. [ 401.917298][T21451] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6691'. [ 401.953381][ T1469] libceph: connect (1)[c::]:6789 error -13 [ 401.955438][ T1469] libceph: mon0 (1)[c::]:6789 connect error [ 401.966292][T21401] ceph: No mds server is up or the cluster is laggy [ 402.038821][T21463] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6697'. [ 402.514147][T21500] syzkaller1: entered promiscuous mode [ 402.516214][T21500] syzkaller1: entered allmulticast mode [ 403.131212][T21507] overlayfs: failed to clone upperpath [ 403.469106][T21537] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6730'. [ 403.783269][ T6238] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 403.943261][ T6238] usb 5-1: Using ep0 maxpacket: 16 [ 403.948080][ T6238] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 403.957099][ T6238] usb 5-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 403.965556][ T6238] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 403.976061][ T6238] usb 5-1: config 0 descriptor?? [ 404.390594][ T6238] kye 0003:0458:5016.001F: control desc unexpectedly large [ 404.403343][ T6238] input: HID 0458:5016 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5016.001F/input/input54 [ 404.468409][ T6238] input: HID 0458:5016 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5016.001F/input/input55 [ 404.549841][ T6238] kye 0003:0458:5016.001F: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.0-1/input0 [ 404.589473][ T6238] usb 5-1: USB disconnect, device number 37 [ 404.603740][ T5941] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 405.163933][T21587] netlink: 68 bytes leftover after parsing attributes in process `syz.1.6750'. [ 405.669517][T21603] netlink: 36 bytes leftover after parsing attributes in process `syz.5.6758'. [ 405.711971][T21605] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 405.715142][T21605] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 405.723397][T21605] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6759'. [ 405.728404][T21605] hsr_slave_0: left promiscuous mode [ 405.734349][T21605] hsr_slave_1: left promiscuous mode [ 406.230238][T21640] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 406.392445][T21654] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6780'. [ 406.846523][ T40] kauditd_printk_skb: 173 callbacks suppressed [ 406.846540][ T40] audit: type=1326 audit(1769727824.876:6582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21675 comm="syz.4.6788" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f01579 code=0x0 [ 406.945240][T21689] sit0: entered promiscuous mode [ 406.949968][T21689] netlink: 'syz.5.6795': attribute type 1 has an invalid length. [ 406.952107][T21691] netlink: 'syz.0.6797': attribute type 1 has an invalid length. [ 406.952257][T21689] netlink: 1 bytes leftover after parsing attributes in process `syz.5.6795'. [ 406.955986][T21691] netlink: 'syz.0.6797': attribute type 6 has an invalid length. [ 406.961262][T21691] netlink: 52 bytes leftover after parsing attributes in process `syz.0.6797'. [ 407.018577][T21695] netlink: 'syz.5.6798': attribute type 7 has an invalid length. [ 407.022015][T21695] netlink: 'syz.5.6798': attribute type 8 has an invalid length. [ 407.023332][ T5955] usb 6-1: new high-speed USB device number 38 using dummy_hcd [ 407.025324][T21695] netlink: 'syz.5.6798': attribute type 7 has an invalid length. [ 407.031656][T21695] netlink: 208740 bytes leftover after parsing attributes in process `syz.5.6798'. [ 407.183362][ T5955] usb 6-1: Using ep0 maxpacket: 16 [ 407.188444][ T5955] usb 6-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47 [ 407.191752][ T5955] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 407.200523][ T5955] usb 6-1: Product: syz [ 407.202136][ T5955] usb 6-1: Manufacturer: syz [ 407.203905][ T5955] usb 6-1: SerialNumber: syz [ 407.207193][ T5955] usb 6-1: config 0 descriptor?? [ 407.215137][ T5955] mcba_usb 6-1:0.0: Can't find endpoints [ 407.453299][ T1469] usb 6-1: USB disconnect, device number 38 [ 407.840606][T21736] ip6gre1: entered allmulticast mode [ 407.844227][T21736] team0: Device ip6gre1 is of different type [ 408.154742][T21755] netlink: 212916 bytes leftover after parsing attributes in process `syz.4.6827'. [ 408.464772][T21780] netlink: 212916 bytes leftover after parsing attributes in process `syz.5.6838'. [ 408.539825][T21792] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.6844'. [ 408.650072][T21804] netlink: 212916 bytes leftover after parsing attributes in process `syz.1.6850'. [ 408.697671][ T40] audit: type=1326 audit(1769727826.726:6583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21801 comm="syz.4.6849" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f01579 code=0x0 [ 408.754069][T21810] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 408.758714][T21810] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 409.073337][ T61] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 409.243293][ T61] usb 5-1: Using ep0 maxpacket: 16 [ 409.247495][ T61] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30 [ 409.252172][ T61] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 409.256951][ T61] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 409.267070][ T61] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129 [ 409.272587][ T61] usb 5-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00 [ 409.276766][ T61] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 409.282597][ T61] usb 5-1: config 0 descriptor?? [ 409.702875][ T61] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5013.0020/input/input57 [ 409.729723][T21846] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6868'. [ 409.781268][ T61] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5013.0020/input/input58 [ 409.853420][ T61] kye 0003:0458:5013.0020: input,hiddev0,hidraw0: USB HID vff.fa Device [HID 0458:5013] on usb-dummy_hcd.0-1/input0 [ 409.906836][ T61] usb 5-1: USB disconnect, device number 38 [ 410.253286][ T1469] usb 6-1: new high-speed USB device number 39 using dummy_hcd [ 410.403244][ T1469] usb 6-1: Using ep0 maxpacket: 8 [ 410.406501][ T1469] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 410.409176][ T1469] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 410.412854][ T1469] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 410.417319][ T1469] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 410.421525][ T1469] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 410.427448][ T1469] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 410.431293][ T1469] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 410.488925][T21867] program syz.0.6877 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 410.649578][ T1469] usb 6-1: GET_CAPABILITIES returned 0 [ 410.652089][ T1469] usbtmc 6-1:16.0: can't read capabilities [ 410.852341][ T1469] usb 6-1: USB disconnect, device number 39 [ 410.931884][T21896] 9p: Bad value for 'rfdno' [ 410.971483][T21898] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6891'. [ 410.974951][T21898] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6891'. [ 410.982793][ T1159] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 410.988682][ T1159] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 410.998281][ T1159] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 411.002126][ T1159] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 412.565805][T21978] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6923'. [ 413.204900][T22018] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6945'. [ 413.292058][T22023] all (unregistering): Released all slaves [ 413.391479][ T40] audit: type=1800 audit(1769727831.416:6584): pid=22037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.6953" name="nullb0" dev="tmpfs" ino=5920 res=0 errno=0 [ 413.554760][T22054] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6959'. [ 414.133403][ T1334] usb 5-1: new high-speed USB device number 39 using dummy_hcd [ 414.283426][ T1334] usb 5-1: Using ep0 maxpacket: 8 [ 414.287513][ T1334] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 414.291857][ T1334] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 414.304101][ T1334] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 414.308778][ T1334] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 414.320152][ T1334] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 414.324192][ T1334] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 414.337196][ T1334] hub 5-1:1.0: bad descriptor, ignoring hub [ 414.339928][ T1334] hub 5-1:1.0: probe with driver hub failed with error -5 [ 414.343445][ T1334] cdc_wdm 5-1:1.0: skipping garbage [ 414.345719][ T1334] cdc_wdm 5-1:1.0: skipping garbage [ 414.350459][ T1334] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 414.353060][ T1334] cdc_wdm 5-1:1.0: Unknown control protocol [ 414.687808][T22099] overlayfs: failed to clone upperpath [ 414.931930][T22113] netlink: 'syz.5.6986': attribute type 12 has an invalid length. [ 414.934722][T22113] netlink: 'syz.5.6986': attribute type 29 has an invalid length. [ 414.937310][T22113] netlink: 148 bytes leftover after parsing attributes in process `syz.5.6986'. [ 414.940554][T22113] netlink: 'syz.5.6986': attribute type 1 has an invalid length. [ 415.073229][T22126] netlink: 212348 bytes leftover after parsing attributes in process `syz.5.6999'. [ 416.893618][T19445] usb 5-1: USB disconnect, device number 39 [ 416.934359][T22144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 416.937199][T22144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 416.952637][T22144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 416.955398][T22144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 416.958132][T22144] batman_adv: batadv0: Interface deactivated: gretap1 [ 416.960280][T22144] batman_adv: batadv0: Removing interface: gretap1 [ 417.153258][ T61] usb 6-1: new high-speed USB device number 40 using dummy_hcd [ 417.312589][ T61] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 417.338266][ T61] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 417.341044][ T61] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 417.344954][ T61] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 417.347515][ T61] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 417.351123][ T61] usb 6-1: config 0 descriptor?? [ 417.781843][ T61] hid_parser_main: 5 callbacks suppressed [ 417.781865][ T61] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 417.788196][ T61] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 417.791162][ T61] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 417.794639][ T61] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 417.797469][ T61] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 417.800457][ T61] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 417.804512][ T61] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 417.807556][ T61] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 417.810292][ T61] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 417.815078][ T61] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 417.820943][ T61] plantronics 0003:047F:FFFF.0021: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 418.041842][ T61] usb 6-1: USB disconnect, device number 40 [ 418.363273][ T93] wlan1: Trigger new scan to find an IBSS to join [ 418.387054][ T40] audit: type=1326 audit(1769727836.416:6585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22231 comm="syz.0.7034" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 418.394362][ T40] audit: type=1326 audit(1769727836.416:6586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22231 comm="syz.0.7034" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf73dd598 code=0x7ffc0000 [ 418.401085][ T40] audit: type=1326 audit(1769727836.416:6587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22231 comm="syz.0.7034" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf73dd598 code=0x7ffc0000 [ 418.408998][ T40] audit: type=1326 audit(1769727836.416:6588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22231 comm="syz.0.7034" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 418.416615][ T40] audit: type=1326 audit(1769727836.416:6589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22231 comm="syz.0.7034" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 418.424321][ T40] audit: type=1326 audit(1769727836.416:6590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22231 comm="syz.0.7034" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 418.431777][ T40] audit: type=1326 audit(1769727836.416:6591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22231 comm="syz.0.7034" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 418.438906][ T40] audit: type=1326 audit(1769727836.416:6592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22231 comm="syz.0.7034" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf73dd598 code=0x7ffc0000 [ 418.447269][ T40] audit: type=1326 audit(1769727836.416:6593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22231 comm="syz.0.7034" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf73dd598 code=0x7ffc0000 [ 418.455530][ T40] audit: type=1326 audit(1769727836.416:6594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22231 comm="syz.0.7034" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf73dd598 code=0x7ffc0000 [ 418.462202][ T40] audit: type=1326 audit(1769727836.416:6595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22231 comm="syz.0.7034" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf73dd598 code=0x7ffc0000 [ 418.506250][T22237] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7036'. [ 418.896432][T22276] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7054'. [ 419.772023][T22319] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.7071'. [ 420.756410][T22388] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.7099'. [ 421.038145][T22402] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7105'. [ 421.383164][T22427] netlink: 68 bytes leftover after parsing attributes in process `syz.5.7118'. [ 421.483316][ T93] wlan1: Trigger new scan to find an IBSS to join [ 421.729179][T22453] netlink: 'syz.5.7130': attribute type 2 has an invalid length. [ 421.731942][T22453] netlink: 'syz.5.7130': attribute type 2 has an invalid length. [ 421.735400][T22453] netlink: 'syz.5.7130': attribute type 2 has an invalid length. [ 421.797068][T22459] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7132'. [ 421.829348][T22465] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.7135'. [ 422.024382][T22475] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7138'. [ 422.026475][T22476] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7139'. [ 422.444397][T22513] kvm: user requested TSC rate below hardware speed [ 422.453428][ T60] wlan1: Creating new IBSS network, BSSID 3a:19:4e:90:41:d1 [ 422.638324][T22528] overlayfs: failed to clone upperpath [ 422.884150][T22539] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 422.926055][T22541] hsr_slave_0: left promiscuous mode [ 422.934938][T22541] hsr_slave_1: left promiscuous mode [ 423.731056][T22591] binder: 22590:22591 unknown command 0 [ 423.735484][T22591] binder: 22590:22591 ioctl c0306201 80000080 returned -22 [ 424.141255][T22610] ip6gre1: entered allmulticast mode [ 424.154291][T22610] team0: Device ip6gre1 is of different type [ 424.430410][T22623] sock: sock_set_timeout: `syz.1.7201' (pid 22623) tries to set negative timeout [ 424.732692][T22647] overlayfs: failed to clone upperpath [ 425.827814][T22686] overlayfs: failed to clone upperpath [ 425.834421][T22686] overlayfs: failed to clone upperpath [ 426.312417][ T40] kauditd_printk_skb: 94 callbacks suppressed [ 426.312435][ T40] audit: type=1326 audit(1769727844.336:6690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22701 comm="syz.4.7242" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x0 [ 426.570424][T22714] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 426.574962][T22714] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 427.660235][ T40] audit: type=1326 audit(1769727845.686:6691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22757 comm="syz.0.7260" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73dd579 code=0x0 [ 427.973037][T22775] __nla_validate_parse: 6 callbacks suppressed [ 427.973050][T22775] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7265'. [ 427.979077][T22775] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7265'. [ 428.683226][ T1023] usb 6-1: new high-speed USB device number 41 using dummy_hcd [ 428.843316][ T1023] usb 6-1: Using ep0 maxpacket: 8 [ 428.846516][ T1023] usb 6-1: config 0 interface 0 has no altsetting 0 [ 428.848910][ T1023] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 428.851772][ T1023] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 428.856502][ T1023] usb 6-1: config 0 descriptor?? [ 429.269361][ T1023] mcp2221 0003:04D8:00DD.0022: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 429.360883][T22810] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7280'. [ 429.408177][T22813] netlink: 'syz.0.7282': attribute type 10 has an invalid length. [ 429.410709][T22813] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7282'. [ 429.414107][T22813] dummy0: entered promiscuous mode [ 429.419212][T22813] bridge0: port 4(dummy0) entered blocking state [ 429.421813][T22813] bridge0: port 4(dummy0) entered disabled state [ 429.425670][T22813] dummy0: entered allmulticast mode [ 429.471978][ T1334] usb 6-1: USB disconnect, device number 41 [ 430.502807][T22852] loop5: detected capacity change from 0 to 7 [ 430.510113][T15187] Dev loop5: unable to read RDB block 7 [ 430.512001][T15187] loop5: unable to read partition table [ 430.514823][T15187] loop5: partition table beyond EOD, truncated [ 430.530342][T22852] Dev loop5: unable to read RDB block 7 [ 430.532143][T22852] loop5: unable to read partition table [ 430.541717][T22852] loop5: partition table beyond EOD, truncated [ 430.544030][T22852] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5) [ 430.590461][T22859] input: syz1 as /devices/virtual/input/input59 [ 431.485759][T22905] netlink: 212336 bytes leftover after parsing attributes in process `syz.5.7321'. [ 432.268714][T22927] overlayfs: invalid origin (000000790066696c6530000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 432.384581][T22933] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7334'. [ 432.389799][T22933] netlink: 72 bytes leftover after parsing attributes in process `syz.1.7334'. [ 432.875878][T22966] Invalid ELF header magic: != ELF [ 432.912246][T22970] netlink: 7 bytes leftover after parsing attributes in process `syz.1.7350'. [ 432.945198][T22972] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7351'. [ 433.167666][T22994] 8021q: adding VLAN 0 to HW filter on device bond1 [ 433.381621][T23023] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7374'. [ 433.547399][T23035] netlink: 'syz.0.7378': attribute type 13 has an invalid length. [ 433.550652][T23035] netlink: 'syz.0.7378': attribute type 17 has an invalid length. [ 433.668424][T23049] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7386'. [ 433.670141][T23035] bridge0: port 4(dummy0) entered blocking state [ 433.673505][T23035] bridge0: port 4(dummy0) entered listening state [ 433.686349][T23035] 8021q: adding VLAN 0 to HW filter on device bond0 [ 433.689795][T23035] bridge0: port 3(vlan0) entered blocking state [ 433.691874][T23035] bridge0: port 3(vlan0) entered listening state [ 433.733669][T23035] 8021q: adding VLAN 0 to HW filter on device team0 [ 433.741955][T23035] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 433.786010][ T1469] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 433.915661][ T5941] Bluetooth: hci2: unexpected Set CIG Parameters response data [ 433.918971][ T5941] Bluetooth: hci2: unexpected event for opcode 0x2062 [ 434.014360][T23075] syzkaller1: entered promiscuous mode [ 434.016408][T23075] syzkaller1: entered allmulticast mode [ 434.059239][ T40] audit: type=1326 audit(1769727852.086:6692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23070 comm="syz.4.7404" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f01598 code=0x7ffc0000 [ 434.067364][ T40] audit: type=1326 audit(1769727852.086:6693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23070 comm="syz.4.7404" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 434.075551][ T40] audit: type=1326 audit(1769727852.086:6694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23070 comm="syz.4.7404" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 434.083972][ T40] audit: type=1326 audit(1769727852.086:6695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23070 comm="syz.4.7404" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f01598 code=0x7ffc0000 [ 434.092252][ T40] audit: type=1326 audit(1769727852.086:6696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23070 comm="syz.4.7404" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 434.100929][ T40] audit: type=1326 audit(1769727852.086:6697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23070 comm="syz.4.7404" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 434.109264][ T40] audit: type=1326 audit(1769727852.086:6698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23070 comm="syz.4.7404" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f01598 code=0x7ffc0000 [ 434.117653][ T40] audit: type=1326 audit(1769727852.086:6699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23070 comm="syz.4.7404" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f01598 code=0x7ffc0000 [ 434.126659][ T40] audit: type=1326 audit(1769727852.086:6700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23070 comm="syz.4.7404" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 434.135098][ T40] audit: type=1326 audit(1769727852.086:6701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23070 comm="syz.4.7404" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 434.195967][ T1159] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 434.374532][T23098] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7405'. [ 434.523532][ T1469] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 434.668711][T23131] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7421'. [ 434.671549][T23131] netlink: 'syz.4.7421': attribute type 1 has an invalid length. [ 434.815538][T23151] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 434.883322][ T1023] usb 6-1: new high-speed USB device number 42 using dummy_hcd [ 435.045255][ T1023] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 435.048797][ T1023] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 435.051909][ T1023] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 435.055529][ T1023] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 435.060281][ T1023] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 435.063265][ T1023] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 435.065972][ T1023] usb 6-1: Product: syz [ 435.067324][ T1023] usb 6-1: Manufacturer: syz [ 435.068806][ T1023] usb 6-1: SerialNumber: syz [ 435.077429][ T1023] usb 6-1: config 0 descriptor?? [ 435.243821][ T93] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 435.247055][ T93] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 435.291203][ T1023] adutux 6-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0 [ 435.333396][ T830] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 435.494253][T19445] usb 6-1: USB disconnect, device number 42 [ 435.863570][T23199] overlayfs: missing 'lowerdir' [ 436.213366][ T1023] usb 5-1: new high-speed USB device number 40 using dummy_hcd [ 436.364234][ T1023] usb 5-1: Using ep0 maxpacket: 8 [ 436.368198][ T1023] usb 5-1: config 0 interface 0 has no altsetting 0 [ 436.371084][ T1023] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 436.375000][ T1023] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 436.379068][ T1023] usb 5-1: config 0 descriptor?? [ 436.464868][T23226] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 436.472365][T23226] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.7461'. [ 436.517314][T23228] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7462'. [ 436.800819][ T1023] mcp2221 0003:04D8:00DD.0023: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 436.809828][T23238] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7468'. [ 437.006204][ T1023] usb 5-1: USB disconnect, device number 40 [ 437.038256][T23251] dummy0: entered promiscuous mode [ 437.043700][T23251] dummy0: left promiscuous mode [ 437.131508][T23256] netlink: 'syz.1.7476': attribute type 2 has an invalid length. [ 437.134349][T23256] netlink: 'syz.1.7476': attribute type 2 has an invalid length. [ 437.137776][T23256] netlink: 'syz.1.7476': attribute type 2 has an invalid length. [ 437.415454][T23271] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7482'. [ 437.434992][T23273] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7481'. [ 437.706229][T23305] KVM: debugfs: duplicate directory 23305-5 [ 437.764849][T23315] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7501'. [ 437.969735][ T5941] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 437.973021][ T5941] Bluetooth: hci2: Injecting HCI hardware error event [ 437.979317][ T5937] Bluetooth: hci2: hardware error 0x00 [ 438.021690][T23342] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 438.244921][T23359] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 40 [ 438.499039][T23370] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.7526'. [ 438.576014][T23374] netlink: 44 bytes leftover after parsing attributes in process `syz.5.7528'. [ 438.578967][T23374] netlink: 43 bytes leftover after parsing attributes in process `syz.5.7528'. [ 438.581890][T23374] netlink: 'syz.5.7528': attribute type 6 has an invalid length. [ 438.586688][T23374] netlink: 'syz.5.7528': attribute type 5 has an invalid length. [ 438.589838][T23374] netlink: 43 bytes leftover after parsing attributes in process `syz.5.7528'. [ 438.658025][ T1334] libceph: connect (1)[c::]:6789 error -13 [ 438.660086][ T1334] libceph: mon0 (1)[c::]:6789 connect error [ 438.707389][T23380] ceph: No mds server is up or the cluster is laggy [ 438.940995][T23411] netlink: 84 bytes leftover after parsing attributes in process `syz.4.7544'. [ 438.945808][T23411] netlink: 84 bytes leftover after parsing attributes in process `syz.4.7544'. [ 439.000107][T23417] syzkaller1: entered promiscuous mode [ 439.002543][T23417] syzkaller1: entered allmulticast mode [ 439.315790][ T40] kauditd_printk_skb: 75 callbacks suppressed [ 439.315803][ T40] audit: type=1326 audit(1769727857.346:6777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23443 comm="syz.1.7559" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf749d579 code=0x0 [ 439.324438][ C3] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 439.418011][T23455] overlayfs: failed to clone upperpath [ 440.022882][T23492] netlink: 'syz.4.7578': attribute type 19 has an invalid length. [ 440.043264][ T5937] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 440.565777][T23529] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 440.755284][T23550] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7604'. [ 440.864105][T23558] bridge0: port 2(bridge_slave_1) entered disabled state [ 440.887572][T23558] bridge_slave_1 (unregistering): left allmulticast mode [ 440.890613][T23558] bridge_slave_1 (unregistering): left promiscuous mode [ 440.893084][T23558] bridge0: port 2(bridge_slave_1) entered disabled state [ 441.143357][ T1334] usb 6-1: new high-speed USB device number 43 using dummy_hcd [ 441.314820][ T1334] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 441.318935][ T1334] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 441.328379][ T1334] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 441.332517][ T1334] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 441.337554][ T1334] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 441.344327][ T1334] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 441.348018][ T1334] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 441.351429][ T1334] usb 6-1: Product: syz [ 441.356273][ T1334] usb 6-1: Manufacturer: syz [ 441.363687][ T1334] cdc_wdm 6-1:1.0: skipping garbage [ 441.365979][ T1334] cdc_wdm 6-1:1.0: skipping garbage [ 441.370275][ T1334] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 441.373696][ T1334] cdc_wdm 6-1:1.0: Unknown control protocol [ 441.460057][T23598] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7625'. [ 441.620992][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 441.621414][ T6330] usb 6-1: USB disconnect, device number 43 [ 441.623924][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 441.623945][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 441.628682][T23562] cdc_wdm 6-1:1.0: Tx URB error: -19 [ 441.806213][T23612] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 441.810694][T23612] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 441.906646][T23612] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 441.910383][T23612] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 441.982492][T23612] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 441.985915][T23612] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.040613][T23612] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 442.044421][T23612] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.148630][ T60] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 442.151953][ T60] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.162032][ T60] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 442.164977][ T60] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.175136][ T60] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 442.178644][ T60] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.187324][ T60] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 442.190044][ T60] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.286845][T23622] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7634'. [ 442.291951][T23622] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7634'. [ 442.623226][ T1334] usb 6-1: new high-speed USB device number 44 using dummy_hcd [ 442.775156][ T1334] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 442.783253][ T1334] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 442.787539][ T1334] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 442.791328][ T1334] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 442.805199][ T1334] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 442.816376][ T1334] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 442.820447][ T1334] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 442.824802][ T1334] usb 6-1: Product: syz [ 442.832758][ T1334] usb 6-1: Manufacturer: syz [ 442.840851][ T1334] cdc_wdm 6-1:1.0: skipping garbage [ 442.843071][ T1334] cdc_wdm 6-1:1.0: skipping garbage [ 442.847617][ T1334] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 442.850141][ T1334] cdc_wdm 6-1:1.0: Unknown control protocol [ 443.063370][ T6238] usb 5-1: new full-speed USB device number 41 using dummy_hcd [ 443.099473][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 443.100480][ T6330] usb 6-1: USB disconnect, device number 44 [ 443.102003][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 443.107169][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 443.225010][ T6238] usb 5-1: config 0 interface 0 altsetting 251 has an endpoint descriptor with address 0x43, changing to 0x3 [ 443.228976][ T6238] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x3 has invalid maxpacket 65, setting to 64 [ 443.232500][ T6238] usb 5-1: config 0 interface 0 has no altsetting 0 [ 443.237187][ T6238] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 443.240435][ T6238] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 443.244031][ T6238] usb 5-1: Product: syz [ 443.245604][ T6238] usb 5-1: Manufacturer: syz [ 443.247240][ T6238] usb 5-1: SerialNumber: syz [ 443.251398][ T6238] usb 5-1: config 0 descriptor?? [ 443.253977][T23654] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 443.262188][ T6238] usb 5-1: selecting invalid altsetting 0 [ 443.464268][ T6238] usb 5-1: USB disconnect, device number 41 [ 444.766025][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.964225][T23761] __nla_validate_parse: 1 callbacks suppressed [ 445.964242][T23761] netlink: 40 bytes leftover after parsing attributes in process `syz.1.7694'. [ 445.997757][T23767] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7698'. [ 446.355727][T23806] netlink: 7 bytes leftover after parsing attributes in process `syz.4.7716'. [ 447.210092][T23861] netlink: 'syz.5.7742': attribute type 10 has an invalid length. [ 447.214244][T23861] bridge0: port 1(bridge_slave_0) entered disabled state [ 447.226821][T23861] bridge0: port 1(bridge_slave_0) entered blocking state [ 447.229080][T23861] bridge0: port 1(bridge_slave_0) entered forwarding state [ 447.232770][T23861] bridge0: port 1(bridge_slave_0) entered disabled state [ 447.328706][T23866] overlayfs: failed to clone upperpath [ 447.332140][T23866] overlayfs: failed to clone lowerpath [ 447.539666][T23881] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7750'. [ 447.797998][ T830] libceph: connect (1)[c::]:6789 error -101 [ 447.800342][ T830] libceph: mon0 (1)[c::]:6789 connect error [ 447.963296][ C3] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 448.064057][ T830] libceph: connect (1)[c::]:6789 error -101 [ 448.073284][ T830] libceph: mon0 (1)[c::]:6789 connect error [ 448.093257][ T40] audit: type=1326 audit(1769727866.126:6778): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=23929 comm="syz.0.7771" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73dd579 code=0x0 [ 448.583513][ T830] libceph: connect (1)[c::]:6789 error -101 [ 448.586224][ T830] libceph: mon0 (1)[c::]:6789 connect error [ 448.622171][T23908] ceph: No mds server is up or the cluster is laggy [ 448.655780][T23948] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7779'. [ 448.658998][T23948] netlink: 'syz.5.7779': attribute type 1 has an invalid length. [ 448.666882][ T1159] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 448.672548][ T1159] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 448.675809][ T1159] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 448.684136][ T93] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 448.790755][ T40] audit: type=1326 audit(1769727866.816:6779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23961 comm="syz.5.7792" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73fd579 code=0x0 [ 448.973231][ T6330] usb 6-1: new high-speed USB device number 45 using dummy_hcd [ 449.107232][T23978] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 449.114577][T23978] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.7791'. [ 449.130292][ T6330] usb 6-1: config 1 interface 0 altsetting 127 bulk endpoint 0x81 has invalid maxpacket 64 [ 449.134721][ T6330] usb 6-1: config 1 interface 0 altsetting 127 bulk endpoint 0x2 has invalid maxpacket 32 [ 449.143291][ T6330] usb 6-1: config 1 interface 0 has no altsetting 0 [ 449.148638][ T6330] usb 6-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40 [ 449.162639][ T6330] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 449.166278][ T6330] usb 6-1: Product: syz [ 449.168037][ T6330] usb 6-1: Manufacturer: syz [ 449.169947][ T6330] usb 6-1: SerialNumber: syz [ 449.175664][T23956] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 449.183338][T23956] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 449.454008][ T40] audit: type=1326 audit(1769727867.486:6780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23985 comm="syz.0.7795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 449.460816][ T40] audit: type=1326 audit(1769727867.486:6781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23985 comm="syz.0.7795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 449.467965][ T40] audit: type=1326 audit(1769727867.486:6782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23985 comm="syz.0.7795" exe="/syz-executor" sig=0 arch=40000003 syscall=425 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 449.475459][ T40] audit: type=1326 audit(1769727867.486:6783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23985 comm="syz.0.7795" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 449.483271][ T40] audit: type=1326 audit(1769727867.486:6784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23985 comm="syz.0.7795" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 449.491735][ T40] audit: type=1326 audit(1769727867.486:6785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23985 comm="syz.0.7795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 449.501484][ T40] audit: type=1326 audit(1769727867.486:6786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23985 comm="syz.0.7795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 449.508491][ T40] audit: type=1326 audit(1769727867.486:6787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23985 comm="syz.0.7795" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 449.657392][T23997] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 449.901818][T24022] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7811'. [ 450.045860][T24035] netlink: 6 bytes leftover after parsing attributes in process `syz.4.7817'. [ 450.136604][T24040] syz_tun: refused to change device tx_queue_len [ 450.138861][T24040] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 450.149725][ T13] bridge0: port 3(syz_tun) entered disabled state [ 450.156048][T24040] syz_tun: refused to change device tx_queue_len [ 450.158184][T24040] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 450.183292][ T1334] usb 5-1: new full-speed USB device number 42 using dummy_hcd [ 450.201280][ T6330] (unnamed net_device) (uninitialized): Assigned a random MAC address: 8e:a3:d6:f6:7b:3c [ 450.217516][ T6330] rtl8150 6-1:1.0: eth10: rtl8150 is detected [ 450.226330][ T6330] usb 6-1: USB disconnect, device number 45 [ 450.263079][T24046] netlink: 212328 bytes leftover after parsing attributes in process `syz.5.7822'. [ 450.270824][T24046] netlink: Conntrack attr has 4 unknown bytes [ 450.345254][ T1334] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 450.348304][ T1334] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 450.352242][ T1334] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 450.357114][ T1334] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 450.571755][ T1334] usb 5-1: usb_control_msg returned -32 [ 450.573864][ T1334] usbtmc 5-1:16.0: can't read capabilities [ 450.741661][T24059] dummy0: entered promiscuous mode [ 450.744234][T24059] bond0: entered promiscuous mode [ 450.745889][T24059] bond_slave_0: entered promiscuous mode [ 450.747806][T24059] bond_slave_1: entered promiscuous mode [ 450.750396][T24059] bond0: left promiscuous mode [ 450.751956][T24059] bond_slave_0: left promiscuous mode [ 450.753951][T24059] bond_slave_1: left promiscuous mode [ 450.756703][T24059] dummy0: left promiscuous mode [ 450.855302][T24066] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.7831'. [ 450.924679][T24072] usbtmc 5-1:16.0: usbtmc488_ioctl_trigger returned -90 [ 451.443428][T24105] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7849'. [ 451.552665][T24118] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7856'. [ 451.634464][T24128] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.7860'. [ 451.704530][T24134] netlink: 64 bytes leftover after parsing attributes in process `syz.5.7862'. [ 451.920958][T24155] netlink: 44 bytes leftover after parsing attributes in process `syz.4.7868'. [ 451.925335][T24155] netlink: 43 bytes leftover after parsing attributes in process `syz.4.7868'. [ 451.928285][T24155] netlink: 'syz.4.7868': attribute type 6 has an invalid length. [ 451.930896][T24155] netlink: 'syz.4.7868': attribute type 5 has an invalid length. [ 451.934002][T24155] netlink: 43 bytes leftover after parsing attributes in process `syz.4.7868'. [ 451.964870][T24158] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7869'. [ 452.872784][T24181] vcan0: tx drop: invalid sa for name 0x0000000000000401 [ 452.952116][ T53] usb 5-1: USB disconnect, device number 42 [ 453.323284][T24206] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7893'. [ 454.228029][ T40] kauditd_printk_skb: 6 callbacks suppressed [ 454.228045][ T40] audit: type=1326 audit(1769727872.256:6794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24259 comm="syz.4.7917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 454.239004][ T40] audit: type=1326 audit(1769727872.256:6795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24259 comm="syz.4.7917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 454.246521][ T40] audit: type=1326 audit(1769727872.266:6796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24259 comm="syz.4.7917" exe="/syz-executor" sig=0 arch=40000003 syscall=343 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 454.256029][ T40] audit: type=1326 audit(1769728128.268:6797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24259 comm="syz.4.7917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 454.265780][ T40] audit: type=1326 audit(1769728128.268:6798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24259 comm="syz.4.7917" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x7ffc0000 [ 454.384864][T24272] bond0: (slave rose0): Error: Device is in use and cannot be enslaved [ 454.838237][T24306] netlink: 'syz.1.7934': attribute type 19 has an invalid length. [ 455.004256][ T1159] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 455.143234][ T830] usb 6-1: new high-speed USB device number 46 using dummy_hcd [ 455.323367][ T830] usb 6-1: Using ep0 maxpacket: 8 [ 455.327260][ T830] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 455.330771][ T830] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 455.336956][ T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 455.341270][ T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 455.346794][ T830] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 455.352088][ T830] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 455.356616][ T830] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 455.647339][ T5937] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 455.658362][ T5937] CPU: 0 UID: 0 PID: 5937 Comm: kworker/u33:2 Tainted: G L syzkaller #0 PREEMPT(full) [ 455.658396][ T5937] Tainted: [L]=SOFTLOCKUP [ 455.658402][ T5937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 455.658413][ T5937] Workqueue: hci0 hci_rx_work [ 455.658441][ T5937] Call Trace: [ 455.658448][ T5937] [ 455.658455][ T5937] dump_stack_lvl+0x100/0x190 [ 455.658481][ T5937] sysfs_warn_dup.cold+0x1c/0x28 [ 455.658507][ T5937] sysfs_create_dir_ns+0x24b/0x2b0 [ 455.658532][ T5937] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 455.658553][ T5937] ? find_held_lock+0x2b/0x80 [ 455.658571][ T5937] ? kobject_add_internal+0x25f/0x930 [ 455.658596][ T5937] ? kobject_add_internal+0x25f/0x930 [ 455.658624][ T5937] ? do_raw_spin_unlock+0x145/0x1e0 [ 455.658653][ T5937] kobject_add_internal+0x2c8/0x930 [ 455.658681][ T5937] kobject_add+0x16a/0x1e0 [ 455.658705][ T5937] ? __pfx_kobject_add+0x10/0x10 [ 455.658727][ T5937] ? class_to_subsys+0x10f/0x150 [ 455.658757][ T5937] ? kobject_put+0xb9/0x640 [ 455.658777][ T5937] ? _raw_spin_unlock+0x28/0x50 [ 455.658803][ T5937] device_add+0x294/0x1950 [ 455.658828][ T5937] ? __pfx_dev_set_name+0x10/0x10 [ 455.658854][ T5937] ? __pfx_device_add+0x10/0x10 [ 455.658876][ T5937] ? mgmt_send_event_skb+0x2fb/0x460 [ 455.658902][ T5937] hci_conn_add_sysfs+0x1a3/0x260 [ 455.658926][ T5937] le_conn_complete_evt+0x11cb/0x1f40 [ 455.658955][ T5937] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 455.658987][ T5937] hci_le_conn_complete_evt+0x23c/0x3a0 [ 455.659011][ T5937] ? skb_pull_data+0x15f/0x1e0 [ 455.659035][ T5937] hci_le_meta_evt+0x34a/0x5f0 [ 455.659060][ T5937] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 455.659087][ T5937] hci_event_packet+0x682/0x11c0 [ 455.659110][ T5937] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 455.659136][ T5937] ? __pfx_hci_event_packet+0x10/0x10 [ 455.659161][ T5937] ? kcov_remote_start+0x374/0x660 [ 455.659180][ T5937] ? lockdep_hardirqs_on+0x78/0x100 [ 455.659207][ T5937] hci_rx_work+0x451/0xfc0 [ 455.659243][ T5937] process_one_work+0x9c2/0x1840 [ 455.659284][ T5937] ? __pfx_process_one_work+0x10/0x10 [ 455.659326][ T5937] ? assign_work+0x19c/0x250 [ 455.659360][ T5937] worker_thread+0x5da/0xe40 [ 455.659399][ T5937] ? kthread+0x17d/0x730 [ 455.659422][ T5937] ? __pfx_worker_thread+0x10/0x10 [ 455.659447][ T5937] kthread+0x3b3/0x730 [ 455.659473][ T5937] ? __pfx_kthread+0x10/0x10 [ 455.659495][ T5937] ? ret_from_fork+0x79/0xaf0 [ 455.659512][ T5937] ? ret_from_fork+0x79/0xaf0 [ 455.659530][ T5937] ? rcu_is_watching+0x12/0xc0 [ 455.659548][ T5937] ? __pfx_kthread+0x10/0x10 [ 455.659576][ T5937] ret_from_fork+0x754/0xaf0 [ 455.659594][ T5937] ? __pfx_ret_from_fork+0x10/0x10 [ 455.659612][ T5937] ? rcu_is_watching+0x12/0xc0 [ 455.659629][ T5937] ? __switch_to+0x7b9/0x10c0 [ 455.659652][ T5937] ? __pfx_kthread+0x10/0x10 [ 455.659679][ T5937] ret_from_fork_asm+0x1a/0x30 [ 455.659719][ T5937] [ 455.659745][ T5937] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 455.775187][ T5937] Bluetooth: hci0: failed to register connection device [ 456.138910][T24355] usbtmc 6-1:16.0: simple usb_control_msg failed -32 [ 456.142697][ T830] usb 6-1: USB disconnect, device number 46 [ 456.679278][ T40] audit: type=1326 audit(1769728130.698:6799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24357 comm="syz.5.7958" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73fd579 code=0x0 [ 456.718923][T24365] pimreg: entered allmulticast mode [ 457.158258][T24392] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7971'. [ 457.460103][ T40] audit: type=1326 audit(1769728131.478:6800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24419 comm="syz.1.7984" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 457.469157][ T40] audit: type=1326 audit(1769728131.478:6801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24419 comm="syz.1.7984" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 457.479019][ T40] audit: type=1326 audit(1769728131.478:6802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24419 comm="syz.1.7984" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 457.486554][ T40] audit: type=1326 audit(1769728131.478:6803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24419 comm="syz.1.7984" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x7ffc0000 [ 457.584092][T24428] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.7986'. [ 457.588084][T24428] netlink: Unknown conntrack attr (0) [ 457.680081][T24433] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7987'. [ 457.682976][T24433] netlink: 'syz.5.7987': attribute type 15 has an invalid length. [ 457.703306][T24433] vxlan1: entered promiscuous mode [ 457.710038][ T60] netdevsim netdevsim5 netdevsim0: set [0, 1] type 1 family 0 port 256 - 0 [ 457.725053][ T60] netdevsim netdevsim5 netdevsim1: set [0, 1] type 1 family 0 port 256 - 0 [ 457.728582][ T60] netdevsim netdevsim5 netdevsim2: set [0, 1] type 1 family 0 port 256 - 0 [ 457.731807][ T60] netdevsim netdevsim5 netdevsim3: set [0, 1] type 1 family 0 port 256 - 0 [ 458.273409][ T830] usb 6-1: new high-speed USB device number 47 using dummy_hcd [ 458.423295][ T830] usb 6-1: Using ep0 maxpacket: 8 [ 458.427094][ T830] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 458.430649][ T830] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 458.434088][ T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 458.438279][ T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 458.442478][ T830] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 458.448172][ T830] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 458.451901][ T830] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 458.511376][T24463] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8001'. [ 458.661197][T15187] udevd[15187]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 458.666047][ T830] usb 6-1: usb_control_msg returned -32 [ 458.668688][ T830] usbtmc 6-1:16.0: can't read capabilities [ 459.019452][T24480] usbtmc 6-1:16.0: INITIATE_ABORT_BULK_OUT returned 0 [ 459.207059][T24486] netlink: 'syz.0.8008': attribute type 10 has an invalid length. [ 459.209982][T24486] syz_tun: entered promiscuous mode [ 459.216651][T24486] syz_tun: entered allmulticast mode [ 459.220800][ T1469] usb 6-1: USB disconnect, device number 47 [ 459.340424][T24492] 9pnet: p9_errstr2errno: server reported unknown error ile0 [ 459.794773][T24510] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 459.798865][T24510] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 1] type 1 family 0 port 256 - 0 [ 459.803625][T24510] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 459.888743][T24510] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 459.891989][T24510] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 1] type 1 family 0 port 256 - 0 [ 459.896432][T24510] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 459.929175][T24522] netlink: 24 bytes leftover after parsing attributes in process `syz.0.8031'. [ 459.985380][T24510] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 459.989379][T24510] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 1] type 1 family 0 port 256 - 0 [ 459.993818][T24510] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.021427][T24525] 9pnet: p9_errstr2errno: server reported unknown error ile0 [ 460.069428][T24510] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 460.073567][T24510] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 1] type 1 family 0 port 256 - 0 [ 460.077523][T24510] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.176486][ T12] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 460.180427][ T12] netdevsim netdevsim5 eth0: set [0, 1] type 1 family 0 port 256 - 0 [ 460.184561][ T12] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 460.215302][ T1159] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 460.218714][ T1159] netdevsim netdevsim5 eth1: set [0, 1] type 1 family 0 port 256 - 0 [ 460.222107][ T1159] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 460.226231][ T1159] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 460.229597][ T1159] netdevsim netdevsim5 eth2: set [0, 1] type 1 family 0 port 256 - 0 [ 460.232893][ T1159] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 460.245603][ T1159] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 460.249045][ T1159] netdevsim netdevsim5 eth3: set [0, 1] type 1 family 0 port 256 - 0 [ 460.252395][ T1159] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 460.443335][ T830] usb 5-1: new high-speed USB device number 43 using dummy_hcd [ 460.593426][ T830] usb 5-1: Using ep0 maxpacket: 8 [ 460.597213][ T830] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 460.600621][ T830] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 460.605130][ T830] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 460.609111][ T830] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 460.613336][ T830] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 460.618365][ T830] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 460.621168][ T830] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 460.838216][ T830] usb 5-1: usb_control_msg returned -32 [ 460.840616][ T830] usbtmc 5-1:16.0: can't read capabilities [ 461.206895][T24586] usbtmc 5-1:16.0: INITIATE_ABORT_BULK_OUT returned 0 [ 461.408299][ T1334] usb 5-1: USB disconnect, device number 43 [ 461.793341][T24593] af_packet: tpacket_rcv: packet too big, clamped from 20 to 4294967272. macoff=96 [ 461.971690][T24604] netlink: 'syz.4.8058': attribute type 10 has an invalid length. [ 461.980576][T24604] bridge0: port 3(syz_tun) entered disabled state [ 461.982974][T24604] syz_tun: left allmulticast mode [ 461.985067][T24604] bridge0: port 3(syz_tun) entered disabled state [ 461.990588][T24604] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 462.239200][T24613] fuse: Bad value for 'fd' [ 462.601005][T24622] netlink: 'syz.4.8064': attribute type 1 has an invalid length. [ 462.621850][T24622] 8021q: adding VLAN 0 to HW filter on device bond5 [ 462.688661][T24627] netlink: 40 bytes leftover after parsing attributes in process `syz.4.8065'. [ 462.971904][T24640] block nbd1: shutting down sockets [ 463.060205][T24660] netlink: 72 bytes leftover after parsing attributes in process `syz.1.8083'. [ 463.063904][T24660] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8083'. [ 463.296568][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 463.296580][ T40] audit: type=1804 audit(1769728137.318:6821): pid=24690 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.8095" name="file1" dev="tmpfs" ino=7638 res=1 errno=0 [ 463.359431][T24697] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8097'. [ 463.568291][T24718] netlink: 72 bytes leftover after parsing attributes in process `syz.4.8107'. [ 463.573039][T24718] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8107'. [ 463.686964][T24723] overlayfs: failed to clone upperpath [ 463.788484][T24733] netlink: 'syz.1.8114': attribute type 1 has an invalid length. [ 463.808718][T24733] 8021q: adding VLAN 0 to HW filter on device bond2 [ 463.974500][ C1] bridge0: port 3(vlan0) entered learning state [ 463.978257][ C1] bridge0: port 4(dummy0) entered learning state [ 464.048420][T24752] netlink: 'syz.4.8121': attribute type 10 has an invalid length. [ 464.059506][T24752] bridge0: port 1(bridge_slave_0) entered disabled state [ 464.067453][T24752] bridge0: port 1(bridge_slave_0) entered blocking state [ 464.070454][T24752] bridge0: port 1(bridge_slave_0) entered forwarding state [ 464.085209][T24752] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 464.131911][T24756] netlink: 'syz.1.8122': attribute type 10 has an invalid length. [ 464.137066][T24756] syz_tun: entered promiscuous mode [ 464.141757][T24758] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.8132'. [ 464.142058][T24756] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 464.346167][T24780] netlink: 212328 bytes leftover after parsing attributes in process `syz.4.8141'. [ 464.351262][T24780] netlink: Unknown conntrack attr (type=2304, max=9) [ 464.471290][T24792] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8139'. [ 464.477779][T24792] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8139'. [ 464.603313][ C3] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 465.061779][T24768] ceph: No mds server is up or the cluster is laggy [ 465.149218][T24826] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 465.316973][T24838] veth0: entered promiscuous mode [ 465.318984][T24838] veth0: entered allmulticast mode [ 465.641211][T24864] dummy0: entered promiscuous mode [ 465.646547][T24864] bond0: entered promiscuous mode [ 465.648291][T24864] bond_slave_0: entered promiscuous mode [ 465.650555][T24864] bond_slave_1: entered promiscuous mode [ 465.652424][T24864] bond1: entered promiscuous mode [ 465.655370][T24864] bridge0: entered promiscuous mode [ 465.658387][T24864] hsr1: entered allmulticast mode [ 465.660452][T24864] dummy0: entered allmulticast mode [ 465.662674][T24864] bond0: entered allmulticast mode [ 465.664848][T24864] bond_slave_0: entered allmulticast mode [ 465.666919][T24864] bond_slave_1: entered allmulticast mode [ 465.668753][T24864] bond1: entered allmulticast mode [ 465.670524][T24864] syz_tun: entered allmulticast mode [ 465.672225][T24864] bridge0: entered allmulticast mode [ 465.708022][T24870] netlink: Unknown conntrack attr (type=2304, max=9) [ 465.990361][ T40] audit: type=1326 audit(1769728140.008:6822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24891 comm="syz.4.8191" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x0 [ 466.498450][ T40] audit: type=1326 audit(1769728140.518:6823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24905 comm="syz.1.8186" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf749d579 code=0x0 [ 467.472199][T24936] syzkaller1: entered promiscuous mode [ 467.474074][T24936] syzkaller1: entered allmulticast mode [ 467.811416][T24963] __nla_validate_parse: 3 callbacks suppressed [ 467.811432][T24963] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.8219'. [ 467.970284][T24976] syzkaller1: entered promiscuous mode [ 467.972585][T24976] syzkaller1: entered allmulticast mode [ 468.113322][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 468.462148][T25014] netlink: 'syz.1.8238': attribute type 13 has an invalid length. [ 468.464915][T25014] netlink: 'syz.1.8238': attribute type 17 has an invalid length. [ 468.520455][T25014] syz_tun: left promiscuous mode [ 468.594148][T25014] bridge0: left allmulticast mode [ 468.599202][T25014] syz_tun: entered promiscuous mode [ 468.603876][T25014] 8021q: adding VLAN 0 to HW filter on device bond0 [ 468.607979][T25014] 8021q: adding VLAN 0 to HW filter on device team0 [ 468.616375][T25014] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 468.797391][T25031] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8247'. [ 468.805543][T25031] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8247'. [ 468.942212][ T40] audit: type=1326 audit(1769728142.958:6824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25038 comm="syz.0.8251" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x0 [ 468.981536][T25040] netlink: 60 bytes leftover after parsing attributes in process `syz.5.8250'. [ 468.985969][T25037] netlink: 60 bytes leftover after parsing attributes in process `syz.5.8250'. [ 469.021785][T25042] batadv_slave_1: entered promiscuous mode [ 469.068154][T25041] batadv_slave_1: left promiscuous mode [ 469.186784][T25051] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.8255'. [ 469.269560][T25056] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8256'. [ 469.402948][T25058] ceph: No mds server is up or the cluster is laggy [ 469.657341][T25080] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8273'. [ 469.667325][T25080] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8273'. [ 469.702577][T25081] netlink: 'syz.5.8266': attribute type 13 has an invalid length. [ 469.706197][T25081] netlink: 'syz.5.8266': attribute type 17 has an invalid length. [ 469.929315][T25081] sit0: left promiscuous mode [ 470.337786][T25081] bridge0: port 1(bridge_slave_0) entered blocking state [ 470.340322][T25081] bridge0: port 1(bridge_slave_0) entered forwarding state [ 470.348521][T25081] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 470.578017][ T40] audit: type=1326 audit(1769728144.598:6825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25119 comm="syz.0.8284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 470.588085][ T40] audit: type=1326 audit(1769728144.598:6826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25119 comm="syz.0.8284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 470.595632][ T40] audit: type=1326 audit(1769728144.598:6827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25119 comm="syz.0.8284" exe="/syz-executor" sig=0 arch=40000003 syscall=343 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 470.602473][ T40] audit: type=1326 audit(1769728400.610:6828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25119 comm="syz.0.8284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 470.609725][ T40] audit: type=1326 audit(1769728400.610:6829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25119 comm="syz.0.8284" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 470.612989][T25123] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8286'. [ 470.777199][T25139] netlink: 'syz.4.8292': attribute type 13 has an invalid length. [ 470.779738][T25139] netlink: 'syz.4.8292': attribute type 17 has an invalid length. [ 471.014132][T25139] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 471.053183][ T40] audit: type=1326 audit(1769728401.070:6830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25150 comm="syz.0.8296" exe="/syz-executor" sig=31 arch=40000003 syscall=20 compat=1 ip=0xf73dd579 code=0x0 [ 471.556594][T25139] syz.4.8292 (25139) used greatest stack depth: 17944 bytes left [ 472.330332][T25204] batadv_slave_1: entered promiscuous mode [ 472.376786][T25203] batadv_slave_1: left promiscuous mode [ 472.615068][T25225] bridge_slave_1 (unregistering): left allmulticast mode [ 472.617960][T25225] bridge_slave_1 (unregistering): left promiscuous mode [ 472.620868][T25225] bridge0: port 2(bridge_slave_1) entered disabled state [ 473.003267][ T1023] usb 6-1: new full-speed USB device number 48 using dummy_hcd [ 473.154801][ T1023] usb 6-1: config 0 interface 0 altsetting 251 has an endpoint descriptor with address 0x43, changing to 0x3 [ 473.158616][ T1023] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x3 has invalid maxpacket 65, setting to 64 [ 473.162108][ T1023] usb 6-1: config 0 interface 0 has no altsetting 0 [ 473.166488][ T1023] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 473.169306][ T1023] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 473.171924][ T1023] usb 6-1: Product: syz [ 473.173570][ T1023] usb 6-1: Manufacturer: syz [ 473.175086][ T1023] usb 6-1: SerialNumber: syz [ 473.177830][ T1023] usb 6-1: config 0 descriptor?? [ 473.179934][T25227] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 473.186339][ T1023] usb 6-1: selecting invalid altsetting 0 [ 473.390275][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.394162][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.397551][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.401026][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.412116][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.415710][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.418482][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.421764][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.425623][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.428614][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.431240][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.435153][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.438816][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.441707][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.444985][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.448053][T25227] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 473.674129][ T53] usb 5-1: new high-speed USB device number 44 using dummy_hcd [ 473.834785][ T53] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 473.839225][ T53] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 473.843476][ T53] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 473.848100][ T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 473.854906][ T53] usb 5-1: config 0 descriptor?? [ 474.268531][ T53] keytouch 0003:0926:3333.0024: fixing up Keytouch IEC report descriptor [ 474.282636][ T53] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0926:3333.0024/input/input60 [ 474.380108][ T53] keytouch 0003:0926:3333.0024: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0 [ 474.480503][ T53] usb 5-1: USB disconnect, device number 44 [ 474.688895][T25293] __nla_validate_parse: 5 callbacks suppressed [ 474.688916][T25293] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.8351'. [ 475.192463][T25226] usb 6-1: cannot submit urb 0, error -2: endpoint not enabled [ 476.199976][ T1469] usb 6-1: USB disconnect, device number 48 [ 476.319984][T25327] netlink: 16 bytes leftover after parsing attributes in process `syz.4.8363'. [ 476.636248][T25355] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.8381'. [ 476.682414][T25357] input: syz0 as /devices/virtual/input/input61 [ 476.945993][T25376] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.8398'. [ 477.504866][T25409] veth0: entered promiscuous mode [ 477.510616][T25407] veth0: left promiscuous mode [ 477.595014][T25418] netlink: 'syz.0.8408': attribute type 9 has an invalid length. [ 477.597652][T25418] netlink: 'syz.0.8408': attribute type 11 has an invalid length. [ 477.600560][T25418] netlink: 'syz.0.8408': attribute type 12 has an invalid length. [ 477.604157][T25418] netlink: 210020 bytes leftover after parsing attributes in process `syz.0.8408'. [ 477.608234][T25418] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8408'. [ 477.714160][T25428] netlink: 'syz.5.8412': attribute type 1 has an invalid length. [ 477.729937][T25428] 8021q: adding VLAN 0 to HW filter on device bond1 [ 477.757056][T25428] bond1: (slave geneve2): making interface the new active one [ 477.760461][T25428] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 478.027093][T25434] ip6gretap2: entered promiscuous mode [ 478.029294][T25434] ip6gretap2: entered allmulticast mode [ 478.266395][T25441] overlayfs: failed to clone lowerpath [ 478.996710][T25483] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8436'. [ 479.000847][T25483] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8436'. [ 479.006407][T25483] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8436'. [ 479.054089][T25488] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8438'. [ 479.142315][T25491] syzkaller1: entered promiscuous mode [ 479.144942][T25491] syzkaller1: entered allmulticast mode [ 479.401542][T25516] fuse: Bad value for 'fd' [ 479.699400][T25528] fuse: Bad value for 'fd' [ 480.368817][T25571] sch_tbf: peakrate 4294963201 is lower than or equals to rate 16284383111468714980 ! [ 480.731950][T25604] __nla_validate_parse: 2 callbacks suppressed [ 480.731962][T25604] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8487'. [ 480.863681][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 481.216200][T25624] netlink: 16178 bytes leftover after parsing attributes in process `syz.4.8495'. [ 481.590633][T25659] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8507'. [ 481.713989][T25676] netlink: 44 bytes leftover after parsing attributes in process `syz.4.8516'. [ 481.758915][T25676] netlink: 24 bytes leftover after parsing attributes in process `syz.4.8516'. [ 481.906568][T25699] "syz.5.8526" (25699) uses obsolete ecb(arc4) skcipher [ 482.958986][T25768] 9pnet: p9_errstr2errno: server reported unknown error di3 [ 483.197452][T25795] 9pnet: p9_errstr2errno: server reported unknown error ./file0 [ 483.323400][ T40] audit: type=1326 audit(1769728413.340:6831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25813 comm="syz.4.8572" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f01579 code=0x0 [ 483.604227][T25831] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8581'. [ 484.163243][ T1334] usb 6-1: new high-speed USB device number 49 using dummy_hcd [ 484.216933][T25846] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8587'. [ 484.220051][T25846] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8587'. [ 484.323242][ T1334] usb 6-1: Using ep0 maxpacket: 8 [ 484.327371][ T1334] usb 6-1: config 0 has no interfaces? [ 484.331202][ T1334] usb 6-1: config 0 has no interfaces? [ 484.334307][ T1334] usb 6-1: config 0 has no interfaces? [ 484.341343][ T1334] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 484.345231][ T1334] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 484.348515][ T1334] usb 6-1: Product: syz [ 484.353507][ T1334] usb 6-1: Manufacturer: syz [ 484.355510][ T1334] usb 6-1: SerialNumber: syz [ 484.359169][ T1334] usb 6-1: config 0 descriptor?? [ 484.582524][ T6330] usb 6-1: USB disconnect, device number 49 [ 484.970907][T25896] netlink: 304 bytes leftover after parsing attributes in process `syz.4.8604'. [ 485.261404][T25926] overlayfs: failed to clone lowerpath [ 485.266082][T25926] overlayfs: failed to clone lowerpath [ 485.325290][T25932] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8624'. [ 485.769306][T25956] netlink: 28 bytes leftover after parsing attributes in process `syz.4.8633'. [ 485.983440][ T61] usb 6-1: new high-speed USB device number 50 using dummy_hcd [ 486.135685][ T61] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 486.140769][ T61] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 486.150309][ T61] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 486.154959][ T61] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 486.161284][T25954] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 486.163445][T25960] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8635'. [ 486.170201][ T61] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 486.368849][ T1469] usb 6-1: USB disconnect, device number 50 [ 487.013315][ T93] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 487.163301][ T5937] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 487.163320][ T5941] Bluetooth: hci4: command 0x1003 tx timeout [ 488.219716][T26020] tls_set_device_offload: netdev not found [ 488.596360][T26044] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8674'. [ 488.736064][T26055] syz.0.8679: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0-1 [ 488.743554][T26055] CPU: 0 UID: 0 PID: 26055 Comm: syz.0.8679 Tainted: G L syzkaller #0 PREEMPT(full) [ 488.743583][T26055] Tainted: [L]=SOFTLOCKUP [ 488.743588][T26055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 488.743595][T26055] Call Trace: [ 488.743600][T26055] [ 488.743605][T26055] dump_stack_lvl+0x100/0x190 [ 488.743634][T26055] warn_alloc.cold+0x95/0x1c1 [ 488.743654][T26055] ? __pfx_warn_alloc+0x10/0x10 [ 488.743675][T26055] ? kasan_save_stack+0x3f/0x50 [ 488.743690][T26055] ? kasan_save_stack+0x30/0x50 [ 488.743705][T26055] ? kasan_save_track+0x14/0x30 [ 488.743719][T26055] ? xskq_create+0xfb/0x1d0 [ 488.743735][T26055] __vmalloc_node_range_noprof+0x1252/0x1530 [ 488.743750][T26055] ? xskq_create+0xfb/0x1d0 [ 488.743765][T26055] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 488.743784][T26055] ? xskq_create+0xfb/0x1d0 [ 488.743795][T26055] vmalloc_user_noprof+0x9e/0xe0 [ 488.743807][T26055] ? xskq_create+0xfb/0x1d0 [ 488.743818][T26055] xskq_create+0xfb/0x1d0 [ 488.743830][T26055] xsk_setsockopt+0x55f/0xa90 [ 488.743849][T26055] ? __pfx_xsk_setsockopt+0x10/0x10 [ 488.743867][T26055] ? find_held_lock+0x2b/0x80 [ 488.743880][T26055] ? aa_sock_opt_perm+0xfe/0x1b0 [ 488.743897][T26055] ? __pfx_xsk_setsockopt+0x10/0x10 [ 488.743915][T26055] do_sock_setsockopt+0xf3/0x1d0 [ 488.743930][T26055] __sys_setsockopt+0x119/0x190 [ 488.743950][T26055] __ia32_sys_setsockopt+0xbc/0x160 [ 488.743966][T26055] ? __do_fast_syscall_32+0x97/0x660 [ 488.743981][T26055] ? lockdep_hardirqs_on+0x78/0x100 [ 488.743994][T26055] __do_fast_syscall_32+0xde/0x660 [ 488.744010][T26055] do_fast_syscall_32+0x32/0x70 [ 488.744024][T26055] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 488.744038][T26055] RIP: 0023:0xf73dd579 [ 488.744047][T26055] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 488.744058][T26055] RSP: 002b:00000000f540650c EFLAGS: 00000292 ORIG_RAX: 000000000000016e [ 488.744069][T26055] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000011b [ 488.744075][T26055] RDX: 0000000000000002 RSI: 0000000080000900 RDI: 0000000000000004 [ 488.744082][T26055] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 488.744088][T26055] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 488.744094][T26055] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 488.744109][T26055] [ 488.744125][T26055] Mem-Info: [ 488.835811][T26055] active_anon:493 inactive_anon:888 isolated_anon:0 [ 488.835811][T26055] active_file:1378 inactive_file:1079 isolated_file:0 [ 488.835811][T26055] unevictable:1768 dirty:199 writeback:0 [ 488.835811][T26055] slab_reclaimable:6445 slab_unreclaimable:61629 [ 488.835811][T26055] mapped:21830 shmem:1770 pagetables:2222 [ 488.835811][T26055] sec_pagetables:338 bounce:0 [ 488.835811][T26055] kernel_misc_reclaimable:0 [ 488.835811][T26055] free:29405 free_pcp:6874 free_cma:0 [ 488.851415][T26055] Node 0 active_anon:32kB inactive_anon:336kB active_file:352kB inactive_file:8kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:20kB dirty:4kB writeback:0kB shmem:6380kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10060kB pagetables:1908kB sec_pagetables:1172kB all_unreclaimable? yes Balloon:0kB [ 488.863446][T26055] Node 1 active_anon:1940kB inactive_anon:3216kB active_file:5160kB inactive_file:4308kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:87400kB dirty:792kB writeback:0kB shmem:700kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4740kB pagetables:6980kB sec_pagetables:180kB all_unreclaimable? no Balloon:0kB [ 488.877122][T26055] Node 0 DMA free:2076kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:8kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:12kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:32kB free_cma:0kB [ 488.890726][T26055] lowmem_reserve[]: 0 288 288 288 288 [ 488.893386][T26055] Node 0 DMA32 free:16460kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:0KB free_highatomic:0KB active_anon:32kB inactive_anon:328kB active_file:352kB inactive_file:8kB unevictable:3536kB writepending:4kB zspages:2180kB present:1032196kB managed:295108kB mlocked:0kB bounce:0kB free_pcp:4296kB local_pcp:1068kB free_cma:0kB [ 488.907007][T26055] lowmem_reserve[]: 0 0 0 0 0 [ 488.909111][T26055] Node 1 DMA32 free:98872kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1940kB inactive_anon:3216kB active_file:5160kB inactive_file:4308kB unevictable:3536kB writepending:792kB zspages:6632kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:22536kB local_pcp:10320kB free_cma:0kB [ 488.923575][T26055] lowmem_reserve[]: 0 0 0 0 0 [ 488.925738][T26055] Node 0 DMA: 5*4kB (UM) 5*8kB (UM) 10*16kB (UM) 4*32kB (UM) 3*64kB (U) 0*128kB 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 2076kB [ 488.932476][T26055] Node 0 DMA32: 5*4kB (UE) 205*8kB (UME) 227*16kB (UME) 117*32kB (UME) 66*64kB (UME) 19*128kB (UME) 3*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16460kB [ 488.939417][T26055] Node 1 DMA32: 866*4kB (UE) 2384*8kB (UME) 3044*16kB (UME) 7*32kB (E) 43*64kB (UE) 4*128kB (UM) 24*256kB (UM) 11*512kB (UM) 6*1024kB (M) 3*2048kB (M) 0*4096kB = 98792kB [ 488.945756][T26055] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 488.949466][T26055] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 488.951256][T26061] "syz.1.8682" (26061) uses obsolete ecb(arc4) skcipher [ 488.953761][T26055] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 488.959941][T26055] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 488.973201][T26055] 4905 total pagecache pages [ 488.976126][T26055] 657 pages in swap cache [ 488.978104][T26055] Free swap = 6144kB [ 488.979855][T26055] Total swap = 124996kB [ 488.981700][T26055] 524155 pages RAM [ 488.986760][T26055] 0 pages HighMem/MovableOnly [ 488.989168][T26055] 209485 pages reserved [ 488.991044][T26055] 0 pages cma reserved [ 489.286637][T26089] netlink: 'syz.4.8693': attribute type 4 has an invalid length. [ 489.293823][T26089] netlink: 'syz.4.8693': attribute type 4 has an invalid length. [ 489.437681][ T40] audit: type=1326 audit(1769728419.460:6832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26094 comm="syz.4.8697" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f01579 code=0x0 [ 489.761650][ T40] audit: type=1804 audit(1769728419.780:6833): pid=26122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.8708" name="/newroot/2189/file0/bus" dev="9p" ino=72614233 res=1 errno=0 [ 490.037383][T26134] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 490.040383][T26134] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 490.127685][T26137] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8715'. [ 490.141304][T26137] 8021q: adding VLAN 0 to HW filter on device bond2 [ 490.162610][T26137] 8021q: adding VLAN 0 to HW filter on device bond2 [ 490.166975][T26137] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address [ 490.171885][T26137] bond2: (slave vxcan3): Error -95 calling set_mac_address [ 490.521726][T26170] overlayfs: failed to clone upperpath [ 490.538105][T26171] netlink: 'syz.5.8727': attribute type 4 has an invalid length. [ 490.562783][T26173] fuse: Bad value for 'fd' [ 490.565089][T26171] netlink: 'syz.5.8727': attribute type 4 has an invalid length. [ 490.581580][T26175] input: syz0 as /devices/virtual/input/input62 [ 491.107600][T26205] netlink: 'syz.0.8746': attribute type 13 has an invalid length. [ 491.110811][T26205] macvtap0: entered promiscuous mode [ 491.113200][T26205] macvtap0: entered allmulticast mode [ 491.159351][T26208] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8747'. [ 491.165840][T26208] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8747'. [ 491.383768][ T5937] Bluetooth: hci0: unexpected event for opcode 0x0c38 [ 491.776096][T26237] overlayfs: failed to clone upperpath [ 492.107112][T26251] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8766'. [ 492.146603][T26253] fuse: Bad value for 'fd' [ 492.325251][T26260] netlink: 'syz.5.8770': attribute type 8 has an invalid length. [ 492.327765][T26260] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8770'. [ 493.362706][ T40] audit: type=1326 audit(1769728423.380:6834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26273 comm="syz.5.8775" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73fd579 code=0x0 [ 494.044993][ C1] bridge0: port 4(dummy0) entered forwarding state [ 494.047099][ C1] bridge0: topology change detected, propagating [ 494.049565][ C1] bridge0: port 3(vlan0) entered forwarding state [ 494.051545][ C1] bridge0: topology change detected, propagating [ 494.403662][ T61] usb 6-1: new high-speed USB device number 51 using dummy_hcd [ 494.563912][ T61] usb 6-1: Using ep0 maxpacket: 8 [ 494.567990][ T61] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 494.573352][ T61] usb 6-1: config 0 has no interfaces? [ 494.580847][ T61] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 494.585280][ T61] usb 6-1: config 0 has no interfaces? [ 494.588421][ T61] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 494.592220][ T61] usb 6-1: config 0 has no interfaces? [ 494.596868][ T61] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 494.600413][ T61] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 494.603091][ T61] usb 6-1: Product: syz [ 494.604686][ T61] usb 6-1: Manufacturer: syz [ 494.606242][ T61] usb 6-1: SerialNumber: syz [ 494.609724][ T61] usb 6-1: config 0 descriptor?? [ 494.818426][ T6024] usb 6-1: USB disconnect, device number 51 [ 495.015113][T26313] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.8789'. [ 496.603352][ C3] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 496.864769][T26387] input: syz1 as /devices/virtual/input/input63 [ 498.298857][T26450] netlink: 'syz.1.8848': attribute type 4 has an invalid length. [ 498.312104][T26450] netlink: 'syz.1.8848': attribute type 4 has an invalid length. [ 498.403238][ T61] usb 5-1: new high-speed USB device number 45 using dummy_hcd [ 498.563229][ T61] usb 5-1: Using ep0 maxpacket: 8 [ 498.566124][ T61] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 498.568742][ T61] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 498.571875][ T61] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 498.575389][ T61] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 3 [ 498.578640][ T61] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 498.582824][ T61] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 498.585955][ T61] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 498.795491][ T61] usb 5-1: GET_CAPABILITIES returned 0 [ 498.797217][ T61] usbtmc 5-1:16.0: can't read capabilities [ 498.999456][T23567] usb 5-1: USB disconnect, device number 45 [ 499.198217][T26459] "syz.1.8862" (26459) uses obsolete ecb(arc4) skcipher [ 499.649155][T26489] netlink: 212924 bytes leftover after parsing attributes in process `syz.0.8866'. [ 500.043235][ T5937] Bluetooth: hci0: Opcode 0x206a failed: -110 [ 500.045227][ T5937] Bluetooth: hci0: command 0x1407 tx timeout [ 502.112184][T26546] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8891'. [ 502.116975][T26546] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8891'. [ 502.214128][T26556] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8895'. [ 502.233272][ T6024] usb 6-1: new high-speed USB device number 52 using dummy_hcd [ 502.297484][T26562] bridge_slave_0: left allmulticast mode [ 502.299360][T26562] bridge_slave_0: left promiscuous mode [ 502.301434][T26562] bridge0: port 1(bridge_slave_0) entered disabled state [ 502.307801][T26562] bond0: (slave bond_slave_0): Releasing backup interface [ 502.310781][T26562] bond_slave_0: left promiscuous mode [ 502.312781][T26562] bond_slave_0: left allmulticast mode [ 502.320226][T26562] bond0: (slave bond_slave_1): Releasing backup interface [ 502.336853][T26562] bond_slave_1: left promiscuous mode [ 502.338739][T26562] bond_slave_1: left allmulticast mode [ 502.349368][T26562] team0: Port device team_slave_0 removed [ 502.357823][T26562] team0: Port device team_slave_1 removed [ 502.367825][T26562] vlan2: left allmulticast mode [ 502.369816][T26562] bond0: left allmulticast mode [ 502.371912][T26562] vlan2: left promiscuous mode [ 502.374498][T26562] bond0: left promiscuous mode [ 502.376794][T26562] bridge0: port 3(vlan2) entered disabled state [ 502.381860][T26562] bond1: (slave geneve2): Releasing active interface [ 502.404207][ T6024] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 502.408875][ T6024] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 502.412956][ T6024] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 502.425030][ T6024] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 502.429069][ T6024] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 502.435386][ T6024] usb 6-1: config 0 descriptor?? [ 502.461056][T26567] ptrace attach of "/syz-executor exec"[5946] was attempted by ""[26567] [ 502.847834][ T6024] hid_parser_main: 5 callbacks suppressed [ 502.847848][ T6024] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 502.852129][ T6024] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 502.858338][ T6024] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 502.860753][ T6024] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 502.863303][ T6024] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 502.865789][ T6024] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 502.868201][ T6024] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 502.870719][ T6024] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 502.874132][ T6024] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 502.877251][ T6024] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 502.898604][ T6024] plantronics 0003:047F:FFFF.0025: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 503.116740][ T6024] usb 6-1: USB disconnect, device number 52 [ 503.463417][T26606] netlink: 'syz.5.8916': attribute type 10 has an invalid length. [ 503.492309][T26606] team0: Port device dummy0 added [ 503.676402][ T5941] Bluetooth: Unknown LE signaling command 0x2b [ 503.679739][ T5941] Bluetooth: Wrong link type (-22) [ 504.038261][ T40] audit: type=1800 audit(1769728434.060:6835): pid=26620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.0.8922" name="/newroot/2247/bus" dev="tmpfs" ino=11592 res=0 errno=0 [ 504.038379][T26623] Invalid ELF header len 8 [ 504.259239][T26644] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8932'. [ 504.313391][T26644] hsr_slave_1 (unregistering): left promiscuous mode [ 505.017079][ T40] audit: type=1326 audit(1769728435.040:6836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26682 comm="syz.5.8950" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73fd579 code=0x0 [ 505.079843][T26681] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8949'. [ 505.230293][T26692] macvlan6: entered promiscuous mode [ 505.232103][T26692] macvlan6: entered allmulticast mode [ 505.234633][T26692] gretap0: entered allmulticast mode [ 506.188766][T26713] input: syz0 as /devices/virtual/input/input64 [ 506.215781][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.292051][ T5937] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 506.303309][ T5937] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 506.313421][ T5937] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 506.316922][ T5937] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 506.321425][ T5937] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 506.344375][T16385] bond0: (slave syz_tun): Releasing backup interface [ 506.362085][T16385] syz_tun (unregistering): left promiscuous mode [ 506.368062][T16385] syz_tun (unregistering): left allmulticast mode [ 506.511038][T26721] chnl_net:caif_netlink_parms(): no params data found [ 506.562222][T26721] bridge0: port 1(bridge_slave_0) entered blocking state [ 506.565348][T26721] bridge0: port 1(bridge_slave_0) entered disabled state [ 506.568347][T26721] bridge_slave_0: entered allmulticast mode [ 506.584198][T26721] bridge_slave_0: entered promiscuous mode [ 506.588706][T26721] bridge0: port 2(bridge_slave_1) entered blocking state [ 506.591718][T26721] bridge0: port 2(bridge_slave_1) entered disabled state [ 506.594932][T26721] bridge_slave_1: entered allmulticast mode [ 506.598468][T26721] bridge_slave_1: entered promiscuous mode [ 506.637711][T26721] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 506.642282][T26721] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 506.659924][T26721] team0: Port device team_slave_0 added [ 506.664269][T26721] team0: Port device team_slave_1 added [ 506.682648][T26721] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 506.685195][T26721] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 506.693439][T26721] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 506.704155][T26721] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 506.706387][T26721] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 506.715035][T26721] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 506.738663][T26721] hsr_slave_0: entered promiscuous mode [ 506.740995][T26721] hsr_slave_1: entered promiscuous mode [ 506.846648][T26721] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 506.964496][T26721] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 506.969879][T26721] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 506.976679][T26721] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 506.992970][T26721] bridge0: port 2(bridge_slave_1) entered blocking state [ 506.995323][T26721] bridge0: port 2(bridge_slave_1) entered forwarding state [ 506.997787][T26721] bridge0: port 1(bridge_slave_0) entered blocking state [ 507.000029][T26721] bridge0: port 1(bridge_slave_0) entered forwarding state [ 507.028651][T26721] 8021q: adding VLAN 0 to HW filter on device bond0 [ 507.038174][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 507.044075][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 507.055510][T26721] 8021q: adding VLAN 0 to HW filter on device team0 [ 507.063192][ T1159] bridge0: port 1(bridge_slave_0) entered blocking state [ 507.065302][ T1159] bridge0: port 1(bridge_slave_0) entered forwarding state [ 507.073222][ T93] bridge0: port 2(bridge_slave_1) entered blocking state [ 507.075845][ T93] bridge0: port 2(bridge_slave_1) entered forwarding state [ 507.244848][T26721] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 507.317915][T26791] netlink: 28 bytes leftover after parsing attributes in process `syz.5.8985'. [ 507.407216][T26721] veth0_vlan: entered promiscuous mode [ 507.414600][T26721] veth1_vlan: entered promiscuous mode [ 507.437333][T26721] veth0_macvtap: entered promiscuous mode [ 507.442737][T26721] veth1_macvtap: entered promiscuous mode [ 507.454924][T26721] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 507.462419][T26721] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 507.469492][ T46] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 507.473671][ T46] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 507.478079][ T46] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 507.481966][ T46] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 507.524886][ T1159] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 507.527501][ T1159] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 507.544814][ T1159] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 507.547550][ T1159] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 508.024450][T26824] netlink: 'syz.5.8997': attribute type 16 has an invalid length. [ 508.027690][T26824] netlink: 'syz.5.8997': attribute type 17 has an invalid length. [ 508.033750][T26831] input: syz0 as /devices/virtual/input/input65 [ 508.178239][T26839] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 508.272418][T26824] macvlan2: left promiscuous mode [ 508.290110][T26824] vxlan1: left promiscuous mode [ 508.294436][T26824] veth0: left promiscuous mode [ 508.296107][T26824] veth0: left allmulticast mode [ 508.302132][T26824] ip6gretap2: left promiscuous mode [ 508.304180][T26824] ip6gretap2: left allmulticast mode [ 508.343476][ T46] netdevsim netdevsim5 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 508.346969][ T46] netdevsim netdevsim5 eth0: unset [0, 1] type 1 family 0 port 256 - 0 [ 508.350342][ T46] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.354050][ T46] netdevsim netdevsim5 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 508.357328][ T46] netdevsim netdevsim5 eth1: unset [0, 1] type 1 family 0 port 256 - 0 [ 508.360755][ T46] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.365158][ T5937] Bluetooth: hci2: command tx timeout [ 508.370141][ T46] netdevsim netdevsim5 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 508.380627][ T46] netdevsim netdevsim5 eth2: unset [0, 1] type 1 family 0 port 256 - 0 [ 508.383935][ T46] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.388770][ T46] netdevsim netdevsim5 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 508.403339][ T46] netdevsim netdevsim5 eth3: unset [0, 1] type 1 family 0 port 256 - 0 [ 508.405967][ T46] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 508.802388][T26867] input: syz1 as /devices/virtual/input/input66 [ 509.116413][T26882] netlink: 'syz.1.9022': attribute type 2 has an invalid length. [ 509.118950][T26882] netlink: 48 bytes leftover after parsing attributes in process `syz.1.9022'. [ 509.152027][T26884] ip6gre1: entered promiscuous mode [ 509.154181][T26884] ip6gre1: entered allmulticast mode [ 509.773698][T26905] "syz.5.9031" (26905) uses obsolete ecb(arc4) skcipher [ 510.060257][T26917] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 510.453413][ T5937] Bluetooth: hci2: command tx timeout [ 510.805140][T26977] futex_wake_op: syz.5.9063 tries to shift op by -1; fix this program [ 512.045542][ T40] audit: type=1326 audit(1769728442.070:6837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27000 comm="syz.0.9071" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73dd579 code=0x0 [ 512.387706][ T40] audit: type=1326 audit(1769728442.410:6838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27024 comm="syz.5.9082" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73fd579 code=0x0 [ 512.533562][ T5937] Bluetooth: hci2: command tx timeout [ 512.978516][T27050] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9091'. [ 512.982309][T27050] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9091'. [ 513.956784][T27085] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9107'. [ 514.067626][T27089] 9pnet_virtio: no channels available for device syz [ 514.448478][T27109] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9118'. [ 514.507312][ T5937] Bluetooth: hci3: unexpected event for opcode 0x0c38 [ 514.580274][T27118] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9122'. [ 514.614737][ T5937] Bluetooth: hci2: command tx timeout [ 514.667088][T27122] netlink: 'syz.1.9125': attribute type 9 has an invalid length. [ 514.670329][T27122] netlink: 'syz.1.9125': attribute type 11 has an invalid length. [ 514.672914][T27122] netlink: 'syz.1.9125': attribute type 12 has an invalid length. [ 514.678086][T27122] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.9125'. [ 514.814919][T27138] netlink: 76 bytes leftover after parsing attributes in process `syz.6.9131'. [ 514.952836][T27148] syzkaller1: entered promiscuous mode [ 514.956832][T27148] syzkaller1: entered allmulticast mode [ 515.774119][T27188] 9pnet: p9_errstr2errno: server reported unknown error 0x0000 [ 516.603250][T23567] usb 11-1: new high-speed USB device number 2 using dummy_hcd [ 516.765378][T23567] usb 11-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 516.775677][T23567] usb 11-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 516.780024][T23567] usb 11-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 516.784793][T23567] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 516.791861][T27203] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 516.806770][T23567] usb 11-1: Quirk or no altset; falling back to MIDI 1.0 [ 517.010052][T23567] usb 11-1: USB disconnect, device number 2 [ 517.428491][T27225] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9168'. [ 517.431516][T27225] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9168'. [ 517.625671][T27240] binder: 27239:27240 ioctl c0306201 800001c0 returned -14 [ 518.312441][T27280] netlink: 36 bytes leftover after parsing attributes in process `syz.0.9192'. [ 518.470969][T27294] bridge0: entered allmulticast mode [ 518.475593][T27294] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9197'. [ 518.479514][T27294] bridge_slave_1: left allmulticast mode [ 518.481832][T27294] bridge_slave_1: left promiscuous mode [ 518.486472][T27294] bridge0: port 2(bridge_slave_1) entered disabled state [ 518.490988][T27294] bridge_slave_0: left allmulticast mode [ 518.495607][T27294] bridge_slave_0: left promiscuous mode [ 518.497596][T27294] bridge0: port 1(bridge_slave_0) entered disabled state [ 518.549594][T27294] bridge0 (unregistering): left allmulticast mode [ 519.013798][ T46] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 519.176396][T27341] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.9217'. [ 519.226309][T27343] bond2: option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 519.231032][T27343] bond2 (unregistering): Released all slaves [ 519.270988][T27345] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 519.351063][T27352] netlink: 'syz.5.9221': attribute type 8 has an invalid length. [ 519.354412][T27352] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9221'. [ 519.363358][T27352] bond0: entered promiscuous mode [ 519.366520][T27352] bond0: left promiscuous mode [ 519.573283][T26565] usb 11-1: new low-speed USB device number 3 using dummy_hcd [ 519.754800][T26565] usb 11-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 519.759151][T26565] usb 11-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 519.763010][T26565] usb 11-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8 [ 519.769892][T26565] usb 11-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 519.773817][T26565] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 519.780463][T27350] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 519.786519][T26565] hub 11-1:1.0: bad descriptor, ignoring hub [ 519.789083][T26565] hub 11-1:1.0: probe with driver hub failed with error -5 [ 519.792964][T26565] cdc_wdm 11-1:1.0: skipping garbage [ 519.796348][T26565] cdc_wdm 11-1:1.0: skipping garbage [ 519.803370][T26565] cdc_wdm 11-1:1.0: cdc-wdm0: USB WDM device [ 519.805930][T26565] cdc_wdm 11-1:1.0: Unknown control protocol [ 520.140412][T27400] netlink: 'syz.1.9237': attribute type 9 has an invalid length. [ 520.144198][T27400] netlink: 'syz.1.9237': attribute type 11 has an invalid length. [ 520.146742][T27400] netlink: 'syz.1.9237': attribute type 12 has an invalid length. [ 520.149224][T27400] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.9237'. [ 520.152238][T27400] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9237'. [ 520.178444][ T1159] usb 11-1: Failed to suspend device, error -71 [ 520.178513][ T5955] usb 11-1: USB disconnect, device number 3 [ 520.470410][T27426] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check. [ 521.060946][ T40] audit: type=1326 audit(1769728451.080:6839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27477 comm="syz.5.9273" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73fd579 code=0x0 [ 522.130929][T27514] bond1: option lacp_active: mode dependency failed, not supported in mode balance-rr(0) [ 522.136743][T27514] bond1 (unregistering): Released all slaves [ 522.175293][T27517] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 522.275389][T27522] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9288'. [ 522.309925][T27522] hsr_slave_1 (unregistering): left promiscuous mode [ 522.455208][ T40] audit: type=1326 audit(1769728452.480:6840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27525 comm="syz.1.9289" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf749d579 code=0x0 [ 522.894511][ T5938] usb 11-1: new high-speed USB device number 4 using dummy_hcd [ 523.045517][ T5938] usb 11-1: config 0 has an invalid interface number: 1 but max is 0 [ 523.048252][ T5938] usb 11-1: config 0 has no interface number 0 [ 523.050393][ T5938] usb 11-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 523.054238][ T5938] usb 11-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 523.057721][ T5938] usb 11-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.18 [ 523.060707][ T5938] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 523.071149][ T5938] usb 11-1: config 0 descriptor?? [ 523.502091][ T5938] input: HID 04d9:a055 as /devices/platform/dummy_hcd.6/usb11/11-1/11-1:0.1/0003:04D9:A055.0026/input/input67 [ 523.579690][ T5938] holtek_kbd 0003:04D9:A055.0026: input,hidraw0: USB HID v0.00 Keyboard [HID 04d9:a055] on usb-dummy_hcd.6-1/input1 [ 523.663240][ T830] usb 6-1: new high-speed USB device number 53 using dummy_hcd [ 523.694109][ T5938] usb 11-1: USB disconnect, device number 4 [ 523.815007][ T830] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 523.819651][ T830] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 523.823985][ T830] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 523.827709][ T830] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 523.834928][T27550] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 523.841039][ T830] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 524.051982][ T1023] usb 6-1: USB disconnect, device number 53 [ 524.324164][T27553] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9309'. [ 524.583323][T26565] usb 11-1: new high-speed USB device number 5 using dummy_hcd [ 524.743407][T26565] usb 11-1: Using ep0 maxpacket: 32 [ 524.746874][T26565] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 524.751051][T26565] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 524.755244][T26565] usb 11-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 524.758407][T26565] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 524.767313][T26565] usb 11-1: config 0 descriptor?? [ 525.190248][T26565] savu 0003:1E7D:2D5A.0027: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.6-1/input0 [ 525.265501][T27568] ceph: No mds server is up or the cluster is laggy [ 525.268560][T27572] ceph: No mds server is up or the cluster is laggy [ 525.357998][ T40] audit: type=1326 audit(1769728455.380:6841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27582 comm="syz.1.9311" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf749d579 code=0x0 [ 525.364870][ T40] audit: type=1326 audit(1769728455.380:6842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27586 comm="syz.0.9310" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf73dd579 code=0x0 [ 525.447161][ T5938] usb 11-1: USB disconnect, device number 5 [ 526.237326][T27600] input: syz1 as /devices/virtual/input/input68 [ 526.405931][T27609] netlink: 'syz.0.9322': attribute type 10 has an invalid length. [ 526.423261][T27609] bridge0: port 4(dummy0) entered disabled state [ 526.427684][T27609] dummy0: left allmulticast mode [ 526.429892][T27609] dummy0: left promiscuous mode [ 526.432315][T27609] bridge0: port 4(dummy0) entered disabled state [ 526.454350][T27609] team0: Port device dummy0 added [ 526.472702][T27613] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9323'. [ 526.931791][ T40] audit: type=1326 audit(1769728456.950:6843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27626 comm="syz.6.9328" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fa5579 code=0x0 [ 527.517769][T27647] input: syz0 as /devices/virtual/input/input69 [ 527.590404][T27654] netlink: 'syz.1.9341': attribute type 10 has an invalid length. [ 527.608045][T27654] team0: Device dummy0 failed to register rx_handler [ 527.733637][ T1159] ================================================================== [ 527.736201][ T1159] BUG: KASAN: slab-use-after-free in sk_skb_reason_drop+0x3d/0x1b0 [ 527.738567][ T1159] Write of size 4 at addr ffff8880770804a4 by task kworker/u32:9/1159 [ 527.743537][ T1159] [ 527.745068][ T1159] CPU: 1 UID: 0 PID: 1159 Comm: kworker/u32:9 Tainted: G L syzkaller #0 PREEMPT(full) [ 527.745093][ T1159] Tainted: [L]=SOFTLOCKUP [ 527.745099][ T1159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 527.745110][ T1159] Workqueue: ipv6_addrconf addrconf_dad_work [ 527.745132][ T1159] Call Trace: [ 527.745138][ T1159] [ 527.745145][ T1159] dump_stack_lvl+0x100/0x190 [ 527.745166][ T1159] print_report+0x156/0x4c9 [ 527.745189][ T1159] ? __virt_addr_valid+0x81/0x620 [ 527.745214][ T1159] ? __phys_addr+0xe8/0x180 [ 527.745236][ T1159] ? sk_skb_reason_drop+0x3d/0x1b0 [ 527.745260][ T1159] kasan_report+0xdf/0x1a0 SYZFAIL: failed to recv rpc [ 527.745282][ T1159] ? sk_skb_reason_drop+0x3d/0x1b0 fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 527.745308][ T1159] kasan_check_range+0x10f/0x1e0 [ 527.745332][ T1159] sk_skb_reason_drop+0x3d/0x1b0 [ 527.745358][ T1159] dev_kfree_skb_any_reason+0x79/0x90 [ 527.745377][ T1159] team_dummy_transmit+0x1a/0x30 [ 527.745400][ T1159] team_xmit+0x34e/0x460 [ 527.745423][ T1159] dev_hard_start_xmit+0x127/0x6c0 [ 527.745444][ T1159] __dev_queue_xmit+0x6dd/0x46f0 [ 527.745464][ T1159] ? kasan_save_stack+0x3f/0x50 [ 527.745483][ T1159] ? kasan_save_stack+0x30/0x50 [ 527.745500][ T1159] ? kasan_record_aux_stack+0xa7/0xc0 [ 527.745515][ T1159] ? synchronize_rcu+0x1a0/0x2d0 [ 527.745558][ T1159] ? neigh_connected_output+0x3b7/0x5d0 [ 527.745582][ T1159] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 527.745600][ T1159] ? __pfx___dev_queue_xmit+0x10/0x10 [ 527.745623][ T1159] ? skb_network_protocol+0x126/0x6d0 [ 527.745642][ T1159] ? __siphash_unaligned+0x1eb/0x360 [ 527.745662][ T1159] ? __pfx_skb_network_protocol+0x10/0x10 [ 527.745681][ T1159] ? __pfx___skb_get_hash_net+0x10/0x10 [ 527.745706][ T1159] ? __pfx_netif_skb_features+0x10/0x10 [ 527.745724][ T1159] ? validate_xmit_xfrm+0x436/0x1330 [ 527.745746][ T1159] vlan_dev_hard_start_xmit+0x3ac/0x5a0 [ 527.745765][ T1159] dev_hard_start_xmit+0x127/0x6c0 [ 527.745785][ T1159] __dev_queue_xmit+0x6dd/0x46f0 [ 527.745808][ T1159] ? __pfx___dev_queue_xmit+0x10/0x10 [ 527.745830][ T1159] ? __lock_acquire+0x4a5/0x2630 [ 527.745852][ T1159] ? __lock_acquire+0x4a5/0x2630 [ 527.745871][ T1159] ? __local_bh_enable_ip+0x9e/0x120 [ 527.745896][ T1159] ? vlan_passthru_hard_header+0xe1/0x160 [ 527.745915][ T1159] neigh_connected_output+0x3b7/0x5d0 [ 527.745942][ T1159] ip6_finish_output2+0xb0f/0x1cd0 [ 527.745963][ T1159] __ip6_finish_output+0x3cd/0x10d0 [ 527.745982][ T1159] ip6_output+0x2aa/0xa60 [ 527.745998][ T1159] ? __pfx_ip6_output+0x10/0x10 [ 527.746016][ T1159] ? __pfx_ip6_finish_output+0x10/0x10 [ 527.746032][ T1159] ? NF_HOOK.constprop.0+0x276/0x8b0 [ 527.746054][ T1159] ? NF_HOOK.constprop.0+0x276/0x8b0 [ 527.746079][ T1159] NF_HOOK.constprop.0+0x114/0x8b0 [ 527.746098][ T1159] ? __pfx_NF_HOOK.constprop.0+0x10/0x10 [ 527.746119][ T1159] ? __pfx_dst_output+0x10/0x10 [ 527.746140][ T1159] mld_sendpack+0x8f7/0xec0 [ 527.746160][ T1159] ? __pfx_mld_sendpack+0x10/0x10 [ 527.746184][ T1159] mld_send_initial_cr+0x219/0x320 [ 527.746204][ T1159] ipv6_mc_dad_complete+0xa7/0x1d0 [ 527.746228][ T1159] addrconf_dad_completed+0xd91/0xff0 [ 527.746247][ T1159] ? __pfx_addrconf_dad_completed+0x10/0x10 [ 527.746270][ T1159] ? addrconf_dad_work+0x83c/0x1360 [ 527.746285][ T1159] addrconf_dad_work+0x83c/0x1360 [ 527.746301][ T1159] ? __pfx_addrconf_dad_work+0x10/0x10 [ 527.746318][ T1159] ? process_one_work+0x80b/0x1840 [ 527.746341][ T1159] ? rcu_is_watching+0x12/0xc0 [ 527.746358][ T1159] process_one_work+0x9c2/0x1840 [ 527.746385][ T1159] ? __pfx_process_one_work+0x10/0x10 [ 527.746412][ T1159] ? assign_work+0x19c/0x250 [ 527.746434][ T1159] worker_thread+0x5da/0xe40 [ 527.746459][ T1159] ? __pfx_worker_thread+0x10/0x10 [ 527.746483][ T1159] ? kthread+0x17d/0x730 [ 527.746503][ T1159] ? __pfx_worker_thread+0x10/0x10 [ 527.746525][ T1159] kthread+0x3b3/0x730 [ 527.746545][ T1159] ? __pfx_kthread+0x10/0x10 [ 527.746565][ T1159] ? ret_from_fork+0x79/0xaf0 [ 527.746580][ T1159] ? ret_from_fork+0x79/0xaf0 [ 527.746595][ T1159] ? rcu_is_watching+0x12/0xc0 [ 527.746613][ T1159] ? __pfx_kthread+0x10/0x10 [ 527.746635][ T1159] ret_from_fork+0x754/0xaf0 [ 527.746650][ T1159] ? __pfx_ret_from_fork+0x10/0x10 [ 527.746665][ T1159] ? __switch_to+0x7b9/0x10c0 [ 527.746685][ T1159] ? __pfx_kthread+0x10/0x10 [ 527.746706][ T1159] ret_from_fork_asm+0x1a/0x30 [ 527.746733][ T1159] [ 527.746739][ T1159] [ 527.901676][ T1159] Allocated by task 1159: [ 527.903132][ T1159] kasan_save_stack+0x30/0x50 [ 527.904605][ T1159] kasan_save_track+0x14/0x30 [ 527.906052][ T1159] __kasan_slab_alloc+0x89/0x90 [ 527.907631][ T1159] kmem_cache_alloc_node_noprof+0x303/0x880 [ 527.909510][ T1159] __alloc_skb+0x156/0x410 [ 527.911011][ T1159] mld_newpack.isra.0+0x18e/0xa20 [ 527.912675][ T1159] add_grhead+0x299/0x340 [ 527.914336][ T1159] add_grec+0x1380/0x1920 [ 527.915713][ T1159] mld_send_initial_cr+0x156/0x320 [ 527.917343][ T1159] ipv6_mc_dad_complete+0xa7/0x1d0 [ 527.919028][ T1159] addrconf_dad_completed+0xd91/0xff0 [ 527.920756][ T1159] addrconf_dad_work+0x83c/0x1360 [ 527.922391][ T1159] process_one_work+0x9c2/0x1840 [ 527.924173][ T1159] worker_thread+0x5da/0xe40 [ 527.925849][ T1159] kthread+0x3b3/0x730 [ 527.927162][ T1159] ret_from_fork+0x754/0xaf0 [ 527.928625][ T1159] ret_from_fork_asm+0x1a/0x30 [ 527.930289][ T1159] [ 527.931057][ T1159] Freed by task 1159: [ 527.932347][ T1159] kasan_save_stack+0x30/0x50 [ 527.933874][ T1159] kasan_save_track+0x14/0x30 [ 527.935392][ T1159] kasan_save_free_info+0x3b/0x70 [ 527.936944][ T1159] __kasan_slab_free+0x5f/0x80 [ 527.938525][ T1159] kmem_cache_free+0x143/0x720 [ 527.940041][ T1159] kfree_skbmem+0x19a/0x210 [ 527.941477][ T1159] sk_skb_reason_drop+0x10f/0x1b0 [ 527.943109][ T1159] __dev_queue_xmit+0x2a13/0x46f0 [ 527.944726][ T1159] team_xmit+0x191/0x460 [ 527.946140][ T1159] dev_hard_start_xmit+0x127/0x6c0 [ 527.947752][ T1159] __dev_queue_xmit+0x6dd/0x46f0 [ 527.949303][ T1159] vlan_dev_hard_start_xmit+0x3ac/0x5a0 [ 527.951041][ T1159] dev_hard_start_xmit+0x127/0x6c0 [ 527.952709][ T1159] __dev_queue_xmit+0x6dd/0x46f0 [ 527.954351][ T1159] neigh_connected_output+0x3b7/0x5d0 [ 527.956044][ T1159] ip6_finish_output2+0xb0f/0x1cd0 [ 527.957686][ T1159] __ip6_finish_output+0x3cd/0x10d0 [ 527.959321][ T1159] ip6_output+0x2aa/0xa60 [ 527.960689][ T1159] NF_HOOK.constprop.0+0x114/0x8b0 [ 527.962324][ T1159] mld_sendpack+0x8f7/0xec0 [ 527.963755][ T1159] mld_send_initial_cr+0x219/0x320 [ 527.965423][ T1159] ipv6_mc_dad_complete+0xa7/0x1d0 [ 527.967021][ T1159] addrconf_dad_completed+0xd91/0xff0 [ 527.968709][ T1159] addrconf_dad_work+0x83c/0x1360 [ 527.970304][ T1159] process_one_work+0x9c2/0x1840 [ 527.971852][ T1159] worker_thread+0x5da/0xe40 [ 527.973291][ T1159] kthread+0x3b3/0x730 [ 527.974967][ T1159] ret_from_fork+0x754/0xaf0 [ 527.976837][ T1159] ret_from_fork_asm+0x1a/0x30 [ 527.978806][ T1159] [ 527.979796][ T1159] The buggy address belongs to the object at ffff8880770803c0 [ 527.979796][ T1159] which belongs to the cache skbuff_head_cache of size 240 [ 527.985554][ T1159] The buggy address is located 228 bytes inside of [ 527.985554][ T1159] freed 240-byte region [ffff8880770803c0, ffff8880770804b0) [ 527.990682][ T1159] [ 527.991487][ T1159] The buggy address belongs to the physical page: [ 527.994039][ T1159] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888077080dc0 pfn:0x77080 [ 527.997949][ T1159] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 528.001143][ T1159] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 528.004106][ T1159] page_type: f5(slab) [ 528.005711][ T1159] raw: 04fff00000000040 ffff888040af8a00 ffffea0001326a80 0000000000000002 [ 528.009188][ T1159] raw: ffff888077080dc0 0000000080190015 00000000f5000000 0000000000000000 [ 528.012445][ T1159] head: 04fff00000000040 ffff888040af8a00 ffffea0001326a80 0000000000000002 [ 528.015863][ T1159] head: ffff888077080dc0 0000000080190015 00000000f5000000 0000000000000000 [ 528.018905][ T1159] head: 04fff00000000001 ffffea0001dc2001 00000000ffffffff 00000000ffffffff [ 528.022238][ T1159] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 528.025824][ T1159] page dumped because: kasan: bad access detected [ 528.028561][ T1159] page_owner tracks the page as allocated [ 528.030865][ T1159] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 60, tgid 60 (kworker/u32:3), ts 526114019878, free_ts 524743595814 [ 528.038973][ T1159] post_alloc_hook+0x1e1/0x250 [ 528.040964][ T1159] get_page_from_freelist+0xe3d/0x2e10 [ 528.043219][ T1159] __alloc_frozen_pages_noprof+0x26c/0x2410 [ 528.045107][ T1159] alloc_pages_mpol+0x1fb/0x550 [ 528.047094][ T1159] new_slab+0x2c4/0x440 [ 528.048792][ T1159] ___slab_alloc+0xda3/0x1ca0 [ 528.050355][ T1159] __slab_alloc.isra.0+0x63/0x110 [ 528.052146][ T1159] kmem_cache_alloc_node_noprof+0x51e/0x880 [ 528.054588][ T1159] __alloc_skb+0x156/0x410 [ 528.056211][ T1159] nsim_dev_trap_report_work+0x2af/0xd10 [ 528.058166][ T1159] process_one_work+0x9c2/0x1840 [ 528.060230][ T1159] worker_thread+0x5da/0xe40 [ 528.062084][ T1159] kthread+0x3b3/0x730 [ 528.063659][ T1159] ret_from_fork+0x754/0xaf0 [ 528.065373][ T1159] ret_from_fork_asm+0x1a/0x30 [ 528.066914][ T1159] page last free pid 0 tgid 0 stack trace: [ 528.068736][ T1159] __free_frozen_pages+0x822/0x1130 [ 528.070385][ T1159] rcu_core+0x7c0/0x15c0 [ 528.071755][ T1159] handle_softirqs+0x1ea/0x910 [ 528.073317][ T1159] __irq_exit_rcu+0xef/0x150 [ 528.074794][ T1159] irq_exit_rcu+0x9/0x30 [ 528.076157][ T1159] sysvec_apic_timer_interrupt+0xa3/0xc0 [ 528.077944][ T1159] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 528.079790][ T1159] [ 528.080575][ T1159] Memory state around the buggy address: [ 528.082362][ T1159] ffff888077080380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 528.085434][ T1159] ffff888077080400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 528.088706][ T1159] >ffff888077080480: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc [ 528.091948][ T1159] ^ [ 528.093888][ T1159] ffff888077080500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 528.096548][ T1159] ffff888077080580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc [ 528.099298][ T1159] ================================================================== [ 528.101941][ T1159] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 528.104494][ T1159] CPU: 1 UID: 0 PID: 1159 Comm: kworker/u32:9 Tainted: G L syzkaller #0 PREEMPT(full) [ 528.108499][ T1159] Tainted: [L]=SOFTLOCKUP [ 528.109893][ T1159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 528.113154][ T1159] Workqueue: ipv6_addrconf addrconf_dad_work [ 528.115098][ T1159] Call Trace: [ 528.116245][ T1159] [ 528.117427][ T1159] dump_stack_lvl+0x100/0x190 [ 528.118983][ T1159] vpanic+0x20d/0x630 [ 528.120262][ T1159] panic+0xd1/0xd1 [ 528.121556][ T1159] ? __pfx_panic+0x10/0x10 [ 528.123093][ T1159] ? check_panic_on_warn+0x1f/0x90 [ 528.124705][ T1159] check_panic_on_warn.cold+0x19/0x34 [ 528.126527][ T1159] end_report.part.0+0x3a/0x90 [ 528.128059][ T1159] kasan_report.cold+0xe/0x18 [ 528.129643][ T1159] ? sk_skb_reason_drop+0x3d/0x1b0 [ 528.131272][ T1159] kasan_check_range+0x10f/0x1e0 [ 528.132848][ T1159] sk_skb_reason_drop+0x3d/0x1b0 [ 528.134479][ T1159] dev_kfree_skb_any_reason+0x79/0x90 [ 528.136176][ T1159] team_dummy_transmit+0x1a/0x30 [ 528.137877][ T1159] team_xmit+0x34e/0x460 [ 528.139244][ T1159] dev_hard_start_xmit+0x127/0x6c0 [ 528.140895][ T1159] __dev_queue_xmit+0x6dd/0x46f0 [ 528.142515][ T1159] ? kasan_save_stack+0x3f/0x50 [ 528.144073][ T1159] ? kasan_save_stack+0x30/0x50 [ 528.145637][ T1159] ? kasan_record_aux_stack+0xa7/0xc0 [ 528.147381][ T1159] ? synchronize_rcu+0x1a0/0x2d0 [ 528.149009][ T1159] ? neigh_connected_output+0x3b7/0x5d0 [ 528.150793][ T1159] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 528.152690][ T1159] ? __pfx___dev_queue_xmit+0x10/0x10 [ 528.154408][ T1159] ? skb_network_protocol+0x126/0x6d0 [ 528.156106][ T1159] ? __siphash_unaligned+0x1eb/0x360 [ 528.157827][ T1159] ? __pfx_skb_network_protocol+0x10/0x10 [ 528.159629][ T1159] ? __pfx___skb_get_hash_net+0x10/0x10 [ 528.161377][ T1159] ? __pfx_netif_skb_features+0x10/0x10 [ 528.163153][ T1159] ? validate_xmit_xfrm+0x436/0x1330 [ 528.164911][ T1159] vlan_dev_hard_start_xmit+0x3ac/0x5a0 [ 528.166661][ T1159] dev_hard_start_xmit+0x127/0x6c0 [ 528.168301][ T1159] __dev_queue_xmit+0x6dd/0x46f0 [ 528.169901][ T1159] ? __pfx___dev_queue_xmit+0x10/0x10 [ 528.171610][ T1159] ? __lock_acquire+0x4a5/0x2630 [ 528.173335][ T1159] ? __lock_acquire+0x4a5/0x2630 [ 528.174960][ T1159] ? __local_bh_enable_ip+0x9e/0x120 [ 528.176645][ T1159] ? vlan_passthru_hard_header+0xe1/0x160 [ 528.178486][ T1159] neigh_connected_output+0x3b7/0x5d0 [ 528.180235][ T1159] ip6_finish_output2+0xb0f/0x1cd0 [ 528.181917][ T1159] __ip6_finish_output+0x3cd/0x10d0 [ 528.183619][ T1159] ip6_output+0x2aa/0xa60 [ 528.184996][ T1159] ? __pfx_ip6_output+0x10/0x10 [ 528.186583][ T1159] ? __pfx_ip6_finish_output+0x10/0x10 [ 528.188333][ T1159] ? NF_HOOK.constprop.0+0x276/0x8b0 [ 528.190027][ T1159] ? NF_HOOK.constprop.0+0x276/0x8b0 [ 528.191782][ T1159] NF_HOOK.constprop.0+0x114/0x8b0 [ 528.193411][ T1159] ? __pfx_NF_HOOK.constprop.0+0x10/0x10 [ 528.195212][ T1159] ? __pfx_dst_output+0x10/0x10 [ 528.196761][ T1159] mld_sendpack+0x8f7/0xec0 [ 528.198243][ T1159] ? __pfx_mld_sendpack+0x10/0x10 [ 528.199871][ T1159] mld_send_initial_cr+0x219/0x320 [ 528.201446][ T1159] ipv6_mc_dad_complete+0xa7/0x1d0 [ 528.203084][ T1159] addrconf_dad_completed+0xd91/0xff0 [ 528.204761][ T1159] ? __pfx_addrconf_dad_completed+0x10/0x10 [ 528.206658][ T1159] ? addrconf_dad_work+0x83c/0x1360 [ 528.208544][ T1159] addrconf_dad_work+0x83c/0x1360 [ 528.210279][ T1159] ? __pfx_addrconf_dad_work+0x10/0x10 [ 528.212068][ T1159] ? process_one_work+0x80b/0x1840 [ 528.213733][ T1159] ? rcu_is_watching+0x12/0xc0 [ 528.215241][ T1159] process_one_work+0x9c2/0x1840 [ 528.216781][ T1159] ? __pfx_process_one_work+0x10/0x10 [ 528.218547][ T1159] ? assign_work+0x19c/0x250 [ 528.219978][ T1159] worker_thread+0x5da/0xe40 [ 528.221418][ T1159] ? __pfx_worker_thread+0x10/0x10 [ 528.223043][ T1159] ? kthread+0x17d/0x730 [ 528.224515][ T1159] ? __pfx_worker_thread+0x10/0x10 [ 528.226278][ T1159] kthread+0x3b3/0x730 [ 528.227583][ T1159] ? __pfx_kthread+0x10/0x10 [ 528.229166][ T1159] ? ret_from_fork+0x79/0xaf0 [ 528.230625][ T1159] ? ret_from_fork+0x79/0xaf0 [ 528.232069][ T1159] ? rcu_is_watching+0x12/0xc0 [ 528.233618][ T1159] ? __pfx_kthread+0x10/0x10 [ 528.235205][ T1159] ret_from_fork+0x754/0xaf0 [ 528.236726][ T1159] ? __pfx_ret_from_fork+0x10/0x10 [ 528.238342][ T1159] ? __switch_to+0x7b9/0x10c0 [ 528.240048][ T1159] ? __pfx_kthread+0x10/0x10 [ 528.241926][ T1159] ret_from_fork_asm+0x1a/0x30 [ 528.243656][ T1159] [ 528.245382][ T1159] Kernel Offset: disabled [ 528.246780][ T1159] Rebooting in 86400 seconds.. VM DIAGNOSIS: 23:01:26 Registers: info registers vcpu 0 CPU#0 RAX=000000000048ddc5 RBX=ffffffff8e297ac0 RCX=ffffffff8b7404b5 RDX=0000000000000000 RSI=ffffffff8dc413ca RDI=ffffffff8bfa32a0 RBP=0000000000000000 RSP=ffffffff8e207e00 R8 =0000000000000001 R9 =ffffed100564673d R10=ffff88802b2339eb R11=0000000000000000 R12=fffffbfff1c52f58 R13=0000000000000000 R14=ffffffff90b771d0 R15=0000000000000000 RIP=ffffffff8b73ee1f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880973e3000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73818dc CR3=00000000742fb000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000077 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85673665 RDI=ffffffff9b1f2260 RBP=ffffffff9b1f2220 RSP=ffffc90006bf68a0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3037373038387257 R12=0000000000000000 R13=0000000000000077 R14=0000000000000010 R15=ffffffff85673600 RIP=ffffffff8567368f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880974e3000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7385308 CR3=000000004d44a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000046 RBX=ffffffff8e5e3120 RCX=ffffc90004136a4c RDX=0000000000000002 RSI=ffffffff8dc1b439 RDI=ffffffff8bfa32a0 RBP=ffffffff81b6438e RSP=ffffc90004136a40 R8 =0000000000000001 R9 =0000000000000007 R10=0000000000000200 R11=00000000000141fc R12=ffff888028ff0000 R13=ffffc90004136af8 R14=0000000000000206 R15=0000000000000003 RIP=ffffffff81e28d01 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f163ca65300 ffffffff 00c00000 GS =0000 ffff8880975e3000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000562d471b1f40 CR3=0000000049ae8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=8bd587e967ab95f7 2acad797f73080f9 8bd587e967ab95f7 2acad797f73080f9 8bd587e967ab95f7 2acad797f73080f9 8bd587e967ab95f7 2acad797f73080f9 ZMM18=0112afce060ca044 769828666b0933c1 0112afce060ca044 769828666b0933c1 0112afce060ca044 769828666b0933c1 0112afce060ca044 769828666b0933c1 ZMM19=5234000000000000 0000000000000004 5234000000000000 0000000000000003 5234000000000000 0000000000000002 5234000000000000 0000000000000001 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 f00300100004e003 00100004d0030010 0004c0030fffffff ff0404b003010000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 02080604a8030004 0004a4030a040004 a003000800049803 0008000490030010 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000480030480020f 800300020dda0809 8000050980020a08 0004010df60c0000 ZMM24=112abe9e112abe9e 112abe9e112abe9e 112abe9e112abe9e 112abe9e112abe9e 112abe9e112abe9e 112abe9e112abe9e 112abe9e112abe9e 112abe9e112abe9e ZMM25=c4ca6083c4ca6083 c4ca6083c4ca6083 c4ca6083c4ca6083 c4ca6083c4ca6083 c4ca6083c4ca6083 c4ca6083c4ca6083 c4ca6083c4ca6083 c4ca6083c4ca6083 ZMM26=215a494b215a494b 215a494b215a494b 215a494b215a494b 215a494b215a494b 215a494b215a494b 215a494b215a494b 215a494b215a494b 215a494b215a494b ZMM27=81cb9d8481cb9d84 81cb9d8481cb9d84 81cb9d8481cb9d84 81cb9d8481cb9d84 81cb9d8481cb9d84 81cb9d8481cb9d84 81cb9d8481cb9d84 81cb9d8481cb9d84 ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=8e4400008e440000 8e4400008e440000 8e4400008e440000 8e4400008e440000 8e4400008e440000 8e4400008e440000 8e4400008e440000 8e4400008e440000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000008 RCX=0000000000000008 RDX=0000000000000008 RSI=ffff88801c762ff0 RDI=ffff88801c7624c0 RBP=ffffc900005bf970 RSP=ffffc900005bf8d0 R8 =0000000000000001 R9 =0000000000000020 R10=0000000000000000 R11=0000000000000000 R12=ffff88801c762ff0 R13=ffff88801c7624c0 R14=0000000000000100 R15=0000000000000003 RIP=ffffffff81e253e4 RFL=00000047 [---Z-PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880976e3000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f54c5ff4 CR3=000000005a693000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000