last executing test programs: 29.63089168s ago: executing program 0 (id=13746): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0) ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x40000) write$dsp(r0, 0x0, 0xfffffe59) 29.357936043s ago: executing program 0 (id=13753): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0) sendmsg$key(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x2, 0xb, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4000000}, 0x10}}, 0x0) 29.352297894s ago: executing program 0 (id=13755): r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) write$P9_RSTATu(r0, &(0x7f00000004c0)={0x232, 0x7d, 0x0, {{0x500, 0xf1, 0x0, 0x5000000, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x04nodev{cvfox%\xff\xff\xff\x81\x02\x00\x00\x00\x00\x001\xff\xce\xbc\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\"\x00}\xfag>\xff\xeb\t\xb51\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00/\xa9Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x01\x00\x00\x00', 0x12, '\xcf\xb6\x00'/18, 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x232) ioctl$SNDCTL_SEQ_RESET(r0, 0x5100) 29.266985764s ago: executing program 0 (id=13760): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0x8) 29.264479733s ago: executing program 0 (id=13765): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x0, {0x10}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_RX={0x5}]}, 0x34}}, 0x0) 29.118425861s ago: executing program 0 (id=13774): r0 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c) sendmmsg$inet(r0, &(0x7f0000002840)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000800)="2fae1b", 0x3}], 0x1, 0x0, 0x0, 0x900}}], 0x1, 0x0) 29.038352611s ago: executing program 32 (id=13774): r0 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c) sendmmsg$inet(r0, &(0x7f0000002840)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000800)="2fae1b", 0x3}], 0x1, 0x0, 0x0, 0x900}}], 0x1, 0x0) 14.231911673s ago: executing program 3 (id=14404): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)={0x28, r1, 0x23, 0x70bd2a, 0x25dfdbff, {{}, {}, {0xc, 0x14, 'syz0\x00'}}}, 0x28}, 0x1, 0x0, 0x0, 0x48010}, 0x4040050) 14.192741863s ago: executing program 3 (id=14408): sendmsg$DCCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)={0xdc, 0x13, 0x4, 0x70bd2b, 0x25dfdbff, {0xb, 0xf9, 0x8, 0x2, {0x4e23, 0x4e24, [0x1, 0x8, 0x2, 0xb8cb], [0x6, 0x5, 0xfffffffb, 0x500], 0x0, [0x3a, 0x1]}, 0x28, 0x2000fff}, [@INET_DIAG_REQ_BYTECODE={0x1d, 0x1, "720659241e9d963eeea40b96553694d9a7ddddeb5cc9ae02ac"}, @INET_DIAG_REQ_BYTECODE={0x65, 0x1, "fa488dddc2d956ceb1c496a4f6b1ab6169ff35a964d162ddd22ceae179b1c6a7ae68d83c5385042979ebc27ca51dbb140c5cb096c212c4140176813cf206523970e1c67ca7f7f84fd2aab2eb5346a481bfed4ea6931df5cf1c26141b8fbc0679d9"}, @INET_DIAG_REQ_BYTECODE={0x4}, @INET_DIAG_REQ_BYTECODE={0x4}]}, 0xdc}, 0x1, 0x0, 0x0, 0x40000}, 0x50) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000003800070130bd7000fcdbdf25117c0000080009"], 0x1c}, 0x1, 0x0, 0x0, 0x20040850}, 0x44000) 14.147851294s ago: executing program 3 (id=14412): accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="040e0a032f04"], 0xd) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(0xffffffffffffffff, 0x0, 0x4) 14.072624694s ago: executing program 3 (id=14413): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) umount2(&(0x7f0000000100)='./file0\x00', 0xc) 14.071203975s ago: executing program 3 (id=14416): r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f020004000000000000000058000b4824ca945f64009400ff0325010ebc000b00000000008000f0fffeffe809005300fff5dd000000100001d80cf42098da03870000000000", 0x58}], 0x1) syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), r0) 13.974545011s ago: executing program 3 (id=14420): pipe2(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) readv(r0, &(0x7f0000000740)=[{&(0x7f0000000480)=""/215, 0xd7}], 0x1) writev(r1, &(0x7f0000000200)=[{&(0x7f00000001c0)="c801", 0x2}], 0x1) 13.926262114s ago: executing program 33 (id=14420): pipe2(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) readv(r0, &(0x7f0000000740)=[{&(0x7f0000000480)=""/215, 0xd7}], 0x1) writev(r1, &(0x7f0000000200)=[{&(0x7f00000001c0)="c801", 0x2}], 0x1) 373.449475ms ago: executing program 2 (id=14936): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@setlink={0x2c, 0x13, 0x1, 0x70bd29, 0x25dfdbf8, {0x0, 0x0, 0x0, r1, 0x3007, 0x409}, [@IFLA_ADDRESS={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1b}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8804) 324.626295ms ago: executing program 2 (id=14939): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) syz_emit_ethernet(0x6e, &(0x7f00000003c0)={@multicast, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x3a, 0x0, @mcast1, @loopback, [@fragment={0x3c, 0x0, 0x8, 0x0, 0x0, 0x13, 0x65}]}}}}}}}, 0x0) 323.230042ms ago: executing program 2 (id=14942): bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0xa, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000005000000bca30000000000002403000040feffff720af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002600000000ff000e61143c00000000001d430000000000007a0a00fe00581c1f6114140000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fdb6153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff46248843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe"], 0x0}, 0x94) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000700)=ANY=[@ANYBLOB="38000000250001002abd7000fedbdf250b00000024000e801d"], 0x38}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000004) 264.11197ms ago: executing program 2 (id=14945): r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'gre0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x38, 0x10, 0x421, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r1, 0x0, 0x10000}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x1}]}}}]}, 0x38}}, 0x0) 256.068589ms ago: executing program 4 (id=14951): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='bbr', 0x3) getsockopt$inet_tcp_buf(r0, 0x6, 0x1a, 0x0, &(0x7f0000000100)) 194.418511ms ago: executing program 2 (id=14947): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) madvise(&(0x7f00001c1000/0x3000)=nil, 0x40000, 0x9) 194.117348ms ago: executing program 4 (id=14949): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_COALESCE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x30, r0, 0x1, 0xfffffffe, 0x0, {{0x2}, {@val={0x8}, @val={0xc, 0x99, {0x7}}}}, [@NL80211_ATTR_COALESCE_RULE_DELAY={0x8, 0x1, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 194.026247ms ago: executing program 1 (id=14950): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x20, r1, 0x73b, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x20000080) 193.939945ms ago: executing program 4 (id=14952): add_key(&(0x7f0000000000)='asymmetric\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000c40)='encrypted\x00', &(0x7f0000000c80)={'syz', 0x0}, &(0x7f0000000cc0)='[,\v]@+\x00', 0x0) add_key(&(0x7f0000000f80)='encrypted\x00', &(0x7f0000000fc0)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) 193.858233ms ago: executing program 5 (id=14953): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_GET_LEASE(r1, 0xc01064c8, &(0x7f0000000080)={0x0, 0x0, 0x0}) 143.290574ms ago: executing program 1 (id=14954): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000f40), r0) sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010067bd7000fbdbdf25010000005c00018014000300fe80000000000a0000000000000000bb060001000a00000008000600777272000c0007002e000000050000000800090027150000060002001100000008000b00736970000800080009000000060004"], 0x70}}, 0x20008800) 143.168445ms ago: executing program 4 (id=14955): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(seed)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) 143.078121ms ago: executing program 1 (id=14956): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r0, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) 143.004377ms ago: executing program 5 (id=14957): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000000c0)={0x3c, r1, 0x1, 0x70bd28, 0x0, {0x37}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x73}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0xfcb3ae1e0968c18e}, 0x24008046) 52.977178ms ago: executing program 5 (id=14958): r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'dh\x00', 0x10, 0x5, 0x2d}, 0x2c) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x483, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'none\x00', 0x3a, 0x5, 0x54}, 0x2c) 52.76061ms ago: executing program 4 (id=14959): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000380)={0xffffff78, 0xfffffeff, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000040)={0x0, 0x7a120, 0x403, {0xfcd6, 0x2}, 0xfffffffa, 0x3}) 51.830343ms ago: executing program 1 (id=14960): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = syz_open_dev$media(&(0x7f00000009c0), 0x0, 0x0) ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0x541b, 0x0) 51.411428ms ago: executing program 5 (id=14961): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20) 49.605297ms ago: executing program 1 (id=14962): r0 = socket(0x2d, 0x2, 0x0) bind$xdp(r0, &(0x7f0000000080)={0x2d, 0x0, 0x0, 0xc}, 0x10) connect$qrtr(r0, &(0x7f00000001c0)={0x2d, 0x1, 0x2}, 0xc) 49.491921ms ago: executing program 5 (id=14963): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x70bd2a, 0x2, {0x7, r1}, [@MDBA_SET_ENTRY={0x20, 0x1, {r1, 0x1, 0x0, 0x2, {@ip4=@rand_addr=0x64010100, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x41}, 0x40080c0) 4.186766ms ago: executing program 4 (id=14964): r0 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f0000000140)={0xce, 0x0, 0x5}) 4.076379ms ago: executing program 1 (id=14965): socket$alg(0x26, 0x5, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0xffffffff, 0x81, 0xffffffff}) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0xe, &(0x7f0000001b80)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000010000006a0af2fe000000008500000044000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d6200100000000000000ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a0932f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c43ff010000000000000128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee99367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57d31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e4a9f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f0000000000000000"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48) 3.974988ms ago: executing program 5 (id=14966): syz_usb_connect(0x3, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0xd1, 0xa0, 0x5e, 0x20, 0xccd, 0x102, 0x890e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x8, 0x54, 0x40, 0x1, "", [{{0x9, 0x4, 0xbc, 0x80, 0x0, 0xc, 0xf1, 0xc7, 0x7f}}]}}]}}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x2, 0x40402) ioctl$I2C_SMBUS(r0, 0x720, &(0x7f0000000100)={0x1, 0x0, 0x4, &(0x7f0000000080)={0x8, "c95500000000000000e3f0ff00000000000200"}}) 0s ago: executing program 2 (id=14967): r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3) connect$bt_rfcomm(r0, &(0x7f0000000300)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x6}, 0xa) bind$bt_rfcomm(r0, &(0x7f0000000680)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x3}, 0xa) 0s ago: executing program 1 (id=14968): ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0), 0x0, 0x0}) r0 = syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x0, 0x40002) ioctl$FE_SET_PROPERTY(r0, 0x40106f52, &(0x7f00000001c0)={0x1f, 0x0}) kernel console output (not intermixed with test programs): wn pdu 1 [ 188.919489][ T59] vhci_hcd vhci_hcd.0: release socket [ 188.921252][ T59] vhci_hcd vhci_hcd.0: disconnect device [ 188.925889][ T59] vhci_hcd vhci_hcd.2: stop threads [ 188.927670][ T59] vhci_hcd vhci_hcd.2: release socket [ 188.929379][ T59] vhci_hcd vhci_hcd.2: disconnect device [ 189.014847][T26309] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9808'. [ 189.178999][T26331] misc userio: The device must be registered before sending interrupts [ 189.512187][T26365] netlink: 'syz.2.9835': attribute type 11 has an invalid length. [ 189.535831][T26367] netlink: 'syz.1.9836': attribute type 11 has an invalid length. [ 189.538745][T26367] netlink: 7064 bytes leftover after parsing attributes in process `syz.1.9836'. [ 189.557229][T26371] netlink: 'syz.0.9838': attribute type 3 has an invalid length. [ 190.074167][T26423] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9863'. [ 190.304445][ T41] audit: type=1400 audit(2000000054.619:25209): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=26462 comm="syz.0.9884" [ 190.330365][T26466] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 190.332505][T26466] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 190.336412][T26466] vhci_hcd vhci_hcd.0: Device attached [ 190.340976][T26467] usbip_core: unknown command [ 190.342542][T26467] vhci_hcd: unknown pdu 3587178197 [ 190.346223][T26467] usbip_core: unknown command [ 190.349249][ T12] vhci_hcd vhci_hcd.2: stop threads [ 190.351132][ T12] vhci_hcd vhci_hcd.2: release socket [ 190.355462][ T12] vhci_hcd vhci_hcd.2: disconnect device [ 190.375244][T26474] openvswitch: netlink: Flow key attribute not present in set flow. [ 190.552304][T26503] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9906'. [ 190.788994][T26541] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 190.832018][ C2] sr 2:0:0:0: [sr0] tag#4 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 190.835240][ C2] sr 2:0:0:0: [sr0] tag#4 CDB: Xdwrite [ 190.836992][ C2] sr 2:0:0:0: [sr0] tag#4 CDB[00]: 50 e2 be d8 a1 f6 92 28 dc b2 09 83 35 7d fd 90 [ 190.839849][ C2] sr 2:0:0:0: [sr0] tag#4 CDB[10]: fe [ 191.000659][T26583] netlink: 'syz.3.9942': attribute type 3 has an invalid length. [ 191.051592][T26595] usb usb8: usbfs: process 26595 (syz.3.9946) did not claim interface 0 before use [ 191.053957][T26597] netlink: 'syz.0.9947': attribute type 2 has an invalid length. [ 191.078374][T26599] i2c i2c-1: Invalid block write size 34 [ 191.151112][T26615] program syz.0.9958 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 191.430632][T26638] __nla_validate_parse: 1 callbacks suppressed [ 191.430648][T26638] netlink: 256 bytes leftover after parsing attributes in process `syz.1.9969'. [ 191.814631][T26672] libceph: resolve '96.' (ret=-3): failed [ 191.876725][T26675] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.9987' sets config #-1 [ 192.106022][T26701] netlink: 20 bytes leftover after parsing attributes in process `syz.0.9999'. [ 192.189446][T26711] netlink: 'syz.3.10005': attribute type 1 has an invalid length. [ 192.334075][T26746] ieee802154 phy1 wpan1: encryption failed: -22 [ 192.343902][T26747] netdevsim netdevsim1: Direct firmware load for . [ 192.343902][T26747] failed with error -2 [ 192.347978][T26747] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 192.347978][T26747] [ 192.593658][T26793] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10045'. [ 192.826091][T26833] ieee802154 phy1 wpan1: encryption failed: -22 [ 192.881143][T26845] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 192.950154][T26857] dlm: non-version read from control device 0 [ 193.239850][T26895] netlink: 220 bytes leftover after parsing attributes in process `syz.2.10096'. [ 193.241472][T26896] sctp: [Deprecated]: syz.1.10095 (pid 26896) Use of int in maxseg socket option. [ 193.241472][T26896] Use struct sctp_assoc_value instead [ 193.247243][T26895] netlink: 220 bytes leftover after parsing attributes in process `syz.2.10096'. [ 193.463658][T26926] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10111'. [ 193.886770][T26980] netlink: 'syz.0.10138': attribute type 11 has an invalid length. [ 194.721428][T27062] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10178'. [ 194.732793][T27062] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048) [ 195.191738][T27111] x_tables: ip_tables: REDIRECT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT [ 195.217706][T27114] netlink: 'syz.3.10204': attribute type 1 has an invalid length. [ 195.516290][T27166] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 195.530525][T27170] netlink: 76 bytes leftover after parsing attributes in process `syz.0.10232'. [ 195.604920][T27185] sctp: [Deprecated]: syz.0.10238 (pid 27185) Use of struct sctp_assoc_value in delayed_ack socket option. [ 195.604920][T27185] Use struct sctp_sack_info instead [ 195.664448][T27197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10246'. [ 195.664488][T27198] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10245'. [ 195.779465][T27218] QAT: Invalid ioctl 21531 [ 196.246361][T27277] program syz.1.10283 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 196.278834][T27282] netdevsim netdevsim0: Direct firmware load for . [ 196.278834][T27282] failed with error -2 [ 196.283467][T27282] netdevsim netdevsim0: Falling back to sysfs fallback for: . [ 196.283467][T27282] [ 196.343604][ T857] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 196.500103][T27296] netlink: 'syz.1.10294': attribute type 11 has an invalid length. [ 196.503360][T27296] __nla_validate_parse: 1 callbacks suppressed [ 196.503376][T27296] netlink: 199828 bytes leftover after parsing attributes in process `syz.1.10294'. [ 196.504565][ T857] usb 7-1: config index 0 descriptor too short (expected 39, got 27) [ 196.513880][ T857] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 196.517478][ T857] usb 7-1: config 0 interface 0 has no altsetting 0 [ 196.522450][ T857] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 196.526477][ T857] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 196.529391][ T857] usb 7-1: Product: syz [ 196.530961][ T857] usb 7-1: Manufacturer: syz [ 196.533311][ T857] usb 7-1: SerialNumber: syz [ 196.539190][ T857] usb 7-1: config 0 descriptor?? [ 196.543877][ T857] hub 7-1:0.0: bad descriptor, ignoring hub [ 196.546395][ T857] hub 7-1:0.0: probe with driver hub failed with error -5 [ 196.547709][T27302] openvswitch: netlink: Unexpected mask (mask=20840, allowed=10048) [ 196.552768][ T857] usb 7-1: selecting invalid altsetting 0 [ 196.609746][T27306] netlink: 'syz.3.10299': attribute type 11 has an invalid length. [ 196.613435][T27306] netlink: 132 bytes leftover after parsing attributes in process `syz.3.10299'. [ 196.660423][T27312] xt_TCPMSS: Only works on TCP SYN packets [ 196.795997][T27322] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10306'. [ 196.824418][T27324] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 196.857236][ T5887] usb 7-1: USB disconnect, device number 8 [ 196.905489][T27333] netlink: 224 bytes leftover after parsing attributes in process `syz.3.10312'. [ 196.969517][T27339] FAT-fs (sr0): bogus number of reserved sectors [ 196.975225][T27339] FAT-fs (sr0): Can't find a valid FAT filesystem [ 197.249868][T27369] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 197.368085][T27386] No such timeout policy "syz1" [ 197.417920][T27396] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 197.489725][T27414] autofs4:pid:27414:validate_dev_ioctl: invalid path supplied for cmd(0xc0189374) [ 197.571084][T27430] netlink: 17 bytes leftover after parsing attributes in process `syz.0.10360'. [ 197.578564][T27430] openvswitch: netlink: Tunnel attr 0 has unexpected len 65 expected 8 [ 197.650634][T27452] netlink: 9 bytes leftover after parsing attributes in process `syz.2.10370'. [ 197.656223][T27452] netlink: 9 bytes leftover after parsing attributes in process `syz.2.10370'. [ 197.707460][T27466] snd_dummy snd_dummy.0: control 3:5:3:syz1:9 is already present [ 197.803926][T27485] cgroup: noprefix used incorrectly [ 197.846614][T27498] netlink: 2 bytes leftover after parsing attributes in process `syz.3.10394'. [ 197.953585][T27520] xt_hl: Unknown TTL match mode: 255 [ 197.990023][T27528] binder: 27527:27528 ioctl c0306201 80000080 returned -14 [ 198.034667][T27540] openvswitch: netlink: ct_state flags 010000e0 unsupported [ 198.111397][T27561] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 198.249590][T27593] (syz.1.10441,27593,2):ocfs2_get_sector:1714 ERROR: status = -5 [ 198.253149][T27593] (syz.1.10441,27593,2):ocfs2_sb_probe:753 ERROR: status = -5 [ 198.255428][T27593] (syz.1.10441,27593,2):ocfs2_fill_super:989 ERROR: superblock probe failed! [ 198.258199][T27593] (syz.1.10441,27593,2):ocfs2_fill_super:1177 ERROR: status = -5 [ 198.601632][T27664] netlink: 32 bytes leftover after parsing attributes in process `syz.0.10476'. [ 198.607611][T27664] netlink: 32 bytes leftover after parsing attributes in process `syz.0.10476'. [ 198.636052][T27672] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000 [ 198.641246][T27672] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6 [ 198.646809][T27672] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008 [ 198.655774][T27672] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 198.681405][T27681] bond7 (unregistering): Released all slaves [ 198.724581][T27690] openvswitch: netlink: VLAN attribute unexpected. [ 198.743864][T27692] netlink: 'syz.3.10489': attribute type 1 has an invalid length. [ 198.926114][ T1431] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.323964][T27803] unsupported nlmsg_type 40 [ 199.374846][T27816] netlink: 'syz.0.10549': attribute type 64 has an invalid length. [ 199.403871][T27820] netlink: 'syz.2.10552': attribute type 1 has an invalid length. [ 199.477245][T27840] siw: device registration error -23 [ 199.568957][T27863] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 199.571499][T27865] netlink: 'syz.0.10575': attribute type 7 has an invalid length. [ 199.625471][T27877] ipt_ECN: cannot use operation on non-tcp rule [ 199.678808][ T1162] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.681694][ T1162] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.686557][ T1162] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.689356][ T1162] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.841719][T27923] veth7: entered promiscuous mode [ 199.844626][T27923] veth7: entered allmulticast mode [ 199.938426][T27944] netlink: 'syz.3.10613': attribute type 7 has an invalid length. [ 200.237589][T27995] IPv6: NLM_F_CREATE should be specified when creating new route [ 200.278069][T28002] openvswitch: netlink: Unexpected mask (mask=4000040, allowed=10048) [ 200.641994][T28053] gre0: entered promiscuous mode [ 200.644368][T28053] gre0: entered allmulticast mode [ 200.670834][T28059] openvswitch: netlink: IP tunnel dst address not specified [ 200.838471][T28083] netlink: 'syz.3.10680': attribute type 7 has an invalid length. [ 200.882578][T28089] PM: Enabling pm_trace changes system date and time during resume. [ 200.882578][T28089] PM: Correct system time has to be restored manually after resume. [ 200.920905][T28095] ata1.00: invalid multi_count 1 ignored [ 201.168918][T28127] netlink: 'syz.3.10703': attribute type 4 has an invalid length. [ 201.295738][T28149] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 201.340005][T28157] ufs: You didn't specify the type of your ufs filesystem [ 201.340005][T28157] [ 201.340005][T28157] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ... [ 201.340005][T28157] [ 201.340005][T28157] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old [ 201.351211][T28157] ufs: ufs_fill_super(): bad magic number [ 201.433785][T28167] hfs: unable to load iocharset "io#harset" [ 201.456996][T28176] overlayfs: failed to resolve './file2': -2 [ 201.531453][T28188] bond4: option arp_validate: invalid value (524288) [ 201.535071][T28188] bond4 (unregistering): Released all slaves [ 201.584537][T28197] kAFS: unable to lookup cell '/,cL' [ 201.624933][T28207] x_tables: arp_tables: NFQUEUE target: not valid for this family [ 201.683960][T28217] Mount JFS Failure: -5 [ 201.686152][T28217] jfs_mount failed w/return code = -5 [ 201.868898][T28258] __vm_enough_memory: pid: 28258, comm: syz.1.10768, bytes: 4294963200 not enough memory for the allocation [ 202.084404][T28295] siw: device registration error -23 [ 202.234543][T28322] xt_addrtype: ipv6 does not support BROADCAST matching [ 202.305393][T28335] No source specified [ 202.361885][T28348] No such timeout policy "syz1" [ 202.395920][T28354] 9pnet_fd: p9_fd_create_unix (28354): address too long: ./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 202.637131][T28385] __nla_validate_parse: 7 callbacks suppressed [ 202.637144][T28385] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10829'. [ 202.921059][T28427] openvswitch: netlink: Actions may not be safe on all matching packets [ 203.053064][T28461] MPI: mpi too large (107144 bits) [ 203.103159][T28471] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10872'. [ 203.190566][T28487] netlink: 'syz.1.10880': attribute type 6 has an invalid length. [ 203.238551][T28497] netlink: 'syz.0.10885': attribute type 10 has an invalid length. [ 203.242460][T28497] netlink: 40 bytes leftover after parsing attributes in process `syz.0.10885'. [ 203.342050][T28518] : renamed from dummy0 [ 203.437457][T28542] ksmbd: Unknown IPC event: 3, ignore. [ 203.600857][T28573] netlink: 'syz.3.10921': attribute type 1 has an invalid length. [ 203.603474][T28573] netlink: 224 bytes leftover after parsing attributes in process `syz.3.10921'. [ 203.717832][T28604] usb usb8: usbfs: process 28604 (syz.0.10937) did not claim interface 0 before use [ 203.757091][T28612] netdevsim netdevsim3 netdevsim0: left allmulticast mode [ 203.921402][T28657] netlink: 68 bytes leftover after parsing attributes in process `syz.3.10963'. [ 203.925667][T28657] netlink: 68 bytes leftover after parsing attributes in process `syz.3.10963'. [ 203.927602][T28660] tmpfs: Bad value for 'mpol' [ 203.987299][T28671] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 204.129276][T28696] dlm: no locking on control device [ 204.198496][T28698] xt_CT: No such helper "pptp" [ 204.273961][ T41] audit: type=1400 audit(2000000068.589:25210): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=28709 comm="syz.3.10987" [ 204.392276][T28734] netlink: 'syz.3.10998': attribute type 1 has an invalid length. [ 204.395382][T28734] netlink: 'syz.3.10998': attribute type 3 has an invalid length. [ 204.397996][T28734] netlink: 224 bytes leftover after parsing attributes in process `syz.3.10998'. [ 204.447277][T28745] netlink: 'syz.2.11004': attribute type 39 has an invalid length. [ 204.456942][T28745] hsr_slave_0 (unregistering): left promiscuous mode [ 204.477936][T28749] netdevsim netdevsim0 netdevsim0: left promiscuous mode [ 204.480176][T28749] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 204.486488][T28751] cgroup: No subsys list or none specified [ 204.642362][T28778] ALSA: mixer_oss: invalid OSS volume '' [ 204.939478][T28832] netlink: 'syz.0.11047': attribute type 1 has an invalid length. [ 204.942077][T28832] netlink: 'syz.0.11047': attribute type 3 has an invalid length. [ 204.944754][T28832] netlink: 224 bytes leftover after parsing attributes in process `syz.0.11047'. [ 204.965650][T28837] netlink: 220 bytes leftover after parsing attributes in process `syz.3.11050'. [ 205.023870][T28854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11058'. [ 205.027123][T28854] unsupported nla_type 16384 [ 205.063093][T28864] ksmbd: Daemon and kernel module version mismatch. ksmbd: 124, kernel module: 1. User-space ksmbd should terminate. [ 205.112349][T28872] Cannot find del_set index 65533 as target [ 205.300651][T28918] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.526272][T28970] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 205.530089][T28970] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 205.868339][T29064] validate_nla: 5 callbacks suppressed [ 205.868350][T29064] netlink: 'syz.3.11161': attribute type 1 has an invalid length. [ 205.877121][T29055] cdrom: dropping to single frame dma [ 205.985040][T29090] vim2m vim2m.0: Fourcc format (0x47524247) invalid. [ 206.139528][T29131] CIFS: bad ip= option (.RHe'ˠ/1C~1WexEAeSb{~R) [ 206.173731][T29141] netlink: 'syz.2.11199': attribute type 21 has an invalid length. [ 206.193481][T29146] netlink: 'syz.1.11200': attribute type 4 has an invalid length. [ 206.237990][T29154] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 206.276524][T29166] binder: 29164:29166 ioctl c00c6211 ffffffff returned -14 [ 206.304849][ T41] audit: type=1326 audit(2000000070.619:25211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29171 comm="syz.2.11215" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 206.311698][ T41] audit: type=1326 audit(2000000070.619:25212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29171 comm="syz.2.11215" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 206.319932][ T41] audit: type=1326 audit(2000000070.619:25213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29171 comm="syz.2.11215" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 206.328142][ T41] audit: type=1326 audit(2000000070.619:25214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29171 comm="syz.2.11215" exe="/syz-executor" sig=0 arch=40000003 syscall=254 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 206.337397][ T41] audit: type=1326 audit(2000000070.619:25215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29171 comm="syz.2.11215" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 206.345204][ T41] audit: type=1326 audit(2000000070.619:25216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29171 comm="syz.2.11215" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 206.352538][ T41] audit: type=1326 audit(2000000070.619:25217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29171 comm="syz.2.11215" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 206.360000][ T41] audit: type=1326 audit(2000000070.619:25218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29171 comm="syz.2.11215" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 206.367332][ T41] audit: type=1326 audit(2000000070.619:25219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29171 comm="syz.2.11215" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 206.429288][T29198] ip6t_rpfilter: unknown options [ 206.486025][T29209] netlink: 'syz.1.11233': attribute type 1 has an invalid length. [ 206.715169][T29262] vim2m vim2m.0: Fourcc format (0x47524247) invalid. [ 206.772255][T29273] 8021q: adding VLAN 0 to HW filter on device bond4 [ 206.775249][T29276] syz_tun: entered promiscuous mode [ 206.775690][T29278] ipt_REJECT: ECHOREPLY no longer supported. [ 206.777031][T29276] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 206.931747][T29315] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 206.936865][T29312] 8021q: adding VLAN 0 to HW filter on device bond7 [ 207.057244][T29343] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 207.186196][T29370] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 207.315079][ T857] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 207.430690][T29407] netlink: 'syz.3.11328': attribute type 15 has an invalid length. [ 207.463548][ T857] usb 7-1: Using ep0 maxpacket: 32 [ 207.482087][ T857] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x8C has invalid maxpacket 1536, setting to 1024 [ 207.488331][ T857] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 1024 [ 207.494429][ T857] usb 7-1: string descriptor 0 read error: -22 [ 207.497810][ T857] usb 7-1: New USB device found, idVendor=1430, idProduct=474b, bcdDevice= 0.40 [ 207.500712][ T857] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 207.506379][T29342] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 207.512589][ T857] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 207.519786][ T857] usb 7-1: MIDIStreaming interface descriptor not found [ 207.651613][T29444] openvswitch: netlink: Unexpected mask (mask=40040, allowed=10048) [ 207.727451][ T857] usb 7-1: USB disconnect, device number 9 [ 207.845569][T29487] openvswitch: netlink: Multiple metadata blocks provided [ 208.051656][T29521] netlink: 'syz.3.11385': attribute type 1 has an invalid length. [ 208.090920][T29527] __nla_validate_parse: 22 callbacks suppressed [ 208.090933][T29527] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11388'. [ 208.133199][ T34] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 208.293136][ T34] usb 5-1: Using ep0 maxpacket: 8 [ 208.296090][ T34] usb 5-1: config 179 has an invalid interface number: 65 but max is 0 [ 208.299036][ T34] usb 5-1: config 179 has no interface number 0 [ 208.301038][ T34] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 208.308039][ T34] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 208.311674][ T34] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 208.316403][ T34] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 208.319626][ T34] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 208.325127][ T34] usb 5-1: config 179 interface 65 has no altsetting 0 [ 208.327519][ T34] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 208.330297][ T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 208.345239][ T34] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:179.65/input/input43 [ 208.449894][T29586] fuse: Bad value for 'fd' [ 208.476078][T29590] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 208.478995][T29590] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 208.539412][ T857] usb 5-1: USB disconnect, device number 4 [ 208.540898][ C3] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 208.592509][T29611] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 208.881232][T29667] xt_TCPMSS: Only works on TCP SYN packets [ 208.953385][T29684] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11466'. [ 209.065795][T29699] Bluetooth: hci0: Opcode 0x080f failed: -22 [ 209.129018][T29719] program syz.3.11484 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 209.382097][T29777] netlink: 'syz.2.11513': attribute type 21 has an invalid length. [ 209.385185][T29777] netlink: 132 bytes leftover after parsing attributes in process `syz.2.11513'. [ 209.425302][T29783] netlink: 'syz.2.11516': attribute type 12 has an invalid length. [ 209.489771][T29797] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11523'. [ 209.514403][T29803] openvswitch: netlink: Unknown key attributes 2 [ 209.536335][T29806] bond8: entered promiscuous mode [ 209.540647][T29810] netlink: 'syz.3.11529': attribute type 1 has an invalid length. [ 209.799754][T29857] pimreg: entered allmulticast mode [ 209.876086][T29870] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11559'. [ 209.968719][T29898] binder: 29896:29898 ioctl c00c620f 0 returned -14 [ 210.076867][T29920] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11583'. [ 210.142495][T29932] No source specified [ 210.203826][T29948] tmpfs: Bad value for 'mpol' [ 210.213331][T29951] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 210.266433][T29962] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 210.270631][T29965] netlink: 'syz.2.11605': attribute type 1 has an invalid length. [ 210.302234][T29976] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11611'. [ 210.383390][T30000] xt_CT: You must specify a L4 protocol and not use inversions on it [ 210.396355][ T41] kauditd_printk_skb: 8 callbacks suppressed [ 210.396366][ T41] audit: type=1326 audit(2000000074.709:25228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30001 comm="syz.2.11624" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 210.409688][ T41] audit: type=1326 audit(2000000074.709:25229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30001 comm="syz.2.11624" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 210.424083][ T41] audit: type=1326 audit(2000000074.709:25230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30001 comm="syz.2.11624" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 210.430801][ T41] audit: type=1326 audit(2000000074.719:25231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30001 comm="syz.2.11624" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 210.433228][T30006] netlink: 56 bytes leftover after parsing attributes in process `syz.3.11626'. [ 211.162770][ T857] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 211.334080][ T857] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 211.337089][ T857] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 211.340406][ T857] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 211.343385][ T857] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 211.346892][ T857] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 211.351393][ T857] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 211.354593][ T857] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 211.357314][ T857] usb 5-1: Product: syz [ 211.358774][ T857] usb 5-1: Manufacturer: syz [ 211.366365][ T857] cdc_wdm 5-1:1.0: skipping garbage [ 211.368161][ T857] cdc_wdm 5-1:1.0: skipping garbage [ 211.377846][ T857] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 211.379870][ T857] cdc_wdm 5-1:1.0: Unknown control protocol [ 211.509481][T30117] tmpfs: Bad value for 'mpol' [ 211.537188][T30122] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 211.561511][T30126] bond5: entered allmulticast mode [ 211.574149][T30108] cdc_wdm 5-1:1.0: Error submitting int urb - -90 [ 211.586317][ T857] usb 5-1: USB disconnect, device number 5 [ 211.648252][T30143] IPv6: NLM_F_CREATE should be specified when creating new route [ 211.661912][T30145] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11695'. [ 211.867645][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.872799][ T1162] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.879881][ T1162] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.889537][ T1162] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 211.909008][T30185] ieee802154 phy1 wpan1: encryption failed: -22 [ 211.956620][T30189] netlink: 10 bytes leftover after parsing attributes in process `syz.1.11717'. [ 212.176093][T30216] netlink: 'syz.3.11730': attribute type 4 has an invalid length. [ 212.203080][T30224] SET target dimension over the limit! [ 212.345320][T30264] nft_compat: unsupported protocol 0 [ 212.461002][T30284] nbd: couldn't find device at index -2145452028 [ 212.552777][ T1040] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 212.572320][T30304] xt_HMARK: proto mask must be zero with L3 mode [ 212.623301][T30310] sctp: [Deprecated]: syz.2.11769 (pid 30310) Use of int in max_burst socket option. [ 212.623301][T30310] Use struct sctp_assoc_value instead [ 212.702899][ T1040] usb 5-1: Using ep0 maxpacket: 32 [ 212.706620][ T1040] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x8C has invalid maxpacket 1536, setting to 1024 [ 212.710281][ T1040] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 1024 [ 212.716825][ T1040] usb 5-1: string descriptor 0 read error: -22 [ 212.718855][ T1040] usb 5-1: New USB device found, idVendor=1430, idProduct=474b, bcdDevice= 0.40 [ 212.721898][ T1040] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.730186][T30326] ata1.00: invalid cdb length 6 [ 212.731875][T30261] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 212.741168][ T1040] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 212.746861][ T1040] usb 5-1: MIDIStreaming interface descriptor not found [ 212.764269][T30334] program syz.3.11779 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 212.948985][ T857] usb 5-1: USB disconnect, device number 6 [ 213.047304][T30379] overlayfs: empty lowerdir [ 213.059443][T30380] bond9: entered promiscuous mode [ 213.189541][T30407] __nla_validate_parse: 4 callbacks suppressed [ 213.189572][T30407] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11815'. [ 213.211333][T30407] 8021q: adding VLAN 0 to HW filter on device bond10 [ 213.300903][ T41] audit: type=1326 audit(2000000077.609:25232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30421 comm="syz.3.11824" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x7ffc0000 [ 213.310032][ T41] audit: type=1326 audit(2000000077.609:25233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30421 comm="syz.3.11824" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x7ffc0000 [ 213.317235][ T41] audit: type=1326 audit(2000000077.609:25234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30421 comm="syz.3.11824" exe="/syz-executor" sig=0 arch=40000003 syscall=163 compat=1 ip=0xf703efcc code=0x7ffc0000 [ 213.325459][ T41] audit: type=1326 audit(2000000077.609:25235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30421 comm="syz.3.11824" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x7ffc0000 [ 213.332325][ T41] audit: type=1326 audit(2000000077.619:25236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30421 comm="syz.3.11824" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x7ffc0000 [ 213.338959][T30426] ieee802154 phy1 wpan1: encryption failed: -90 [ 213.383026][T30434] netlink: 'syz.3.11830': attribute type 11 has an invalid length. [ 213.409301][T30439] openvswitch: netlink: Unexpected mask (mask=200440, allowed=10048) [ 213.589084][T30484] netlink: 'syz.2.11855': attribute type 10 has an invalid length. [ 213.591666][T30484] netlink: 228 bytes leftover after parsing attributes in process `syz.2.11855'. [ 213.599600][T30490] sg_write: data in/out 2032384/80 bytes for SCSI command 0x1a-- guessing data in; [ 213.599600][T30490] program syz.3.11858 not setting count and/or reply_len properly [ 213.654054][T30500] rdma_rxe: rxe_newlink: failed to add ip6_vti0 [ 213.706242][T30511] netlink: 'syz.0.11868': attribute type 4 has an invalid length. [ 213.832346][T30539] vivid-002: ================= START STATUS ================= [ 213.843770][T30539] vivid-002: RDS Tx I/O Mode: Controls [ 213.855276][T30539] vivid-002: RDS Program ID: 32904 [ 213.857344][T30539] vivid-002: RDS Program Type: 3 [ 213.859240][T30539] vivid-002: RDS PS Name: VIVID-TX [ 213.862341][T30539] vivid-002: RDS Radio Text: This is a VIVID default Radio Text template text, change at will [ 213.867599][T30539] vivid-002: RDS Stereo: true [ 213.869105][T30539] vivid-002: RDS Artificial Head: false [ 213.870884][T30539] vivid-002: RDS Compressed: false [ 213.872505][T30539] vivid-002: RDS Dynamic PTY: false [ 213.875061][T30539] vivid-002: RDS Traffic Announcement: false [ 213.877271][T30539] vivid-002: RDS Traffic Program: true [ 213.883117][T30539] vivid-002: RDS Music: true [ 213.885235][T30539] vivid-002: ================== END STATUS ================== [ 213.910643][T30556] QAT: failed to copy from user cfg_data. [ 213.960521][T30570] netlink: 'syz.1.11898': attribute type 33 has an invalid length. [ 213.960535][T30570] netlink: 152 bytes leftover after parsing attributes in process `syz.1.11898'. [ 213.975375][T30572] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11899'. [ 214.015582][T30582] netlink: 184 bytes leftover after parsing attributes in process `syz.2.11903'. [ 214.015598][T30582] netlink: 184 bytes leftover after parsing attributes in process `syz.2.11903'. [ 214.058443][T30590] xt_CT: You must specify a L4 protocol and not use inversions on it [ 214.067837][T30592] ip6t_REJECT: ECHOREPLY is not supported [ 214.102037][T30598] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 214.282847][ T5887] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 214.455334][ T5887] usb 6-1: Using ep0 maxpacket: 8 [ 214.458288][ T5887] usb 6-1: config 179 has an invalid interface number: 65 but max is 0 [ 214.459931][T30666] netlink: 72 bytes leftover after parsing attributes in process `syz.3.11945'. [ 214.460879][ T5887] usb 6-1: config 179 has no interface number 0 [ 214.466410][ T5887] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9 [ 214.469848][ T5887] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024 [ 214.469948][T30668] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11946'. [ 214.480256][ T5887] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 214.484182][ T5887] usb 6-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0 [ 214.487364][ T5887] usb 6-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 214.491382][ T5887] usb 6-1: config 179 interface 65 has no altsetting 0 [ 214.494144][ T5887] usb 6-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00 [ 214.497028][ T5887] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.501421][T30672] tmpfs: Bad value for 'mpol' [ 214.511385][ T5887] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:179.65/input/input45 [ 214.681599][T30704] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11964'. [ 214.715339][ T1040] usb 6-1: USB disconnect, device number 7 [ 214.715505][ C2] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 214.718850][T30710] netlink: 68 bytes leftover after parsing attributes in process `syz.2.11967'. [ 214.883892][T30742] netlink: 'syz.2.11984': attribute type 11 has an invalid length. [ 214.886584][T30742] netlink: 'syz.2.11984': attribute type 4 has an invalid length. [ 215.349782][T30833] binder: 30831:30833 ioctl 40046205 0 returned -22 [ 215.410193][T30846] program syz.3.12034 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 215.414584][T30846] ata1.00: invalid transfer count 0 [ 215.713211][ T5887] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 215.841532][T30912] random: crng reseeded on system resumption [ 215.872843][ T5887] usb 6-1: Using ep0 maxpacket: 16 [ 215.878211][ T5887] usb 6-1: config 0 has an invalid interface number: 132 but max is 0 [ 215.882553][ T5887] usb 6-1: config 0 has no interface number 0 [ 215.888374][ T5887] usb 6-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 215.893253][ T5887] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 215.898326][ T5887] usb 6-1: Product: syz [ 215.899683][ T5887] usb 6-1: Manufacturer: syz [ 215.911645][ T5887] usb 6-1: SerialNumber: syz [ 215.920594][ T5887] usb 6-1: config 0 descriptor?? [ 215.923903][ T5887] hub 6-1:0.132: bad descriptor, ignoring hub [ 215.926614][ T5887] hub 6-1:0.132: probe with driver hub failed with error -5 [ 215.931090][ T5887] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.132/input/input47 [ 216.124182][T30960] rdma_rxe: rxe_newlink: failed to add ip6_vti0 [ 216.146588][ T41] audit: type=1326 audit(2000000080.459:25237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30961 comm="syz.3.12092" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x50000 [ 216.156337][ T41] audit: type=1326 audit(2000000080.459:25238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30961 comm="syz.3.12092" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x50000 [ 216.165155][ T41] audit: type=1326 audit(2000000080.459:25239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30961 comm="syz.3.12092" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x50000 [ 216.176434][ T41] audit: type=1326 audit(2000000080.459:25240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30961 comm="syz.3.12092" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x50000 [ 216.178919][T30966] netlink: 'syz.0.12093': attribute type 21 has an invalid length. [ 216.183511][ T41] audit: type=1326 audit(2000000080.459:25241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30961 comm="syz.3.12092" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x50000 [ 216.186087][T30966] netlink: 'syz.0.12093': attribute type 5 has an invalid length. [ 216.196235][T30966] netlink: 'syz.0.12093': attribute type 6 has an invalid length. [ 216.197441][ T41] audit: type=1326 audit(2000000080.459:25242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30961 comm="syz.3.12092" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x50000 [ 216.208003][ T41] audit: type=1326 audit(2000000080.459:25243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30961 comm="syz.3.12092" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x50000 [ 216.216326][ T41] audit: type=1326 audit(2000000080.459:25244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30961 comm="syz.3.12092" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x50000 [ 216.224380][ T41] audit: type=1326 audit(2000000080.459:25245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30961 comm="syz.3.12092" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x50000 [ 216.232527][ T41] audit: type=1326 audit(2000000080.459:25246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30961 comm="syz.3.12092" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703efcc code=0x50000 [ 216.332804][T18716] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 216.403947][ T857] usb 6-1: USB disconnect, device number 8 [ 216.504361][T18716] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 216.507234][T18716] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 216.510526][T18716] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 216.513615][T18716] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 216.516958][T18716] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 216.521205][T18716] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 216.524251][T18716] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 216.526739][T18716] usb 7-1: Product: syz [ 216.528064][T18716] usb 7-1: Manufacturer: syz [ 216.534134][T18716] cdc_wdm 7-1:1.0: skipping garbage [ 216.536051][T18716] cdc_wdm 7-1:1.0: skipping garbage [ 216.543097][T18716] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 216.545049][T18716] cdc_wdm 7-1:1.0: Unknown control protocol [ 216.737528][T30956] cdc_wdm 7-1:1.0: Error submitting int urb - -90 [ 216.741254][ T34] usb 7-1: USB disconnect, device number 10 [ 216.926859][T30987] rdma_rxe: rxe_newlink: failed to add ip6_vti0 [ 216.977340][T30993] program syz.3.12106 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 217.085956][T31019] /dev/sg0: Can't lookup blockdev [ 217.272647][T31057] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 217.292605][T31063] openvswitch: netlink: nsh attribute has 2 unknown bytes. [ 218.081665][T31250] program syz.0.12232 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 218.200624][T31276] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 218.211122][T31278] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 218.291773][T31302] netlink: 'syz.3.12258': attribute type 23 has an invalid length. [ 218.459681][T31328] __nla_validate_parse: 11 callbacks suppressed [ 218.459694][T31328] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12271'. [ 218.550512][T31337] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12275'. [ 218.554414][T31337] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12275'. [ 218.634430][T31343] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12278'. [ 219.341762][T31381] xt_NFQUEUE: number of total queues is 0 [ 219.802796][ T5887] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 219.977118][ T5887] usb 7-1: Using ep0 maxpacket: 32 [ 219.981357][ T5887] usb 7-1: config 0 has an invalid interface number: 119 but max is 0 [ 219.984268][ T5887] usb 7-1: config 0 has no interface number 0 [ 219.986315][ T5887] usb 7-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 219.989733][ T5887] usb 7-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xD3, changing to 0x83 [ 219.993836][ T5887] usb 7-1: config 0 interface 119 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 219.997372][ T5887] usb 7-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 220.003718][ T5887] usb 7-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73 [ 220.007607][ T5887] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.010257][ T5887] usb 7-1: Product: syz [ 220.011674][ T5887] usb 7-1: Manufacturer: syz [ 220.013265][ T5887] usb 7-1: SerialNumber: syz [ 220.017112][ T5887] usb 7-1: config 0 descriptor?? [ 220.022082][ T5887] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.119/input/input50 [ 220.307197][ T5887] usb 7-1: USB disconnect, device number 11 [ 220.330267][T31426] CIFS: VFS: UNC: missing delimiter between hostname and share name [ 220.333181][T31426] CIFS: VFS: Malformed UNC in devname [ 220.491002][T31458] block nbd0: NBD_DISCONNECT [ 220.532579][T31465] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 220.585882][T31474] 8021q: adding VLAN 0 to HW filter on device .` [ 220.590897][T31474] 8021q: adding VLAN 0 to HW filter on device team0 [ 220.619414][T31474] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 220.622871][T31474] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 220.629048][T31474] netdevsim netdevsim0 netdevsim0: left allmulticast mode [ 220.632193][T31474] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 220.636609][T31474] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 220.639504][T31474] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 220.642111][T31474] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 220.668715][ T857] wg2 speed is unknown, defaulting to 1000 [ 220.670574][ T59] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.673700][ T857] syz2: Port: 1 Link ACTIVE [ 220.675288][ T59] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.678057][ T59] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.682751][ T857] wg2 speed is unknown, defaulting to 1000 [ 220.683215][ T59] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.884756][T31520] openvswitch: netlink: Missing key (keys=40, expected=2000) [ 220.936843][T31532] openvswitch: netlink: IP tunnel dst address not specified [ 221.252915][T31572] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12389'. [ 221.288255][T31576] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12391'. [ 221.546003][T31604] netlink: 'syz.0.12405': attribute type 13 has an invalid length. [ 221.716803][T31619] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 221.718998][T31620] xt_TPROXY: Can be used only with -p tcp or -p udp [ 221.751174][T31624] netlink: 4100 bytes leftover after parsing attributes in process `syz.3.12414'. [ 221.856151][T31636] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined [ 222.085210][T31657] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12431'. [ 222.350142][T31673] bond0: left promiscuous mode [ 222.351792][T31673] : left promiscuous mode [ 222.362734][T31673] bond_slave_1: left promiscuous mode [ 222.377381][T31673] bond0: left allmulticast mode [ 222.379064][T31673] : left allmulticast mode [ 222.380767][T31673] bond_slave_1: left allmulticast mode [ 222.382896][T31673] bridge0: left allmulticast mode [ 222.401242][ T41] kauditd_printk_skb: 156 callbacks suppressed [ 222.401253][ T41] audit: type=1400 audit(2000000086.709:25403): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="#(%#{//(@\)//&@},['%%&\#*" pid=31680 comm="syz.2.12443" [ 222.406330][T31673] : entered promiscuous mode [ 222.414753][T31673] bond_slave_1: entered promiscuous mode [ 222.436948][T31673] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 222.441170][T31673] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 222.446377][T31673] veth1_vlan: left promiscuous mode [ 222.449172][T31673] veth0_vlan: left promiscuous mode [ 222.452093][T31673] veth0_vlan: entered promiscuous mode [ 222.457480][T31673] veth1_vlan: entered promiscuous mode [ 222.463886][T31673] veth1_macvtap: left promiscuous mode [ 222.466919][T31673] veth0_macvtap: left promiscuous mode [ 222.469836][T31673] veth0_macvtap: entered promiscuous mode [ 222.473056][T31673] veth1_macvtap: entered promiscuous mode [ 222.480258][T31673] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 222.485979][T31673] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 222.489702][T31673] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 222.494752][T31673] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 222.498231][T31673] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 222.505340][T31676] netlink: 'syz.1.12440': attribute type 13 has an invalid length. [ 222.508455][ T72] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.510670][ T72] bridge0: port 1(bridge_slave_0) entered listening state [ 222.516305][ T72] bridge0: port 2(.) entered blocking state [ 222.518691][ T72] bridge0: port 2(.) entered listening state [ 222.540383][ T59] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.545915][ T59] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.563139][ T59] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.572491][ T59] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.608108][T31698] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12452'. [ 222.628213][T31703] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 222.637848][T31705] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 222.652071][T31707] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 222.658999][T31707] Error validating options; rc = [-22] [ 222.674552][T31714] netlink: 'syz.1.12459': attribute type 12 has an invalid length. [ 222.677001][T31714] netlink: 132 bytes leftover after parsing attributes in process `syz.1.12459'. [ 222.894783][T31764] erspan0: left allmulticast mode [ 222.902202][T31764] erspan0: left promiscuous mode [ 222.906103][T31764] bridge0: port 3(erspan0) entered disabled state [ 222.917843][T31764] .: left allmulticast mode [ 222.917971][T31767] sctp: [Deprecated]: syz.0.12485 (pid 31767) Use of struct sctp_assoc_value in delayed_ack socket option. [ 222.917971][T31767] Use struct sctp_sack_info instead [ 222.919747][T31764] .: left promiscuous mode [ 222.926968][T31764] bridge0: port 2(.) entered disabled state [ 222.933983][T31764] bridge_slave_0: left allmulticast mode [ 222.935823][T31764] bridge_slave_0: left promiscuous mode [ 222.937657][T31764] bridge0: port 1(bridge_slave_0) entered disabled state [ 222.967758][T31764] .`: (slave bridge0): Releasing backup interface [ 223.024151][T31787] netlink: 'syz.2.12494': attribute type 61 has an invalid length. [ 223.057659][T31793] 0: renamed from hsr0 [ 223.060360][T31793] 0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 223.064378][T31793] 0: entered allmulticast mode [ 223.066007][T31793] hsr_slave_1: entered allmulticast mode [ 223.073082][T31793] A link change request failed with some changes committed already. Interface c0 may have been left with an inconsistent configuration, please check. [ 223.785199][T31918] __nla_validate_parse: 2 callbacks suppressed [ 223.785216][T31918] netlink: 9 bytes leftover after parsing attributes in process `syz.1.12558'. [ 223.791207][T31918] 0: renamed from hsr0 [ 223.796343][T31918] 0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 223.799989][T31918] 0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 223.803415][T31920] ipt_REJECT: TCP_RESET invalid for non-tcp [ 223.803451][T31918] 0: entered allmulticast mode [ 223.807237][T31918] hsr_slave_0: entered allmulticast mode [ 223.809082][T31918] hsr_slave_1: entered allmulticast mode [ 223.811709][T31918] A link change request failed with some changes committed already. Interface c0 may have been left with an inconsistent configuration, please check. [ 223.961457][T31944] blktrace: Concurrent blktraces are not allowed on sr0 [ 224.092494][T31967] XFS (nbd2): SB validate failed with error -5. [ 224.169688][T31985] SET target dimension over the limit! [ 224.385885][T32029] netlink: 'syz.1.12612': attribute type 2 has an invalid length. [ 224.389452][T32029] netlink: 'syz.1.12612': attribute type 1 has an invalid length. [ 224.618820][T32075] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12634'. [ 224.623749][T32075] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12634'. [ 224.879174][T32137] netlink: 'syz.0.12665': attribute type 2 has an invalid length. [ 224.881740][T32137] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12665'. [ 224.883452][T32141] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12667'. [ 224.913405][T32145] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12669'. [ 224.916201][T32145] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 224.946912][T32153] syz_tun: left promiscuous mode [ 224.951643][T32153] 8021q: adding VLAN 0 to HW filter on device .` [ 224.954759][T32153] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.969755][T32153] bridge_slave_0: left promiscuous mode [ 224.980121][T32153] 0: left allmulticast mode [ 224.981616][T32153] hsr_slave_1: left allmulticast mode [ 224.986112][T32153] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 224.989110][T32153] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 224.991874][T32153] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 225.007047][ T72] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 6081 - 0 [ 225.012169][ T72] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 6081 - 0 [ 225.016595][ T72] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 6081 - 0 [ 225.019396][ T72] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 6081 - 0 [ 225.138546][T32172] netlink: 6 bytes leftover after parsing attributes in process `syz.3.12684'. [ 225.270274][T32193] gre0: left promiscuous mode [ 225.271867][T32193] gre0: left allmulticast mode [ 225.276659][T32193] 8021q: adding VLAN 0 to HW filter on device .` [ 225.279597][T32193] 8021q: adding VLAN 0 to HW filter on device team0 [ 225.291395][T32193] wg1: left promiscuous mode [ 225.293131][T32193] wg1: left allmulticast mode [ 225.311173][T32193] 0: left allmulticast mode [ 225.312671][T32193] hsr_slave_0: left allmulticast mode [ 225.317289][T32193] hsr_slave_1: left allmulticast mode [ 225.321567][T32193] veth1_macvtap: left promiscuous mode [ 225.324195][T32193] veth0_macvtap: left promiscuous mode [ 225.326493][T32193] veth0_macvtap: entered promiscuous mode [ 225.328752][T32193] veth1_macvtap: entered promiscuous mode [ 225.333280][T32193] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 225.336237][T32193] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 225.338966][T32193] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 225.474249][T32215] netlink: 'syz.1.12704': attribute type 12 has an invalid length. [ 225.754861][T32261] net_ratelimit: 2 callbacks suppressed [ 225.754872][T32261] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 225.870576][T32289] netlink: 'syz.1.12739': attribute type 10 has an invalid length. [ 225.871088][T32288] netlink: 'syz.3.12740': attribute type 1 has an invalid length. [ 225.873357][T32289] netlink: 40 bytes leftover after parsing attributes in process `syz.1.12739'. [ 225.873572][T32289] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 225.876450][T32288] netlink: 'syz.3.12740': attribute type 1 has an invalid length. [ 225.879225][T32289] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 225.921169][T32299] new mount options do not match the existing superblock, will be ignored [ 225.976487][T32311] netlink: 80 bytes leftover after parsing attributes in process `syz.2.12751'. [ 226.066838][T32332] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12760'. [ 226.224581][T32361] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 226.342942][ T34] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 226.392925][T32391] autofs4:pid:32391:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(65021.1), cmd(0xc018937e) [ 226.402892][T32391] autofs4:pid:32391:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e) [ 226.429945][T32395] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 226.444268][T32399] openvswitch: netlink: IP tunnel dst address not specified [ 226.490943][T32407] xt_ipcomp: unknown flags 1D [ 226.516288][ T34] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 226.521412][ T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 226.526208][ T34] usb 7-1: Product: syz [ 226.527531][ T34] usb 7-1: Manufacturer: syz [ 226.530655][ T34] usb 7-1: SerialNumber: syz [ 226.531203][T32415] netlink: 'syz.1.12803': attribute type 21 has an invalid length. [ 226.563453][ T34] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 226.610244][T18284] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 226.667156][T32437] geneve2: entered promiscuous mode [ 226.752027][T32451] 8021q: adding VLAN 0 to HW filter on device bond6 [ 226.817644][T32464] syz.1.12827 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 226.821823][ T34] usb 7-1: USB disconnect, device number 12 [ 227.160965][T32496] tmpfs: Group quota block hardlimit too large. [ 227.257400][T32518] netlink: 'syz.3.12854': attribute type 4 has an invalid length. [ 227.293495][T32522] netlink: 'syz.1.12856': attribute type 10 has an invalid length. [ 227.303495][T32522] team0: Device wg2 is of different type [ 227.437194][T32555] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 227.560180][T32580] openvswitch: netlink: Flow actions attr not present in new flow. [ 227.633805][T18284] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive [ 227.641803][T18284] ath9k_htc: Failed to initialize the device [ 227.644419][ T34] usb 7-1: ath9k_htc: USB layer deinitialized [ 227.667120][T32598] team0: Device wg2 is of different type [ 227.827626][T32625] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 227.855130][T32630] kAFS: unable to lookup cell '' [ 227.931364][T32642] sctp: [Deprecated]: syz.0.12916 (pid 32642) Use of int in max_burst socket option deprecated. [ 227.931364][T32642] Use struct sctp_assoc_value instead [ 228.077650][T32666] team0: Port device wg2 added [ 228.079531][ T5843] wg2 speed is unknown, defaulting to 1000 [ 228.082518][ T34] wg2 speed is unknown, defaulting to 1000 [ 228.087282][ T5843] wg2 speed is unknown, defaulting to 1000 [ 228.139911][T32678] IPv6: Can't replace route, no match found [ 228.171859][T32684] cgroup: name respecified [ 228.251955][T32695] team0: Port device wg2 added [ 228.317115][T32712] random: crng reseeded on system resumption [ 228.440768][T32743] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT [ 228.602133][ T313] F2FS-fs (nbd3): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 228.605724][ T313] F2FS-fs (nbd3): Can't find valid F2FS filesystem in 1th superblock [ 228.608741][ T313] F2FS-fs (nbd3): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 228.611141][ T313] F2FS-fs (nbd3): Can't find valid F2FS filesystem in 2th superblock [ 228.677746][ T326] program syz.1.12990 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 228.763020][ T5847] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 228.922868][ T5847] usb 5-1: Using ep0 maxpacket: 32 [ 228.925317][ T367] gre1: entered promiscuous mode [ 228.926091][ T5847] usb 5-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 228.934642][ T5847] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 228.941935][ T5847] usb 5-1: config 0 descriptor?? [ 228.955239][ T5847] as10x_usb: device has been detected [ 228.957448][ T5847] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle) [ 228.975326][ T5847] usb 5-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)... [ 228.992506][ T5847] as10x_usb: error during firmware upload part1 [ 228.995199][ T5847] Registered device nBox DVB-T Dongle [ 229.019173][ T383] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 229.156067][ T5847] usb 5-1: USB disconnect, device number 7 [ 229.177624][ T5847] Unregistered device nBox DVB-T Dongle [ 229.178723][ T5847] as10x_usb: device has been disconnected [ 229.193962][ T419] PM: Enabling pm_trace changes system date and time during resume. [ 229.193962][ T419] PM: Correct system time has to be restored manually after resume. [ 229.739072][ T506] syz.3.13077 (506) used greatest stack depth: 18968 bytes left [ 229.851849][ T540] devpts: Bad value for 'max' [ 229.878951][ T544] __nla_validate_parse: 12 callbacks suppressed [ 229.878963][ T544] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13096'. [ 229.884053][ T544] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13096'. [ 229.886887][ T544] validate_nla: 8 callbacks suppressed [ 229.886895][ T544] netlink: 'syz.0.13096': attribute type 14 has an invalid length. [ 229.891098][ T544] netlink: 'syz.0.13096': attribute type 12 has an invalid length. [ 229.911030][ T551] netlink: 20 bytes leftover after parsing attributes in process `syz.1.13099'. [ 230.078297][ T597] Bluetooth: MGMT ver 1.23 [ 230.177593][ T609] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13122'. [ 230.180664][ T609] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13122'. [ 230.183996][ T609] netlink: 'syz.3.13122': attribute type 19 has an invalid length. [ 230.186581][ T609] netlink: 'syz.3.13122': attribute type 20 has an invalid length. [ 231.076205][ T644] netdevsim netdevsim1: Direct firmware load for - failed with error -2 [ 231.078945][ T644] netdevsim netdevsim1: Falling back to sysfs fallback for: - [ 231.081866][ T645] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 231.270278][ T652] nbd: must specify at least one socket [ 231.325487][ T660] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13144'. [ 231.328391][ T660] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13144'. [ 231.331693][ T660] netlink: 'syz.3.13144': attribute type 14 has an invalid length. [ 231.334404][ T660] netlink: 'syz.3.13144': attribute type 12 has an invalid length. [ 231.358554][ T666] binder: 665:666 ioctl c0306201 80000080 returned -22 [ 231.421830][ T679] nbd: must specify at least one socket [ 231.425734][ T680] netlink: 20 bytes leftover after parsing attributes in process `syz.0.13156'. [ 231.488132][ T688] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13158'. [ 231.490781][ T688] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13158'. [ 231.494031][ T688] netlink: 'syz.2.13158': attribute type 14 has an invalid length. [ 231.496555][ T688] netlink: 'syz.2.13158': attribute type 12 has an invalid length. [ 231.668820][ T708] [U]  [ 232.040745][ T753] The dccp option matching is deprecated and scheduled to be removed in 2027. [ 232.040745][ T753] Please contact the netfilter-devel mailing list or update your nftables rules. [ 232.197589][ T789] netlink: 'syz.1.13208': attribute type 5 has an invalid length. [ 232.456531][ T842] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 232.679840][ T871] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 232.917627][ T903] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 233.172437][ T947] netlink: 'syz.0.13282': attribute type 21 has an invalid length. [ 233.317141][ T978] IPv6: Can't replace route, no match found [ 233.692815][ T54] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 233.842825][ T54] usb 6-1: Using ep0 maxpacket: 8 [ 233.846512][ T54] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 233.848859][ T54] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 233.852305][ T54] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 233.856553][ T54] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 233.860781][ T54] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 233.864527][ T54] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 233.868691][ T54] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 233.873566][ T54] usb 6-1: config 168 interface 0 has no altsetting 0 [ 233.876578][ T54] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 233.879027][ T54] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 233.882659][ T54] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 233.887222][ T54] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 233.890770][ T54] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 233.894335][ T54] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 233.898305][ T54] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 233.903315][ T54] usb 6-1: config 168 interface 0 has no altsetting 0 [ 233.906986][ T54] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 233.909769][ T54] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 233.913766][ T54] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 233.917787][ T54] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 233.921265][ T54] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 233.924988][ T54] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 233.929015][ T54] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 233.933887][ T54] usb 6-1: config 168 interface 0 has no altsetting 0 [ 233.938699][ T54] usb 6-1: string descriptor 0 read error: -22 [ 233.941283][ T54] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 233.944845][ T54] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 233.963671][ T54] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 234.160839][ T5843] usb 6-1: USB disconnect, device number 9 [ 234.651729][ T1028] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT [ 234.897065][ T41] audit: type=1326 audit(2000000099.209:25404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1069 comm="syz.0.13332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000 [ 234.904760][ T41] audit: type=1326 audit(2000000099.209:25405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1069 comm="syz.0.13332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000 [ 234.911389][ T41] audit: type=1326 audit(2000000099.209:25406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1069 comm="syz.0.13332" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf6ffefcc code=0x7ffc0000 [ 234.922223][ T41] audit: type=1326 audit(2000000099.219:25407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1069 comm="syz.0.13332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000 [ 234.934146][ T41] audit: type=1326 audit(2000000099.219:25408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1069 comm="syz.0.13332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000 [ 234.946164][ T41] audit: type=1326 audit(2000000099.229:25409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1069 comm="syz.0.13332" exe="/syz-executor" sig=0 arch=40000003 syscall=257 compat=1 ip=0xf6ffefcc code=0x7ffc0000 [ 234.958118][ T41] audit: type=1326 audit(2000000099.229:25410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1069 comm="syz.0.13332" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6ffefcc code=0x7ffc0000 [ 235.119885][ T1095] xt_l2tp: missing protocol rule (udp|l2tpip) [ 235.148169][ T1100] tipc: Enabling of bearer rejected, media not registered [ 235.181388][ T1111] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 235.183919][ T1111] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 235.367198][ T1132] vimc link validate: Sensor A:src:16x16 (0x33424752, 12, 0, 5, 2) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 235.697756][ T1165] nftables ruleset with unbound set [ 235.867115][ T1187] No buffer was provided with the request [ 235.941865][ T1199] tipc: Failed to obtain node identity [ 235.944438][ T1199] tipc: Enabling of bearer rejected, failed to enable media [ 235.998618][ T1208] __nla_validate_parse: 11 callbacks suppressed [ 235.998631][ T1208] netlink: 47 bytes leftover after parsing attributes in process `syz.2.13385'. [ 236.003761][ T1208] netlink: 20 bytes leftover after parsing attributes in process `syz.2.13385'. [ 236.269378][ T1241] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13401'. [ 236.340901][ T1250] xt_socket: unknown flags 0xe4 [ 236.430682][ T1259] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 236.786029][ T1316] sctp: [Deprecated]: syz.2.13433 (pid 1316) Use of int in max_burst socket option. [ 236.786029][ T1316] Use struct sctp_assoc_value instead [ 236.802844][ T5843] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 236.971260][ T5843] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 236.974114][ T5843] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 236.976631][ T5843] usb 6-1: Product: syz [ 236.977988][ T5843] usb 6-1: Manufacturer: syz [ 236.979437][ T5843] usb 6-1: SerialNumber: syz [ 236.989563][ T5843] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 236.999619][ T5887] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 237.160219][ T1342] netlink: 28 bytes leftover after parsing attributes in process `syz.2.13445'. [ 237.163098][ T1342] netlink: 28 bytes leftover after parsing attributes in process `syz.2.13445'. [ 237.167224][ T1342] netlink: 28 bytes leftover after parsing attributes in process `syz.2.13445'. [ 237.170020][ T1342] netlink: 28 bytes leftover after parsing attributes in process `syz.2.13445'. [ 237.215784][ T5843] usb 6-1: USB disconnect, device number 10 [ 237.563377][ T1370] netlink: 24 bytes leftover after parsing attributes in process `syz.0.13458'. [ 237.610047][ T1378] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13462'. [ 237.613594][ T1378] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13462'. [ 237.617230][ T1378] validate_nla: 1 callbacks suppressed [ 237.617242][ T1378] netlink: 'syz.2.13462': attribute type 7 has an invalid length. [ 237.622189][ T1378] netlink: 'syz.2.13462': attribute type 13 has an invalid length. [ 237.727456][ T41] audit: type=1326 audit(2000000102.039:25411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1398 comm="syz.2.13472" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 237.742875][ T41] audit: type=1326 audit(2000000102.039:25412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1398 comm="syz.2.13472" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 237.752625][ T41] audit: type=1326 audit(2000000102.039:25413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1398 comm="syz.2.13472" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 237.954326][ C1] bridge0: port 2(.) entered learning state [ 237.957767][ C1] bridge0: port 1(bridge_slave_0) entered learning state [ 237.968940][ T1442] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 238.034736][ T5887] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 238.047120][ T5887] ath9k_htc: Failed to initialize the device [ 238.063707][ T5843] usb 6-1: ath9k_htc: USB layer deinitialized [ 238.065155][ T1452] sg_read: process 6822 (syz.0.13496) changed security contexts after opening file descriptor, this is not allowed. [ 238.285406][ T1489] netlink: 'syz.2.13511': attribute type 13 has an invalid length. [ 238.287896][ T1489] netlink: 'syz.2.13511': attribute type 12 has an invalid length. [ 238.529686][ T1526] veth7: entered promiscuous mode [ 238.721828][ T1554] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 238.913524][ T1577] tipc: Failed to obtain node identity [ 238.915291][ T1577] tipc: Enabling of bearer rejected, failed to enable media [ 239.118072][ T1619] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check. [ 239.157445][ T1629] veth1_macvtap: left promiscuous mode [ 239.159732][ T1629] macsec0: entered allmulticast mode [ 239.164891][ T1629] veth1_macvtap: entered promiscuous mode [ 239.166736][ T1629] veth1_macvtap: entered allmulticast mode [ 239.170077][ T1629] macsec0: left allmulticast mode [ 239.171703][ T1629] veth1_macvtap: left allmulticast mode [ 239.554915][ T1704] binder: 1703:1704 ioctl c018620c 80000240 returned -22 [ 239.738225][ T1733] ip6gretap0: entered promiscuous mode [ 239.862969][ T54] usb 7-1: new low-speed USB device number 13 using dummy_hcd [ 240.015839][ T54] usb 7-1: config 0 has an invalid interface number: 55 but max is 0 [ 240.020131][ T54] usb 7-1: config 0 has no interface number 0 [ 240.022064][ T54] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 240.026323][ T54] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 240.029759][ T54] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 240.036227][ T54] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 240.041054][ T54] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 240.044849][ T54] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 240.049462][ T54] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 240.052443][ T54] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.059812][ T54] usb 7-1: config 0 descriptor?? [ 240.063919][ T1717] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 240.068979][ T1717] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 240.079249][ T54] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 240.115356][ T1787] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold [ 240.181085][ T1799] xt_cluster: you have exceeded the maximum number of cluster nodes (37482740 > 32) [ 240.288529][ T1717] ldusb 7-1:0.55: Write buffer overflow, 138595949 bytes dropped [ 240.293559][ T5847] usb 7-1: USB disconnect, device number 13 [ 240.299638][ T5847] ldusb 7-1:0.55: LD USB Device #0 now disconnected [ 240.955797][ T1877] max out of range [ 241.190397][ T1897] __nla_validate_parse: 12 callbacks suppressed [ 241.190416][ T1897] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13698'. [ 241.197814][ T1897] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13698'. [ 241.201360][ T1897] netlink: 'syz.1.13698': attribute type 15 has an invalid length. [ 241.249368][ T1902] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 241.261378][ T1899] tipc: Enabling of bearer rejected, failed to enable media [ 241.334170][ T1912] netlink: 'syz.3.13705': attribute type 11 has an invalid length. [ 241.336967][ T1912] netlink: 'syz.3.13705': attribute type 4 has an invalid length. [ 241.339508][ T1912] netlink: 199768 bytes leftover after parsing attributes in process `syz.3.13705'. [ 241.447339][ T1931] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13714'. [ 241.486989][ T1935] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 241.822571][ T1978] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13736'. [ 242.396762][ T1162] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.498486][ T2045] max out of range [ 242.511690][ T1162] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.557368][ T2052] netlink: 68 bytes leftover after parsing attributes in process `syz.1.13779'. [ 242.579235][ T5744] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 242.587058][ T5744] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 242.590315][ T5744] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 242.596127][ T5744] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 242.599434][ T5744] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 242.628549][ T1162] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.669571][ T2063] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13778'. [ 242.718309][ T1162] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 242.740767][ T2072] program syz.3.13788 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 242.826958][ T2048] wg2 speed is unknown, defaulting to 1000 [ 242.919032][ T1162] dvmrp9: left allmulticast mode [ 243.485286][ T2078] F2FS-fs: Conflicting test_dummy_encryption options [ 243.501028][ T2082] max out of range [ 243.590773][ T1162] .` (unregistering): Released all slaves [ 243.596456][ T1162] bond1 (unregistering): Released all slaves [ 243.604618][ T1162] bond0 (unregistering): Released all slaves [ 243.611881][ T1162] bond2 (unregistering): Released all slaves [ 243.619334][ T1162] bond3 (unregistering): Released all slaves [ 243.635677][ T1162] bond4 (unregistering): Released all slaves [ 243.646762][ T1162] bond5 (unregistering): Released all slaves [ 243.654028][ T1162] bond6 (unregistering): Released all slaves [ 243.664972][ T1162] bond7 (unregistering): Released all slaves [ 243.677688][ T2048] wg1 speed is unknown, defaulting to 1000 [ 243.701687][ T1243] smbdirect: ib_dev[syz1] removed [ 243.826337][ T1162] ,u: left promiscuous mode [ 243.831074][ T2115] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13797'. [ 243.834625][ T2115] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13797'. [ 243.837479][ T2115] netlink: 'syz.2.13797': attribute type 12 has an invalid length. [ 243.881188][ T2122] comedi comedi3: pcl818: I/O port conflict (0x100,16) [ 243.892600][ T5451] 8021q: adding VLAN 0 to HW filter on device eth2 [ 243.954277][ T2048] bridge0: port 1(bridge_slave_0) entered blocking state [ 243.957768][ T2048] bridge0: port 1(bridge_slave_0) entered disabled state [ 243.960275][ T2048] bridge_slave_0: entered allmulticast mode [ 243.963536][ T2048] bridge_slave_0: entered promiscuous mode [ 243.967264][ T2048] bridge0: port 2(bridge_slave_1) entered blocking state [ 243.969737][ T2048] bridge0: port 2(bridge_slave_1) entered disabled state [ 243.972164][ T2048] bridge_slave_1: entered allmulticast mode [ 243.975049][ T2048] bridge_slave_1: entered promiscuous mode [ 243.990373][ T2048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 243.990732][ T2137] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13811'. [ 243.995548][ T2048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 244.016301][ T2048] team0: Port device team_slave_0 added [ 244.019854][ T2048] team0: Port device team_slave_1 added [ 244.035124][ T2048] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 244.037347][ T2048] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 244.046550][ T2048] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 244.050797][ T2048] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 244.053266][ T2048] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 244.061836][ T2048] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 244.138359][ T2048] hsr_slave_0: entered promiscuous mode [ 244.140592][ T2048] hsr_slave_1: entered promiscuous mode [ 244.143099][ T2048] debugfs: 'hsr0' already exists in 'hsr' [ 244.144929][ T2048] Cannot create hsr debugfs directory [ 244.155027][ T5451] 8021q: adding VLAN 0 to HW filter on device eth3 [ 244.301793][ T2048] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 244.306606][ T2048] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 244.309992][ T2048] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 244.314019][ T2048] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 244.316887][ T2048] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 244.320863][ T2048] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 244.324823][ T2048] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 244.328633][ T2048] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 244.338234][ T5451] 8021q: adding VLAN 0 to HW filter on device eth4 [ 244.348759][ T2048] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.351028][ T2048] bridge0: port 2(bridge_slave_1) entered forwarding state [ 244.353468][ T2048] bridge0: port 1(bridge_slave_0) entered blocking state [ 244.355824][ T2048] bridge0: port 1(bridge_slave_0) entered forwarding state [ 244.396539][ T2048] 8021q: adding VLAN 0 to HW filter on device bond0 [ 244.407241][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 244.409948][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 244.416296][ T2048] 8021q: adding VLAN 0 to HW filter on device team0 [ 244.423078][T22528] bridge0: port 1(bridge_slave_0) entered blocking state [ 244.425529][T22528] bridge0: port 1(bridge_slave_0) entered forwarding state [ 244.432842][T22528] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.435170][T22528] bridge0: port 2(bridge_slave_1) entered forwarding state [ 244.509439][ T5451] 8021q: adding VLAN 0 to HW filter on device eth5 [ 244.551195][ T1162] hsr_slave_0: left promiscuous mode [ 244.553856][ T1162] hsr_slave_1: left promiscuous mode [ 244.672812][ T5744] Bluetooth: hci0: command tx timeout [ 244.680213][ T1162] team0 (unregistering): Port device wg2 removed [ 244.683082][ T59] smc: removing ib device syz2 [ 244.703766][ T59] smbdirect: ib_dev[syz2] removed [ 244.874816][ T2048] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 245.017599][ T2048] veth0_vlan: entered promiscuous mode [ 245.023389][ T2048] veth1_vlan: entered promiscuous mode [ 245.060866][ T2048] veth0_macvtap: entered promiscuous mode [ 245.070003][ T2048] veth1_macvtap: entered promiscuous mode [ 245.081802][ T2048] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 245.092455][ T2048] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 245.103035][T22528] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.105943][T22528] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.109319][T22528] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.113147][T22528] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.186513][ T72] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 245.189546][ T72] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 245.201874][T17953] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 245.204905][T17953] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 245.266750][ T1162] IPVS: stop unused estimator thread 0... [ 246.122340][ T2197] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method [ 246.248895][ T2220] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma? [ 246.353980][ T2237] netlink: 83 bytes leftover after parsing attributes in process `syz.3.13830'. [ 246.376904][ T2239] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 246.570579][ T2280] netlink: 20 bytes leftover after parsing attributes in process `syz.4.13851'. [ 246.752786][ T5744] Bluetooth: hci0: command tx timeout [ 246.859294][ T2331] nbd: must specify a device to reconfigure [ 246.958169][ T41] kauditd_printk_skb: 7 callbacks suppressed [ 246.958180][ T41] audit: type=1326 audit(2000000111.269:25421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2344 comm="syz.2.13882" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 246.979225][ T41] audit: type=1326 audit(2000000111.279:25422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2344 comm="syz.2.13882" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 246.995619][ T41] audit: type=1326 audit(2000000111.279:25423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2344 comm="syz.2.13882" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 247.004676][ T41] audit: type=1326 audit(2000000111.279:25424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2344 comm="syz.2.13882" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 247.012848][ T41] audit: type=1326 audit(2000000111.279:25425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2344 comm="syz.2.13882" exe="/syz-executor" sig=0 arch=40000003 syscall=270 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 247.022769][ T41] audit: type=1326 audit(2000000111.279:25426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2344 comm="syz.2.13882" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 247.029635][ T41] audit: type=1326 audit(2000000111.279:25427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2344 comm="syz.2.13882" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 247.036813][ T41] audit: type=1326 audit(2000000111.279:25428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2344 comm="syz.2.13882" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 247.044394][ T41] audit: type=1326 audit(2000000111.279:25429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2344 comm="syz.2.13882" exe="/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 247.051003][ T41] audit: type=1326 audit(2000000111.279:25430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2344 comm="syz.2.13882" exe="/syz-executor" sig=0 arch=40000003 syscall=252 compat=1 ip=0xf7fe5fcc code=0x7ffc0000 [ 247.086464][ T2363] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13890'. [ 247.269477][ T2387] nbd: must specify a device to reconfigure [ 247.273558][ T2389] sg_write: data in/out 12582877/14 bytes for SCSI command 0x0-- guessing data in; [ 247.273558][ T2389] program syz.2.13903 not setting count and/or reply_len properly [ 247.327268][ T2397] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13907'. [ 247.330241][ T2397] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13907'. [ 247.412824][ T857] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 247.582805][ T857] usb 9-1: Using ep0 maxpacket: 16 [ 247.590357][ T857] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 247.597948][ T857] usb 9-1: config 0 interface 0 has no altsetting 0 [ 247.604028][ T857] usb 9-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20 [ 247.609241][ T857] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 247.611789][ T857] usb 9-1: Product: syz [ 247.616669][ T857] usb 9-1: Manufacturer: syz [ 247.620268][ T857] usb 9-1: SerialNumber: syz [ 247.623224][ T857] usb 9-1: config 0 descriptor?? [ 247.797679][ T2461] blktrace: Concurrent blktraces are not allowed on sg0 [ 247.834482][ T2463] vlan0: entered promiscuous mode [ 247.836226][ T2463] bridge0: entered promiscuous mode [ 248.413361][ T2503] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 249.146553][ T2506] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 249.241306][ T2541] macvtap0: entered allmulticast mode [ 249.243962][ T2541] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 249.247123][ T2541] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 249.249802][ T2541] 8021q: adding VLAN 0 to HW filter on device macvtap0 [ 249.357056][ T5742] udevd[5742]: inotify_add_watch(7, /dev/nbd0, 10) failed: No such file or directory [ 249.980535][ T2655] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14015'. [ 249.984106][ T2655] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14015'. [ 249.987107][ T2655] netlink: 'syz.3.14015': attribute type 11 has an invalid length. [ 249.989635][ T2655] netlink: 'syz.3.14015': attribute type 12 has an invalid length. [ 250.100877][ T2683] netlink: 24 bytes leftover after parsing attributes in process `syz.1.14027'. [ 250.179487][ C0] imon 9-1:0.0: imon usb_rx_callback_intf0: status(-71) [ 250.195003][ T857] input: iMON Panel, Knob and Mouse(15c2:0041) as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input53 [ 250.212896][ T857] imon:send_packet: packet tx failed (-71) [ 250.233186][ T857] imon 9-1:0.0: panel buttons/knobs setup failed [ 250.292779][ T857] rc_core: IR keymap rc-imon-pad not found [ 250.294666][ T857] Registered IR keymap rc-empty [ 250.297702][ T857] imon 9-1:0.0: Looks like you're trying to use an IR protocol this device does not support [ 250.301891][ T2719] netlink: 774 bytes leftover after parsing attributes in process `syz.1.14041'. [ 250.304895][ T857] imon 9-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol [ 250.307003][ T857] imon:send_packet: packet tx failed (-71) [ 250.323653][ T857] imon 9-1:0.0: remote input dev register failed [ 250.332764][ T857] imon 9-1:0.0: imon_init_intf0: rc device setup failed [ 250.342146][ T2728] netlink: 16 bytes leftover after parsing attributes in process `syz.3.14044'. [ 250.351653][ T857] imon 9-1:0.0: unable to initialize intf0, err 0 [ 250.354334][ T857] imon:imon_probe: failed to initialize context! [ 250.356741][ T857] imon 9-1:0.0: unable to register, err -19 [ 250.361513][ T857] usb 9-1: USB disconnect, device number 2 [ 250.817648][ T2812] bridge_slave_0: default FDB implementation only supports local addresses [ 250.920756][ T2837] can0: slcan on ttyprintk. [ 250.993251][ T2836] can0 (unregistered): slcan off ttyprintk. [ 251.051555][ T2870] IPVS: Error connecting to the multicast addr [ 251.156556][ T2890] x_tables: ip6_tables: recent.0 match: invalid size 216 (kernel) != (user) 232 [ 251.401517][ T2920] overlayfs: workdir and upperdir must reside under the same mount [ 251.875067][ T2946] Bluetooth: MGMT ver 1.23 [ 251.985445][ T2964] __nla_validate_parse: 2 callbacks suppressed [ 251.985458][ T2964] netlink: 88 bytes leftover after parsing attributes in process `syz.4.14134'. [ 252.370356][ T3034] netlink: 184 bytes leftover after parsing attributes in process `syz.3.14156'. [ 252.581010][T18284] kernel write not supported for file /uinput (pid: 18284 comm: kworker/3:4) [ 252.835091][ T3097] netlink: 120 bytes leftover after parsing attributes in process `syz.3.14182'. [ 252.843915][ T3097] netlink: 'syz.3.14182': attribute type 1 has an invalid length. [ 252.848931][ T3097] netlink: 64 bytes leftover after parsing attributes in process `syz.3.14182'. [ 252.994747][ T3110] netlink: 24 bytes leftover after parsing attributes in process `syz.4.14187'. [ 253.112369][ T1040] hid (null): invalid report_size 51505 [ 253.117367][ T1040] hid (null): unknown global tag 0xc [ 253.119160][ T1040] hid (null): unknown global tag 0xc [ 253.120823][ T1040] hid (null): unknown global tag 0x9f [ 253.123449][ T1040] hid (null): unknown global tag 0xc [ 253.125187][ T1040] hid (null): unknown global tag 0x42 [ 253.126981][ T1040] hid (null): unknown global tag 0xd [ 253.128722][ T1040] hid (null): unknown global tag 0xc [ 253.130512][ T1040] hid (null): unknown global tag 0xc [ 253.132206][ T1040] hid (null): report_id 0 is invalid [ 253.134308][ T1040] hid (null): unknown global tag 0xe [ 253.136068][ T1040] hid (null): report_id 16697 is invalid [ 253.138162][ T1040] hid (null): bogus close delimiter [ 253.139833][ T1040] hid (null): unknown global tag 0xc [ 253.141788][ T1040] hid (null): invalid report_size 1234625101 [ 253.143946][ T1040] hid (null): unknown global tag 0xd [ 253.145692][ T1040] hid (null): unknown global tag 0xd [ 253.147424][ T1040] hid (null): invalid report_size -2125375034 [ 253.149415][ T1040] hid (null): report_id 0 is invalid [ 253.151117][ T1040] hid (null): invalid report_count -1724469666 [ 253.153585][ T1040] hid (null): unknown global tag 0xc [ 253.155344][ T1040] hid (null): unknown global tag 0xd [ 253.157084][ T1040] hid (null): global environment stack overflow [ 253.159108][ T1040] hid (null): unknown global tag 0xe [ 253.160883][ T1040] hid (null): unknown global tag 0xc [ 253.162633][ T1040] hid (null): unknown global tag 0xc [ 253.172908][ T1040] hid-generic 0009:0007:0077.0002: unknown main item tag 0x1 [ 253.176767][ T1040] hid-generic 0009:0007:0077.0002: reserved main item tag 0xd [ 253.179774][ T1040] hid-generic 0009:0007:0077.0002: unknown main item tag 0x1 [ 253.182355][ T1040] hid-generic 0009:0007:0077.0002: unexpected long global item [ 253.185665][ T1040] hid-generic 0009:0007:0077.0002: probe with driver hid-generic failed with error -22 [ 253.313690][ T5755] Bluetooth: hci4: command 0x1003 tx timeout [ 253.316925][ C1] bridge0: port 1(bridge_slave_0) entered forwarding state [ 253.321577][ C1] bridge0: topology change detected, propagating [ 253.323903][ C1] bridge0: port 2(.) entered forwarding state [ 253.325914][ C1] bridge0: topology change detected, propagating [ 253.329439][ T5744] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 253.426258][ T3133] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 253.680709][ T3163] 8021q: adding VLAN 0 to HW filter on device ipvlan0 [ 253.684409][ T3163] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 253.711111][ T3167] smc: net device vcan0 applied user defined pnetid SYZ1 [ 253.850209][ T3189] nbd: must specify a size in bytes for the device [ 254.152305][ T3232] bridge0: port 2(.) entered disabled state [ 254.156219][ T3232] bridge0: port 1(bridge_slave_0) entered disabled state [ 254.171952][ T41] audit: type=1326 audit(2000000118.479:25431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3226 comm="syz.4.14245" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf708efcc code=0x0 [ 254.217065][ T3243] [U]  [ 254.402526][ T3270] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14264'. [ 254.419901][ T3273] netlink: 24 bytes leftover after parsing attributes in process `syz.1.14265'. [ 254.539838][ T3294] pim6reg99999999: entered allmulticast mode [ 254.662354][ T3318] bridge0: port 2(bridge_slave_1) entered disabled state [ 254.665487][ T3318] bridge0: port 1(bridge_slave_0) entered disabled state [ 254.753500][ T3329] vlan2: entered allmulticast mode [ 254.755341][ T3329] team0: entered allmulticast mode [ 254.757011][ T3329] team_slave_0: entered allmulticast mode [ 254.758855][ T3329] team_slave_1: entered allmulticast mode [ 254.842183][ T3342] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 254.844976][ T3342] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 254.850948][ T3344] netlink: 'syz.1.14298': attribute type 2 has an invalid length. [ 255.026414][ T3393] netlink: 'syz.1.14314': attribute type 7 has an invalid length. [ 255.028935][ T3393] netlink: 'syz.1.14314': attribute type 8 has an invalid length. [ 255.057027][ T3400] netlink: 28 bytes leftover after parsing attributes in process `syz.2.14316'. [ 255.099360][ T3404] nbd: must specify a size in bytes for the device [ 255.121980][ T3406] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 255.124770][ T3406] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 255.221437][ T3416] netlink: 48 bytes leftover after parsing attributes in process `syz.4.14331'. [ 255.297968][ T3431] nbd: must specify a size in bytes for the device [ 255.476384][ T3458] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14345'. [ 255.573363][ T3467] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 255.575785][ T3467] @0: renamed from bond_slave_1 (while UP) [ 255.622926][ T1040] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 255.774692][ T1040] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 255.777922][ T1040] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 255.780869][ T1040] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 255.787434][ T1040] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 255.790315][ T1040] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 255.792891][ T1040] usb 7-1: Product: syz [ 255.794440][ T1040] usb 7-1: Manufacturer: syz [ 255.796832][ T1040] usb 7-1: SerialNumber: syz [ 255.810595][ T1040] hub 7-1:1.0: bad descriptor, ignoring hub [ 255.813235][ T1040] hub 7-1:1.0: probe with driver hub failed with error -5 [ 255.996355][ T3482] 8021q: adding VLAN 0 to HW filter on device ipvlan0 [ 255.999197][ T3482] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 256.021342][ T1040] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 14 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 256.364614][ T1040] usb 7-1: USB disconnect, device number 14 [ 256.375574][ T1040] usblp0: removed [ 257.295994][ T3606] xt_l2tp: missing protocol rule (udp|l2tpip) [ 257.326856][ T3611] netlink: 'syz.3.14408': attribute type 1 has an invalid length. [ 257.524641][T17953] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.669976][T17953] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.675315][ T5755] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 257.680856][ T5755] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 257.685430][ T5755] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 257.693679][ T5755] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 257.699793][ T5755] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 257.750250][T17953] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.838627][T17953] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 257.905751][ T5744] Bluetooth: hci0: unexpected event for opcode 0x042f [ 257.937299][ T3639] wg1 speed is unknown, defaulting to 1000 [ 258.046998][T17953] .: left allmulticast mode [ 258.048955][T17953] .: left promiscuous mode [ 258.053975][T17953] bridge0: port 2(.) entered disabled state [ 258.061312][T17953] bridge_slave_0: left allmulticast mode [ 258.063386][T17953] bridge_slave_0: left promiscuous mode [ 258.066761][T17953] bridge0: port 1(bridge_slave_0) entered disabled state [ 258.080639][T17953] dvmrp9: left allmulticast mode [ 258.089920][T17953] : left promiscuous mode [ 258.092112][T17953] bond_slave_1: left promiscuous mode [ 258.267609][T17953] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 258.312802][ T5886] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 258.362189][ T3709] __nla_validate_parse: 4 callbacks suppressed [ 258.362207][ T3709] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14454'. [ 258.482829][ T5886] usb 9-1: Using ep0 maxpacket: 16 [ 258.486183][ T5886] usb 9-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 258.489218][ T5886] usb 9-1: config 0 interface 0 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 258.493064][ T5886] usb 9-1: config 0 interface 0 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 258.496534][ T5886] usb 9-1: config 0 interface 0 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 258.499997][ T5886] usb 9-1: config 0 interface 0 has no altsetting 0 [ 258.503949][ T5886] usb 9-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 258.506851][ T5886] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 258.509373][ T5886] usb 9-1: Product: syz [ 258.510755][ T5886] usb 9-1: Manufacturer: syz [ 258.512304][ T5886] usb 9-1: SerialNumber: syz [ 258.517541][ T5886] usb 9-1: config 0 descriptor?? [ 258.519692][ T3691] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 258.609410][T17953] bond0 (unregistering): (slave 30): Releasing backup interface [ 258.614407][T17953] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 258.618527][T17953] bond0 (unregistering): Released all slaves [ 258.626034][T17953] bond1 (unregistering): Released all slaves [ 258.636321][T17953] bond2 (unregistering): Released all slaves [ 258.648660][T17953] bond3 (unregistering): Released all slaves [ 258.657343][T17953] bond4 (unregistering): Released all slaves [ 258.669313][T17953] bond5 (unregistering): Released all slaves [ 258.715887][ T3716] comedi comedi3: driver 'ni_daq_700' does not support attach using comedi_config [ 258.736731][ T3691] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 258.744311][ T5886] input: syz syz as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input55 [ 258.773640][T17953] ,u: left promiscuous mode [ 258.828247][ T3725] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14459'. [ 258.885543][ T3639] bridge0: port 1(bridge_slave_0) entered blocking state [ 258.887960][ T3639] bridge0: port 1(bridge_slave_0) entered disabled state [ 258.890428][ T3639] bridge_slave_0: entered allmulticast mode [ 258.894416][ T3639] bridge_slave_0: entered promiscuous mode [ 258.897893][ T3639] bridge0: port 2(bridge_slave_1) entered blocking state [ 258.900416][ T3639] bridge0: port 2(bridge_slave_1) entered disabled state [ 258.903986][ T3639] bridge_slave_1: entered allmulticast mode [ 258.906787][ T3639] bridge_slave_1: entered promiscuous mode [ 258.911977][ T5451] 8021q: adding VLAN 0 to HW filter on device eth6 [ 258.920810][T17953] IPVS: stopping backup sync thread 25958 ... [ 258.945427][ T3639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 258.960468][ T3639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 258.975666][ T3639] team0: Port device team_slave_0 added [ 258.978686][ T3639] team0: Port device team_slave_1 added [ 258.994106][ T3639] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 258.998808][ T3639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 259.008070][ T3639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 259.012440][ T3639] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 259.021878][ T3639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 259.033721][ T3639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 259.065643][T18284] usb 9-1: USB disconnect, device number 3 [ 259.107390][ T3639] hsr_slave_0: entered promiscuous mode [ 259.109664][ T3639] hsr_slave_1: entered promiscuous mode [ 259.138016][ T5451] 8021q: adding VLAN 0 to HW filter on device eth7 [ 259.259865][ T3639] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 259.264104][ T3639] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 259.266929][ T3639] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 259.270687][ T3639] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 259.273886][ T3639] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 259.278033][ T3639] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 259.280852][ T3639] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 259.285283][ T3639] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 259.304095][ T3639] bridge0: port 2(bridge_slave_1) entered blocking state [ 259.306396][ T3639] bridge0: port 2(bridge_slave_1) entered forwarding state [ 259.308836][ T3639] bridge0: port 1(bridge_slave_0) entered blocking state [ 259.311181][ T3639] bridge0: port 1(bridge_slave_0) entered forwarding state [ 259.317940][ T5451] 8021q: adding VLAN 0 to HW filter on device eth8 [ 259.359417][ T3639] 8021q: adding VLAN 0 to HW filter on device bond0 [ 259.369351][ T1162] bridge0: port 1(bridge_slave_0) entered disabled state [ 259.385638][ T1162] bridge0: port 2(bridge_slave_1) entered disabled state [ 259.397454][ T3639] 8021q: adding VLAN 0 to HW filter on device team0 [ 259.438954][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 259.441250][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 259.446795][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 259.449264][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 259.474721][ T3787] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14474'. [ 259.476659][ T3639] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 259.478276][ T3787] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14474'. [ 259.484818][ T3639] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 259.505080][T17953] hsr_slave_0: left promiscuous mode [ 259.507269][T17953] hsr_slave_1: left promiscuous mode [ 259.518600][T17953] veth1_macvtap: left promiscuous mode [ 259.520508][T17953] veth0_macvtap: left promiscuous mode [ 259.522313][T17953] veth1_vlan: left promiscuous mode [ 259.525245][T17953] veth0_vlan: left promiscuous mode [ 259.657974][T17953] team0 (unregistering): Port device team_slave_1 removed [ 259.666065][T17953] team0 (unregistering): Port device team_slave_0 removed [ 259.727338][ T5451] 8021q: adding VLAN 0 to HW filter on device eth9 [ 259.793397][ T5744] Bluetooth: hci2: command tx timeout [ 259.959344][ T3639] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 260.101768][ T3639] veth0_vlan: entered promiscuous mode [ 260.107227][ T3639] veth1_vlan: entered promiscuous mode [ 260.122087][ T3639] veth0_macvtap: entered promiscuous mode [ 260.126849][ T3639] veth1_macvtap: entered promiscuous mode [ 260.136153][ T3639] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 260.145060][ T3639] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 260.152663][ T59] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.159400][ T59] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.170977][ T59] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.175289][ T59] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.271191][ T1243] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 260.271682][T17953] IPVS: stop unused estimator thread 0... [ 260.275753][ T1243] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 260.293597][ T1243] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 260.296404][ T1243] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 260.458896][ T3844] netlink: 'syz.4.14488': attribute type 2 has an invalid length. [ 260.505200][ T3848] netlink: 'syz.4.14491': attribute type 14 has an invalid length. [ 260.793112][ T3870] netlink: 'syz.4.14497': attribute type 1 has an invalid length. [ 261.257041][ T3901] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14513'. [ 261.260631][ T3901] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14513'. [ 261.701075][ T3916] netlink: 32 bytes leftover after parsing attributes in process `syz.4.14520'. [ 261.872785][ T5755] Bluetooth: hci2: command tx timeout [ 262.055257][ T3945] netlink: 7060 bytes leftover after parsing attributes in process `syz.4.14532'. [ 262.240672][ T3968] tipc: Started in network mode [ 262.242287][ T3968] tipc: Node identity aaaaaaaaaa2a, cluster identity 4711 [ 262.245341][ T3968] tipc: Enabled bearer , priority 10 [ 262.434542][ T5744] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 262.434571][ T5755] Bluetooth: hci4: command 0x1003 tx timeout [ 262.505006][ T3988] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14554'. [ 263.365542][ T5843] tipc: Node number set to 8432298 [ 263.369341][ T4048] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14584'. [ 263.952857][ T5755] Bluetooth: hci2: command tx timeout [ 264.320047][T18716] Process accounting resumed [ 264.331823][ T4074] Process accounting resumed [ 264.349988][ T4080] netlink: 64 bytes leftover after parsing attributes in process `syz.2.14601'. [ 264.353252][ T4080] netlink: 64 bytes leftover after parsing attributes in process `syz.2.14601'. [ 264.508892][ T4099] netlink: 'syz.2.14610': attribute type 1 has an invalid length. [ 264.511680][ T4099] netlink: 220 bytes leftover after parsing attributes in process `syz.2.14610'. [ 264.835411][ T4145] comedi comedi3: pcl816: I/O port conflict (0x100,16) [ 265.074310][ T5744] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 265.075329][ T5755] Bluetooth: hci4: command 0x1003 tx timeout [ 265.130941][ T4162] tipc: Enabling of bearer rejected, failed to enable media [ 265.423331][ T4202] netlink: 268 bytes leftover after parsing attributes in process `syz.4.14659'. [ 265.428014][ T4202] netlink: 136 bytes leftover after parsing attributes in process `syz.4.14659'. [ 265.430845][ T4202] netlink: 16 bytes leftover after parsing attributes in process `syz.4.14659'. [ 265.536575][ T4220] sctp: [Deprecated]: syz.4.14666 (pid 4220) Use of struct sctp_assoc_value in delayed_ack socket option. [ 265.536575][ T4220] Use struct sctp_sack_info instead [ 266.002803][ T5843] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 266.032777][ T5744] Bluetooth: hci2: command tx timeout [ 266.162827][ T5843] usb 10-1: Using ep0 maxpacket: 16 [ 266.168823][ T5843] usb 10-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 266.172186][ T4306] atomic_op ffff8880438d0198 conn xmit_atomic 0000000000000000 [ 266.173628][ T5843] usb 10-1: config 0 interface 0 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 266.173653][ T5843] usb 10-1: config 0 interface 0 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 266.173674][ T5843] usb 10-1: config 0 interface 0 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 266.173698][ T5843] usb 10-1: config 0 interface 0 has no altsetting 0 [ 266.175787][ T5843] usb 10-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 266.201962][ T5843] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 266.206057][ T5843] usb 10-1: Product: syz [ 266.213531][ T5843] usb 10-1: Manufacturer: syz [ 266.215425][ T5843] usb 10-1: SerialNumber: syz [ 266.237335][ T5843] usb 10-1: config 0 descriptor?? [ 266.240099][ T4257] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 266.285394][ T4317] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 266.457809][ T4257] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 266.461942][ T5843] input: syz syz as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/input/input56 [ 266.481394][ T4336] program syz.2.14718 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 266.789320][ T5843] usb 10-1: USB disconnect, device number 2 [ 267.096115][ T5843] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 267.099374][ T5843] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 267.102467][ T5843] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 267.105655][ T5843] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future [ 267.108111][ T5843] rtc rtc0: __rtc_set_alarm: err=-22 [ 267.132753][ T5743] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 267.292848][ T5743] usb 7-1: Using ep0 maxpacket: 32 [ 267.296444][ T5743] usb 7-1: unable to get BOS descriptor or descriptor too short [ 267.299823][ T5743] usb 7-1: config 8 has an invalid interface number: 188 but max is 0 [ 267.302483][ T5743] usb 7-1: config 8 has no interface number 0 [ 267.304472][ T5743] usb 7-1: config 8 interface 188 has no altsetting 0 [ 267.309081][ T5743] usb 7-1: string descriptor 0 read error: -22 [ 267.314265][ T5743] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e [ 267.323597][ T5743] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 267.334579][ T5743] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state. [ 267.337128][ T5743] dw2102: su3000_power_ctrl: 1, initialized 0 [ 267.339287][ T5743] dvb-usb: bulk message failed: -22 (2/0) [ 267.348190][ T5743] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 267.351507][ T5743] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3) [ 267.354360][ T5743] usb 7-1: media controller created [ 267.356230][ T5743] dvb-usb: bulk message failed: -22 (6/0) [ 267.361185][ T5743] dw2102: i2c transfer failed. [ 267.363337][ T5743] dvb-usb: bulk message failed: -22 (6/0) [ 267.365219][ T5743] dw2102: i2c transfer failed. [ 267.366743][ T5743] dvb-usb: bulk message failed: -22 (6/0) [ 267.368538][ T5743] dw2102: i2c transfer failed. [ 267.370044][ T5743] dvb-usb: bulk message failed: -22 (6/0) [ 267.371818][ T5743] dw2102: i2c transfer failed. [ 267.373711][ T5743] dvb-usb: bulk message failed: -22 (6/0) [ 267.375528][ T5743] dw2102: i2c transfer failed. [ 267.378048][ T5743] dvb-usb: bulk message failed: -22 (6/0) [ 267.379828][ T5743] dw2102: i2c transfer failed. [ 267.381360][ T5743] dvb-usb: MAC address: 02:02:02:02:02:02 [ 267.390056][ T5743] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 267.402590][ T5743] dvb-usb: bulk message failed: -22 (3/0) [ 267.407179][ T5743] dw2102: command 0x0e transfer failed. [ 267.410017][ T5743] dvb-usb: bulk message failed: -22 (3/0) [ 267.411823][ T5743] dw2102: command 0x0e transfer failed. [ 267.456671][ T4391] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14743'. [ 267.547618][ T4400] netlink: 28 bytes leftover after parsing attributes in process `syz.1.14750'. [ 267.723773][ T5743] dvb-usb: bulk message failed: -22 (3/0) [ 267.731276][ T5743] dw2102: command 0x0e transfer failed. [ 267.738357][ T5743] dvb-usb: bulk message failed: -22 (3/0) [ 267.742747][ T5743] dw2102: command 0x0e transfer failed. [ 267.744579][ T5743] dvb-usb: bulk message failed: -22 (1/0) [ 267.746431][ T5743] dw2102: command 0x51 transfer failed. [ 267.749957][ T4369] dvb-usb: bulk message failed: -22 (7/0) [ 267.753183][ T4369] dw2102: i2c transfer failed. [ 267.769619][ T5743] DVB: Unable to find symbol ds3000_attach() [ 267.771580][ T5743] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3' [ 267.814723][ T5743] rc_core: IR keymap rc-su3000 not found [ 267.817352][ T5743] Registered IR keymap rc-empty [ 267.823781][ T5743] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0 [ 267.828095][ T5743] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0/input57 [ 267.838404][ T5743] dvb-usb: schedule remote query interval to 150 msecs. [ 267.846889][ T5743] dw2102: su3000_power_ctrl: 0, initialized 1 [ 267.848913][ T5743] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected. [ 267.856512][ T5743] usb 7-1: USB disconnect, device number 15 [ 268.007701][ T4435] xt_l2tp: unknown flags: 51 [ 268.038580][ T5743] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected. [ 268.134143][ T4453] ptrace attach of "/syz-executor exec"[3639] was attempted by " [ 268.281528][ T4471] xt_nfacct: accounting object `\$9ZM#mU|^c\F9YⳈ' does not exist [ 268.334883][ T4475] netlink: 24 bytes leftover after parsing attributes in process `syz.5.14785'. [ 268.570831][ T4508] ptrace attach of "/syz-executor exec"[5739] was attempted by " [ 268.823470][ T4531] netlink: 20 bytes leftover after parsing attributes in process `syz.5.14813'. [ 268.910056][ T4540] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 269.060163][ T4560] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 269.116392][ T4565] team0: Cannot enslave team device to itself [ 269.118680][ T4566] xt_socket: unknown flags 0x50 [ 269.367482][ T4578] ALSA: seq fatal error: cannot create timer (-19) [ 269.435429][ T41] audit: type=1326 audit(2000000133.749:25432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4510 comm="syz.2.14803" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe5fcc code=0x7fc00000 [ 269.716065][ T4615] ALSA: seq fatal error: cannot create timer (-22) [ 269.840317][ T4635] xt_l2tp: invalid flags combination: 0 [ 269.880006][ T4640] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 269.882343][ T4640] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 269.919465][T11101] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 269.935355][T11101] hid-generic 0000:0000:0000.0003: hidraw1: HID v0.00 Device [syz0] on syz0 [ 269.970181][ T4654] netlink: 12 bytes leftover after parsing attributes in process `syz.5.14868'. [ 269.975775][ T4654] netlink: 12 bytes leftover after parsing attributes in process `syz.5.14868'. [ 270.018415][ T4649] fido_id[4649]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 270.111695][ T4675] netdevsim netdevsim1: Firmware load for '../file0/file0' refused, path contains '..' component [ 270.187521][ T4686] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4) [ 270.189746][ T4686] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 270.198747][ T4686] vhci_hcd vhci_hcd.0: Device attached [ 270.206693][ T4687] vhci_hcd: connection closed [ 270.206850][ T72] vhci_hcd vhci_hcd.5: stop threads [ 270.210044][ T4691] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.14887'. [ 270.210417][ T72] vhci_hcd vhci_hcd.5: release socket [ 270.215955][ T72] vhci_hcd vhci_hcd.5: disconnect device [ 270.454334][ T4717] can0: slcan on ttyS3. [ 270.532892][ T4715] can0 (unregistered): slcan off ttyS3. [ 270.933599][ T4776] netlink: 16146 bytes leftover after parsing attributes in process `syz.4.14918'. [ 271.023416][ T72] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 271.027049][ T72] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 271.031043][ T72] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 271.034827][ T72] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 271.122650][ T4812] netlink: 'syz.5.14934': attribute type 62 has an invalid length. [ 271.414783][ T54] IPVS: starting estimator thread 0... [ 271.516316][ T4867] IPVS: using max 45 ests per chain, 108000 per kthread [ 271.529019][ T4887] ================================================================== [ 271.531574][ T4887] BUG: KASAN: slab-out-of-bounds in try_module_get+0x4c/0xd0 [ 271.533938][ T4887] Write of size 4 at addr ffff888000a9d308 by task syz.1.14968/4887 [ 271.537911][ T4887] [ 271.539007][ T4887] CPU: 1 UID: 0 PID: 4887 Comm: syz.1.14968 Tainted: G L syzkaller #0 PREEMPT(full) [ 271.539025][ T4887] Tainted: [L]=SOFTLOCKUP [ 271.539028][ T4887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 271.539036][ T4887] Call Trace: [ 271.539041][ T4887] [ 271.539046][ T4887] dump_stack_lvl+0x100/0x190 [ 271.539060][ T4887] print_report+0x13d/0x4b0 [ 271.539077][ T4887] ? __virt_addr_valid+0x239/0x430 [ 271.539095][ T4887] ? try_module_get+0x4c/0xd0 [ 271.539110][ T4887] kasan_report+0xdf/0x1d0 [ 271.539122][ T4887] ? try_module_get+0x4c/0xd0 [ 271.539138][ T4887] kasan_check_range+0x10f/0x1e0 [ 271.539152][ T4887] try_module_get+0x4c/0xd0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 271.539166][ T4887] dvb_device_open+0x124/0x3b0 [ 271.539178][ T4887] ? __pfx_dvb_device_open+0x10/0x10 [ 271.539188][ T4887] chrdev_open+0x234/0x6a0 [ 271.539201][ T4887] ? __pfx_apparmor_file_open+0x10/0x10 [ 271.539220][ T4887] ? __pfx_chrdev_open+0x10/0x10 [ 271.539235][ T4887] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 271.539251][ T4887] do_dentry_open+0x6d8/0x1660 [ 271.539270][ T4887] ? __pfx_chrdev_open+0x10/0x10 [ 271.539285][ T4887] vfs_open+0x82/0x3f0 [ 271.539300][ T4887] path_openat+0x208c/0x31a0 [ 271.539315][ T4887] ? asm_int80_emulation+0x1a/0x20 [ 271.539326][ T4887] ? __pfx_path_openat+0x10/0x10 [ 271.539341][ T4887] do_file_open+0x20e/0x430 [ 271.539355][ T4887] ? __pfx_do_file_open+0x10/0x10 [ 271.539375][ T4887] ? _raw_spin_unlock+0x28/0x50 [ 271.539388][ T4887] ? alloc_fd+0x476/0x790 [ 271.539403][ T4887] do_sys_openat2+0x10d/0x1e0 [ 271.539418][ T4887] ? __pfx_do_sys_openat2+0x10/0x10 [ 271.539434][ T4887] ? find_held_lock+0x2b/0x80 [ 271.539448][ T4887] ? __ia32_sys_futex_time32+0x2f4/0x470 [ 271.539461][ T4887] ? __ia32_sys_futex_time32+0x2fd/0x470 [ 271.539475][ T4887] __ia32_compat_sys_openat+0x12d/0x210 [ 271.539486][ T4887] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 271.539499][ T4887] ? rcu_is_watching+0x12/0xc0 [ 271.539512][ T4887] ? rcu_is_watching+0x12/0xc0 [ 271.539525][ T4887] do_int80_emulation+0x141/0x700 [ 271.539542][ T4887] asm_int80_emulation+0x1a/0x20 [ 271.539553][ T4887] RIP: 0023:0xf718616b [ 271.539562][ T4887] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 271.539573][ T4887] RSP: 002b:00000000f544603c EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 271.539584][ T4887] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5446100 [ 271.539591][ T4887] RDX: 0000000000040002 RSI: 0000000000000000 RDI: 0000000000000000 [ 271.539597][ T4887] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 271.539603][ T4887] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 271.539609][ T4887] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 271.539619][ T4887] [ 271.539623][ T4887] [ 271.630197][ T4887] Allocated by task 1: [ 271.631487][ T4887] kasan_save_stack+0x30/0x50 [ 271.633004][ T4887] kasan_save_track+0x14/0x30 [ 271.634504][ T4887] __kasan_kmalloc+0xaa/0xb0 [ 271.635975][ T4887] bus_add_driver+0x92/0x5b0 [ 271.637467][ T4887] driver_register+0x1e2/0x360 [ 271.638967][ T4887] i2c_register_driver+0xd9/0x1f0 [ 271.640567][ T4887] do_one_initcall+0x121/0x750 [ 271.642112][ T4887] kernel_init_freeable+0x6ea/0x7b0 [ 271.643758][ T4887] kernel_init+0x1f/0x1e0 [ 271.645179][ T4887] ret_from_fork+0x72b/0xd50 [ 271.646654][ T4887] ret_from_fork_asm+0x1a/0x30 [ 271.648340][ T4887] [ 271.649128][ T4887] The buggy address belongs to the object at ffff888000a9d200 [ 271.649128][ T4887] which belongs to the cache kmalloc-256 of size 256 [ 271.653428][ T4887] The buggy address is located 56 bytes to the right of [ 271.653428][ T4887] allocated 208-byte region [ffff888000a9d200, ffff888000a9d2d0) [ 271.657800][ T4887] [ 271.658537][ T4887] The buggy address belongs to the physical page: [ 271.660501][ T4887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xa9c [ 271.663107][ T4887] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 271.665697][ T4887] flags: 0x7ff00000000040(head|node=0|zone=0|lastcpupid=0x7ff) [ 271.667937][ T4887] page_type: f5(slab) [ 271.669208][ T4887] raw: 007ff00000000040 ffff88801b842b40 dead000000000100 dead000000000122 [ 271.671804][ T4887] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000 [ 271.674461][ T4887] head: 007ff00000000040 ffff88801b842b40 dead000000000100 dead000000000122 [ 271.677099][ T4887] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000 [ 271.679709][ T4887] head: 007ff00000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff [ 271.682607][ T4887] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 271.685295][ T4887] page dumped because: kasan: bad access detected [ 271.687254][ T4887] page_owner tracks the page as allocated [ 271.688951][ T4887] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 17168252862, free_ts 17093641643 [ 271.694898][ T4887] post_alloc_hook+0x153/0x170 [ 271.696362][ T4887] get_page_from_freelist+0x11a6/0x33b0 [ 271.698105][ T4887] __alloc_frozen_pages_noprof+0x27c/0x2bc0 [ 271.699881][ T4887] new_slab+0xa6/0x6c0 [ 271.701138][ T4887] refill_objects+0x277/0x420 [ 271.702672][ T4887] __pcs_replace_empty_main+0x375/0x650 [ 271.704584][ T4887] __kmalloc_cache_noprof+0x493/0x6f0 [ 271.706303][ T4887] bus_add_driver+0x92/0x5b0 [ 271.707712][ T4887] driver_register+0x1e2/0x360 [ 271.709188][ T4887] usb_register_driver+0x21c/0x3e0 [ 271.710757][ T4887] do_one_initcall+0x121/0x750 [ 271.712288][ T4887] kernel_init_freeable+0x6ea/0x7b0 [ 271.713969][ T4887] kernel_init+0x1f/0x1e0 [ 271.715389][ T4887] ret_from_fork+0x72b/0xd50 [ 271.716862][ T4887] ret_from_fork_asm+0x1a/0x30 [ 271.718364][ T4887] page last free pid 24 tgid 24 stack trace: [ 271.720144][ T4887] __free_frozen_pages+0x747/0x1040 [ 271.721763][ T4887] vfree+0x15f/0x8d0 [ 271.722971][ T4887] delayed_vfree_work+0x56/0x80 [ 271.724548][ T4887] process_one_work+0xa0e/0x1980 [ 271.726113][ T4887] worker_thread+0x5ef/0xe50 [ 271.727542][ T4887] kthread+0x370/0x450 [ 271.728857][ T4887] ret_from_fork+0x72b/0xd50 [ 271.730271][ T4887] ret_from_fork_asm+0x1a/0x30 [ 271.731746][ T4887] [ 271.732502][ T4887] Memory state around the buggy address: [ 271.734255][ T4887] ffff888000a9d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 271.736802][ T4887] ffff888000a9d280: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 271.739257][ T4887] >ffff888000a9d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 271.741711][ T4887] ^ [ 271.743068][ T4887] ffff888000a9d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 271.745609][ T4887] ffff888000a9d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 271.748069][ T4887] ================================================================== [ 271.765859][ T4887] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 271.768690][ T4887] CPU: 0 UID: 0 PID: 4887 Comm: syz.1.14968 Tainted: G L syzkaller #0 PREEMPT(full) [ 271.772893][ T4887] Tainted: [L]=SOFTLOCKUP [ 271.774631][ T4887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 271.778548][ T4887] Call Trace: [ 271.779872][ T4887] [ 271.781087][ T4887] dump_stack_lvl+0x100/0x190 [ 271.782917][ T4887] vpanic+0x552/0x970 [ 271.784500][ T4887] ? __pfx_vpanic+0x10/0x10 [ 271.786313][ T4887] ? try_module_get+0x4c/0xd0 [ 271.788190][ T4887] panic+0xd1/0xe0 [ 271.789693][ T4887] ? __pfx_panic+0x10/0x10 [ 271.791475][ T4887] ? try_module_get+0x4c/0xd0 [ 271.793356][ T4887] ? preempt_schedule_common+0x42/0xc0 [ 271.795453][ T4887] check_panic_on_warn.cold+0x19/0x34 [ 271.797482][ T4887] end_report.part.0+0x3a/0x90 [ 271.799396][ T4887] kasan_report.cold+0xe/0x18 [ 271.801276][ T4887] ? try_module_get+0x4c/0xd0 [ 271.803112][ T4887] kasan_check_range+0x10f/0x1e0 [ 271.805090][ T4887] try_module_get+0x4c/0xd0 [ 271.806898][ T4887] dvb_device_open+0x124/0x3b0 [ 271.808794][ T4887] ? __pfx_dvb_device_open+0x10/0x10 [ 271.810886][ T4887] chrdev_open+0x234/0x6a0 [ 271.812665][ T4887] ? __pfx_apparmor_file_open+0x10/0x10 [ 271.814885][ T4887] ? __pfx_chrdev_open+0x10/0x10 [ 271.816857][ T4887] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 271.819344][ T4887] do_dentry_open+0x6d8/0x1660 [ 271.821259][ T4887] ? __pfx_chrdev_open+0x10/0x10 [ 271.823218][ T4887] vfs_open+0x82/0x3f0 [ 271.824841][ T4887] path_openat+0x208c/0x31a0 [ 271.826646][ T4887] ? asm_int80_emulation+0x1a/0x20 [ 271.828630][ T4887] ? __pfx_path_openat+0x10/0x10 [ 271.830623][ T4887] do_file_open+0x20e/0x430 [ 271.832430][ T4887] ? __pfx_do_file_open+0x10/0x10 [ 271.834465][ T4887] ? _raw_spin_unlock+0x28/0x50 [ 271.836392][ T4887] ? alloc_fd+0x476/0x790 [ 271.838132][ T4887] do_sys_openat2+0x10d/0x1e0 [ 271.840021][ T4887] ? __pfx_do_sys_openat2+0x10/0x10 [ 271.842092][ T4887] ? find_held_lock+0x2b/0x80 [ 271.843964][ T4887] ? __ia32_sys_futex_time32+0x2f4/0x470 [ 271.846199][ T4887] ? __ia32_sys_futex_time32+0x2fd/0x470 [ 271.848404][ T4887] __ia32_compat_sys_openat+0x12d/0x210 [ 271.850616][ T4887] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 271.852963][ T4887] ? rcu_is_watching+0x12/0xc0 [ 271.854879][ T4887] ? rcu_is_watching+0x12/0xc0 [ 271.856811][ T4887] do_int80_emulation+0x141/0x700 [ 271.858815][ T4887] asm_int80_emulation+0x1a/0x20 [ 271.860772][ T4887] RIP: 0023:0xf718616b [ 271.862375][ T4887] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 271.869852][ T4887] RSP: 002b:00000000f544603c EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 271.873205][ T4887] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5446100 [ 271.876305][ T4887] RDX: 0000000000040002 RSI: 0000000000000000 RDI: 0000000000000000 [ 271.879432][ T4887] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 271.882533][ T4887] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 271.885796][ T4887] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 271.888915][ T4887] [ 271.890863][ T4887] Kernel Offset: disabled [ 271.892573][ T4887] Rebooting in 86400 seconds.. VM DIAGNOSIS: 21:27:27 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000001 RBX=ffff88801cfb9148 RCX=0000000000000002 RDX=0000000000000000 RSI=ffffffff8def6d5a RDI=ffffffff8c1c2780 RBP=ffffffff81ec2b03 RSP=ffffc9000436fa08 R8 =0000000097db0476 R9 =0000000000000135 R10=0000000000000002 R11=0000000000000000 R12=ffff88802a532500 R13=ffffffff9b1d8a20 R14=0000000000000202 R15=0000000000000003 RIP=ffffffff81e401f7 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097178000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f73fc1e0 CR3=000000006bb1e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff857c0a15 RDI=ffffffff9b461820 RBP=ffffffff9b4617e0 RSP=ffffc900261bf2b0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030383838666657 R12=0000000000000000 R13=0000000000000034 R14=0000000000000010 R15=ffffffff857c09b0 RIP=ffffffff857c0a3f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097278000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f5445ff4 CR3=000000007934b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffff000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000008 RCX=0000000000000004 RDX=0000000000000000 RSI=0000000000000001 RDI=0000000000000001 RBP=ffffc9000350f2f8 RSP=ffffc9000350f0a0 R8 =0000000000000001 R9 =0000000000000010 R10=000000000000000c R11=0000000000000000 R12=000000000000000c R13=ffffc9000350f150 R14=ffff88802a860818 R15=00000000000002c8 RIP=ffffffff8500e322 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fbd9afab300 ffffffff 00c00000 GS =0000 ffff888097378000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000556860df9000 CR3=000000004abac000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000002c00000012 0004000000080024 0000000000280030 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000003a7f 0000001000000000 0000000000000000 0000000000000015 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 020fffffffff0200 08000fffffffff02 0008000c0075a606 0000006500000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000014c00000000 0000000000003a7d 0000001000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000015 000000000003bf12 000000010f800207 0800000000000806 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 26080008015394fa 6cb3d1a8d7b5dbf2 9d588f9b8908dcbb 4f02b4107b9d1451 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 76601838080f8003 0000000008062008 00040151ea0fffff ffff020fffffffff ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff040480030fffff ffff0403f0030008 0003e80300080003 e00300080003d803 ZMM25=52e8163452e81634 52e8163452e81634 52e8163452e81634 52e8163452e81634 52e8163452e81634 52e8163452e81634 52e8163452e81634 52e8163452e81634 ZMM26=c11ef447c11ef447 c11ef447c11ef447 c11ef447c11ef447 c11ef447c11ef447 c11ef447c11ef447 c11ef447c11ef447 c11ef447c11ef447 c11ef447c11ef447 ZMM27=31a5087f31a5087f 31a5087f31a5087f 31a5087f31a5087f 31a5087f31a5087f 31a5087f31a5087f 31a5087f31a5087f 31a5087f31a5087f 31a5087f31a5087f ZMM28=000001300000012f 0000012e0000012d 0000012c0000012b 0000012a00000129 0000012800000127 0000012600000125 0000012400000123 0000012200000121 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=663d0000663d0000 663d0000663d0000 663d0000663d0000 663d0000663d0000 663d0000663d0000 663d0000663d0000 663d0000663d0000 663d0000663d0000 info registers vcpu 3 CPU#3 RAX=0000000000111b8b RBX=ffff88801c3f2500 RCX=ffffffff8b87f045 RDX=0000000000000000 RSI=ffffffff8df1c263 RDI=ffffffff8c1c2780 RBP=0000000000000000 RSP=ffffc9000048fdf0 R8 =0000000000000001 R9 =ffffed10056a67b5 R10=ffff88802b533dab R11=0000000000000000 R12=0000000000000003 R13=ffffed100387e4a0 R14=0000000000000003 R15=ffffffff90d7d750 RIP=ffffffff8b87d87f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097478000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f70dc590 CR3=0000000024921000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7817d8b218e91313 2596a3176bf418bb ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a9707b2f3a9c1b8a 248935d4790badeb ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6a9ddd2bd03ae46f 7d5894427c77c53e ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b51d3cfdca3331ad 3f9ed2083a6d019a ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000f00 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100000001000000 e20a008001000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00a58e8a00a58e8c 00a58eb201000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d156008000a58e8b 01000000a3040080 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00a58eb081280080 e620008000a58e81 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0f85e40f7fa91f59 3c6d3f21957c46e2 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 90534380af4ba3e9 98fd19da08e5cc1a ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000