last executing test programs: 3.993089098s ago: executing program 2 (id=25635): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) writev(r3, &(0x7f0000000b80)=[{&(0x7f00000000c0)="f10dc44f7d20988057f85ab4dd61b58675fb03d944b014fb9cb34ce9a3428ca7df271b1179", 0x25}, {&(0x7f0000000640)="f14e4792586af7f2380c7d51d257826607fd39cc2d3571ac7e6b0f4edf17ed143170620ff63eaff5729afa9b52993626d76acc7c45ed66acb1ef8ba1cf478350334e2e3fac57df457868f7870695a9e2d1b5cd7382abb301e7b41538c733f36483a2418d462b88f7f6f661eeabc2823f86d0e5fe407f4504d78ac48229e940c2d788b3be1cb96e37cddda1244f4361dbf77e0322bfc6ef17abb172a80642b739fc38a4ba24cbf6fc81", 0xa9}, {&(0x7f0000000200)="c6d90d4117fc24396ad8457eeefe95e5c67a103dcd850a086c484bfb2d7c31d81a5cc1ebeb7150aa3f34f53ec3879a2ea5b8efcd9bbd102fbf8536da9e0b81bf7dd3e4c938677040c8cd", 0x4a}, {&(0x7f0000000180)="81881934a67305703f57d290aa6fcedcf1b035cab7bb9c49bb077684435faad973b36e9f69cb4904e3aa", 0x2a}, {&(0x7f0000000700)="b87703fcf01a3e7bb667b404b97c7cc284a90404a5a96ff4559329d80d037b08d8810e457b955102a0e93e966b04be1aafc2067dbc6c99566ce636740265f60f3467c311c5bab39f814b6b46458e362728f8f0b6156075616f87842f97f9061c2e676278f96044c4db7785a62f601e32e57baed01ea1e7b49c6a395169e8bd72254557dd7959f8627e2274301d346beb9887e01583a5ab92ef23", 0x9a}, {&(0x7f00000007c0)="0b3c4fef437f956b626afd4d40ff19d50600b9d7685894a615d4cfc14f8aa828f0f9e21991906806421f38317973338885fc13112b46ec2f4a9efc8697", 0x3d}], 0x6) 3.093810293s ago: executing program 2 (id=25643): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f000000a380)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)}], 0x1, &(0x7f0000000880)=[@rthdr_2292={{0x38, 0x29, 0x39, {0x2, 0x4, 0xb638fcbd7d2b2b19, 0x5, 0x0, [@mcast2, @rand_addr=' \x01\x00']}}}, @rthdrdstopts={{0x60, 0x29, 0x37, {0x2c, 0x8, '\x00', [@ra={0x5, 0x2, 0x7ff}, @calipso={0x7, 0x30, {0x2, 0xa, 0x8, 0x8, [0x9, 0x800, 0x4, 0xab4, 0x6]}}, @jumbo={0xc2, 0x4, 0x4}, @generic={0xd8}, @pad1]}}}], 0x98}}], 0x1, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r5, 0xae9a) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 2.941943163s ago: executing program 2 (id=25646): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000800)={0xa0000006}) 2.29360157s ago: executing program 2 (id=25656): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r1 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r1, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r1, 0x0, 0xfffffffffffffec0, 0x80, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x800, 0x0) ioctl$BINDER_SET_MAX_THREADS(r3, 0x40046205, 0x0) 1.552314503s ago: executing program 2 (id=25677): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x8aba, 0x4, 0x4, 0x804, 0x7, 0xf, 0x120000, 0x5, 0x0, 0x8, 0x8000000000000001, 0x2, 0x0, 0x101, 0x9, 0x1], 0x8000000, 0x141200}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000070c200003000004000"]) 1.159568845s ago: executing program 2 (id=25687): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$nl_route(0x10, 0x3, 0x0) write(r3, &(0x7f0000000000)="2400000058004f0f9c00f4f90085b3a85c91fddf080001000501009f0800028001000000", 0x24) 1.033096159s ago: executing program 3 (id=25694): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x103381) ioctl$USBDEVFS_FREE_STREAMS(r3, 0x8008551d, 0x0) 682.070487ms ago: executing program 1 (id=25702): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) sendmmsg$inet6(r2, &(0x7f000000a380)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)="5f2269782a5f6e1e2ece844040a2", 0xe}], 0x1, &(0x7f0000000880)=[@rthdr_2292={{0x28, 0x29, 0x39, {0x2, 0x2, 0xb638fcbd7d2b2b19, 0x5, 0x0, [@mcast2]}}}, @rthdrdstopts={{0x90, 0x29, 0x37, {0x2c, 0xf, '\x00', [@ra={0x5, 0x2, 0x7ff}, @calipso={0x7, 0x30, {0x2, 0xa, 0x8, 0x8, [0x9, 0x800, 0x4, 0xab4, 0x7]}}, @jumbo={0xc2, 0x4, 0x4}, @generic={0xd8, 0x37, "0d62bc34d8f79247745bf4745ca55e0eb0011bcd1f67e23aa0a5e4a9af5cfcd24e6a8dc87b4927118089db8b80cbb6c96a4b3946953f72"}, @pad1]}}}], 0xb8}}], 0x1, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r5, 0xae9a) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 434.1216ms ago: executing program 1 (id=25704): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x8, 0x2, 0x2, '\x00', 0x2}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000f9a000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, 0x0}], 0x54, 0x8, &(0x7f0000000380)=[@flags={0x3, 0x18c244}], 0x10000000000000c5) ioctl$KVM_RUN(r2, 0xae80, 0x0) 433.721554ms ago: executing program 3 (id=25705): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_all\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000005c0)) sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x8000) 363.886654ms ago: executing program 0 (id=25706): ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x10002, 0x4, 0x2000, 0x2000, &(0x7f0000012000/0x2000)=nil}) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), 0x0, 0x0, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r5, 0xae9a) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 293.722686ms ago: executing program 1 (id=25707): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f000000a380)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)}], 0x1, &(0x7f0000000880)=[@rthdr_2292={{0x38, 0x29, 0x39, {0x2, 0x4, 0xb638fcbd7d2b2b19, 0x5, 0x0, [@mcast2, @rand_addr=' \x01\x00']}}}, @rthdrdstopts={{0x60, 0x29, 0x37, {0x2c, 0x8, '\x00', [@ra={0x5, 0x2, 0x7ff}, @calipso={0x7, 0x30, {0x2, 0xa, 0x8, 0x8, [0x9, 0x800, 0x4, 0xab4, 0x6]}}, @jumbo={0xc2, 0x4, 0x4}, @generic={0xd8}, @pad1]}}}], 0x98}}], 0x1, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r5, 0xae9a) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 233.800702ms ago: executing program 0 (id=25708): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, 0x0, 0x0, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x801, 0x0) ioctl$UI_DEV_SETUP(r6, 0x405c5503, &(0x7f0000000380)={{0x0, 0x400, 0x4b, 0x9}, 'syz0\x00', 0x11}) ioctl$UI_DEV_SETUP(r6, 0x5501, 0x0) r7 = syz_open_dev$evdev(&(0x7f0000000040), 0xfffffffffffffffe, 0x2) dup3(r7, r6, 0x80000) 233.475994ms ago: executing program 3 (id=25709): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, 0x0, 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = socket$nl_route(0x10, 0x3, 0x0) write(r3, &(0x7f0000000000)="2400000058004f0f9c00f4f90085b3a85c91fddf080001000501009f0800028001000000", 0x24) 183.056052ms ago: executing program 0 (id=25710): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r1 = socket$inet_tcp(0x2, 0x1, 0x0) sendto$inet(r1, 0x0, 0x0, 0x805, 0x0, 0x0) sendto$inet(r1, 0x0, 0x0, 0x80, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00') read$FUSE(r3, 0x0, 0x0) 182.415942ms ago: executing program 1 (id=25711): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) write(r0, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) sendmmsg$inet6(r2, &(0x7f000000a380)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)="5f2269782a5f6e1e2ece844040a2", 0xe}], 0x1, &(0x7f0000000880)=[@rthdr_2292={{0x28, 0x29, 0x39, {0x2, 0x2, 0xb638fcbd7d2b2b19, 0x5, 0x0, [@mcast2]}}}, @rthdrdstopts={{0x90, 0x29, 0x37, {0x2c, 0xf, '\x00', [@ra={0x5, 0x2, 0x7ff}, @calipso={0x7, 0x30, {0x2, 0xa, 0x8, 0x8, [0x9, 0x800, 0x4, 0xab4, 0x7]}}, @jumbo={0xc2, 0x4, 0x4}, @generic={0xd8, 0x37, "0d62bc34d8f79247745bf4745ca55e0eb0011bcd1f67e23aa0a5e4a9af5cfcd24e6a8dc87b4927118089db8b80cbb6c96a4b3946953f72"}, @pad1]}}}], 0xb8}}], 0x1, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r5, 0xae9a) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 182.180011ms ago: executing program 0 (id=25712): socket$pppoe(0x18, 0x1, 0x0) r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc1105518, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, [0x5, 0xfffffffffffffffc, 0x0, 0x2, 0x8000000000000001, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x67, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000, 0x9, 0x4, 0x8, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x3, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, 0x1c, 0x5, 0x3, 0x2, 0x4000000000002, 0x0, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x5, 0x7ff, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0xac18, 0x0, 0x0, 0x4000000000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1]}) openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00') sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[], 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="050000000000000000", @ANYRES16=r1], 0x70}, 0x1, 0x0, 0x0, 0x40a0}, 0x0) r2 = add_key$user(&(0x7f0000000340), &(0x7f0000000300)={'syz', 0x3}, &(0x7f00000004c0)="53637ef00000", 0x6, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000140)={r2, r3, r2}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0) add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) r4 = dup(0xffffffffffffffff) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) 181.806768ms ago: executing program 3 (id=25713): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) lseek(r4, 0x7f, 0x0) 123.971022ms ago: executing program 0 (id=25714): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x20, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, 0x0, 0x240, 0x25018}}, 0x20}}, 0x80) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0x0, 0x7, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x5, 0x6, 0x1], 0xd5d5c004, 0x8340}) getsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x42, 0x0, 0x0) ioctl$KVM_SET_FPU(0xffffffffffffffff, 0x41a0ae8d, &(0x7f0000000280)={'\x00', 0xf, 0x66a, 0x9, 0x0, 0x1, 0x80a4000, 0xd000, '\x00', 0xd5ad}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 123.587761ms ago: executing program 3 (id=25715): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmmsg$inet6(r4, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_procfs(0x0, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4) r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x801, 0x0) ioctl$UI_DEV_SETUP(r6, 0x405c5503, &(0x7f0000000380)={{0x0, 0x400, 0x4b, 0x9}, 'syz0\x00', 0x11}) ioctl$UI_DEV_SETUP(r6, 0x5501, 0x0) syz_open_dev$evdev(&(0x7f0000000040), 0xfffffffffffffffe, 0x2) 63.295583ms ago: executing program 3 (id=25716): ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x10002, 0x4, 0x2000, 0x2000, &(0x7f0000012000/0x2000)=nil}) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), 0x0, 0x0, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r5, 0xae9a) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 60.956893ms ago: executing program 0 (id=25717): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f00000003c0)="0f326635004000000f300f00d636808a0d0001ba4300b80b00eb66b88c5000000f23d02a3ff866352000000e0f23f80f01c30f789deb32660f3a21cf220f2bb00058660f1bde", 0x46}], 0x1, 0x0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x3, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x9}, 0x1c) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0x3, &(0x7f00000000c0)=@framed, 0x0}, 0x94) ioctl$KVM_RUN(r5, 0xae80, 0x0) 155.012µs ago: executing program 1 (id=25718): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000002c0)={[0x8aba, 0x4, 0x4, 0x804, 0x7, 0xf, 0x120000, 0x5, 0x0, 0x8, 0x8000000000000001, 0x2, 0x0, 0x101, 0x9, 0x1], 0x8000000, 0x141200}) ioctl$KVM_RUN(r1, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r1, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000070c200003000004000"]) 0s ago: executing program 1 (id=25719): rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4}) sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) write(r0, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f000000a380)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)}], 0x1, &(0x7f0000000880)=[@rthdr_2292={{0x38, 0x29, 0x39, {0x2, 0x4, 0xb638fcbd7d2b2b19, 0x5, 0x0, [@mcast2, @rand_addr=' \x01\x00']}}}, @rthdrdstopts={{0x60, 0x29, 0x37, {0x2c, 0x8, '\x00', [@ra={0x5, 0x2, 0x7ff}, @calipso={0x7, 0x30, {0x2, 0xa, 0x8, 0x8, [0x9, 0x800, 0x4, 0xab4, 0x6]}}, @jumbo={0xc2, 0x4, 0x4}, @generic={0xd8}, @pad1]}}}], 0x98}}], 0x1, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r5, 0xae9a) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200}) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) kernel console output (not intermixed with test programs): iommu group 9 [ 948.055897][T24293] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 948.059655][T24293] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 948.063814][T24293] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 948.068289][T24293] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 948.072540][T24293] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 948.075862][T24293] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 948.080686][T24293] usb 5-1: config 0 descriptor?? [ 948.082909][T24670] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 948.628796][ T40] audit: type=1400 audit(1763483415.131:739): avc: denied { ioctl } for pid=24714 comm="syz.2.23582" path="mnt:[4026532915]" dev="nsfs" ino=4026532915 ioctlcmd=0xb702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 948.692988][T24293] usbhid 5-1:0.0: can't add hid device: -71 [ 948.697327][T24293] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 948.705291][T24293] usb 5-1: USB disconnect, device number 61 [ 949.435378][T24732] netlink: 8 bytes leftover after parsing attributes in process `syz.2.23589'. [ 949.729843][T24744] netlink: 28 bytes leftover after parsing attributes in process `syz.1.23594'. [ 949.924749][T16063] usb 8-1: new high-speed USB device number 56 using dummy_hcd [ 950.074779][T16063] usb 8-1: Using ep0 maxpacket: 32 [ 950.085495][T16063] usb 8-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 950.089500][T16063] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 950.095116][T16063] usb 8-1: config 0 descriptor?? [ 950.303485][T16063] usbhid 8-1:0.0: can't add hid device: -71 [ 950.307022][T16063] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 950.315797][T16063] usb 8-1: USB disconnect, device number 56 [ 950.427102][T24780] netlink: 28 bytes leftover after parsing attributes in process `syz.1.23609'. [ 950.943599][T24805] netlink: 28 bytes leftover after parsing attributes in process `syz.3.23619'. [ 951.068561][T24821] kernel profiling enabled (shift: 9) [ 951.204850][T13492] usb 5-1: new high-speed USB device number 62 using dummy_hcd [ 951.365798][T13492] usb 5-1: Using ep0 maxpacket: 32 [ 951.368761][T13492] usb 5-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 951.371706][T13492] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 951.374789][ T6003] usb 6-1: new high-speed USB device number 40 using dummy_hcd [ 951.375935][T13492] usb 5-1: config 0 descriptor?? [ 951.534762][ T6003] usb 6-1: Using ep0 maxpacket: 32 [ 951.538396][ T6003] usb 6-1: unable to get BOS descriptor or descriptor too short [ 951.546989][ T6003] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 951.552108][ T6003] usb 6-1: New USB device found, idVendor=17ef, idProduct=7000, bcdDevice=a1.ec [ 951.555338][ T6003] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 951.557870][ T6003] usb 6-1: Product: syz [ 951.559321][ T6003] usb 6-1: Manufacturer: syz [ 951.560833][ T6003] usb 6-1: SerialNumber: syz [ 951.568861][ T6003] usb 6-1: config 0 descriptor?? [ 951.576058][T12169] usb 7-1: new high-speed USB device number 72 using dummy_hcd [ 951.584388][T13492] usbhid 5-1:0.0: can't add hid device: -71 [ 951.586879][T13492] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 951.590963][T13492] usb 5-1: USB disconnect, device number 62 [ 951.619663][T24857] tipc: Started in network mode [ 951.621311][T24857] tipc: Node identity 066562eb742c, cluster identity 4711 [ 951.623778][T24857] tipc: Enabled bearer , priority 0 [ 951.627033][T24857] syzkaller0: entered promiscuous mode [ 951.628920][T24857] syzkaller0: entered allmulticast mode [ 951.639231][T24857] tipc: Resetting bearer [ 951.643733][T24856] tipc: Resetting bearer [ 951.653590][T24856] tipc: Disabling bearer [ 951.735877][T12169] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 951.738609][T12169] usb 7-1: config 0 has no interface number 0 [ 951.742196][T12169] usb 7-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 951.745272][T12169] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 951.747904][T12169] usb 7-1: Product: syz [ 951.749353][T12169] usb 7-1: Manufacturer: syz [ 951.750929][T12169] usb 7-1: SerialNumber: syz [ 951.753787][T12169] usb 7-1: config 0 descriptor?? [ 951.774436][T13492] usb 6-1: USB disconnect, device number 40 [ 951.965379][T12169] dvb_usb_ec168 7-1:0.1: probe with driver dvb_usb_ec168 failed with error -32 [ 951.975303][T12169] usb 7-1: USB disconnect, device number 72 [ 952.020767][T24871] netlink: 28 bytes leftover after parsing attributes in process `syz.3.23652'. [ 952.124814][T24877] program syz.0.23655 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 952.148862][T24878] netlink: 12 bytes leftover after parsing attributes in process `syz.3.23654'. [ 952.446522][T24893] netlink: 28 bytes leftover after parsing attributes in process `syz.1.23661'. [ 952.651165][T24903] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 952.774748][T13492] usb 7-1: new high-speed USB device number 73 using dummy_hcd [ 952.828966][T24913] netlink: 28 bytes leftover after parsing attributes in process `syz.1.23671'. [ 952.944747][T13492] usb 7-1: Using ep0 maxpacket: 32 [ 952.948711][T13492] usb 7-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 952.951687][T13492] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 952.956017][T13492] usb 7-1: config 0 descriptor?? [ 953.031358][T24922] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 953.163054][T13492] usbhid 7-1:0.0: can't add hid device: -71 [ 953.165396][T13492] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 953.172565][T13492] usb 7-1: USB disconnect, device number 73 [ 953.189042][T24940] netlink: 28 bytes leftover after parsing attributes in process `syz.1.23684'. [ 953.334956][ T54] usb 5-1: new high-speed USB device number 63 using dummy_hcd [ 953.352083][T24949] netlink: 12 bytes leftover after parsing attributes in process `syz.1.23687'. [ 953.496258][ T54] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 953.500206][ T54] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 953.504045][ T54] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 953.507815][ T54] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 953.512070][ T54] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 953.515178][ T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 953.519702][ T54] usb 5-1: config 0 descriptor?? [ 953.521924][T24929] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 953.696057][T24952] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 954.050790][T24966] team0: entered promiscuous mode [ 954.052554][T24966] team0: entered allmulticast mode [ 954.130692][ T54] usbhid 5-1:0.0: can't add hid device: -71 [ 954.132739][ T54] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 954.162182][ T54] usb 5-1: USB disconnect, device number 63 [ 954.414809][T16063] usb 8-1: new high-speed USB device number 57 using dummy_hcd [ 954.574676][T16063] usb 8-1: Using ep0 maxpacket: 16 [ 954.577949][T16063] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 954.580791][T16063] usb 8-1: config 0 has no interface number 0 [ 954.584333][T16063] usb 8-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d [ 954.588200][T16063] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 954.591506][T16063] usb 8-1: Product: syz [ 954.593111][T16063] usb 8-1: Manufacturer: syz [ 954.594761][T16063] usb 8-1: SerialNumber: syz [ 954.597487][T16063] usb 8-1: config 0 descriptor?? [ 954.604193][T16063] gspca_main: spca1528-2.14.0 probing 04fc:1528 [ 954.703628][T24988] __nla_validate_parse: 3 callbacks suppressed [ 954.703640][T24988] netlink: 8 bytes leftover after parsing attributes in process `syz.0.23705'. [ 954.803926][T24991] netlink: 12 bytes leftover after parsing attributes in process `syz.0.23706'. [ 955.164300][T24993] dvmrp1: tun_chr_ioctl cmd 2147767517 [ 955.309686][T24997] dns_resolver: Unsupported content type (6) [ 955.419905][T25003] netlink: 28 bytes leftover after parsing attributes in process `syz.1.23712'. [ 955.717268][T25009] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 955.811637][T16063] gspca_spca1528: reg_w err -71 [ 955.814999][T16063] spca1528 8-1:0.1: probe with driver spca1528 failed with error -71 [ 955.819492][T16063] usb 8-1: USB disconnect, device number 57 [ 955.885978][T25016] netlink: 8 bytes leftover after parsing attributes in process `syz.0.23718'. [ 956.151631][T25027] netlink: 12 bytes leftover after parsing attributes in process `syz.0.23723'. [ 956.453890][T25035] netlink: 28 bytes leftover after parsing attributes in process `syz.3.23726'. [ 957.207729][T25052] netlink: 28 bytes leftover after parsing attributes in process `syz.2.23737'. [ 957.238451][T25054] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 957.278054][T25058] netlink: 8 bytes leftover after parsing attributes in process `syz.2.23739'. [ 957.306249][T25061] netlink: 4 bytes leftover after parsing attributes in process `syz.2.23740'. [ 957.402760][T25075] netlink: 28 bytes leftover after parsing attributes in process `syz.3.23746'. [ 957.414870][T13492] usb 5-1: new high-speed USB device number 64 using dummy_hcd [ 957.533620][T25084] team0 (unregistering): Port device team_slave_0 removed [ 957.538793][T25084] team0 (unregistering): Port device team_slave_1 removed [ 957.566749][T13492] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 957.571817][T13492] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 957.576796][T13492] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 957.580524][T13492] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 957.585455][T13492] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 957.588526][T13492] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 957.595581][T13492] usb 5-1: config 0 descriptor?? [ 957.597998][T25049] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 957.751693][T25105] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 958.013599][T13492] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 958.124749][ T8370] usb 8-1: new full-speed USB device number 58 using dummy_hcd [ 958.201345][T25140] binder: 25138:25140 ioctl c0306201 0 returned -14 [ 958.208561][T16063] usb 5-1: USB disconnect, device number 64 [ 958.220831][ T40] audit: type=1326 audit(1763483424.721:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25141 comm="syz.1.23776" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f691ff8f6c9 code=0x0 [ 958.286444][ T8370] usb 8-1: config 8 has an invalid interface number: 80 but max is 0 [ 958.289334][ T8370] usb 8-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 958.292764][ T8370] usb 8-1: config 8 has no interface number 0 [ 958.295085][ T8370] usb 8-1: config 8 interface 80 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 958.298963][ T8370] usb 8-1: config 8 interface 80 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0 [ 958.302100][ T8370] usb 8-1: config 8 interface 80 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 14 [ 958.306714][ T8370] usb 8-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice=c1.6f [ 958.309788][ T8370] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 958.320537][ T8370] usb 8-1: NFC: intf ffff8880355a3000 id ffffffff8f2de000 [ 958.520331][ T8370] usb 8-1: USB disconnect, device number 58 [ 959.059160][ T40] audit: type=1400 audit(1763483425.561:741): avc: denied { map } for pid=25178 comm="syz.3.23792" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 959.069238][ T40] audit: type=1400 audit(1763483425.571:742): avc: denied { execute } for pid=25178 comm="syz.3.23792" path="/dev/dri/card0" dev="devtmpfs" ino=635 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1 [ 959.189084][T25194] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 959.210889][T25201] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 959.358268][T25222] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 959.432704][T25232] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 960.025970][T25291] __nla_validate_parse: 8 callbacks suppressed [ 960.025982][T25291] netlink: 12 bytes leftover after parsing attributes in process `syz.0.23841'. [ 960.051369][T25292] fuse: Bad value for 'fd' [ 960.192623][T25296] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 960.240128][T25298] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 960.354941][ T54] usb 6-1: new high-speed USB device number 41 using dummy_hcd [ 960.514710][ T54] usb 6-1: Using ep0 maxpacket: 16 [ 960.518049][ T54] usb 6-1: config 0 has an invalid interface number: 143 but max is 0 [ 960.521085][ T54] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 960.524585][ T54] usb 6-1: config 0 has no interface number 0 [ 960.527103][ T54] usb 6-1: config 0 interface 143 has no altsetting 0 [ 960.530897][ T54] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 960.534227][ T54] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 960.537474][ T54] usb 6-1: Product: syz [ 960.538918][ T54] usb 6-1: SerialNumber: syz [ 960.542335][ T54] usb 6-1: config 0 descriptor?? [ 960.587612][T25309] netlink: 4 bytes leftover after parsing attributes in process `syz.3.23851'. [ 960.684757][T16063] usb 7-1: new high-speed USB device number 74 using dummy_hcd [ 960.751685][ T6003] usb 6-1: USB disconnect, device number 41 [ 960.841904][T16063] usb 7-1: unable to get BOS descriptor or descriptor too short [ 960.845839][T16063] usb 7-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 960.848891][T16063] usb 7-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 960.853330][T16063] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 960.858292][T16063] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 960.861457][T16063] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 960.864299][T16063] usb 7-1: Product: syz [ 960.865903][T16063] usb 7-1: Manufacturer: syz [ 960.867541][T16063] usb 7-1: SerialNumber: syz [ 960.950028][T25331] netlink: 8 bytes leftover after parsing attributes in process `syz.3.23861'. [ 960.951975][T25329] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 961.084378][T16063] usb 7-1: 0:2 : does not exist [ 961.092580][T16063] usb 7-1: USB disconnect, device number 74 [ 961.096285][T25339] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 961.109768][T20461] udevd[20461]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 961.203386][T25346] netlink: 12 bytes leftover after parsing attributes in process `syz.3.23866'. [ 961.308095][T25353] netlink: 8 bytes leftover after parsing attributes in process `syz.1.23870'. [ 961.633593][T25361] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 961.784348][T25364] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 962.124722][ T54] usb 7-1: new high-speed USB device number 75 using dummy_hcd [ 962.231173][T25378] netlink: 12 bytes leftover after parsing attributes in process `syz.3.23881'. [ 962.287906][ T54] usb 7-1: Using ep0 maxpacket: 32 [ 962.290361][T25382] netlink: 4 bytes leftover after parsing attributes in process `syz.3.23883'. [ 962.291158][ T54] usb 7-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 962.297462][ T54] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 962.301531][ T54] usb 7-1: config 0 descriptor?? [ 962.374763][T16063] usb 6-1: new high-speed USB device number 42 using dummy_hcd [ 962.508398][ T54] usbhid 7-1:0.0: can't add hid device: -71 [ 962.510946][ T54] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 962.518231][ T54] usb 7-1: USB disconnect, device number 75 [ 962.524700][T16063] usb 6-1: Using ep0 maxpacket: 16 [ 962.527684][T16063] usb 6-1: config 0 has an invalid interface number: 8 but max is 0 [ 962.530405][T16063] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 962.533754][T16063] usb 6-1: config 0 has no interface number 0 [ 962.536885][T16063] usb 6-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 962.542298][T16063] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 962.545565][T16063] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 962.548222][T16063] usb 6-1: Product: syz [ 962.549658][T16063] usb 6-1: SerialNumber: syz [ 962.557173][T16063] usb 6-1: config 0 descriptor?? [ 962.769611][T16063] usbhid 6-1:0.8: couldn't find an input interrupt endpoint [ 962.772679][T16063] usb 6-1: USB disconnect, device number 42 [ 962.920825][T25393] netlink: 12 bytes leftover after parsing attributes in process `syz.0.23888'. [ 963.052217][T25395] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 963.307607][T25409] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 963.457112][ T40] audit: type=1804 audit(1763483429.961:743): pid=25414 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.1.23897" name="/newroot/320/file1" dev="fuse" ino=1 res=1 errno=0 [ 963.466730][ T40] audit: type=1400 audit(1763483429.971:744): avc: denied { read } for pid=25427 comm="syz.3.23903" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 963.474748][ T40] audit: type=1400 audit(1763483429.971:745): avc: denied { open } for pid=25427 comm="syz.3.23903" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 963.482687][ T40] audit: type=1400 audit(1763483429.971:746): avc: denied { ioctl } for pid=25427 comm="syz.3.23903" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 963.543312][T25436] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 963.724745][T16063] usb 7-1: new high-speed USB device number 76 using dummy_hcd [ 963.884990][T16063] usb 7-1: Using ep0 maxpacket: 16 [ 963.895761][T16063] usb 7-1: config 0 has an invalid interface number: 8 but max is 0 [ 963.898661][T16063] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 963.902184][T16063] usb 7-1: config 0 has no interface number 0 [ 963.904401][T16063] usb 7-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 963.910309][T16063] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 963.913492][T16063] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 963.917131][T16063] usb 7-1: Product: syz [ 963.918567][T16063] usb 7-1: SerialNumber: syz [ 963.921777][T16063] usb 7-1: config 0 descriptor?? [ 964.130229][T16063] usbhid 7-1:0.8: couldn't find an input interrupt endpoint [ 964.137345][T16063] usb 7-1: USB disconnect, device number 76 [ 964.194830][ T6019] usb 5-1: new high-speed USB device number 65 using dummy_hcd [ 964.333636][T25459] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 964.366120][ T6019] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 964.369112][ T6019] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 964.374273][ T6019] usb 5-1: config 0 descriptor?? [ 964.383617][ T6019] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 964.411737][T25467] binder_alloc: 25466: pid 25466 spamming oneway? 1 buffers allocated for a total size of 4096 [ 964.420202][T25467] binder_alloc: 25466: pid 25466 spamming oneway? 2 buffers allocated for a total size of 5120 [ 964.447024][T25469] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 964.772031][T25491] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 964.954913][ T54] usb 8-1: new high-speed USB device number 59 using dummy_hcd [ 964.982572][ T6019] gspca_cpia1: usb_control_msg 01, error -71 [ 964.987485][ T6019] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0) [ 964.991271][ T6019] usb 5-1: USB disconnect, device number 65 [ 965.106343][ T54] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 965.110392][ T54] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 965.113995][ T54] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 965.117939][ T54] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 965.122184][ T54] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 965.125381][ T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 965.129149][ T54] usb 8-1: config 0 descriptor?? [ 965.131322][T25487] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 965.224798][T12169] usb 7-1: new high-speed USB device number 77 using dummy_hcd [ 965.334756][T24293] usb 6-1: new high-speed USB device number 43 using dummy_hcd [ 965.376815][T12169] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 965.380379][T12169] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 965.384266][T12169] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 965.387360][T12169] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 965.391188][T12169] usb 7-1: config 0 descriptor?? [ 965.484813][T24293] usb 6-1: Using ep0 maxpacket: 16 [ 965.494749][T24293] usb 6-1: config 0 has an invalid interface number: 8 but max is 0 [ 965.497347][T24293] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 965.500664][T24293] usb 6-1: config 0 has no interface number 0 [ 965.502748][T24293] usb 6-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 965.508695][T24293] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 965.511737][T24293] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 965.514430][T24293] usb 6-1: Product: syz [ 965.516089][T24293] usb 6-1: SerialNumber: syz [ 965.519448][T24293] usb 6-1: config 0 descriptor?? [ 965.545864][ T54] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 965.598659][T12169] usbhid 7-1:0.0: can't add hid device: -71 [ 965.600805][T12169] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 965.605098][T12169] usb 7-1: USB disconnect, device number 77 [ 965.726289][T24293] usbhid 6-1:0.8: couldn't find an input interrupt endpoint [ 965.730738][T24293] usb 6-1: USB disconnect, device number 43 [ 965.796823][ T54] usb 8-1: USB disconnect, device number 59 [ 966.300367][T25526] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14385 sclass=netlink_route_socket pid=25526 comm=syz.1.23948 [ 966.329567][T25530] binder: 25529:25530 ioctl c0306201 200000000300 returned -11 [ 966.341220][T25532] netlink: 4 bytes leftover after parsing attributes in process `syz.3.23951'. [ 966.360293][T25536] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 966.593915][T25553] binder: 25552:25553 ioctl c0306201 200000000300 returned -11 [ 966.689181][T25559] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 966.745141][ T54] usb 6-1: new high-speed USB device number 44 using dummy_hcd [ 966.764777][ T6019] usb 7-1: new high-speed USB device number 78 using dummy_hcd [ 966.896219][ T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 966.899917][ T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 966.903034][ T54] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 966.906897][ T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 966.910764][ T54] usb 6-1: config 0 descriptor?? [ 966.920238][ T6019] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 966.924209][ T6019] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 966.928040][ T6019] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 966.931789][ T6019] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 966.936138][ T6019] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 966.939479][ T6019] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 966.946710][ T6019] usb 7-1: config 0 descriptor?? [ 966.949119][T25551] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 966.953557][T25581] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 967.120330][ T54] usbhid 6-1:0.0: can't add hid device: -71 [ 967.122481][ T54] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 967.138815][ T54] usb 6-1: USB disconnect, device number 44 [ 967.344991][ T6003] usb 8-1: new high-speed USB device number 60 using dummy_hcd [ 967.363701][ T6019] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 967.396818][ T8370] usb 5-1: new high-speed USB device number 66 using dummy_hcd [ 967.504788][ T6003] usb 8-1: Using ep0 maxpacket: 16 [ 967.511908][ T6003] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 967.515793][ T6003] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 967.519374][ T6003] usb 8-1: New USB device found, idVendor=1e71, idProduct=170e, bcdDevice= 0.00 [ 967.522314][ T6003] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 967.526462][ T6003] usb 8-1: config 0 descriptor?? [ 967.554668][ T8370] usb 5-1: Using ep0 maxpacket: 16 [ 967.558462][ T8370] usb 5-1: config 0 has an invalid interface number: 2 but max is 0 [ 967.561141][ T8370] usb 5-1: config 0 has no interface number 0 [ 967.563240][ T8370] usb 5-1: config 0 interface 2 altsetting 0 has an endpoint descriptor with address 0xBC, changing to 0x8C [ 967.567273][ T8370] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 7 [ 967.571009][ T8370] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0x8C has invalid wMaxPacketSize 0 [ 967.576303][ T8370] usb 5-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice= 0.88 [ 967.579353][ T8370] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3 [ 967.582464][ T8370] usb 5-1: Product: syz [ 967.583906][ T8370] usb 5-1: SerialNumber: syz [ 967.595041][ T8370] usb 5-1: config 0 descriptor?? [ 967.616437][ T9778] usb 7-1: USB disconnect, device number 78 [ 967.806161][ T8370] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 967.808739][ T8370] usb 5-1: invalid MIDI out EP 0 [ 967.846107][ T8370] snd-usb-audio 5-1:0.2: probe with driver snd-usb-audio failed with error -22 [ 967.852350][T20444] udevd[20444]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 967.857816][ T8370] usb 5-1: USB disconnect, device number 66 [ 967.934714][ T6003] hid (null): unknown global tag 0xc [ 967.940669][ T6003] nzxt-kraken2 0003:1E71:170E.0013: unknown global tag 0xc [ 967.943066][ T6003] nzxt-kraken2 0003:1E71:170E.0013: item 0 1 1 12 parsing failed [ 967.946488][ T6003] nzxt-kraken2 0003:1E71:170E.0013: hid parse failed with -22 [ 967.949016][ T6003] nzxt-kraken2 0003:1E71:170E.0013: probe with driver nzxt-kraken2 failed with error -22 [ 968.136112][T24293] usb 8-1: USB disconnect, device number 60 [ 968.327234][ T40] audit: type=1804 audit(1763483434.831:747): pid=25613 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.23989" name="/newroot/187/file1" dev="fuse" ino=1 res=1 errno=0 [ 968.492394][T25628] program syz.2.23995 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 968.527995][T25631] netlink: 4 bytes leftover after parsing attributes in process `syz.2.23998'. [ 969.009051][T25662] netlink: 12 bytes leftover after parsing attributes in process `syz.1.24008'. [ 969.234802][T24293] usb 8-1: new high-speed USB device number 61 using dummy_hcd [ 969.394858][T24293] usb 8-1: Using ep0 maxpacket: 32 [ 969.399185][T24293] usb 8-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 969.402912][T24293] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 969.407567][T24293] usb 8-1: config 0 descriptor?? [ 969.615665][T24293] usbhid 8-1:0.0: can't add hid device: -71 [ 969.618246][T24293] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 969.622399][T24293] usb 8-1: USB disconnect, device number 61 [ 969.827376][T25690] netlink: 40 bytes leftover after parsing attributes in process `syz.0.24022'. [ 970.023927][T25702] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 970.567750][T25731] fuse: Bad value for 'fd' [ 970.843669][T25760] fuse: Bad value for 'fd' [ 971.456168][T25788] netlink: 12 bytes leftover after parsing attributes in process `syz.0.24067'. [ 971.561280][T25793] binder: 25792:25793 ioctl c0306201 200000000300 returned -11 [ 971.608407][T25795] netlink: 40 bytes leftover after parsing attributes in process `syz.2.24070'. [ 972.214734][ T8370] usb 8-1: new high-speed USB device number 62 using dummy_hcd [ 972.364777][ T8370] usb 8-1: Using ep0 maxpacket: 32 [ 972.369479][ T8370] usb 8-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 972.373097][ T8370] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 972.378970][ T8370] usb 8-1: config 0 descriptor?? [ 972.587185][ T8370] usbhid 8-1:0.0: can't add hid device: -71 [ 972.590020][ T8370] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 972.603809][ T8370] usb 8-1: USB disconnect, device number 62 [ 973.054787][T16063] usb 6-1: new high-speed USB device number 45 using dummy_hcd [ 973.123826][T25844] netlink: 28 bytes leftover after parsing attributes in process `syz.3.24094'. [ 973.214730][T16063] usb 6-1: Using ep0 maxpacket: 16 [ 973.217984][T16063] usb 6-1: config 0 has an invalid interface number: 8 but max is 0 [ 973.220605][T16063] usb 6-1: config 0 has no interface number 0 [ 973.223215][T16063] usb 6-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 973.230321][T16063] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 973.234019][T16063] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 973.237860][T16063] usb 6-1: Product: syz [ 973.239722][T16063] usb 6-1: SerialNumber: syz [ 973.252053][T16063] usb 6-1: config 0 descriptor?? [ 973.259735][T16063] usbhid 6-1:0.8: couldn't find an input interrupt endpoint [ 973.390479][T25867] netlink: 28 bytes leftover after parsing attributes in process `syz.0.24104'. [ 973.459676][T16063] usb 6-1: USB disconnect, device number 45 [ 973.564750][ T8370] usb 8-1: new high-speed USB device number 63 using dummy_hcd [ 973.724688][ T8370] usb 8-1: Using ep0 maxpacket: 32 [ 973.728462][ T8370] usb 8-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 973.731443][ T8370] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 973.735594][ T8370] usb 8-1: config 0 descriptor?? [ 973.941867][ T8370] usbhid 8-1:0.0: can't add hid device: -71 [ 973.943979][ T8370] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 973.948266][ T8370] usb 8-1: USB disconnect, device number 63 [ 974.064058][T25900] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 974.472594][T25920] netlink: 28 bytes leftover after parsing attributes in process `syz.3.24127'. [ 974.805014][ T8370] usb 5-1: new high-speed USB device number 67 using dummy_hcd [ 974.954763][ T8370] usb 5-1: Using ep0 maxpacket: 32 [ 974.959280][ T8370] usb 5-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 974.966342][ T8370] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 974.969028][ T8370] usb 5-1: Product: syz [ 974.970434][ T8370] usb 5-1: Manufacturer: syz [ 974.971994][ T8370] usb 5-1: SerialNumber: syz [ 974.975330][ T8370] usb 5-1: config 0 descriptor?? [ 975.042829][T25934] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 975.049856][ T40] audit: type=1400 audit(1763483441.551:748): avc: denied { write } for pid=25929 comm="syz.1.24132" name="fb0" dev="devtmpfs" ino=637 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1 [ 975.280762][T25942] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 975.384734][ T6003] usb 7-1: new high-speed USB device number 79 using dummy_hcd [ 975.534686][ T6003] usb 7-1: Using ep0 maxpacket: 32 [ 975.537847][ T6003] usb 7-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 975.540890][ T6003] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 975.545700][ T6003] usb 7-1: config 0 descriptor?? [ 975.582600][ T8370] peak_usb 5-1:0.0 can0: unable to request usb[type=2 value=5] err=-71 [ 975.676120][ T8370] peak_usb 5-1:0.0: probe with driver peak_usb failed with error -71 [ 975.681491][ T8370] usb 5-1: USB disconnect, device number 67 [ 975.754740][ T6003] usbhid 7-1:0.0: can't add hid device: -71 [ 975.756807][ T6003] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 975.763868][ T6003] usb 7-1: USB disconnect, device number 79 [ 976.018062][T25964] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 976.608848][T26000] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=26000 comm=syz.3.24162 [ 976.917956][T26024] binder: 26023:26024 ioctl 400c620e 0 returned -14 [ 977.051331][T26031] binder: BINDER_SET_CONTEXT_MGR already set [ 977.053356][T26031] binder: 26030:26031 ioctl 4018620d 200000000040 returned -16 [ 977.057145][T26031] binder: 26030:26031 ioctl c0306201 200000000300 returned -11 [ 977.084708][T16063] usb 6-1: new full-speed USB device number 46 using dummy_hcd [ 977.236352][T16063] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4 [ 977.240951][T16063] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4 [ 977.245279][T26044] fuse: Bad value for 'group_id' [ 977.248096][T26044] fuse: Bad value for 'group_id' [ 977.250571][T16063] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 977.258559][T16063] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 977.262532][T16063] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 977.266085][T16063] usb 6-1: Product: syz [ 977.267581][T16063] usb 6-1: Manufacturer: syz [ 977.269341][T16063] usb 6-1: SerialNumber: syz [ 977.291365][T26047] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=26047 comm=syz.3.24184 [ 977.314897][ T6019] usb 7-1: new high-speed USB device number 80 using dummy_hcd [ 977.421388][T26055] binder: 26054:26055 ioctl c0306201 200000000300 returned -11 [ 977.464888][ T6019] usb 7-1: Using ep0 maxpacket: 32 [ 977.475841][ T6019] usb 7-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 977.480333][ T6019] usb 7-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid maxpacket 1824, setting to 1024 [ 977.484595][ T6019] usb 7-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 977.490345][ T6019] usb 7-1: config 0 interface 0 has no altsetting 0 [ 977.492659][ T6019] usb 7-1: New USB device found, idVendor=05ac, idProduct=0237, bcdDevice= 0.00 [ 977.498700][ T6019] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 977.502727][ T6019] usb 7-1: config 0 descriptor?? [ 977.505008][T26035] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 977.523500][ T6019] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input69 [ 977.540594][T20461] udevd[20461]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 977.543768][T16063] usb 6-1: USB disconnect, device number 46 [ 978.118142][T26066] bcm5974 7-1:0.0: could not read from device [ 978.121016][ T6003] usb 7-1: USB disconnect, device number 80 [ 978.134958][T20461] udevd[20461]: Error opening device "/dev/input/event4": No such file or directory [ 978.138577][T20461] udevd[20461]: Unable to EVIOCGABS device "/dev/input/event4" [ 978.141318][T20461] udevd[20461]: Unable to EVIOCGABS device "/dev/input/event4" [ 978.144027][T20461] udevd[20461]: Unable to EVIOCGABS device "/dev/input/event4" [ 978.146938][T20461] udevd[20461]: Unable to EVIOCGABS device "/dev/input/event4" [ 978.448662][T26095] vti0: entered promiscuous mode [ 978.851966][T26124] binder: 26123:26124 ioctl 400c620e 0 returned -14 [ 978.899697][T26128] binder: BINDER_SET_CONTEXT_MGR already set [ 978.901826][T26128] binder: 26127:26128 ioctl 4018620d 200000000040 returned -16 [ 978.905005][T26128] binder: 26127:26128 ioctl c0306201 200000000300 returned -11 [ 979.209425][ T40] audit: type=1400 audit(1763483445.711:749): avc: denied { bind } for pid=26142 comm="syz.1.24228" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 979.359810][T26148] binder: 26147:26148 ioctl 400c620e 0 returned -14 [ 979.548907][ T40] audit: type=1400 audit(1763483446.051:750): avc: denied { write } for pid=26167 comm="syz.1.24240" name="nvram" dev="devtmpfs" ino=631 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 979.556106][T26170] binder: 26169:26170 ioctl c0306201 200000000300 returned -11 [ 979.864714][ T24] usb 7-1: new high-speed USB device number 81 using dummy_hcd [ 980.014764][ T24] usb 7-1: Using ep0 maxpacket: 8 [ 980.018687][ T24] usb 7-1: unable to get BOS descriptor or descriptor too short [ 980.023696][ T24] usb 7-1: New USB device found, idVendor=0423, idProduct=000c, bcdDevice=2e.bf [ 980.026978][ T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 980.029730][ T24] usb 7-1: Product: syz [ 980.031117][ T24] usb 7-1: Manufacturer: syz [ 980.032638][ T24] usb 7-1: SerialNumber: syz [ 980.154367][T26194] binder: 26193:26194 ioctl c0306201 200000000300 returned -11 [ 980.241246][ T24] usb 7-1: selecting invalid altsetting 1 [ 980.243227][ T24] catc 7-1:8.0: Can't set altsetting 1. [ 980.249931][ T24] catc 7-1:8.0: probe with driver catc failed with error -5 [ 980.257517][ T24] usb 7-1: USB disconnect, device number 81 [ 980.292809][T26202] netlink: 4 bytes leftover after parsing attributes in process `syz.1.24257'. [ 980.296058][T26202] bridge_slave_1: left allmulticast mode [ 980.297971][T26202] bridge_slave_1: left promiscuous mode [ 980.300030][T26202] bridge0: port 2(bridge_slave_1) entered disabled state [ 980.303840][T26202] bridge_slave_0: left allmulticast mode [ 980.307393][T26202] bridge_slave_0: left promiscuous mode [ 980.309495][T26202] bridge0: port 1(bridge_slave_0) entered disabled state [ 980.711790][T26223] fuse: Unknown parameter 'grou00000000000000000000' [ 980.821243][T26230] netlink: 4 bytes leftover after parsing attributes in process `syz.2.24269'. [ 980.824817][T26230] bridge_slave_1: left allmulticast mode [ 980.827291][T26230] bridge_slave_1: left promiscuous mode [ 980.829699][T26230] bridge0: port 2(bridge_slave_1) entered disabled state [ 980.933221][T26230] bridge_slave_0: left allmulticast mode [ 980.936316][T26230] bridge_slave_0: left promiscuous mode [ 980.938315][T26230] bridge0: port 1(bridge_slave_0) entered disabled state [ 981.047695][T26228] netlink: 12 bytes leftover after parsing attributes in process `syz.0.24268'. [ 981.792877][T26254] fuse: Unknown parameter 'group_i00000000000000000000' [ 981.930787][T26269] netlink: 4 bytes leftover after parsing attributes in process `syz.2.24284'. [ 982.021298][T26269] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 982.026560][T26269] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 982.030898][T26269] bond0 (unregistering): Released all slaves [ 982.124695][ T34] usb 6-1: new full-speed USB device number 47 using dummy_hcd [ 982.164459][T26281] netlink: 40 bytes leftover after parsing attributes in process `syz.3.24290'. [ 982.224204][T26286] fuse: Unknown parameter 'group_i00000000000000000000' [ 982.296595][ T34] usb 6-1: config 252 has an invalid interface number: 191 but max is 0 [ 982.299341][ T34] usb 6-1: config 252 has no interface number 0 [ 982.303138][ T34] usb 6-1: New USB device found, idVendor=054c, idProduct=0069, bcdDevice=6d.6f [ 982.306449][ T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 982.309445][ T34] usb 6-1: Product: syz [ 982.310829][ T34] usb 6-1: Manufacturer: syz [ 982.312359][ T34] usb 6-1: SerialNumber: syz [ 982.324277][ T34] usb-storage 6-1:252.191: USB Mass Storage device detected [ 982.333372][ T34] usb-storage 6-1:252.191: Quirks match for vid 054c pid 0069: 1 [ 982.357540][T26298] netlink: 4 bytes leftover after parsing attributes in process `syz.2.24297'. [ 982.561442][T24293] usb 6-1: USB disconnect, device number 47 [ 982.790627][T26253] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 982.794993][T26253] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 982.798034][T26253] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 982.801487][T26253] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 982.804272][T26253] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 982.823515][T26315] fuse: Unknown parameter 'group_i00000000000000000000' [ 982.925380][T26313] chnl_net:caif_netlink_parms(): no params data found [ 983.008566][ T46] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 983.065892][T26313] bridge0: port 1(bridge_slave_0) entered blocking state [ 983.068474][T26313] bridge0: port 1(bridge_slave_0) entered disabled state [ 983.071139][T26313] bridge_slave_0: entered allmulticast mode [ 983.074050][T26313] bridge_slave_0: entered promiscuous mode [ 983.077959][T26313] bridge0: port 2(bridge_slave_1) entered blocking state [ 983.080506][T26313] bridge0: port 2(bridge_slave_1) entered disabled state [ 983.082977][T26313] bridge_slave_1: entered allmulticast mode [ 983.085858][T26313] bridge_slave_1: entered promiscuous mode [ 983.131978][ T46] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 983.142419][T26313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 983.151026][T26313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 983.207267][ T46] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 983.214535][T26313] team0: Port device team_slave_0 added [ 983.225427][T26313] team0: Port device team_slave_1 added [ 983.263594][T26313] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 983.266171][T26313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 983.274689][T26313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 983.291054][ T46] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 983.298410][T26313] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 983.300748][T26313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 983.310807][T26313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 983.357380][T26313] hsr_slave_0: entered promiscuous mode [ 983.359752][T26313] hsr_slave_1: entered promiscuous mode [ 983.362015][T26313] debugfs: 'hsr0' already exists in 'hsr' [ 983.364066][T26313] Cannot create hsr debugfs directory [ 983.416123][T26346] netlink: 12 bytes leftover after parsing attributes in process `syz.2.24313'. [ 983.490403][ T46] bridge_slave_1: left allmulticast mode [ 983.492290][ T46] bridge_slave_1: left promiscuous mode [ 983.494262][ T46] bridge0: port 2(bridge_slave_1) entered disabled state [ 983.504380][ T46] bridge_slave_0: left allmulticast mode [ 983.507579][ T46] bridge_slave_0: left promiscuous mode [ 983.510254][ T46] bridge0: port 1(bridge_slave_0) entered disabled state [ 983.622175][T26360] loop6: detected capacity change from 0 to 7 [ 983.627093][T26360] Dev loop6: unable to read RDB block 7 [ 983.628995][T26360] loop6: AHDI p1 p2 p3 [ 983.630396][T26360] loop6: partition table partially beyond EOD, truncated [ 983.632744][T26360] loop6: p1 start 4217409618 is beyond EOD, truncated [ 983.637009][T26360] loop6: p2 size 98 extends beyond EOD, truncated [ 983.664039][T20461] udevd[20461]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 983.761237][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 983.765785][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 983.769817][ T46] bond0 (unregistering): Released all slaves [ 983.840148][T26378] binder: 26377:26378 ioctl 4018620d 0 returned -22 [ 983.844134][T26378] binder: 26377:26378 ioctl c0306201 200000000300 returned -11 [ 984.062755][ T46] hsr_slave_0: left promiscuous mode [ 984.066168][ T46] hsr_slave_1: left promiscuous mode [ 984.102101][ T46] veth1_macvtap: left promiscuous mode [ 984.104834][ T46] veth0_macvtap: left promiscuous mode [ 984.107482][ T46] veth1_vlan: left promiscuous mode [ 984.110012][ T46] veth0_vlan: left promiscuous mode [ 984.154696][ T34] usb 8-1: new high-speed USB device number 64 using dummy_hcd [ 984.306453][ T34] usb 8-1: Using ep0 maxpacket: 16 [ 984.309427][ T34] usb 8-1: config 0 has an invalid interface number: 8 but max is 0 [ 984.312028][ T34] usb 8-1: config 0 has no interface number 0 [ 984.314166][ T34] usb 8-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 984.317996][ T34] usb 8-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 984.322401][ T34] usb 8-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 984.325431][ T34] usb 8-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 984.328062][ T34] usb 8-1: Product: syz [ 984.329487][ T34] usb 8-1: SerialNumber: syz [ 984.334992][ T34] usb 8-1: config 0 descriptor?? [ 984.338273][ T34] cm109 8-1:0.8: invalid payload size 0, expected 4 [ 984.343258][ T34] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.8/input/input70 [ 984.501602][T26395] fuse: Unknown parameter 'group_id00000000000000000000' [ 984.546391][ T24] usb 8-1: USB disconnect, device number 64 [ 984.549261][ C3] cm109 8-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 984.551556][ C3] cm109 8-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 984.557602][ T24] cm109 8-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 984.877206][T26253] Bluetooth: hci4: command tx timeout [ 984.883746][T26406] binder: BINDER_SET_CONTEXT_MGR already set [ 984.886044][T26406] binder: 26405:26406 ioctl 4018620d 200000000040 returned -16 [ 984.889815][T26406] binder: 26405:26406 ioctl c0306201 200000000300 returned -11 [ 985.139747][T26419] netlink: 9 bytes leftover after parsing attributes in process `syz.3.24344'. [ 985.281366][T26419] gretap0: entered promiscuous mode [ 985.371325][T26429] binder: 26428:26429 ioctl 400c620e 0 returned -14 [ 985.432733][T26313] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 985.437236][T26313] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 985.454341][T26313] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 985.461751][T26313] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 985.526403][T26454] binder: 26453:26454 ioctl c0306201 0 returned -14 [ 985.530279][T26454] binder: 26453:26454 ioctl c0306201 200000000300 returned -11 [ 985.531644][T26313] 8021q: adding VLAN 0 to HW filter on device bond0 [ 985.544244][T26313] 8021q: adding VLAN 0 to HW filter on device team0 [ 985.549574][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 985.551918][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 985.558447][T26868] bridge0: port 2(bridge_slave_1) entered blocking state [ 985.560793][T26868] bridge0: port 2(bridge_slave_1) entered forwarding state [ 985.674892][T24293] usb 7-1: new high-speed USB device number 82 using dummy_hcd [ 985.682726][T26313] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 985.706447][T26313] veth0_vlan: entered promiscuous mode [ 985.712416][T26313] veth1_vlan: entered promiscuous mode [ 985.735595][T26313] veth0_macvtap: entered promiscuous mode [ 985.740333][T26313] veth1_macvtap: entered promiscuous mode [ 985.743038][T26465] binder: 26464:26465 ioctl 400c620e 0 returned -14 [ 985.750134][T26313] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 985.758505][T26313] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 985.764917][T15073] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 985.769330][T15073] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 985.772699][T15073] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 985.777107][T26467] netlink: 9 bytes leftover after parsing attributes in process `syz.1.24355'. [ 985.777285][T15073] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 985.784275][T26467] gretap0: entered promiscuous mode [ 985.834901][T24293] usb 7-1: Using ep0 maxpacket: 8 [ 985.840365][T24293] usb 7-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77 [ 985.844250][T24293] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 985.847949][T26868] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 985.848056][T24293] usb 7-1: Product: syz [ 985.850685][T26868] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 985.854794][T24293] usb 7-1: Manufacturer: syz [ 985.856327][T24293] usb 7-1: SerialNumber: syz [ 985.861647][T26473] netlink: 12 bytes leftover after parsing attributes in process `syz.1.24359'. [ 985.864840][T24293] usb 7-1: config 0 descriptor?? [ 985.876585][T26868] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 985.877041][T24293] gspca_main: sq905-2.14.0 probing 2770:9120 [ 985.879518][T26868] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 985.962656][T26481] netlink: 40 bytes leftover after parsing attributes in process `syz.0.24300'. [ 986.026392][T26487] binder: 26486:26487 ioctl 400c620e 0 returned -14 [ 986.116727][T26491] fuse: Bad value for 'fd' [ 986.132262][T26500] netlink: 12 bytes leftover after parsing attributes in process `syz.1.24371'. [ 986.169988][T26504] netlink: 9 bytes leftover after parsing attributes in process `syz.0.24373'. [ 986.174444][T26504] gretap0: entered promiscuous mode [ 986.288976][T26515] binder: 26513:26515 ioctl 400c620e 0 returned -14 [ 986.380167][T26520] fuse: Bad value for 'fd' [ 986.554962][T12169] usb 8-1: new high-speed USB device number 65 using dummy_hcd [ 986.561391][T26537] netlink: 40 bytes leftover after parsing attributes in process `syz.0.24388'. [ 986.641651][T26545] binder: 26544:26545 ioctl 400c620e 0 returned -14 [ 986.715035][T12169] usb 8-1: Using ep0 maxpacket: 16 [ 986.719314][T12169] usb 8-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 986.722268][T12169] usb 8-1: config 1 has no interface number 1 [ 986.724449][T12169] usb 8-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 986.728350][T12169] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 986.732613][T12169] usb 8-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 986.739881][T12169] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 986.742870][T12169] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 986.745647][T12169] usb 8-1: Product: syz [ 986.747160][T12169] usb 8-1: Manufacturer: syz [ 986.748761][T12169] usb 8-1: SerialNumber: syz [ 986.878870][T24293] gspca_sq905: bulk read fail (-22) len 0/4 [ 986.881064][T24293] sq905 7-1:0.0: probe with driver sq905 failed with error -5 [ 986.945582][T26253] Bluetooth: hci4: command tx timeout [ 987.019623][T26557] netlink: 40 bytes leftover after parsing attributes in process `syz.1.24397'. [ 987.079507][T24293] usb 7-1: USB disconnect, device number 82 [ 987.159088][T12169] usb 8-1: 2:1: invalid format type 0x1001 is detected, processed as PCM [ 987.283478][ T40] audit: type=1400 audit(1763483453.781:751): avc: denied { setattr } for pid=26566 comm="syz.0.24400" name="NETLINK" dev="sockfs" ino=351969 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 987.680239][T26606] binder: BINDER_SET_CONTEXT_MGR already set [ 987.682365][T26606] binder: 26605:26606 ioctl 4018620d 200000000040 returned -16 [ 987.685596][T26606] binder: 26605:26606 ioctl c0306201 200000000300 returned -11 [ 987.989218][T12169] usb 8-1: USB disconnect, device number 65 [ 988.076811][T26626] fuse: Bad value for 'fd' [ 988.168281][T26632] binder: 26631:26632 ioctl 400c620e 0 returned -14 [ 988.263787][T26640] binder: 26639:26640 ioctl c0306201 200000000300 returned -11 [ 988.293819][T26642] netlink: 9 bytes leftover after parsing attributes in process `syz.1.24435'. [ 988.421227][T26647] fuse: Invalid rootmode [ 988.551147][T26657] binder: 26656:26657 ioctl 400c620e 0 returned -14 [ 988.611386][T26663] binder: 26661:26663 ioctl c0306201 200000000300 returned -11 [ 989.025007][T26253] Bluetooth: hci4: command tx timeout [ 989.174725][ T8370] usb 8-1: new high-speed USB device number 66 using dummy_hcd [ 989.336211][ T8370] usb 8-1: config 0 has no interfaces? [ 989.339850][ T8370] usb 8-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 989.342895][ T8370] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 989.346566][ T8370] usb 8-1: Product: syz [ 989.348101][ T8370] usb 8-1: Manufacturer: syz [ 989.349753][ T8370] usb 8-1: SerialNumber: syz [ 989.363286][ T8370] usb 8-1: config 0 descriptor?? [ 989.593040][T26668] netlink: 80 bytes leftover after parsing attributes in process `syz.3.24445'. [ 989.886620][T26713] netlink: 'syz.2.24467': attribute type 4 has an invalid length. [ 989.983843][T26725] netlink: 9 bytes leftover after parsing attributes in process `syz.0.24472'. [ 990.207957][T26748] binder: 26747:26748 ioctl 4018620d 0 returned -22 [ 990.211263][T26748] binder: 26747:26748 ioctl c0306201 200000000300 returned -11 [ 990.566056][T26772] binder: 26771:26772 ioctl 4018620d 0 returned -22 [ 990.569985][T26772] binder: 26771:26772 ioctl c0306201 200000000300 returned -11 [ 990.637828][T26776] gretap0: entered promiscuous mode [ 990.894527][T26784] fuse: Unknown parameter 'use00000000000000000000' [ 990.999463][T26792] input: syz0 as /devices/virtual/input/input71 [ 991.104760][T26253] Bluetooth: hci4: command tx timeout [ 991.356327][ T34] usb 6-1: new full-speed USB device number 48 using dummy_hcd [ 991.506736][ T34] usb 6-1: config 0 has an invalid interface number: 19 but max is 0 [ 991.510683][ T34] usb 6-1: config 0 has no interface number 0 [ 991.515000][ T34] usb 6-1: New USB device found, idVendor=2c7c, idProduct=0512, bcdDevice=f5.e9 [ 991.518036][ T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 991.520970][ T34] usb 6-1: Product: syz [ 991.522534][ T34] usb 6-1: Manufacturer: syz [ 991.524131][ T34] usb 6-1: SerialNumber: syz [ 991.527668][ T34] usb 6-1: config 0 descriptor?? [ 991.533184][T26813] vivid-000: disconnect [ 991.537714][T26812] vivid-000: reconnect [ 991.637775][T16063] usb 8-1: USB disconnect, device number 66 [ 991.735751][ T34] qmi_wwan 6-1:0.19: probe with driver qmi_wwan failed with error -22 [ 991.740574][ T34] usb 6-1: USB disconnect, device number 48 [ 991.845530][ T24] usb 5-1: new high-speed USB device number 68 using dummy_hcd [ 992.024728][ T24] usb 5-1: Using ep0 maxpacket: 16 [ 992.027940][ T24] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 992.031527][ T24] usb 5-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config [ 992.035332][ T24] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 992.038677][ T24] usb 5-1: config 1 has no interface number 1 [ 992.040878][ T24] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 992.045496][ T24] usb 5-1: config 1 interface 2 altsetting 1 has an endpoint descriptor with address 0x2E, changing to 0xE [ 992.049516][ T24] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0xE has an invalid bInterval 101, changing to 7 [ 992.053277][ T24] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0xE has invalid maxpacket 26214, setting to 1024 [ 992.058951][ T24] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 992.062249][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 992.066087][ T24] usb 5-1: Product: syz [ 992.068092][ T24] usb 5-1: Manufacturer: syz [ 992.070258][ T24] usb 5-1: SerialNumber: syz [ 992.079201][ T5294] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 992.084517][ T5294] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 992.088876][ T5294] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 992.092362][ T5294] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 992.096274][ T5294] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 992.216806][T26832] chnl_net:caif_netlink_parms(): no params data found [ 992.265910][T26838] __nla_validate_parse: 2 callbacks suppressed [ 992.265921][T26838] netlink: 9 bytes leftover after parsing attributes in process `syz.1.24522'. [ 992.281095][T26818] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 992.284253][T26818] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 992.329317][T26832] bridge0: port 1(bridge_slave_0) entered blocking state [ 992.331658][T26832] bridge0: port 1(bridge_slave_0) entered disabled state [ 992.334119][T26832] bridge_slave_0: entered allmulticast mode [ 992.337768][T26832] bridge_slave_0: entered promiscuous mode [ 992.343203][T26832] bridge0: port 2(bridge_slave_1) entered blocking state [ 992.345938][T26832] bridge0: port 2(bridge_slave_1) entered disabled state [ 992.348324][T26832] bridge_slave_1: entered allmulticast mode [ 992.351004][T26832] bridge_slave_1: entered promiscuous mode [ 992.403545][T26832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 992.411690][T26832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 992.461170][T26851] fuse: Unknown parameter 'user_i00000000000000000000' [ 992.465563][ T24] usb 5-1: 2:1 : no or invalid class specific endpoint descriptor [ 992.469343][ T24] usb 5-1: found format II with max.bitrate = 0, frame size=0 [ 992.471884][ T24] usb 5-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 992.485138][ T24] usb 5-1: USB disconnect, device number 68 [ 992.485697][ T61] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 992.498493][T20461] udevd[20461]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 992.499912][T26832] team0: Port device team_slave_0 added [ 992.506365][T26853] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=26853 comm=syz.2.24526 [ 992.510021][T26832] team0: Port device team_slave_1 added [ 992.511526][T26853] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=26853 comm=syz.2.24526 [ 992.528164][T26855] binder: 26854:26855 ioctl c0306201 0 returned -14 [ 992.551655][T26832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 992.554993][T26832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 992.563705][T26832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 992.569968][T26832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 992.572605][T26832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 992.582436][T26832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 992.606115][ T61] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 992.652465][T26832] hsr_slave_0: entered promiscuous mode [ 992.658763][T26832] hsr_slave_1: entered promiscuous mode [ 992.661546][T26832] debugfs: 'hsr0' already exists in 'hsr' [ 992.664279][T26832] Cannot create hsr debugfs directory [ 992.678261][ T61] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 992.691128][T26875] binder: 26874:26875 ioctl c0306201 0 returned -14 [ 992.693736][T26877] input: syz0 as /devices/virtual/input/input72 [ 992.733353][ T61] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 992.859675][ T61] bridge_slave_1: left allmulticast mode [ 992.861597][ T61] bridge_slave_1: left promiscuous mode [ 992.863546][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 992.870762][ T61] bridge_slave_0: left allmulticast mode [ 992.873293][ T61] bridge_slave_0: left promiscuous mode [ 992.878288][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 992.922442][T26895] input: syz0 as /devices/virtual/input/input73 [ 992.930505][T26897] input: syz0 as /devices/virtual/input/input74 [ 993.114106][T26908] fuse: Unknown parameter 'user_i00000000000000000000' [ 993.268643][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 993.272976][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 993.277575][ T61] bond0 (unregistering): Released all slaves [ 993.359334][ T61] tipc: Left network mode [ 993.635843][ T61] hsr_slave_0: left promiscuous mode [ 993.642923][ T61] hsr_slave_1: left promiscuous mode [ 993.671068][ T61] veth1_macvtap: left promiscuous mode [ 993.672962][ T61] veth0_macvtap: left promiscuous mode [ 993.675473][ T61] veth1_vlan: left promiscuous mode [ 993.677268][ T61] veth0_vlan: left promiscuous mode [ 993.760840][T26941] input: syz0 as /devices/virtual/input/input75 [ 993.968060][T26961] fuse: Bad value for 'fd' [ 994.147574][ T5294] Bluetooth: hci2: command tx timeout [ 994.317618][T26993] fuse: Bad value for 'fd' [ 994.424727][ T24] usb 5-1: new high-speed USB device number 69 using dummy_hcd [ 994.575122][ T24] usb 5-1: Using ep0 maxpacket: 32 [ 994.580414][ T24] usb 5-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 994.583957][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 994.590184][ T24] usb 5-1: config 0 descriptor?? [ 994.800109][ T24] usbhid 5-1:0.0: can't add hid device: -71 [ 994.802286][ T24] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 994.807110][ T24] usb 5-1: USB disconnect, device number 69 [ 994.821374][T27005] input: syz0 as /devices/virtual/input/input77 [ 995.046060][T26832] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 995.052669][T26832] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 995.061293][T26832] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 995.074160][T26832] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 995.139497][T26832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 995.151529][T26832] 8021q: adding VLAN 0 to HW filter on device team0 [ 995.157137][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 995.160068][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 995.167443][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 995.170693][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 995.317730][T26832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 995.358140][T26832] veth0_vlan: entered promiscuous mode [ 995.363038][T26832] veth1_vlan: entered promiscuous mode [ 995.382079][T26832] veth0_macvtap: entered promiscuous mode [ 995.387177][T26832] veth1_macvtap: entered promiscuous mode [ 995.401856][T26832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 995.409250][T26832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 995.427059][ T46] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 995.430115][ T46] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 995.433005][ T46] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 995.437819][ T46] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 995.479830][T15073] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 995.482579][T15073] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 995.496281][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 995.498953][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 995.533341][T27042] binder: 27041:27042 ioctl c0306201 0 returned -14 [ 995.537158][T27042] binder: 27041:27042 ioctl c0306201 200000000300 returned -11 [ 995.688985][T27056] netlink: 9 bytes leftover after parsing attributes in process `syz.2.24602'. [ 995.795156][T27066] netlink: 12 bytes leftover after parsing attributes in process `syz.2.24605'. [ 995.838320][T27071] binder: 27069:27071 ioctl c0306201 200000000300 returned -11 [ 996.232404][T27090] netlink: 12 bytes leftover after parsing attributes in process `syz.1.24617'. [ 996.235326][ T5294] Bluetooth: hci2: command tx timeout [ 996.309216][T27092] binder: 27091:27092 ioctl c0306201 200000000300 returned -11 [ 997.229185][T27131] binder: 27130:27131 ioctl 400c620e 0 returned -14 [ 997.377472][T27145] netlink: 9 bytes leftover after parsing attributes in process `syz.2.24643'. [ 997.437784][T27150] binder: 27149:27150 ioctl 400c620e 0 returned -14 [ 997.545579][T27161] fuse: Unknown parameter 'fd0x0000000000000007' [ 997.563819][T27164] binder: 27162:27164 ioctl c0306201 0 returned -14 [ 997.686943][T27179] netlink: 12 bytes leftover after parsing attributes in process `syz.3.24657'. [ 997.773474][T27192] binder: 27191:27192 ioctl 400c620e 0 returned -14 [ 997.901179][T27200] ALSA: seq fatal error: cannot create timer (-19) [ 998.067483][ T1425] ieee802154 phy0 wpan0: encryption failed: -22 [ 998.069913][ T1425] ieee802154 phy1 wpan1: encryption failed: -22 [ 998.292024][T27215] binder: 27214:27215 ioctl 400c620e 0 returned -14 [ 998.304752][ T5294] Bluetooth: hci2: command tx timeout [ 998.349150][T27219] binder: 27218:27219 ioctl c0306201 0 returned -14 [ 998.406175][T27225] iommufd_mock iommufd_mock0: Adding to iommu group 9 [ 998.468578][T27229] netlink: 12 bytes leftover after parsing attributes in process `syz.2.24682'. [ 998.545900][T27239] binder: 27238:27239 ioctl 400c620e 0 returned -14 [ 998.765172][T13492] usb 7-1: new high-speed USB device number 83 using dummy_hcd [ 998.914741][T13492] usb 7-1: Using ep0 maxpacket: 32 [ 998.925578][T13492] usb 7-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 998.929517][T13492] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 998.936957][T13492] usb 7-1: config 0 descriptor?? [ 999.143833][T13492] usbhid 7-1:0.0: can't add hid device: -71 [ 999.146212][T13492] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 999.151511][T13492] usb 7-1: USB disconnect, device number 83 [ 999.564728][T16063] usb 6-1: new high-speed USB device number 49 using dummy_hcd [ 999.724721][T16063] usb 6-1: Using ep0 maxpacket: 16 [ 999.731551][T16063] usb 6-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 999.736295][T16063] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 999.739299][T16063] usb 6-1: Product: syz [ 999.740812][T16063] usb 6-1: Manufacturer: syz [ 999.742397][T16063] usb 6-1: SerialNumber: syz [ 999.747281][T16063] usb 6-1: config 0 descriptor?? [ 999.750819][T16063] ssu100 6-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 1000.384780][ T5294] Bluetooth: hci2: command tx timeout [ 1000.390891][T27314] netlink: 12 bytes leftover after parsing attributes in process `syz.2.24720'. [ 1000.590050][T27338] netlink: 12 bytes leftover after parsing attributes in process `syz.0.24731'. [ 1000.668830][T27348] syz.3.24736 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 1000.698425][T27351] input: syz0 as /devices/virtual/input/input79 [ 1000.783860][T27365] input: syz0 as /devices/virtual/input/input80 [ 1000.937309][T27387] input: syz0 as /devices/virtual/input/input81 [ 1000.964505][T16063] ssu100 6-1:0.0: probe with driver ssu100 failed with error -71 [ 1000.973162][T16063] usb 6-1: USB disconnect, device number 49 [ 1001.315318][T27419] binder: 27418:27419 ioctl c0306201 0 returned -14 [ 1001.363508][T27425] netlink: 188 bytes leftover after parsing attributes in process `syz.2.24773'. [ 1001.371327][T27427] netlink: 12 bytes leftover after parsing attributes in process `syz.0.24774'. [ 1001.443311][T27437] netlink: 4 bytes leftover after parsing attributes in process `syz.2.24779'. [ 1001.457025][T27436] warning: `syz.3.24778' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 1001.478296][T27442] binder: 27441:27442 ioctl c0306201 0 returned -14 [ 1001.668784][T27462] binder: 27460:27462 ioctl 400c620e 0 returned -14 [ 1002.199690][T27483] binder: 27482:27483 ioctl 400c620e 0 returned -14 [ 1002.239133][T27485] netlink: 12 bytes leftover after parsing attributes in process `syz.0.24803'. [ 1002.439387][T27508] input: syz0 as /devices/virtual/input/input82 [ 1002.458305][T27512] netlink: 9 bytes leftover after parsing attributes in process `syz.2.24815'. [ 1002.484823][T27516] sock: sock_timestamping_bind_phc: sock not bind to device [ 1002.559836][T27528] netlink: 36 bytes leftover after parsing attributes in process `syz.2.24823'. [ 1002.573282][T27530] binder: 27529:27530 ioctl 400c620e 0 returned -14 [ 1002.610609][T27534] input: syz0 as /devices/virtual/input/input83 [ 1003.039830][T27551] binder: 27550:27551 ioctl 400c620e 0 returned -14 [ 1003.069572][T27553] netlink: 8 bytes leftover after parsing attributes in process `syz.1.24836'. [ 1003.322240][T27571] input: syz0 as /devices/virtual/input/input84 [ 1003.357011][T27573] netlink: 12 bytes leftover after parsing attributes in process `syz.3.24845'. [ 1003.434890][ T6003] usb 5-1: new high-speed USB device number 70 using dummy_hcd [ 1003.490666][T27577] kvm: pic: non byte write [ 1003.594755][ T6003] usb 5-1: Using ep0 maxpacket: 8 [ 1003.604062][ T6003] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1003.607393][ T6003] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 1003.610042][ T6003] usb 5-1: can't read configurations, error -71 [ 1003.692927][T27594] netlink: 12 bytes leftover after parsing attributes in process `syz.2.24855'. [ 1003.781270][T27604] binder: 27602:27604 ioctl 400c620e 0 returned -14 [ 1004.071436][T27614] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=27614 comm=syz.1.24866 [ 1004.105569][T27618] input: syz0 as /devices/virtual/input/input85 [ 1004.133405][T27622] binder: 27620:27622 ioctl 400c620e 0 returned -14 [ 1004.160104][T27627] binder_alloc: 27625: pid 27625 spamming oneway? 1 buffers allocated for a total size of 4096 [ 1004.166919][T27627] binder: 27625:27627 ioctl c0306201 0 returned -14 [ 1004.357539][T27652] binder_alloc: 27651: pid 27651 spamming oneway? 1 buffers allocated for a total size of 4096 [ 1004.361168][T27652] binder: 27651:27652 ioctl c0306201 0 returned -14 [ 1004.749618][T26253] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1004.755337][T26253] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1004.759687][T26253] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1004.763936][T26253] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1004.767442][T26253] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1004.859989][T27693] netlink: 9 bytes leftover after parsing attributes in process `syz.0.24899'. [ 1004.896379][T27683] chnl_net:caif_netlink_parms(): no params data found [ 1004.973655][T27709] input: syz0 as /devices/virtual/input/input86 [ 1004.985167][T27683] bridge0: port 1(bridge_slave_0) entered blocking state [ 1004.987620][T27683] bridge0: port 1(bridge_slave_0) entered disabled state [ 1004.990085][T27683] bridge_slave_0: entered allmulticast mode [ 1004.992914][T27683] bridge_slave_0: entered promiscuous mode [ 1005.004371][T27683] bridge0: port 2(bridge_slave_1) entered blocking state [ 1005.008244][T27683] bridge0: port 2(bridge_slave_1) entered disabled state [ 1005.010673][T27683] bridge_slave_1: entered allmulticast mode [ 1005.013372][T27683] bridge_slave_1: entered promiscuous mode [ 1005.060348][T27683] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1005.065346][T27683] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1005.106710][T27683] team0: Port device team_slave_0 added [ 1005.110820][T27683] team0: Port device team_slave_1 added [ 1005.166182][T27683] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1005.169069][T27683] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1005.179526][T27683] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1005.185394][T27683] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1005.188586][T27683] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1005.200666][T27683] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1005.246050][T27683] hsr_slave_0: entered promiscuous mode [ 1005.249249][T27683] hsr_slave_1: entered promiscuous mode [ 1005.251882][T27683] debugfs: 'hsr0' already exists in 'hsr' [ 1005.254215][T27683] Cannot create hsr debugfs directory [ 1005.304801][ T6019] usb 5-1: new high-speed USB device number 72 using dummy_hcd [ 1005.414792][T13492] usb 7-1: new high-speed USB device number 84 using dummy_hcd [ 1005.457145][ T6019] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 1005.460629][ T6019] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1005.484244][ T6019] usb 5-1: config 0 descriptor?? [ 1005.574734][T13492] usb 7-1: Using ep0 maxpacket: 8 [ 1005.579820][T13492] usb 7-1: unable to get BOS descriptor or descriptor too short [ 1005.585018][T13492] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1005.589573][T13492] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1005.593388][T13492] usb 7-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1005.597677][T13492] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1005.603738][T13492] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1005.606878][T13492] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1005.609492][T13492] usb 7-1: Product: syz [ 1005.610951][T13492] usb 7-1: Manufacturer: syz [ 1005.612554][T13492] usb 7-1: SerialNumber: syz [ 1005.686877][ T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1005.691322][ T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1005.695451][ T46] bond0 (unregistering): Released all slaves [ 1005.831672][T13492] usb 7-1: 0:2 : does not exist [ 1005.844463][T13492] usb 7-1: USB disconnect, device number 84 [ 1005.859257][T20461] udevd[20461]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1005.894154][ T6019] ath6kl: Failed to submit usb control message: -71 [ 1005.896701][ T6019] ath6kl: unable to send the bmi data to the device: -71 [ 1005.899010][ T6019] ath6kl: Unable to send get target info: -71 [ 1005.901591][ T6019] ath6kl: Failed to init ath6kl core: -71 [ 1005.907353][ T6019] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71 [ 1005.912098][ T6019] usb 5-1: USB disconnect, device number 72 [ 1005.967943][ T46] hsr_slave_0: left promiscuous mode [ 1005.970139][ T46] hsr_slave_1: left promiscuous mode [ 1006.051598][T27745] input: syz0 as /devices/virtual/input/input87 [ 1006.180102][T27751] input: syz0 as /devices/virtual/input/input88 [ 1006.788040][T26253] Bluetooth: hci0: command tx timeout [ 1007.273261][T27812] gretap0: left promiscuous mode [ 1007.275820][T16063] usb 7-1: new high-speed USB device number 85 using dummy_hcd [ 1007.422038][T27812] team0: left promiscuous mode [ 1007.424117][T27812] team0: left allmulticast mode [ 1007.428490][ T61] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1007.432754][ T61] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1007.438202][ T61] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1007.443088][ T61] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 1007.444687][T16063] usb 7-1: Using ep0 maxpacket: 32 [ 1007.449381][T16063] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1007.453824][T16063] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 1007.462394][T16063] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024 [ 1007.468145][T16063] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024 [ 1007.471938][T16063] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1007.478540][T16063] usb 7-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 1007.487864][T16063] usb 7-1: New USB device found, idVendor=072f, idProduct=2200, bcdDevice=3f.bf [ 1007.491490][T16063] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1007.495454][T16063] usb 7-1: Product: syz [ 1007.497600][T16063] usb 7-1: Manufacturer: syz [ 1007.499230][T16063] usb 7-1: SerialNumber: syz [ 1007.505719][T16063] usb 7-1: config 0 descriptor?? [ 1007.509757][T27813] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1007.513489][T16063] pn533_usb 7-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint [ 1007.555689][T27683] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1007.556913][ T6003] usb 5-1: new high-speed USB device number 73 using dummy_hcd [ 1007.564161][T27683] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1007.569929][T27683] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1007.575054][T27683] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1007.627493][T27683] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1007.636965][T27683] 8021q: adding VLAN 0 to HW filter on device team0 [ 1007.644264][T15073] bridge0: port 1(bridge_slave_0) entered blocking state [ 1007.646836][T15073] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1007.654404][T15073] bridge0: port 2(bridge_slave_1) entered blocking state [ 1007.657652][T15073] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1007.704923][ T6003] usb 5-1: Using ep0 maxpacket: 8 [ 1007.711038][ T6003] usb 5-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d [ 1007.716929][ T6003] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1007.720375][ T6003] usb 5-1: Product: syz [ 1007.722224][ T6003] usb 5-1: Manufacturer: syz [ 1007.724261][ T6003] usb 5-1: SerialNumber: syz [ 1007.727080][T27811] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1007.729498][ T6003] usb 5-1: config 0 descriptor?? [ 1007.732952][T27811] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1007.734438][ T6003] gspca_main: sonixj-2.14.0 probing 0c45:613e [ 1007.784727][T27683] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1007.808279][T27683] veth0_vlan: entered promiscuous mode [ 1007.813461][T27683] veth1_vlan: entered promiscuous mode [ 1007.832956][T27683] veth0_macvtap: entered promiscuous mode [ 1007.838901][T27683] veth1_macvtap: entered promiscuous mode [ 1007.857751][T27683] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1007.864454][T27683] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1007.871353][T15073] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1007.874349][T15073] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1007.881066][T15073] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1007.884126][T15073] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1007.923627][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1007.926827][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1007.942377][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1007.945416][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1007.989235][T27863] binder: 27862:27863 ioctl 400c620e 0 returned -14 [ 1008.024511][T27865] netlink: 9 bytes leftover after parsing attributes in process `syz.1.24961'. [ 1008.029179][T27865] gretap0: entered promiscuous mode [ 1008.518356][ T8370] usb 7-1: USB disconnect, device number 85 [ 1008.783185][T27874] input: syz0 as /devices/virtual/input/input89 [ 1008.864863][T26253] Bluetooth: hci0: command tx timeout [ 1009.039973][ T40] audit: type=1804 audit(1763483475.541:752): pid=27884 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.3.24968" name="/newroot/100/file1" dev="fuse" ino=1 res=1 errno=0 [ 1009.089358][T27891] binder_alloc: 27890: pid 27890 spamming oneway? 1 buffers allocated for a total size of 4096 [ 1009.810258][T27896] input: syz0 as /devices/virtual/input/input90 [ 1009.868091][T27900] netlink: 24 bytes leftover after parsing attributes in process `syz.3.24975'. [ 1010.147386][ T6003] gspca_sonixj: reg_w err -71 [ 1010.150003][ T6003] sonixj 5-1:0.0: probe with driver sonixj failed with error -71 [ 1010.155547][ T6003] usb 5-1: USB disconnect, device number 73 [ 1010.327166][ T40] audit: type=1326 audit(1763483476.831:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27931 comm="syz.2.24991" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c89d8f6c9 code=0x7ffc0000 [ 1010.337110][ T40] audit: type=1326 audit(1763483476.831:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27931 comm="syz.2.24991" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c89d8f6c9 code=0x7ffc0000 [ 1010.345954][ T40] audit: type=1326 audit(1763483476.831:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27931 comm="syz.2.24991" exe="/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7f6c89d8f6c9 code=0x7ffc0000 [ 1010.355270][ T40] audit: type=1326 audit(1763483476.831:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27931 comm="syz.2.24991" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c89d8f6c9 code=0x7ffc0000 [ 1010.362904][ T40] audit: type=1326 audit(1763483476.831:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27931 comm="syz.2.24991" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c89d8f6c9 code=0x7ffc0000 [ 1010.420284][T27934] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1010.454753][T16063] usb 8-1: new high-speed USB device number 67 using dummy_hcd [ 1010.614970][T16063] usb 8-1: Using ep0 maxpacket: 32 [ 1010.619403][T16063] usb 8-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 1010.623402][T16063] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1010.629282][T16063] usb 8-1: config 0 descriptor?? [ 1010.650795][T27939] team0: Device gtp0 is up. Set it down before adding it as a team port [ 1010.839566][T16063] usbhid 8-1:0.0: can't add hid device: -71 [ 1010.842306][T16063] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 1010.855915][T16063] usb 8-1: USB disconnect, device number 67 [ 1010.944754][T26253] Bluetooth: hci0: command tx timeout [ 1011.779423][T27974] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1011.797841][T27977] netlink: 76 bytes leftover after parsing attributes in process `syz.0.25011'. [ 1011.866162][T27981] netlink: 9 bytes leftover after parsing attributes in process `syz.0.25013'. [ 1012.174336][T28003] netlink: 9 bytes leftover after parsing attributes in process `syz.1.25024'. [ 1012.387564][T28025] netlink: 9 bytes leftover after parsing attributes in process `syz.1.25033'. [ 1012.834729][ T54] usb 6-1: new full-speed USB device number 50 using dummy_hcd [ 1012.952014][T28055] netlink: 9 bytes leftover after parsing attributes in process `syz.0.25047'. [ 1012.986859][ T54] usb 6-1: config 4 has an invalid interface number: 231 but max is 0 [ 1012.990587][ T54] usb 6-1: config 4 has no interface number 0 [ 1013.006868][ T54] usb 6-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d [ 1013.011093][ T54] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1013.028088][ T54] usb 6-1: Product: syz [ 1013.031039][ T54] usb 6-1: Manufacturer: syz [ 1013.033319][ T54] usb 6-1: SerialNumber: syz [ 1013.034756][T26253] Bluetooth: hci0: command tx timeout [ 1013.048956][ T54] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state. [ 1013.453647][ T54] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 1013.457330][ T54] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19) [ 1013.658059][ T54] usb 6-1: USB disconnect, device number 50 [ 1013.798217][T28069] input: syz0 as /devices/virtual/input/input91 [ 1013.838375][T28071] binder_alloc: 28070: pid 28070 spamming oneway? 1 buffers allocated for a total size of 4096 [ 1013.909506][T28078] netlink: 9 bytes leftover after parsing attributes in process `syz.2.25057'. [ 1013.912650][T28078] gretap0: entered promiscuous mode [ 1014.041577][T28092] binder: 28091:28092 ioctl 400c620e 0 returned -14 [ 1014.149890][T28100] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1014.234979][T28105] input: syz0 as /devices/virtual/input/input92 [ 1014.628041][T28130] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1014.640056][ T40] audit: type=1804 audit(1763483481.141:758): pid=28123 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.0.25079" name="/newroot/194/file1" dev="fuse" ino=1 res=1 errno=0 [ 1014.687679][T28133] netlink: 'syz.2.25077': attribute type 4 has an invalid length. [ 1014.836550][T28147] netlink: 20 bytes leftover after parsing attributes in process `syz.1.25089'. [ 1014.890074][T28151] netlink: 9 bytes leftover after parsing attributes in process `syz.1.25091'. [ 1014.972435][T28155] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1015.245048][ T6003] usb 8-1: new high-speed USB device number 68 using dummy_hcd [ 1015.272933][T28169] netlink: 'syz.1.25100': attribute type 4 has an invalid length. [ 1015.344603][T28173] netlink: 9 bytes leftover after parsing attributes in process `syz.1.25102'. [ 1015.396899][T28177] netlink: 20 bytes leftover after parsing attributes in process `syz.0.25104'. [ 1015.414773][ T6003] usb 8-1: Using ep0 maxpacket: 32 [ 1015.417843][ T6003] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1015.421091][ T6003] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1015.435404][ T6003] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1015.438751][ T6003] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1015.443753][ T6003] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1015.447584][ T6003] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 1015.453386][ T6003] usb 8-1: New USB device found, idVendor=04e7, idProduct=6651, bcdDevice=ba.8a [ 1015.456788][ T6003] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1015.460242][ T6003] usb 8-1: Product: syz [ 1015.461605][ T6003] usb 8-1: Manufacturer: syz [ 1015.463185][ T6003] usb 8-1: SerialNumber: syz [ 1015.466223][ T6003] usb 8-1: config 0 descriptor?? [ 1015.469473][ T6003] usb 8-1: bad CDC descriptors [ 1015.471454][ T6003] cdc_acm 8-1:0.0: Zero length descriptor references [ 1015.473663][ T6003] cdc_acm 8-1:0.0: probe with driver cdc_acm failed with error -22 [ 1015.476407][ T40] audit: type=1400 audit(1763483481.981:759): avc: denied { setopt } for pid=28182 comm="syz.0.25106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 1015.578251][T28189] input: syz0 as /devices/virtual/input/input93 [ 1015.624745][ T24] usb 6-1: new high-speed USB device number 51 using dummy_hcd [ 1015.672342][ T34] usb 8-1: USB disconnect, device number 68 [ 1015.774725][ T24] usb 6-1: Using ep0 maxpacket: 32 [ 1015.777776][ T24] usb 6-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 1015.780792][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1015.784542][ T24] usb 6-1: config 0 descriptor?? [ 1015.820615][T28203] netlink: 'syz.0.25115': attribute type 4 has an invalid length. [ 1015.992184][ T24] usbhid 6-1:0.0: can't add hid device: -71 [ 1015.994319][ T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 1016.001888][ T24] usb 6-1: USB disconnect, device number 51 [ 1016.144710][ T34] usb 5-1: new high-speed USB device number 74 using dummy_hcd [ 1016.237601][ T40] audit: type=1326 audit(1763483482.741:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28214 comm="syz.3.25121" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f016a18f6c9 code=0x0 [ 1016.314697][ T34] usb 5-1: Using ep0 maxpacket: 16 [ 1016.319337][ T34] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 1016.322479][ T34] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 1016.325564][ T34] usb 5-1: Product: syz [ 1016.327303][ T34] usb 5-1: Manufacturer: syz [ 1016.329388][ T34] usb 5-1: SerialNumber: syz [ 1016.333175][ T34] usb 5-1: config 0 descriptor?? [ 1016.539367][ T34] usb 5-1: USB disconnect, device number 74 [ 1016.958760][T28244] netlink: 12 bytes leftover after parsing attributes in process `syz.2.25131'. [ 1017.098182][T28257] input: syz0 as /devices/virtual/input/input94 [ 1017.138966][T28263] netlink: 12 bytes leftover after parsing attributes in process `syz.2.25144'. [ 1017.544831][T13492] usb 8-1: new high-speed USB device number 69 using dummy_hcd [ 1017.715920][T13492] usb 8-1: New USB device found, idVendor=11ff, idProduct=3331, bcdDevice= 0.00 [ 1017.718975][T13492] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1017.723557][T13492] usb 8-1: config 0 descriptor?? [ 1018.139711][T13492] gembird 0003:11FF:3331.0014: unknown main item tag 0x0 [ 1018.142006][T13492] gembird 0003:11FF:3331.0014: item fetching failed at offset 3/5 [ 1018.155331][T13492] gembird 0003:11FF:3331.0014: probe with driver gembird failed with error -22 [ 1018.345502][ T6003] usb 8-1: USB disconnect, device number 69 [ 1018.584800][ T34] usb 5-1: new high-speed USB device number 75 using dummy_hcd [ 1018.744794][ T34] usb 5-1: Using ep0 maxpacket: 32 [ 1018.748764][ T34] usb 5-1: config 0 has an invalid interface number: 188 but max is 0 [ 1018.752263][ T34] usb 5-1: config 0 has no interface number 0 [ 1018.755200][ T34] usb 5-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32 [ 1018.761536][ T34] usb 5-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 1018.765489][ T34] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1018.768989][ T34] usb 5-1: Product: syz [ 1018.770821][ T34] usb 5-1: Manufacturer: syz [ 1018.773104][ T34] usb 5-1: SerialNumber: syz [ 1018.785265][ T34] usb 5-1: config 0 descriptor?? [ 1018.788377][T28322] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 1018.933308][ T40] audit: type=1400 audit(1763483485.431:761): avc: denied { relabelfrom } for pid=28331 comm="syz.2.25175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 1018.940788][ T40] audit: type=1400 audit(1763483485.431:762): avc: denied { relabelto } for pid=28331 comm="syz.2.25175" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 1018.953655][T28334] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1018.997647][T28322] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 1019.122803][T28341] netlink: 9 bytes leftover after parsing attributes in process `syz.1.25179'. [ 1019.202162][ T40] audit: type=1326 audit(1763483485.701:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28348 comm="syz.2.25182" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c89d8f6c9 code=0x7ffc0000 [ 1019.210343][ T40] audit: type=1326 audit(1763483485.701:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28348 comm="syz.2.25182" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c89d8f6c9 code=0x7ffc0000 [ 1019.221513][ T40] audit: type=1326 audit(1763483485.711:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28348 comm="syz.2.25182" exe="/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7f6c89d8f6c9 code=0x7ffc0000 [ 1019.229556][ T40] audit: type=1326 audit(1763483485.711:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28348 comm="syz.2.25182" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c89d8f6c9 code=0x7ffc0000 [ 1019.336024][T28361] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1019.367707][ T40] audit: type=1400 audit(1763483485.871:767): avc: denied { append } for pid=28365 comm="syz.1.25190" name="event0" dev="devtmpfs" ino=941 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 1019.446590][T28372] netlink: 9 bytes leftover after parsing attributes in process `syz.1.25193'. [ 1019.513607][T28380] input: syz0 as /devices/virtual/input/input95 [ 1019.734414][T28396] input: syz0 as /devices/virtual/input/input96 [ 1020.345211][T28409] input: syz0 as /devices/virtual/input/input97 [ 1020.530801][T28430] netlink: 4 bytes leftover after parsing attributes in process `syz.1.25217'. [ 1020.570794][T28432] input: syz0 as /devices/virtual/input/input98 [ 1020.625954][T28430] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1020.632296][T28430] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1020.639176][T28430] bond0 (unregistering): Released all slaves [ 1020.829509][T28452] netlink: 9 bytes leftover after parsing attributes in process `syz.2.25228'. [ 1021.425269][ T34] asix 5-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x8001: -71 [ 1021.446813][T28482] vcan0: tx drop: invalid sa for name 0x0000000000000001 [ 1021.525088][ T34] asix 5-1:0.188: probe with driver asix failed with error -71 [ 1021.552972][T28487] binder: 28486:28487 ioctl 40046205 0 returned -22 [ 1021.583651][ T34] usb 5-1: USB disconnect, device number 75 [ 1021.994703][ T8370] usb 6-1: new full-speed USB device number 52 using dummy_hcd [ 1022.021447][T28501] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1022.157255][ T8370] usb 6-1: config 0 has an invalid interface number: 133 but max is 0 [ 1022.160105][ T8370] usb 6-1: config 0 has no interface number 0 [ 1022.162135][ T8370] usb 6-1: config 0 interface 133 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1022.167905][ T8370] usb 6-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 1022.170855][ T8370] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1022.173477][ T8370] usb 6-1: Product: syz [ 1022.175147][ T8370] usb 6-1: Manufacturer: syz [ 1022.176716][ T8370] usb 6-1: SerialNumber: syz [ 1022.185202][ T8370] usb 6-1: config 0 descriptor?? [ 1022.396323][ T8370] keyspan 6-1:0.133: Keyspan 1 port adapter converter detected [ 1022.399645][ T8370] keyspan 6-1:0.133: unsupported endpoint type 0 [ 1022.403315][ T8370] keyspan 6-1:0.133: found no endpoint descriptor for endpoint 81 [ 1022.409026][ T8370] keyspan 6-1:0.133: found no endpoint descriptor for endpoint 1 [ 1022.411625][ T8370] keyspan 6-1:0.133: found no endpoint descriptor for endpoint 2 [ 1022.417225][ T8370] usb 6-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 1022.439306][ T8370] usb 6-1: USB disconnect, device number 52 [ 1022.449764][ T8370] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 1022.453699][ T8370] keyspan 6-1:0.133: device disconnected [ 1022.501700][T28518] netlink: 9 bytes leftover after parsing attributes in process `syz.3.25256'. [ 1022.507060][T28518] gretap0: entered promiscuous mode [ 1022.596727][T28524] input: syz0 as /devices/virtual/input/input99 [ 1022.628778][T28526] binder: 28525:28526 ioctl 40046205 0 returned -22 [ 1022.954316][T28542] netlink: 'syz.1.25268': attribute type 4 has an invalid length. [ 1023.223877][T28576] binder: 28574:28576 ioctl 40046205 0 returned -22 [ 1023.346720][T28591] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 16 [ 1023.412750][T28599] binder: 28597:28599 ioctl 40046205 0 returned -22 [ 1024.230256][T28627] binder: 28626:28627 ioctl 40046205 0 returned -22 [ 1024.396306][T28650] binder: 28648:28650 ioctl 40046205 0 returned -22 [ 1024.405303][ T54] usb 7-1: new high-speed USB device number 86 using dummy_hcd [ 1024.565515][ T54] usb 7-1: Using ep0 maxpacket: 32 [ 1024.573097][ T54] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 1024.581904][ T54] usb 7-1: config 0 has no interface number 0 [ 1024.587596][ T54] usb 7-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=2c.d8 [ 1024.592962][ T54] usb 7-1: New USB device strings: Mfr=193, Product=2, SerialNumber=3 [ 1024.598760][ T54] usb 7-1: Product: syz [ 1024.601819][ T54] usb 7-1: Manufacturer: syz [ 1024.603902][ T54] usb 7-1: SerialNumber: syz [ 1024.610432][ T54] usb 7-1: config 0 descriptor?? [ 1024.615834][ T54] usb 7-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state [ 1024.620038][ T54] usb 7-1: selecting invalid altsetting 1 [ 1024.622784][ T54] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22 [ 1024.631195][ T54] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 1024.637879][ T54] dvbdev: DVB: registering new adapter (Intel CE9500 reference design) [ 1024.641634][ T54] usb 7-1: media controller created [ 1024.643592][T28665] input: syz0 as /devices/virtual/input/input100 [ 1024.677202][ T54] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1024.827607][ T54] usb 7-1: dvb_usb_ce6230: usb_control_msg() failed=-71 [ 1024.830864][ T54] zl10353_read_register: readreg error (reg=127, ret==-71) [ 1024.836596][ T54] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-71 [ 1024.859951][ T54] usb 7-1: USB disconnect, device number 86 [ 1024.909526][T28675] binder: 28674:28675 ioctl 40046205 0 returned -22 [ 1025.414326][T28683] netlink: 'syz.1.25333': attribute type 4 has an invalid length. [ 1025.655993][T12169] usb 7-1: new high-speed USB device number 87 using dummy_hcd [ 1025.748099][T28700] input: syz0 as /devices/virtual/input/input101 [ 1025.806268][T12169] usb 7-1: Using ep0 maxpacket: 32 [ 1025.810376][T12169] usb 7-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 1025.813242][T12169] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1025.821805][T12169] usb 7-1: config 0 descriptor?? [ 1025.850307][T28710] netlink: 'syz.1.25345': attribute type 4 has an invalid length. [ 1025.892497][T28712] netlink: 9 bytes leftover after parsing attributes in process `syz.1.25346'. [ 1026.029205][T12169] usbhid 7-1:0.0: can't add hid device: -71 [ 1026.031388][T12169] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 1026.037525][T12169] usb 7-1: USB disconnect, device number 87 [ 1026.087425][T28719] input: syz0 as /devices/virtual/input/input102 [ 1026.126913][T28721] binder: 28720:28721 ioctl 40046205 0 returned -22 [ 1026.350812][T28733] input: syz0 as /devices/virtual/input/input103 [ 1026.688801][T28749] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1026.911330][T28764] netlink: 'syz.3.25371': attribute type 4 has an invalid length. [ 1026.972495][T28766] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1027.231860][T28789] netlink: 'syz.0.25382': attribute type 4 has an invalid length. [ 1027.469775][T28806] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1027.644023][T28820] input: syz0 as /devices/virtual/input/input104 [ 1027.699902][T28824] netlink: 'syz.1.25398': attribute type 4 has an invalid length. [ 1028.046147][ T6019] usb 5-1: new full-speed USB device number 76 using dummy_hcd [ 1028.063849][T28846] netlink: 'syz.3.25407': attribute type 4 has an invalid length. [ 1028.148053][T28856] binder: 28855:28856 ioctl 40046205 0 returned -22 [ 1028.153031][T28858] loop9: detected capacity change from 0 to 7 [ 1028.155993][T28858] Buffer I/O error on dev loop9, logical block 0, async page read [ 1028.159380][T28858] Buffer I/O error on dev loop9, logical block 0, async page read [ 1028.162041][T28858] Buffer I/O error on dev loop9, logical block 0, async page read [ 1028.164758][T28858] Buffer I/O error on dev loop9, logical block 0, async page read [ 1028.167397][T28858] Buffer I/O error on dev loop9, logical block 0, async page read [ 1028.170099][T28858] Buffer I/O error on dev loop9, logical block 0, async page read [ 1028.173184][T28858] Buffer I/O error on dev loop9, logical block 0, async page read [ 1028.179112][T28858] ldm_validate_partition_table(): Disk read failed. [ 1028.181764][T28858] Buffer I/O error on dev loop9, logical block 0, async page read [ 1028.185248][T28858] Buffer I/O error on dev loop9, logical block 0, async page read [ 1028.189013][T28858] Buffer I/O error on dev loop9, logical block 0, async page read [ 1028.192642][T28858] Dev loop9: unable to read RDB block 0 [ 1028.194922][T28858] loop9: unable to read partition table [ 1028.196924][T28858] loop9: partition table beyond EOD, truncated [ 1028.198939][T28858] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 1028.198939][T28858] ) failed (rc=-5) [ 1028.229144][ T6019] usb 5-1: config 0 has an invalid interface number: 133 but max is 0 [ 1028.231818][ T6019] usb 5-1: config 0 has no interface number 0 [ 1028.234105][ T6019] usb 5-1: config 0 interface 133 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1028.240681][ T6019] usb 5-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 1028.244552][ T6019] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1028.249752][ T6019] usb 5-1: Product: syz [ 1028.251690][ T6019] usb 5-1: Manufacturer: syz [ 1028.253756][ T6019] usb 5-1: SerialNumber: syz [ 1028.260692][ T6019] usb 5-1: config 0 descriptor?? [ 1028.317009][T28868] netlink: 'syz.2.25418': attribute type 4 has an invalid length. [ 1028.471551][ T6019] keyspan 5-1:0.133: Keyspan 1 port adapter converter detected [ 1028.474149][ T6019] keyspan 5-1:0.133: unsupported endpoint type 0 [ 1028.478317][ T6019] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 81 [ 1028.482205][ T6019] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 1 [ 1028.485168][ T6019] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 2 [ 1028.491840][ T6019] usb 5-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 1028.496509][ T6019] usb 5-1: USB disconnect, device number 76 [ 1028.502985][ T6019] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 1028.507109][ T6019] keyspan 5-1:0.133: device disconnected [ 1028.754741][ T34] usb 7-1: new high-speed USB device number 88 using dummy_hcd [ 1028.904725][ T34] usb 7-1: Using ep0 maxpacket: 32 [ 1028.908783][ T34] usb 7-1: config 0 has an invalid interface number: 146 but max is 0 [ 1028.912797][ T34] usb 7-1: config 0 has no interface number 0 [ 1028.916003][ T34] usb 7-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1028.920805][ T34] usb 7-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83 [ 1028.926265][ T34] usb 7-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024 [ 1028.931166][ T34] usb 7-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024 [ 1028.935043][ T34] usb 7-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82 [ 1028.938667][ T34] usb 7-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1028.941871][ T34] usb 7-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 1028.945361][ T34] usb 7-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 1028.948557][ T34] usb 7-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3 [ 1028.955036][ T34] usb 7-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95 [ 1028.957950][ T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1028.960541][ T34] usb 7-1: Product: syz [ 1028.961924][ T34] usb 7-1: Manufacturer: syz [ 1028.963422][ T34] usb 7-1: SerialNumber: syz [ 1028.966812][ T34] usb 7-1: config 0 descriptor?? [ 1028.969093][T28882] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 1028.972641][ T34] microtek usb (rev 0.4.3): can only deal with bulk endpoints; endpoint 1 is not bulk. [ 1028.976156][ T34] microtek usb (rev 0.4.3): couldn't find an output bulk endpoint. Bailing out. [ 1029.013637][T28895] netlink: 'syz.0.25430': attribute type 4 has an invalid length. [ 1029.088840][T28904] input: syz0 as /devices/virtual/input/input105 [ 1029.174715][ T34] usb 7-1: USB disconnect, device number 88 [ 1029.402165][T28922] netlink: 'syz.0.25442': attribute type 4 has an invalid length. [ 1029.402489][T28923] binder: 28920:28923 ioctl 40046205 0 returned -22 [ 1029.434508][T28925] input: syz0 as /devices/virtual/input/input106 [ 1029.651717][T28946] netlink: 'syz.1.25452': attribute type 4 has an invalid length. [ 1029.693085][T28951] binder: 28949:28951 ioctl 40046205 0 returned -22 [ 1029.713691][T28954] input: syz0 as /devices/virtual/input/input107 [ 1030.924720][ T24] usb 5-1: new full-speed USB device number 77 using dummy_hcd [ 1031.069144][T29048] input: syz0 as /devices/virtual/input/input108 [ 1031.076719][ T24] usb 5-1: config 0 has an invalid interface number: 133 but max is 0 [ 1031.081453][ T24] usb 5-1: config 0 has no interface number 0 [ 1031.083805][ T24] usb 5-1: config 0 interface 133 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1031.090774][ T24] usb 5-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 1031.104255][ T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1031.107174][ T24] usb 5-1: Product: syz [ 1031.108631][ T24] usb 5-1: Manufacturer: syz [ 1031.110223][ T24] usb 5-1: SerialNumber: syz [ 1031.118320][ T24] usb 5-1: config 0 descriptor?? [ 1031.333787][ T24] keyspan 5-1:0.133: Keyspan 1 port adapter converter detected [ 1031.337663][ T24] keyspan 5-1:0.133: unsupported endpoint type 0 [ 1031.340744][ T24] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 81 [ 1031.343354][ T24] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 1 [ 1031.346519][ T24] keyspan 5-1:0.133: found no endpoint descriptor for endpoint 2 [ 1031.350040][ T24] usb 5-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 1031.365100][ T24] usb 5-1: USB disconnect, device number 77 [ 1031.369102][ T24] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 1031.372837][ T24] keyspan 5-1:0.133: device disconnected [ 1031.554757][T29074] input: syz0 as /devices/virtual/input/input109 [ 1031.623619][T29081] binder: 29080:29081 ioctl 40046205 0 returned -22 [ 1031.659300][T29084] input: syz0 as /devices/virtual/input/input110 [ 1031.879740][T29107] input: syz0 as /devices/virtual/input/input111 [ 1032.251517][T29132] input: syz0 as /devices/virtual/input/input112 [ 1032.286278][T12169] usb 6-1: new full-speed USB device number 53 using dummy_hcd [ 1032.400824][T29140] kvm: kvm [29139]: vcpu0, guest rIP: 0x8000000 Unhandled WRMSR(0x40000030) = 0x0 [ 1032.436074][T12169] usb 6-1: config 0 has an invalid interface number: 133 but max is 0 [ 1032.438712][T12169] usb 6-1: config 0 has no interface number 0 [ 1032.440948][T12169] usb 6-1: config 0 interface 133 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 1032.445553][T12169] usb 6-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d [ 1032.448246][T12169] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1032.451186][T12169] usb 6-1: Product: syz [ 1032.452479][T12169] usb 6-1: Manufacturer: syz [ 1032.453982][T12169] usb 6-1: SerialNumber: syz [ 1032.461799][T12169] usb 6-1: config 0 descriptor?? [ 1032.620481][T29149] input: syz0 as /devices/virtual/input/input113 [ 1032.669865][T12169] keyspan 6-1:0.133: Keyspan 1 port adapter converter detected [ 1032.672956][T12169] keyspan 6-1:0.133: unsupported endpoint type 0 [ 1032.676998][T12169] keyspan 6-1:0.133: found no endpoint descriptor for endpoint 81 [ 1032.680106][T12169] keyspan 6-1:0.133: found no endpoint descriptor for endpoint 1 [ 1032.683393][T12169] keyspan 6-1:0.133: found no endpoint descriptor for endpoint 2 [ 1032.687708][T12169] usb 6-1: Keyspan 1 port adapter converter now attached to ttyUSB0 [ 1032.695492][T12169] usb 6-1: USB disconnect, device number 53 [ 1032.702625][T12169] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0 [ 1032.712754][T12169] keyspan 6-1:0.133: device disconnected [ 1032.768642][T29159] netlink: 'syz.2.25545': attribute type 4 has an invalid length. [ 1033.034733][ T34] usb 5-1: new high-speed USB device number 78 using dummy_hcd [ 1033.194721][ T34] usb 5-1: Using ep0 maxpacket: 32 [ 1033.198785][ T34] usb 5-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 1033.202784][ T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1033.209038][ T34] usb 5-1: config 0 descriptor?? [ 1033.417829][ T34] usbhid 5-1:0.0: can't add hid device: -71 [ 1033.426052][ T34] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 1033.436272][ T34] usb 5-1: USB disconnect, device number 78 [ 1033.708715][T29183] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1033.874896][T29186] input: syz0 as /devices/virtual/input/input114 [ 1034.027329][T29194] kvm: kvm [29193]: vcpu0, guest rIP: 0x8000000 Unhandled WRMSR(0x40000030) = 0x0 [ 1034.224758][T12169] usb 5-1: new high-speed USB device number 79 using dummy_hcd [ 1034.374851][T12169] usb 5-1: Using ep0 maxpacket: 32 [ 1034.379532][T12169] usb 5-1: config 0 has an invalid interface number: 219 but max is 0 [ 1034.383094][T12169] usb 5-1: config 0 has no interface number 0 [ 1034.389790][T12169] usb 5-1: config 0 interface 219 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B [ 1034.395141][T12169] usb 5-1: config 0 interface 219 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024 [ 1034.399785][T12169] usb 5-1: config 0 interface 219 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 1034.404182][T12169] usb 5-1: config 0 interface 219 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 1034.408427][T12169] usb 5-1: config 0 interface 219 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 1034.414525][T12169] usb 5-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9 [ 1034.418931][T12169] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1034.422387][T12169] usb 5-1: Product: syz [ 1034.424204][T12169] usb 5-1: Manufacturer: syz [ 1034.426589][T12169] usb 5-1: SerialNumber: syz [ 1034.431152][T12169] usb 5-1: config 0 descriptor?? [ 1034.433345][T29192] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1034.508045][T29226] binder: 29225:29226 ioctl 40046205 0 returned -22 [ 1034.538459][T29228] loop9: detected capacity change from 0 to 7 [ 1034.541170][T29228] buffer_io_error: 9 callbacks suppressed [ 1034.541179][T29228] Buffer I/O error on dev loop9, logical block 0, async page read [ 1034.546892][T29228] Buffer I/O error on dev loop9, logical block 0, async page read [ 1034.549767][T29228] Buffer I/O error on dev loop9, logical block 0, async page read [ 1034.553267][T29228] Buffer I/O error on dev loop9, logical block 0, async page read [ 1034.557498][T29228] Buffer I/O error on dev loop9, logical block 0, async page read [ 1034.560996][T29228] Buffer I/O error on dev loop9, logical block 0, async page read [ 1034.564401][T29228] Buffer I/O error on dev loop9, logical block 0, async page read [ 1034.568468][T29228] ldm_validate_partition_table(): Disk read failed. [ 1034.571384][T29228] Buffer I/O error on dev loop9, logical block 0, async page read [ 1034.574972][T29228] Buffer I/O error on dev loop9, logical block 0, async page read [ 1034.578454][T29228] Buffer I/O error on dev loop9, logical block 0, async page read [ 1034.582025][T29228] Dev loop9: unable to read RDB block 0 [ 1034.584729][T29228] loop9: unable to read partition table [ 1034.587342][T29228] loop9: partition table beyond EOD, truncated [ 1034.589574][T29228] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 1034.589574][T29228] ) failed (rc=-5) [ 1034.641336][T12169] etas_es58x 5-1:0.219: Starting syz syz (Serial Number syz) [ 1034.645420][T12169] etas_es58x 5-1:0.219: could not retrieve the product info string [ 1034.652968][T29236] input: syz0 as /devices/virtual/input/input115 [ 1034.659215][T12169] usb 5-1: USB disconnect, device number 79 [ 1034.665911][T12169] etas_es58x 5-1:0.219: Disconnecting syz syz [ 1035.027917][T29265] input: syz0 as /devices/virtual/input/input116 [ 1035.149910][T29275] binder: 29274:29275 ioctl c0306201 0 returned -14 [ 1035.225297][T29279] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1035.272041][T29282] netlink: 'syz.2.25601': attribute type 4 has an invalid length. [ 1035.571875][T29300] input: syz0 as /devices/virtual/input/input117 [ 1035.697791][T29304] binder: 29303:29304 ioctl c0306201 0 returned -14 [ 1035.771025][T29308] netlink: 'syz.2.25615': attribute type 4 has an invalid length. [ 1035.916024][T29321] input: syz0 as /devices/virtual/input/input118 [ 1036.094709][ T6019] usb 6-1: new high-speed USB device number 54 using dummy_hcd [ 1036.266553][ T6019] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1036.270359][ T6019] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 1036.275058][ T6019] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1036.279182][ T6019] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 1036.284073][ T6019] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 1036.290388][ T6019] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1036.293472][ T6019] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1036.299689][ T6019] usb 6-1: Product: syz [ 1036.301557][ T6019] usb 6-1: Manufacturer: syz [ 1036.311378][ T6019] cdc_wdm 6-1:1.0: skipping garbage [ 1036.313159][ T6019] cdc_wdm 6-1:1.0: skipping garbage [ 1036.316518][ T6019] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 1036.318464][ T6019] cdc_wdm 6-1:1.0: Unknown control protocol [ 1036.512147][ T40] kauditd_printk_skb: 8 callbacks suppressed [ 1036.512158][ T40] audit: type=1400 audit(1763483503.011:776): avc: denied { read write } for pid=29316 comm="syz.1.25618" name="cdc-wdm0" dev="devtmpfs" ino=7723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1 [ 1036.522385][ T40] audit: type=1400 audit(1763483503.011:777): avc: denied { open } for pid=29316 comm="syz.1.25618" path="/dev/cdc-wdm0" dev="devtmpfs" ino=7723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1 [ 1036.569774][ C0] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 1036.569885][ T6019] usb 6-1: USB disconnect, device number 54 [ 1036.572025][ C0] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 1036.577144][ C0] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 1036.656121][T29332] binder: 29331:29332 ioctl 40046205 0 returned -22 [ 1037.124046][ T40] audit: type=1400 audit(1763483503.621:778): avc: denied { setopt } for pid=29353 comm="syz.3.25634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 1037.148720][T29358] binder: 29357:29358 ioctl 40046205 0 returned -22 [ 1037.474823][T12169] usb 8-1: new high-speed USB device number 70 using dummy_hcd [ 1037.625279][T12169] usb 8-1: Using ep0 maxpacket: 32 [ 1037.628984][T12169] usb 8-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 1037.632266][T12169] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1037.637810][T12169] usb 8-1: config 0 descriptor?? [ 1037.846989][T12169] usbhid 8-1:0.0: can't add hid device: -71 [ 1037.849943][T12169] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 1037.857785][T12169] usb 8-1: USB disconnect, device number 70 [ 1038.244687][ T40] audit: type=1400 audit(1763483504.741:779): avc: denied { mounton } for pid=29379 comm="syz.0.25644" path="/314/file0" dev="tmpfs" ino=1872 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1 [ 1038.678351][T29394] loop9: detected capacity change from 0 to 7 [ 1038.682647][T20461] ldm_validate_partition_table(): Disk read failed. [ 1038.686094][T20461] Dev loop9: unable to read RDB block 0 [ 1038.688700][T20461] loop9: unable to read partition table [ 1038.690546][T20461] loop9: partition table beyond EOD, truncated [ 1038.694042][T29394] ldm_validate_partition_table(): Disk read failed. [ 1038.700437][T29394] Dev loop9: unable to read RDB block 0 [ 1038.702699][T29394] loop9: unable to read partition table [ 1038.705148][T29394] loop9: partition table beyond EOD, truncated [ 1038.709634][T29394] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 1038.709634][T29394] ) failed (rc=-5) [ 1039.014729][T29410] loop9: detected capacity change from 0 to 7 [ 1039.017998][T29410] ldm_validate_partition_table(): Disk read failed. [ 1039.021293][T29410] Dev loop9: unable to read RDB block 0 [ 1039.024019][T29410] loop9: unable to read partition table [ 1039.026954][T29410] loop9: partition table beyond EOD, truncated [ 1039.034763][T29410] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 1039.034763][T29410] ) failed (rc=-5) [ 1039.064728][T16063] usb 6-1: new high-speed USB device number 55 using dummy_hcd [ 1039.216348][T16063] usb 6-1: config 0 has an invalid interface number: 197 but max is 0 [ 1039.219853][T16063] usb 6-1: config 0 has no interface number 0 [ 1039.222595][T16063] usb 6-1: config 0 interface 197 altsetting 0 endpoint 0xC has invalid maxpacket 1023, setting to 64 [ 1039.227074][T16063] usb 6-1: config 0 interface 197 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0 [ 1039.230693][T16063] usb 6-1: config 0 interface 197 altsetting 0 bulk endpoint 0x87 has invalid maxpacket 0 [ 1039.235311][T16063] usb 6-1: config 0 interface 197 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1039.244999][T16063] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=bb.42 [ 1039.249392][T16063] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1039.252480][T16063] usb 6-1: Product: syz [ 1039.253907][T16063] usb 6-1: Manufacturer: syz [ 1039.256340][T16063] usb 6-1: SerialNumber: syz [ 1039.260029][T16063] usb 6-1: config 0 descriptor?? [ 1039.469347][T16063] usb 6-1: USB disconnect, device number 55 [ 1039.705125][T29450] input: syz0 as /devices/virtual/input/input119 [ 1039.771130][T29458] kvm: kvm [29457]: vcpu0, guest rIP: 0x8000000 Unhandled WRMSR(0x40000030) = 0x0 [ 1040.028275][T29475] input: syz0 as /devices/virtual/input/input120 [ 1040.180055][ T5294] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1040.184488][ T5294] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1040.187696][ T5294] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1040.190732][ T5294] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1040.193376][ T5294] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1040.310027][T29485] chnl_net:caif_netlink_parms(): no params data found [ 1040.385010][T29485] bridge0: port 1(bridge_slave_0) entered blocking state [ 1040.387417][T29485] bridge0: port 1(bridge_slave_0) entered disabled state [ 1040.389815][T29485] bridge_slave_0: entered allmulticast mode [ 1040.392466][T29485] bridge_slave_0: entered promiscuous mode [ 1040.397143][T29485] bridge0: port 2(bridge_slave_1) entered blocking state [ 1040.400008][T29485] bridge0: port 2(bridge_slave_1) entered disabled state [ 1040.402673][T29485] bridge_slave_1: entered allmulticast mode [ 1040.406256][T29485] bridge_slave_1: entered promiscuous mode [ 1040.451919][T29485] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1040.460543][T29485] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1040.520521][T29485] team0: Port device team_slave_0 added [ 1040.525992][T29485] team0: Port device team_slave_1 added [ 1040.567266][T29485] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1040.569633][T29485] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1040.577941][T29485] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1040.582402][T29485] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1040.584911][T29485] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1040.593314][T29485] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1040.631602][T29485] hsr_slave_0: entered promiscuous mode [ 1040.633949][T29485] hsr_slave_1: entered promiscuous mode [ 1040.886513][T29523] input: syz0 as /devices/virtual/input/input121 [ 1041.004221][T29538] input: syz0 as /devices/virtual/input/input122 [ 1041.011980][T29536] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 1041.140344][T29544] ------------[ cut here ]------------ [ 1041.142381][T29544] WARNING: CPU: 0 PID: 29544 at arch/x86/kvm/vmx/vmx.c:5264 handle_exception_nmi+0x14cf/0x1750 [ 1041.146163][T29544] Modules linked in: [ 1041.148089][T29544] CPU: 0 UID: 0 PID: 29544 Comm: syz.0.25717 Not tainted syzkaller #0 PREEMPT(full) [ 1041.153711][T29544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1041.157620][T29544] RIP: 0010:handle_exception_nmi+0x14cf/0x1750 [ 1041.159853][T29544] Code: 20 fe ff 31 ff 89 c5 89 c6 e8 ed 33 69 00 85 ed 0f 85 bd fd ff ff e8 a0 38 69 00 90 0f 0b 90 e9 af fd ff ff e8 92 38 69 00 90 <0f> 0b 90 e9 d0 f2 ff ff e8 84 38 69 00 31 f6 48 89 df e8 9a 15 ed [ 1041.166876][T29544] RSP: 0018:ffffc9000351f9e0 EFLAGS: 00010283 [ 1041.169216][T29544] RAX: 000000000000a623 RBX: ffff888045dd2940 RCX: ffffc90007bc1000 [ 1041.172039][T29544] RDX: 0000000000080000 RSI: ffffffff8153af3e RDI: 0000000000000001 [ 1041.175536][T29544] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 1041.178706][T29544] R10: 0000000000000000 R11: 0000000000000001 R12: 000000000f69a2ea [ 1041.181565][T29544] R13: 0000000000000007 R14: 0000000080000300 R15: ffff888045dd2a18 [ 1041.182211][T29485] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1041.184402][T29544] FS: 00007f91631ee6c0(0000) GS:ffff8880d6a05000(0000) knlGS:0000000000000000 [ 1041.190754][T29544] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1041.193055][T29544] CR2: 000000000300000a CR3: 0000000013524000 CR4: 0000000000352ef0 [ 1041.196303][T29544] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 000000000300000a [ 1041.199558][T29544] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 1041.202546][T29544] Call Trace: [ 1041.203777][T29544] [ 1041.205127][T29544] ? __pfx_handle_exception_nmi+0x10/0x10 [ 1041.207194][T29544] vmx_handle_exit+0x14bf/0x1c00 [ 1041.209038][T29544] vcpu_run+0x33e1/0x54d0 [ 1041.210606][T29544] ? __pfx_vcpu_run+0x10/0x10 [ 1041.212312][T29544] ? rcu_is_watching+0x12/0xc0 [ 1041.214087][T29544] ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1920 [ 1041.216235][T29544] kvm_arch_vcpu_ioctl_run+0xfd3/0x1920 [ 1041.218424][T29544] kvm_vcpu_ioctl+0x5eb/0x1690 [ 1041.220253][T29544] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 1041.222230][T29544] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1041.224404][T29544] ? do_vfs_ioctl+0x128/0x14f0 [ 1041.226329][T29544] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1041.228200][T29544] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 1041.230728][T29544] ? hook_file_ioctl_common+0x145/0x410 [ 1041.232752][T29544] ? selinux_file_ioctl+0x180/0x270 [ 1041.234722][T29544] ? selinux_file_ioctl+0xb4/0x270 [ 1041.236617][T29544] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 1041.238526][T29544] __x64_sys_ioctl+0x18e/0x210 [ 1041.240289][T29544] do_syscall_64+0xcd/0xfa0 [ 1041.242150][T29544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1041.244322][T29544] RIP: 0033:0x7f9164f8f6c9 [ 1041.246047][T29544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1041.253078][T29544] RSP: 002b:00007f91631ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1041.256137][T29544] RAX: ffffffffffffffda RBX: 00007f91651e5fa0 RCX: 00007f9164f8f6c9 [ 1041.258999][T29544] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 1041.261852][T29544] RBP: 00007f9165011f91 R08: 0000000000000000 R09: 0000000000000000 [ 1041.264749][T29544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1041.267822][T29544] R13: 00007f91651e6038 R14: 00007f91651e5fa0 R15: 00007ffdf496ca98 [ 1041.270839][T29544] [ 1041.271990][T29544] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1041.274646][T29544] CPU: 0 UID: 0 PID: 29544 Comm: syz.0.25717 Not tainted syzkaller #0 PREEMPT(full) [ 1041.278030][T29544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 1041.281726][T29544] Call Trace: [ 1041.282957][T29544] [ 1041.284060][T29544] dump_stack_lvl+0x3d/0x1f0 [ 1041.285781][T29544] vpanic+0x640/0x6f0 [ 1041.287235][T29544] ? handle_exception_nmi+0x14cf/0x1750 [ 1041.289261][T29544] panic+0xca/0xd0 [ 1041.290640][T29544] ? __pfx_panic+0x10/0x10 [ 1041.292279][T29544] check_panic_on_warn+0xab/0xb0 [ 1041.294084][T29544] __warn+0xf6/0x3c0 [ 1041.295429][T29544] ? handle_exception_nmi+0x14cf/0x1750 [ 1041.297373][T29544] report_bug+0x3c3/0x580 [ 1041.298961][T29544] ? handle_exception_nmi+0x14cf/0x1750 [ 1041.300971][T29544] handle_bug+0x184/0x210 [ 1041.302554][T29544] exc_invalid_op+0x17/0x50 [ 1041.304217][T29544] asm_exc_invalid_op+0x1a/0x20 [ 1041.306007][T29544] RIP: 0010:handle_exception_nmi+0x14cf/0x1750 [ 1041.308226][T29544] Code: 20 fe ff 31 ff 89 c5 89 c6 e8 ed 33 69 00 85 ed 0f 85 bd fd ff ff e8 a0 38 69 00 90 0f 0b 90 e9 af fd ff ff e8 92 38 69 00 90 <0f> 0b 90 e9 d0 f2 ff ff e8 84 38 69 00 31 f6 48 89 df e8 9a 15 ed [ 1041.315171][T29544] RSP: 0018:ffffc9000351f9e0 EFLAGS: 00010283 [ 1041.317389][T29544] RAX: 000000000000a623 RBX: ffff888045dd2940 RCX: ffffc90007bc1000 [ 1041.320244][T29544] RDX: 0000000000080000 RSI: ffffffff8153af3e RDI: 0000000000000001 [ 1041.323105][T29544] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 1041.325954][T29544] R10: 0000000000000000 R11: 0000000000000001 R12: 000000000f69a2ea [ 1041.328957][T29544] R13: 0000000000000007 R14: 0000000080000300 R15: ffff888045dd2a18 [ 1041.331948][T29544] ? handle_exception_nmi+0x14ce/0x1750 [ 1041.333998][T29544] ? __pfx_handle_exception_nmi+0x10/0x10 [ 1041.336058][T29544] vmx_handle_exit+0x14bf/0x1c00 [ 1041.337893][T29544] vcpu_run+0x33e1/0x54d0 [ 1041.339474][T29544] ? __pfx_vcpu_run+0x10/0x10 [ 1041.341232][T29544] ? rcu_is_watching+0x12/0xc0 [ 1041.342977][T29544] ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1920 [ 1041.345348][T29544] kvm_arch_vcpu_ioctl_run+0xfd3/0x1920 [ 1041.347595][T29544] kvm_vcpu_ioctl+0x5eb/0x1690 [ 1041.349373][T29544] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 1041.351260][T29544] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1041.353423][T29544] ? do_vfs_ioctl+0x128/0x14f0 [ 1041.355235][T29544] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1041.357095][T29544] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 1041.359611][T29544] ? hook_file_ioctl_common+0x145/0x410 [ 1041.362023][T29544] ? selinux_file_ioctl+0x180/0x270 [ 1041.363901][T29544] ? selinux_file_ioctl+0xb4/0x270 [ 1041.365740][T29544] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 1041.367805][T29544] __x64_sys_ioctl+0x18e/0x210 [ 1041.369661][T29544] do_syscall_64+0xcd/0xfa0 [ 1041.371318][T29544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1041.373539][T29544] RIP: 0033:0x7f9164f8f6c9 [ 1041.375212][T29544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1041.381907][T29544] RSP: 002b:00007f91631ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1041.384910][T29544] RAX: ffffffffffffffda RBX: 00007f91651e5fa0 RCX: 00007f9164f8f6c9 [ 1041.387765][T29544] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008 [ 1041.390607][T29544] RBP: 00007f9165011f91 R08: 0000000000000000 R09: 0000000000000000 [ 1041.393486][T29544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1041.396317][T29544] R13: 00007f91651e6038 R14: 00007f91651e5fa0 R15: 00007ffdf496ca98 [ 1041.399195][T29544] [ 1041.401094][T29544] Kernel Offset: disabled [ 1041.402671][T29544] Rebooting in 86400 seconds.. VM DIAGNOSIS: 16:31:47 Registers: info registers vcpu 0 CPU#0 RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85297215 RDI=ffffffff9addb780 RBP=ffffffff9addb740 RSP=ffffc9000351f350 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=000000000000002e R14=ffffffff9addb740 R15=ffffffff852971b0 RIP=ffffffff8529723f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] FS =0000 00007f91631ee6c0 ffffffff 00c09300 DPL=0 DS [-WA] GS =0000 ffff8880d6a05000 ffffffff 00c09300 DPL=0 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000ffff IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000300000a CR3=0000000013524000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=000000000300000a DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000080080783 RBX=0000000000000000 RCX=ffff888106239070 RDX=000000000000009d RSI=ffffffff8679b348 RDI=ffff8881062392d0 RBP=0000000000000002 RSP=ffffc900006a0b98 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000000001 R13=0000000000004e20 R14=ffff888106239070 R15=0000000000000002 RIP=ffffffff8679b38f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 00007f3ae0bb4300 ffffffff 00c00000 GS =0000 ffff8880d6b05000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c3e6096 CR3=0000000032602000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=00000000004007ff Opmask06=0000000007ffe7ff Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0003000000100008 0000000000000004 000c001a00100000 0014010000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000c000000080004 0020000e00000000 0000000000000000 6474000000200000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 013a0000000006ea 0500000000180000 00200000000e0014 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 41a400000af40300 000000000008ffff a71a000003e60000 0008000400000008 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0008000000140000 57c8000057dc0000 57f0000058040000 5818000058300000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 58480000585c0000 5870000058840000 589c000058b00000 58c8000058e00000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 58f4000059080000 591c000059300000 5950000059700000 0015000000000000 ZMM24=6ead7e3c6ead7e3c 6ead7e3c6ead7e3c 6ead7e3c6ead7e3c 6ead7e3c6ead7e3c 6ead7e3c6ead7e3c 6ead7e3c6ead7e3c 6ead7e3c6ead7e3c 6ead7e3c6ead7e3c ZMM25=c02c2d10c02c2d10 c02c2d10c02c2d10 c02c2d10c02c2d10 c02c2d10c02c2d10 c02c2d10c02c2d10 c02c2d10c02c2d10 c02c2d10c02c2d10 c02c2d10c02c2d10 ZMM26=b33d95a6b33d95a6 b33d95a6b33d95a6 b33d95a6b33d95a6 b33d95a6b33d95a6 b33d95a6b33d95a6 b33d95a6b33d95a6 b33d95a6b33d95a6 b33d95a6b33d95a6 ZMM27=a1de3d75a1de3d75 a1de3d75a1de3d75 a1de3d75a1de3d75 a1de3d75a1de3d75 a1de3d75a1de3d75 a1de3d75a1de3d75 a1de3d75a1de3d75 a1de3d75a1de3d75 ZMM28=000001700000016f 0000016e0000016d 0000016c0000016b 0000016a00000169 0000016800000167 0000016600000165 0000016400000163 0000016200000161 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=1373000013730000 1373000013730000 1373000013730000 1373000013730000 1373000013730000 1373000013730000 1373000013730000 1373000013730000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffffffff8e3c4760 RCX=0000000000000002 RDX=0000000000000000 RSI=ffffffff816bf3e1 RDI=fffffbfff1c788ec RBP=ffffffff8e3c4760 RSP=ffffc90005867668 R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000000 R11=000000000001170d R12=ffffffff816bf3e1 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff822584c8 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000555560d1a500 ffffffff 00c00000 GS =0000 ffff8880d6c05000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f016a3b12f8 CR3=00000000389b4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000041004040 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffff6a20f80 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f016a213050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f016a21305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f016a213057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f016a21306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f016a2130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f016a2131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000003a800000006 00000260000001c8 0000013000000098 0000000000000260 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6c69614600646574 7563657845006574 7563657845006465 74746f687370616e ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5300796461655200 656b616873646e61 48006c616974696e 4900656c676e616d ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=ffffffff95b2a9a0 RBX=00000000000000b8 RCX=00000000000000b9 RDX=0000000000000114 RSI=00000000000000b9 RDI=ffffffff97455a08 RBP=0000000000000030 RSP=ffffc9000c3f6e10 R8 =ffffffff95b2a9a0 R9 =0000000000000002 R10=ffffc9000c3f6fa8 R11=0000000000000001 R12=ffffffff81984f50 R13=ffffc9000c3f6eb0 R14=ffffffff81985a60 R15=ffffffff97455a08 RIP=ffffffff8198700a RFL=00000012 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000555573fce500 ffffffff 00c00000 GS =0000 ffff8880d6d05000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fb88f1e7dac CR3=000000001bf4f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffdf496ce20 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9165013050 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f916501305d ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f9165013057 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f916501306b ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f91650130f1 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f91650131cf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000