last executing test programs: 9m25.084188669s ago: executing program 32 (id=277): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x1c, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0) 9m23.711625506s ago: executing program 33 (id=330): clock_gettime(0x7, &(0x7f0000000240)={0x0, 0x0}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x9a974000) clock_settime(0x0, &(0x7f0000009ac0)={r0, r1+10000000}) 8m1.367214316s ago: executing program 34 (id=4274): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) landlock_restrict_self(0xffffffffffffffff, 0x7) 6m34.009499748s ago: executing program 4 (id=6520): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff0000}]}) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) mount_setattr(r0, &(0x7f0000001d80)='.\x00', 0x0, &(0x7f0000000080)={0xb, 0x0, 0x40000}, 0x20) 6m33.93843581s ago: executing program 4 (id=6524): r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) sendfile(r0, r1, 0x0, 0xfffe82) mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000000)='f2fs\x00', 0x0, 0x0) 6m33.80750541s ago: executing program 4 (id=6529): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_OPER(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000800)={0x30, r1, 0x1, 0x1, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x3}]}, 0x30}}, 0x8000) 6m33.669315999s ago: executing program 4 (id=6534): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$tmpfs(0x0, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x84000, 0x0) 6m33.599274976s ago: executing program 4 (id=6536): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) bind$can_j1939(0xffffffffffffffff, 0x0, 0x0) 6m33.220859383s ago: executing program 4 (id=6538): r0 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x633a, 0x4) sendto$inet6(r0, &(0x7f00000000c0)="800009e9220800ce", 0x8, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c) recvfrom$inet6(r0, 0x0, 0x0, 0x40000020, 0x0, 0x0) 6m33.165493994s ago: executing program 35 (id=6538): r0 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x633a, 0x4) sendto$inet6(r0, &(0x7f00000000c0)="800009e9220800ce", 0x8, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c) recvfrom$inet6(r0, 0x0, 0x0, 0x40000020, 0x0, 0x0) 5m16.290106815s ago: executing program 7 (id=8560): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x8, 0x4, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x2, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b4"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB='.'], 0x20) 5m16.239086949s ago: executing program 7 (id=8562): r0 = syz_io_uring_setup(0x3661, &(0x7f0000000440)={0x0, 0xfd10, 0x0, 0x1, 0x32e}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000300)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x48, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x3516, 0x0, 0x42, 0x0, 0x0) 5m16.159864923s ago: executing program 7 (id=8569): r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x8042, 0x0) fcntl$setlease(r0, 0x400, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x183203, 0x0) fcntl$setlease(r0, 0x400, 0x1) 5m15.270036746s ago: executing program 7 (id=8601): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x901095, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x202) 5m15.269757662s ago: executing program 7 (id=8603): r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x1c) r1 = socket$unix(0x1, 0x2, 0x0) bind$unix(r1, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x1c) 5m15.030066742s ago: executing program 7 (id=8611): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r0, &(0x7f0000003480)={0x2020}, 0x2020) 5m14.974971517s ago: executing program 36 (id=8611): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00') read$FUSE(r0, &(0x7f0000003480)={0x2020}, 0x2020) 4m11.319262626s ago: executing program 6 (id=9444): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000006300)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000390000000000000000000000850000004100000085000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r2, r1, 0x25, 0x0, @void}, 0x10) syz_emit_ethernet(0x36, &(0x7f0000001b00)={@random="e904a200", @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x38, 0x28, 0x66, 0x0, 0xce, 0x6, 0x0, @loopback, @remote}, {{0x4e24, 0x4e21, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0xc2, 0x6, 0x0, 0x80}}}}}}, 0x0) 4m11.228125788s ago: executing program 6 (id=9446): syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SHUTDOWN) r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f00000001c0)={0x0, 0x1, &(0x7f0000000340)=[r1], &(0x7f0000000280)=[0x1], &(0x7f0000000200), &(0x7f0000000380)=[0x2]}) 4m11.146665521s ago: executing program 6 (id=9447): r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000000c0)=0x81) readv(r0, &(0x7f0000000280)=[{&(0x7f0000002480)=""/4082, 0xff2}], 0x1) read(r0, &(0x7f0000000140)=""/95, 0x5f) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000480)={{0xffffffff, 0x2, 0x6, 0xfffffffc, 'syz1\x00'}, 0x2, 0x2, 0x5, 0x0, 0x0, 0x1ff, 'syz0\x00', 0x0}) 4m10.280612086s ago: executing program 6 (id=9454): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1be) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x31001, 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0) 4m10.276435472s ago: executing program 6 (id=9455): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000001ac0)={r0, 0x10000, {0x0, 0x0, 0x0, 0x2ead, 0x7fff, 0x0, 0x0, 0x0, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174ff10000000000000010e200"}}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) madvise(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x16) 4m8.806537425s ago: executing program 6 (id=9467): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x101001) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000180)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000003c0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000440), 0x3, r1, 0xeeeeeeee}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000840)={0x0, 0x1, &(0x7f0000000400)=[r1], &(0x7f0000000180), &(0x7f0000000380)=[r2], &(0x7f0000000280)}) 4m8.684946559s ago: executing program 37 (id=9467): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x101001) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000180)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000003c0)={&(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f0000000440), 0x3, r1, 0xeeeeeeee}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000840)={0x0, 0x1, &(0x7f0000000400)=[r1], &(0x7f0000000180), &(0x7f0000000380)=[r2], &(0x7f0000000280)}) 3m37.238249681s ago: executing program 5 (id=9923): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) r1 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3, 0x2}, 0x18, 0x0) landlock_restrict_self(r1, 0x0) landlock_restrict_self(r1, 0x0) move_mount(r0, 0x0, 0xffffffffffffff9c, 0x0, 0x167) 3m37.238163761s ago: executing program 5 (id=9924): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x121880, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x4, 0x0, 0x4, 0x0, "7e12ddc5a89047bf00"}) r1 = syz_open_pts(r0, 0x0) dup2(r1, r0) fcntl$setstatus(r1, 0x4, 0x2000) 3m37.169126166s ago: executing program 5 (id=9925): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r0}, 0x10) io_setup(0x3, &(0x7f0000000340)) 3m36.919050628s ago: executing program 5 (id=9931): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0) 3m36.859280157s ago: executing program 5 (id=9933): sendmsg$xdp(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f00000002c0)='./file0\x00', &(0x7f00000004c0), 0x8017, 0x0) chdir(&(0x7f0000000280)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) 3m36.548794977s ago: executing program 5 (id=9942): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2) 3m36.506038516s ago: executing program 38 (id=9942): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2) 3m12.756425333s ago: executing program 0 (id=10431): r0 = socket$netlink(0x10, 0x3, 0xf) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r2, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0xd6, 0x1c, 0xd, 0x5, 0x401, 0xfff5, 0xa, 0x0, 0x52, 0x8000, 0x7e9, 0x401, 0x9aa1, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}}) close_range(r0, 0xffffffffffffffff, 0x0) 3m12.736848674s ago: executing program 0 (id=10434): setgroups(0x0, 0x0) getgroups(0x1, &(0x7f0000000080)=[0xee00]) setregid(0x0, r0) fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xffffffd3) mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1d4e, 0x103) 3m12.658603788s ago: executing program 0 (id=10435): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000600)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes128\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f0000002e80)=[{&(0x7f00000008c0)=""/81, 0x51}], 0x1}, 0x10}], 0x1, 0x40010100, 0x0) 3m12.61633489s ago: executing program 0 (id=10436): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0) 3m12.608733888s ago: executing program 0 (id=10438): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000000000000850000007100000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc) 3m10.938728888s ago: executing program 0 (id=10454): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000340)={0x400000100002f}) write$uinput_user_dev(r0, &(0x7f0000000c80)={'syz1\x00', {0x0, 0x401, 0x1}, 0x10, [0x1, 0x101, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0xfffffffe, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x10, 0x200, 0xd, 0x4, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x2000, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x2, 0x1, 0x3, 0x0, 0x7, 0x7, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5f1, 0xfffffffc], [0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x81, 0x10, 0x0, 0x0, 0x0, 0xdd65056, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x6, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0xaea, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x200, 0x0, 0x400002, 0x23, 0x0, 0xeae2, 0xfffffffc, 0x0, 0x7ff, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0xfffffffd, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x100000, 0x9, 0xffff], [0x4, 0x100000fc, 0x8f58, 0x465b, 0x0, 0xb67f75c, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffe, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80, 0x2100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x0, 0xfff, 0x71f, 0xa5f, 0x0, 0x0, 0x0, 0x8], [0x40000000, 0x0, 0x74e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x40, 0x0, 0x0, 0xbd, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0xa, 0x0, 0xfffffffd, 0x4000, 0xdffffffc, 0xfffffffc, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcaa, 0xfffffffe, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2]}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3) ioctl$UI_DEV_CREATE(r0, 0x5501) 3m10.879647659s ago: executing program 39 (id=10454): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000340)={0x400000100002f}) write$uinput_user_dev(r0, &(0x7f0000000c80)={'syz1\x00', {0x0, 0x401, 0x1}, 0x10, [0x1, 0x101, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0xfffffffe, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x10, 0x200, 0xd, 0x4, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x2000, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x2, 0x1, 0x3, 0x0, 0x7, 0x7, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5f1, 0xfffffffc], [0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x81, 0x10, 0x0, 0x0, 0x0, 0xdd65056, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x6, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0xaea, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x200, 0x0, 0x400002, 0x23, 0x0, 0xeae2, 0xfffffffc, 0x0, 0x7ff, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0xfffffffd, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x100000, 0x9, 0xffff], [0x4, 0x100000fc, 0x8f58, 0x465b, 0x0, 0xb67f75c, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffe, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80, 0x2100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x0, 0xfff, 0x71f, 0xa5f, 0x0, 0x0, 0x0, 0x8], [0x40000000, 0x0, 0x74e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x40, 0x0, 0x0, 0xbd, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0xa, 0x0, 0xfffffffd, 0x4000, 0xdffffffc, 0xfffffffc, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcaa, 0xfffffffe, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2]}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3) ioctl$UI_DEV_CREATE(r0, 0x5501) 2m45.478580559s ago: executing program 8 (id=11015): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xffff0000, 0x0, 0xf000, 0x0, 0xfe, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x5002, 0x8080000, 0x10, 0x8, 0x0, 0x0, 0x81, 0x0, 0x44, 0xe, 0x0, 0x3}, {0x4000, 0x0, 0xb}, {0x11000, 0xd000, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1a}, {0x100000, 0xd000, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0x0, 0x84}, {0x80a0000, 0x80a0000, 0x10}, {0x0, 0x0, 0x0, 0x82, 0x0, 0x40}, {0x6000}, {0x1, 0xfffe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900, [0x0, 0x0, 0x0, 0x3]}) 2m45.388063959s ago: executing program 8 (id=11017): unshare(0x6a040000) r0 = socket$phonet_pipe(0x23, 0x5, 0x2) bind$phonet(r0, &(0x7f0000000040)={0x23, 0x4, 0x2}, 0x10) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) bind$phonet(r1, &(0x7f0000000040)={0x23, 0x4, 0x2}, 0x10) 2m45.2853972s ago: executing program 8 (id=11019): timer_create(0x0, 0x0, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) timer_create(0x3, 0x0, &(0x7f0000044000)=0x0) timer_settime(r0, 0x236bd4336e4642df, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0) timer_delete(r0) 2m45.206515987s ago: executing program 8 (id=11021): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000640)='./file0\x00', 0x0, 0x2901090, 0x0) chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00') mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0) pivot_root(&(0x7f0000000340)='.\x00', &(0x7f0000000180)='./file0/../file0/../file0\x00') 2m45.20644386s ago: executing program 8 (id=11022): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local}) writev(r0, &(0x7f0000000480)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e9232f2f8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000280)="051a00000e800088a8f2878ff55eee1afd", 0x11}], 0x2) 2m45.118533754s ago: executing program 8 (id=11025): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000180)=0x2, 0x4) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) sendto$packet(r0, &(0x7f00000000c0)="3f03fe7fdce0140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 2m45.07903975s ago: executing program 40 (id=11025): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000180)=0x2, 0x4) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) sendto$packet(r0, &(0x7f00000000c0)="3f03fe7fdce0140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 5.165432794s ago: executing program 1 (id=14137): syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea0009"], 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000eb0000000001000000940000930600003e7f000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000000000001000000000000000f0ffffffffffffff10"]) 3.876803435s ago: executing program 1 (id=14146): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000b00)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="eb", 0x1}], 0x1}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0) 3.745288627s ago: executing program 1 (id=14148): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_script(r1, &(0x7f0000002540), 0x4) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000000000)=0x9) tee(r0, r3, 0x1476, 0x2) 3.743053041s ago: executing program 1 (id=14156): r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x34f}, &(0x7f00000002c0)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x1, 0xfe, 0x4}]}, 0x8) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x12345}) io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0) 3.664967147s ago: executing program 1 (id=14150): r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x5b23, 0x0) poll(&(0x7f0000000200)=[{r1, 0x8110}, {0xffffffffffffffff, 0x40}, {0xffffffffffffffff, 0x3114}, {0xffffffffffffffff, 0x402a}, {0xffffffffffffffff, 0x88}, {r1, 0x5}, {0xffffffffffffffff, 0x8220}], 0x7, 0x7f) 926.92897ms ago: executing program 9 (id=14195): r0 = socket(0x28, 0x5, 0x0) r1 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r1, 0x0) connect$vsock_stream(r0, &(0x7f0000000080), 0x10) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000540)) 924.883301ms ago: executing program 9 (id=14197): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x4, 0x6, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4048aecb, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 766.854264ms ago: executing program 9 (id=14198): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd74) r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmmsg$inet(r2, &(0x7f00000020c0)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)='\f', 0x1}], 0x1, 0x0, 0x0, 0x2000000}}], 0xfdef, 0x0) 727.020156ms ago: executing program 3 (id=14199): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x40800) readv(r1, &(0x7f0000002980)=[{&(0x7f0000000600)=""/228, 0xe4}], 0x1) 661.296429ms ago: executing program 1 (id=14200): r0 = creat(&(0x7f0000000340)='./file0\x00', 0x0) r1 = socket$inet6(0xa, 0x400000000001, 0x0) syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0) close(0x3) syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02) mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 573.950853ms ago: executing program 3 (id=14201): r0 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x2, @in=@broadcast, 0x6, 0x4, 0x3}]}]}, 0xfc}}, 0x0) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x20, 0x4001c00) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, 0x0, 0x0) 573.686516ms ago: executing program 3 (id=14202): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x85}, &(0x7f0000000400)=0x0, &(0x7f0000000280)=0x0) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000300)=[r0], 0x1) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x6000, @fd_index, 0x80000001, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0) 502.144535ms ago: executing program 3 (id=14203): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='sched_kthread_stop_ret\x00', r1}, 0x10) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0) 496.91241ms ago: executing program 9 (id=14204): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000003c0), 0x40, 0x0) chdir(&(0x7f0000000100)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x0) getdents64(r0, &(0x7f0000002080)=""/4101, 0x1005) 496.745633ms ago: executing program 2 (id=14205): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000240)={@hyper}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000000)={{@my=0x1}, @my=0x1, 0x0, 0x0, 0x421}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000080)={{@hyper, 0x2}, @any, 0x0, 0x0, 0x2, 0x6, 0x5, 0x10001, 0x8}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f00000000c0)={{@hyper}, @host, 0xd, 0x8, 0x0, 0x9, 0x4, 0x7, 0x80000001}) 416.741943ms ago: executing program 2 (id=14206): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1) write$binfmt_misc(r0, &(0x7f0000000000), 0xd) 416.581991ms ago: executing program 9 (id=14207): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x5, 0x2, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b0000000001"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) 367.217874ms ago: executing program 2 (id=14208): openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x800000, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) capget(0x0, &(0x7f0000000500)={0x9, 0x80000000, 0x9, 0x0, 0x80000000, 0x5}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) 366.935825ms ago: executing program 3 (id=14209): syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd637f4b22667f2f00db5b686158bbcfe8875a65969ff57b00000000000000000000000000ac1414aa35f086dd"], 0xfdef) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 297.170054ms ago: executing program 2 (id=14210): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000040)={&(0x7f0000000300)=[0x0, 0x0, 0x0], &(0x7f0000000040), 0x3, r2, 0xcccccccc}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f0000000440)=[r2], &(0x7f0000000180)=[0x2], &(0x7f0000000340)=[r4, r3], &(0x7f00000003c0), 0x0, 0x1}) 296.200004ms ago: executing program 2 (id=14218): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10) sendmmsg$inet6(r0, &(0x7f0000001880)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)="82df", 0x2}], 0x1}}], 0x1, 0x4400c800) sendto$inet6(r0, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd) 92.804258ms ago: executing program 3 (id=14211): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x59) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x4c, 0x10, 0xffffff1f, 0xfffffffc, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @multicast1}, @IFLA_GRE_LINK={0x8, 0x1, r2}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 91.408748ms ago: executing program 2 (id=14220): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) sendmsg$NFQNL_MSG_VERDICT_BATCH(0xffffffffffffffff, 0x0, 0x8000) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000580)={0x0}) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000140)) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f00000003c0)={r1}) 0s ago: executing program 9 (id=14212): syz_usb_ep_write(0xffffffffffffffff, 0x81, 0x1, &(0x7f0000000240)="b9") r0 = syz_open_dev$evdev(&(0x7f0000001540), 0x0, 0x0) ioctl$EVIOCGLED(r0, 0x5452, &(0x7f0000000240)=""/77) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000180)={0x57, 0x0, 0x0, {0xfffe, 0x1}, {0x74, 0x2}, @const={0x6, {0x7f, 0x0, 0x8000, 0xfffd}}}) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01) write$char_usb(r1, &(0x7f0000000040)="e2", 0x1068) kernel console output (not intermixed with test programs): 1 has an invalid length. [ 508.679244][ T5980] usb 14-1: new high-speed USB device number 23 using dummy_hcd [ 508.840692][ T5980] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 508.844259][ T5980] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 508.847337][ T5980] usb 14-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 508.851864][ T5980] usb 14-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 508.854816][ T5980] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 508.858696][ T5980] usb 14-1: config 0 descriptor?? [ 509.161582][ T489] netlink: 36 bytes leftover after parsing attributes in process `syz.2.11904'. [ 509.266134][ T5980] plantronics 0003:047F:FFFF.0034: No inputs registered, leaving [ 509.270714][ T5980] plantronics 0003:047F:FFFF.0034: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0 [ 509.847896][ T519] input: syz0 as /devices/virtual/input/input103 [ 510.999115][ T2289] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 511.151592][ T2289] usb 6-1: Using ep0 maxpacket: 8 [ 511.155716][ T2289] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 511.158914][ T2289] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 511.163244][ T2289] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 511.166988][ T2289] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 511.171299][ T2289] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 511.176942][ T2289] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 511.180343][ T2289] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 511.183853][ T2289] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 511.187761][ T2289] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 511.192324][ T2289] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 511.198337][ T2289] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 511.206069][ T2289] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 511.210951][ T2289] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 511.215769][ T2289] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 511.220413][ T2289] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 511.228223][ T2289] usb 6-1: string descriptor 0 read error: -22 [ 511.231074][ T2289] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 511.234823][ T2289] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 511.244181][ T2289] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux1 [ 511.336647][ T543] syzkaller1: entered promiscuous mode [ 511.338387][ T543] syzkaller1: entered allmulticast mode [ 511.363901][ T6135] usb 14-1: USB disconnect, device number 23 [ 511.447715][ T5981] usb 6-1: USB disconnect, device number 18 [ 511.538543][ T550] input: syz0 as /devices/virtual/input/input104 [ 511.696141][ T560] syzkaller1: entered promiscuous mode [ 511.698197][ T560] syzkaller1: entered allmulticast mode [ 512.239158][ T5980] page_pool_release_retry() stalled pool shutdown: id 167, 1 inflight 60 sec [ 513.153555][ T627] block nbd9: not configured, cannot reconfigure [ 514.349115][ T654] nbd: couldn't find a device at index 1 [ 514.568737][ T669] wlan0 speed is unknown, defaulting to 1000 [ 514.599804][ T670] netlink: 16 bytes leftover after parsing attributes in process `syz.9.11986'. [ 514.949124][ T34] usb 14-1: new high-speed USB device number 24 using dummy_hcd [ 515.099109][ T34] usb 14-1: Using ep0 maxpacket: 8 [ 515.102202][ T34] usb 14-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 515.105416][ T34] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 515.108814][ T34] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 515.112063][ T34] usb 14-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 515.119009][ T34] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 515.121820][ T34] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 515.330031][ T34] usb 14-1: GET_CAPABILITIES returned 0 [ 515.332245][ T34] usbtmc 14-1:16.0: can't read capabilities [ 515.531534][ T2289] usb 14-1: USB disconnect, device number 24 [ 515.604646][ T708] batadv_slave_1: entered promiscuous mode [ 515.607420][ T707] batadv_slave_1: left promiscuous mode [ 515.916010][ T40] kauditd_printk_skb: 170 callbacks suppressed [ 515.916023][ T40] audit: type=1326 audit(2134218481.141:2832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=719 comm="syz.3.12008" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 515.925217][ T40] audit: type=1326 audit(2134218481.141:2833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=719 comm="syz.3.12008" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 515.933474][ T40] audit: type=1326 audit(2134218481.141:2834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=719 comm="syz.3.12008" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 515.942446][ T40] audit: type=1326 audit(2134218481.141:2835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=719 comm="syz.3.12008" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 515.949404][ T40] audit: type=1326 audit(2134218481.141:2836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=719 comm="syz.3.12008" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 515.956443][ T40] audit: type=1326 audit(2134218481.141:2837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=719 comm="syz.3.12008" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 515.963811][ T40] audit: type=1326 audit(2134218481.151:2838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=719 comm="syz.3.12008" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 515.970615][ T40] audit: type=1326 audit(2134218481.151:2839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=719 comm="syz.3.12008" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 515.977234][ T40] audit: type=1326 audit(2134218481.151:2840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=719 comm="syz.3.12008" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 515.983951][ T40] audit: type=1326 audit(2134218481.151:2841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=719 comm="syz.3.12008" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 516.302102][ T736] netlink: 172 bytes leftover after parsing attributes in process `syz.3.12015'. [ 516.369066][ T5980] usb 14-1: new high-speed USB device number 25 using dummy_hcd [ 516.521886][ T5980] usb 14-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 516.525914][ T5980] usb 14-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 516.529887][ T5980] usb 14-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 516.535582][ T5980] usb 14-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 516.538658][ T5980] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 516.541599][ T5980] usb 14-1: Product: syz [ 516.543024][ T5980] usb 14-1: Manufacturer: syz [ 516.544572][ T5980] usb 14-1: SerialNumber: syz [ 516.754839][ T5980] usblp 14-1:1.0: usblp0: USB Unidirectional printer dev 25 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 516.956760][ T5980] usb 14-1: USB disconnect, device number 25 [ 516.958874][ T744] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12019'. [ 516.961427][ T5980] usblp0: removed [ 517.001388][ T746] netlink: 64 bytes leftover after parsing attributes in process `syz.1.12020'. [ 517.400534][ T762] syzkaller1: entered promiscuous mode [ 517.402283][ T762] syzkaller1: entered allmulticast mode [ 518.364684][ T813] netlink: 172 bytes leftover after parsing attributes in process `syz.1.12050'. [ 520.280285][ T891] Bluetooth: hci0: load_link_keys: too big key_count value 3072 [ 520.815377][ T928] netfs: Duplicate cookie detected [ 520.817622][ T928] netfs: O-cookie c=00000014 [fl=5088 na=1 nA=0 s=-] [ 520.819876][ T928] netfs: O-cookie V=0000001a [9p,syz,] [ 520.821613][ T928] netfs: O-key=[8] '1701240200000000' [ 520.823364][ T928] netfs: N-cookie c=00000015 [fl=8 na=0 nA=0 s=-] [ 520.825397][ T928] netfs: N-cookie V=0000001a [9p,syz,] [ 520.827219][ T928] netfs: N-key=[8] '1701240200000000' [ 521.717647][ T5981] usb 14-1: new high-speed USB device number 26 using dummy_hcd [ 521.869133][ T5981] usb 14-1: Using ep0 maxpacket: 8 [ 521.872120][ T5981] usb 14-1: config index 0 descriptor too short (expected 301, got 45) [ 521.874671][ T5981] usb 14-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 521.877711][ T5981] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 521.880809][ T5981] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 521.883907][ T5981] usb 14-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 521.887927][ T5981] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 521.891689][ T5981] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 521.959147][ T9] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 521.971478][ T987] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12124'. [ 522.030399][ T991] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 522.098451][ T5981] usb 14-1: usb_control_msg returned -32 [ 522.101340][ T5981] usbtmc 14-1:16.0: can't read capabilities [ 522.120513][ T9] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 522.123537][ T9] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 522.126539][ T9] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 522.132686][ T9] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 522.135588][ T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 522.138037][ T9] usb 7-1: Product: syz [ 522.139514][ T9] usb 7-1: Manufacturer: syz [ 522.140980][ T9] usb 7-1: SerialNumber: syz [ 522.351003][ T9] usblp 7-1:1.0: usblp1: USB Unidirectional printer dev 14 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 522.354683][ T1005] netfs: Duplicate cookie detected [ 522.356419][ T1005] netfs: O-cookie c=00000016 [fl=5088 na=1 nA=0 s=-] [ 522.358601][ T1005] netfs: O-cookie V=0000001b [9p,syz,] [ 522.360966][ T1005] netfs: O-key=[8] '1701240200000000' [ 522.362676][ T1005] netfs: N-cookie c=00000017 [fl=8 na=0 nA=0 s=-] [ 522.364735][ T1005] netfs: N-cookie V=0000001b [9p,syz,] [ 522.366500][ T1005] netfs: N-key=[8] '1701240200000000' [ 522.551071][T31088] usb 7-1: USB disconnect, device number 14 [ 522.554446][T31088] usblp1: removed [ 522.720725][ T1031] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12143'. [ 522.723648][ T1031] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12143'. [ 522.731763][ T1031] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 522.734625][ T1031] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 522.737470][ T1031] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 522.740431][ T1031] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 522.781068][ T1037] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12145'. [ 522.911958][ T1046] wlan0 speed is unknown, defaulting to 1000 [ 523.101466][ T1059] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12156'. [ 523.137545][ T40] kauditd_printk_skb: 1006 callbacks suppressed [ 523.137559][ T40] audit: type=1326 audit(2134218488.361:3848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1060 comm="syz.1.12163" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705e579 code=0x0 [ 523.162086][ T40] audit: type=1326 audit(2134218488.391:3849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1063 comm="syz.2.12157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 523.173475][ T40] audit: type=1326 audit(2134218488.391:3850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1063 comm="syz.2.12157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 523.182355][ T40] audit: type=1326 audit(2134218488.391:3851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1063 comm="syz.2.12157" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 523.191695][ T40] audit: type=1326 audit(2134218488.391:3852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1063 comm="syz.2.12157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 523.201267][ T40] audit: type=1326 audit(2134218488.391:3853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1063 comm="syz.2.12157" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 523.328100][ T40] audit: type=1326 audit(2134218488.551:3854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1077 comm="syz.3.12162" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f17598 code=0x7ffc0000 [ 523.337404][ T1084] netlink: 72 bytes leftover after parsing attributes in process `syz.2.12164'. [ 523.356289][ T40] audit: type=1326 audit(2134218488.551:3855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1077 comm="syz.3.12162" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 523.375169][ T40] audit: type=1326 audit(2134218488.551:3856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1077 comm="syz.3.12162" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f17598 code=0x7ffc0000 [ 523.382145][ T40] audit: type=1326 audit(2134218488.551:3857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1077 comm="syz.3.12162" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f17598 code=0x7ffc0000 [ 523.402394][ T1086] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 523.447064][ T1091] input: syz0 as /devices/virtual/input/input105 [ 523.450023][ T1091] input: failed to attach handler leds to device input105, error: -6 [ 523.847786][ T1122] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 524.273376][ T1152] wlan0 speed is unknown, defaulting to 1000 [ 524.471908][T15808] usb 14-1: USB disconnect, device number 26 [ 525.263230][ T1208] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12210'. [ 526.009049][ T1280] block nbd5: server does not support multiple connections per device. [ 526.012560][ T1280] block nbd5: shutting down sockets [ 526.073164][ T1293] random: crng reseeded on system resumption [ 526.206163][ T1299] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12254'. [ 526.216217][ T1299] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 526.219808][ T1299] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 526.222511][ T1299] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 526.225217][ T1299] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 526.231191][ T1299] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 526.233996][ T1299] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 526.236749][ T1299] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 526.239955][ T1299] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 526.675280][ T1324] binder: 1323:1324 ioctl 4018620d 0 returned -22 [ 527.141137][ T1369] mkiss: ax0: crc mode is auto. [ 527.585597][ T1403] netlink: 'syz.3.12295': attribute type 7 has an invalid length. [ 527.587995][ T1403] netlink: 140 bytes leftover after parsing attributes in process `syz.3.12295'. [ 528.726334][ T1481] tipc: Started in network mode [ 528.727931][ T1481] tipc: Node identity 4, cluster identity 4711 [ 528.731323][ T1481] tipc: Node number set to 4 [ 528.788271][ T1483] mkiss: ax0: crc mode is auto. [ 528.827491][ T1492] mkiss: ax0: crc mode is auto. [ 529.083513][ T1508] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 529.102008][ T1512] syzkaller1: entered promiscuous mode [ 529.104904][ T1512] syzkaller1: entered allmulticast mode [ 530.637872][ T40] kauditd_printk_skb: 165 callbacks suppressed [ 530.637883][ T40] audit: type=1326 audit(2134218495.861:4023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1582 comm="syz.3.12377" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f17598 code=0x7ffc0000 [ 530.658836][ T40] audit: type=1326 audit(2134218495.861:4024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1582 comm="syz.3.12377" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f17598 code=0x7ffc0000 [ 530.665894][ T40] audit: type=1326 audit(2134218495.861:4025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1582 comm="syz.3.12377" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f17598 code=0x7ffc0000 [ 530.673055][ T40] audit: type=1326 audit(2134218495.861:4026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1582 comm="syz.3.12377" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f17598 code=0x7ffc0000 [ 530.680532][ T40] audit: type=1326 audit(2134218495.861:4027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1582 comm="syz.3.12377" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f17598 code=0x7ffc0000 [ 530.687751][ T40] audit: type=1326 audit(2134218495.861:4028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1582 comm="syz.3.12377" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f17598 code=0x7ffc0000 [ 530.696170][ T40] audit: type=1326 audit(2134218495.861:4029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1582 comm="syz.3.12377" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f17598 code=0x7ffc0000 [ 530.704688][ T40] audit: type=1326 audit(2134218495.861:4030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1582 comm="syz.3.12377" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f17598 code=0x7ffc0000 [ 530.711952][ T40] audit: type=1326 audit(2134218495.861:4031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1582 comm="syz.3.12377" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f17598 code=0x7ffc0000 [ 530.719189][ T40] audit: type=1326 audit(2134218495.861:4032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1582 comm="syz.3.12377" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f17598 code=0x7ffc0000 [ 530.894300][ T1604] syzkaller1: entered promiscuous mode [ 530.896078][ T1604] syzkaller1: entered allmulticast mode [ 531.251449][ T1620] netlink: 12 bytes leftover after parsing attributes in process `syz.3.12393'. [ 532.338792][ T1657] netlink: 12 bytes leftover after parsing attributes in process `syz.1.12409'. [ 532.346436][ T1657] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 532.350094][ T1657] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 532.353522][ T1657] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 532.356889][ T1657] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 532.364034][ T1657] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 532.367847][ T1657] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 532.371734][ T1657] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 532.375403][ T1657] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 533.165699][ T1702] random: crng reseeded on system resumption [ 533.479139][ T5981] usb 14-1: new high-speed USB device number 27 using dummy_hcd [ 533.639081][ T5981] usb 14-1: Using ep0 maxpacket: 32 [ 533.642052][ T5981] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 533.645203][ T5981] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 533.648087][ T5981] usb 14-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 533.650795][ T5981] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 533.654273][ T5981] usb 14-1: config 0 descriptor?? [ 534.065294][ T5981] savu 0003:1E7D:2D5A.0035: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.9-1/input0 [ 534.320147][ T5981] usb 14-1: USB disconnect, device number 27 [ 534.383466][ T1753] wlan0 speed is unknown, defaulting to 1000 [ 534.391802][ T6135] IPVS: starting estimator thread 0... [ 534.489160][ T1758] IPVS: using max 46 ests per chain, 110400 per kthread [ 534.907597][ T1795] sctp: [Deprecated]: syz.1.12471 (pid 1795) Use of int in maxseg socket option. [ 534.907597][ T1795] Use struct sctp_assoc_value instead [ 534.954541][ T1799] syzkaller1: entered promiscuous mode [ 534.956477][ T1799] syzkaller1: entered allmulticast mode [ 535.660096][ T40] kauditd_printk_skb: 491 callbacks suppressed [ 535.660113][ T40] audit: type=1326 audit(2134218500.891:4524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1815 comm="syz.1.12480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 535.670906][ T40] audit: type=1326 audit(2134218500.891:4525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1815 comm="syz.1.12480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 536.117626][ T1833] syzkaller1: entered promiscuous mode [ 536.121042][ T1833] syzkaller1: entered allmulticast mode [ 536.227896][ T1837] netlink: 'syz.3.12488': attribute type 4 has an invalid length. [ 537.124558][ T1880] wlan0 speed is unknown, defaulting to 1000 [ 537.166375][ T1883] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 537.171833][ T1882] IPVS: stopping master sync thread 1883 ... [ 538.419031][ T1958] pim6reg1: entered promiscuous mode [ 538.420861][ T1958] pim6reg1: entered allmulticast mode [ 538.509136][T31088] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 538.673892][T31088] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 538.678267][T31088] usb 7-1: config 0 interface 0 has no altsetting 0 [ 538.683747][T31088] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 538.687738][T31088] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 538.694628][T31088] usb 7-1: Product: syz [ 538.696001][T31088] usb 7-1: Manufacturer: syz [ 538.697471][T31088] usb 7-1: SerialNumber: syz [ 538.700200][T31088] usb 7-1: config 0 descriptor?? [ 538.704899][T31088] usb 7-1: selecting invalid altsetting 0 [ 538.908090][ T5980] usb 7-1: USB disconnect, device number 15 [ 539.536234][ T2014] wlan0 speed is unknown, defaulting to 1000 [ 539.577962][ T2014] lo: entered promiscuous mode [ 539.581083][ T2014] tunl0: entered promiscuous mode [ 539.584204][ T2014] gre0: entered promiscuous mode [ 539.587283][ T2014] gretap0: entered promiscuous mode [ 539.589863][ T2014] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 539.602427][ T2014] netlink: 6 bytes leftover after parsing attributes in process `syz.1.12571'. [ 539.607423][ T2014] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 539.730393][ T2032] pim6reg1: entered promiscuous mode [ 539.732703][ T2032] pim6reg1: entered allmulticast mode [ 539.853405][ T2050] netlink: 'syz.2.12586': attribute type 13 has an invalid length. [ 539.861986][ T2050] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 539.866411][ T2050] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 539.868919][ T2050] gretap1: entered promiscuous mode [ 539.870639][ T2050] gretap1: entered allmulticast mode [ 539.984646][ T2070] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.12595'. [ 539.987873][ T2066] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.12595'. [ 540.089235][ T9] usb 14-1: new high-speed USB device number 28 using dummy_hcd [ 540.204742][ T2096] input: syz1 as /devices/virtual/input/input106 [ 540.243287][ T9] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 540.247393][ T9] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 540.251302][ T9] usb 14-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 540.254652][ T9] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 540.258700][ T9] usb 14-1: config 0 descriptor?? [ 540.671807][ T9] cm6533_jd 0003:0D8C:0022.0036: unknown main item tag 0x0 [ 540.674208][ T9] cm6533_jd 0003:0D8C:0022.0036: unknown main item tag 0x0 [ 540.678069][ T9] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.0/0003:0D8C:0022.0036/input/input107 [ 540.684646][ T9] cm6533_jd 0003:0D8C:0022.0036: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.9-1/input0 [ 540.871321][ T6135] usb 14-1: USB disconnect, device number 28 [ 541.040481][ T2116] gre0: entered promiscuous mode [ 541.045549][ T2116] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12617'. [ 541.444509][ T40] audit: type=1326 audit(2134218506.671:4526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2136 comm="syz.1.12627" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 541.464480][ T40] audit: type=1326 audit(2134218506.671:4527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2136 comm="syz.1.12627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 541.473652][ T40] audit: type=1326 audit(2134218506.671:4528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2136 comm="syz.1.12627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 541.482533][ T40] audit: type=1326 audit(2134218506.671:4529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2136 comm="syz.1.12627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 541.492337][ T40] audit: type=1326 audit(2134218506.671:4530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2136 comm="syz.1.12627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 541.501480][ T40] audit: type=1326 audit(2134218506.671:4531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2136 comm="syz.1.12627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 541.508152][ T40] audit: type=1326 audit(2134218506.671:4532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2136 comm="syz.1.12627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 541.520189][ T40] audit: type=1326 audit(2134218506.671:4533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2136 comm="syz.1.12627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 541.527375][ T40] audit: type=1326 audit(2134218506.671:4534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2136 comm="syz.1.12627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 541.534819][ T40] audit: type=1326 audit(2134218506.671:4535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2136 comm="syz.1.12627" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e598 code=0x7ffc0000 [ 541.649592][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 541.650905][ T2158] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.12635'. [ 541.656068][ T2155] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.12635'. [ 541.828797][ T2171] netlink: 'syz.3.12641': attribute type 13 has an invalid length. [ 541.834994][ T2171] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 541.838791][ T2171] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 541.841646][ T2171] gretap1: entered promiscuous mode [ 541.843392][ T2171] gretap1: entered allmulticast mode [ 541.990374][ T2184] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 40 [ 542.447890][ T2209] wlan0 speed is unknown, defaulting to 1000 [ 542.469680][ T2211] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12655'. [ 542.515127][ T2209] lo: entered promiscuous mode [ 542.518070][ T2209] tunl0: entered promiscuous mode [ 542.520630][ T2209] gre0: entered promiscuous mode [ 542.523297][ T2209] gretap0: entered promiscuous mode [ 542.525176][ T2209] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 542.536473][ T2209] netlink: 6 bytes leftover after parsing attributes in process `syz.9.12658'. [ 542.540090][ T2209] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 542.733398][ T2230] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12667'. [ 542.736543][ T2230] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12667'. [ 542.743503][ T2230] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 542.746623][ T2230] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 542.749505][ T2230] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 542.752531][ T2230] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 542.809796][ T2234] netlink: 'syz.9.12669': attribute type 12 has an invalid length. [ 542.812477][ T2234] netlink: 'syz.9.12669': attribute type 29 has an invalid length. [ 542.815045][ T2234] netlink: 'syz.9.12669': attribute type 1 has an invalid length. [ 543.323677][ T2271] wlan0 speed is unknown, defaulting to 1000 [ 543.649330][ T2301] wlan0 speed is unknown, defaulting to 1000 [ 544.343246][ T2340] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 544.769043][ T6135] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 544.930735][ T6135] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 544.934184][ T6135] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 544.937893][ T6135] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 544.939144][ T34] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 544.942271][ T6135] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 544.950017][ T6135] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 544.952857][ T6135] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 544.955582][ T6135] usb 6-1: Manufacturer: syz [ 544.969791][ T6135] usb 6-1: config 0 descriptor?? [ 545.119543][ T34] usb 7-1: Using ep0 maxpacket: 8 [ 545.127720][ T34] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 545.135208][ T34] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 545.138869][ T34] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 545.143364][ T34] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 545.147746][ T34] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 545.151237][ T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 545.156836][ T34] hub 7-1:1.0: bad descriptor, ignoring hub [ 545.159148][ T34] hub 7-1:1.0: probe with driver hub failed with error -5 [ 545.161803][ T34] cdc_wdm 7-1:1.0: skipping garbage [ 545.163487][ T34] cdc_wdm 7-1:1.0: skipping garbage [ 545.165774][ T34] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 545.167858][ T34] cdc_wdm 7-1:1.0: Unknown control protocol [ 545.380872][ T6135] appleir 0003:05AC:8243.0037: unknown main item tag 0x0 [ 545.383444][ T6135] appleir 0003:05AC:8243.0037: No inputs registered, leaving [ 545.387242][ T6135] appleir 0003:05AC:8243.0037: hiddev1,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 545.479397][ T5980] usb 7-1: USB disconnect, device number 16 [ 545.501102][T24584] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.581572][ T5940] usb 6-1: USB disconnect, device number 19 [ 545.587129][T24584] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.651652][T24584] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.690322][ T5953] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 545.696690][ T5953] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 545.699859][ T5953] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 545.703825][ T5953] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 545.706395][ T5953] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 545.715915][ T5949] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 545.718610][ T5949] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 545.721694][ T5949] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 545.725973][ T5949] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 545.728686][ T5949] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 545.735345][T24584] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 545.753035][ T2397] wlan0 speed is unknown, defaulting to 1000 [ 545.809340][ T5980] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 545.854088][ T2397] chnl_net:caif_netlink_parms(): no params data found [ 545.891946][T24584] vlan2: left promiscuous mode [ 545.893506][T24584] bond0: left promiscuous mode [ 545.895081][T24584] bond_slave_1: left promiscuous mode [ 545.897428][T24584] bridge0: port 3(vlan2) entered disabled state [ 545.901277][T24584] bridge_slave_1: left allmulticast mode [ 545.903104][T24584] bridge_slave_1: left promiscuous mode [ 545.904902][T24584] bridge0: port 2(bridge_slave_1) entered disabled state [ 545.908640][T24584] bridge_slave_0: left allmulticast mode [ 545.910745][T24584] bridge_slave_0: left promiscuous mode [ 545.912551][T24584] bridge0: port 1(bridge_slave_0) entered disabled state [ 545.959237][ T5980] usb 7-1: Using ep0 maxpacket: 8 [ 545.963395][ T5980] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 545.967265][ T5980] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 545.970963][ T5980] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 545.975496][ T5980] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 545.982981][ T5980] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 545.986649][ T5980] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 545.993764][ T5980] hub 7-1:1.0: bad descriptor, ignoring hub [ 545.996294][ T5980] hub 7-1:1.0: probe with driver hub failed with error -5 [ 545.999698][ T5980] cdc_wdm 7-1:1.0: skipping garbage [ 546.001592][ T5980] cdc_wdm 7-1:1.0: skipping garbage [ 546.004728][ T5980] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 546.007142][ T5980] cdc_wdm 7-1:1.0: Unknown control protocol [ 546.294271][T24584] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 546.297443][T24584] bond_slave_1: left allmulticast mode [ 546.300519][T24584] bond0 (unregistering): Released all slaves [ 546.310111][ T34] usb 7-1: USB disconnect, device number 17 [ 546.360998][ T2397] bridge0: port 1(bridge_slave_0) entered blocking state [ 546.363234][ T2397] bridge0: port 1(bridge_slave_0) entered disabled state [ 546.365725][ T2397] bridge_slave_0: entered allmulticast mode [ 546.368506][ T2397] bridge_slave_0: entered promiscuous mode [ 546.371840][ T2397] bridge0: port 2(bridge_slave_1) entered blocking state [ 546.374071][ T2397] bridge0: port 2(bridge_slave_1) entered disabled state [ 546.376679][ T2397] bridge_slave_1: entered allmulticast mode [ 546.383813][ T2397] bridge_slave_1: entered promiscuous mode [ 546.434041][ T2397] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 546.453235][ T2397] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 546.494477][ T2419] loop6: detected capacity change from 0 to 524287999 [ 546.518737][ T2397] team0: Port device team_slave_0 added [ 546.544176][ T2397] team0: Port device team_slave_1 added [ 546.576012][ T2397] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 546.578236][ T2397] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 546.586472][ T2397] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 546.590960][ T2397] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 546.593279][ T2397] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 546.601700][ T2397] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 546.622051][T24584] hsr_slave_0: left promiscuous mode [ 546.624348][T24584] hsr_slave_1: left promiscuous mode [ 546.627113][T24584] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 546.630716][T24584] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 546.634620][T24584] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 546.637686][T24584] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 546.672852][T24584] veth1_macvtap: left promiscuous mode [ 546.675288][T24584] veth0_macvtap: left promiscuous mode [ 546.677753][T24584] veth1_vlan: left promiscuous mode [ 546.681105][T24584] veth0_vlan: left promiscuous mode [ 546.722186][ T2424] kernel read not supported for file /eth0 (pid: 2424 comm: syz.1.12749) [ 546.725909][ T40] kauditd_printk_skb: 136 callbacks suppressed [ 546.725920][ T40] audit: type=1800 audit(2134218511.951:4672): pid=2424 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.12749" name="eth0" dev="mqueue" ino=168481 res=0 errno=0 [ 547.765053][ T5949] Bluetooth: hci0: command tx timeout [ 548.395222][ T2397] hsr_slave_0: entered promiscuous mode [ 548.397505][ T2397] hsr_slave_1: entered promiscuous mode [ 548.399884][ T2397] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 548.402428][ T2397] Cannot create hsr debugfs directory [ 549.016717][ T2397] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 549.035219][ T2397] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 549.039123][ T34] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 549.042464][ T2397] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 549.047482][ T2397] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 549.098314][ T2397] 8021q: adding VLAN 0 to HW filter on device bond0 [ 549.108451][ T2397] 8021q: adding VLAN 0 to HW filter on device team0 [ 549.113854][T24633] bridge0: port 1(bridge_slave_0) entered blocking state [ 549.116608][T24633] bridge0: port 1(bridge_slave_0) entered forwarding state [ 549.126718][T24584] bridge0: port 2(bridge_slave_1) entered blocking state [ 549.129085][T24584] bridge0: port 2(bridge_slave_1) entered forwarding state [ 549.162006][ T2397] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 549.189037][ T34] usb 6-1: Using ep0 maxpacket: 32 [ 549.192045][ T34] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 549.194719][ T34] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 549.197158][ T34] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 549.201626][ T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 549.204632][ T34] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 549.207717][ T34] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 549.211952][ T34] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 549.214723][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 549.218458][ T34] usb 6-1: config 0 descriptor?? [ 549.273064][ T2397] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 549.420612][ T2397] veth0_vlan: entered promiscuous mode [ 549.434711][ T2397] veth1_vlan: entered promiscuous mode [ 549.437947][ T34] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 20 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 549.450355][ T2397] veth0_macvtap: entered promiscuous mode [ 549.454736][ T2397] veth1_macvtap: entered promiscuous mode [ 549.463005][ T2397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 549.466876][ T2397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 549.470063][ T2397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 549.473236][ T2397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 549.476217][ T2397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 549.480395][ T2397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 549.483381][ T2397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 549.487756][ T2397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 549.491806][ T2397] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 549.502250][ T2397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 549.505516][ T2397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 549.508556][ T2397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 549.511887][ T2397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 549.514928][ T2397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 549.518140][ T2397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 549.521403][ T2397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 549.524646][ T2397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 549.528535][ T2397] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 549.537914][ T2397] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 549.540830][ T2397] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 549.543527][ T2397] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 549.546544][ T2397] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 549.598171][ T1139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 549.601173][ T1139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 549.616098][T24633] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 549.618774][T24633] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 549.849282][ T5949] Bluetooth: hci0: command tx timeout [ 550.435786][ T2552] Bluetooth: MGMT ver 1.23 [ 550.437571][ T2552] Bluetooth: hci0: expected 2 bytes, got 7 bytes [ 550.548354][ T2558] loop6: detected capacity change from 0 to 524287999 [ 550.837014][ T2589] loop6: detected capacity change from 0 to 524287999 [ 551.242737][ T40] audit: type=1326 audit(2134218516.471:4673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2618 comm="syz.2.12831" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x0 [ 551.810357][ T6135] usb 6-1: USB disconnect, device number 20 [ 551.815706][ T6135] usblp0: removed [ 551.902342][ T2642] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 551.919178][ T5949] Bluetooth: hci0: command tx timeout [ 552.201013][ T6135] IPVS: starting estimator thread 0... [ 552.289126][ T2674] IPVS: using max 47 ests per chain, 112800 per kthread [ 552.395104][ T6135] kernel read not supported for file /video37 (pid: 6135 comm: kworker/2:4) [ 552.417737][ T2701] wlan0 speed is unknown, defaulting to 1000 [ 552.636105][ T2728] overlay: filesystem on ./bus not supported as upperdir [ 552.929094][ T5981] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 553.100311][ T5981] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 553.103763][ T5981] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 553.106767][ T5981] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 553.110638][ T5981] usb 6-1: config 0 interface 0 has no altsetting 0 [ 553.113765][ T5981] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 553.116584][ T5981] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 553.120332][ T5981] usb 6-1: config 0 interface 0 has no altsetting 0 [ 553.123587][ T5981] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 553.126482][ T5981] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 553.130051][ T5981] usb 6-1: config 0 interface 0 has no altsetting 0 [ 553.132988][ T5981] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 553.135863][ T5981] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 553.139265][ T5981] usb 6-1: config 0 interface 0 has no altsetting 0 [ 553.142256][ T5981] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 553.145094][ T5981] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 553.148544][ T5981] usb 6-1: config 0 interface 0 has no altsetting 0 [ 553.151661][ T5981] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 553.155184][ T5981] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 553.158555][ T5981] usb 6-1: config 0 interface 0 has no altsetting 0 [ 553.161527][ T5981] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 553.164440][ T5981] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 553.167834][ T5981] usb 6-1: config 0 interface 0 has no altsetting 0 [ 553.170864][ T5981] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 553.173965][ T5981] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 553.177345][ T5981] usb 6-1: config 0 interface 0 has no altsetting 0 [ 553.181304][ T5981] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 553.184197][ T5981] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 553.186845][ T5981] usb 6-1: Product: syz [ 553.188188][ T5981] usb 6-1: Manufacturer: syz [ 553.189724][ T5981] usb 6-1: SerialNumber: syz [ 553.192530][ T5981] usb 6-1: config 0 descriptor?? [ 553.196482][ T5981] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 553.403867][ T6006] usb 6-1: USB disconnect, device number 21 [ 553.406979][ T6006] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 553.979469][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 553.999713][ T5949] Bluetooth: hci0: command tx timeout [ 554.040004][ T2753] __nla_validate_parse: 4 callbacks suppressed [ 554.040014][ T2753] netlink: 440 bytes leftover after parsing attributes in process `syz.3.12871'. [ 554.121263][ T40] audit: type=1326 audit(2134218519.351:4674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2763 comm="syz.3.12876" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 554.136951][ T40] audit: type=1326 audit(2134218519.351:4675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2763 comm="syz.3.12876" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 554.144531][ T40] audit: type=1326 audit(2134218519.351:4676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2763 comm="syz.3.12876" exe="/syz-executor" sig=0 arch=40000003 syscall=76 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 554.154773][ T40] audit: type=1326 audit(2134218519.351:4677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2763 comm="syz.3.12876" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 554.163036][ T40] audit: type=1326 audit(2134218519.351:4678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2763 comm="syz.3.12876" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 554.998787][ T2835] netlink: 84 bytes leftover after parsing attributes in process `syz.1.12902'. [ 555.032561][ T2840] netlink: 20 bytes leftover after parsing attributes in process `syz.1.12903'. [ 555.035696][ T2840] netlink: 20 bytes leftover after parsing attributes in process `syz.1.12903'. [ 555.096339][ T2846] netlink: 788 bytes leftover after parsing attributes in process `syz.9.12906'. [ 555.497057][ T2876] input: syz0 as /devices/virtual/input/input108 [ 555.758166][ T2896] netlink: 12 bytes leftover after parsing attributes in process `syz.2.12923'. [ 555.848359][ T2903] netlink: 788 bytes leftover after parsing attributes in process `syz.2.12925'. [ 555.969152][ T6135] usb 14-1: new high-speed USB device number 29 using dummy_hcd [ 555.971362][ T2909] wlan0 speed is unknown, defaulting to 1000 [ 556.079105][ T5953] Bluetooth: hci0: command tx timeout [ 556.121052][ T6135] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 556.124565][ T6135] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 556.127935][ T6135] usb 14-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 556.130963][ T6135] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 556.134542][ T6135] usb 14-1: config 0 descriptor?? [ 556.502093][ T5940] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 556.548186][ T6135] cm6533_jd 0003:0D8C:0022.0038: unknown main item tag 0x0 [ 556.551250][ T6135] cm6533_jd 0003:0D8C:0022.0038: unknown main item tag 0x0 [ 556.555056][ T6135] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.0/0003:0D8C:0022.0038/input/input109 [ 556.560700][ T6135] cm6533_jd 0003:0D8C:0022.0038: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.9-1/input0 [ 556.669488][ T5940] usb 7-1: Using ep0 maxpacket: 16 [ 556.678760][ T5940] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 556.689081][ T5940] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 556.694548][ T5940] usb 7-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 556.697351][ T5940] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 556.701476][ T5940] usb 7-1: config 0 descriptor?? [ 556.750133][ T6006] usb 14-1: USB disconnect, device number 29 [ 557.109838][ T5940] kye 0003:0458:5016.0039: control desc unexpectedly large [ 557.115300][ T5940] input: HID 0458:5016 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:0458:5016.0039/input/input110 [ 557.181414][ T5940] input: HID 0458:5016 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:0458:5016.0039/input/input111 [ 557.248149][ T5940] kye 0003:0458:5016.0039: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.2-1/input0 [ 557.300876][ T2957] wlan0 speed is unknown, defaulting to 1000 [ 557.316855][ T5940] usb 7-1: USB disconnect, device number 18 [ 557.759036][ T5949] Bluetooth: hci0: Opcode 0x0401 failed: -110 [ 558.159183][ T5949] Bluetooth: hci0: command 0x0401 tx timeout [ 558.210867][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 558.214820][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 558.309081][ T6135] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 558.415196][ T3029] netlink: 36 bytes leftover after parsing attributes in process `syz.9.12966'. [ 558.459768][ T6135] usb 7-1: Using ep0 maxpacket: 8 [ 558.462918][ T6135] usb 7-1: config 0 has no interfaces? [ 558.466483][ T6135] usb 7-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 558.470074][ T6135] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 558.472766][ T6135] usb 7-1: Product: syz [ 558.474109][ T6135] usb 7-1: Manufacturer: syz [ 558.475592][ T6135] usb 7-1: SerialNumber: syz [ 558.478311][ T6135] usb 7-1: config 0 descriptor?? [ 558.539084][T15808] psmouse serio14: Failed to reset mouse on : -5 [ 558.697215][ T5981] usb 7-1: USB disconnect, device number 19 [ 558.708185][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 558.873215][ T6135] kernel write not supported for file /ppp (pid: 6135 comm: kworker/2:4) [ 559.435137][ T3068] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12982'. [ 560.449330][ T10] usb 14-1: new high-speed USB device number 30 using dummy_hcd [ 560.609628][ T10] usb 14-1: Using ep0 maxpacket: 16 [ 560.616210][ T10] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 560.620789][ T10] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 560.624708][ T10] usb 14-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 560.628431][ T10] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 560.632275][ T10] usb 14-1: config 0 descriptor?? [ 560.778624][ T3129] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13011'. [ 560.873173][ T3137] wlan0 speed is unknown, defaulting to 1000 [ 561.044256][ T10] kye 0003:0458:5016.003A: control desc unexpectedly large [ 561.053155][ T10] input: HID 0458:5016 as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.0/0003:0458:5016.003A/input/input113 [ 561.121360][ T10] input: HID 0458:5016 as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.0/0003:0458:5016.003A/input/input114 [ 561.127558][ T10] kye 0003:0458:5016.003A: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.9-1/input0 [ 561.245767][ T6006] usb 14-1: USB disconnect, device number 30 [ 562.379045][T15808] misc userio: Buffer overflowed, userio client isn't keeping up [ 562.749793][ T3213] syzkaller1: entered promiscuous mode [ 562.752107][ T3213] syzkaller1: entered allmulticast mode [ 563.256770][ T40] audit: type=1804 audit(2134218528.481:4679): pid=3230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.13058" name="/" dev="pidfs" ino=35540 res=1 errno=0 [ 563.452061][T15808] input: PS/2 Generic Mouse as /devices/serio14/input/input112 [ 563.672009][T15808] psmouse serio14: Failed to enable mouse on [ 563.809873][ T10] usb 14-1: new high-speed USB device number 32 using dummy_hcd [ 563.959040][ T10] usb 14-1: Using ep0 maxpacket: 8 [ 563.962967][ T10] usb 14-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 563.966636][ T10] usb 14-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 563.967487][ T2289] kernel read not supported for file /sequencer (pid: 2289 comm: kworker/1:2) [ 563.971293][ T10] usb 14-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 563.986146][ T10] usb 14-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 563.990244][ T10] usb 14-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 563.994033][ T10] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 563.998917][ T10] hub 14-1:1.0: bad descriptor, ignoring hub [ 564.001075][ T10] hub 14-1:1.0: probe with driver hub failed with error -5 [ 564.003460][ T10] cdc_wdm 14-1:1.0: skipping garbage [ 564.005097][ T10] cdc_wdm 14-1:1.0: skipping garbage [ 564.007366][ T10] cdc_wdm 14-1:1.0: cdc-wdm0: USB WDM device [ 564.009361][ T10] cdc_wdm 14-1:1.0: Unknown control protocol [ 564.174310][ T3287] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input115 [ 564.332945][ T2289] usb 14-1: USB disconnect, device number 32 [ 564.659103][ T2289] usb 14-1: new high-speed USB device number 33 using dummy_hcd [ 564.829109][ T2289] usb 14-1: Using ep0 maxpacket: 8 [ 564.833255][ T2289] usb 14-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 564.836761][ T2289] usb 14-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 564.839684][ T2289] usb 14-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 564.843183][ T2289] usb 14-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 564.846481][ T2289] usb 14-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 564.849320][ T2289] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 564.854097][ T2289] hub 14-1:1.0: bad descriptor, ignoring hub [ 564.855924][ T2289] hub 14-1:1.0: probe with driver hub failed with error -5 [ 564.858276][ T2289] cdc_wdm 14-1:1.0: skipping garbage [ 564.859976][ T2289] cdc_wdm 14-1:1.0: skipping garbage [ 564.863705][ T2289] cdc_wdm 14-1:1.0: cdc-wdm0: USB WDM device [ 564.865548][ T2289] cdc_wdm 14-1:1.0: Unknown control protocol [ 565.084848][ T3300] debugfs: Invalid uid '0x00000000ffffffff' [ 565.147630][ T3304] team_slave_0: entered promiscuous mode [ 565.150240][ T3304] team_slave_1: entered promiscuous mode [ 565.152981][ T3304] macsec1: entered promiscuous mode [ 565.154655][ T3304] team0: entered promiscuous mode [ 565.156656][ T3304] macsec1: entered allmulticast mode [ 565.158294][ T3304] team0: entered allmulticast mode [ 565.160325][ T3304] team_slave_0: entered allmulticast mode [ 565.162131][ T3304] team_slave_1: entered allmulticast mode [ 565.165269][ T3304] team0: Device macsec1 is already an upper device of the team interface [ 565.169225][ T2289] usb 14-1: USB disconnect, device number 33 [ 565.172115][ T3304] team0: left allmulticast mode [ 565.174163][ T3304] team_slave_0: left allmulticast mode [ 565.176449][ T3304] team_slave_1: left allmulticast mode [ 565.178271][ T3304] team0: left promiscuous mode [ 565.182630][ T3304] team_slave_0: left promiscuous mode [ 565.184386][ T3304] team_slave_1: left promiscuous mode [ 565.440332][ T3319] wlan0 speed is unknown, defaulting to 1000 [ 565.508869][ T3322] netlink: 48 bytes leftover after parsing attributes in process `syz.2.13097'. [ 565.628813][ T3337] team_slave_0: entered promiscuous mode [ 565.631486][ T3337] team_slave_1: entered promiscuous mode [ 565.633335][ T3337] macsec1: entered promiscuous mode [ 565.635025][ T3337] team0: entered promiscuous mode [ 565.636866][ T3337] macsec1: entered allmulticast mode [ 565.638733][ T3337] team0: entered allmulticast mode [ 565.640682][ T3337] team_slave_0: entered allmulticast mode [ 565.643386][ T3337] team_slave_1: entered allmulticast mode [ 565.646787][ T3337] team0: Device macsec1 is already an upper device of the team interface [ 565.652150][ T3337] team0: left allmulticast mode [ 565.653713][ T3337] team_slave_0: left allmulticast mode [ 565.655446][ T3337] team_slave_1: left allmulticast mode [ 565.657163][ T3337] team0: left promiscuous mode [ 565.659529][ T3337] team_slave_0: left promiscuous mode [ 565.662989][ T3337] team_slave_1: left promiscuous mode [ 565.813460][ T3340] kvm: requested 3352 ns i8254 timer period limited to 200000 ns [ 565.859121][ T6006] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 565.909165][ T2289] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 565.980284][ T3347] netlink: 8 bytes leftover after parsing attributes in process `syz.9.13106'. [ 565.986051][ T3347] netlink: 12 bytes leftover after parsing attributes in process `syz.9.13106'. [ 566.029041][ T6006] usb 7-1: Using ep0 maxpacket: 16 [ 566.032029][ T6006] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 566.035479][ T6006] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 566.039163][ T6006] usb 7-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 566.042026][ T6006] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 566.045514][ T6006] usb 7-1: config 0 descriptor?? [ 566.069057][ T2289] usb 6-1: Using ep0 maxpacket: 8 [ 566.072234][ T2289] usb 6-1: config 0 has no interfaces? [ 566.075972][ T2289] usb 6-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e [ 566.078842][ T2289] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 566.081850][ T2289] usb 6-1: Product: syz [ 566.083252][ T2289] usb 6-1: Manufacturer: syz [ 566.084744][ T2289] usb 6-1: SerialNumber: syz [ 566.088577][ T2289] usb 6-1: config 0 descriptor?? [ 566.298768][ T2289] usb 6-1: USB disconnect, device number 22 [ 566.360692][ T3360] unknown channel width for channel at 909000KHz? [ 566.455374][ T6006] kye 0003:0458:5016.003B: control desc unexpectedly large [ 566.459680][ T6006] input: HID 0458:5016 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:0458:5016.003B/input/input116 [ 566.533956][ T6006] input: HID 0458:5016 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:0458:5016.003B/input/input117 [ 566.606236][ T6006] kye 0003:0458:5016.003B: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.2-1/input0 [ 566.655740][ T9] usb 7-1: USB disconnect, device number 20 [ 566.876678][ T3368] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 567.196468][ T40] audit: type=1326 audit(2134218532.421:4680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3372 comm="syz.2.13119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 567.204681][ T40] audit: type=1326 audit(2134218532.421:4681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3372 comm="syz.2.13119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 567.212962][ T40] audit: type=1326 audit(2134218532.421:4682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3372 comm="syz.2.13119" exe="/syz-executor" sig=0 arch=40000003 syscall=232 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 567.219819][ T40] audit: type=1326 audit(2134218532.421:4683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3372 comm="syz.2.13119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 567.227260][ T40] audit: type=1326 audit(2134218532.421:4684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3372 comm="syz.2.13119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 568.120220][ T40] audit: type=1800 audit(2134218533.351:4685): pid=3394 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.13127" name="bus" dev="tmpfs" ino=2 res=0 errno=0 [ 568.653465][ T3430] netlink: 96 bytes leftover after parsing attributes in process `syz.9.13144'. [ 568.929972][ T2289] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 568.959248][ T9] usb 14-1: new high-speed USB device number 34 using dummy_hcd [ 569.099061][ T2289] usb 7-1: Using ep0 maxpacket: 8 [ 569.106389][ T2289] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 569.109073][ T9] usb 14-1: Using ep0 maxpacket: 8 [ 569.110348][ T2289] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 569.113715][ T9] usb 14-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 569.114810][ T2289] usb 7-1: Product: syz [ 569.118849][ T9] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 569.118875][ T9] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 569.118895][ T9] usb 14-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 569.120787][ T2289] usb 7-1: Manufacturer: syz [ 569.120798][ T2289] usb 7-1: SerialNumber: syz [ 569.122277][ T2289] usb 7-1: config 0 descriptor?? [ 569.124865][ T9] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 569.140492][ T9] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 569.186521][ T40] audit: type=1326 audit(2134218534.411:4686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3435 comm="syz.1.13147" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x0 [ 569.334218][ T2289] usb 7-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 569.338237][ T2289] dvb_usb_rtl28xxu 7-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 569.342066][ T2289] usb 7-1: USB disconnect, device number 21 [ 569.346873][ T9] usb 14-1: GET_CAPABILITIES returned 0 [ 569.348695][ T9] usbtmc 14-1:16.0: can't read capabilities [ 569.548658][T15808] usb 14-1: USB disconnect, device number 34 [ 569.609252][ T5953] Bluetooth: hci0: command 0x0401 tx timeout [ 570.099067][ T5940] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 570.249003][ T3452] nbd9: detected capacity change from 0 to 4294967296 [ 570.249192][ T5940] usb 7-1: Using ep0 maxpacket: 8 [ 570.251982][ T3457] block nbd9: shutting down sockets [ 570.255420][ T5940] usb 7-1: config 0 has no interfaces? [ 570.257764][ T5940] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 570.262426][ T5940] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 570.265962][ T5940] usb 7-1: config 0 descriptor?? [ 570.472224][ T9] usb 7-1: USB disconnect, device number 22 [ 570.752397][ T3489] hsr0: entered promiscuous mode [ 570.755182][ T3489] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13169'. [ 570.764830][ T3489] hsr_slave_0: left promiscuous mode [ 570.767665][ T3489] hsr_slave_1: left promiscuous mode [ 570.783717][ T3491] netlink: 4 bytes leftover after parsing attributes in process `syz.9.13170'. [ 570.798753][ T3489] hsr0 (unregistering): left promiscuous mode [ 571.053749][ T3514] macsec1: entered allmulticast mode [ 571.055519][ T3514] mac80211_hwsim hwsim31 wlan0: entered allmulticast mode [ 571.058752][ T3514] batman_adv: batadv0: Adding interface: macsec1 [ 571.062023][ T3514] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 571.069970][ T3514] batman_adv: batadv0: Interface activated: macsec1 [ 571.121151][ T3520] wlan0 speed is unknown, defaulting to 1000 [ 571.171804][ T3527] netlink: 80 bytes leftover after parsing attributes in process `syz.9.13185'. [ 571.253106][ T40] audit: type=1326 audit(2134218536.481:4687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3536 comm="syz.9.13188" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x0 [ 571.361243][ T3549] wlan0 speed is unknown, defaulting to 1000 [ 571.559191][T15808] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 571.679064][ T5953] Bluetooth: hci0: command 0x0401 tx timeout [ 571.710488][T15808] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 571.715547][T15808] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 571.718551][T15808] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 571.721137][T15808] usb 6-1: SerialNumber: syz [ 572.368256][T15808] cdc_ether 6-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.1-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 572.738313][ T1337] usb 6-1: USB disconnect, device number 23 [ 572.741108][ T1337] cdc_ether 6-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.1-1, CDC Ethernet Device [ 573.003061][ T3592] input: syz0 as /devices/virtual/input/input118 [ 573.300352][ T6006] usb 14-1: new high-speed USB device number 35 using dummy_hcd [ 573.304932][ T40] audit: type=1326 audit(2134218538.531:4688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3607 comm="syz.3.13217" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 573.315161][ T3605] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 573.324002][ T40] audit: type=1326 audit(2134218538.531:4689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3607 comm="syz.3.13217" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 573.333371][ T40] audit: type=1326 audit(2134218538.541:4690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3607 comm="syz.3.13217" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 573.342477][ T40] audit: type=1326 audit(2134218538.541:4691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3607 comm="syz.3.13217" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 573.351606][ T40] audit: type=1326 audit(2134218538.541:4692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3607 comm="syz.3.13217" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 573.362652][ T40] audit: type=1326 audit(2134218538.541:4693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3607 comm="syz.3.13217" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 573.370568][ T40] audit: type=1326 audit(2134218538.541:4694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3607 comm="syz.3.13217" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 573.378981][ T40] audit: type=1326 audit(2134218538.541:4695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3607 comm="syz.3.13217" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7ffc0000 [ 573.450808][ T6006] usb 14-1: Using ep0 maxpacket: 32 [ 573.454580][ T6006] usb 14-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 573.460507][ T6006] usb 14-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 573.463557][ T6006] usb 14-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 573.466809][ T6006] usb 14-1: Product: syz [ 573.468828][ T6006] usb 14-1: Manufacturer: syz [ 573.470455][ T6006] usb 14-1: SerialNumber: syz [ 573.473085][ T6006] usb 14-1: config 0 descriptor?? [ 573.475313][ T3596] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22 [ 573.681034][ T9] usb 14-1: USB disconnect, device number 35 [ 574.500901][ T3679] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 574.503521][ T3679] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 574.941475][ T40] kauditd_printk_skb: 9 callbacks suppressed [ 574.941488][ T40] audit: type=1326 audit(2134218540.171:4705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3686 comm="syz.2.13247" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x0 [ 575.889199][T15808] usb 14-1: new full-speed USB device number 36 using dummy_hcd [ 575.895906][ T3711] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13258'. [ 576.060583][T15808] usb 14-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 576.066874][T15808] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 576.070684][T15808] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 576.073997][T15808] usb 14-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 576.079695][T15808] usb 14-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 576.085758][T15808] usb 14-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 576.088401][T15808] usb 14-1: Manufacturer: syz [ 576.093202][T15808] usb 14-1: config 0 descriptor?? [ 576.339266][T15808] rc_core: IR keymap rc-hauppauge not found [ 576.341449][T15808] Registered IR keymap rc-empty [ 576.343129][T15808] mceusb 14-1:0.0: Error: mce write submit urb error = -90 [ 576.360485][T15808] mceusb 14-1:0.0: Error: mce write submit urb error = -90 [ 576.379752][T15808] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.0/rc/rc0 [ 576.383811][ T3734] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13266'. [ 576.385853][T15808] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.0/rc/rc0/input119 [ 576.395492][T15808] mceusb 14-1:0.0: Error: mce write submit urb error = -90 [ 576.404940][ T3734] 8021q: adding VLAN 0 to HW filter on device bond1 [ 576.418807][ T3734] 8021q: adding VLAN 0 to HW filter on device bond1 [ 576.421827][T15808] mceusb 14-1:0.0: Error: mce write submit urb error = -90 [ 576.424387][ T3734] bond1: (slave vcan1): The slave device specified does not support setting the MAC address [ 576.428632][ T3734] bond1: (slave vcan1): Error -95 calling set_mac_address [ 576.449154][T15808] mceusb 14-1:0.0: Error: mce write submit urb error = -90 [ 576.469108][T15808] mceusb 14-1:0.0: Error: mce write submit urb error = -90 [ 576.489237][T15808] mceusb 14-1:0.0: Error: mce write submit urb error = -90 [ 576.519159][T15808] mceusb 14-1:0.0: Error: mce write submit urb error = -90 [ 576.539112][T15808] mceusb 14-1:0.0: Error: mce write submit urb error = -90 [ 576.559292][T15808] mceusb 14-1:0.0: Error: mce write submit urb error = -90 [ 576.579436][T15808] mceusb 14-1:0.0: Error: mce write submit urb error = -90 [ 576.599136][T15808] mceusb 14-1:0.0: Error: mce write submit urb error = -90 [ 576.619890][T15808] mceusb 14-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 576.622809][T15808] mceusb 14-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 576.627635][T15808] usb 14-1: USB disconnect, device number 36 [ 576.640649][ T3744] nbd: device at index 2 is going down [ 576.796180][ T3754] syzkaller1: entered promiscuous mode [ 576.798005][ T3754] syzkaller1: entered allmulticast mode [ 576.984449][ T3763] syzkaller1: entered promiscuous mode [ 576.996130][ T3761] hub 2-0:1.0: USB hub found [ 576.997775][ T3761] hub 2-0:1.0: 2 ports detected [ 577.085717][ T3772] wlan0 speed is unknown, defaulting to 1000 [ 577.379159][ T9] usb 14-1: new high-speed USB device number 37 using dummy_hcd [ 577.389264][T15808] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 577.539338][ T9] usb 14-1: Using ep0 maxpacket: 8 [ 577.543157][ T9] usb 14-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 577.547053][ T9] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 577.550455][ T9] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 577.553992][ T9] usb 14-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 577.559155][ T9] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 577.561972][ T9] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 577.781126][ T9] usb 14-1: GET_CAPABILITIES returned 0 [ 577.783354][ T9] usbtmc 14-1:16.0: can't read capabilities [ 577.982319][ T6006] usb 14-1: USB disconnect, device number 37 [ 578.446318][ T3810] binder: 3809:3810 ioctl c0306201 800003c0 returned -14 [ 578.486104][ T3821] netfs: Couldn't get user pages (rc=-14) [ 578.487976][ T3821] netfs: Zero-sized read [R=32b] [ 578.565196][ T3827] netlink: 12 bytes leftover after parsing attributes in process `syz.9.13306'. [ 578.599156][T15808] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 579.595349][ T3842] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13313'. [ 579.749201][T15808] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 579.790466][ T3867] pim6reg1: entered promiscuous mode [ 579.792199][ T3867] pim6reg1: entered allmulticast mode [ 579.815310][ T3865] netlink: 'syz.2.13324': attribute type 5 has an invalid length. [ 579.818089][ T3865] netlink: 32 bytes leftover after parsing attributes in process `syz.2.13324'. [ 580.079397][ T5940] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 580.229163][ T5940] usb 6-1: Using ep0 maxpacket: 8 [ 580.232820][ T5940] usb 6-1: config index 0 descriptor too short (expected 5924, got 36) [ 580.236175][ T5940] usb 6-1: config 250 has an invalid interface number: 228 but max is -1 [ 580.239747][ T5940] usb 6-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 580.243309][ T5940] usb 6-1: config 250 has no interface number 0 [ 580.245828][ T5940] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 580.250624][ T5940] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 580.254781][ T5940] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 580.258898][ T5940] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 580.263081][ T5940] usb 6-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 580.268358][ T5940] usb 6-1: config 250 interface 228 has no altsetting 0 [ 580.273423][ T5940] usb 6-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 580.277059][ T5940] usb 6-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 580.280517][ T5940] usb 6-1: Product: syz [ 580.282226][ T5940] usb 6-1: SerialNumber: syz [ 580.287598][ T5940] hub 6-1:250.228: bad descriptor, ignoring hub [ 580.290184][ T5940] hub 6-1:250.228: probe with driver hub failed with error -5 [ 580.489961][ T5940] usblp 6-1:250.228: usblp0: USB Bidirectional printer dev 24 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 580.799351][T15808] usb 6-1: USB disconnect, device number 24 [ 580.803117][T15808] usblp0: removed [ 581.129098][T15808] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 581.289172][T15808] usb 6-1: Using ep0 maxpacket: 8 [ 581.292136][T15808] usb 6-1: config index 0 descriptor too short (expected 5924, got 36) [ 581.294765][T15808] usb 6-1: config 250 has an invalid interface number: 228 but max is -1 [ 581.297477][T15808] usb 6-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 581.300378][T15808] usb 6-1: config 250 has no interface number 0 [ 581.302369][T15808] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 581.305945][T15808] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 581.309404][T15808] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 581.312574][T15808] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 581.315781][T15808] usb 6-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 581.320437][T15808] usb 6-1: config 250 interface 228 has no altsetting 0 [ 581.323999][T15808] usb 6-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 581.326984][T15808] usb 6-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 581.330239][T15808] usb 6-1: Product: syz [ 581.332057][T15808] usb 6-1: SerialNumber: syz [ 581.337237][T15808] hub 6-1:250.228: bad descriptor, ignoring hub [ 581.339934][T15808] hub 6-1:250.228: probe with driver hub failed with error -5 [ 581.540936][T15808] usblp 6-1:250.228: usblp0: USB Bidirectional printer dev 25 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 581.559555][T15808] usb 6-1: USB disconnect, device number 25 [ 581.564147][T15808] usblp0: removed [ 581.767658][ T3901] input: syz0 as /devices/virtual/input/input120 [ 581.804811][ T3903] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 581.909195][T15808] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 583.010294][ T3928] bridge0: port 2(bridge_slave_1) entered disabled state [ 583.013346][ T3928] bridge0: port 1(bridge_slave_0) entered disabled state [ 583.156899][ T3928] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 583.162635][ T3993] usb usb8: usbfs: process 3993 (syz.1.13357) did not claim interface 0 before use [ 583.170663][ T3928] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 583.292985][ T3928] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 583.295901][ T3928] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 583.298764][ T3928] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 583.302725][ T3928] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 583.366271][ T3928] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 583.369950][ T3928] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 583.373192][ T3928] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 583.375912][ T3928] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 583.385164][ T3928] gretap1: left promiscuous mode [ 583.386888][ T3928] gretap1: left allmulticast mode [ 583.556048][T15808] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 583.578426][ T4017] tls_set_device_offload: netdev not found [ 584.641090][ T4072] bridge0: port 2(bridge_slave_1) entered disabled state [ 584.643613][ T4072] bridge0: port 1(bridge_slave_0) entered disabled state [ 584.824395][ T4072] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 584.832259][ T4072] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 584.892606][ T4072] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 584.895422][ T4072] netdevsim netdevsim9 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 584.898302][ T4072] netdevsim netdevsim9 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 584.902839][ T4072] netdevsim netdevsim9 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 585.049381][T15808] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 585.092074][ T4097] netlink: 4 bytes leftover after parsing attributes in process `syz.9.13384'. [ 585.279114][ T5949] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 585.279918][ T5953] Bluetooth: hci4: command 0xfc11 tx timeout [ 586.202976][ T4162] syzkaller1: entered promiscuous mode [ 586.204807][ T4162] syzkaller1: entered allmulticast mode [ 586.376073][ T4172] wlan0 speed is unknown, defaulting to 1000 [ 586.934005][ T4203] usb usb8: usbfs: process 4203 (syz.2.13403) did not claim interface 0 before use [ 587.140199][ T5981] usb 6-1: new full-speed USB device number 26 using dummy_hcd [ 587.303626][ T5981] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 587.306550][ T5981] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 587.310680][ T5981] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 587.313506][ T5981] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 587.399984][ T40] audit: type=1326 audit(2134218552.631:4706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4245 comm="syz.9.13409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 587.406655][ T40] audit: type=1326 audit(2134218552.631:4707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4245 comm="syz.9.13409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 587.413997][ T40] audit: type=1326 audit(2134218552.631:4708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4245 comm="syz.9.13409" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 587.420713][ T40] audit: type=1326 audit(2134218552.631:4709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4245 comm="syz.9.13409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 587.427359][ T40] audit: type=1326 audit(2134218552.631:4710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4245 comm="syz.9.13409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 587.434040][ T40] audit: type=1326 audit(2134218552.631:4711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4245 comm="syz.9.13409" exe="/syz-executor" sig=0 arch=40000003 syscall=217 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 587.440761][ T40] audit: type=1326 audit(2134218552.631:4712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4245 comm="syz.9.13409" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 587.522382][ T5981] usb 6-1: usb_control_msg returned -32 [ 587.524780][ T5981] usbtmc 6-1:16.0: can't read capabilities [ 588.217710][ T4338] hsr0: entered promiscuous mode [ 588.220268][ T4338] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13422'. [ 588.223367][ T4338] hsr_slave_0: left promiscuous mode [ 588.225756][ T4338] hsr_slave_1: left promiscuous mode [ 588.242891][ T4338] hsr0 (unregistering): left promiscuous mode [ 588.925739][ T4345] netlink: 4 bytes leftover after parsing attributes in process `syz.9.13425'. [ 589.576808][ T4371] netlink: 80 bytes leftover after parsing attributes in process `syz.9.13442'. [ 589.582220][ T4371] netlink: 80 bytes leftover after parsing attributes in process `syz.9.13442'. [ 589.613176][ T40] audit: type=1326 audit(2134218554.841:4713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4374 comm="syz.9.13436" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x0 [ 589.668077][ T4379] wlan0 speed is unknown, defaulting to 1000 [ 589.916566][ T5940] usb 6-1: USB disconnect, device number 26 [ 589.960682][ T2289] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 590.129787][ T2289] usb 7-1: Using ep0 maxpacket: 8 [ 590.132756][ T2289] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 590.136223][ T2289] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 590.139887][ T2289] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 590.142950][ T2289] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 590.146937][ T2289] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 590.150368][ T2289] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 590.363430][ T2289] usb 7-1: GET_CAPABILITIES returned 0 [ 590.365825][ T2289] usbtmc 7-1:16.0: can't read capabilities [ 590.563314][ T1337] usb 7-1: USB disconnect, device number 23 [ 591.079087][ T1337] usb 14-1: new high-speed USB device number 38 using dummy_hcd [ 591.168466][ T4416] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13453'. [ 591.250905][ T1337] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 591.254559][ T1337] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 591.257965][ T1337] usb 14-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 591.262271][ T1337] usb 14-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 591.265249][ T1337] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 591.269218][ T1337] usb 14-1: config 0 descriptor?? [ 591.640699][ T4425] rtc_cmos 00:05: Alarms can be up to one day in the future [ 591.693125][ T1337] plantronics 0003:047F:FFFF.003C: unknown main item tag 0x0 [ 591.696014][ T1337] plantronics 0003:047F:FFFF.003C: unknown main item tag 0x0 [ 591.698355][ T1337] plantronics 0003:047F:FFFF.003C: unknown main item tag 0x0 [ 591.701454][ T1337] plantronics 0003:047F:FFFF.003C: unknown main item tag 0x0 [ 591.703757][ T1337] plantronics 0003:047F:FFFF.003C: unknown main item tag 0x0 [ 591.706031][ T1337] plantronics 0003:047F:FFFF.003C: unknown main item tag 0x0 [ 591.709306][ T1337] plantronics 0003:047F:FFFF.003C: No inputs registered, leaving [ 591.713331][ T1337] plantronics 0003:047F:FFFF.003C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0 [ 591.764788][T15808] rtc_cmos 00:05: Alarms can be up to one day in the future [ 591.767922][T15808] rtc_cmos 00:05: Alarms can be up to one day in the future [ 591.771132][T15808] rtc_cmos 00:05: Alarms can be up to one day in the future [ 591.774282][T15808] rtc_cmos 00:05: Alarms can be up to one day in the future [ 591.776649][T15808] rtc rtc0: __rtc_set_alarm: err=-22 [ 592.847684][ T4445] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 592.850118][ T4445] IPv6: NLM_F_CREATE should be set when creating new route [ 593.275165][ T4471] IPv6: sit1: Disabled Multicast RS [ 593.277707][ T4471] sit1: entered allmulticast mode [ 593.583326][ T4491] Invalid ELF header magic: != ELF [ 593.770376][T15808] usb 14-1: USB disconnect, device number 38 [ 594.059391][ T4520] Bluetooth: hci0: service_discovery: too big uuid_count value 65062 [ 594.114227][ T4526] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 594.234065][ T4537] binder: 4536:4537 ioctl c0306201 80000480 returned -14 [ 594.292182][ T4538] wlan0 speed is unknown, defaulting to 1000 [ 596.139077][ T9] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 596.289274][ T9] usb 7-1: Using ep0 maxpacket: 16 [ 596.292563][ T9] usb 7-1: too many configurations: 123, using maximum allowed: 8 [ 596.297227][ T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 596.302793][ T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 596.308165][ T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 596.313717][ T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 596.323538][ T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 596.340474][ T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 596.346481][ T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 596.352186][ T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 596.357999][ T9] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 596.361915][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45 [ 596.365442][ T9] usb 7-1: SerialNumber: syz [ 596.369685][ T9] usb 7-1: config 0 descriptor?? [ 596.375643][ T9] input: bcm5974 as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input121 [ 596.468312][ T40] audit: type=1326 audit(2134218561.691:4714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4597 comm="syz.9.13529" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703e579 code=0x0 [ 596.590560][ T5333] bcm5974 7-1:0.0: could not read from device [ 596.594654][ T5333] bcm5974 7-1:0.0: could not read from device [ 596.597747][ T9] usb 7-1: USB disconnect, device number 24 [ 596.708232][ T4610] netlink: 'syz.1.13534': attribute type 12 has an invalid length. [ 596.710997][ T4610] netlink: 'syz.1.13534': attribute type 29 has an invalid length. [ 596.713398][ T4610] netlink: 148 bytes leftover after parsing attributes in process `syz.1.13534'. [ 596.716178][ T4610] netlink: 59 bytes leftover after parsing attributes in process `syz.1.13534'. [ 597.104374][ T4625] loop6: detected capacity change from 0 to 524287999 [ 597.111131][ C0] blk_print_req_error: 54 callbacks suppressed [ 597.111144][ C0] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x8800 phys_seg 2 prio class 0 [ 597.116711][ C0] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x8800 phys_seg 2 prio class 0 [ 597.380106][T15808] hid-generic 0000:0000:0000.003D: unknown main item tag 0x0 [ 597.383560][T15808] hid-generic 0000:0000:0000.003D: hidraw0: HID v0.00 Device [syz1] on syz0 [ 597.673870][ T40] audit: type=1804 audit(2134218562.891:4715): pid=4670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.13557" name="/" dev="pidfs" ino=36962 res=1 errno=0 [ 598.087264][ T4689] input: syz0 as /devices/virtual/input/input122 [ 598.543151][ T4730] wlan0 speed is unknown, defaulting to 1000 [ 598.677926][ T4742] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13583'. [ 598.969633][ T4759] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13590'. [ 599.044854][ T4761] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 599.139196][ T9] usb 6-1: new high-speed USB device number 27 using dummy_hcd [ 599.210723][ T4770] Invalid ELF header magic: != ELF [ 599.292280][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 599.299889][ T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 599.303483][ T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 599.315826][ T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 599.319268][ T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 599.324189][ T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 599.327166][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 599.533307][ T9] usb 6-1: GET_CAPABILITIES returned 0 [ 599.535134][ T9] usbtmc 6-1:16.0: can't read capabilities [ 599.735417][ T9] usb 6-1: USB disconnect, device number 27 [ 600.159106][ T5949] Bluetooth: hci0: command 0x0401 tx timeout [ 600.159120][ T2289] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 600.163525][ T2289] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 600.193524][ T4798] wlan0 speed is unknown, defaulting to 1000 [ 600.372806][ T4815] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13613'. [ 601.275259][ T4839] netlink: 12 bytes leftover after parsing attributes in process `syz.2.13623'. [ 601.458336][ T4846] netlink: 'syz.3.13625': attribute type 12 has an invalid length. [ 601.461529][ T4846] netlink: 'syz.3.13625': attribute type 29 has an invalid length. [ 601.464773][ T4846] netlink: 148 bytes leftover after parsing attributes in process `syz.3.13625'. [ 601.468534][ T4846] netlink: 59 bytes leftover after parsing attributes in process `syz.3.13625'. [ 602.329256][ T4871] netlink: 96 bytes leftover after parsing attributes in process `syz.9.13637'. [ 602.400901][ T5940] libceph: connect (1)[c::]:6789 error -101 [ 602.402938][ T5940] libceph: mon0 (1)[c::]:6789 connect error [ 602.543782][ T4889] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13643'. [ 602.659623][ T5940] libceph: connect (1)[c::]:6789 error -101 [ 602.662131][ T5940] libceph: mon0 (1)[c::]:6789 connect error [ 602.710601][ T4891] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 602.876104][ T4902] pim6reg1: entered promiscuous mode [ 602.878046][ T4902] pim6reg1: entered allmulticast mode [ 603.171633][ T5940] libceph: connect (1)[c::]:6789 error -101 [ 603.173720][ T5940] libceph: mon0 (1)[c::]:6789 connect error [ 603.229099][ T4879] ceph: No mds server is up or the cluster is laggy [ 603.239126][T15808] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 603.391341][T15808] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 603.394686][T15808] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 603.397820][T15808] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 603.402271][T15808] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 603.405105][T15808] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 603.416965][T15808] usb 6-1: config 0 descriptor?? [ 603.455449][ T4935] binder: 4934:4935 ioctl c0306201 800001c0 returned -22 [ 603.836302][T15808] plantronics 0003:047F:FFFF.003E: No inputs registered, leaving [ 603.841466][T15808] plantronics 0003:047F:FFFF.003E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 604.099103][ T4962] netlink: 'syz.9.13675': attribute type 39 has an invalid length. [ 604.429133][ T2289] usb 14-1: new high-speed USB device number 39 using dummy_hcd [ 604.579116][ T2289] usb 14-1: Using ep0 maxpacket: 8 [ 604.582315][ T2289] usb 14-1: config index 0 descriptor too short (expected 301, got 45) [ 604.585008][ T2289] usb 14-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 604.588248][ T2289] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 604.591588][ T2289] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 604.594740][ T2289] usb 14-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 604.599117][ T2289] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 604.602176][ T2289] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 604.759266][ T1337] usb 7-1: new high-speed USB device number 25 using dummy_hcd [ 604.809906][ T2289] usb 14-1: usb_control_msg returned -32 [ 604.812306][ T2289] usbtmc 14-1:16.0: can't read capabilities [ 604.854900][ T2289] libceph: connect (1)[c::]:6789 error -101 [ 604.857365][ T2289] libceph: mon0 (1)[c::]:6789 connect error [ 604.929086][ T1337] usb 7-1: Using ep0 maxpacket: 32 [ 604.933153][ T1337] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 604.937624][ T1337] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 604.941418][ T1337] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 604.944517][ T1337] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 604.951141][ T1337] usb 7-1: config 0 descriptor?? [ 604.955344][ T1337] hub 7-1:0.0: USB hub found [ 605.120969][ T2289] libceph: connect (1)[c::]:6789 error -101 [ 605.123706][ T2289] libceph: mon0 (1)[c::]:6789 connect error [ 605.160267][ T1337] hub 7-1:0.0: config failed, can't read hub descriptor (err -22) [ 605.165593][ T1337] usbhid 7-1:0.0: can't add hid device: -71 [ 605.167653][ T1337] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 605.189436][ T1337] usb 7-1: USB disconnect, device number 25 [ 605.629195][ T2289] libceph: connect (1)[c::]:6789 error -101 [ 605.631415][ T2289] libceph: mon0 (1)[c::]:6789 connect error [ 605.660125][ T4980] ceph: No mds server is up or the cluster is laggy [ 605.715506][ T4989] input: syz0 as /devices/virtual/input/input123 [ 605.717630][ T4989] input: failed to attach handler leds to device input123, error: -6 [ 605.724687][ T4992] netlink: 136 bytes leftover after parsing attributes in process `syz.1.13686'. [ 605.914899][ T5981] usb 6-1: USB disconnect, device number 28 [ 607.089849][ T5067] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13719'. [ 607.146942][ T5073] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 607.149108][ T5073] syzkaller1: Refused to change device type [ 607.179720][ T5074] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13721'. [ 607.201992][ T5940] usb 14-1: USB disconnect, device number 39 [ 607.233100][ T5077] input: syz1 as /devices/virtual/input/input124 [ 607.993651][ T5118] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13741'. [ 608.140723][ T5940] libceph: connect (1)[c::]:6789 error -101 [ 608.142838][ T5940] libceph: mon0 (1)[c::]:6789 connect error [ 608.341113][ T5146] kernel read not supported for file /eth0 (pid: 5146 comm: syz.9.13751) [ 608.345413][ T40] audit: type=1800 audit(2134218573.571:4716): pid=5146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.13751" name="eth0" dev="mqueue" ino=191092 res=0 errno=0 [ 608.400660][ T2289] kernel read not supported for file /eth0 (pid: 2289 comm: kworker/1:2) [ 608.409604][ T5940] libceph: connect (1)[c::]:6789 error -101 [ 608.411659][ T5940] libceph: mon0 (1)[c::]:6789 connect error [ 608.919411][ T5940] libceph: connect (1)[c::]:6789 error -101 [ 608.921370][ T5940] libceph: mon0 (1)[c::]:6789 connect error [ 608.967380][ T5133] ceph: No mds server is up or the cluster is laggy [ 609.038335][ T5166] input: syz0 as /devices/virtual/input/input125 [ 609.388205][ T5197] syzkaller0: refused to change device tx_queue_len [ 609.570670][ T5209] netlink: 'syz.2.13779': attribute type 1 has an invalid length. [ 609.574513][ T5210] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13778'. [ 609.577832][ T5210] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13778'. [ 609.604017][ T5209] bond2: (slave gre1): The slave device specified does not support setting the MAC address [ 609.607107][ T5209] bond2: (slave gre1): Setting fail_over_mac to active for active-backup mode [ 609.611557][ T5209] bond2: (slave gre1): Opening slave failed [ 609.944914][ T5248] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 610.061148][ T5262] input: syz0 as /devices/virtual/input/input126 [ 610.133629][ T5268] 8021q: adding VLAN 0 to HW filter on device bond3 [ 610.136084][ T5268] bridge0: port 3(bond3) entered blocking state [ 610.138334][ T5268] bridge0: port 3(bond3) entered disabled state [ 610.140833][ T5268] bond3: entered allmulticast mode [ 610.143472][ T5268] bond3: entered promiscuous mode [ 610.145959][ T5268] bridge0: port 3(bond3) entered blocking state [ 610.148059][ T5268] bridge0: port 3(bond3) entered forwarding state [ 610.215615][T15808] libceph: connect (1)[c::]:6789 error -22 [ 610.217570][T15808] libceph: mon0 (1)[c::]:6789 connect error [ 610.244008][T24633] bridge0: port 3(bond3) entered disabled state [ 610.489245][T15808] libceph: connect (1)[c::]:6789 error -22 [ 610.491306][T15808] libceph: mon0 (1)[c::]:6789 connect error [ 611.009387][T15808] libceph: connect (1)[c::]:6789 error -22 [ 611.011867][T15808] libceph: mon0 (1)[c::]:6789 connect error [ 611.033382][ T5282] ceph: No mds server is up or the cluster is laggy [ 611.288809][T15808] libceph: connect (1)[c::]:6789 error -101 [ 611.291776][T15808] libceph: mon0 (1)[c::]:6789 connect error [ 611.343268][ T5336] input: syz0 as /devices/virtual/input/input127 [ 611.477079][ T5345] ALSA: seq fatal error: cannot create timer (-16) [ 611.489269][ T2289] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 611.529133][ T6006] usb 14-1: new high-speed USB device number 40 using dummy_hcd [ 611.559317][T15808] libceph: connect (1)[c::]:6789 error -101 [ 611.563231][T15808] libceph: mon0 (1)[c::]:6789 connect error [ 611.640079][ T2289] usb 6-1: Using ep0 maxpacket: 8 [ 611.643167][ T2289] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 611.646464][ T2289] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 611.649564][ T2289] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 611.652550][ T2289] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 611.656670][ T2289] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 611.659565][ T2289] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 611.707188][ T6006] usb 14-1: Using ep0 maxpacket: 8 [ 611.711804][ T6006] usb 14-1: config index 0 descriptor too short (expected 301, got 45) [ 611.715328][ T6006] usb 14-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 611.719473][ T6006] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 611.723251][ T6006] usb 14-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 611.726251][ T6006] usb 14-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 611.730826][ T6006] usb 14-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 611.733709][ T6006] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 611.796882][ T5356] netlink: 4 bytes leftover after parsing attributes in process `syz.2.13837'. [ 611.870197][ T2289] usb 6-1: GET_CAPABILITIES returned 0 [ 611.872029][ T2289] usbtmc 6-1:16.0: can't read capabilities [ 611.946320][ T6006] usb 14-1: GET_CAPABILITIES returned 0 [ 611.948280][ T6006] usbtmc 14-1:16.0: can't read capabilities [ 612.071663][T15808] libceph: connect (1)[c::]:6789 error -101 [ 612.072984][ T5981] usb 6-1: USB disconnect, device number 29 [ 612.073728][T15808] libceph: mon0 (1)[c::]:6789 connect error [ 612.096038][ T5325] ceph: No mds server is up or the cluster is laggy [ 612.147426][ T5940] usb 14-1: USB disconnect, device number 40 [ 612.688891][ T40] audit: type=1326 audit(2134218577.911:4717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5369 comm="syz.1.13843" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 612.695891][ T40] audit: type=1326 audit(2134218577.911:4718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5369 comm="syz.1.13843" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 612.706035][ T40] audit: type=1326 audit(2134218577.921:4719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5369 comm="syz.1.13843" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 612.714351][ T40] audit: type=1326 audit(2134218577.921:4720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5369 comm="syz.1.13843" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 612.722947][ T40] audit: type=1326 audit(2134218577.921:4721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5369 comm="syz.1.13843" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 612.731047][ T40] audit: type=1326 audit(2134218577.921:4722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5369 comm="syz.1.13843" exe="/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 613.599077][ C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 614.099178][T15808] usb 14-1: new high-speed USB device number 41 using dummy_hcd [ 614.251977][T15808] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 614.256558][T15808] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 614.260892][T15808] usb 14-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 614.264218][T15808] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 614.267753][T15808] usb 14-1: config 0 descriptor?? [ 614.679196][ T5402] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 614.682924][ T5402] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 614.688852][T15808] cm6533_jd 0003:0D8C:0022.003F: unknown main item tag 0x0 [ 614.691350][T15808] cm6533_jd 0003:0D8C:0022.003F: unknown main item tag 0x0 [ 614.694847][T15808] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.0/0003:0D8C:0022.003F/input/input129 [ 614.701514][T15808] cm6533_jd 0003:0D8C:0022.003F: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.9-1/input0 [ 614.892732][T15808] usb 14-1: USB disconnect, device number 41 [ 615.429677][ T5451] syzkaller0: tun_chr_ioctl cmd 1074025684 [ 616.763701][ T5497] input: syz0 as /devices/virtual/input/input130 [ 617.878470][ T5553] netlink: 'syz.2.13925': attribute type 2 has an invalid length. [ 617.882135][ T5553] nbd: illegal input index -1 [ 618.755524][ T5579] input: syz0 as /devices/virtual/input/input131 [ 618.939554][ T5592] loop8: detected capacity change from 0 to 7 [ 618.942249][ T5592] Dev loop8: unable to read RDB block 7 [ 618.944405][ T5592] loop8: unable to read partition table [ 618.946771][ T5592] loop8: partition table beyond EOD, truncated [ 618.954102][ T5592] loop_reread_partitions: partition scan of loop8 (被xڬdƤݡ [ 618.954102][ T5592] ) failed (rc=-5) [ 618.999257][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 619.001819][ T5598] binder: 5597:5598 ioctl c0306201 80000540 returned -14 [ 619.044324][ T5604] wlan0 speed is unknown, defaulting to 1000 [ 619.084366][ T40] audit: type=1326 audit(2134218584.311:4723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5600 comm="syz.3.13946" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x0 [ 619.942478][ T5647] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 620.208576][ T5679] netlink: 1 bytes leftover after parsing attributes in process `syz.9.13979'. [ 620.399238][T15808] usb 7-1: new high-speed USB device number 26 using dummy_hcd [ 620.428680][ T5692] netlink: 72 bytes leftover after parsing attributes in process `syz.9.13985'. [ 620.435930][ T5692] netlink: 72 bytes leftover after parsing attributes in process `syz.9.13985'. [ 620.477146][ T5694] netlink: 12 bytes leftover after parsing attributes in process `syz.9.13986'. [ 620.571576][T15808] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 620.575903][T15808] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 620.580749][T15808] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 620.584775][T15808] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 620.593231][ T5674] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 620.598524][T15808] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 620.733751][ T5707] netlink: 32 bytes leftover after parsing attributes in process `syz.9.13992'. [ 620.801715][ T5981] usb 7-1: USB disconnect, device number 26 [ 620.811981][ T5711] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13994'. [ 620.999798][ T5723] netlink: 96 bytes leftover after parsing attributes in process `syz.1.13999'. [ 621.126091][ T5733] syzkaller0: tun_chr_ioctl cmd 1074025684 [ 621.832862][ T5752] loop6: detected capacity change from 0 to 524287999 [ 621.863394][ T5754] input: syz0 as /devices/virtual/input/input132 [ 621.886529][ T5756] netlink: 56 bytes leftover after parsing attributes in process `syz.9.14011'. [ 621.972689][ T5768] netlink: 'syz.1.14019': attribute type 12 has an invalid length. [ 621.975333][ T5768] netlink: 'syz.1.14019': attribute type 29 has an invalid length. [ 621.978097][ T5768] netlink: 148 bytes leftover after parsing attributes in process `syz.1.14019'. [ 621.982734][ T5768] netlink: 'syz.1.14019': attribute type 1 has an invalid length. [ 621.985172][ T5768] netlink: 'syz.1.14019': attribute type 2 has an invalid length. [ 621.987884][ T5768] netlink: 39 bytes leftover after parsing attributes in process `syz.1.14019'. [ 623.256669][ T5852] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 41189 - 0 [ 623.260527][ T5852] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 41189 - 0 [ 623.264122][ T5852] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 41189 - 0 [ 623.267693][ T5852] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 41189 - 0 [ 623.329071][ T5981] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 623.510251][ T5981] usb 6-1: Using ep0 maxpacket: 8 [ 623.514217][ T5981] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 623.517675][ T5981] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 623.521840][ T5981] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 623.525961][ T5981] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 623.529225][ T5981] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 623.533953][ T5981] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 623.537393][ T5981] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 623.753895][ T5981] usb 6-1: GET_CAPABILITIES returned 0 [ 623.756366][ T5981] usbtmc 6-1:16.0: can't read capabilities [ 623.921836][ T5888] Invalid source name [ 623.923210][ T5888] UBIFS error (pid: 5888): cannot open "./file0", error -22 [ 623.955382][ T5981] usb 6-1: USB disconnect, device number 30 [ 625.030580][ T5969] Bluetooth: hci0: unsupported parameter 1793 [ 625.033182][ T5969] Bluetooth: hci0: unsupported parameter 4096 [ 625.035840][ T5969] Bluetooth: hci0: unsupported parameter 1793 [ 625.038414][ T5969] Bluetooth: hci0: unsupported parameter 4096 [ 625.169091][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 625.905622][ T5994] input: syz1 as /devices/virtual/input/input133 [ 626.199067][ T5940] usb 14-1: new high-speed USB device number 42 using dummy_hcd [ 626.362157][ T5940] usb 14-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 626.365490][ T5940] usb 14-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 626.370054][ T5940] usb 14-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 626.372991][ T5940] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 626.377147][ T5940] usb 14-1: config 0 descriptor?? [ 626.388350][ T5940] usbhid 14-1:0.0: couldn't find an input interrupt endpoint [ 626.747323][ T6031] netlink: 'syz.2.14124': attribute type 1 has an invalid length. [ 626.760150][ T6031] 8021q: adding VLAN 0 to HW filter on device bond4 [ 626.778129][ T6031] bond4: (slave gretap2): making interface the new active one [ 626.782155][ T6031] bond4: (slave gretap2): Enslaving as an active interface with an up link [ 627.303387][ T40] audit: type=1326 audit(2134218592.531:4724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6053 comm="syz.1.14133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 627.310558][ T40] audit: type=1326 audit(2134218592.531:4725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6053 comm="syz.1.14133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 627.317163][ T40] audit: type=1326 audit(2134218592.531:4726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6053 comm="syz.1.14133" exe="/syz-executor" sig=0 arch=40000003 syscall=293 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 627.323886][ T40] audit: type=1326 audit(2134218592.531:4727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6053 comm="syz.1.14133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 627.331055][ T40] audit: type=1326 audit(2134218592.531:4728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6053 comm="syz.1.14133" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x7ffc0000 [ 627.841384][ T2289] usb 6-1: new full-speed USB device number 31 using dummy_hcd [ 627.984751][ T6079] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 627.992060][ T2289] usb 6-1: config index 0 descriptor too short (expected 156, got 27) [ 627.995546][ T2289] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 628.000382][ T2289] usb 6-1: config 0 interface 0 altsetting 191 has 0 endpoint descriptors, different from the interface descriptor's value: 144 [ 628.005869][ T2289] usb 6-1: config 0 interface 0 has no altsetting 0 [ 628.012240][ T2289] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 628.015581][ T2289] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 628.018302][ T2289] usb 6-1: Product: syz [ 628.019721][ T2289] usb 6-1: Manufacturer: syz [ 628.021534][ T2289] usb 6-1: SerialNumber: syz [ 628.024690][ T2289] usb 6-1: config 0 descriptor?? [ 628.027724][ T2289] ldusb 6-1:0.0: Interrupt in endpoint not found [ 628.314954][T15808] usb 6-1: USB disconnect, device number 31 [ 628.939152][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 628.947086][ T5981] usb 14-1: USB disconnect, device number 42 [ 628.957586][ T6092] __nla_validate_parse: 2 callbacks suppressed [ 628.957600][ T6092] netlink: 4 bytes leftover after parsing attributes in process `syz.2.14153'. [ 628.964321][ T6092] bond3: left allmulticast mode [ 628.965987][ T6092] bond3: left promiscuous mode [ 628.967743][ T6092] bridge0: port 3(bond3) entered disabled state [ 628.981500][ T6092] bridge_slave_1: left allmulticast mode [ 628.983417][ T6092] bridge_slave_1: left promiscuous mode [ 628.985393][ T6092] bridge0: port 2(bridge_slave_1) entered disabled state [ 628.992314][ T6092] bridge_slave_0: left allmulticast mode [ 628.994125][ T6092] bridge_slave_0: left promiscuous mode [ 628.995957][ T6092] bridge0: port 1(bridge_slave_0) entered disabled state [ 628.999963][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 629.350247][ T5940] usb 6-1: new full-speed USB device number 32 using dummy_hcd [ 629.511534][ T5940] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 629.514802][ T5940] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 629.524943][ T5940] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 629.528703][ T5940] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 629.743979][ T5940] usb 6-1: usb_control_msg returned -32 [ 629.745811][ T5940] usbtmc 6-1:16.0: can't read capabilities [ 629.795028][ T6152] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 630.025277][ T2289] usb 7-1: new high-speed USB device number 27 using dummy_hcd [ 630.190369][ T2289] usb 7-1: Using ep0 maxpacket: 16 [ 630.193356][ T2289] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 630.198973][ T2289] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 630.201971][ T2289] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 630.205925][ T2289] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 630.208767][ T2289] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 630.214162][ T2289] usb 7-1: config 0 descriptor?? [ 630.639185][ T6149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 630.644443][ T6149] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 630.649624][ T2289] microsoft 0003:045E:07DA.0040: unknown main item tag 0x0 [ 630.651872][ T2289] microsoft 0003:045E:07DA.0040: unknown main item tag 0x0 [ 630.654316][ T2289] microsoft 0003:045E:07DA.0040: unknown main item tag 0x0 [ 630.656696][ T2289] microsoft 0003:045E:07DA.0040: unknown main item tag 0x0 [ 630.659154][ T2289] microsoft 0003:045E:07DA.0040: unknown main item tag 0x0 [ 630.661425][ T2289] microsoft 0003:045E:07DA.0040: unknown main item tag 0x0 [ 630.663715][ T2289] microsoft 0003:045E:07DA.0040: unknown main item tag 0x0 [ 630.667742][ T2289] microsoft 0003:045E:07DA.0040: unknown main item tag 0x0 [ 630.670534][ T2289] microsoft 0003:045E:07DA.0040: unknown main item tag 0x0 [ 630.672816][ T2289] microsoft 0003:045E:07DA.0040: unknown main item tag 0x0 [ 630.676018][ T2289] HID 045e:07da: Invalid code 65791 type 1 [ 630.680321][ T2289] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:045E:07DA.0040/input/input135 [ 630.685492][ T2289] microsoft 0003:045E:07DA.0040: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 630.852136][T15808] usb 7-1: USB disconnect, device number 27 [ 630.970304][ T5940] kernel write not supported for file [eventfd] (pid: 5940 comm: kworker/0:3) [ 631.006556][ T6192] netlink: 32 bytes leftover after parsing attributes in process `syz.9.14187'. [ 631.349226][ T5940] usb 14-1: new high-speed USB device number 43 using dummy_hcd [ 631.397410][ T40] audit: type=1326 audit(2134218596.621:4729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6186 comm="syz.3.14185" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f17579 code=0x7fc00000 [ 631.500456][ T5940] usb 14-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 631.503987][ T5940] usb 14-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 631.508304][ T5940] usb 14-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 631.512346][ T5940] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 631.518476][ T6198] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22 [ 631.524421][ T5940] usb 14-1: Quirk or no altset; falling back to MIDI 1.0 [ 631.753051][ T2289] usb 14-1: USB disconnect, device number 43 [ 632.089111][T15808] usb 6-1: USB disconnect, device number 32 [ 632.172610][ T6227] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14201'. [ 632.439012][T15808] usb 6-1: new high-speed USB device number 33 using dummy_hcd [ 632.592487][T15808] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 632.596170][T15808] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 632.599527][T15808] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 632.602504][T15808] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 632.606940][ T6223] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 632.610925][T15808] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 632.699727][ T6254] netlink: 'syz.3.14211': attribute type 1 has an invalid length. [ 632.720222][ T6254] 8021q: adding VLAN 0 to HW filter on device bond1 [ 632.741048][ T6254] bond1: (slave gretap2): making interface the new active one [ 632.747640][ T6254] bond1: (slave gretap2): Enslaving as an active interface with an up link [ 632.771723][ T6257] [ 632.772551][ T6257] ===================================================== [ 632.774738][ T6257] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 632.777692][ T6257] 6.15.0-rc6-syzkaller #0 Not tainted [ 632.779870][ T6257] ----------------------------------------------------- [ 632.784823][ T6257] syz.9.14212/6257 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 632.787490][ T6257] ffff888029b5fd38 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x138/0x510 [ 632.790285][ T6257] [ 632.790285][ T6257] and this task is already holding: [ 632.792564][ T6257] ffff88802b14d028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0x10e/0x9b0 [ 632.795620][ T6257] which would create a new lock dependency: [ 632.797453][ T6257] (&client->buffer_lock){....}-{3:3} -> (&new->fa_lock){....}-{3:3} [ 632.799975][ T6257] [ 632.799975][ T6257] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 632.802772][ T6257] (&dev->event_lock#2){..-.}-{3:3} [ 632.802791][ T6257] [ 632.802791][ T6257] ... which became SOFTIRQ-irq-safe at: [ 632.806919][ T6257] lock_acquire+0x179/0x350 [ 632.808654][ T6257] _raw_spin_lock_irqsave+0x3a/0x60 [ 632.810330][ T6257] input_inject_event+0x9f/0x390 [ 632.811910][ T6257] led_set_brightness+0x214/0x290 [ 632.813531][ T6257] led_trigger_event+0xda/0x270 [ 632.814972][ T6257] kbd_bh+0x21b/0x300 [ 632.816116][ T6257] tasklet_action_common+0x281/0x400 [ 632.817586][T15808] usb 6-1: USB disconnect, device number 33 [ 632.817609][ T6257] handle_softirqs+0x216/0x8e0 [ 632.821549][ T6257] run_ksoftirqd+0x3a/0x60 [ 632.822991][ T6257] smpboot_thread_fn+0x3f4/0xae0 [ 632.824583][ T6257] kthread+0x3c2/0x780 [ 632.825896][ T6257] ret_from_fork+0x45/0x80 [ 632.827306][ T6257] ret_from_fork_asm+0x1a/0x30 [ 632.828858][ T6257] [ 632.828858][ T6257] to a SOFTIRQ-irq-unsafe lock: [ 632.831024][ T6257] (tasklist_lock){.+.+}-{3:3} [ 632.831039][ T6257] [ 632.831039][ T6257] ... which became SOFTIRQ-irq-unsafe at: [ 632.834931][ T6257] ... [ 632.834935][ T6257] lock_acquire+0x179/0x350 [ 632.837186][ T6257] _raw_read_lock+0x5f/0x70 [ 632.838654][ T6257] __do_wait+0x105/0x890 [ 632.840016][ T6257] do_wait+0x21e/0x5a0 [ 632.841326][ T6257] kernel_wait+0x9f/0x160 [ 632.842729][ T6257] call_usermodehelper_exec_work+0xf1/0x170 [ 632.844686][ T6257] process_one_work+0x9cc/0x1b70 [ 632.846274][ T6257] worker_thread+0x6c8/0xf10 [ 632.847798][ T6257] kthread+0x3c2/0x780 [ 632.849105][ T6257] ret_from_fork+0x45/0x80 [ 632.850544][ T6257] ret_from_fork_asm+0x1a/0x30 [ 632.852084][ T6257] [ 632.852084][ T6257] other info that might help us debug this: [ 632.852084][ T6257] [ 632.855142][ T6257] Chain exists of: [ 632.855142][ T6257] &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock [ 632.855142][ T6257] [ 632.859304][ T6257] Possible interrupt unsafe locking scenario: [ 632.859304][ T6257] [ 632.861830][ T6257] CPU0 CPU1 [ 632.863500][ T6257] ---- ---- [ 632.865164][ T6257] lock(tasklist_lock); [ 632.866509][ T6257] local_irq_disable(); [ 632.868624][ T6257] lock(&dev->event_lock#2); [ 632.870862][ T6257] lock(&client->buffer_lock); [ 632.873146][ T6257] [ 632.874264][ T6257] lock(&dev->event_lock#2); [ 632.875794][ T6257] [ 632.875794][ T6257] *** DEADLOCK *** [ 632.875794][ T6257] [ 632.878322][ T6257] 7 locks held by syz.9.14212/6257: [ 632.879993][ T6257] #0: ffff888043782118 (&evdev->mutex){+.+.}-{4:4}, at: evdev_write+0x184/0x440 [ 632.882878][ T6257] #1: ffff8880201d1230 (&dev->event_lock#2){..-.}-{3:3}, at: input_inject_event+0x9f/0x390 [ 632.885987][ T6257] #2: ffffffff8e3bf400 (rcu_read_lock){....}-{1:3}, at: input_inject_event+0xbb/0x390 [ 632.888947][ T6257] #3: ffffffff8e3bf400 (rcu_read_lock){....}-{1:3}, at: input_pass_values+0x80/0x890 [ 632.891905][ T6257] #4: ffffffff8e3bf400 (rcu_read_lock){....}-{1:3}, at: evdev_events+0x7b/0x390 [ 632.894742][ T6257] #5: ffff88802b14d028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0x10e/0x9b0 [ 632.897912][ T6257] #6: ffffffff8e3bf400 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x62/0x510 [ 632.900627][ T6257] [ 632.900627][ T6257] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 632.903752][ T6257] -> (&dev->event_lock#2){..-.}-{3:3} { [ 632.905508][ T6257] IN-SOFTIRQ-W at: [ 632.906793][ T6257] lock_acquire+0x179/0x350 [ 632.908783][ T6257] _raw_spin_lock_irqsave+0x3a/0x60 [ 632.910992][ T6257] input_inject_event+0x9f/0x390 [ 632.913092][ T6257] led_set_brightness+0x214/0x290 [ 632.915299][ T6257] led_trigger_event+0xda/0x270 [ 632.917419][ T6257] kbd_bh+0x21b/0x300 [ 632.919293][ T6257] tasklet_action_common+0x281/0x400 [ 632.921450][ T6257] handle_softirqs+0x216/0x8e0 [ 632.923507][ T6257] run_ksoftirqd+0x3a/0x60 [ 632.925466][ T6257] smpboot_thread_fn+0x3f4/0xae0 [ 632.927618][ T6257] kthread+0x3c2/0x780 [ 632.929574][ T6257] ret_from_fork+0x45/0x80 [ 632.931949][ T6257] ret_from_fork_asm+0x1a/0x30 [ 632.934037][ T6257] INITIAL USE at: [ 632.935347][ T6257] lock_acquire+0x179/0x350 [ 632.937304][ T6257] _raw_spin_lock_irqsave+0x3a/0x60 [ 632.939493][ T6257] input_inject_event+0x9f/0x390 [ 632.941632][ T6257] led_set_brightness+0x214/0x290 [ 632.943767][ T6257] kbd_led_trigger_activate+0xcb/0x110 [ 632.946049][ T6257] led_trigger_set+0x597/0xc50 [ 632.948064][ T6257] led_trigger_set_default+0x1bd/0x2a0 [ 632.950310][ T6257] led_classdev_register_ext+0x7b8/0xa10 [ 632.952578][ T6257] input_leds_connect+0x552/0x8e0 [ 632.954674][ T6257] input_attach_handler.isra.0+0x181/0x260 [ 632.957274][ T6257] input_register_device+0xa84/0x1130 [ 632.959567][ T6257] atkbd_connect+0x5da/0xa20 [ 632.961534][ T6257] serio_driver_probe+0x74/0xb0 [ 632.963664][ T6257] really_probe+0x23e/0xa90 [ 632.965617][ T6257] __driver_probe_device+0x1de/0x440 [ 632.967889][ T6257] driver_probe_device+0x4c/0x1b0 [ 632.970049][ T6257] __driver_attach+0x283/0x580 [ 632.972111][ T6257] bus_for_each_dev+0x13b/0x1d0 [ 632.974244][ T6257] serio_handle_event+0x247/0xa50 [ 632.976335][ T6257] process_one_work+0x9cc/0x1b70 [ 632.978618][ T6257] worker_thread+0x6c8/0xf10 [ 632.980619][ T6257] kthread+0x3c2/0x780 [ 632.982481][ T6257] ret_from_fork+0x45/0x80 [ 632.984434][ T6257] ret_from_fork_asm+0x1a/0x30 [ 632.986472][ T6257] } [ 632.987337][ T6257] ... key at: [] __key.7+0x0/0x40 [ 632.989629][ T6257] -> (&client->buffer_lock){....}-{3:3} { [ 632.991449][ T6257] INITIAL USE at: [ 632.992640][ T6257] lock_acquire+0x179/0x350 [ 632.994514][ T6257] _raw_spin_lock+0x2e/0x40 [ 632.996440][ T6257] evdev_pass_values+0x10e/0x9b0 [ 632.998479][ T6257] evdev_events+0x1bb/0x390 [ 633.000486][ T6257] input_pass_values+0x6c4/0x890 [ 633.002381][ T6257] input_handle_event+0xf00/0x14d0 [ 633.004349][ T6257] input_inject_event+0x1cd/0x390 [ 633.006430][ T6257] evdev_write+0x2e1/0x440 [ 633.008369][ T6257] vfs_write+0x25c/0x1180 [ 633.010188][ T6257] ksys_write+0x205/0x240 [ 633.012013][ T6257] __do_fast_syscall_32+0x73/0x120 [ 633.014023][ T6257] do_fast_syscall_32+0x32/0x80 [ 633.015978][ T6257] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 633.018462][ T6257] } [ 633.019281][ T6257] ... key at: [] __key.1+0x0/0x40 [ 633.021466][ T6257] ... acquired at: [ 633.022694][ T6257] _raw_spin_lock+0x2e/0x40 [ 633.024169][ T6257] evdev_pass_values+0x10e/0x9b0 [ 633.025825][ T6257] evdev_events+0x1bb/0x390 [ 633.027330][ T6257] input_pass_values+0x6c4/0x890 [ 633.028938][ T6257] input_handle_event+0xf00/0x14d0 [ 633.030613][ T6257] input_inject_event+0x1cd/0x390 [ 633.032248][ T6257] evdev_write+0x2e1/0x440 [ 633.033707][ T6257] vfs_write+0x25c/0x1180 [ 633.035152][ T6257] ksys_write+0x205/0x240 [ 633.036581][ T6257] __do_fast_syscall_32+0x73/0x120 [ 633.038289][ T6257] do_fast_syscall_32+0x32/0x80 [ 633.039878][ T6257] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 633.041903][ T6257] [ 633.042678][ T6257] [ 633.042678][ T6257] the dependencies between the lock to be acquired [ 633.042683][ T6257] and SOFTIRQ-irq-unsafe lock: [ 633.046791][ T6257] -> (tasklist_lock){.+.+}-{3:3} { [ 633.048418][ T6257] HARDIRQ-ON-R at: [ 633.049733][ T6257] lock_acquire+0x179/0x350 [ 633.051747][ T6257] _raw_read_lock+0x5f/0x70 [ 633.053809][ T6257] __do_wait+0x105/0x890 [ 633.055794][ T6257] do_wait+0x21e/0x5a0 [ 633.057695][ T6257] kernel_wait+0x9f/0x160 [ 633.059695][ T6257] call_usermodehelper_exec_work+0xf1/0x170 [ 633.062136][ T6257] process_one_work+0x9cc/0x1b70 [ 633.064229][ T6257] worker_thread+0x6c8/0xf10 [ 633.066305][ T6257] kthread+0x3c2/0x780 [ 633.068195][ T6257] ret_from_fork+0x45/0x80 [ 633.070192][ T6257] ret_from_fork_asm+0x1a/0x30 [ 633.072291][ T6257] SOFTIRQ-ON-R at: [ 633.073569][ T6257] lock_acquire+0x179/0x350 [ 633.075591][ T6257] _raw_read_lock+0x5f/0x70 [ 633.077667][ T6257] __do_wait+0x105/0x890 [ 633.079607][ T6257] do_wait+0x21e/0x5a0 [ 633.081507][ T6257] kernel_wait+0x9f/0x160 [ 633.083955][ T6257] call_usermodehelper_exec_work+0xf1/0x170 [ 633.086399][ T6257] process_one_work+0x9cc/0x1b70 [ 633.088550][ T6257] worker_thread+0x6c8/0xf10 [ 633.090600][ T6257] kthread+0x3c2/0x780 [ 633.092501][ T6257] ret_from_fork+0x45/0x80 [ 633.094460][ T6257] ret_from_fork_asm+0x1a/0x30 [ 633.096557][ T6257] INITIAL USE at: [ 633.097872][ T6257] lock_acquire+0x179/0x350 [ 633.099870][ T6257] _raw_write_lock_irq+0x36/0x50 [ 633.102340][ T6257] copy_process+0x3f09/0x91a0 [ 633.105004][ T6257] kernel_clone+0xfc/0x960 [ 633.107202][ T6257] user_mode_thread+0xc7/0x110 [ 633.109306][ T6257] rest_init+0x23/0x2b0 [ 633.111215][ T6257] start_kernel+0x3e9/0x4d0 [ 633.113258][ T6257] x86_64_start_reservations+0x18/0x30 [ 633.115582][ T6257] x86_64_start_kernel+0xb0/0xc0 [ 633.117742][ T6257] common_startup_64+0x13e/0x148 [ 633.119960][ T6257] INITIAL READ USE at: [ 633.121398][ T6257] lock_acquire+0x179/0x350 [ 633.123592][ T6257] _raw_read_lock+0x5f/0x70 [ 633.125823][ T6257] __do_wait+0x105/0x890 [ 633.127970][ T6257] do_wait+0x21e/0x5a0 [ 633.130033][ T6257] kernel_wait+0x9f/0x160 [ 633.132167][ T6257] call_usermodehelper_exec_work+0xf1/0x170 [ 633.134783][ T6257] process_one_work+0x9cc/0x1b70 [ 633.137103][ T6257] worker_thread+0x6c8/0xf10 [ 633.139359][ T6257] kthread+0x3c2/0x780 [ 633.141419][ T6257] ret_from_fork+0x45/0x80 [ 633.143611][ T6257] ret_from_fork_asm+0x1a/0x30 [ 633.145880][ T6257] } [ 633.146787][ T6257] ... key at: [] tasklist_lock+0x18/0x40 [ 633.149348][ T6257] ... acquired at: [ 633.150643][ T6257] _raw_read_lock+0x5f/0x70 [ 633.152172][ T6257] send_sigio+0xb8/0x3e0 [ 633.153664][ T6257] dnotify_handle_event+0x15e/0x2b0 [ 633.155509][ T6257] fsnotify_handle_inode_event.isra.0+0x1df/0x3f0 [ 633.157700][ T6257] fsnotify+0x13d6/0x1dc0 [ 633.159239][ T6257] vfs_mkdir+0x71d/0x8c0 [ 633.160697][ T6257] do_mkdirat+0x304/0x3e0 [ 633.162195][ T6257] __ia32_sys_mkdir+0x61/0x80 [ 633.163779][ T6257] __do_fast_syscall_32+0x73/0x120 [ 633.165482][ T6257] do_fast_syscall_32+0x32/0x80 [ 633.167145][ T6257] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 633.169297][ T6257] [ 633.170092][ T6257] -> (&f_owner->lock){....}-{3:3} { [ 633.171814][ T6257] INITIAL USE at: [ 633.173129][ T6257] lock_acquire+0x179/0x350 [ 633.175129][ T6257] _raw_write_lock_irq+0x36/0x50 [ 633.177189][ T6257] __f_setown+0x61/0x3c0 [ 633.179149][ T6257] generic_setlease+0xeef/0x1300 [ 633.181224][ T6257] kernel_setlease+0x106/0x140 [ 633.183284][ T6257] vfs_setlease+0x258/0x2d0 [ 633.185278][ T6257] fcntl_setlease+0x3ed/0x5a0 [ 633.187358][ T6257] do_fcntl+0x75a/0x1590 [ 633.189256][ T6257] do_compat_fcntl64+0x370/0x700 [ 633.191276][ T6257] __do_fast_syscall_32+0x73/0x120 [ 633.193426][ T6257] do_fast_syscall_32+0x32/0x80 [ 633.195609][ T6257] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 633.198292][ T6257] INITIAL READ USE at: [ 633.199704][ T6257] lock_acquire+0x179/0x350 [ 633.201809][ T6257] _raw_read_lock_irq+0x67/0x80 [ 633.204030][ T6257] do_fcntl+0xc77/0x1590 [ 633.206158][ T6257] do_compat_fcntl64+0x370/0x700 [ 633.208437][ T6257] __do_fast_syscall_32+0x73/0x120 [ 633.210847][ T6257] do_fast_syscall_32+0x32/0x80 [ 633.213222][ T6257] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 633.215883][ T6257] } [ 633.216741][ T6257] ... key at: [] __key.1+0x0/0x40 [ 633.219082][ T6257] ... acquired at: [ 633.220339][ T6257] _raw_read_lock_irqsave+0x74/0x90 [ 633.222112][ T6257] send_sigio+0x31/0x3e0 [ 633.223564][ T6257] kill_fasync+0x214/0x510 [ 633.225044][ T6257] lease_break_callback+0x23/0x30 [ 633.226714][ T6257] __break_lease+0x671/0x1810 [ 633.228308][ T6257] do_dentry_open+0x6e1/0x1c10 [ 633.229886][ T6257] vfs_open+0x82/0x3f0 [ 633.231242][ T6257] path_openat+0x1e5e/0x2d40 [ 633.232755][ T6257] do_filp_open+0x20b/0x470 [ 633.234270][ T6257] do_sys_openat2+0x11b/0x1d0 [ 633.235814][ T6257] __ia32_compat_sys_openat+0x16d/0x210 [ 633.237673][ T6257] __do_fast_syscall_32+0x73/0x120 [ 633.239322][ T6257] do_fast_syscall_32+0x32/0x80 [ 633.240862][ T6257] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 633.242920][ T6257] [ 633.243703][ T6257] -> (&new->fa_lock){....}-{3:3} { [ 633.245320][ T6257] INITIAL USE at: [ 633.246582][ T6257] lock_acquire+0x179/0x350 [ 633.248657][ T6257] _raw_write_lock_irq+0x36/0x50 [ 633.250698][ T6257] fasync_remove_entry+0xb2/0x1e0 [ 633.252727][ T6257] fasync_helper+0xaf/0xd0 [ 633.254643][ T6257] lease_modify+0x232/0x500 [ 633.256590][ T6257] locks_remove_file+0x29e/0x5b0 [ 633.258675][ T6257] __fput+0x351/0xb70 [ 633.260425][ T6257] task_work_run+0x14d/0x240 [ 633.262366][ T6257] syscall_exit_to_user_mode+0x27b/0x2a0 [ 633.264566][ T6257] __do_fast_syscall_32+0x80/0x120 [ 633.266671][ T6257] do_fast_syscall_32+0x32/0x80 [ 633.268708][ T6257] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 633.271202][ T6257] INITIAL READ USE at: [ 633.272571][ T6257] lock_acquire+0x179/0x350 [ 633.274613][ T6257] _raw_read_lock_irqsave+0x74/0x90 [ 633.276850][ T6257] kill_fasync+0x138/0x510 [ 633.278893][ T6257] sock_wake_async+0x132/0x160 [ 633.280944][ T6257] unix_shutdown+0x4be/0xa50 [ 633.282942][ T6257] __sys_shutdown+0x113/0x1a0 [ 633.284939][ T6257] __ia32_sys_shutdown+0x53/0x80 [ 633.287051][ T6257] __do_fast_syscall_32+0x73/0x120 [ 633.289239][ T6257] do_fast_syscall_32+0x32/0x80 [ 633.291298][ T6257] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 633.293893][ T6257] } [ 633.294756][ T6257] ... key at: [] __key.0+0x0/0x40 [ 633.296923][ T6257] ... acquired at: [ 633.298151][ T6257] lock_acquire+0x179/0x350 [ 633.299631][ T6257] _raw_read_lock_irqsave+0x74/0x90 [ 633.301307][ T6257] kill_fasync+0x138/0x510 [ 633.302764][ T6257] evdev_pass_values+0x619/0x9b0 [ 633.304407][ T6257] evdev_events+0x1bb/0x390 [ 633.305896][ T6257] input_pass_values+0x6c4/0x890 [ 633.307535][ T6257] input_handle_event+0xf00/0x14d0 [ 633.309393][ T6257] input_inject_event+0x1cd/0x390 [ 633.311054][ T6257] evdev_write+0x2e1/0x440 [ 633.312517][ T6257] vfs_write+0x25c/0x1180 [ 633.313972][ T6257] ksys_write+0x205/0x240 [ 633.315398][ T6257] __do_fast_syscall_32+0x73/0x120 [ 633.317056][ T6257] do_fast_syscall_32+0x32/0x80 [ 633.318646][ T6257] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 633.320613][ T6257] [ 633.321387][ T6257] [ 633.321387][ T6257] stack backtrace: [ 633.323246][ T6257] CPU: 3 UID: 0 PID: 6257 Comm: syz.9.14212 Not tainted 6.15.0-rc6-syzkaller #0 PREEMPT(full) [ 633.323260][ T6257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 633.323267][ T6257] Call Trace: [ 633.323271][ T6257] [ 633.323276][ T6257] dump_stack_lvl+0x116/0x1f0 [ 633.323292][ T6257] check_irq_usage+0x7dc/0x920 [ 633.323304][ T6257] ? tracing_record_taskinfo_sched_switch+0x54/0x400 [ 633.323320][ T6257] ? check_path.constprop.0+0x24/0x50 [ 633.323333][ T6257] ? __lock_acquire+0x1189/0x1ba0 [ 633.323345][ T6257] __lock_acquire+0x1189/0x1ba0 [ 633.323359][ T6257] lock_acquire+0x179/0x350 [ 633.323371][ T6257] ? kill_fasync+0x138/0x510 [ 633.323386][ T6257] _raw_read_lock_irqsave+0x74/0x90 [ 633.323398][ T6257] ? kill_fasync+0x138/0x510 [ 633.323409][ T6257] kill_fasync+0x138/0x510 [ 633.323421][ T6257] evdev_pass_values+0x619/0x9b0 [ 633.323435][ T6257] evdev_events+0x1bb/0x390 [ 633.323448][ T6257] input_pass_values+0x6c4/0x890 [ 633.323461][ T6257] input_handle_event+0xf00/0x14d0 [ 633.323473][ T6257] ? _copy_from_user+0x59/0xd0 [ 633.323490][ T6257] input_inject_event+0x1cd/0x390 [ 633.323503][ T6257] evdev_write+0x2e1/0x440 [ 633.323516][ T6257] ? __pfx_evdev_write+0x10/0x10 [ 633.323528][ T6257] ? bpf_lsm_file_permission+0x9/0x10 [ 633.323543][ T6257] ? security_file_permission+0x71/0x210 [ 633.323558][ T6257] ? rw_verify_area+0xcf/0x680 [ 633.323572][ T6257] vfs_write+0x25c/0x1180 [ 633.323580][ T6257] ? __pfx_evdev_write+0x10/0x10 [ 633.323593][ T6257] ? __pfx_vfs_write+0x10/0x10 [ 633.323602][ T6257] ? find_held_lock+0x2b/0x80 [ 633.323611][ T6257] ? __fget_files+0x204/0x3c0 [ 633.323626][ T6257] ? __fget_files+0x20e/0x3c0 [ 633.323642][ T6257] ksys_write+0x205/0x240 [ 633.323651][ T6257] ? __pfx_ksys_write+0x10/0x10 [ 633.323660][ T6257] ? rcu_is_watching+0x12/0xc0 [ 633.323670][ T6257] ? rcu_is_watching+0x12/0xc0 [ 633.323679][ T6257] __do_fast_syscall_32+0x73/0x120 [ 633.323694][ T6257] do_fast_syscall_32+0x32/0x80 [ 633.323708][ T6257] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 633.323721][ T6257] RIP: 0023:0xf703e579 [ 633.323729][ T6257] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 633.323739][ T6257] RSP: 002b:00000000f502e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 633.323748][ T6257] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040 [ 633.323755][ T6257] RDX: 0000000000001068 RSI: 0000000000000000 RDI: 0000000000000000 [ 633.323760][ T6257] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 633.323766][ T6257] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 633.323772][ T6257] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 633.323782][ T6257] [ 633.421649][ T40] audit: type=1326 audit(2134218598.651:4730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6250 comm="syz.2.14220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7fc00000 [ 633.536591][ T40] audit: type=1326 audit(2134218598.761:4731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6250 comm="syz.2.14220" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f21579 code=0x7fc00000 [ 633.548633][ T40] audit: type=1326 audit(2134218598.761:4732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6250 comm="syz.2.14220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7fc00000 [ 633.556194][ T40] audit: type=1326 audit(2134218598.761:4733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6250 comm="syz.2.14220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7fc00000 [ 633.565303][ T40] audit: type=1326 audit(2134218598.761:4734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6250 comm="syz.2.14220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7fc00000 [ 633.573989][ T40] audit: type=1326 audit(2134218598.761:4735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6250 comm="syz.2.14220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7fc00000 [ 633.582151][ T40] audit: type=1326 audit(2134218598.761:4736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6250 comm="syz.2.14220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7fc00000 [ 633.591262][ T40] audit: type=1326 audit(2134218598.761:4737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6250 comm="syz.2.14220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7fc00000 [ 633.600397][ T40] audit: type=1326 audit(2134218598.761:4738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6250 comm="syz.2.14220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7fc00000 [ 633.607433][ T40] audit: type=1326 audit(2134218598.761:4739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6250 comm="syz.2.14220" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7fc00000 VM DIAGNOSIS: 16:10:17 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000001 RBX=ffff88802b53f880 RCX=ffffffff81ae8c69 RDX=0000000000000001 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90003d9f930 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed10056a7f11 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88802b23b180 RIP=ffffffff81ba9450 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880977ec000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002f000ff8 CR3=000000000e180000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=000000000006d481 RCX=ffffffff822a9f5c RDX=0000000000000000 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000000 RSP=ffffc900075ff660 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=000000000000001e R12=0000000000000008 R13=0000000000000001 R14=0000000000000001 R15=0000000000000000 RIP=ffffffff81ba9456 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880978ec000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7f055c0 CR3=0000000064363000 CR4=00352ef0 DR0=0000000000000007 DR1=0000000000000002 DR2=0000000000000008 DR3=0000000000000006 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73b2ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000080000100 RBX=ffff888012618dc0 RCX=ffffffff89e29f2c RDX=ffff88801bf40000 RSI=ffffffff89e29f3a RDI=0000000000000004 RBP=000000000000004c RSP=ffffc9000050f688 R8 =0000000000000004 R9 =0000000000000028 R10=000000000000004c R11=0000000000000000 R12=ffff88802b6513e2 R13=0000000000000014 R14=ffff888012618df0 R15=0000000000000028 RIP=ffffffff81ba9b01 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880979ec000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7502430 CR3=000000006307c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004800000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854c21b5 RDI=ffffffff9addfc00 RBP=ffffffff9addfbc0 RSP=ffffc9000df1f300 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000002d R14=ffffffff9addfbc0 R15=ffffffff854c2150 RIP=ffffffff854c21df RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097aec000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000031e1affc CR3=0000000027c07000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000