last executing test programs: 3.079715155s ago: executing program 1 (id=1489): r0 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000240)={0xb8, 0x6, 0x4, {0x8, @pix={0x0, 0xffffffff, 0x51424752, 0x0, 0x0, 0x0, 0xc}}}) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f00000000c0)={0x0, 0x6, 0x3}) 3.020725288s ago: executing program 1 (id=1490): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) accept4(r0, 0x0, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6_mptcp(0xa, 0x1, 0x106) socket$netlink(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a0001"], 0x50}}, 0x4000000) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff) socket$packet(0x11, 0x3, 0x300) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r3, @ANYBLOB="01000000000000000000010000000c0005006c000000000000000c0002000000000000000000040007800c000800000000000000000008000100000000004400078008000100", @ANYRES32, @ANYBLOB="380001", @ANYRES32=r4, @ANYBLOB="64800400", @ANYRES32, @ANYBLOB="08000100", @ANYBLOB="06"], 0x90}}, 0x0) 2.958841485s ago: executing program 1 (id=1492): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vxcan0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000080)="18", 0x48, 0x0, &(0x7f00000000c0)={0x11, 0xc, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) recvmmsg(r1, &(0x7f0000003a00)=[{{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f00000001c0)=""/81, 0x51}, {&(0x7f0000000240)=""/144, 0x90}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000000000)=""/15, 0xf}, {&(0x7f0000000340)=""/99, 0x63}, {&(0x7f0000001440)=""/70, 0x46}, {&(0x7f00000014c0)=""/214, 0xd6}, {&(0x7f00000003c0)=""/34, 0x22}], 0x9, &(0x7f0000001640)=""/183, 0xb7}, 0x5fd}, {{&(0x7f0000001700)=@ax25={{0x3, @rose}, [@bcast, @remote, @rose, @rose, @remote, @default, @null, @null]}, 0x80, &(0x7f0000003900)=[{&(0x7f0000001780)=""/23, 0x17}, {&(0x7f00000017c0)=""/25, 0x19}, {&(0x7f0000001800)=""/7, 0x7}, {&(0x7f0000001840)=""/28, 0x1c}, {&(0x7f0000001880)=""/4096, 0x1000}, {&(0x7f0000002880)=""/4096, 0x1000}, {&(0x7f0000003880)=""/86, 0x56}], 0x7, &(0x7f0000003940)=""/160, 0xa0}, 0x101}], 0x2, 0x40, &(0x7f0000003a40)={0x0, 0x989680}) ioctl$KDSKBENT(r3, 0x4b47, &(0x7f0000000400)={0x0, 0x7f, 0x700}) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="58000000020601020000000000000000000000000c00078005001500030000100500010006000000050005000200000005000400000000000900020073797a300000000011000342686173683a365c2c706f727400000000"], 0x58}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x5d, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYRES64=r0], 0x34}, 0x1, 0x0, 0x0, 0xc810}, 0x8004) 2.956982047s ago: executing program 1 (id=1494): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000009a02000000001f000000000000000000"]) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x102, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x19) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x80000000000001, 0x0, 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000240)=@filter={'filter\x00', 0xe, 0x1, 0x130, [0x0, 0x20000100, 0x20000130, 0x20000160], 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB]}, 0x50) syz_emit_ethernet(0x8e, 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) r5 = signalfd(r2, &(0x7f0000000100)={[0x7fffffff, 0x5]}, 0x8) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r6 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x2}, &(0x7f0000000080), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000010300)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000010380)=""/47, 0x2f}], 0x4) r7 = socket$rds(0x15, 0x5, 0x0) ioctl$RTC_ALM_SET(r5, 0x40247007, &(0x7f0000000300)={0xd, 0x25, 0xb, 0x19, 0x5, 0x619, 0x5, 0x4f, 0x1}) bind$rds(r7, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r6, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340)}], &(0x7f0000000180), 0x200000000000023f}, 0x20) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) bind$inet6(0xffffffffffffffff, 0x0, 0x37) 2.048888072s ago: executing program 0 (id=1501): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x40001}, 0x1c) r1 = inotify_init1(0x0) fcntl$setown(r1, 0x8, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, 0x0}) r3 = syz_open_procfs(r2, &(0x7f0000000600)='fd/4\x00') madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17) mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil) r4 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1000}) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) open_by_handle_at(r3, &(0x7f0000000240)=ANY=[@ANYBLOB="0c00000001000000d87a"], 0x10000) ioctl$sock_inet6_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000000)) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb010018000000000000001000000010000000020000000000000000000001000000002000001c0000babde23d314baebc18dada9d198202bda2376b71cec1523ab50fd32b6ecb359458826d00000000fc749096bf5319bbe00d9f22bfaaf1f52211a72e3c64703a24e0d83470562b76e8e273ba8f5dfd21356e60dabef1b244e11afb782fdff64bb8b1c65fee6cdfffed68854c7a8f839eece484cdf676cd853d077a205aaa9e98f8788094af6ef3cd2ec81b3a2ec7a7fec26d1ac6598a6354c7d021fe56139ab8e1ecbc41b603d71a195d12200657a34b8bed17baa1544b2cfc8ffd091f1a5fa67d9e4186e687bc1d7751dffa2774e364a1df2bc6afc23ad3926c5dde82d25ffd8f02589cf99dd83dfdae6920483249515e694032f170e219a1aaa01f1d601822a3440a9e3ac1536af67fad03f5bd18189e6ec4e120f769420c9c499ddd8eb7028c42a435eb5dc6cfd64df942f275e4fdff1e4d5758b154e32fcf7e56fb48b2af5437ee882fc493768a9625163418c510b4ec3092c9facdb499b32822eaec8feea8961d42c9106eefdf8f6b"], 0x0, 0x2a, 0x0, 0xa, 0x0, 0x0, @void, @value}, 0x20) sendmmsg$sock(r0, &(0x7f0000000800)=[{{&(0x7f00000005c0)=@qipcrtr={0x2a, 0x1}, 0x80, 0x0}}], 0x1, 0x0) 1.906719263s ago: executing program 0 (id=1503): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r0, &(0x7f0000000040)="05000000010003", 0x7) r1 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="200000001a1401"], 0x20}}, 0x0) 1.850698334s ago: executing program 0 (id=1505): r0 = socket$packet(0x11, 0x3, 0x300) r1 = openat$sw_sync(0xffffff9c, &(0x7f0000000140), 0x40, 0x0) ioctl$SW_SYNC_IOC_INC(r1, 0x40045701, &(0x7f0000000180)=0xaa4) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) r2 = socket$kcm(0x10, 0x2, 0x10) r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x501001) r4 = openat$ttynull(0xffffff9c, &(0x7f00000001c0), 0xc000, 0x0) ioctl$TIOCSISO7816(r4, 0xc0285443, &(0x7f0000000300)={0xc62, 0x50, 0x1, 0x24f4e500, 0x7}) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r3, 0xc0105303, &(0x7f0000000500)) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)="cf68e4c66c906dd02ad94db0cfb7688af9e606c07413ba8b8d907ca902b9de94b28daba9eaf34b4e350bd9cd19f16496259dff71b19b4c1547bc576e3c8cbf002b9070f05c383880e98f74bb142fce479df047a47c8cfc729f0ef9cb01ca8793e046e1adeaca222900c1e4a2bc68bcbdf171ffdb0e8efea12382c6354649d97cfc17f34363b77d06b550b9a3e6e705da2293a8142a4b5b9eb7d5d3df975574813c05bb68f5081701d536612208a32e315b0880c69438e31948afb9434c5a2f4bd5b1ba4ed1bd4682d972fc90970b3e3ec8536defe148c7aee5c3979aac4a4f4f3db938c63de57c6f22e072058316190458031aeeda0f35d99bb1", 0xfa}, {&(0x7f0000000240)="5cc7798ebb14a573ba51a5c11d7d916d8760e8064c011f28dae142d277aaadb8606109f7d06f1306d1fdba4dc7180f6a76291d7fefccc648e8531b35d8d6a2903c53dc908c660f9e736cc9bf3ba1a40c346d17483f4e42e46ec325ad907314911000abfce824026a8ff4c8dda3124c253261202ca18ab2650a92c10f25ba6781d434", 0x82}], 0x2}, 0x0) quotactl_fd$Q_QUOTAOFF(r3, 0xffffffff80000300, 0xffffffffffffffff, 0x0) 1.780545016s ago: executing program 0 (id=1507): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000000)={0x3, 0x2, "14c927", 0x8, 0x5}) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) close_range(0xffffffffffffffff, r1, 0x2) r2 = openat$binderfs(0xffffff9c, &(0x7f0000000040)='./binderfs/custom0\x00', 0x802, 0x0) r3 = mmap$binder(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, 0xffffffffffffffff, 0x9) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000280)={0x74, 0x0, &(0x7f00000001c0)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000100)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r1}, @ptr={0x70742a85, 0x1, &(0x7f0000000080)=""/70, 0x46, 0x2, 0x18}}, &(0x7f0000000180)={0x0, 0x18, 0x30}}}, @acquire={0x40046305, 0x1}, @free_buffer={0x40086303, r3}, @increfs, @increfs_done], 0x8, 0x0, &(0x7f0000000240)="c5bcfbbaa5b72c3c"}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'syzkaller1\x00'}) r4 = fsopen(&(0x7f0000000300)='bdev\x00', 0x1) fcntl$notify(r4, 0x402, 0x10) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000340)={0x0, 0x0}) ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000380)={r6}) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) fgetxattr(r7, &(0x7f00000003c0)=@known='user.incfs.id\x00', &(0x7f0000000400)=""/132, 0x84) r8 = openat$vhost_vsock(0xffffff9c, &(0x7f00000004c0), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r8, 0x4008af00, &(0x7f0000000500)=0x100000000) fstat(r5, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgroups(0x1, &(0x7f00000005c0)=[r9]) r10 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r10, &(0x7f0000000600)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e22, @multicast2}, 0x0, 0x3, 0x4, 0x1}}, 0x26) socket$inet6(0xa, 0x3, 0x0) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r5, 0xc0189375, &(0x7f0000000640)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000006c0)={0xffffffffffffffff}, 0x106, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r11, &(0x7f0000000740)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000680), r12, 0x0, 0x1, 0x4}}, 0x20) syz_create_resource$binfmt(&(0x7f0000000780)='./file0\x00') openat$sw_sync(0xffffff9c, &(0x7f00000007c0), 0x800, 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000800), &(0x7f0000000840)='.\x00', 0x2, 0x1) r13 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), r11) sendmsg$L2TP_CMD_TUNNEL_GET(r11, &(0x7f0000000980)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x24, r13, 0x100, 0x70bd2a, 0x25dfdbfb, {}, [@L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @multicast1}]}, 0x24}}, 0x20008081) 1.579523643s ago: executing program 0 (id=1508): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="14000000160048dac87880648c2594f913", 0x11}], 0x1}, 0x1c04c080) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r2 = inotify_init1(0x0) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, 0x0}) r4 = syz_open_procfs(r3, &(0x7f0000000600)='fd/4\x00') ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r4, 0x8004587d, &(0x7f0000001ec0)={@id={0x2, 0x0, @auto="de60e4b8e8c640437d02438081fc0e47"}}) socket(0x10, 0x3, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) setregid(0xffffffffffffffff, 0x0) read$FUSE(r4, 0x0, 0x0) landlock_create_ruleset(0x0, 0x0, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60) getpid() ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000100)=0x0) process_vm_readv(r7, &(0x7f0000008400)=[{&(0x7f0000000340)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000000180)=""/134, 0x86}], 0x1, 0x0) openat$dsp1(0xffffffffffffff9c, 0x0, 0x121001, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[], 0x34}}, 0x0) 1.579044552s ago: executing program 1 (id=1509): memfd_create(&(0x7f0000000100)=';e\x00\x00\xa4\xd8\xe0\x9c\x7f9\x8aZ]3N\xbb\xe1^\x9c\xe1\x9b6s$0Y\xf8\x90\x00\x00\x00\x00\xd2~l\xf6\x12\xde\xdd\xd5\x1d\x96\xb0a\xad\xcd\x16\xd8G\xae\xd9DZm\xabO\xad\x11%\x7f`@\x16c\xc0\xb6\x1f\xe3\x00\x1a_\xc7\xbf\xa7T\xbe\x13\x8b\xb3r\x8fL\xe6\xba\xe7\x18\xb4$BIj\xa3\xc9\xc6|\x9b\x88\xddPx\x02I\xde\xe8\xcd\x02\xc1\xedc2\x06\xcbM\xfb\x13jZ\x96\xeej\x9b\xe4XjN\xb9>\xdf3U\r \x8dh8T/h)\x90\xff\x8d\xd9\x89\xab\xf8P\xacYtk\xa3\xed\xfa*8\x13\b\xce\xf8z\xed\xadnz\x96\xa3\x9a9R\xd9]\xe11We\xfe3\xe06\x1a^\x04^\xef\xa3\x0fU\x9b1\xc6J\x83\x9d[\\a\xfd\xdc\xa1\xcd\xbe\x9b\xc5z7\xe8VP\x89\x16MK`\xe5\x137\b\x00\x00\x00\xd5\x01\xea\x98\xe6Z\x95j\xe3\x0ek>\x14\x80\rXS\xce\xf9\x0e\x89\xc4\xc6\x1bOm4Lla\r\xce\x17\xb5r&\xf3\x96\xbc\xc39\xa7\x95\xd9F\x17', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) ioctl$EVIOCSMASK(0xffffffffffffffff, 0x40104593, &(0x7f0000000000)={0x0, 0x1, &(0x7f00000010c0)="17"}) socket$packet(0x11, 0x2, 0x300) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340), 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2e1}, 0x0) kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r0, &(0x7f0000001340)=@abs={0x0, 0x0, 0x4e21}, 0x4b) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/partitions\x00', 0x0, 0x0) preadv(r2, &(0x7f0000001500)=[{&(0x7f00000002c0)=""/4084, 0xff4}], 0x1, 0x202, 0x0) syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00') fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000280), &(0x7f0000000340)={'U+'}, 0x16, 0x2) r3 = openat2$dir(0xffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x200000, 0x130, 0x20}, 0x18) open_tree(r3, &(0x7f0000000640)='\x00', 0x81801) io_uring_setup(0x3055, &(0x7f00000012c0)) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f00000000c0)) r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/246) 1.400349956s ago: executing program 0 (id=1512): r0 = socket(0x28, 0x5, 0x0) r1 = accept4$unix(r0, 0x0, 0x0, 0x0) r2 = syz_open_dev$ndb(&(0x7f00000003c0), 0x0, 0x0) r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0) syz_usb_control_io$hid(r3, 0x0, 0x0) syz_usb_control_io$hid(r3, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0x0, "2e2b5aa4"}, @local=@item_4={0x3, 0x2, 0x0, "f85edaca"}, @main=@item_4={0x3, 0x0, 0x8}]}}, 0x0}, 0x0) r4 = syz_open_dev$hiddev(&(0x7f0000000540), 0x1, 0x180) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=ANY=[@ANYRESOCT=r0, @ANYRESHEX=r3, @ANYBLOB="36a695aacfafebc39ab62975b95eb1be40f4bad3eb98a043a445f3ab4fcfe7314b15c33b2a9dd281ebc30251e57b9db533db0bbd543f2ed3881e78b9b49909326faee67723d16a8d7dc7a37724218b888e0ca1ffe743d7ed2e75025aeec96a3e75be8d637a75caf1fa88965a29a0ca7a74965f92d7e21f6aaab24b46d3cea5e6da43726c4ab5dd5a89113054c157a2f47a1b3566d99bccad2e95564b9fa34a1e6051fffa017d6cedd86cd93cc746", @ANYRES16, @ANYRES8=r6, @ANYRES8=r7, @ANYRES8=r1, @ANYBLOB="79c421a7a08c508700d41bc33c1815b30f150c19308ce0a20df7ce7914f62a4d9aa645d17fe748ef4de0b4f130378a3e38f7e9c965ae573b246a3070a1b79450e4eaecef725ee918365a7d2d6a42ea4caa73b6a9c9b6cded4546b4abb0827888e734e74cabc0c66c5a90ad42e6339a9285cb94f2a90483d499fd9c42f9ffa081ee613574e1b614838f6a69506bdc7e9af962c0d2db056014f3fe0b598fd7a5c514b01908579ac1197ccec13e57157a928b9857fbd911e212afc983bb5cb9f9d6524bfabc2919ede80c2984cecbc8718b899f76999383"], 0x1c}, 0x1, 0x0, 0x0, 0x24000}, 0x4008080) ioctl$HIDIOCSFLAG(r4, 0x4004480f, &(0x7f0000000000)=0x2) ioctl$BLKTRACESETUP(r2, 0xc0401273, &(0x7f0000000000)={'\x00', 0x0, 0x42, 0x10000007}) fchdir(r0) set_mempolicy(0x3, &(0x7f0000000080)=0x5, 0x9) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff97}}, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) ioctl$BLKTRACESTART(r2, 0x1276, 0x0) 1.149236149s ago: executing program 2 (id=1516): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000a000000080000000200000f"], 0x0, 0x46, 0x0, 0x9, 0x0, 0x0, @void, @value}, 0x28) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) (async) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={0xffffffffffffffff, 0x10, 0xfffffffffffffdd7, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, 0x0}, 0x40) (async) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000100)={0x0, 0x14, 0x7, 0x2, 0x0, 0xef, &(0x7f0000000040)}) (async) write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x3938700}}, 0x0) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) 1.090280062s ago: executing program 2 (id=1517): syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = openat$sndseq(0xffffff9c, &(0x7f0000000000), 0x100) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a45352, &(0x7f0000000040)={{0x23, 0xe}, 'port1\x00', 0xa, 0x808, 0x800, 0xffff7fff, 0x4, 0x2, 0x5, 0x0, 0x2, 0x5}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) (async) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @ioapic={0x1000, 0x426, 0x3, 0x0, 0x0, [{0x2, 0xd, 0x3, '\x00', 0x9}, {0x3, 0x4, 0x6, '\x00', 0x7}, {0x7, 0x1, 0x3, '\x00', 0x7}, {0x6, 0x0, 0xf, '\x00', 0x42}, {0x10, 0x80, 0x6, '\x00', 0x6}, {0x7, 0x9, 0x6, '\x00', 0x9}, {0x0, 0x5, 0x4, '\x00', 0xfa}, {0x9, 0x8, 0x0, '\x00', 0x3}, {0x5, 0x8, 0x3, '\x00', 0xf8}, {0x1, 0x6, 0x2, '\x00', 0xd}, {0x7, 0x6, 0x6, '\x00', 0x1}, {0x4, 0x6, 0x81, '\x00', 0x3}, {0x8, 0x14, 0xa, '\x00', 0xd}, {0x8, 0x4, 0x3e, '\x00', 0x6d}, {0x5f, 0xd, 0x1, '\x00', 0xd}, {0x0, 0xff, 0xfd, '\x00', 0x10}, {0x2, 0x9, 0x4, '\x00', 0x7}, {0x0, 0x9, 0x3}, {0x8, 0x9, 0x5, '\x00', 0x2}, {0x10, 0x3, 0x5, '\x00', 0x8}, {0x0, 0x5, 0x1, '\x00', 0xf3}, {0x71, 0x3, 0x9, '\x00', 0x3}, {0x2d, 0x59, 0xf}, {0x7f, 0x8, 0x5, '\x00', 0x7}]}}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0xfffffffffffffffe, 0x0, 0xb, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4000000], 0xf000, 0x2c0f12}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)) (async) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) (async) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) (async) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) (async) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB="0000000000160000000000000000100000000000865020ba4cbfe35d08c604ca3af2fd73285b1a235763371a045a3065bd2d1ce04e318953cb9b847751429388e27ef982b0aa42c7990cf221784a5faa0396a04a0681a8", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000500"/28], 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000100)={{r6}, &(0x7f0000000080), &(0x7f00000000c0)='%pi6 \x00'}, 0x20) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x14, 0x4, 0x4, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) getsockopt$bt_BT_POWER(0xffffffffffffffff, 0x112, 0x4, 0xffffffffffffffff, &(0x7f0000000080)) 1.000228957s ago: executing program 2 (id=1518): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, 0x0) openat$autofs(0xffffff9c, &(0x7f0000000000), 0x200142, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = socket$netlink(0x10, 0x3, 0xc) r3 = syz_open_dev$sndctrl(0x0, 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f0000000700)={{0x2}, 0x0, [0x2000000, 0x0, 0x0, 0x0, 0x8, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}) syz_open_dev$tty1(0xc, 0x4, 0x1) bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0) r5 = dup(r1) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0) syz_emit_ethernet(0x2e, &(0x7f0000001440)={@local, @empty, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x2, 0x6, 0x20, 0x68, 0x0, 0xe3, 0x21, 0x0, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}}, "5d8375322b8239d20b4fb806"}}}}, 0x0) write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c) socket$inet(0x2, 0x1, 0x0) r7 = socket$inet6(0xa, 0x806, 0x0) bind$inet6(r7, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c) listen(r7, 0x3) r8 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r8, &(0x7f0000772000)={0x2, 0x4e23}, 0x10) recvmmsg(r8, &(0x7f0000007940), 0x55, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 749.60151ms ago: executing program 2 (id=1520): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000000)={'ip6tnl0\x00', 0x0, 0x4, 0x5, 0x1, 0xffff, 0x2, @mcast1, @private0, 0x700, 0x7, 0x6, 0x3}}) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000140)={'wg1\x00'}) sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newlink={0x6c, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40493, 0x20000}}, 0x6c}}, 0x0) 689.830746ms ago: executing program 3 (id=1521): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockname(r0, &(0x7f0000000000)=@can, &(0x7f0000000080)=0x80) (async, rerun: 64) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f00000000c0)='bridge0\x00') (async, rerun: 64) r1 = openat$nmem0(0xffffff9c, &(0x7f0000000100), 0x100002, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000001c0)={0x1, 0x0, [{0x1, 0x74, &(0x7f0000000140)=""/116}]}) (async) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000000200)) (async) ioctl$SNDRV_TIMER_IOCTL_STATUS64(0xffffffffffffffff, 0x80605414, &(0x7f0000000240)) preadv2(r0, &(0x7f0000000300)=[{&(0x7f00000002c0)=""/60, 0x3c}], 0x1, 0x4, 0x8, 0xc) ioctl$IOC_PR_REGISTER(r1, 0x401870c8, &(0x7f0000000340)={0x4f5e, 0x8}) r2 = openat$ndctl0(0xffffff9c, &(0x7f0000000380), 0x100, 0x0) ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f00000003c0)={'pim6reg\x00', {0x2, 0x0, @private}}) ioctl$BLKIOMIN(r1, 0x1278, &(0x7f0000000400)) (async) sendmsg$NFT_BATCH(r1, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_DELRULE={0x58, 0x8, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x3}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x3}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x1}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x3}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x80}}, 0x8000) (async) ioctl$DRM_IOCTL_GET_CLIENT(r2, 0xc0186405, &(0x7f0000000580)={0x3, 0x7fffffff, {0x0}, {0xffffffffffffffff}, 0x5f, 0x3}) quotactl_fd$Q_QUOTAON(r2, 0xffffffff80000200, r4, &(0x7f00000005c0)='./file0\x00') read$FUSE(r1, &(0x7f0000000600)={0x2020}, 0x2020) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r5, &(0x7f0000003900)={&(0x7f0000002640)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000038c0)={&(0x7f0000002680)={0x120c, 0xb, 0x2, 0x5, 0x70bd28, 0x7fff, {0x1}, [@generic="484f907a804e3ed0c0f6477a9ce7a354ee82f5", @generic="6aed1e396a5b3834424140f6e23d9728e6fed85e96b1e4712aca479febba1fa406cfc3222b2b55b72bcefc6089de69d4713c747fe6508d2bd8e390d1", @nested={0x119d, 0x1b, 0x0, 0x1, [@typed={0x8, 0xfa, 0x0, 0x0, @pid=r3}, @generic="d979389df216c615c2b427af1dd9aca604ba7b173703b9f9a6c793974b269e94534a6adc9f4f216ec951cb76847da3b150e0cd2868fd48b14914998aa210e4882dec843c1fa020d1933e44980daf27523983aae4f33b617c15cbd7c84293255963bcd5e3b240f3f144ef9e2547f42c2c927d5556a1aa6fc94f8566daacefe54e905bdd1106", @generic="aed95918e784a9369d1e14e356bf28ecd0c8fc098dd9af27eecc8adb16ca6043910437884996126b18cd8da7f6a7fe76d903790af9ba6e746acb62d73f59583a5c4e6a318f32ce49df28af5d7dd75db84008d46c9a7847d2d73fa6aa46fbbd4bd4082a2375a1f506f785ab4e5b4b817b08282f001d9d97f0c2fc541647da3207b2c4b8887cd8049b53cb58c69d31718dca1f4d7c08892f59094dea5c84ec18666e782bce1347e2c77b2864e052465ce50256d27bd5f5b901a79806a12c8aa68f803eafdeb32da22c546cbdbb643dc4d03109f6aaac989e6aa9751c5a6b8bb91fc5f9205f98042bb8f0bf4ebfa1f79819ecb49e3797d1435d34b847a4a9abc85cd6201a4d70b561919951a145f959e91c3f1d3dadcce85f1fb32d2f5748c431997aeceed61ebf8b6c389b174dafe3f64755682f8fd4ea6803887499ef48f8f2964c5485a4b135d7ac760730450ae316d04666ecfbbcd96d37a41ec7f43dc5929ea67e862c7fe3c8d74d588ee47a07f205c671f0cd776324eb04d0c1163b7984ecd6415c72425e947a2d5a253b152039c8b89636e253c378ef55726f5e9661549db91fd7784b05eab83872215c99f86cffb6fca304b1a31870b8567077dde8502628b3da2dcf85becf339604707e714212f7880e4c2218b37ca68c09b0d22b52868559b81383583fa325258c535e24845fe758916c8637997f035b9bed0fc266616ab72b22b53a82933e02e1afa1f15c12716faabc5e543e8e7e1e8ec1e61a2b7c5b84b64b5df43b98a25d112392a940476552b4306a4418ee280d7eca8ea2d43b36f38d76840116fa80ddcb3a99b8c1411cb32f3193968468075419372da45ac5aaa07ed38066100a56b9011eb466b16267a38814052f0ab7a4d733a4afdb4b8309fdfa39648ace3db89278b8be39ef5def504b552db0d3fe468f3165946d5a951723c8c514220d571805d0ed36f31a95a58d8c71f093d8c1f7de1d685757444107e01f18a5a7aa10f664a4cbc35f64594e57b4f8cb677681cc88ad4c4bb178f5d6af118b2527b40747fe53a7e244b81da6d2d5c19db2b248f110821040778af3d81326a4b368fe15a7683bed336ca868b83d3300176e3b2a2b44a30d3a4881dd51204d5eea008192fb3bdaf2feabea5c86512e63e3fc5fe40dbfb77daf4cc9064185b24c3596fd09ae76cd20c126bbc1f0d52a2448c75f4bb3c88274e5621497613600a0e7f4281eb9a999129016c199e3e74e4bbcdf86c33886104ae2e6ff2c4e557aa7d3919b4352bb24e388a622a0eb398dce24cc8d56b25281c0b1b1d03cb175f4fc8b045c490677d53b48aa3ea1fb031f859e815ab276e0f90eb2c891c0142cba0c54b96b251a86c3986f495c0ab2f8ae977bca93afe0b77be045474b3b9aaacaf6575fe2a3dbf1c3c26c8479318c0c91644e9e160979b75dea0836e1723d7d4a20c6876beabb126c1b08ac7641ef7b17d848ccd9b76c18e018d68492d01c926b0386d63d6fc12fb4227f7c5a7965606d70779d7d271f05ecac1d50316fb63e65b2bc229f840a9a1216a134abb15ed3f23983ce1601654963dde2288726781bf7df5fca5a9d4d94772466427586070cf25ef42683a63c486a802cbc931c1e9a32ab3ff778292049a9a3f3232d647f0285e4ecec80c450d185b2855ce1599479af12d03bc70e347d8c1b7872f2ecefe1a788930f6c649d1fae02e0a270e9427ad79fecae8cb06b77feae74642bf8649c40c03b5f700ffc4e2b7273bacd6608ac3212224a074b4159703a1a34a53b8be500f7a72a5e28330d56572fc719905454d2a6865cf62f0e4aa493de23cc8700caee3bb49f4963c9d97bc4734ced7e220f94bc7ff3dccf1c11e4a3783adde128d18b366bfd5709f76e7cffd3f771302876eb93972ba4c42672accef0d66ed8418b0002656e6b90958caa538d2c2784c48577a5a182e4bd6aa03797498b913f63ac1c0f4d9af586e1f1a2b16ce720c6a6556bdd5f76b87ee2163b692b1619196e4dfd16a79fdc86e8d8c659efbd2a6eea314fbb7be9f62e3a1ef147d9411dd12ebf9ef7d92f867bd6b6f1727e8c0a5322ef818f7cbc2e260e37323f19a13c53d191c5937f7272c4367cc1e1947390794ede441451d7a2c2ca2131b318965bb89f957b56dfafa1b99ec31921ebea7056b180e28cfb0474649f08489f026e69159474da7128e00e6c0f0858575c6fe3e0b3bad643f41fc463e98d71ea0dd056a076d0a70f8713a2bd8798f129ebc375778cf2c8e2954da033fbba30e8844d29fd3dbadb3931ae351e7b835cb505d249ac558bacc78ad05926a301a8b2ff036d17ffdb5dc0717b3a50d64ab90d1bdc5cadd2ceafa3e58b09b7b69614212ec760862614c6e27adc9ed783cec359b95d86cf58d3ffb9384724e620fbef688d9b6f8841dc6bd38991eb5b779efcd36f606796ed269ffdc234ccd30f4eda58b5f3121260154e76b500636a6e79b85efbacbe5aed043c058bf79c930ee020b505c2d80f7cd4c33001d19bf39350d4b70ffaefef314fa74b91a6bed5372ade9194ddd760385908759c686912844d0b29417257ab906c13c620b5917ae30db7ccbb8768487cf47b12a3652ec1b11500e5a5da365f4ca8e3c95a8e5ee416f7d20c5e90ff015d8cea6f0df375d440521260b09ede7e521061619527de44691f173ad8d159497644c76066d43323ff1ec51bffed8190269398ddb34e4a5761baee3148f8bd847f5e041aa03d9401253296e819a0f889fd12a75d0e1fa1c44a309db42f2835c85b58d66528a3d8b973ca4e7c95b41f340eb9820d566d4f55fbaf35455f01a0cb420a35ed98b8bbaec4b2ff4740d5bab968cbf2aeec6d7f4581a9e2e47514c62ca7eb1ae4a4677d846cd5390f732f31c341cb8f3e19f7ffd6128597adf82dcb1eaed047817a1721958c299d5d1e9f31f94fb9e88531ca8e774ab78c25ca7dc6283c55ff9238927ac7f6a5ee4c404b01b726c008cce94528f9e3e2c8197b0193d6f4c7ffc279fb48fda72f19bef6cee7b0823f19e574815815dd89f115ce19b372f22c818a42a493ed4dc27773aabcb10c044d87bb802a371db07009d3ec568df760cda320f0560bd1ef53e3d9f4bd70497747409a68417190bc551b1a35429e3544d84cd90c433e1c48a7e5a28679d48b540820613682ca7cbb1b7d4e7f02cb1f106b7af48890be259fb4bc5122bbaf7399f2ad1a78a16f7145d9d42e0ea15be1ce2fae6d8b8b45021444029c42fce41e00a7a4522cc84e9d7f5b3ec6abe2b873a0ac9f18d0045377740e59070e60c3b9444ecd0ab646eb31e36681525031b2910f9e309e869434fdf1021588d289d8b42c795a8b8ad42588a8165bf40e195b7d8beaf1099e8539bc4ab799d8136bf0c5269c13906938d17f2786c1ad9cce2e1f098ab5b54ddd94dd63e8b2338826c544de05f2a13fd31e77fb048f32fb13042e007f5f2a21afece932b056afae22b5daa04397fdae4f3a21c9c25f4269f4bfcdd561b64d8ede15b1e2ceb5cbb813c1f045a63ae201ea87a73c5fe2be73dfc24bcf1b6886356aa5c99b81377c3b0193f2b2a8492e42d2e81fdf8ee5044adf3f2ed19e0d4e580da294a4dbc1edce062b59f3758dbc8d2c4f8f32b2f832c577c43f77d70ccdf60582c167ced7d37bca17c62c22b9f5861f594e26aa54b808af2b06c3793b65c271f5b0e4e3aec2270beb1b5d024d1c0c05dab6a6d4e78b9d98b67f9f465efff30859915ee126cf233fdc9d491a280a019e5c4c41e2659205df8a9f956d1e8da88bcd5da9c4e3e04dcdc77ed9f210e680dc55df94f00e7db14e4e0299de982b34b99b141dea50cf7efcca2bef094c497049a8cfccfbcad1b041f9aaa2a00610f9f74ce251e280561151a4410def462bcfe7f3f23bd4e484e56c86b31dc7307d8694d8d46ab3d38c7a25ecc69856d7e9b16c87563aa55423d2c9f9f3c056c83a854ea4d872c367dac2ba28b6751239758fc99d5eeac0f6f6306c3c70313f4f9900cb49973618547fab9a0318479738434fc0813edde41c57d647e92732a71741864544f903e3fb7673b823c5f87194b30732e33a89b811bc6383ecb94a0b6fd8a75107effaa970298881b6b62644998bc841a5d9ec9ca8d1b2dbb27d4ae933f90f5415d15a9ae974f2c998ceed6277d4d493bdb0c42a163412ff5fd71d0990967bb4d946e2aa78e00789027b7cf46923005942432b79de5fe9d97a5515e013eacfa905f28666d3dd3da1061f46b5306f48ca77746813901c244070aeccc2a4940864c457dbee076caaabb065b90f696f51a40cd3d9f9e5cea07f53ec46f881f8989d56ba079055034687a49a3757547789c0706d9ad105d1ce8288fe182c60c753a57b802da08caf0af15d82166c225084887385f718d6c85e6ee5d234b01d6eadf48a1dbf1461585869399ccf7bd559146e642487e9e84555b3e6f46306bfecc1aac787164aa6e0c28fdce02fd7c7fc05f7e13aa1f3dc35a14cc02e8e331190904a030da7c470249bc9a1df9f03deba1869a33c7baf52f2231dcf5c4829c83a46c943a19372ed3e3ffd1abdd96a269c9b566b801bc9361579bd09a2c2dbf35d2b59eba0255148029ec677c46f3eeb15882bf647d4ecf8d9bdc7419b8d6543d9fa152820394cf3ddeaecbe4aa0dda925715e435947ea6cb9bbf9ad4a43523b9d29ecb92abe29c864cb6aaa43f69241f141416c22b6d16205444031473a3d684d6fd6a2c2501b27162373c496ed5f5730af4798b6541225711b90a57a4946e9a8e55c5ddd39caa551ee4a347e290b99cfdb354ac4c214383322525dfaf298b55ba8b846d7e8efc4aa007e6a5c079d7b4fb55e09b1470c40d74cffff0e207e70c8c84e8f1753f57287d0a46508c5c67760501288e1f2c31c466b85f0d486b74565ff5d63a71f7725c6aa46e2c8cddcddcf6c2904cc5aa42e51c22cb664c84843ceeda345652a8bf2be97307330e65c66bc9ed133d83dce23fadd5143c1ada237fa699efc50e1be60eaa255962ffe043a176cb7c6ec4b508005dd4ac3dc53307425da4ba42503c0ca7342be75293ead753bf76b30e5a39d89b23e46c0bf23097c119b4733f38889afa0a74b6078fc6aadb118e74b0ad5e1384c569421915892f36094749f73a55b7ecf1cccf55e8ab2b63b4df23036d61e9845d041377b76aa03326c31f0525517177fbbc6ec945146103f1b1826e1a9eec1932d887c82886765cff430df3752d4bb4bc9aa81167b42cff5503bd486302abed1f5b67699b9e3352455da2f48f6531c75b0a521c04f5c115ad46382ea9008bc7b7a913b46ce8dc89e7a33b11a170184f1e09f0ce63c904548c5cedee65906c1930a585e0264f7ecf706a2deda9dadf2bec37f31e3c58c5c4f640dda770034b1840872b2de58c73f80e0b059595e398ec003f7079d4679cc0f7b45cbbfef3ad644304c603804320aa195e20b5537eb9f2778b50a30fd0e1e053c918e08df80636c68e9e7edde3f44a8c740088457c9be223815dec16e02b765bed8cde65d11143ac9ca1739b0c54fdf27071cef609f8364b07a842d0db89b4573d853a623b81d5cbfed0d26d2ba938016bdda77fcd005e406f11f6ae1e09714178de733497745d7dc6e24ca5c65ebb451ad190d50d67bac1c2a349fa453b2105aa09ff25c2e873ec70da0145805b7b9131b3a6ada55b3bdf9e5ed43e34adc7efd83e5f92658d8d1f0e0ad2c64ac580d9755e631dccc8d9238706023c9db583d098f83d19eb9f45e44b353b89a0af15badc7b4faef26fb5ccbea3b7f", @generic="abaae47db3fe8d8a50ecba5ccfe58948bab3c0aaf54be1f86d74a47c46946beea972c8bb49245ae67d79bc76b8d3350988a339e270c7406b06c2fe18e6f21856b0608d2c53d4d7cf9b6dfbf131f2e22791b063fed1a7288557f83ff456e62601464a58edc08ce952c1aa703aa8378ac9378da7ccdc30d259c5a71f660a91806bac6761c8af58341d5c78288277fcd5402c88b6008c8f", @generic="a4d1ccaf7c13a039a682e4f02ce91c4bee53a5ab4aa8851e414af2f50a74ad4305b3a2f15a6945d3d13afce3589ce8e046766775aa481ad1afdcba37cde2a3a17c72f6296f33a2a8496cdb175b9b9d8348ae091906fe00ad1839d87924ba2ea40465", @generic="ab65c6bf2fb24502aca175ed07310a0d83d411df"]}, @typed={0x8, 0x79, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x120c}}, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r6, 0xc01cf509, &(0x7f0000003940)={0xffffffffffffffff, 0x80000000, 0x4, 0x4}) write$sndseq(r7, &(0x7f0000003a80)=[{0x42, 0x0, 0x0, 0x65, @tick=0x1, {0x7, 0x9}, {0x2e, 0x3}, @raw32={[0x30a1, 0x4, 0x3]}}, {0xe9, 0x3, 0x6, 0x3, @tick=0x8, {0x12, 0x7f}, {0x5}, @connect={{0xe, 0xa3}, {0x8, 0x6}}}, {0x2, 0x8, 0x9, 0x2, @tick=0xfffffff8, {0x1, 0xb}, {0x81}, @addr={0x3, 0x10}}, {0x0, 0x3, 0x3, 0x5, @tick=0x25c5, {0x9}, {0x3, 0x8}, @time=@time={0x2, 0x8}}, {0xf0, 0x8, 0x1, 0x2, @tick=0xb, {0x3, 0x6}, {0xa, 0xd3}, @raw32={[0x0, 0x80, 0x5]}}, {0x1, 0x7, 0x0, 0x7, @tick=0x10, {0x7, 0xf}, {0x57, 0x2}, @time=@time={0x7d00, 0x5}}, {0x4, 0xf7, 0x37, 0x8, @time={0x1, 0x4}, {0x4, 0x8}, {0x4, 0x8}, @raw8={"eea036b2deddf2288396af11"}}, {0x3, 0x4, 0x9, 0xf, @time={0x0, 0x2}, {0x2, 0x9}, {0x6, 0x9}, @ext={0xd2, &(0x7f0000003980)="f477e5abfc4b60e88f7b4caa15c3978fbe011a7b55bc9f1b7222699982a37e2d88a4aa940203360b856d7c4407b0b30100dd8cc66de78b033d97e9983ca6352628b2a4f22f74b1f08d30f0b13b13759c382230f5d8e742a6a4501d901b4739ea9c349bc6451d6785f032c1f4d99f53c7199ae36b0d3d93cf522f293face6afdf39d20fcd34e5964f70ceb527c99b0799dc673f1d4986c0a379d52186272b50014657925a95733b84bec244ce07a2195c5ac58559f8d452e87fe35665d7e8a98e078c7e45eacfe597565c5e79c3211082c842"}}], 0xe0) (async) r8 = openat$mice(0xffffff9c, &(0x7f0000003b80), 0x32142) setsockopt$RDS_CANCEL_SENT_TO(r8, 0x114, 0x1, &(0x7f0000003bc0)={0x2, 0x4e20, @loopback}, 0x10) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000000, 0x110, 0xffffffffffffffff, 0x4a000) (async, rerun: 64) openat$sysctl(0xffffff9c, &(0x7f0000003c00)='/proc/sys/net/ipv4/tcp_mtu_probing\x00', 0x1, 0x0) (async, rerun: 64) socket(0xa, 0x80000, 0x1) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000003c40)) (async) ioctl$TIOCSISO7816(r1, 0xc0285443, &(0x7f0000003c80)={0x1, 0x40, 0xf, 0x7, 0x10}) (async) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000003cc0)={0x73622a85, 0x1100}) (async) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r8, 0x13, &(0x7f0000003d00)=[0x4, 0x2], 0x2) 689.446373ms ago: executing program 2 (id=1522): syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00'}) sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000440)={0x50, r2, 0x1, 0x0, 0xd000000, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x2a, 0x33, @action={{{}, {}, @broadcast, @device_a, @initial, {0x0, 0x400}}, @ext_ch_sw={0x4, 0x4, {{0x0, 0x0, 0x2}, @val={0x76, 0x6, {0x4, 0x5, 0x19, 0x3}}}}}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}]}, 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x0) 689.086786ms ago: executing program 3 (id=1523): keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_load={'load ', 'ecryptfs', 0x20, 'user:', 'trusted:', 0x20, 0x40}, 0x32, 0xfffffffffffffffc) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f00000001c0)="fe41b679d70ef872d5108c6466f274c90e211b4b0018c11369e21ab3fb30bf08d6e8febdc32baf04ecae4f8abdc6ec0f05e4ddc1c3714fae14514db33351b9b78932c1c7f66ffaf9f9e068080cdef3909f1b217ba2c2717a62a93f68992379af7a5e65b83e598dcc4c1deec2c1b929920da96d714bae4a9d72f3e6c5aded15913f6054eeedf5286110db90f29766767f2a1323558eb3361d6ac7", 0x9a, 0xfffffffffffffffe) r0 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x9c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x6c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5}]}]}]}}]}, 0x9c}}, 0x0) openat$rdma_cm(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) socketpair(0x9, 0x3, 0x0, &(0x7f00000000c0)) 620.171433ms ago: executing program 2 (id=1524): signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x3]}, 0x8, 0xc0800) r0 = creat(&(0x7f0000000180)='./file0\x00', 0x0) mount(&(0x7f0000000540)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='zonefs\x00', 0x0, 0x0) openat$sysctl(0xffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='net\x00') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000003c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x4}]}) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, 0x0, 0x0) statx(r2, 0x0, 0x1000, 0x400, &(0x7f0000000080)) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setresuid(0x0, r3, 0x0) r4 = geteuid() getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000001c0)={{{@in, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@local}}, &(0x7f0000000100)=0xe4) r6 = socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SET_NAME(0xf, &(0x7f0000000200)='\x00\x9b\xd6\xeb\x810x0}, &(0x7f0000000280)=0x5) setuid(r7) mount$9p_tcp(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x420, &(0x7f00000002c0)={'trans=tcp,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@noextend}, {@access_client}, {@cachetag={'cachetag', 0x3d, '/dev/nbd'}}, {@version_9p2000}, {@posixacl}, {@posixacl}, {@access_client}, {@access_uid={'access', 0x3d, r3}}, {@aname={'aname', 0x3d, 'zonefs\x00'}}, {@debug={'debug', 0x3d, 0x7}}], [{@uid_gt={'uid>', r4}}, {@euid_eq={'euid', 0x3d, r5}}, {@defcontext={'defcontext', 0x3d, 'root'}}, {@uid_lt={'uid<', r7}}]}}) 570.281527ms ago: executing program 3 (id=1525): r0 = socket(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000740)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0x7}}}, 0x24}}, 0x0) 569.930767ms ago: executing program 1 (id=1526): sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x12, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="7400000003010103000000070000000000000003140001800c26034000020000060003400004000014001980080002000003000008000100020000001094f42aa00002800500020002000000200004801c0003800800024000000004080002400000000505000100d30000000800154000200000"], 0x74}, 0x1, 0x0, 0x0, 0x10}, 0x20000804) futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$KVM_VCPU(&(0x7f0000ffb000/0x4000)=nil, 0x930, 0x0, 0x12, r0, 0x0) futex(&(0x7f000000cffc)=0x20000003, 0x1, 0x2, 0x0, 0x0, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f0000000140)={&(0x7f0000000080), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x800, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4000004) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="340000003b0007010000000000000000047c0000ec0000000c00018006000600800a0000100002800c000b"], 0x34}, 0x1, 0x0, 0x0, 0x20048010}, 0xc000) 562.075962ms ago: executing program 3 (id=1527): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000005c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @loopback}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000000c0)={'syztnl1\x00', &(0x7f0000000100)={'ip6tnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private0, 0x0, 0x1f00}}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) capset(0x0, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) mlockall(0x7) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f00000002c0)={'tunl0\x00', &(0x7f0000000180)={'ip_vti0\x00', r2, 0x20, 0x1, 0x800, 0x900000, {{0xa, 0x4, 0x2, 0xf, 0x28, 0x65, 0x0, 0xfe, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010102, {[@lsrr={0x83, 0x13, 0x3a, [@private=0xa010102, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback]}]}}}}}) openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000280)='./file1\x00', &(0x7f0000000240)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0) r6 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/pid_for_children\x00') ioctl$NS_GET_USERNS(r6, 0xb701, 0x0) futex(&(0x7f0000000040), 0x5, 0x0, 0x0, &(0x7f0000000140), 0x35000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) r7 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r7, 0xaf01, 0x0) ioctl$VHOST_SET_OWNER(r7, 0xaf01, 0x0) syz_clone(0x80000480, 0x0, 0x0, 0x0, 0x0, 0x0) mlockall(0x7) 280.180806ms ago: executing program 3 (id=1528): r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0xc1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r1, 0x0) io_cancel(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0cc5605, &(0x7f0000000180)={0x1, @vbi={0x0, 0x0, 0x32314241}}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0xe, 0x4, &(0x7f0000000d40)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000af00f5ff9400000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 0s ago: executing program 3 (id=1529): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) accept4(r0, 0x0, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6_mptcp(0xa, 0x1, 0x106) socket$netlink(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a0001"], 0x50}}, 0x4000000) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff) socket$packet(0x11, 0x3, 0x300) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r3, @ANYBLOB="01000000000000000000010000000c0005006c000000000000000c0002000000000000000000040007800c000800000000000000000008000100000000004400078008000100", @ANYBLOB="38000100", @ANYRES32=r4, @ANYBLOB="64800400", @ANYRES32, @ANYBLOB="08000100", @ANYBLOB="06"], 0x90}}, 0x0) kernel console output (not intermixed with test programs): 86][ T7816] ? __pfx___dev_queue_xmit+0x10/0x10 [ 112.754987][ T7816] netlink_rcv_skb+0x165/0x410 [ 112.756591][ T7816] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 112.758105][ T7816] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 112.759602][ T7816] ? netlink_deliver_tap+0x1ae/0xcf0 [ 112.761019][ T7816] netlink_unicast+0x53c/0x7f0 [ 112.762295][ T7816] ? __pfx_netlink_unicast+0x10/0x10 [ 112.763688][ T7816] ? __phys_addr_symbol+0x30/0x80 [ 112.765017][ T7816] ? __check_object_size+0x4a1/0x710 [ 112.766521][ T7816] netlink_sendmsg+0x8b8/0xd70 [ 112.767807][ T7816] ? __pfx_netlink_sendmsg+0x10/0x10 [ 112.769298][ T7816] ? lock_acquire+0x2f/0xb0 [ 112.770512][ T7816] ____sys_sendmsg+0x9ae/0xb40 [ 112.771801][ T7816] ? __pfx_____sys_sendmsg+0x10/0x10 [ 112.773204][ T7816] ? get_compat_msghdr+0x11b/0x170 [ 112.774562][ T7816] ? __pfx___lock_acquire+0x10/0x10 [ 112.775939][ T7816] ___sys_sendmsg+0x135/0x1e0 [ 112.777254][ T7816] ? __pfx____sys_sendmsg+0x10/0x10 [ 112.778674][ T7816] ? lock_acquire+0x2f/0xb0 [ 112.779934][ T7816] ? __fget_files+0x40/0x3f0 [ 112.781201][ T7816] ? fdget+0x176/0x210 [ 112.782354][ T7816] __sys_sendmsg+0x117/0x1f0 [ 112.783652][ T7816] ? __pfx___sys_sendmsg+0x10/0x10 [ 112.784995][ T7816] ? __fget_files+0x244/0x3f0 [ 112.786321][ T7816] __do_fast_syscall_32+0x73/0x120 [ 112.787673][ T7816] do_fast_syscall_32+0x32/0x80 [ 112.788952][ T7816] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 112.790599][ T7816] RIP: 0023:0xf747e579 [ 112.791675][ T7816] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 112.796810][ T7816] RSP: 002b:00000000f574556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 112.798986][ T7816] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020006040 [ 112.801063][ T7816] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 112.803509][ T7816] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 112.805679][ T7816] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 112.808011][ T7816] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 112.810185][ T7816] [ 112.852940][ T7819] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.781'. [ 113.152765][ T5391] usb 5-1: USB disconnect, device number 10 [ 113.267970][ T7822] overlayfs: conflicting options: verity=on,redirect_dir=follow [ 113.276727][ T7822] netlink: 232 bytes leftover after parsing attributes in process `syz.0.782'. [ 113.377033][ T39] kauditd_printk_skb: 7 callbacks suppressed [ 113.377067][ T39] audit: type=1800 audit(1729730597.094:323): pid=7822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.782" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 113.535768][ T7827] pim6reg1: entered promiscuous mode [ 113.537285][ T7827] pim6reg1: entered allmulticast mode [ 113.806380][ T7855] netlink: 'syz.0.792': attribute type 10 has an invalid length. [ 113.817513][ T7855] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.820057][ T7855] team0: Port device batadv0 added [ 114.658544][ T63] IPVS: starting estimator thread 0... [ 114.760900][ T7876] IPVS: using max 36 ests per chain, 86400 per kthread [ 114.956915][ T7882] pim6reg1: entered promiscuous mode [ 114.958348][ T7882] pim6reg1: entered allmulticast mode [ 115.150707][ T7890] __nla_validate_parse: 11 callbacks suppressed [ 115.150718][ T7890] netlink: 4 bytes leftover after parsing attributes in process `syz.1.803'. [ 115.322782][ T7898] netlink: 4 bytes leftover after parsing attributes in process `syz.2.805'. [ 116.698057][ T7926] netlink: 4 bytes leftover after parsing attributes in process `syz.1.811'. [ 116.876063][ T7930] netlink: 12 bytes leftover after parsing attributes in process `syz.2.812'. [ 117.083763][ T7936] futex_wake_op: syz.3.815 tries to shift op by 144; fix this program [ 117.086350][ T7936] netlink: 'syz.3.815': attribute type 1 has an invalid length. [ 117.089068][ T7936] netlink: 224 bytes leftover after parsing attributes in process `syz.3.815'. [ 117.097742][ T7936] loop2: detected capacity change from 0 to 16384 [ 117.592508][ T7946] netlink: 'syz.0.827': attribute type 9 has an invalid length. [ 117.595359][ T7946] netlink: 134660 bytes leftover after parsing attributes in process `syz.0.827'. [ 117.598708][ T7946] openvswitch: netlink: Message has 8 unknown bytes. [ 117.616843][ T7948] netlink: 4 bytes leftover after parsing attributes in process `syz.3.818'. [ 118.489805][ T7968] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.823'. [ 118.846464][ T7977] netlink: 4 bytes leftover after parsing attributes in process `syz.1.826'. [ 118.979734][ T7986] usb 2-1: USB disconnect, device number 3 [ 119.060050][ T7987] hub 2-0:1.0: USB hub found [ 119.062325][ T7987] hub 2-0:1.0: 6 ports detected [ 119.221022][ T5391] usb 2-1: new high-speed USB device number 4 using ehci-pci [ 119.406039][ T5391] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 119.409318][ T5391] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 119.412636][ T5391] usb 2-1: Product: QEMU USB Tablet [ 119.414527][ T5391] usb 2-1: Manufacturer: QEMU [ 119.416239][ T5391] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 119.437797][ T5391] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0011/input/input8 [ 119.505202][ T5391] hid-generic 0003:0627:0001.0011: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 119.710724][ T39] audit: type=1326 audit(1729730603.424:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 119.739687][ T39] audit: type=1326 audit(1729730603.424:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 119.750592][ T39] audit: type=1326 audit(1729730603.424:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 119.757594][ T39] audit: type=1326 audit(1729730603.424:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 119.763978][ T39] audit: type=1326 audit(1729730603.424:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 119.771194][ T39] audit: type=1326 audit(1729730603.424:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=92 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 119.778581][ T39] audit: type=1326 audit(1729730603.424:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 119.794871][ T39] audit: type=1326 audit(1729730603.424:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 119.805282][ T39] audit: type=1326 audit(1729730603.424:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 119.816597][ T39] audit: type=1326 audit(1729730603.424:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7991 comm="syz.3.832" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 120.131424][ T1993] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 120.515510][ T1993] usb 8-1: config index 0 descriptor too short (expected 45, got 36) [ 120.521750][ T1993] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 120.526965][ T1993] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 120.530874][ T1993] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 120.535841][ T1993] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 120.538983][ T1993] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 120.554652][ T1993] usb 8-1: config 0 descriptor?? [ 120.562684][ T7997] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 120.787581][ T8015] netlink: 4 bytes leftover after parsing attributes in process `syz.0.837'. [ 121.004212][ T8020] netlink: 4 bytes leftover after parsing attributes in process `syz.2.839'. [ 121.011379][ T1993] plantronics 0003:047F:FFFF.0012: unknown main item tag 0xd [ 121.014039][ T1993] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving [ 121.024738][ T1993] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 121.315079][ T30] usb 8-1: USB disconnect, device number 6 [ 121.896748][ T8029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.841'. [ 122.084865][ T8038] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.842'. [ 122.815245][ T8056] netlink: 12 bytes leftover after parsing attributes in process `syz.0.854'. [ 122.844320][ T8057] usb 2-1: USB disconnect, device number 4 [ 122.894821][ T8057] hub 2-0:1.0: USB hub found [ 122.897538][ T8057] hub 2-0:1.0: 6 ports detected [ 123.090943][ T63] usb 2-1: new high-speed USB device number 5 using ehci-pci [ 123.284887][ T63] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 123.287335][ T63] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 123.289481][ T63] usb 2-1: Product: QEMU USB Tablet [ 123.291015][ T63] usb 2-1: Manufacturer: QEMU [ 123.292307][ T63] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 123.311115][ T63] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0013/input/input10 [ 123.343222][ T8046] Process accounting resumed [ 123.381755][ T63] hid-generic 0003:0627:0001.0013: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 123.661514][ T8074] netlink: 4 bytes leftover after parsing attributes in process `syz.0.852'. [ 123.831062][ T63] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 123.984965][ T63] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 123.988115][ T63] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 123.991140][ T63] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 123.993725][ T63] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 123.999231][ T63] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 124.001811][ T63] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 124.003946][ T63] usb 7-1: Manufacturer: syz [ 124.009150][ T63] usb 7-1: config 0 descriptor?? [ 124.416573][ T63] appleir 0003:05AC:8243.0014: unknown main item tag 0x0 [ 124.418760][ T63] appleir 0003:05AC:8243.0014: No inputs registered, leaving [ 124.423909][ T63] appleir 0003:05AC:8243.0014: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 124.624995][ T8082] netlink: 4 bytes leftover after parsing attributes in process `syz.0.855'. [ 124.672428][ T8083] netlink: 12 bytes leftover after parsing attributes in process `syz.3.856'. [ 125.013836][ T9] usb 7-1: USB disconnect, device number 9 [ 125.022262][ T39] kauditd_printk_skb: 59 callbacks suppressed [ 125.022275][ T39] audit: type=1326 audit(1729730608.744:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8109 comm="syz.1.860" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 125.030722][ T39] audit: type=1326 audit(1729730608.744:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8109 comm="syz.1.860" exe="/syz-executor" sig=0 arch=40000003 syscall=373 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 125.041595][ T39] audit: type=1326 audit(1729730608.744:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8109 comm="syz.1.860" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 125.049104][ T39] audit: type=1326 audit(1729730608.744:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8109 comm="syz.1.860" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 125.109961][ T8124] netlink: 8 bytes leftover after parsing attributes in process `syz.1.861'. [ 125.227678][ T39] audit: type=1326 audit(1729730608.944:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.0.862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 125.233732][ T39] audit: type=1326 audit(1729730608.944:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.0.862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 125.239433][ T39] audit: type=1326 audit(1729730608.954:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.0.862" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 125.245347][ T39] audit: type=1326 audit(1729730608.954:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.0.862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 125.251023][ T39] audit: type=1326 audit(1729730608.954:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.0.862" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 125.699681][ T8121] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 125.858237][ T8141] syz.3.866: attempt to access beyond end of device [ 125.858237][ T8141] nbd3: rw=0, sector=2, nr_sectors = 1 limit=0 [ 126.223196][ T8156] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.870'. [ 126.325715][ T8159] binder: 8157:8159 unknown command 25366 [ 126.327383][ T8159] binder: 8157:8159 ioctl c0306201 20000040 returned -22 [ 126.346017][ T8161] netlink: 4 bytes leftover after parsing attributes in process `syz.3.872'. [ 126.432237][ T8164] netlink: 12 bytes leftover after parsing attributes in process `syz.3.873'. [ 126.438073][ T8164] FAULT_INJECTION: forcing a failure. [ 126.438073][ T8164] name failslab, interval 1, probability 0, space 0, times 0 [ 126.443221][ T8164] CPU: 2 UID: 0 PID: 8164 Comm: syz.3.873 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 126.445949][ T8164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 126.448636][ T8164] Call Trace: [ 126.449473][ T8164] [ 126.450204][ T8164] dump_stack_lvl+0x16c/0x1f0 [ 126.451405][ T8164] should_fail_ex+0x497/0x5b0 [ 126.452569][ T8164] ? fs_reclaim_acquire+0xae/0x150 [ 126.453808][ T8164] should_failslab+0xc2/0x120 [ 126.455014][ T8164] __kmalloc_noprof+0xcb/0x410 [ 126.456265][ T8164] ? __pfx_lock_release+0x10/0x10 [ 126.457569][ T8164] flow_rule_alloc+0x29/0xf0 [ 126.458752][ T8164] fl_hw_replace_filter+0x138/0x5e0 [ 126.460085][ T8164] ? __pfx_fl_hw_replace_filter+0x10/0x10 [ 126.461505][ T8164] ? lock_acquire+0x2f/0xb0 [ 126.462655][ T8164] ? fl_change+0x3501/0x4dd0 [ 126.463824][ T8164] fl_change+0x28ed/0x4dd0 [ 126.464992][ T8164] ? fl_change+0x3066/0x4dd0 [ 126.466171][ T8164] ? __pfx_fl_change+0x10/0x10 [ 126.467389][ T8164] ? fl_get+0x215/0x3b0 [ 126.468422][ T8164] ? __pfx_fl_get+0x10/0x10 [ 126.469587][ T8164] ? __pfx_fl_change+0x10/0x10 [ 126.470808][ T8164] tc_new_tfilter+0xc49/0x2450 [ 126.472001][ T8164] ? __pfx_tc_new_tfilter+0x10/0x10 [ 126.473306][ T8164] ? __pfx___lock_acquire+0x10/0x10 [ 126.474626][ T8164] ? kmem_cache_free+0x152/0x4b0 [ 126.475841][ T8164] ? rtnetlink_rcv_msg+0x93a/0xea0 [ 126.477162][ T8164] ? __pfx_lock_release+0x10/0x10 [ 126.478439][ T8164] ? trace_lock_acquire+0x14a/0x1d0 [ 126.479756][ T8164] ? __pfx_tc_new_tfilter+0x10/0x10 [ 126.481002][ T8164] rtnetlink_rcv_msg+0x95b/0xea0 [ 126.482232][ T8164] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 126.483593][ T8164] ? __pfx___dev_queue_xmit+0x10/0x10 [ 126.484917][ T8164] netlink_rcv_skb+0x165/0x410 [ 126.486135][ T8164] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 126.487494][ T8164] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 126.488840][ T8164] ? netlink_deliver_tap+0x1ae/0xcf0 [ 126.490161][ T8164] netlink_unicast+0x53c/0x7f0 [ 126.491564][ T8164] ? __pfx_netlink_unicast+0x10/0x10 [ 126.492829][ T8164] ? __phys_addr_symbol+0x30/0x80 [ 126.494105][ T8164] ? __check_object_size+0x488/0x710 [ 126.495605][ T8164] netlink_sendmsg+0x8b8/0xd70 [ 126.496859][ T8164] ? __pfx_netlink_sendmsg+0x10/0x10 [ 126.498203][ T8164] ? lock_acquire+0x2f/0xb0 [ 126.499383][ T8164] ____sys_sendmsg+0x9ae/0xb40 [ 126.500620][ T8164] ? __pfx_____sys_sendmsg+0x10/0x10 [ 126.502101][ T8164] ? get_compat_msghdr+0x11b/0x170 [ 126.503408][ T8164] ? __pfx___lock_acquire+0x10/0x10 [ 126.504729][ T8164] ___sys_sendmsg+0x135/0x1e0 [ 126.505888][ T8164] ? __pfx____sys_sendmsg+0x10/0x10 [ 126.507200][ T8164] ? lock_acquire+0x2f/0xb0 [ 126.508378][ T8164] ? __fget_files+0x40/0x3f0 [ 126.509656][ T8164] ? fdget+0x176/0x210 [ 126.510767][ T8164] __sys_sendmsg+0x117/0x1f0 [ 126.511935][ T8164] ? __pfx___sys_sendmsg+0x10/0x10 [ 126.513203][ T8164] ? __fget_files+0x244/0x3f0 [ 126.514410][ T8164] __do_fast_syscall_32+0x73/0x120 [ 126.515760][ T8164] do_fast_syscall_32+0x32/0x80 [ 126.516953][ T8164] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 126.518508][ T8164] RIP: 0023:0xf7fb4579 [ 126.519560][ T8164] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 126.524052][ T8164] RSP: 002b:00000000f571556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 126.526112][ T8164] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020006040 [ 126.528539][ T8164] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 126.530453][ T8164] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 126.532400][ T8164] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 126.534290][ T8164] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 126.536674][ T8164] [ 126.800986][ T1993] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 126.930456][ T39] audit: type=1326 audit(1729730610.644:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8182 comm="syz.0.879" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f72579 code=0x7ffc0000 [ 126.975444][ T1993] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 126.978922][ T1993] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 126.984175][ T1993] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 126.986933][ T1993] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 126.996326][ T1993] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 126.998915][ T1993] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 127.001491][ T1993] usb 6-1: Manufacturer: syz [ 127.005144][ T1993] usb 6-1: config 0 descriptor?? [ 127.166124][ T8191] program syz.2.880 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 127.331670][ T8194] netlink: 12 bytes leftover after parsing attributes in process `syz.3.881'. [ 127.420498][ T1993] appleir 0003:05AC:8243.0015: unknown main item tag 0x0 [ 127.423556][ T1993] appleir 0003:05AC:8243.0015: No inputs registered, leaving [ 127.426918][ T1993] appleir 0003:05AC:8243.0015: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 127.941379][ T5391] usb 6-1: USB disconnect, device number 13 [ 128.751562][ T1993] usb 6-1: new low-speed USB device number 14 using dummy_hcd [ 128.881137][ T8234] netlink: 12 bytes leftover after parsing attributes in process `syz.0.894'. [ 128.910808][ T1993] usb 6-1: Invalid ep0 maxpacket: 32 [ 129.018065][ T8236] NILFS (nullb0): couldn't find nilfs on the device [ 129.051673][ T1993] usb 6-1: new low-speed USB device number 15 using dummy_hcd [ 129.070678][ T8238] netlink: 8 bytes leftover after parsing attributes in process `syz.3.896'. [ 129.073289][ T8238] netlink: 24 bytes leftover after parsing attributes in process `syz.3.896'. [ 129.284758][ T1993] usb 6-1: Invalid ep0 maxpacket: 32 [ 129.286765][ T1993] usb usb6-port1: attempt power cycle [ 129.394873][ T8246] veth0_vlan: left promiscuous mode [ 129.398595][ T8246] veth0_vlan: entered promiscuous mode [ 129.630848][ T1993] usb 6-1: new low-speed USB device number 16 using dummy_hcd [ 129.664165][ T1993] usb 6-1: Invalid ep0 maxpacket: 32 [ 129.747419][ T69] veth1_vlan (unregistering): left allmulticast mode [ 129.765330][ T69] bond0: (slave macvlan0): Releasing backup interface [ 129.790912][ T1993] usb 6-1: new low-speed USB device number 17 using dummy_hcd [ 129.811360][ T1993] usb 6-1: Invalid ep0 maxpacket: 32 [ 129.812895][ T1993] usb usb6-port1: unable to enumerate USB device [ 129.864922][ T8271] netlink: 8 bytes leftover after parsing attributes in process `syz.2.905'. [ 129.867404][ T8271] netlink: 24 bytes leftover after parsing attributes in process `syz.2.905'. [ 129.915864][ T8275] vivid-007: disconnect [ 130.061009][ T9] usb 5-1: new full-speed USB device number 11 using dummy_hcd [ 130.309766][ T9] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 130.350901][ T9] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 130.490903][ T9] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 10 [ 130.490932][ T830] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 130.507647][ T8275] vivid-007: reconnect [ 130.509286][ T9] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 255, setting to 64 [ 130.513006][ T9] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 130.516470][ T9] usb 5-1: config 0 interface 0 has no altsetting 0 [ 130.520163][ T9] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 130.523280][ T9] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 130.526064][ T9] usb 5-1: Product: syz [ 130.527478][ T9] usb 5-1: Manufacturer: syz [ 130.529036][ T9] usb 5-1: SerialNumber: syz [ 130.532243][ T9] usb 5-1: config 0 descriptor?? [ 130.534426][ T8264] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 130.537603][ T9] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 130.542347][ T9] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 130.620137][ T8286] netlink: 12 bytes leftover after parsing attributes in process `syz.2.910'. [ 130.625984][ T8286] FAULT_INJECTION: forcing a failure. [ 130.625984][ T8286] name failslab, interval 1, probability 0, space 0, times 0 [ 130.629207][ T8286] CPU: 0 UID: 0 PID: 8286 Comm: syz.2.910 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 130.631960][ T8286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 130.634730][ T8286] Call Trace: [ 130.635618][ T8286] [ 130.636409][ T8286] dump_stack_lvl+0x16c/0x1f0 [ 130.637724][ T8286] should_fail_ex+0x497/0x5b0 [ 130.638999][ T8286] should_failslab+0xc2/0x120 [ 130.640255][ T8286] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 130.641661][ T8286] ? skb_clone+0x190/0x3f0 [ 130.642580][ T830] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 130.642832][ T8286] skb_clone+0x190/0x3f0 [ 130.645639][ T830] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 130.646737][ T8286] netlink_deliver_tap+0xb26/0xcf0 [ 130.649611][ T830] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 130.650835][ T8286] netlink_unicast+0x6b4/0x7f0 [ 130.650853][ T8286] ? __pfx_netlink_unicast+0x10/0x10 [ 130.650863][ T8286] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 130.650880][ T8286] netlink_ack+0x6a5/0xb20 [ 130.650895][ T8286] netlink_rcv_skb+0x327/0x410 [ 130.653389][ T830] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 130.654623][ T8286] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 130.656788][ T830] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 130.657325][ T8286] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 130.658497][ T830] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 130.659760][ T8286] ? netlink_deliver_tap+0x1ae/0xcf0 [ 130.659776][ T8286] netlink_unicast+0x53c/0x7f0 [ 130.659789][ T8286] ? __pfx_netlink_unicast+0x10/0x10 [ 130.663612][ T830] usb 8-1: Manufacturer: syz [ 130.664540][ T8286] ? __phys_addr_symbol+0x30/0x80 [ 130.668482][ T830] usb 8-1: config 0 descriptor?? [ 130.670300][ T8286] ? __check_object_size+0x488/0x710 [ 130.679572][ T8286] netlink_sendmsg+0x8b8/0xd70 [ 130.680828][ T8286] ? __pfx_netlink_sendmsg+0x10/0x10 [ 130.682200][ T8286] ? lock_acquire+0x2f/0xb0 [ 130.683437][ T8286] ____sys_sendmsg+0x9ae/0xb40 [ 130.684695][ T8286] ? __pfx_____sys_sendmsg+0x10/0x10 [ 130.686072][ T8286] ? get_compat_msghdr+0x11b/0x170 [ 130.687417][ T8286] ? __pfx___lock_acquire+0x10/0x10 [ 130.688775][ T8286] ___sys_sendmsg+0x135/0x1e0 [ 130.690012][ T8286] ? __pfx____sys_sendmsg+0x10/0x10 [ 130.691386][ T8286] ? lock_acquire+0x2f/0xb0 [ 130.692583][ T8286] ? __fget_files+0x40/0x3f0 [ 130.693802][ T8286] ? fdget+0x176/0x210 [ 130.694875][ T8286] __sys_sendmsg+0x117/0x1f0 [ 130.696217][ T8286] ? __pfx___sys_sendmsg+0x10/0x10 [ 130.697569][ T8286] ? __fget_files+0x244/0x3f0 [ 130.698823][ T8286] __do_fast_syscall_32+0x73/0x120 [ 130.700208][ T8286] do_fast_syscall_32+0x32/0x80 [ 130.701497][ T8286] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 130.703156][ T8286] RIP: 0023:0xf746e579 [ 130.704246][ T8286] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 130.709249][ T8286] RSP: 002b:00000000f573556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 130.711440][ T8286] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000020006040 [ 130.713510][ T8286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 130.715587][ T8286] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 130.717655][ T8286] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 130.719727][ T8286] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 130.721789][ T8286] [ 130.762021][ T5391] usb 5-1: USB disconnect, device number 11 [ 130.765522][ T5391] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 131.077237][ T830] appleir 0003:05AC:8243.0016: unknown main item tag 0x0 [ 131.079572][ T830] appleir 0003:05AC:8243.0016: No inputs registered, leaving [ 131.083319][ T830] appleir 0003:05AC:8243.0016: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 131.425979][ T39] kauditd_printk_skb: 23 callbacks suppressed [ 131.425990][ T39] audit: type=1804 audit(1729730615.144:426): pid=8294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.912" name="/newroot/244/file0/file0" dev="ramfs" ino=23690 res=1 errno=0 [ 131.497270][ T8298] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 131.512725][ T8300] netlink: 8 bytes leftover after parsing attributes in process `syz.2.915'. [ 131.515905][ T8300] netlink: 24 bytes leftover after parsing attributes in process `syz.2.915'. [ 131.562479][ T8306] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 131.580612][ T8308] netlink: 4 bytes leftover after parsing attributes in process `syz.1.919'. [ 131.594649][ T63] usb 8-1: USB disconnect, device number 7 [ 131.682495][ T8312] netlink: 12 bytes leftover after parsing attributes in process `syz.1.920'. [ 131.810893][ T30] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 131.960867][ T30] usb 7-1: Using ep0 maxpacket: 8 [ 131.964258][ T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 131.967438][ T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 131.970333][ T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 131.973661][ T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 131.977773][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 131.981874][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 131.985818][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 131.990408][ T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 131.993771][ T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 131.996399][ T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 131.999669][ T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 132.002698][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 132.005693][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 132.008518][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 132.011913][ T30] usb 7-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 132.014214][ T30] usb 7-1: config 246 descriptor has 1 excess byte, ignoring [ 132.016734][ T30] usb 7-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 132.019661][ T30] usb 7-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 132.023767][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 132.027388][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 132.030648][ T30] usb 7-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 132.036443][ T30] usb 7-1: string descriptor 0 read error: -22 [ 132.038759][ T30] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 132.041223][ T30] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 132.048134][ T30] adutux 7-1:246.0: ADU100 now attached to /dev/usb/adutux0 [ 132.181788][ T1376] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.275447][ T8306] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 132.419328][ T30] usb 7-1: USB disconnect, device number 10 [ 132.542148][ T8324] netlink: 4 bytes leftover after parsing attributes in process `syz.0.923'. [ 132.544262][ T8325] netlink: 4 bytes leftover after parsing attributes in process `syz.1.925'. [ 132.734229][ T8331] netlink: 12 bytes leftover after parsing attributes in process `syz.0.926'. [ 132.742697][ T8331] FAULT_INJECTION: forcing a failure. [ 132.742697][ T8331] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 132.746098][ T8331] CPU: 1 UID: 0 PID: 8331 Comm: syz.0.926 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 132.749146][ T8331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 132.752928][ T8331] Call Trace: [ 132.754077][ T8331] [ 132.755117][ T8331] dump_stack_lvl+0x16c/0x1f0 [ 132.756818][ T8331] should_fail_ex+0x497/0x5b0 [ 132.758343][ T8331] _copy_to_user+0x30/0xc0 [ 132.759888][ T8331] simple_read_from_buffer+0xd0/0x160 [ 132.761824][ T8331] proc_fail_nth_read+0x198/0x270 [ 132.763210][ T8331] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 132.764653][ T8331] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 132.766094][ T8331] vfs_read+0x1ce/0xbd0 [ 132.767203][ T8331] ? __fget_files+0x23a/0x3f0 [ 132.768436][ T8331] ? fdget_pos+0x24c/0x360 [ 132.769925][ T8331] ? __pfx_lock_release+0x10/0x10 [ 132.771753][ T8331] ? trace_lock_acquire+0x14a/0x1d0 [ 132.773200][ T8331] ? __pfx_vfs_read+0x10/0x10 [ 132.774874][ T8331] ? __pfx___mutex_lock+0x10/0x10 [ 132.776787][ T8331] ? __fget_files+0x244/0x3f0 [ 132.778128][ T8331] ksys_read+0x12f/0x260 [ 132.779283][ T8331] ? __pfx_ksys_read+0x10/0x10 [ 132.780526][ T8331] __do_fast_syscall_32+0x73/0x120 [ 132.781859][ T8331] do_fast_syscall_32+0x32/0x80 [ 132.783173][ T8331] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 132.785340][ T8331] RIP: 0023:0xf7f72579 [ 132.786904][ T8331] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 132.793564][ T8331] RSP: 002b:00000000f56d55a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 132.795707][ T8331] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00000000f56d5620 [ 132.797650][ T8331] RDX: 000000000000000f RSI: 00000000f73fbff4 RDI: 0000000000000000 [ 132.800030][ T8331] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 132.802766][ T8331] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 132.805437][ T8331] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 132.808176][ T8331] [ 132.838542][ T8334] netlink: 8 bytes leftover after parsing attributes in process `syz.2.927'. [ 132.841250][ T8336] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 132.841863][ T8334] netlink: 24 bytes leftover after parsing attributes in process `syz.2.927'. [ 132.850930][ T25] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 133.094297][ T25] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 133.098073][ T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 133.098089][ T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 133.098099][ T25] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 133.098847][ T25] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 133.099005][ T25] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 133.099016][ T25] usb 6-1: Manufacturer: syz [ 133.106122][ T25] usb 6-1: config 0 descriptor?? [ 133.200867][ T56] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 133.372364][ T56] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 133.375266][ T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 133.378112][ T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 133.380711][ T56] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 133.386166][ T56] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 133.388638][ T56] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 133.390873][ T56] usb 7-1: Manufacturer: syz [ 133.393272][ T56] usb 7-1: config 0 descriptor?? [ 133.520937][ T25] appleir 0003:05AC:8243.0017: unknown main item tag 0x0 [ 133.523237][ T25] appleir 0003:05AC:8243.0017: No inputs registered, leaving [ 133.526667][ T25] appleir 0003:05AC:8243.0017: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 133.799740][ T56] appleir 0003:05AC:8243.0018: unknown main item tag 0x0 [ 133.801971][ T56] appleir 0003:05AC:8243.0018: No inputs registered, leaving [ 133.805021][ T56] appleir 0003:05AC:8243.0018: hiddev1,hidraw2: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 133.923422][ T8358] netlink: 12 bytes leftover after parsing attributes in process `syz.0.934'. [ 134.811804][ T8368] block device autoloading is deprecated and will be removed. [ 134.956250][ T8377] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 135.051140][ T8383] tmpfs: Unknown parameter '0xffffffffffffffff' [ 135.626351][ T30] usb 6-1: USB disconnect, device number 18 [ 135.737418][ T8398] openvswitch: netlink: Actions may not be safe on all matching packets [ 136.151082][ T30] usb 7-1: USB disconnect, device number 11 [ 137.120876][ T8422] __nla_validate_parse: 4 callbacks suppressed [ 137.120895][ T8422] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.954'. [ 137.280896][ T8427] usb 2-1: USB disconnect, device number 5 [ 137.385168][ T8428] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8) [ 137.387278][ T8428] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 137.387882][ T8424] binder: BINDER_SET_CONTEXT_MGR already set [ 137.394567][ T8424] binder: 8423:8424 ioctl 4018620d 20000100 returned -16 [ 137.394923][ T8428] vhci_hcd vhci_hcd.0: Device attached [ 137.400344][ T8424] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 137.404652][ T8424] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 137.416768][ T39] audit: type=1804 audit(1729730621.134:427): pid=8428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.956" name="/newroot/253/file0/file0" dev="ramfs" ino=23822 res=1 errno=0 [ 137.500306][ T8436] netlink: 4 bytes leftover after parsing attributes in process `syz.3.958'. [ 137.571656][ T5391] vhci_hcd: vhci_device speed not set [ 137.630886][ T56] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 137.630897][ T5391] usb 17-1: new full-speed USB device number 2 using vhci_hcd [ 137.760956][ T830] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 137.769759][ T8440] netlink: 12 bytes leftover after parsing attributes in process `syz.1.960'. [ 137.792441][ T56] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 137.794972][ T56] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 137.798390][ T56] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 137.801534][ T56] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 137.803655][ T56] usb 5-1: Manufacturer: syz [ 137.806041][ T56] usb 5-1: config 0 descriptor?? [ 137.850918][ T56] rc_core: IR keymap rc-hauppauge not found [ 137.852681][ T56] Registered IR keymap rc-empty [ 137.855515][ T56] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 137.858828][ T56] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input11 [ 137.916704][ T830] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 137.919489][ T830] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 137.924816][ T830] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 137.927342][ T830] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 137.931497][ T830] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 137.933801][ T830] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 137.936022][ T830] usb 8-1: Manufacturer: syz [ 137.941846][ T830] usb 8-1: config 0 descriptor?? [ 138.025019][ T8452] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 138.056939][ T8454] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.965'. [ 138.352204][ T830] appleir 0003:05AC:8243.0019: unknown main item tag 0x0 [ 138.354244][ T830] appleir 0003:05AC:8243.0019: No inputs registered, leaving [ 138.357145][ T830] appleir 0003:05AC:8243.0019: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 138.430956][ T56] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 138.602301][ T56] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 138.605225][ T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 138.608222][ T56] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 138.611499][ T8431] vhci_hcd: connection reset by peer [ 138.618008][ T56] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 138.622646][ T83] vhci_hcd: stop threads [ 138.624031][ T56] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 138.624979][ T83] vhci_hcd: release socket [ 138.627101][ T56] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 138.631158][ T83] vhci_hcd: disconnect device [ 138.632312][ T56] usb 6-1: Manufacturer: syz [ 138.637582][ T56] usb 6-1: config 0 descriptor?? [ 138.654286][ T8459] netlink: 8 bytes leftover after parsing attributes in process `syz.2.967'. [ 138.657303][ T8459] netlink: 24 bytes leftover after parsing attributes in process `syz.2.967'. [ 138.662711][ T8459] netlink: 8 bytes leftover after parsing attributes in process `syz.2.967'. [ 138.665715][ T8459] netlink: 4 bytes leftover after parsing attributes in process `syz.2.967'. [ 138.668692][ T8459] netlink: 'syz.2.967': attribute type 1 has an invalid length. [ 138.672450][ T8459] netlink: 24 bytes leftover after parsing attributes in process `syz.2.967'. [ 138.718144][ T8462] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 138.722641][ T8462] overlayfs: failed to set uuid (255/file1, err=-1); falling back to uuid=null. [ 138.735077][ T8462] evm: overlay not supported [ 138.876169][ T63] usb 8-1: USB disconnect, device number 8 [ 139.045079][ T56] usbhid 6-1:0.0: can't add hid device: -32 [ 139.047047][ T56] usbhid 6-1:0.0: probe with driver usbhid failed with error -32 [ 140.123234][ T8468] netlink: 12 bytes leftover after parsing attributes in process `syz.3.971'. [ 140.224298][ T8474] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 140.228662][ T8474] Cannot find add_set index 3 as target [ 141.134280][ T8482] netlink: 'syz.3.976': attribute type 1 has an invalid length. [ 141.195282][ T57] usb 6-1: USB disconnect, device number 19 [ 141.309470][ T8492] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 141.322753][ T8493] PKCS7: Unknown OID: [5] 0.0 [ 141.324242][ T8493] PKCS7: Only support pkcs7_signedData type [ 141.466721][ T8503] netlink: 'syz.1.985': attribute type 1 has an invalid length. [ 142.740902][ T5391] vhci_hcd: vhci_device speed not set [ 142.750658][ T8510] loop6: detected capacity change from 0 to 524287999 [ 142.756044][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 142.758506][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 142.760908][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 142.763301][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 142.765473][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 142.768547][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 142.771339][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 142.773728][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 142.776569][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 142.779641][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 142.783601][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 142.786205][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 142.788400][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 142.790836][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 142.793168][ C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 142.795794][ C1] Buffer I/O error on dev loop6, logical block 0, async page read [ 142.798650][ T8510] ldm_validate_partition_table(): Disk read failed. [ 142.800810][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 142.803189][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 142.808095][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 142.810514][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 142.813495][ T8510] Dev loop6: unable to read RDB block 0 [ 142.815771][ T8510] loop6: unable to read partition table [ 142.817363][ T8510] loop_reread_partitions: partition scan of loop6 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 142.833568][ T4843] ldm_validate_partition_table(): Disk read failed. [ 142.835729][ T4843] Dev loop6: unable to read RDB block 0 [ 142.837637][ T4843] loop6: unable to read partition table [ 142.967179][ T8504] syz.3.984 (8504): drop_caches: 1 [ 143.007344][ T8519] __nla_validate_parse: 14 callbacks suppressed [ 143.007356][ T8519] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.989'. [ 143.328690][ T8531] netlink: 12 bytes leftover after parsing attributes in process `syz.3.993'. [ 143.396065][ T8533] netlink: 8 bytes leftover after parsing attributes in process `syz.3.994'. [ 143.398448][ T8533] netlink: 24 bytes leftover after parsing attributes in process `syz.3.994'. [ 143.406575][ T8533] netlink: 8 bytes leftover after parsing attributes in process `syz.3.994'. [ 143.408880][ T8533] netlink: 4 bytes leftover after parsing attributes in process `syz.3.994'. [ 143.411331][ T8533] netlink: 'syz.3.994': attribute type 1 has an invalid length. [ 143.413784][ T8533] netlink: 24 bytes leftover after parsing attributes in process `syz.3.994'. [ 143.526085][ T8537] netlink: 8 bytes leftover after parsing attributes in process `syz.3.996'. [ 143.530391][ T8537] netlink: 4 bytes leftover after parsing attributes in process `syz.3.996'. [ 144.011051][ T9] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 144.162147][ T9] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 144.165115][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 144.168025][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 144.170525][ T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 144.174702][ T9] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 144.177161][ T9] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 144.180008][ T9] usb 6-1: Manufacturer: syz [ 144.182270][ T9] usb 6-1: config 0 descriptor?? [ 144.405778][ T8545] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.999'. [ 144.574422][ T8547] netlink: 'syz.3.1000': attribute type 1 has an invalid length. [ 144.579949][ T8547] netlink: 'syz.3.1000': attribute type 7 has an invalid length. [ 144.593877][ T9] appleir 0003:05AC:8243.001A: unknown main item tag 0x0 [ 144.595977][ T9] appleir 0003:05AC:8243.001A: No inputs registered, leaving [ 144.598935][ T9] appleir 0003:05AC:8243.001A: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 144.815550][ T8554] netlink: 'syz.3.1003': attribute type 1 has an invalid length. [ 144.934675][ T8561] veth1_macvtap: left promiscuous mode [ 144.936190][ T8561] macsec0: entered promiscuous mode [ 144.937670][ T8561] macsec0: entered allmulticast mode [ 144.967266][ T8566] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 145.108674][ T5391] usb 6-1: USB disconnect, device number 20 [ 146.721064][ T830] usb 5-1: USB disconnect, device number 12 [ 146.950829][ T30] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 146.960886][ T56] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 147.112239][ T56] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 147.115774][ T56] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 147.118865][ T56] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 147.121839][ T56] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 147.122328][ T30] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 147.125982][ T56] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 147.128061][ T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 147.131076][ T56] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 147.133642][ T30] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 147.136282][ T56] usb 8-1: Manufacturer: syz [ 147.138692][ T30] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 147.143922][ T56] usb 8-1: config 0 descriptor?? [ 147.144416][ T30] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 147.147714][ T30] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 147.149711][ T30] usb 6-1: Manufacturer: syz [ 147.151810][ T30] usb 6-1: config 0 descriptor?? [ 147.549596][ T56] appleir 0003:05AC:8243.001B: unknown main item tag 0x0 [ 147.552351][ T56] appleir 0003:05AC:8243.001B: No inputs registered, leaving [ 147.555484][ T56] appleir 0003:05AC:8243.001B: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 147.563004][ T30] appleir 0003:05AC:8243.001C: unknown main item tag 0x0 [ 147.565140][ T30] appleir 0003:05AC:8243.001C: No inputs registered, leaving [ 147.567931][ T30] appleir 0003:05AC:8243.001C: hiddev1,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 147.934902][ T9] libceph: connect (1)[c::]:6789 error -101 [ 147.936673][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 148.022055][ T8600] ceph: No mds server is up or the cluster is laggy [ 148.124958][ T8607] __nla_validate_parse: 11 callbacks suppressed [ 148.125028][ T8607] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1018'. [ 148.257507][ T8610] overlayfs: conflicting lowerdir path [ 148.412097][ T8615] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 148.414174][ T8615] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 148.573914][ T8617] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 148.576418][ T8617] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 148.870408][ T8625] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1023'. [ 148.901382][ T9] usb 8-1: reset high-speed USB device number 9 using dummy_hcd [ 148.985736][ T5365] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 148.989522][ T5365] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 148.992272][ T5365] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 148.995158][ T5365] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 148.997919][ T5365] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 149.000573][ T5365] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 149.014414][ T5363] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 149.018501][ T5363] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 149.021839][ T5363] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 149.025875][ T5363] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 149.029647][ T5363] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 149.033589][ T5363] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 149.121627][ T8628] chnl_net:caif_netlink_parms(): no params data found [ 149.168849][ T8628] bridge0: port 1(bridge_slave_0) entered blocking state [ 149.170747][ T8628] bridge0: port 1(bridge_slave_0) entered disabled state [ 149.173467][ T8628] bridge_slave_0: entered allmulticast mode [ 149.175445][ T8628] bridge_slave_0: entered promiscuous mode [ 149.177620][ T8641] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1025'. [ 149.184396][ T8628] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.186182][ T8628] bridge0: port 2(bridge_slave_1) entered disabled state [ 149.188056][ T8628] bridge_slave_1: entered allmulticast mode [ 149.189996][ T8628] bridge_slave_1: entered promiscuous mode [ 149.209346][ T8628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 149.212915][ T8628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 149.237474][ T8628] team0: Port device team_slave_0 added [ 149.242416][ T8628] team0: Port device team_slave_1 added [ 149.265072][ T8628] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 149.267282][ T8628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 149.275426][ T8628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 149.280511][ T8628] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 149.282983][ T8628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 149.290559][ T8628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 149.327598][ T8628] hsr_slave_0: entered promiscuous mode [ 149.329501][ T8628] hsr_slave_1: entered promiscuous mode [ 149.331461][ T8628] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 149.333445][ T8628] Cannot create hsr debugfs directory [ 149.415612][ T8628] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 149.418351][ T8628] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.500680][ T8628] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 149.504231][ T8628] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.543167][ T8651] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1028'. [ 149.568886][ T8628] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 149.572046][ T8628] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.654699][ T8628] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 149.658032][ T8628] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.681766][ T1993] usb 8-1: USB disconnect, device number 9 [ 149.704419][ T8653] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1029'. [ 149.706760][ T8653] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1029'. [ 149.711632][ T8653] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1029'. [ 149.713893][ T8653] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1029'. [ 149.716163][ T8653] netlink: 'syz.3.1029': attribute type 1 has an invalid length. [ 149.718116][ T8653] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1029'. [ 149.768357][ T8628] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 149.772515][ T8628] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 149.776153][ T8628] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 149.779672][ T8628] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 149.815229][ T8628] 8021q: adding VLAN 0 to HW filter on device bond0 [ 149.823054][ T56] usb 6-1: USB disconnect, device number 21 [ 149.823445][ T8628] 8021q: adding VLAN 0 to HW filter on device team0 [ 149.908858][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 149.910832][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 149.920477][ T8659] veth1_macvtap: entered promiscuous mode [ 149.923539][ T8659] veth1_macvtap: entered allmulticast mode [ 149.928773][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 149.930872][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 150.212049][ T8628] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 150.249391][ T8628] veth0_vlan: entered promiscuous mode [ 150.255435][ T8628] veth1_vlan: entered promiscuous mode [ 150.274528][ T8628] veth0_macvtap: entered promiscuous mode [ 150.277649][ T8628] veth1_macvtap: entered promiscuous mode [ 150.286859][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 150.289621][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.292756][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 150.295581][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.298120][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 150.301123][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.304883][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 150.307571][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.311097][ T8628] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 150.326707][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 150.330896][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.336000][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 150.342982][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.345890][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 150.349141][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.355791][ T8628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 150.359258][ T8628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 150.364618][ T8628] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 150.375034][ T8628] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.377336][ T8628] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.379683][ T8628] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.382209][ T8628] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 150.431751][ T1105] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 150.433938][ T1105] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.445010][ T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 150.448283][ T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 150.830972][ T25] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 150.975972][ T8682] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1036'. [ 150.983652][ T25] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 150.987453][ T25] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 150.990176][ T8683] netlink: 'syz.3.1037': attribute type 1 has an invalid length. [ 150.990426][ T25] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 150.995086][ T25] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 150.999514][ T25] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 151.002093][ T25] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 151.005300][ T25] usb 7-1: Manufacturer: syz [ 151.007280][ T25] usb 7-1: config 0 descriptor?? [ 151.060941][ T5363] Bluetooth: hci1: command tx timeout [ 151.240276][ T8696] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 151.273432][ T8698] kernel read not supported for file /!selinuxselinux (pid: 8698 comm: syz.0.1042) [ 151.277085][ T39] audit: type=1800 audit(1729730634.994:428): pid=8698 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1042" name="!selinuxselinux" dev="mqueue" ino=23247 res=0 errno=0 [ 151.413844][ T25] appleir 0003:05AC:8243.001D: unknown main item tag 0x0 [ 151.416200][ T25] appleir 0003:05AC:8243.001D: No inputs registered, leaving [ 151.419625][ T25] appleir 0003:05AC:8243.001D: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 151.733703][ T8702] ip6t_srh: unknown srh invflags 6BE9 [ 151.944650][ T39] audit: type=1800 audit(1729730635.664:429): pid=8705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1043" name="bus" dev="9p" ino=36317169 res=0 errno=0 [ 152.017341][ T8706] input: syz0 as /devices/virtual/input/input12 [ 152.049355][ T8706] netfs: Couldn't get user pages (rc=-14) [ 152.830558][ T8714] netlink: 'syz.3.1046': attribute type 1 has an invalid length. [ 153.049858][ T8723] EXT4-fs warning (device sda1): ext4_group_extend:1862: can't shrink FS - resize aborted [ 153.151016][ T5363] Bluetooth: hci1: command tx timeout [ 153.166065][ T8731] netlink: 'syz.3.1051': attribute type 2 has an invalid length. [ 153.168872][ T8731] __nla_validate_parse: 13 callbacks suppressed [ 153.168883][ T8731] netlink: 723 bytes leftover after parsing attributes in process `syz.3.1051'. [ 153.378516][ T8747] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1056'. [ 153.381359][ T8747] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1056'. [ 153.386234][ T8747] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1056'. [ 153.388728][ T8747] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1056'. [ 153.391742][ T8747] netlink: 'syz.0.1056': attribute type 1 has an invalid length. [ 153.393768][ T8747] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1056'. [ 153.424441][ T8749] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1058'. [ 153.436239][ T8751] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1057'. [ 153.460968][ T830] usb 8-1: new full-speed USB device number 10 using dummy_hcd [ 153.521473][ T5391] usb 7-1: USB disconnect, device number 12 [ 153.570687][ T8756] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1059'. [ 153.622666][ T830] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 153.625517][ T830] usb 8-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 153.629699][ T830] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 153.632420][ T830] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 153.634563][ T830] usb 8-1: SerialNumber: syz [ 153.637025][ T8740] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 153.827749][ T8760] UBIFS error (pid: 8760): cannot open "./file0", error -22 [ 154.045155][ T8740] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1054'. [ 154.053061][ T830] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -71 [ 154.060406][ T830] usb 8-1: USB disconnect, device number 10 [ 154.473981][ T8768] openvswitch: netlink: Actions may not be safe on all matching packets [ 154.656577][ T8783] netlink: 'syz.3.1067': attribute type 1 has an invalid length. [ 154.790880][ T30] usb 7-1: new high-speed USB device number 13 using dummy_hcd [ 154.955417][ T30] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 154.958259][ T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 154.961193][ T30] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 154.963797][ T30] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 154.968063][ T30] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 154.970387][ T30] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 154.973457][ T30] usb 7-1: Manufacturer: syz [ 154.980642][ T30] usb 7-1: config 0 descriptor?? [ 155.230880][ T5363] Bluetooth: hci1: command tx timeout [ 155.382147][ T8802] kvm: user requested TSC rate below hardware speed [ 155.389863][ T30] appleir 0003:05AC:8243.001E: unknown main item tag 0x0 [ 155.392868][ T30] appleir 0003:05AC:8243.001E: No inputs registered, leaving [ 155.398803][ T30] appleir 0003:05AC:8243.001E: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 155.698991][ T8808] ADFS-fs (nullb0): unrecognised mount option "GPL" or missing value [ 155.735733][ T8811] tmpfs: Unknown parameter '0000000000000000000600000000000000000000007017777777777777777777770x0000000000000006ÿÿ' [ 155.785483][ T8817] netlink: 'syz.1.1076': attribute type 1 has an invalid length. [ 156.810915][ T9] usb 7-1: reset high-speed USB device number 13 using dummy_hcd [ 156.941059][ T9] usb 7-1: device descriptor read/64, error -32 [ 157.180888][ T9] usb 7-1: reset high-speed USB device number 13 using dummy_hcd [ 157.300968][ T5363] Bluetooth: hci1: command tx timeout [ 157.322915][ T9] usb 7-1: device descriptor read/64, error -32 [ 157.580914][ T9] usb 7-1: reset high-speed USB device number 13 using dummy_hcd [ 157.611053][ T9] usb 7-1: device descriptor read/8, error -32 [ 157.627352][ T8853] netlink: 'syz.0.1086': attribute type 1 has an invalid length. [ 157.713936][ T8859] ttyprintk ttyprintk: ldisc open failed (-12), clearing slot 0 [ 158.512043][ T8] usb 7-1: USB disconnect, device number 13 [ 158.834960][ T8877] netlink: 'syz.0.1094': attribute type 2 has an invalid length. [ 158.912103][ T8882] __nla_validate_parse: 21 callbacks suppressed [ 158.912115][ T8882] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1096'. [ 158.918265][ T8882] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1096'. [ 158.926265][ T8882] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1096'. [ 158.928605][ T8882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1096'. [ 158.931513][ T8882] netlink: 'syz.1.1096': attribute type 1 has an invalid length. [ 158.933531][ T8882] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1096'. [ 158.976085][ T8887] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1098'. [ 159.070512][ T8888] ptrace attach of "/syz-executor exec"[5360] was attempted by "/syz-executor exec"[8888] [ 159.146307][ T8894] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1100'. [ 159.170858][ T4793] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 159.321991][ T4793] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 159.324853][ T4793] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 159.327637][ T4793] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 159.334130][ T4793] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 159.341249][ T4793] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 159.343601][ T4793] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 159.345672][ T4793] usb 7-1: Manufacturer: syz [ 159.350255][ T4793] usb 7-1: config 0 descriptor?? [ 159.757133][ T4793] appleir 0003:05AC:8243.001F: unknown main item tag 0x0 [ 159.759259][ T4793] appleir 0003:05AC:8243.001F: No inputs registered, leaving [ 159.762863][ T4793] appleir 0003:05AC:8243.001F: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 160.170268][ T8917] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1106'. [ 160.172637][ T8917] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1106'. [ 160.177135][ T8917] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1106'. [ 160.179468][ T8917] netlink: 'syz.3.1106': attribute type 1 has an invalid length. [ 160.279304][ T8] usb 7-1: USB disconnect, device number 14 [ 160.483663][ T8930] /dev/sr0: Can't open blockdev [ 160.678545][ T8947] [U] [ 160.680868][ T8947] [U] [ 160.682080][ T8947] [U] µ¯Ñ›ÔTÛÓ$GYSRըїÀÝ<Ü]3ÚÔº¤¤¸TÇÑ¿Á\JŒ(È [ 160.686577][ T8947] [U] [ 160.687695][ T8947] [U] CW¯™ÇÇ* Þ9JÁQØ#EØËSWÐÁÔC±ÏV·1žÂÛÏ!È žGPœX [ 160.690120][ T8947] [U] N%Ì9ÙÞÖC…_¹ÁNÊ…ÇBC‰…$ÞÔ4Þ(²ž [ 160.693988][ T8947] [U] Hª QÄØ›Tµ¦OÂR‚I#ıËTNBS_RЬ‰¡¾Æ«°:‰Ø€–ɦT‘ȯ ËÙ0¿™’ÚÃËŒÃWÚ™_[HN% [ 160.696612][ T8947] [U] Ï £ÜÙÛ4‡RЛŸÛŠ<)Ü6JG؃¬ÍKÉ^R\ [ 160.698207][ T8947] [U] 7¼R:€J37Ø [ 160.702749][ T8947] [U] YÛPÜ<ÅÔ…ÚU’“H¦3 ư-Î̤„Ø\PQBXÕ!Q6ÃÜÆSO'}­Ï[ÉÛÀP5OÉ>€DÊÅÖŽYÞJ>|H0=ÖÔ·TžXÈÒZÔY֦ʢÄš4ª‡IÇ¢À5AZËÑ~ZAÂ~ÝKÝ^TGžSÍJ‹I:Á¶¬Ž¥OD!M2KÃW§¬R>ƈΗKC?X…8 ¥HÇÒ*©@QEÛ»ÚU ½À.J9È“~´{—Á`²ÍÃ'R)Ó-ÀǬŸÎ=5­ÝÖJLY ÉCÄBˆØ;+LP°,FØN‡‚ÁÁYÎ%¿3†P¨ÈÕ&Ç)­Ó][œÈ‹4ÃL»Ã¶£„!’J> ÔÎ [ 160.709995][ T8947] [U] Ø.”CšÖ¯·ÏEJÓJÛ@œK’JÁ605RXUÑTTµO‹&XÐOºÖ•§\®‹&…¬°¡ÙN%Y‹‘ÁÐ17¿6`¬ÌI‚W [ 160.714457][ T8947] [U] ÏØÇM<@NºÙKJ(ÝÂ6)Ô)ÎVÌÕLR¢ [ 160.717045][ T8947] [U] >YGÐ ¤Zª?Œ¹`–O­MÉXØÓ‡Ø"Á¨¹š·¢9+¼¾DEÝÁ¹{“ÅŒ$~BÜYDšUME«!XÌÝ›A¹£AUÇ}J„¿Â£2N%MBËQÑÉÄ [ 160.721767][ T8947] [U] ÞWV×ÏÙW‹@HZ=¦(ƒ„Eˆ‡JÉ~ÈOS@žËBÈHª:"®ÃÁ‡!ƒJIÖÄUJ=Á¥)ÎŽU¤Å GרÐÚÔ–=Y=ÊKÊADËÎR†¨¹¹Á:=ÉSÖÙ—AX¾ ¢ÛX [ 160.726721][ T8947] [U] BIÞ™E¿„}¼ETØ@±3Ì(Ü ¿¥¨V¤žÀÐ{™Îº©’~ÐUK+Þ{3T˜Ú$Æ».ÃN[8S‹Ê‡šº""ÒÊ”̺„]RÏGÝ5 [ 160.729755][ T8947] [U] V²{Õ¨ÓVNB>DM«·T•¨QÂTÀÃÌÚÀ [ 160.732235][ T8947] [U] GÁ*|Ó9ÙºŸÅ†¸ [ 160.733692][ T8947] [U] G´ÆMIUÔE!ÞÕ TÏŒ*ß…8A7I5‚-|¤Ï6LK [ 160.736118][ T8947] [U] NÅ«—Dª ²Ë ÂÌS}R½BÃÅYºW<»ÂÊÈC‚ ÓÆÐH°\ÓFÍÈD.›Ã÷®˜FŒPK¸Ï‹,ªÎ‚C—Úœ.Â;¤ÊEYºÝK÷Æ]Z>‘ÚIÃÁÓOQ&O«’¼”½,PÙÖ]–,7Í›§UÚÑÝI­­Â [ 160.742164][ T8947] [U] ÀÛ $ÄL÷U2Ê¿F_3•+|NWÕµZÓEÇ—ÒP1W~·ÖN‹(§Oͱ¸8ÒDÏ £SÆÙCDÊ®FÂ65ÖZÜGÃR“Þ°Ú{ÁÒÕT“·ÈK£"@£ÆÐÔÈ :Á5}GÝB—©DѸ¦ƒ\K” [ 160.747670][ T8947] [U] ÈÐÙ ‡YÓ…ÒŸ8Î4Œ4N<; [ 160.750172][ T8947] [U] ÃÔU†IŽ7X#E¤4VML‚ÔÈ‹¬œšGÍ””A³©)-‡ÌÌ(¿NÌ—N–¢ÈÖL#Ã)׌SUÉ6 [ 160.752875][ T8947] [U] )Æ<ÈE?ÊA­¤Uܤ—9ˆ %]²ÔDCCŽE+L<'T¬1ÂKÈ…œ·3ÅÜ.É»Á€Ê ÆWS¨ÉÐÀ×ÐZY­Ï¼9I>ÌÒÑØ]ÞÈœ}{”/`ÌÜ¿5'ÙE– 41ß TNAX߿ʯÇÏ­QÌëI TÒ%ÒGÐ7L~·BÝS [ 160.756930][ T8947] [U] £Í¢ÄÅ¢ [ 160.758409][ T8947] [U] ZÓ‘UÝĪÕ4¬©&Ë™ÃE~Ý8EÁσ1´¥L{ȨGV‰Y$PNO4MËÈÓ*FÓ`ÂÎA€‰T×ÙM0?*I›#;ÁѤ+4V’¹ÛGAØÝ¬Æ%H»·[›AYX)LG]F ‚ÏHÂ|ÞZV²E­/Ëϧ1Ò7Ǭ³-ǽÈÍHœO+¯…^È)8™&E£@A8GË…Œ-ÈWR»SÃÜ-V–-Ò±ÌO>ÆÅQœÄ#9¨UA„H«)F²Þ½´œžSAÖ™³IÜN¼šZ@¯C—¶º>K³L–VD^1É)§M$/ÜÅЄ78..„»Q¢ÝA¸|ŸÖȦ)9Ò">D>EÃÓ#I¬`\Û|{ÓUÂFH.. œEMÍW}]5Ö Ã-,Å¢RK}ÏFÆÕQ¬À·C×O*ÄPÀ¹›Á¦ÂNF¶Ê [ 160.767757][ T8947] [U] „§“´ [ 160.769108][ T8947] [U] T¦0Ô—*ÃÕ°ÖXAØØÊËÉ£¥A4W…K¦¼¯¼C]X¢‹ŒË]ÊLÛ÷Æ=ß [ 160.772606][ T8947] [U] Ú$CUGSˆEÔ²6ÖÔÝÌ÷ÝÀ„¹T¼Ï„PPË’Z3T2È£‚”9W-«†Ö‘Ì™ÅAR­Ý»NBÚŽ²²:^XÖϧ·œB÷Á°ÑÖ̲~Þ{JÒÅ [ 160.776223][ T8947] [U] ÍÕTÌ·EÀÊ' 2‚­ÄL*ÁAª ¢-³;P;BTØÖ.¸N¦`¿_Ó®Î;®Ò*·U;°Á5C#R/˜ÆQ¸KÚ*M¡„ÏSAÀšÙÎ#)A‰Bš–>¾YØ‹O\;^°ˆ'ÝßO5_Y¬HŠÑÄÃL÷CEŽŒ&A‚`;œÖԸЕÙSœS¤–Ƈ{ŸH¡Þ ÓTM0ǸµÀBI^LÝÅ>ÀÔ8ÝÙ¢VV8<Ô¶-²{$>°D œ‚ØÃ½]ÅW¶–›UŒšÔ0?K ¬˼ڹŽ[UIRB_ILÚ/ES¿ßI*ŸWÖSÎ*ÃZSÀÔÀÍŽÑ’‹¿ [ 160.784936][ T8947] [U] [ 160.794065][ T8946] [U] [ 160.806080][ T8954] netlink: 'syz.3.1115': attribute type 1 has an invalid length. [ 161.208898][ T8979] trusted_key: encrypted_key: insufficient parameters specified [ 161.550894][ T8] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 161.714297][ T8] usb 8-1: config 0 has no interfaces? [ 161.715836][ T8] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 161.718431][ T8] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 161.720863][ T9] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 161.724715][ T8] usb 8-1: config 0 descriptor?? [ 161.816642][ T8990] futex_wake_op: syz.2.1126 tries to shift op by 144; fix this program [ 161.823851][ T8990] loop2: detected capacity change from 0 to 16384 [ 161.882783][ T9] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 161.885652][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 161.888441][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 161.891118][ T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 161.895219][ T9] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 161.897700][ T9] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 161.899956][ T9] usb 6-1: Manufacturer: syz [ 161.908490][ T9] usb 6-1: config 0 descriptor?? [ 161.946645][ T8985] netlink: 'syz.3.1124': attribute type 82 has an invalid length. [ 162.098725][ T830] usb 8-1: USB disconnect, device number 11 [ 162.266081][ T9018] block device autoloading is deprecated and will be removed. [ 162.268664][ T9018] syz.2.1133: attempt to access beyond end of device [ 162.268664][ T9018] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 162.315498][ T9] appleir 0003:05AC:8243.0020: unknown main item tag 0x0 [ 162.317569][ T9] appleir 0003:05AC:8243.0020: No inputs registered, leaving [ 162.320715][ T9] appleir 0003:05AC:8243.0020: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 163.740942][ T9] usb 6-1: reset high-speed USB device number 22 using dummy_hcd [ 164.531949][ T8] usb 6-1: USB disconnect, device number 22 [ 164.733042][ T39] audit: type=1400 audit(1729730648.464:430): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AAE86AD47AA0D9495E6D80F7BDE2D18FFB36CF152AED2D408FB58E305FC8E2F2F7D91F81B621CC4214D4A27E1614FBEE0BEAC8F4A045070B770212D46D4A2DF096B791F2A4BA218E12CB76AA24945B70A7C9DD5EDEAC52B5A876F73CFBE66371A72F11F3D9544D6B59B4A5541DCEF5CBF11FFFF37DFD147CCA3E5098A207BE806EA7167101F8C1B5C8FE41E170FD0C775DBC5BE0B6D3AB625AB702E5B1DC15F9C4B3D09BE812F340E681E0694F5BADF640DA3FDFC2F929B4C2BEB9A592C577287B6021BFEEC24146C7F95608BB60A736207A09D9F47E89C4044EADDE57CDEFD15F25B822D2EAF2205DF0D6B71B63EE0B63CB598F26509AF36983578F6F4198A0843CC1B1BD780015007AB9709CC6211E3B5C685B972B5C5E95F054A7A9FE149282F679C8466B9734E3850EC98419DD0C887715902F9E7802842085BC606F30C2654869E9E3701FD0FC69137FE165592689465EEBD5CAFAD7C29DE2ADADEC42A818D8EE389CA1FE33A1EF23617C89116A3A458B56612E4C36C43A9150D5331ADBB0BEB01A062B1F1349FC2ECEA76CB7C40CDFE378185F3099B1D71414D0FDA5A47F8593260CC0BD723A4CCA81435F04 [ 164.808692][ T9049] __nla_validate_parse: 14 callbacks suppressed [ 164.808704][ T9049] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1142'. [ 165.470914][ T56] usb 7-1: new high-speed USB device number 15 using dummy_hcd [ 165.630819][ T56] usb 7-1: Using ep0 maxpacket: 32 [ 165.634238][ T56] usb 7-1: config 13 has an invalid interface number: 151 but max is 1 [ 165.636486][ T56] usb 7-1: config 13 has an invalid interface number: 46 but max is 1 [ 165.638718][ T56] usb 7-1: config 13 contains an unexpected descriptor of type 0x2, skipping [ 165.643876][ T56] usb 7-1: config 13 contains an unexpected descriptor of type 0x2, skipping [ 165.646228][ T56] usb 7-1: config 13 has an invalid interface number: 88 but max is 1 [ 165.648485][ T56] usb 7-1: config 13 has 3 interfaces, different from the descriptor's value: 2 [ 165.650926][ T56] usb 7-1: config 13 has no interface number 0 [ 165.652597][ T56] usb 7-1: config 13 has no interface number 1 [ 165.654251][ T56] usb 7-1: config 13 has no interface number 2 [ 165.655899][ T56] usb 7-1: config 13 interface 151 altsetting 2 endpoint 0xD has an invalid bInterval 0, changing to 7 [ 165.658878][ T56] usb 7-1: config 13 interface 46 altsetting 6 bulk endpoint 0x9 has invalid maxpacket 1024 [ 165.664176][ T56] usb 7-1: config 13 interface 46 altsetting 6 has an endpoint descriptor with address 0xB8, changing to 0x88 [ 165.667208][ T56] usb 7-1: config 13 interface 46 altsetting 6 endpoint 0x88 has an invalid bInterval 189, changing to 7 [ 165.670179][ T56] usb 7-1: config 13 interface 46 altsetting 6 endpoint 0x88 has invalid maxpacket 26296, setting to 1024 [ 165.673187][ T56] usb 7-1: config 13 interface 46 altsetting 6 has a duplicate endpoint with address 0x7, skipping [ 165.675954][ T56] usb 7-1: config 13 interface 46 altsetting 6 has an invalid descriptor for endpoint zero, skipping [ 165.678733][ T56] usb 7-1: config 13 interface 46 altsetting 6 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 165.683706][ T56] usb 7-1: config 13 interface 46 altsetting 6 endpoint 0xA has invalid maxpacket 1023, setting to 64 [ 165.686478][ T56] usb 7-1: config 13 interface 46 altsetting 6 has 9 endpoint descriptors, different from the interface descriptor's value: 10 [ 165.689827][ T56] usb 7-1: too many endpoints for config 13 interface 88 altsetting 21: 64, using maximum allowed: 30 [ 165.692751][ T56] usb 7-1: config 13 interface 88 altsetting 21 endpoint 0x4 has invalid maxpacket 1023, setting to 64 [ 165.695648][ T56] usb 7-1: config 13 interface 88 altsetting 21 has 2 endpoint descriptors, different from the interface descriptor's value: 64 [ 165.699097][ T56] usb 7-1: config 13 interface 151 has no altsetting 0 [ 165.700982][ T56] usb 7-1: config 13 interface 46 has no altsetting 0 [ 165.702721][ T56] usb 7-1: config 13 interface 88 has no altsetting 0 [ 165.705971][ T56] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0043, bcdDevice=31.3a [ 165.708877][ T56] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 165.711086][ T56] usb 7-1: Product: 쑶ॹ悛鞫æ±î­œæ¾¬á¸¬á›†á¾˜å“ºä½å¸£ã‹èŸë³‡ê´¸êŠé‹—â¼·å™î¾Œã—ºïƒ¥æ›ˆá«„⩋抚ऊ驦昉漂郳ᓚ้踜삖煴껽啠皓껮异觌䎴îŒë’¯ï¦®á¼³é‹‘屿¢æ•¦ä˜™ç¢‚勂㉹å¾î³“ᦩê‘ᗲ䊣浆ꂰ昒ꙫ朕垼髶 [ 165.717133][ T56] usb 7-1: Manufacturer: â° [ 165.718340][ T56] usb 7-1: SerialNumber: âŽî³¡ë¨”㵴嘙ᒢ裪鉜æ’䢬툄义íœë¨‹á‡ºå§ïŸè´¶å¥æ”¾å«·ä¿œå½¨ã¬¨æ”£ï™­â’朗倘厥ä¥Þ邻쨜ë²å¶‘ç«®ëºƒêšŠè²‡à¥æŽ®âŸçµ±æ¤¨äŒ¢ê˜Ïšæ¶”à¿·ìˆå¨ˆå€žêœ¤â• ã³Šæš’圢꜖쟷釪ᱎர [ 165.939590][ T56] usbhid 7-1:13.46: couldn't find an input interrupt endpoint [ 165.945175][ T56] usb 7-1: USB disconnect, device number 15 [ 166.430985][ T4793] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 166.602271][ T4793] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 166.605747][ T4793] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 166.608592][ T4793] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 166.611669][ T4793] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 166.616304][ T9090] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 166.622530][ T4793] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 166.663927][ T9094] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1153'. [ 166.857343][ T4793] usb 8-1: USB disconnect, device number 12 [ 166.879752][ T9103] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1155'. [ 166.949179][ C3] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 167.310937][ T5365] Bluetooth: hci1: command 0x0405 tx timeout [ 167.622260][ T9122] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1157'. [ 167.854742][ T9133] overlayfs: workdir and upperdir must be separate subtrees [ 168.041626][ T9142] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.047693][ T9142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1168'. [ 168.054278][ T9142] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.101059][ T9142] bridge_slave_0 (unregistering): left allmulticast mode [ 168.102935][ T9142] bridge_slave_0 (unregistering): left promiscuous mode [ 168.104862][ T9142] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.277359][ T9149] binder: BINDER_SET_CONTEXT_MGR already set [ 168.279509][ T9149] binder: 9148:9149 ioctl 4018620d 20000100 returned -16 [ 168.562798][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 168.774266][ T9171] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1177'. [ 168.777319][ T9171] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1177'. [ 168.910949][ T8] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 169.060974][ T8] usb 6-1: Using ep0 maxpacket: 16 [ 169.066736][ T8] usb 6-1: config 205 has an invalid interface number: 43 but max is 1 [ 169.069418][ T8] usb 6-1: config 205 has an invalid interface number: 5 but max is 1 [ 169.071976][ T8] usb 6-1: config 205 contains an unexpected descriptor of type 0x2, skipping [ 169.074567][ T8] usb 6-1: config 205 has no interface number 0 [ 169.076352][ T8] usb 6-1: config 205 has no interface number 1 [ 169.078437][ T8] usb 6-1: config 205 interface 43 altsetting 205 has an invalid descriptor for endpoint zero, skipping [ 169.081654][ T8] usb 6-1: config 205 interface 5 altsetting 127 endpoint 0x4 has an invalid bInterval 0, changing to 7 [ 169.085046][ T8] usb 6-1: config 205 interface 5 altsetting 127 endpoint 0xF has invalid maxpacket 1024, setting to 64 [ 169.088054][ T8] usb 6-1: config 205 interface 5 altsetting 127 has a duplicate endpoint with address 0x4, skipping [ 169.091103][ T8] usb 6-1: config 205 interface 5 altsetting 127 has an invalid descriptor for endpoint zero, skipping [ 169.094342][ T8] usb 6-1: config 205 interface 5 altsetting 127 has a duplicate endpoint with address 0x4, skipping [ 169.097410][ T8] usb 6-1: config 205 interface 5 altsetting 127 has a duplicate endpoint with address 0x3, skipping [ 169.100331][ T8] usb 6-1: config 205 interface 5 altsetting 127 has a duplicate endpoint with address 0xA, skipping [ 169.103350][ T8] usb 6-1: config 205 interface 5 altsetting 127 has a duplicate endpoint with address 0xF, skipping [ 169.106401][ T8] usb 6-1: config 205 interface 5 altsetting 127 has a duplicate endpoint with address 0xA, skipping [ 169.109474][ T8] usb 6-1: config 205 interface 43 has no altsetting 0 [ 169.111652][ T8] usb 6-1: config 205 interface 5 has no altsetting 0 [ 169.118082][ T8] usb 6-1: New USB device found, idVendor=7392, idProduct=a711, bcdDevice=15.fb [ 169.120841][ T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 169.123033][ T8] usb 6-1: Product: ݃먷젥ꎯ䮯稞㫚⎔㵯䖕᳃圧â’魥ᒨ纀續åŒä°šè»¬ëŠì²ˆã¡«å•°å‹™ì½•譬ᇈåžìª¡â‡¼ã—µî®Ÿì¤¹ã¬è顊ԈÈ飈ì„ụ쎖天ꫭ」穱꿺ᰃá‚캞鑸꧷é›àµ¸åŽ“å«è¹é€¬â’›ï¨·á®êª‰ä‘†â†¾ã¼™é—㉂莾뎽çªå·°ë¼½ê–Ÿí´î¨¼å€µï®Ÿá˜‰ï»‘æ‹ì¶ç†²Ï¤å¾¿ë‡¤á³¿ãš°ë¹ê€ºë¾Žíœ·ë­½è¢“嵀㙄㡟 [ 169.131103][ T8] usb 6-1: Manufacturer: 갛⢾㊳ﳉâ˜áª™é´¹ìƒäµµà°™ï‚¥î¥©ì´¯â£¡å³žâ¬¹ï²‰è„鞿컚Ƕꕜん邽㣆軙悋祪楕喌ꄇ瞖췑橅㽦榪뵩î•ì®ä±­é™…鄟봎헪ꖉᇖ [ 169.135679][ T8] usb 6-1: SerialNumber: syz [ 169.551395][ T8] usb 6-1: USB disconnect, device number 23 [ 169.907695][ T9191] syzkaller1: entered promiscuous mode [ 169.909377][ T9191] syzkaller1: entered allmulticast mode [ 169.912732][ T9191] tipc: Started in network mode [ 169.914144][ T9191] tipc: Node identity 4, cluster identity 4711 [ 169.915844][ T9191] tipc: Node number set to 4 [ 170.071184][ T11] tipc: Left network mode [ 170.832839][ T9203] netlink: 'syz.2.1186': attribute type 9 has an invalid length. [ 170.841033][ T9203] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1186'. [ 171.084972][ T9213] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 171.127770][ T39] audit: type=1326 audit(1729730910.853:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 171.139569][ T39] audit: type=1326 audit(1729730910.853:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 171.149355][ T39] audit: type=1326 audit(1729730910.853:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 171.155156][ T39] audit: type=1326 audit(1729730910.853:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 171.160679][ T39] audit: type=1326 audit(1729730910.863:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 171.171062][ T39] audit: type=1326 audit(1729730910.863:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 171.183296][ T39] audit: type=1326 audit(1729730910.863:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=5 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 171.190603][ T39] audit: type=1326 audit(1729730910.863:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 171.197232][ T39] audit: type=1326 audit(1729730910.863:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 171.202923][ T39] audit: type=1326 audit(1729730910.873:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9207 comm="syz.3.1188" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7fb4579 code=0x7ffc0000 [ 171.747349][ T9207] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 171.755851][ T9233] ptrace attach of "/syz-executor exec"[8628] was attempted by "/syz-executor exec"[9233] [ 171.885746][ T9236] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 172.000960][ T5391] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 172.152761][ T5391] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 172.156565][ T5391] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 172.160368][ T5391] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 172.164043][ T5391] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 172.169783][ T5391] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 172.173399][ T5391] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 172.176198][ T5391] usb 6-1: Manufacturer: syz [ 172.179284][ T5391] usb 6-1: config 0 descriptor?? [ 172.330327][ T9241] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1195'. [ 172.592555][ T5391] usbhid 6-1:0.0: can't add hid device: -32 [ 172.594164][ T5391] usbhid 6-1:0.0: probe with driver usbhid failed with error -32 [ 173.847714][ T1105] Bluetooth: hci4: Frame reassembly failed (-84) [ 174.795255][ T56] usb 6-1: USB disconnect, device number 24 [ 174.925138][ T9290] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1205'. [ 175.385963][ T9302] vxcan1: tx address claim with dlc 1 [ 175.870961][ T5363] Bluetooth: hci4: command 0x1003 tx timeout [ 175.870988][ T5365] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 176.191001][ T5391] usb 7-1: new high-speed USB device number 16 using dummy_hcd [ 176.332740][ T9318] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1214'. [ 176.344133][ T5391] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 176.346973][ T5391] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 176.349780][ T5391] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 176.352400][ T5391] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 176.369618][ T9323] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1215'. [ 176.370984][ T5391] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 176.374467][ T5391] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 176.376590][ T5391] usb 7-1: Manufacturer: syz [ 176.379749][ T5391] usb 7-1: config 0 descriptor?? [ 176.402610][ T9325] input: syz1 as /devices/virtual/input/input13 [ 176.587215][ T9311] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 176.590663][ T9311] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 176.595430][ T9311] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 176.598513][ T9311] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 176.640898][ T63] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 176.803740][ T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 176.806747][ T63] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 176.809289][ T63] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 176.811865][ T5391] appleir 0003:05AC:8243.0021: unknown main item tag 0x0 [ 176.812940][ T63] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 176.814961][ T5391] appleir 0003:05AC:8243.0021: No inputs registered, leaving [ 176.817171][ T63] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.820166][ T5391] appleir 0003:05AC:8243.0021: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 176.820903][ T8] usb 6-1: new low-speed USB device number 25 using dummy_hcd [ 176.828006][ T63] usb 5-1: config 0 descriptor?? [ 176.970952][ T8] usb 6-1: Invalid ep0 maxpacket: 16 [ 177.100866][ T8] usb 6-1: new low-speed USB device number 26 using dummy_hcd [ 177.250841][ T8] usb 6-1: Invalid ep0 maxpacket: 16 [ 177.259658][ T8] usb usb6-port1: attempt power cycle [ 177.265961][ T9327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 177.269843][ T9327] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 177.327634][ T4793] usb 7-1: USB disconnect, device number 16 [ 177.460406][ T63] usbhid 5-1:0.0: can't add hid device: -71 [ 177.462194][ T63] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 177.470656][ T63] usb 5-1: USB disconnect, device number 13 [ 177.600877][ T8] usb 6-1: new low-speed USB device number 27 using dummy_hcd [ 177.621743][ T8] usb 6-1: Invalid ep0 maxpacket: 16 [ 177.750905][ T8] usb 6-1: new low-speed USB device number 28 using dummy_hcd [ 177.771380][ T8] usb 6-1: Invalid ep0 maxpacket: 16 [ 177.773133][ T8] usb usb6-port1: unable to enumerate USB device [ 178.599093][ T9381] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1228'. [ 178.845687][ T9390] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 178.977119][ T9396] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8) [ 178.978890][ T9396] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 178.981698][ T9396] vhci_hcd vhci_hcd.0: Device attached [ 178.989372][ T9398] vhci_hcd: connection closed [ 178.989667][ T12] vhci_hcd: stop threads [ 178.993692][ T12] vhci_hcd: release socket [ 178.994925][ T12] vhci_hcd: disconnect device [ 179.011478][ T56] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 179.231008][ T63] usb 8-1: new high-speed USB device number 13 using dummy_hcd [ 179.383428][ T63] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 179.386339][ T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 179.389352][ T63] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 179.392246][ T63] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 179.396927][ T63] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 179.399555][ T63] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 179.401718][ T63] usb 8-1: Manufacturer: syz [ 179.407113][ T63] usb 8-1: config 0 descriptor?? [ 179.633456][ T9414] netlink: 'syz.1.1237': attribute type 1 has an invalid length. [ 179.635536][ T9414] netlink: 9352 bytes leftover after parsing attributes in process `syz.1.1237'. [ 179.637933][ T9414] netlink: 'syz.1.1237': attribute type 1 has an invalid length. [ 179.639994][ T9414] netlink: 'syz.1.1237': attribute type 2 has an invalid length. [ 179.642933][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1237'. [ 179.683924][ T9414] xt_TCPMSS: Only works on TCP SYN packets [ 179.817878][ T63] appleir 0003:05AC:8243.0022: unknown main item tag 0x0 [ 179.819989][ T63] appleir 0003:05AC:8243.0022: No inputs registered, leaving [ 179.823042][ T63] appleir 0003:05AC:8243.0022: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 180.002620][ T9385] delete_channel: no stack [ 180.017793][ T9420] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1238'. [ 180.210613][ T9434] input: syz0 as /devices/virtual/input/input14 [ 180.247856][ T39] kauditd_printk_skb: 4 callbacks suppressed [ 180.247867][ T39] audit: type=1326 audit(1729730919.973:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 180.257267][ T39] audit: type=1326 audit(1729730919.973:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 180.266893][ T39] audit: type=1326 audit(1729730919.973:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 180.274664][ T39] audit: type=1326 audit(1729730919.973:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 180.280309][ T39] audit: type=1326 audit(1729730919.983:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 180.287901][ T39] audit: type=1326 audit(1729730919.983:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 180.305563][ T39] audit: type=1326 audit(1729730920.023:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=255 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 180.311272][ T39] audit: type=1326 audit(1729730920.023:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 180.317184][ T39] audit: type=1326 audit(1729730920.023:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 180.341486][ T39] audit: type=1326 audit(1729730920.023:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9431 comm="syz.1.1242" exe="/syz-executor" sig=0 arch=40000003 syscall=255 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 180.895754][ T9453] vxcan1: entered allmulticast mode [ 181.080203][ T9460] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1251'. [ 181.214441][ T9462] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1252'. [ 181.795303][ T30] usb 8-1: USB disconnect, device number 13 [ 182.693420][ T9499] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1260'. [ 183.110927][ T5391] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 183.273985][ T5391] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 183.277910][ T5391] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 183.290828][ T5391] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 183.293323][ T5391] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 183.297810][ T5391] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 183.300222][ T5391] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 183.305633][ T5391] usb 5-1: Manufacturer: syz [ 183.308229][ T5391] usb 5-1: config 0 descriptor?? [ 183.471925][ T9519] bridge_slave_1: left allmulticast mode [ 183.473622][ T9519] bridge_slave_1: left promiscuous mode [ 183.476637][ T9519] bridge0: port 2(bridge_slave_1) entered disabled state [ 183.662529][ T9526] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1269'. [ 183.664995][ T9526] openvswitch: netlink: Tunnel attr 1291 out of range max 16 [ 183.674157][ T9528] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1270'. [ 183.725924][ T5391] appleir 0003:05AC:8243.0023: unknown main item tag 0x0 [ 183.728239][ T5391] appleir 0003:05AC:8243.0023: No inputs registered, leaving [ 183.731565][ T5391] appleir 0003:05AC:8243.0023: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 183.767278][ T9531] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1271'. [ 184.089526][ T9547] syzkaller0: entered promiscuous mode [ 184.092254][ T9547] syzkaller0: entered allmulticast mode [ 184.104042][ T9547] program syz.3.1274 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 184.559183][ T9551] netlink: 1264 bytes leftover after parsing attributes in process `syz.1.1276'. [ 185.351594][ T9568] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1279'. [ 185.364623][ T9572] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 185.714160][ T9598] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 185.717952][ T9598] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 185.780900][ T5365] Bluetooth: hci1: command 0x0405 tx timeout [ 186.707696][ T830] usb 5-1: USB disconnect, device number 15 [ 186.899798][ T9621] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1292'. [ 187.010620][ T9624] lo speed is unknown, defaulting to 1000 [ 187.013230][ T9624] lo speed is unknown, defaulting to 1000 [ 187.018809][ T9624] lo speed is unknown, defaulting to 1000 [ 187.024492][ T9624] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 187.029310][ T9624] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 187.046196][ T9624] lo speed is unknown, defaulting to 1000 [ 187.048777][ T9624] lo speed is unknown, defaulting to 1000 [ 187.052390][ T9624] lo speed is unknown, defaulting to 1000 [ 187.054258][ T9624] lo speed is unknown, defaulting to 1000 [ 187.056112][ T9624] lo speed is unknown, defaulting to 1000 [ 188.007632][ T9658] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1302'. [ 188.060828][ T8] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 188.280100][ T8] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 188.283130][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 188.286336][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 188.289650][ T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 188.295671][ T8] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 188.298227][ T8] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 188.300850][ T8] usb 5-1: Manufacturer: syz [ 188.310047][ T8] usb 5-1: config 0 descriptor?? [ 189.237475][ T8] usbhid 5-1:0.0: can't add hid device: -32 [ 189.239818][ T8] usbhid 5-1:0.0: probe with driver usbhid failed with error -32 [ 189.463944][ T39] kauditd_printk_skb: 4 callbacks suppressed [ 189.463955][ T39] audit: type=1326 audit(1729730929.193:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000 [ 189.475762][ T39] audit: type=1326 audit(1729730929.193:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000 [ 189.483380][ T39] audit: type=1326 audit(1729730929.193:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000 [ 189.488904][ T39] audit: type=1326 audit(1729730929.193:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000 [ 189.494939][ T39] audit: type=1326 audit(1729730929.193:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000 [ 189.503052][ T39] audit: type=1326 audit(1729730929.193:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000 [ 189.508548][ T39] audit: type=1326 audit(1729730929.193:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000 [ 189.514045][ T39] audit: type=1326 audit(1729730929.193:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000 [ 189.519536][ T39] audit: type=1326 audit(1729730929.193:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000 [ 189.526251][ T39] audit: type=1326 audit(1729730929.193:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9670 comm="syz.1.1307" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf747e579 code=0x50000 [ 189.623129][ T9674] ALSA: mixer_oss: invalid OSS volume 'IPVS' [ 190.023138][ T5365] Bluetooth: hci1: command 0x0405 tx timeout [ 190.294089][ T9699] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1311'. [ 191.360855][ T4793] usb 5-1: USB disconnect, device number 16 [ 191.408402][ T9756] raw_sendmsg: syz.0.1320 forgot to set AF_INET. Fix it! [ 191.426989][ T9762] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1321'. [ 191.462320][ T9764] netlink: 728 bytes leftover after parsing attributes in process `syz.0.1322'. [ 191.465763][ T9764] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1322'. [ 191.474433][ T9767] netlink: 'syz.2.1323': attribute type 9 has an invalid length. [ 191.476477][ T9767] netlink: 209836 bytes leftover after parsing attributes in process `syz.2.1323'. [ 191.558104][ T9775] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1325'. [ 191.560382][ T9775] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1325'. [ 191.565247][ T9775] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1325'. [ 191.567444][ T9775] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1325'. [ 191.569553][ T9775] netlink: 'syz.0.1325': attribute type 1 has an invalid length. [ 191.981037][ T5391] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 192.110957][ T5391] usb 7-1: device descriptor read/64, error -71 [ 192.370934][ T5391] usb 7-1: new high-speed USB device number 18 using dummy_hcd [ 192.511120][ T5391] usb 7-1: device descriptor read/64, error -71 [ 192.620963][ T5391] usb usb7-port1: attempt power cycle [ 192.652426][ T9809] netlink: 'syz.1.1336': attribute type 1 has an invalid length. [ 192.970898][ T5391] usb 7-1: new high-speed USB device number 19 using dummy_hcd [ 193.001484][ T5391] usb 7-1: device descriptor read/8, error -71 [ 193.095902][ T9828] __nla_validate_parse: 9 callbacks suppressed [ 193.095917][ T9828] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1341'. [ 193.260913][ T5391] usb 7-1: new high-speed USB device number 20 using dummy_hcd [ 193.281766][ T5391] usb 7-1: device descriptor read/8, error -71 [ 193.340890][ T30] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 193.396459][ T5391] usb usb7-port1: unable to enumerate USB device [ 193.470958][ T9831] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1342'. [ 193.492259][ T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 193.495145][ T30] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 193.497800][ T30] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 193.501275][ T30] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 193.504593][ T30] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 193.508474][ T30] usb 5-1: config 0 descriptor?? [ 193.623959][ T1376] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.629398][ T9839] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1346'. [ 193.632381][ T9839] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1346'. [ 193.638193][ T9839] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1346'. [ 193.642097][ T9839] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1346'. [ 193.644498][ T9839] netlink: 'syz.3.1346': attribute type 1 has an invalid length. [ 193.646449][ T9839] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1346'. [ 193.675657][ T9843] overlay: Unknown parameter 'rootcontext' [ 193.704033][ T9847] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1348'. [ 193.727199][ T30] usbhid 5-1:0.0: can't add hid device: -71 [ 193.729174][ T30] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 193.732232][ T30] usb 5-1: USB disconnect, device number 17 [ 193.765964][ T9854] tmpfs: Bad value for 'mpol' [ 194.013923][ T9862] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1352'. [ 194.312319][ T9871] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1355'. [ 194.318709][ T9871] netlink: 'syz.3.1355': attribute type 1 has an invalid length. [ 194.765051][ T9887] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.767141][ T9887] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.962816][ T39] kauditd_printk_skb: 32986 callbacks suppressed [ 194.962832][ T39] audit: type=1800 audit(1729730934.693:33455): pid=9887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1360" name="/" dev="fuse" ino=1 res=0 errno=0 [ 194.972815][ T39] audit: type=1800 audit(1729730934.693:33456): pid=9888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1360" name="/" dev="fuse" ino=1 res=0 errno=0 [ 195.084506][ T9898] netlink: 'syz.3.1364': attribute type 1 has an invalid length. [ 195.410955][ T5391] usb 7-1: new high-speed USB device number 21 using dummy_hcd [ 195.562971][ T5391] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 195.565602][ T5391] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 195.568382][ T5391] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 195.580989][ T5391] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 195.585537][ T5391] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 195.587817][ T5391] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 195.589950][ T5391] usb 7-1: Manufacturer: syz [ 195.598010][ T5391] usb 7-1: config 0 descriptor?? [ 195.817508][ T39] audit: type=1326 audit(1729730935.543:33457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 195.824297][ T39] audit: type=1326 audit(1729730935.543:33458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 195.829955][ T39] audit: type=1326 audit(1729730935.543:33459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 195.836587][ T39] audit: type=1326 audit(1729730935.543:33460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 195.842200][ T39] audit: type=1326 audit(1729730935.543:33461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 195.847718][ T39] audit: type=1326 audit(1729730935.543:33462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 195.853394][ T39] audit: type=1326 audit(1729730935.543:33463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 195.856299][ T9916] syz.0.1370 (9916): drop_caches: 2 [ 195.859066][ T39] audit: type=1326 audit(1729730935.543:33464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9921 comm="syz.1.1372" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf747e579 code=0x7ffc0000 [ 196.010523][ T5391] appleir 0003:05AC:8243.0024: unknown main item tag 0x0 [ 196.012678][ T5391] appleir 0003:05AC:8243.0024: No inputs registered, leaving [ 196.017227][ T5391] appleir 0003:05AC:8243.0024: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 196.075074][ T830] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 196.220920][ T830] usb 6-1: Using ep0 maxpacket: 8 [ 196.224280][ T830] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 196.227064][ T830] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 196.229591][ T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 196.232314][ T830] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 196.234914][ T830] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 196.238269][ T830] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 196.240601][ T830] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.460134][ T830] usb 6-1: usb_control_msg returned -71 [ 196.461801][ T830] usbtmc 6-1:16.0: can't read capabilities [ 196.468697][ T830] usb 6-1: USB disconnect, device number 29 [ 196.527427][ T5391] usb 7-1: USB disconnect, device number 21 [ 197.121919][ T9960] netlink: 'syz.1.1383': attribute type 1 has an invalid length. [ 197.730342][T10011] nbd: socks must be embedded in a SOCK_ITEM attr [ 198.041073][ T5391] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 198.077458][T10024] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 198.213918][ T5391] usb 5-1: too many configurations: 9, using maximum allowed: 8 [ 198.217684][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 198.220968][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 198.226041][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0 [ 198.229239][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 198.233132][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 198.237000][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0 [ 198.240485][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 198.243656][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 198.247525][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0 [ 198.250292][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 198.253350][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 198.256315][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0 [ 198.258889][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 198.261368][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 198.264176][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0 [ 198.266814][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 198.269481][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 198.272462][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0 [ 198.275101][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 198.277701][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 198.280514][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0 [ 198.282965][ T5391] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 198.285373][ T5391] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 198.288244][ T5391] usb 5-1: config 0 interface 0 has no altsetting 0 [ 198.291895][ T5391] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 198.294274][ T5391] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 198.296494][ T5391] usb 5-1: Product: syz [ 198.297951][ T5391] usb 5-1: Manufacturer: syz [ 198.299249][ T5391] usb 5-1: SerialNumber: syz [ 198.301416][ T5391] usb 5-1: config 0 descriptor?? [ 198.304623][ T5391] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0 [ 198.508012][T10027] __nla_validate_parse: 40 callbacks suppressed [ 198.508028][T10027] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1408'. [ 198.559162][ C3] usb 5-1: yurex_control_callback - control failed: -71 [ 198.562278][ T5391] usb 5-1: USB disconnect, device number 18 [ 198.565039][ T5391] yurex 5-1:0.0: USB YUREX #0 now disconnected [ 198.723407][T10036] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1412'. [ 198.726403][T10036] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1412'. [ 198.730377][T10036] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1412'. [ 198.734814][T10036] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1412'. [ 198.737648][T10036] nbd: socks must be embedded in a SOCK_ITEM attr [ 198.779412][T10042] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1415'. [ 199.090844][ T9] usb 7-1: new high-speed USB device number 22 using dummy_hcd [ 199.119087][T10059] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1421'. [ 199.260882][ T9] usb 7-1: Using ep0 maxpacket: 8 [ 199.264057][ T9] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 199.266448][ T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 199.268871][ T9] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 199.281086][ T9] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 199.284380][ T9] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 199.290814][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 199.329569][T10065] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1422'. [ 199.330372][T10064] netlink: 'syz.3.1423': attribute type 1 has an invalid length. [ 199.331961][T10065] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1422'. [ 199.336268][T10064] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1423'. [ 199.339907][T10065] nbd: socks must be embedded in a SOCK_ITEM attr [ 199.498608][ T9] usb 7-1: usb_control_msg returned -32 [ 199.500044][ T9] usbtmc 7-1:16.0: can't read capabilities [ 199.581883][ T4793] usb 7-1: USB disconnect, device number 22 [ 200.000917][T10091] block nbd3: Device being setup by another task [ 200.007772][T10094] nbd: socks must be embedded in a SOCK_ITEM attr [ 200.093079][T10091] block nbd3: shutting down sockets [ 200.408992][T10121] netlink: 'syz.0.1439': attribute type 12 has an invalid length. [ 200.413269][T10121] netlink: 'syz.0.1439': attribute type 11 has an invalid length. [ 200.478897][T10124] nbd: socks must be embedded in a SOCK_ITEM attr [ 201.242963][T10147] nbd: socks must be embedded in a SOCK_ITEM attr [ 201.878507][T10175] netlink: 'syz.3.1460': attribute type 10 has an invalid length. [ 201.895346][T10175] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 201.898010][T10175] team0: Port device batadv0 added [ 201.973171][T10178] nbd: socks must be embedded in a SOCK_ITEM attr [ 202.766621][T10206] kvm: requested 6704 ns i8254 timer period limited to 200000 ns [ 202.776723][T10206] kvm: requested 39390 ns i8254 timer period limited to 200000 ns [ 202.780259][T10206] kvm: requested 95542 ns i8254 timer period limited to 200000 ns [ 202.785122][T10206] kvm: requested 82971 ns i8254 timer period limited to 200000 ns [ 202.788011][T10206] kvm: requested 96381 ns i8254 timer period limited to 200000 ns [ 202.793365][T10206] kvm: requested 90514 ns i8254 timer period limited to 200000 ns [ 202.796633][T10206] kvm: requested 39390 ns i8254 timer period limited to 200000 ns [ 202.799739][T10206] kvm: requested 84647 ns i8254 timer period limited to 200000 ns [ 202.807110][T10206] kvm: requested 39390 ns i8254 timer period limited to 200000 ns [ 202.810115][T10206] kvm: requested 85485 ns i8254 timer period limited to 200000 ns [ 202.965153][T10214] nbd: socks must be embedded in a SOCK_ITEM attr [ 203.397202][T10232] hub 9-0:1.0: USB hub found [ 203.399164][T10232] hub 9-0:1.0: 1 port detected [ 203.518435][T10239] __nla_validate_parse: 38 callbacks suppressed [ 203.518453][T10239] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1478'. [ 203.692666][T10247] program syz.0.1480 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 203.728851][T10251] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1481'. [ 203.732130][T10251] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1481'. [ 203.738118][T10251] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1481'. [ 203.740426][T10251] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1481'. [ 203.743613][T10251] nbd: socks must be embedded in a SOCK_ITEM attr [ 203.788104][T10253] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1482'. [ 204.005291][T10267] input: syz1 as /devices/virtual/input/input16 [ 204.023016][T10274] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1487'. [ 204.037257][T10276] program syz.1.1488 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 204.042326][T10276] program syz.1.1488 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 204.045929][T10276] program syz.1.1488 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 204.094375][T10290] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1490'. [ 204.096821][T10290] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1490'. [ 204.107047][T10290] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1490'. [ 204.111752][T10290] nbd: socks must be embedded in a SOCK_ITEM attr [ 204.128086][T10292] netlink: 'syz.2.1491': attribute type 2 has an invalid length. [ 205.107161][T10321] nbd: socks must be embedded in a SOCK_ITEM attr [ 205.351235][T10337] Bluetooth: hci3: Opcode 0x0401 failed: -22 [ 205.555858][T10345] EXT4-fs (sda1): shut down requested (2) [ 205.558075][T10345] Aborting journal on device sda1-8. [ 205.654008][T10350] nbd: socks must be embedded in a SOCK_ITEM attr [ 205.819267][T10358] netlink: 'syz.2.1513': attribute type 13 has an invalid length. [ 205.821855][T10358] macvtap0: entered allmulticast mode [ 205.823294][T10358] veth0_macvtap: entered allmulticast mode [ 205.825876][T10358] macvtap0: refused to change device tx_queue_len [ 206.000914][ T830] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 206.172219][ T830] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 206.175893][ T830] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 206.180313][ T830] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 206.183716][ T830] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.187802][ T830] usb 5-1: config 0 descriptor?? [ 206.384239][T10376] nbd: nbd0 already in use [ 206.467822][T10389] trusted_key: encrypted_key: insufficient parameters specified [ 206.502843][T10391] zonefs (nbd2) ERROR: Not a zoned block device [ 206.513684][ T39] kauditd_printk_skb: 70 callbacks suppressed [ 206.513701][ T39] audit: type=1326 audit(1729730946.243:33535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10390 comm="syz.2.1524" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fe0579 code=0x0 [ 206.604905][ T830] plantronics 0003:047F:FFFF.0025: No inputs registered, leaving [ 206.611406][ T830] plantronics 0003:047F:FFFF.0025: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 206.624243][T10399] openvswitch: netlink: Actions may not be safe on all matching packets [ 206.807394][ T830] usb 5-1: USB disconnect, device number 19 SYZFAIL: posix_spawn failed (errno 5: Input/output error) [ 207.283143][ T9720] bridge_slave_1: left allmulticast mode [ 207.285290][ T9720] bridge_slave_1: left promiscuous mode [ 207.288377][ T9720] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.323017][ T9720] bridge_slave_0: left allmulticast mode [ 207.325107][ T9720] bridge_slave_0: left promiscuous mode [ 207.335885][ T9720] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.958606][ T9720] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 207.963176][ T9720] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 207.966906][ T9720] bond0 (unregistering): Released all slaves [ 207.971906][ T9720] bond1 (unregistering): Released all slaves [ 208.396900][ T9720] hsr_slave_0: left promiscuous mode [ 208.398947][ T9720] hsr_slave_1: left promiscuous mode [ 208.400866][ T9720] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 208.403028][ T9720] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 208.405661][ T9720] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 208.407804][ T9720] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 208.433815][ T9720] veth1_macvtap: left promiscuous mode [ 208.435529][ T9720] veth0_macvtap: left promiscuous mode [ 209.047136][ T9720] team0 (unregistering): Port device team_slave_1 removed [ 209.134151][ T9720] team0 (unregistering): Port device team_slave_0 removed [ 210.237000][ T9720] IPVS: stop unused estimator thread 0... [ 210.366057][ T9720] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.469048][ T9720] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.556099][ T9720] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.625359][ T9720] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.790362][ T9720] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.837344][ T9720] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.915015][ T9720] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.970119][ T9720] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.064406][ T9720] bridge_slave_1: left allmulticast mode [ 211.065908][ T9720] bridge_slave_1: left promiscuous mode [ 211.067425][ T9720] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.070365][ T9720] bridge_slave_0: left allmulticast mode [ 211.072228][ T9720] bridge_slave_0: left promiscuous mode [ 211.073796][ T9720] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.171756][ T9720] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 212.175457][ T9720] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 212.178852][ T9720] bond0 (unregistering): Released all slaves [ 212.257608][ T9720] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 212.263355][ T9720] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 212.268420][ T9720] bond0 (unregistering): Released all slaves [ 212.774160][ T9720] hsr_slave_0: left promiscuous mode [ 212.775872][ T9720] hsr_slave_1: left promiscuous mode [ 212.777505][ T9720] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 212.779495][ T9720] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 212.781968][ T9720] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 212.783889][ T9720] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 212.788531][ T9720] hsr_slave_0: left promiscuous mode [ 212.790525][ T9720] hsr_slave_1: left promiscuous mode [ 212.792439][ T9720] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 212.794384][ T9720] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 212.796606][ T9720] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 212.798568][ T9720] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 212.829666][ T9720] veth1_macvtap: left promiscuous mode [ 212.831793][ T9720] veth0_macvtap: left promiscuous mode [ 212.833284][ T9720] veth1_vlan: left promiscuous mode [ 212.835748][ T9720] veth0_vlan: left promiscuous mode [ 212.837847][ T9720] veth1_macvtap: left promiscuous mode [ 212.839322][ T9720] veth0_macvtap: left allmulticast mode [ 212.840846][ T9720] veth0_macvtap: left promiscuous mode [ 212.842331][ T9720] veth1_vlan: left promiscuous mode [ 212.843746][ T9720] veth0_vlan: left promiscuous mode [ 213.596038][ T9720] team0 (unregistering): Port device team_slave_1 removed [ 213.679904][ T9720] team0 (unregistering): Port device team_slave_0 removed [ 214.054311][ T9720] team0 (unregistering): Port device batadv0 removed [ 214.747851][ T9720] team0 (unregistering): Port device team_slave_1 removed [ 214.823426][ T9720] team0 (unregistering): Port device team_slave_0 removed [ 215.348930][ T56] lo speed is unknown, defaulting to 1000 [ 215.872697][ T9720] IPVS: stop unused estimator thread 0... VM DIAGNOSIS: 00:44:51 Registers: info registers vcpu 0 CPU#0 RAX=000000000083d07d RBX=0000000000000000 RCX=ffffffff8b139ef9 RDX=0000000000000000 RSI=ffffffff8b4cc960 RDI=ffffffff8bb12d60 RBP=fffffbfff1b52af8 RSP=ffffffff8da07e20 R8 =0000000000000001 R9 =ffffed1005687025 R10=ffff88802b43812b R11=0000000000000000 R12=0000000000000000 R13=ffffffff8da957c0 R14=ffffffff901ce608 R15=0000000000000000 RIP=ffffffff8b13b2df RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000ffdb1ef9 CR3=0000000045d52000 CR4=00352ef0 DR0=0000000000000005 DR1=000000000000000a DR2=0000000000000002 DR3=0000000000000010 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f739bff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000beeb83 RBX=0000000000000001 RCX=ffffffff8b139ef9 RDX=0000000000000000 RSI=ffffffff8b4cc960 RDI=ffffffff8bb12d60 RBP=ffffed10036e9910 RSP=ffffc90000477e08 R8 =0000000000000001 R9 =ffffed10056a7025 R10=ffff88802b53812b R11=0000000000000000 R12=0000000000000001 R13=ffff88801b74c880 R14=ffffffff901ce608 R15=0000000000000000 RIP=ffffffff8b13b2df RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000ffdc0ccc CR3=000000000db7c000 CR4=00352ef0 DR0=0000000000000005 DR1=000000000000000a DR2=0000000000000002 DR3=0000000000000010 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000004b9137 RBX=0000000000000002 RCX=ffffffff8b139ef9 RDX=0000000000000000 RSI=ffffffff8b4cc960 RDI=ffffffff8bb12d60 RBP=ffffed10036ec000 RSP=ffffc90000487e08 R8 =0000000000000001 R9 =ffffed10056c7025 R10=ffff88802b63812b R11=0000000000000000 R12=0000000000000002 R13=ffff88801b760000 R14=ffffffff901ce608 R15=0000000000000000 RIP=ffffffff8b13b2df RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000584194c0 CR3=000000002ad96000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000020000 RBX=0000000000000000 RCX=1ffff11004af1a7a RDX=0000000000000000 RSI=0000000000000022 RDI=ffff88802578d3fc RBP=0000000000000000 RSP=ffffc90002f2f5d8 R8 =0000000000000000 R9 =0000000000000000 R10=000000000000000f R11=0000000000000002 R12=0000000000000000 R13=ffff88802578d3d8 R14=0000000000000022 R15=ffff88802578c880 RIP=ffffffff8169f55c RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055d41b67eff8 CR3=0000000000bf4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=89a538bf89a538bf 89a538bf89a538bf 89a538bf89a538bf 89a538bf89a538bf 89a538bf89a538bf 89a538bf89a538bf 89a538bf89a538bf 89a538bf89a538bf ZMM22=998c18d1998c18d1 998c18d1998c18d1 998c18d1998c18d1 998c18d1998c18d1 998c18d1998c18d1 998c18d1998c18d1 998c18d1998c18d1 998c18d1998c18d1 ZMM23=6799726167997261 6799726167997261 6799726167997261 6799726167997261 6799726167997261 6799726167997261 6799726167997261 6799726167997261 ZMM24=6490b3e76490b3e7 6490b3e76490b3e7 6490b3e76490b3e7 6490b3e76490b3e7 6490b3e76490b3e7 6490b3e76490b3e7 6490b3e76490b3e7 6490b3e76490b3e7 ZMM25=183168a2183168a2 183168a2183168a2 183168a2183168a2 183168a2183168a2 183168a2183168a2 183168a2183168a2 183168a2183168a2 183168a2183168a2 ZMM26=2f7ef68b2f7ef68b 2f7ef68b2f7ef68b 2f7ef68b2f7ef68b 2f7ef68b2f7ef68b 2f7ef68b2f7ef68b 2f7ef68b2f7ef68b 2f7ef68b2f7ef68b 2f7ef68b2f7ef68b ZMM27=bd74c74ebd74c74e bd74c74ebd74c74e bd74c74ebd74c74e bd74c74ebd74c74e bd74c74ebd74c74e bd74c74ebd74c74e bd74c74ebd74c74e bd74c74ebd74c74e ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=4c0900004c090000 4c0900004c090000 4c0900004c090000 4c0900004c090000 4c0900004c090000 4c0900004c090000 4c0900004c090000 4c0900004c090000