last executing test programs: 7m36.969371148s ago: executing program 32 (id=109): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10) write(r0, &(0x7f0000000000)="240000001a005f0214f9f4070009040081000000002c00000000000008000f0001000000", 0x24) 7m18.457100539s ago: executing program 33 (id=773): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0) sendmsg$NFC_CMD_DISABLE_SE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000ffdbdf251200000008001500c000000008000100ca"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x8880) 7m0.186373076s ago: executing program 2 (id=2116): openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x0, 0x0) io_setup(0x6, &(0x7f0000001380)=0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00') io_submit(r0, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 6m59.971631902s ago: executing program 2 (id=2118): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a3c0db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848022e8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0000000000000000000000000001545f0ec539c3b58facd2f62dc3307a6c91d6b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r1, r1, 0x2f, 0x2000, 0x4}, 0x20) 6m59.97024017s ago: executing program 2 (id=2119): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = getpgrp(0x0) r1 = syz_pidfd_open(r0, 0x0) process_madvise(r1, 0x0, 0x0, 0xa, 0x0) 6m59.901865549s ago: executing program 2 (id=2120): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f00000000c0)='./file0\x00') mount$afs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='dyn']) 6m59.900611548s ago: executing program 2 (id=2121): rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) syz_usb_disconnect(r0) 6m59.742798746s ago: executing program 2 (id=2124): r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10) setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x2, &(0x7f0000000000), 0x4) 6m59.660616788s ago: executing program 34 (id=2124): r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10) setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x2, &(0x7f0000000000), 0x4) 6m27.412236159s ago: executing program 5 (id=3023): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=@newlink={0x50, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x4}]}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_BROADCAST={0xa, 0x2, @random="05d4f6bf611f"}]}, 0x50}, 0x1, 0x0, 0x0, 0x600}, 0x0) 6m27.3569157s ago: executing program 5 (id=3030): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0xc}, {0xffff, 0xffff}, {0xd, 0xc}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x0, 0x7, 0xa3, 0x20b, 0x7, 0x81, 0x4, 0x3ff0, 0x7}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x44004}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001200000008000800000001000800090000000100180001801400020076657468305f746f5f626f6e640000000800070000000000080006"], 0x4c}}, 0x0) 6m27.327741713s ago: executing program 5 (id=3033): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000800)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0xffea, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3000000071000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0c00018008000100000001000c0002"], 0x30}}, 0x0) 6m27.280731035s ago: executing program 5 (id=3047): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f00000000c0)='./file0\x00') mount$afs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='dyn']) 6m27.251759747s ago: executing program 5 (id=3040): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) read$nci(r1, 0x0, 0x0) 6m26.950758969s ago: executing program 5 (id=3053): setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@private2={0xfc, 0x2, '\x00', 0x1}, 0x9, 0x1, 0x1, 0x2, 0xc}, 0x20) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl(r0, 0x8b32, &(0x7f0000000040)) 6m26.868825147s ago: executing program 35 (id=3053): setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@private2={0xfc, 0x2, '\x00', 0x1}, 0x9, 0x1, 0x1, 0x2, 0xc}, 0x20) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl(r0, 0x8b32, &(0x7f0000000040)) 6m23.549584751s ago: executing program 7 (id=3113): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) ftruncate(0xffffffffffffffff, 0x2000009) 6m23.349620319s ago: executing program 7 (id=3114): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x40000002, 0x0, 0xb195}]}) 6m23.272448753s ago: executing program 7 (id=3115): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x8200, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r0, 0x400455c8, 0x400000009) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x7) 6m22.683091738s ago: executing program 7 (id=3122): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f00000000c0)='./file0\x00') mount$afs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='dyn']) 6m22.648354777s ago: executing program 7 (id=3126): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = dup(r0) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)={0x28, 0x3, 0x6, 0x301, 0x0, 0x0, {0x2, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x40841}, 0x4) 6m20.782680593s ago: executing program 7 (id=3128): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000280)=ANY=[@ANYBLOB="0100000000000000d00400"]) 6m20.747318803s ago: executing program 36 (id=3128): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000280)=ANY=[@ANYBLOB="0100000000000000d00400"]) 6m20.6864714s ago: executing program 4 (id=3132): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xfd) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0xfffef73b, @loopback, 0x3}, 0x1c) 6m20.684147004s ago: executing program 4 (id=3141): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@bridge_dellink={0x2c, 0x13, 0x5, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x20}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x4, 0x0, 0x1, {0x4, 0x9}}]}]}, 0x2c}}, 0x0) 6m18.027688553s ago: executing program 4 (id=3145): syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0) ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000040)=""/185) 6m15.840211793s ago: executing program 4 (id=3135): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB='dyn']) chdir(&(0x7f00000000c0)='./file0\x00') mount$afs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='dyn']) 6m15.821462306s ago: executing program 4 (id=3142): socket$vsock_stream(0x28, 0x1, 0x0) r0 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x2a36, 0x10100, 0x2000004, 0x20000002}, &(0x7f0000000200)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x401}, 0x1}) io_uring_enter(r0, 0x2def, 0x4000, 0x0, 0x0, 0x0) 6m15.49280822s ago: executing program 4 (id=3166): r0 = syz_open_dev$loop(&(0x7f0000000180), 0x7, 0x103482) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x1d, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000014000800000000000000007f"}}) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x591) 6m15.450771327s ago: executing program 37 (id=3166): r0 = syz_open_dev$loop(&(0x7f0000000180), 0x7, 0x103482) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x1d, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000014000800000000000000007f"}}) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x591) 5m57.684893961s ago: executing program 6 (id=3670): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 5m57.512222902s ago: executing program 6 (id=3671): r0 = memfd_create(&(0x7f0000000540)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\"%/u\x17\xdam\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d[\v\xfc\xad\x0f\xa8\xc5\xad\x001\x8b%\xaa?\x00\x00\x00\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc2Gj+kV', 0x3) ftruncate(r0, 0xffff) fcntl$addseals(r0, 0x409, 0x7) write(r0, &(0x7f00000002c0)="0000000000e59e7c049b7cec649597e82820b5ffff39ba30203e12ee9ef130c89adfdf7fa5e91ac6af2d772c4575541cfedf27f03d6dc5b6359e9e20080820ef1216f2c5482bb85f119edb3567e1905f752e559900e64a1396205b4e1ccdf105e068031ee0b80a02383b6d4285e505fde7b5891dfed4eb4693406b40c4000000561ceab825cd8777051d955f73dabd0370c062333f2ebb1c92df74fc60e3d7225dffb5bc24734c8907e31896e36c1bdd9fb50575145778e5b38ce3ea5ac6c46b5cd3ef9fd1f21e78f6650da7961310809d613056133cd05f4bd1a273b3119d8f5c80ed8c3c04afb9764ac6a22c63875d24b8ebe7b51ee6f98718f78bbf06a6e73cde35e55c793c251f31e810a43952727d73cf2b3143a41e0000000000a979fb64963add33f30000000000", 0xe514e7979afad322) 5m57.511625874s ago: executing program 6 (id=3672): r0 = fsopen(&(0x7f0000000200)='mqueue\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) openat$cgroup_ro(r1, &(0x7f0000000000)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) 5m57.481144279s ago: executing program 6 (id=3673): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000280)='./file0\x00', 0x0, 0x97801, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x112) 5m57.412034326s ago: executing program 6 (id=3675): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x0, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_CREATE_DEVICE(r1, 0xc018aec0, &(0x7f00000000c0)={0x26e8}) 5m57.166114747s ago: executing program 6 (id=3688): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a000}], 0x1, 0x0, 0x0, 0x804c040}, 0x0) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000003c0)={0x0, @in={{0x2, 0x4e21, @local}}}, 0x84) 5m57.085136989s ago: executing program 38 (id=3688): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a000}], 0x1, 0x0, 0x0, 0x804c040}, 0x0) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000003c0)={0x0, @in={{0x2, 0x4e21, @local}}}, 0x84) 2m27.590636877s ago: executing program 1 (id=10063): munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r0 = syz_io_uring_setup(0x3b, &(0x7f0000000080)={0x0, 0xecd1, 0x10100, 0x4}, &(0x7f0000000000)=0x0, &(0x7f0000000540)=0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f00000014c0)=ANY=[@ANYBLOB="1010"], 0x1010}, 0x0, 0xe3d08660d3cd4684}) io_uring_enter(r0, 0x92, 0x0, 0x0, 0x0, 0x0) 2m27.589125221s ago: executing program 1 (id=10064): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6) ioctl$TUNGETVNETLE(r0, 0x4004743b, &(0x7f0000001200)) 2m27.504234755s ago: executing program 1 (id=10066): mkdir(&(0x7f0000000340)='./file0\x00', 0x1c8) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) r1 = inotify_init() inotify_add_watch(r1, &(0x7f0000000200)='./file0\x00', 0x10000000) close_range(r0, 0xffffffffffffffff, 0x0) 2m27.439944261s ago: executing program 1 (id=10067): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x48) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x227) 2m27.439108422s ago: executing program 1 (id=10068): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r0, &(0x7f00000002c0)=@file={0x1, './file0\x00'}, 0x6e) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x284182, 0x0) sendmmsg$unix(r2, &(0x7f0000004640)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f40)=[@rights={{0x18, 0x1, 0x1, [r3, r1]}}], 0x18, 0x95}}], 0x1, 0x0) 2m27.329942335s ago: executing program 1 (id=10071): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10) sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14c222ee3c0cb0", 0x9}], 0x1}}], 0x1, 0x20008000) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000080)=@ccm_128={{0x303}, "f1a0f9fff9e440b4", "881aae83544dfa6412f91b9057e3f415", "9dca43b6", "9ecb592c6ee49fbd"}, 0x28) 2m27.253429319s ago: executing program 39 (id=10071): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4) bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10) sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14c222ee3c0cb0", 0x9}], 0x1}}], 0x1, 0x20008000) setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000080)=@ccm_128={{0x303}, "f1a0f9fff9e440b4", "881aae83544dfa6412f91b9057e3f415", "9dca43b6", "9ecb592c6ee49fbd"}, 0x28) 1.120602523s ago: executing program 3 (id=13395): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000b80)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0958730", 0x4c}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d", 0x24}], 0x2}], 0x1, 0x40800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0) 1.052939653s ago: executing program 3 (id=13396): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)="a6", 0x1, 0x840, 0x0, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000003c0)={&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000002380)=""/4082, 0xff2, 0x0, 0x0}, &(0x7f0000000300)=0x40) 1.044650012s ago: executing program 3 (id=13398): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') lchown(&(0x7f0000000040)='./file1\x00', 0xee01, 0xee01) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090f00080000000000000000850000000e000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r0}, 0x10) lchown(&(0x7f00000004c0)='./file1\x00', 0x0, 0xffffffffffffffff) 1.01378363s ago: executing program 9 (id=13399): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) fchdir(r1) mkdir(&(0x7f0000000000)='./control\x00', 0x0) rmdir(&(0x7f00000002c0)='./control\x00') 1.007158124s ago: executing program 3 (id=13400): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) write$uinput_user_dev(r0, &(0x7f00000005c0)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47b07c7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0xda2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x80000000], [0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x758, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000]}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) r1 = dup(r0) write$uinput_user_dev(r1, &(0x7f00000000c0)={'syz0\x00', {0xfff7, 0xc, 0x100, 0x1}, 0x1d, [0x7b, 0xb7e2, 0x3, 0x9, 0x100, 0x3, 0x1, 0x7, 0x9, 0x2, 0x7, 0xa, 0x3, 0x0, 0x7f, 0xd, 0x7fff, 0x6, 0x6, 0x5, 0x6, 0x6, 0x7, 0x6, 0xff, 0x2, 0xa5f2b87a, 0x401, 0x0, 0xfc75, 0x8, 0x9, 0x4, 0x2, 0xffffffff, 0x81, 0xfffff765, 0x2, 0x3, 0x6, 0xa, 0x2, 0x5, 0x0, 0x3ff, 0x6, 0x7, 0x4c, 0xfffffffd, 0x80, 0x80000008, 0x8, 0x9, 0x7, 0x101, 0xc3c, 0x1733, 0x7fff, 0x7ffc, 0x5, 0x6, 0x5, 0x1, 0x4], [0x1, 0x3, 0xfffffff8, 0x8, 0x40000000, 0x8, 0x4, 0x0, 0x25, 0x10, 0x6, 0x7, 0x8, 0xe62, 0xffffff73, 0x2, 0x6, 0x13e5, 0x3, 0x3, 0x1000, 0x7, 0x1, 0x3b40, 0x4, 0x1000, 0x5, 0x7fff, 0x8, 0x5a, 0xffff2503, 0xa, 0x6995, 0x1, 0x80000000, 0x8, 0xdab, 0x9, 0x2, 0x76c4, 0xfffffffd, 0x4, 0x401, 0x10000, 0xd, 0x4360, 0x9, 0x20010, 0x4000e, 0x9, 0x7, 0xa, 0x9, 0x3, 0x8, 0x3, 0x2, 0x3a6, 0x0, 0xc0d, 0x1, 0x9, 0xc, 0xfffffffb], [0x3, 0x6, 0x6, 0x100, 0x1000, 0x0, 0x80000000, 0x5, 0x7f, 0xa, 0x100, 0x1000, 0xf1, 0x6, 0xc, 0x10000, 0x72, 0xc, 0x633, 0xd, 0x7, 0x7, 0x7fffffff, 0x6, 0x0, 0x7, 0x8, 0x2ef3adcb, 0x10, 0x2, 0x8, 0x8, 0x74, 0xd, 0x1, 0x7ff, 0xfffffff2, 0x1, 0x3, 0x7, 0x3, 0x3, 0x3016, 0xfffffffd, 0x2, 0xa1, 0xc, 0x9d, 0x7, 0xa8a, 0x2, 0x6, 0x77, 0x8, 0x1ff, 0x7, 0x7, 0x2, 0x3, 0x2, 0x8, 0x2, 0x3, 0x5], [0x4, 0x4, 0x5, 0x8000, 0x493e, 0x3, 0x35ff4447, 0x7, 0x5, 0x4, 0x2, 0x4, 0x5, 0x3ff, 0xb88f, 0xffff0000, 0x9, 0xf7df, 0x2, 0x10, 0x8, 0x0, 0xff, 0x9, 0x4, 0x4, 0x0, 0x0, 0x7, 0x4e6, 0x8, 0x40000000, 0x5ef, 0x8000, 0xc, 0x41, 0x400, 0x1, 0x5, 0x0, 0x9a8, 0x0, 0x231, 0x3ff, 0x8, 0x1, 0xffff0001, 0x1, 0x1, 0x10, 0x8, 0x5396, 0xde, 0x9, 0x101, 0x1ff, 0x8, 0x431, 0x6, 0x5, 0x4, 0x7b, 0x7fc, 0x9]}, 0x45c) read$FUSE(r1, 0x0, 0x0) 951.714855ms ago: executing program 9 (id=13401): r0 = socket$can_j1939(0x1d, 0x2, 0x7) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x20000000) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1, 0x0, {0x0, 0x1}}, 0x18) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'vxcan1\x00', @remote}) 950.890422ms ago: executing program 3 (id=13402): pipe2$9p(&(0x7f00000027c0)={0xffffffffffffffff}, 0x80000) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = eventfd2(0x0, 0x0) ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, &(0x7f0000000040)={0x2, r3}) close_range(r0, 0xffffffffffffffff, 0x0) 930.415939ms ago: executing program 9 (id=13404): r0 = socket(0x11, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x14) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="020114000129184ad4a08058195c60140000002f0600ac141414e0ecff02808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e46691e233da4d163f53ab1b3f65c3042e749c2d4c8303a0f7fbda34fb8825f80200a3"], 0xdd12}, {&(0x7f0000000600)=ANY=[], 0x4d8}, {&(0x7f0000002b00)=ANY=[], 0x1e20}], 0x3, 0x0, 0x0, 0x4008084}, 0x10) 900.638373ms ago: executing program 9 (id=13406): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xd40, 0xd2) r1 = syz_open_dev$media(&(0x7f0000000080), 0x1, 0x0) close(0x3) ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, 0x0) r2 = socket$phonet_pipe(0x23, 0x5, 0x2) mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x200000, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 855.053251ms ago: executing program 3 (id=13408): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='lp\x00', 0x3) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) 440.945691ms ago: executing program 8 (id=13418): syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x240881) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(0xffffffffffffffff, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10) r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r1}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}}) 376.081602ms ago: executing program 8 (id=13420): rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) r0 = gettid() r1 = getpid() rt_tgsigqueueinfo(r1, r0, 0xb, &(0x7f0000000280)={0x8, 0x0, 0x4}) r2 = signalfd(0xffffffffffffffff, &(0x7f0000000240)={[0xfffffffe]}, 0x8) read(r2, &(0x7f0000000740)=""/384, 0x200008ca) 316.28345ms ago: executing program 8 (id=13421): r0 = socket$packet(0x11, 0x2, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1b, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4) syz_emit_ethernet(0x16, &(0x7f00000001c0)={@local, @empty, @void, {@llc_tr={0x11, {@snap={0xaa, 0x0, '\x00', "e203b3", 0x1b}}}}}, 0x0) 310.765784ms ago: executing program 8 (id=13422): r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10) connect$llc(r0, &(0x7f0000000340)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random="48bd00"}, 0x10) r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10) dup3(r0, r1, 0x0) 238.466109ms ago: executing program 8 (id=13423): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x800) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) 161.251153ms ago: executing program 0 (id=13425): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) creat(&(0x7f00000002c0)='./file0\x00', 0x0) truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x1], 0x0, 0x0, 0x20000000000000b2, 0x1}}, 0x40) close_range(r0, 0xffffffffffffffff, 0x0) 154.338774ms ago: executing program 8 (id=13426): r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000480)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0684113, &(0x7f0000000300)={0x1, 0xfffff800, 0x1, 0x4000a, 0x8, 0x3, 0x7, 0x11, 0x6, 0x40, 0x6bbc, 0x2}) 117.988826ms ago: executing program 0 (id=13427): r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/address_bits', 0x0, 0x0) fchmod(r0, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) 105.849889ms ago: executing program 0 (id=13428): r0 = socket(0xa, 0x5, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in6={0xa, 0x4e24, 0x4, @loopback}], 0x1c) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000080)=@assoc_value={0x0, 0x265}, 0x8) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f00000000c0)=0x6, 0x4) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000480)=ANY=[@ANYBLOB="211d00000000000007e6"], 0xf0) sendto$inet6(r0, &(0x7f0000000040)="00d8", 0x20a00, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c) 27.253645ms ago: executing program 0 (id=13429): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x21, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000030800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000004850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4) setsockopt$packet_int(r1, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) 22.032338ms ago: executing program 9 (id=13430): pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_devices(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='b *:'], 0x8) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r3 = openat$cgroup_devices(r2, &(0x7f00000001c0)='devices.deny\x00', 0x2, 0x0) splice(r0, 0x0, r3, 0x0, 0x8, 0x0) 7.824479ms ago: executing program 0 (id=13431): r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000003000)=@abs={0x1, 0x0, 0x4e21}, 0x6e) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@abs={0x1, 0x0, 0x4e20}, 0x6e) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00') pread64(r2, &(0x7f0000000480)=""/177, 0xb1, 0xe0) 5.821005ms ago: executing program 9 (id=13432): syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0xf0ff}}]}) r0 = syz_open_dev$evdev(&(0x7f0000001540), 0x0, 0x0) ioctl$EVIOCGLED(r0, 0x5452, &(0x7f0000000240)=""/77) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000180)={0x57, 0x0, 0x0, {0xfffe, 0x1}, {0x74, 0x2}, @const={0x6, {0x7f, 0x0, 0x8000, 0xfffd}}}) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x78, 0x822b01) write$char_usb(r1, &(0x7f0000000040)="e2", 0x1068) 0s ago: executing program 0 (id=13433): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x14, 0x0, 0x200}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef) kernel console output (not intermixed with test programs): =0x7ffc0000 [ 386.237489][ T40] audit: type=1326 audit(2000000352.441:8249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28712 comm="syz.9.10308" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 386.247193][ T40] audit: type=1326 audit(2000000352.441:8250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28712 comm="syz.9.10308" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 386.256213][ T40] audit: type=1326 audit(2000000352.441:8251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28712 comm="syz.9.10308" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 386.266651][ T40] audit: type=1326 audit(2000000352.441:8252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28712 comm="syz.9.10308" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 386.274136][ T40] audit: type=1326 audit(2000000352.441:8253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28712 comm="syz.9.10308" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc1598 code=0x7ffc0000 [ 386.281390][ T40] audit: type=1326 audit(2000000352.441:8254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28712 comm="syz.9.10308" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 386.288085][ T40] audit: type=1326 audit(2000000352.441:8255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28712 comm="syz.9.10308" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 386.295163][ T40] audit: type=1326 audit(2000000352.441:8256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28712 comm="syz.9.10308" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 386.302038][ T40] audit: type=1326 audit(2000000352.441:8257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28712 comm="syz.9.10308" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 386.365556][T28721] Bluetooth: MGMT ver 1.23 [ 386.835970][T28748] input: syz1 as /devices/virtual/input/input70 [ 386.870475][T28750] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.10323'. [ 387.465332][T28782] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 63 [ 387.485811][T28784] ALSA: mixer_oss: invalid OSS volume '' [ 387.979093][ T6032] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 388.092699][T28816] Invalid ELF header magic: != ELF [ 388.139862][ T6032] usb 5-1: Using ep0 maxpacket: 8 [ 388.146820][ T6032] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 388.150295][ T6032] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 388.153011][ T6032] usb 5-1: Product: syz [ 388.154517][ T6032] usb 5-1: Manufacturer: syz [ 388.156141][ T6032] usb 5-1: SerialNumber: syz [ 388.158992][ T6032] usb 5-1: config 0 descriptor?? [ 388.367986][ T6032] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 388.371843][ T6032] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 388.376042][ T6032] usb 5-1: USB disconnect, device number 5 [ 388.409864][ T5987] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 388.413585][ T5340] Bluetooth: hci2: command 0x0c1a tx timeout [ 388.550009][T28842] gretap0: entered promiscuous mode [ 388.553121][T28842] batman_adv: batadv0: Adding interface: macvlan2 [ 388.555243][T28842] batman_adv: batadv0: The MTU of interface macvlan2 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 388.568427][T28842] batman_adv: batadv0: Interface activated: macvlan2 [ 389.425543][T28918] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 389.925055][T28950] syzkaller1: entered promiscuous mode [ 389.927444][T28950] syzkaller1: entered allmulticast mode [ 389.988279][T28954] openvswitch: netlink: IPv6 tunnel dst address is zero [ 390.119837][T28968] netlink: 'syz.3.10424': attribute type 2 has an invalid length. [ 390.127898][T28968] netlink: 85376 bytes leftover after parsing attributes in process `syz.3.10424'. [ 390.369682][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 390.389074][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 390.409264][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 390.459106][T28997] netlink: 44 bytes leftover after parsing attributes in process `syz.0.10433'. [ 390.462016][T28997] netlink: 43 bytes leftover after parsing attributes in process `syz.0.10433'. [ 390.464879][T28997] netlink: 'syz.0.10433': attribute type 6 has an invalid length. [ 390.467634][T28997] netlink: 'syz.0.10433': attribute type 5 has an invalid length. [ 390.473125][T28997] netlink: 43 bytes leftover after parsing attributes in process `syz.0.10433'. [ 390.515276][T29001] netlink: 83 bytes leftover after parsing attributes in process `syz.0.10439'. [ 390.583183][T21550] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 390.588818][T21550] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 390.652821][T29018] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 390.656167][T29020] overlayfs: upper fs does not support tmpfile. [ 390.659124][T29018] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 391.223623][T29044] Bluetooth: hci0: service_discovery: expected 4 bytes, got 7 bytes [ 391.246568][T29041] netlink: 'syz.9.10457': attribute type 1 has an invalid length. [ 391.250242][T29041] netlink: 20 bytes leftover after parsing attributes in process `syz.9.10457'. [ 391.285338][T29049] netlink: 'syz.9.10460': attribute type 23 has an invalid length. [ 391.531578][T29056] batadv_slave_0: entered promiscuous mode [ 391.767444][ T40] kauditd_printk_skb: 27 callbacks suppressed [ 391.767457][ T40] audit: type=1326 audit(2000000358.975:8285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29067 comm="syz.0.10468" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x0 [ 392.278872][ T6045] usb 14-1: new high-speed USB device number 20 using dummy_hcd [ 392.430148][ T6045] usb 14-1: config index 0 descriptor too short (expected 39, got 27) [ 392.432860][ T6045] usb 14-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 392.436410][ T6045] usb 14-1: config 0 interface 0 has no altsetting 0 [ 392.441024][ T6045] usb 14-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 392.444157][ T6045] usb 14-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 392.447002][ T6045] usb 14-1: Product: syz [ 392.448577][ T6045] usb 14-1: Manufacturer: syz [ 392.451735][ T6045] usb 14-1: SerialNumber: syz [ 392.454811][ T6045] usb 14-1: config 0 descriptor?? [ 392.457611][ T6045] hub 14-1:0.0: bad descriptor, ignoring hub [ 392.459895][ T6045] hub 14-1:0.0: probe with driver hub failed with error -5 [ 392.463741][ T6045] usb 14-1: selecting invalid altsetting 0 [ 393.070496][T29083] usb 14-1: reset high-speed USB device number 20 using dummy_hcd [ 393.074961][T29083] usb 14-1: device reset changed ep0 maxpacket size! [ 393.078019][T13546] usb 14-1: USB disconnect, device number 20 [ 393.228819][T13546] usb 14-1: new high-speed USB device number 21 using dummy_hcd [ 393.398798][T13546] usb 14-1: Using ep0 maxpacket: 8 [ 393.418578][T13546] usb 14-1: unable to get BOS descriptor or descriptor too short [ 393.422040][T13546] usb 14-1: no configurations [ 393.424199][T13546] usb 14-1: can't read configurations, error -22 [ 393.622021][T29130] input: syz1 as /devices/virtual/input/input72 [ 393.778451][ T5340] Bluetooth: hci4: sending frame failed (-49) [ 393.783316][ T5987] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 393.918148][T29145] usb usb8: usbfs: process 29145 (syz.8.10505) did not claim interface 0 before use [ 394.008959][ T5987] Bluetooth: hci3: command 0x0c1a tx timeout [ 394.612283][T29215] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10538'. [ 395.546765][T29264] tipc: Started in network mode [ 395.548456][T29264] tipc: Node identity ac1414aa, cluster identity 4711 [ 395.552777][T29264] tipc: Enabling of bearer rejected, failed to enable media [ 395.717471][T21579] tipc: Left network mode [ 395.950838][T29287] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10577'. [ 395.954554][T29287] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10577'. [ 396.479410][T29322] netlink: 24 bytes leftover after parsing attributes in process `syz.0.10582'. [ 396.499915][T29321] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 397.456556][ T40] audit: type=1326 audit(2000000364.665:8286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29341 comm="syz.8.10599" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf703e579 code=0x0 [ 398.133384][T29370] binder: 29369:29370 ioctl c0306201 800008c0 returned -14 [ 398.348418][T29388] tipc: Enabling of bearer rejected, failed to enable media [ 398.486384][T29397] netfs: Couldn't get user pages (rc=-14) [ 398.579348][T29409] bridge0: port 3(veth0_to_bridge) entered blocking state [ 398.581755][T29409] bridge0: port 3(veth0_to_bridge) entered disabled state [ 398.584096][T29409] veth0_to_bridge: entered allmulticast mode [ 398.586850][T29409] veth0_to_bridge: entered promiscuous mode [ 398.589141][T29409] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 398.742289][T29424] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 398.751318][T29424] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 398.943926][T29444] syzkaller1: entered promiscuous mode [ 398.945805][T29444] syzkaller1: entered allmulticast mode [ 399.264780][T29480] input: syz1 as /devices/virtual/input/input73 [ 399.342603][ T40] audit: type=1326 audit(2000000367.551:8287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29481 comm="syz.3.10656" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70be579 code=0x0 [ 399.981404][T29496] netlink: 'syz.0.10661': attribute type 29 has an invalid length. [ 400.022183][T29498] ptrace attach of "/syz-executor exec"[28169] was attempted by ""[29498] [ 400.603202][T29532] ubi0: attaching mtd0 [ 400.609949][T29532] ubi0: scanning is finished [ 400.612560][T29532] ubi0: empty MTD device detected [ 400.692358][T29532] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 400.695196][T29532] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 400.698172][T29532] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 400.701206][T29532] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 400.703557][T29532] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 400.705672][T29532] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 400.708263][T29532] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3973713500 [ 400.711921][T29532] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 400.716818][T29537] ubi0: background thread "ubi_bgt0d" started, PID 29537 [ 400.717403][T29536] ubi0: detaching mtd0 [ 400.724859][T29536] ubi0: mtd0 is detached [ 400.761417][T29540] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10682'. [ 400.799628][ T6045] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 400.952211][ T6045] usb 5-1: Using ep0 maxpacket: 32 [ 400.956039][ T6045] usb 5-1: config 0 has an invalid interface number: 51 but max is 0 [ 400.959044][ T6045] usb 5-1: config 0 has no interface number 0 [ 400.959732][T29557] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10688'. [ 400.963698][ T6045] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 400.968470][ T6045] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 400.968490][ T6045] usb 5-1: Product: syz [ 400.968501][ T6045] usb 5-1: Manufacturer: syz [ 400.968513][ T6045] usb 5-1: SerialNumber: syz [ 400.970837][ T6045] usb 5-1: config 0 descriptor?? [ 400.983202][ T6045] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 401.129096][ T5987] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 401.197739][ T6045] usb 5-1: qt2_attach - failed to power on unit: -71 [ 401.202554][ T6045] quatech2 5-1:0.51: probe with driver quatech2 failed with error -71 [ 401.208285][ T6045] usb 5-1: USB disconnect, device number 6 [ 401.385489][T29583] syzkaller1: entered promiscuous mode [ 401.387357][T29583] syzkaller1: entered allmulticast mode [ 401.715352][T29596] netlink: 20 bytes leftover after parsing attributes in process `syz.8.10705'. [ 401.983744][T29611] pim6reg1: entered promiscuous mode [ 401.986160][T29611] pim6reg1: entered allmulticast mode [ 402.189494][T29622] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 402.271409][T29627] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.10718'. [ 402.275551][T29624] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.10718'. [ 402.701027][ T40] audit: type=1326 audit(2000000370.911:8288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29655 comm="syz.3.10731" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70be579 code=0x0 [ 402.707671][T29660] netlink: 4 bytes leftover after parsing attributes in process `syz.9.10732'. [ 402.910507][T29669] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10736'. [ 403.166053][T29690] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10746'. [ 403.528792][ T6045] usb 13-1: new high-speed USB device number 24 using dummy_hcd [ 403.678838][ T6045] usb 13-1: Using ep0 maxpacket: 8 [ 403.682905][ T6045] usb 13-1: config 0 interface 0 has no altsetting 0 [ 403.685927][ T6045] usb 13-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 403.691512][ T6045] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 403.698623][ T6045] usb 13-1: config 0 descriptor?? [ 404.021191][T29707] ubi0: attaching mtd0 [ 404.023823][T29707] ubi0: scanning is finished [ 404.091090][T29707] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 404.093695][T29707] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 404.096118][T29707] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 404.098446][T29707] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 404.101014][T29707] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 404.103163][T29707] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 404.106016][T29707] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3973713500 [ 404.109405][T29707] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 404.112165][ T6045] mcp2221 0003:04D8:00DD.001A: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.8-1/input0 [ 404.112577][T29709] ubi0: background thread "ubi_bgt0d" started, PID 29709 [ 404.112668][T29708] ubi0: detaching mtd0 [ 404.123645][T29708] ubi0: mtd0 is detached [ 404.159446][T29712] input: syz0 as /devices/virtual/input/input74 [ 404.278119][T29719] netlink: 20 bytes leftover after parsing attributes in process `syz.9.10756'. [ 404.312983][ T6045] usb 13-1: USB disconnect, device number 24 [ 404.578894][ T6018] usb 14-1: new high-speed USB device number 23 using dummy_hcd [ 404.678952][ T840] psmouse serio12: Failed to reset mouse on : -5 [ 404.738750][ T6018] usb 14-1: Using ep0 maxpacket: 8 [ 404.742267][ T6018] usb 14-1: config 0 interface 0 has no altsetting 0 [ 404.744961][ T6018] usb 14-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 404.747933][ T6018] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.751729][ T6018] usb 14-1: config 0 descriptor?? [ 404.844767][T29727] netlink: 4 bytes leftover after parsing attributes in process `syz.8.10760'. [ 404.913907][T29733] o2cb: This node has not been configured. [ 404.916562][T29733] o2cb: Cluster check failed. Fix errors before retrying. [ 404.919551][T29733] (syz.3.10763,29733,0):user_dlm_register:674 ERROR: status = -22 [ 404.922087][T29733] (syz.3.10763,29733,0):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "bus" [ 405.165222][ T6018] mcp2221 0003:04D8:00DD.001B: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.9-1/input0 [ 405.364549][T29723] i2c i2c-2: unsupported multi-msg i2c transaction [ 405.370787][T13546] usb 14-1: USB disconnect, device number 23 [ 405.944188][T29754] siw: device registration error -23 [ 406.166178][ T10] kernel write not supported for file /sequencer2 (pid: 10 comm: kworker/0:1) [ 406.199929][ T40] audit: type=1326 audit(2000000374.411:8289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29782 comm="syz.8.10785" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x0 [ 406.299390][T13546] usb 14-1: new high-speed USB device number 24 using dummy_hcd [ 406.460482][T13546] usb 14-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 406.463893][T13546] usb 14-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 406.467069][T13546] usb 14-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 406.470201][T13546] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 406.475061][T29772] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22 [ 406.479561][T13546] usb 14-1: Quirk or no altset; falling back to MIDI 1.0 [ 406.686970][ T10] usb 14-1: USB disconnect, device number 24 [ 407.068276][T29796] [U] [ 407.104668][T29801] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10792'. [ 408.019575][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 408.100468][T29836] binder: 29835:29836 ioctl c0306201 80000540 returned -22 [ 408.438891][ T840] misc userio: Buffer overflowed, userio client isn't keeping up [ 408.678856][ T61] usb 14-1: new high-speed USB device number 25 using dummy_hcd [ 408.831427][ T61] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 408.835098][ T61] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 408.838307][ T61] usb 14-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 408.842989][ T61] usb 14-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 408.846352][ T61] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 408.851484][ T61] usb 14-1: config 0 descriptor?? [ 409.264188][ T61] hid_parser_main: 24 callbacks suppressed [ 409.264200][ T61] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 409.268587][ T61] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 409.271315][ T61] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 409.273817][ T61] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 409.276418][ T61] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 409.279978][ T61] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0 [ 409.285295][ T61] plantronics 0003:047F:FFFF.001C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0 [ 409.499614][ T840] input: PS/2 Generic Mouse as /devices/serio12/input/input75 [ 409.708789][ T840] psmouse serio12: Failed to enable mouse on [ 409.767921][T29897] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10835'. [ 409.863655][T29908] pim6reg1: entered promiscuous mode [ 409.865536][T29908] pim6reg1: entered allmulticast mode [ 410.144406][T29925] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 410.152839][T29925] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 410.921110][T29946] overlayfs: conflicting lowerdir path [ 410.926734][T29946] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 411.385537][ T6045] usb 14-1: USB disconnect, device number 25 [ 411.430421][T29976] bridge0: port 1(bridge_slave_0) entered disabled state [ 411.437173][T29976] bridge0: port 2(bridge_slave_1) entered disabled state [ 411.487261][T29976] netlink: 'syz.0.10871': attribute type 16 has an invalid length. [ 411.490301][T29976] netlink: 'syz.0.10871': attribute type 17 has an invalid length. [ 411.505781][T29976] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 411.782321][ T6032] kernel read not supported for file /media0 (pid: 6032 comm: kworker/2:4) [ 411.860706][T30000] sp0: Synchronizing with TNC [ 411.871547][T29999] [U] [ 412.019620][T30007] netlink: 64 bytes leftover after parsing attributes in process `syz.8.10884'. [ 412.047562][T30011] netlink: 20 bytes leftover after parsing attributes in process `syz.8.10886'. [ 412.358745][T30029] netlink: 71 bytes leftover after parsing attributes in process `syz.9.10894'. [ 412.496082][T30038] Bluetooth: MGMT ver 1.23 [ 412.610930][T30044] netlink: 'syz.9.10900': attribute type 16 has an invalid length. [ 412.613929][T30044] netlink: 'syz.9.10900': attribute type 17 has an invalid length. [ 412.633987][T30044] 8021q: adding VLAN 0 to HW filter on device team0 [ 412.643723][T30044] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 412.776039][T30058] Bluetooth: hci0: load_link_keys: too big key_count value 28530 [ 412.923271][ T40] audit: type=1326 audit(2000000381.131:8290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30071 comm="syz.9.10913" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x0 [ 413.078816][ T6045] usb 13-1: new high-speed USB device number 25 using dummy_hcd [ 413.242188][ T6045] usb 13-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 413.245882][ T6045] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 413.252489][ T6045] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 413.256495][ T6045] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 413.261900][ T6045] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 413.265712][ T6045] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 413.270947][ T6045] usb 13-1: config 0 descriptor?? [ 413.683090][ T6045] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0 [ 413.687186][ T6045] plantronics 0003:047F:FFFF.001D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 413.837921][T30097] netlink: 'syz.9.10923': attribute type 1 has an invalid length. [ 413.841045][T30097] netlink: 168864 bytes leftover after parsing attributes in process `syz.9.10923'. [ 413.942267][T13546] usb 13-1: USB disconnect, device number 25 [ 414.778899][T13546] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 414.952909][T13546] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 414.956255][T13546] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 414.959962][T13546] usb 5-1: Product: syz [ 414.961848][T13546] usb 5-1: Manufacturer: syz [ 414.963901][T13546] usb 5-1: SerialNumber: syz [ 414.968086][T13546] usb 5-1: config 0 descriptor?? [ 415.186359][T13546] usb 5-1: USB disconnect, device number 7 [ 415.333637][T30160] netlink: 'syz.8.10951': attribute type 12 has an invalid length. [ 415.336203][T30160] netlink: 'syz.8.10951': attribute type 29 has an invalid length. [ 415.339546][T30160] netlink: 148 bytes leftover after parsing attributes in process `syz.8.10951'. [ 415.558469][T30180] syzkaller1: entered promiscuous mode [ 415.562637][T30180] syzkaller1: entered allmulticast mode [ 415.942833][T30209] sit0: entered promiscuous mode [ 415.946652][T30209] netlink: 'syz.3.10974': attribute type 1 has an invalid length. [ 415.949261][T30209] netlink: 1 bytes leftover after parsing attributes in process `syz.3.10974'. [ 416.160468][T30219] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 416.163234][T30219] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 416.168428][T30219] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 416.171904][T30219] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 416.174523][T30219] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 416.180027][T30219] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 416.787890][ T40] audit: type=1326 audit(2000000384.991:8291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30268 comm="syz.8.11002" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703e598 code=0x7ffc0000 [ 416.795026][ T40] audit: type=1326 audit(2000000384.991:8292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30268 comm="syz.8.11002" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 416.802068][ T40] audit: type=1326 audit(2000000384.991:8293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30268 comm="syz.8.11002" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703e598 code=0x7ffc0000 [ 416.809078][ T40] audit: type=1326 audit(2000000384.991:8294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30268 comm="syz.8.11002" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703e598 code=0x7ffc0000 [ 416.816204][ T40] audit: type=1326 audit(2000000384.991:8295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30268 comm="syz.8.11002" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 416.824324][ T40] audit: type=1326 audit(2000000384.991:8296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30268 comm="syz.8.11002" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 416.832357][ T40] audit: type=1326 audit(2000000384.991:8297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30268 comm="syz.8.11002" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 416.841028][ T40] audit: type=1326 audit(2000000384.991:8298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30268 comm="syz.8.11002" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 416.847747][ T40] audit: type=1326 audit(2000000385.001:8299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30268 comm="syz.8.11002" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703e598 code=0x7ffc0000 [ 417.249786][T30277] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 417.252553][T30277] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 417.255391][T30277] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 417.258089][T30277] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 417.299013][ T9241] usb 13-1: new high-speed USB device number 26 using dummy_hcd [ 417.468837][ T9241] usb 13-1: Using ep0 maxpacket: 16 [ 417.473339][ T9241] usb 13-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 417.476561][ T9241] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 417.480394][ T9241] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 417.483507][ T9241] usb 13-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 417.488254][ T9241] usb 13-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 417.491358][ T9241] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 417.494477][ T9241] usb 13-1: SerialNumber: syz [ 417.508913][ T9241] hub 13-1:1.0: bad descriptor, ignoring hub [ 417.510675][ T9241] hub 13-1:1.0: probe with driver hub failed with error -5 [ 417.513318][ T9241] cdc_ether 13-1:1.0: probe with driver cdc_ether failed with error -22 [ 417.609218][T30307] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 417.612029][T30307] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 417.614327][T30307] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 417.618427][T30307] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 417.700254][T30314] kvm: user requested TSC rate below hardware speed [ 417.917184][T30271] raw-gadget.0 gadget.8: fail, usb_ep_set_wedge returned -11 [ 418.032912][ T10] usb 13-1: USB disconnect, device number 26 [ 418.671037][T30384] vlan2: entered allmulticast mode [ 418.673189][T30384] bond0: entered allmulticast mode [ 418.674968][T30384] bond_slave_0: entered allmulticast mode [ 418.676833][T30384] bond_slave_1: entered allmulticast mode [ 418.783118][T30390] overlayfs: failed lookup in lower (newroot/2056, name='file1', err=-40): overlapping layers [ 418.810246][T30394] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma? [ 419.022627][T30422] syzkaller1: entered promiscuous mode [ 419.024395][T30422] syzkaller1: entered allmulticast mode [ 419.025532][T30424] loop7: detected capacity change from 0 to 7 [ 419.028611][T30424] Dev loop7: unable to read RDB block 7 [ 419.031837][T30424] loop7: unable to read partition table [ 419.033754][T30424] loop7: partition table beyond EOD, truncated [ 419.035712][T30424] loop_reread_partitions: partition scan of loop7 (被x ) failed (rc=-5) [ 419.079616][T30430] netlink: 360 bytes leftover after parsing attributes in process `syz.0.11078'. [ 419.611223][T30487] netlink: 8 bytes leftover after parsing attributes in process `syz.9.11105'. [ 419.666221][T30500] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.11110'. [ 419.688768][ T5340] Bluetooth: hci1: command 0x040f tx timeout [ 419.700690][ T5340] Bluetooth: hci3: command 0x0c1a tx timeout [ 419.700717][ T5987] Bluetooth: hci2: command 0x0c1a tx timeout [ 419.875258][T30522] input: syz0 as /devices/virtual/input/input77 [ 419.877384][T30522] input: failed to attach handler leds to device input77, error: -6 [ 420.005420][T30534] unknown channel width for channel at 909000KHz? [ 420.008177][T30534] unknown channel width for channel at 909000KHz? [ 420.016419][T30534] unknown channel width for channel at 909000KHz? [ 420.531853][T30570] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11141'. [ 420.568800][T13546] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 420.723137][T13546] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 420.727648][T13546] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 420.731839][T13546] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 420.736835][T13546] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 420.740595][T13546] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 420.744364][T13546] usb 5-1: config 0 descriptor?? [ 421.162704][T13546] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 421.165156][T13546] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 421.167564][T13546] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 421.170132][T13546] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 421.172693][T13546] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 421.175256][T13546] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0 [ 421.179899][T13546] plantronics 0003:047F:FFFF.001E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 421.549019][ T6045] usb 14-1: new high-speed USB device number 26 using dummy_hcd [ 421.665693][T30619] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11163'. [ 421.703357][ T6045] usb 14-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 421.708149][ T6045] usb 14-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 421.712656][ T6045] usb 14-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 421.722870][ T6045] usb 14-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 421.726585][ T6045] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 421.731225][ T6045] usb 14-1: Product: syz [ 421.732868][ T6045] usb 14-1: Manufacturer: syz [ 421.734869][ T6045] usb 14-1: SerialNumber: syz [ 421.741329][ T6045] hub 14-1:1.0: bad descriptor, ignoring hub [ 421.743993][ T6045] hub 14-1:1.0: probe with driver hub failed with error -5 [ 421.768894][ T5987] Bluetooth: hci1: command 0x040f tx timeout [ 421.899054][T30637] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.11172'. [ 421.945167][ T6045] usblp 14-1:1.0: usblp1: USB Unidirectional printer dev 26 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 422.249224][T13546] usb 14-1: USB disconnect, device number 26 [ 422.253462][T13546] usblp1: removed [ 422.918758][T13546] usb 13-1: new high-speed USB device number 27 using dummy_hcd [ 423.074613][T13546] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 423.081021][T13546] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 423.085436][T13546] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 423.091811][T13546] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 423.094998][T13546] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.098233][T30664] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 423.098613][T13546] usb 13-1: config 0 descriptor?? [ 423.251655][ T6032] usb 5-1: USB disconnect, device number 8 [ 423.512390][T13546] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0 [ 423.514872][T13546] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0 [ 423.517227][T13546] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0 [ 423.519847][T13546] plantronics 0003:047F:FFFF.001F: unknown main item tag 0x0 [ 423.524004][T13546] plantronics 0003:047F:FFFF.001F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 423.781672][ T6045] usb 13-1: USB disconnect, device number 27 [ 423.794780][T30677] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(4) [ 423.797588][T30677] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 423.801031][T30677] vhci_hcd vhci_hcd.0: Device attached [ 423.858912][ T5987] Bluetooth: hci1: command 0x040f tx timeout [ 423.988939][ T10] vhci_hcd: vhci_device speed not set [ 424.023164][T30685] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 424.027676][T30685] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 424.033374][T30685] overlayfs: failed to get uuid (215/file1, err=-13); falling back to uuid=null. [ 424.040754][T13546] usb 14-1: new low-speed USB device number 27 using dummy_hcd [ 424.049112][ T10] usb 55-1: new full-speed USB device number 2 using vhci_hcd [ 424.210305][T13546] usb 14-1: config 0 has no interfaces? [ 424.212713][T13546] usb 14-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 424.216186][T13546] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 424.220556][T13546] usb 14-1: config 0 descriptor?? [ 424.310464][T30703] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 424.315614][T30703] overlayfs: fs on './file0' does not support file handles, falling back to xino=off. [ 424.424984][T30714] program syz.0.11206 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 424.431038][T30678] vhci_hcd: cannot find the pending unlink 3 [ 424.435879][T30678] vhci_hcd: unknown pdu 1 [ 424.436068][ T6045] usb 14-1: USB disconnect, device number 27 [ 424.449925][T21579] vhci_hcd: stop threads [ 424.451772][T21579] vhci_hcd: release socket [ 424.454982][T21579] vhci_hcd: disconnect device [ 424.509034][ T10] vhci_hcd: vhci_device speed not set [ 425.098077][T30768] input: syz0 as /devices/virtual/input/input78 [ 425.144954][T30770] pim6reg1: entered promiscuous mode [ 425.146779][T30770] pim6reg1: entered allmulticast mode [ 425.448974][ T9241] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 425.613414][ T9241] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 425.617536][ T9241] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 425.622400][ T9241] usb 5-1: Product: syz [ 425.624703][ T9241] usb 5-1: Manufacturer: syz [ 425.626412][ T9241] usb 5-1: SerialNumber: syz [ 425.633373][ T9241] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 425.670894][ T10] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 425.878733][ T29] usb 5-1: USB disconnect, device number 9 [ 426.108827][ T6045] usb 13-1: new high-speed USB device number 28 using dummy_hcd [ 426.262482][ T6045] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 426.268834][ T6045] usb 13-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 426.272788][ T6045] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 426.276077][ T6045] usb 13-1: Product: syz [ 426.277868][ T6045] usb 13-1: Manufacturer: syz [ 426.280308][ T6045] usb 13-1: SerialNumber: syz [ 426.284393][ T6045] usb 13-1: config 0 descriptor?? [ 426.713149][ T9241] usb 13-1: USB disconnect, device number 28 [ 426.729207][ T10] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive [ 426.734064][ T10] ath9k_htc: Failed to initialize the device [ 426.737986][ T29] usb 5-1: ath9k_htc: USB layer deinitialized [ 427.399603][T30859] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0 [ 427.823396][T30884] loop7: detected capacity change from 0 to 7 [ 427.829765][T30884] Dev loop7: unable to read RDB block 7 [ 427.832525][T30884] loop7: unable to read partition table [ 427.835535][T30884] loop7: partition table beyond EOD, truncated [ 427.838439][T30884] loop_reread_partitions: partition scan of loop7 (被x ) failed (rc=-5) [ 428.145345][T30912] netlink: 'syz.9.11294': attribute type 1 has an invalid length. [ 429.228347][T30987] netlink: 'syz.0.11328': attribute type 9 has an invalid length. [ 429.242710][T30987] netlink: 'syz.0.11328': attribute type 9 has an invalid length. [ 429.629471][ T29] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 429.705391][T31030] Trying to write to read-only block-device nullb0 [ 429.782915][ T29] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 429.786263][ T29] usb 5-1: config 0 interface 0 has no altsetting 0 [ 429.792430][ T29] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 429.795671][ T29] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 429.798441][ T29] usb 5-1: Product: syz [ 429.800820][ T29] usb 5-1: Manufacturer: syz [ 429.802282][ T29] usb 5-1: SerialNumber: syz [ 429.804929][ T29] usb 5-1: config 0 descriptor?? [ 429.809239][ T29] usb 5-1: selecting invalid altsetting 0 [ 430.015801][ T6032] usb 5-1: USB disconnect, device number 10 [ 430.929096][ T9241] usb 14-1: new high-speed USB device number 28 using dummy_hcd [ 431.059225][ T6032] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 431.078966][ T9241] usb 14-1: Using ep0 maxpacket: 8 [ 431.082724][ T9241] usb 14-1: config 0 interface 0 has no altsetting 0 [ 431.085010][ T9241] usb 14-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 431.087847][ T9241] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 431.092152][ T9241] usb 14-1: config 0 descriptor?? [ 431.221497][ T6032] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 431.224395][ T6032] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 431.226994][ T6032] usb 5-1: Product: syz [ 431.228438][ T6032] usb 5-1: Manufacturer: syz [ 431.230092][ T6032] usb 5-1: SerialNumber: syz [ 431.232816][ T6032] usb 5-1: config 0 descriptor?? [ 431.445281][ T10] usb 5-1: USB disconnect, device number 11 [ 431.506670][ T9241] mcp2221 0003:04D8:00DD.0020: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.9-1/input0 [ 431.706507][ T10] usb 14-1: USB disconnect, device number 28 [ 432.184318][T31074] loop7: detected capacity change from 0 to 7 [ 432.362295][T31074] Dev loop7: unable to read RDB block 7 [ 432.368292][ C0] blk_print_req_error: 52 callbacks suppressed [ 432.368306][ C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 432.368354][T31074] loop7: unable to read partition table [ 432.370455][ C0] buffer_io_error: 54 callbacks suppressed [ 432.370466][ C0] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 432.381582][T31074] loop7: partition table beyond EOD, truncated [ 432.383514][T31074] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 432.436436][ T40] kauditd_printk_skb: 52 callbacks suppressed [ 432.436451][ T40] audit: type=1326 audit(2000000656.647:8352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31084 comm="syz.0.11370" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 432.450406][ T40] audit: type=1326 audit(2000000656.647:8353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31084 comm="syz.0.11370" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 432.457489][ T40] audit: type=1326 audit(2000000656.647:8354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31084 comm="syz.0.11370" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 432.464536][ T40] audit: type=1326 audit(2000000656.647:8355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31084 comm="syz.0.11370" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e598 code=0x7ffc0000 [ 432.472531][ T40] audit: type=1326 audit(2000000656.647:8356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31084 comm="syz.0.11370" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e598 code=0x7ffc0000 [ 432.480204][ T40] audit: type=1326 audit(2000000656.647:8357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31084 comm="syz.0.11370" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e598 code=0x7ffc0000 [ 432.486955][ T40] audit: type=1326 audit(2000000656.647:8358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31084 comm="syz.0.11370" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 432.494870][ T40] audit: type=1326 audit(2000000656.647:8359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31084 comm="syz.0.11370" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7ffc0000 [ 432.502775][ T40] audit: type=1326 audit(2000000656.647:8360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31084 comm="syz.0.11370" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e598 code=0x7ffc0000 [ 432.512154][ T40] audit: type=1326 audit(2000000656.647:8361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31084 comm="syz.0.11370" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf706e598 code=0x7ffc0000 [ 432.583162][T31107] can0: slcan on ptm0. [ 432.649579][T31106] can0 (unregistered): slcan off ptm0. [ 432.715707][T31124] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.11386'. [ 433.438766][ T6045] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 433.588808][ T6045] usb 5-1: Using ep0 maxpacket: 8 [ 433.599176][ T6045] usb 5-1: config 0 interface 0 has no altsetting 0 [ 433.602520][ T6045] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 433.606769][ T6045] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 433.623691][ T6045] usb 5-1: config 0 descriptor?? [ 434.043595][ T6045] mcp2221 0003:04D8:00DD.0021: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 434.244178][ T9241] usb 5-1: USB disconnect, device number 12 [ 434.290868][T31191] netlink: 'syz.8.11416': attribute type 19 has an invalid length. [ 434.578750][ T5987] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 434.638808][ T6032] usb 13-1: new high-speed USB device number 30 using dummy_hcd [ 434.796263][ T6032] usb 13-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 434.801256][ T6032] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 434.806371][ T6032] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 434.811125][ T6032] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 434.816701][ T6032] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 434.820705][ T6032] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 434.825985][ T6032] usb 13-1: config 0 descriptor?? [ 435.234005][ T6032] hid_parser_main: 7 callbacks suppressed [ 435.234017][ T6032] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 435.238196][ T6032] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 435.240760][ T6032] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 435.243213][ T6032] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 435.245511][ T6032] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 435.247831][ T6032] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 435.250457][ T6032] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 435.252809][ T6032] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 435.255231][ T6032] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 435.257596][ T6032] plantronics 0003:047F:FFFF.0022: unknown main item tag 0x0 [ 435.262766][ T6032] plantronics 0003:047F:FFFF.0022: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 435.326627][T31220] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 435.328819][T31220] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 435.330898][T31220] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 435.333765][T31220] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 435.489688][ T6045] usb 13-1: USB disconnect, device number 30 [ 435.917726][T31244] input: syz1 as /devices/virtual/input/input80 [ 436.654017][T31291] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11462'. [ 436.700137][T31295] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11464'. [ 436.703054][T31295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11464'. [ 436.710312][T21579] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 436.719270][T21550] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 436.723657][T21550] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 436.727215][T21550] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 436.824436][T31305] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11469'. [ 436.963720][T31317] nd_bus ndbus0: __nd_ioctl:bus unknown input size cmd: cmd_call field: 1 [ 437.026772][T31324] 9pnet: p9_errstr2errno: server reported unknown error @΂00000000000000000005 [ 437.234193][T31339] syzkaller1: entered promiscuous mode [ 437.238205][T31339] syzkaller1: entered allmulticast mode [ 437.244046][T31339] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 6 [ 437.257315][T31341] netlink: 28 bytes leftover after parsing attributes in process `syz.0.11486'. [ 437.261444][T31341] netlink: 'syz.0.11486': attribute type 7 has an invalid length. [ 437.264767][T31341] netlink: 'syz.0.11486': attribute type 8 has an invalid length. [ 437.268024][T31341] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11486'. [ 437.278393][T31341] gretap0: entered promiscuous mode [ 437.282761][T31341] batadv_slave_1: entered promiscuous mode [ 437.286905][T31341] hsr1: Slave B (batadv_slave_1) is not up; please bring it up to get a fully working HSR network [ 437.291604][ T5987] Bluetooth: hci2: command 0x0c1a tx timeout [ 437.326291][T31347] netlink: 8 bytes leftover after parsing attributes in process `syz.9.11489'. [ 437.337102][T31347] netlink: 12 bytes leftover after parsing attributes in process `syz.9.11489'. [ 437.342155][T31347] netlink: 'syz.9.11489': attribute type 18 has an invalid length. [ 437.369146][ T5987] Bluetooth: hci3: command 0x0c1a tx timeout [ 437.370366][ T5340] Bluetooth: hci1: command 0x040f tx timeout [ 437.440999][T31360] netlink: 20 bytes leftover after parsing attributes in process `syz.3.11496'. [ 437.542970][T31377] openvswitch: netlink: IPv4 tun info is not correct [ 437.781715][T13546] kernel read not supported for file /dsp1 (pid: 13546 comm: kworker/3:4) [ 438.580856][T31467] gre0: entered allmulticast mode [ 438.584668][T31466] gre0: left allmulticast mode [ 438.888779][ T9241] usb 14-1: new high-speed USB device number 29 using dummy_hcd [ 439.056429][T31513] netlink: 256 bytes leftover after parsing attributes in process `syz.3.11567'. [ 439.071145][ T9241] usb 14-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 439.074860][ T9241] usb 14-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 439.080108][ T9241] usb 14-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 439.083875][ T9241] usb 14-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 439.088354][ T9241] usb 14-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 439.095869][ T9241] usb 14-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 439.100595][ T9241] usb 14-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 439.103950][ T9241] usb 14-1: Product: syz [ 439.105773][ T9241] usb 14-1: Manufacturer: syz [ 439.111226][ T9241] cdc_wdm 14-1:1.0: skipping garbage [ 439.113085][ T9241] cdc_wdm 14-1:1.0: skipping garbage [ 439.115391][ T9241] cdc_wdm 14-1:1.0: cdc-wdm0: USB WDM device [ 439.117407][ T9241] cdc_wdm 14-1:1.0: Unknown control protocol [ 439.170243][T31520] team0: Device gtp0 is of different type [ 439.277036][T31528] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11572'. [ 439.280924][T31528] netlink: 24 bytes leftover after parsing attributes in process `syz.0.11572'. [ 439.307539][T31533] overlayfs: invalid origin (0000) [ 439.614419][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.705638][T31585] 8021q: adding VLAN 0 to HW filter on device bond0 [ 439.711753][T31585] bond0: (slave rose0): Enslaving as an active interface with an up link [ 439.847409][T31603] netlink: 20 bytes leftover after parsing attributes in process `syz.8.11603'. [ 439.934753][T31609] overlayfs: upper fs does not support file handles, falling back to index=off. [ 439.938546][T31609] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 440.079975][T31619] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 440.147641][T31625] Bluetooth: hci0: invalid length 0, exp 2 for type 0 [ 440.281828][ T40] kauditd_printk_skb: 247 callbacks suppressed [ 440.281840][ T40] audit: type=1326 audit(2000000664.497:8609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31622 comm="syz.0.11612" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7fc00000 [ 440.958522][ T40] audit: type=1326 audit(2000000665.167:8610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31622 comm="syz.0.11612" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf706e579 code=0x7fc00000 [ 441.339089][T31588] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 441.489109][T31588] usb 5-1: Using ep0 maxpacket: 16 [ 441.495716][T31588] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 92, changing to 10 [ 441.501347][T31588] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 17487, setting to 1024 [ 441.505756][T31588] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 441.510810][T31588] usb 5-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00 [ 441.513964][T31588] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 441.519460][T31588] usb 5-1: config 0 descriptor?? [ 441.522389][T31662] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22 [ 441.529226][T31588] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input82 [ 441.660990][T31588] usb 14-1: USB disconnect, device number 29 [ 441.733269][ T9] usb 5-1: USB disconnect, device number 13 [ 442.102272][T31690] input: syz0 as /devices/virtual/input/input83 [ 442.421805][T31711] loop2: detected capacity change from 0 to 7 [ 442.425315][T31711] Dev loop2: unable to read RDB block 7 [ 442.427636][T31711] loop2: unable to read partition table [ 442.430432][T31711] loop2: partition table beyond EOD, truncated [ 442.433104][T31711] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 442.522488][T31717] kvm: kvm [31716]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0xffffffff00000005 [ 442.693064][T31730] syzkaller1: entered promiscuous mode [ 442.695151][T31730] syzkaller1: entered allmulticast mode [ 443.014821][T31753] netlink: zone id is out of range [ 443.017415][T31753] netlink: zone id is out of range [ 443.020995][T31753] netlink: zone id is out of range [ 443.023342][T31753] netlink: zone id is out of range [ 443.025381][T31753] netlink: zone id is out of range [ 443.038352][T31755] overlayfs: workdir and upperdir must reside under the same mount [ 443.040660][T31753] netlink: set zone limit has 4 unknown bytes [ 443.050561][T31753] netlink: del zone limit has 4 unknown bytes [ 443.145503][T31769] netlink: 28 bytes leftover after parsing attributes in process `syz.8.11678'. [ 443.149433][T31769] netlink: 'syz.8.11678': attribute type 7 has an invalid length. [ 443.152696][T31769] netlink: 'syz.8.11678': attribute type 8 has an invalid length. [ 443.155612][T31769] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11678'. [ 443.161489][T31769] gretap0: entered promiscuous mode [ 443.163776][T31769] batadv_slave_1: entered promiscuous mode [ 443.167117][T31769] gretap0: left promiscuous mode [ 443.169581][T31769] batadv_slave_1: left promiscuous mode [ 443.638797][T31588] usb 13-1: new high-speed USB device number 31 using dummy_hcd [ 443.788865][T31588] usb 13-1: Using ep0 maxpacket: 8 [ 443.793017][T31588] usb 13-1: config index 0 descriptor too short (expected 301, got 45) [ 443.797552][T31588] usb 13-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 443.801824][T31588] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 443.805755][T31588] usb 13-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 443.806884][ T5987] Bluetooth: hci4: sending frame failed (-49) [ 443.813149][T31588] usb 13-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 443.813182][T31588] usb 13-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 443.813193][T31588] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 443.832362][ T5340] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 444.029452][T31588] usb 13-1: usb_control_msg returned -32 [ 444.032428][T31588] usbtmc 13-1:16.0: can't read capabilities [ 444.622473][T31826] syzkaller1: entered promiscuous mode [ 444.624314][T31826] syzkaller1: entered allmulticast mode [ 444.756216][T31828] io-wq is not configured for unbound workers [ 444.907626][T31840] lo speed is unknown, defaulting to 1000 [ 444.912867][T31840] lo speed is unknown, defaulting to 1000 [ 444.918556][T31840] lo speed is unknown, defaulting to 1000 [ 444.930455][T31840] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 444.946637][T31840] lo speed is unknown, defaulting to 1000 [ 444.950173][T31840] lo speed is unknown, defaulting to 1000 [ 444.952828][T31840] lo speed is unknown, defaulting to 1000 [ 444.955598][T31840] lo speed is unknown, defaulting to 1000 [ 444.959772][T31840] lo speed is unknown, defaulting to 1000 [ 445.544037][T31869] infiniband syz0: set down [ 445.547246][T31869] infiniband syz0: added ipvlan1 [ 445.579707][T31869] RDS/IB: syz0: added [ 445.582176][T31869] smc: adding ib device syz0 with port count 1 [ 445.584288][T31869] smc: ib device syz0 port 1 has pnetid SYZ0 (user defined) [ 446.406997][ T6045] usb 13-1: USB disconnect, device number 31 [ 446.440151][T31895] netlink: 'syz.0.11735': attribute type 12 has an invalid length. [ 446.443192][T31895] netlink: 'syz.0.11735': attribute type 29 has an invalid length. [ 446.446123][T31895] netlink: 148 bytes leftover after parsing attributes in process `syz.0.11735'. [ 446.450787][T31895] netlink: 59 bytes leftover after parsing attributes in process `syz.0.11735'. [ 446.476949][T31901] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11738'. [ 446.481405][T31901] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11738'. [ 446.527446][T31907] loop7: detected capacity change from 0 to 7 [ 446.533287][T31907] Dev loop7: unable to read RDB block 7 [ 446.535063][T31907] loop7: unable to read partition table [ 446.536951][T31907] loop7: partition table beyond EOD, truncated [ 446.539076][T31907] loop_reread_partitions: partition scan of loop7 (被x ) failed (rc=-5) [ 447.009090][T31588] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 447.181066][T31588] usb 5-1: config index 0 descriptor too short (expected 39, got 27) [ 447.184641][T31588] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 447.188956][T31588] usb 5-1: config 0 interface 0 has no altsetting 0 [ 447.193742][T31588] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 447.196624][T31588] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 447.199322][T31588] usb 5-1: Product: syz [ 447.200680][T31588] usb 5-1: Manufacturer: syz [ 447.202238][T31588] usb 5-1: SerialNumber: syz [ 447.207681][T31588] usb 5-1: config 0 descriptor?? [ 447.210583][T31588] hub 5-1:0.0: bad descriptor, ignoring hub [ 447.212667][T31588] hub 5-1:0.0: probe with driver hub failed with error -5 [ 447.219648][T31588] usb 5-1: selecting invalid altsetting 0 [ 447.810298][T31920] usb 5-1: reset high-speed USB device number 14 using dummy_hcd [ 447.817139][T31955] binder: 31951:31955 ioctl c0306201 80000040 returned -14 [ 448.001043][ T40] audit: type=1326 audit(2000000672.217:8611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31964 comm="syz.3.11765" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 448.005721][T31967] 9pnet: p9_errstr2errno: server reported unknown error @0x0000000000000004 [ 448.007634][ T40] audit: type=1326 audit(2000000672.217:8612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31964 comm="syz.3.11765" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 448.017545][ T40] audit: type=1326 audit(2000000672.217:8613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31964 comm="syz.3.11765" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 448.026286][ T40] audit: type=1326 audit(2000000672.217:8614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31964 comm="syz.3.11765" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 448.035904][ T40] audit: type=1326 audit(2000000672.217:8615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31964 comm="syz.3.11765" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 448.046009][ T40] audit: type=1326 audit(2000000672.217:8616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31964 comm="syz.3.11765" exe="/syz-executor" sig=0 arch=40000003 syscall=116 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 448.056203][ T40] audit: type=1326 audit(2000000672.217:8617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31964 comm="syz.3.11765" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 448.067608][ T40] audit: type=1326 audit(2000000672.217:8618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=31964 comm="syz.3.11765" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 448.244864][T31979] input: syz1 as /devices/virtual/input/input84 [ 448.322483][T31985] input: syz0 as /devices/virtual/input/input85 [ 448.383313][ T6032] usb 13-1: new high-speed USB device number 32 using dummy_hcd [ 448.399661][ T9] usb 5-1: USB disconnect, device number 14 [ 448.542285][ T6032] usb 13-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 448.546885][ T6032] usb 13-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 448.551273][ T6032] usb 13-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 448.559469][ T6032] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 448.576756][T31973] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22 [ 448.598470][ T6032] usb 13-1: Quirk or no altset; falling back to MIDI 1.0 [ 448.665614][T32008] netlink: 27 bytes leftover after parsing attributes in process `syz.9.11785'. [ 448.795562][ T6045] usb 13-1: USB disconnect, device number 32 [ 449.146383][T32030] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11795'. [ 449.284592][T32039] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.11799'. [ 449.357941][T32044] input: syz0 as /devices/virtual/input/input86 [ 449.417026][T32049] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11804'. [ 449.470181][ T40] audit: type=1326 audit(2000000673.687:8619): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=32055 comm="syz.9.11807" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x0 [ 450.090442][T32096] syzkaller1: entered promiscuous mode [ 450.092220][T32096] syzkaller1: entered allmulticast mode [ 450.093485][T32098] input: syz1 as /devices/virtual/input/input87 [ 450.188989][ T29] delete_channel: no stack [ 450.428814][ T6045] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 450.435024][T32129] tipc: Cannot configure node identity twice [ 450.575853][T32137] input: syz0 as /devices/virtual/input/input88 [ 450.612504][ T6045] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 450.616088][ T6045] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 450.622466][ T6045] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 450.626454][ T6045] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 450.630029][ T6045] usb 5-1: Manufacturer: syz [ 450.640801][ T6045] usb 5-1: config 0 descriptor?? [ 450.675023][T32141] veth0_to_bridge: left allmulticast mode [ 450.677756][T32141] veth0_to_bridge: left promiscuous mode [ 450.680650][T32141] bridge0: port 3(veth0_to_bridge) entered disabled state [ 450.685643][T32141] bridge_slave_0: left allmulticast mode [ 450.688030][T32141] bridge_slave_0: left promiscuous mode [ 450.691244][T32141] bridge0: port 1(bridge_slave_0) entered disabled state [ 450.696475][T32141] bridge_slave_1: left allmulticast mode [ 450.699972][T32141] bridge_slave_1: left promiscuous mode [ 450.702596][T32141] bridge0: port 2(bridge_slave_1) entered disabled state [ 450.709028][ T6045] rc_core: IR keymap rc-hauppauge not found [ 450.711668][ T6045] Registered IR keymap rc-empty [ 450.713330][T32141] team0: Port device team_slave_0 removed [ 450.714302][ T6045] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 450.721146][T32141] team0: Port device team_slave_1 removed [ 450.721840][ T6045] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input89 [ 450.723382][T32141] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 450.731261][T32141] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 450.858573][ T6045] usb 5-1: USB disconnect, device number 15 [ 451.890028][ T5987] Bluetooth: hci4: sending frame failed (-49) [ 451.894641][ T5340] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 451.963841][T32204] input: syz0 as /devices/virtual/input/input90 [ 452.204920][T32230] vivid-002: disconnect [ 452.208019][T32229] vivid-002: reconnect [ 452.238426][T32232] vxcan0: tx drop: invalid sa for name 0x0000001000000000 [ 452.326435][T32243] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 452.328561][T32243] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 452.335119][T32243] vhci_hcd vhci_hcd.0: Device attached [ 452.396166][T32249] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11890'. [ 452.508815][T13546] vhci_hcd: vhci_device speed not set [ 452.569612][T13546] usb 43-1: new low-speed USB device number 2 using vhci_hcd [ 452.963726][T32290] netlink: 28 bytes leftover after parsing attributes in process `syz.9.11909'. [ 453.053206][T32296] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 453.211454][T32306] binder: 32305:32306 ioctl c0306201 800003c0 returned -14 [ 453.848098][T32349] overlayfs: failed to create directory ./bus/work (errno: 1); mounting read-only [ 453.852360][T32349] overlayfs: NFS export requires an index dir, falling back to nfs_export=off. [ 453.895815][T32351] overlay: filesystem on ./bus not supported as upperdir [ 454.408981][ T9] usb 13-1: new high-speed USB device number 33 using dummy_hcd [ 454.572750][ T9] usb 13-1: Using ep0 maxpacket: 32 [ 454.576324][ T9] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 454.581071][ T9] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 454.584176][ T9] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 454.588399][ T9] usb 13-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 454.592170][ T9] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 454.597449][ T9] usb 13-1: config 0 descriptor?? [ 455.015784][ T9] input: HID 0458:5011 as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/0003:0458:5011.0023/input/input91 [ 455.021828][ T9] input: HID 0458:5011 as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/0003:0458:5011.0023/input/input92 [ 455.032631][ T9] kye 0003:0458:5011.0023: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.8-1/input0 [ 455.343148][T32244] vhci_hcd: connection reset by peer [ 455.345552][T21552] vhci_hcd: stop threads [ 455.347214][T21552] vhci_hcd: release socket [ 455.348838][T21552] vhci_hcd: disconnect device [ 456.319352][ C0] kye 0003:0458:5011.0023: usb_submit_urb(ctrl) failed: -1 [ 456.544607][T32414] netlink: 176 bytes leftover after parsing attributes in process `syz.0.11966'. [ 456.855233][T32419] nbd: device at index 8 is going down [ 457.091998][ T9] usb 13-1: USB disconnect, device number 33 [ 457.208783][ T6018] usb 14-1: new high-speed USB device number 30 using dummy_hcd [ 457.378831][ T6018] usb 14-1: Using ep0 maxpacket: 16 [ 457.382256][ T6018] usb 14-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 457.385312][ T6018] usb 14-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 180, changing to 11 [ 457.388892][ T6018] usb 14-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid maxpacket 26584, setting to 1024 [ 457.392970][ T6018] usb 14-1: config 0 interface 0 has no altsetting 0 [ 457.396826][ T6018] usb 14-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 457.399781][ T6018] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 457.402390][ T6018] usb 14-1: Product: syz [ 457.403737][ T6018] usb 14-1: Manufacturer: syz [ 457.405238][ T6018] usb 14-1: SerialNumber: syz [ 457.407917][ T6018] usb 14-1: config 0 descriptor?? [ 457.410477][T32425] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22 [ 457.620286][T32425] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22 [ 457.624308][ T6018] input: syz syz as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.0/input/input93 [ 457.688775][ T6032] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 457.689044][T13546] vhci_hcd: vhci_device speed not set [ 457.838035][ T6045] usb 14-1: USB disconnect, device number 30 [ 457.840136][ T6032] usb 5-1: config index 0 descriptor too short (expected 45, got 36) [ 457.843117][ T6032] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 457.846782][ T6032] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 457.853954][ T6032] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 457.858015][ T6032] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 457.860961][ T6032] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 457.864556][ T6032] usb 5-1: config 0 descriptor?? [ 457.866630][T32436] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 458.276519][ T6032] hid_parser_main: 5 callbacks suppressed [ 458.276532][ T6032] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 458.281036][ T6032] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 458.283370][ T6032] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 458.285771][ T6032] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 458.288094][ T6032] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 458.291092][ T6032] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 458.293413][ T6032] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 458.295726][ T6032] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 458.298190][ T6032] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 458.300703][ T6032] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 458.304798][ T6032] plantronics 0003:047F:FFFF.0024: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 458.466930][T32454] : Can't lookup blockdev [ 458.542869][ T6045] usb 5-1: USB disconnect, device number 16 [ 459.349014][ T6045] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 459.509657][ T6045] usb 5-1: Using ep0 maxpacket: 8 [ 459.513589][ T6045] usb 5-1: config 0 interface 0 has no altsetting 0 [ 459.516442][ T6045] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 459.519406][ T6045] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 459.523011][ T6045] usb 5-1: config 0 descriptor?? [ 459.901532][T32506] syzkaller1: entered promiscuous mode [ 459.903401][T32506] syzkaller1: entered allmulticast mode [ 459.933981][ T6045] mcp2221 0003:04D8:00DD.0025: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 460.139834][ T6032] usb 5-1: USB disconnect, device number 17 [ 460.496090][ T40] audit: type=1326 audit(2000000684.707:8620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32493 comm="syz.9.12004" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7fc00000 [ 460.520814][ T40] audit: type=1326 audit(2000000684.737:8621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32511 comm="syz.9.12012" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fc1579 code=0x0 [ 460.978770][ T9] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 461.000021][T32523] tun1: tun_chr_ioctl cmd 1074025675 [ 461.001990][T32523] tun1: persist enabled [ 461.003801][T32523] tun1: tun_chr_ioctl cmd 1074025675 [ 461.005560][T32523] tun1: persist enabled [ 461.132836][ T9] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 461.135851][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 461.138444][ T9] usb 5-1: Product: syz [ 461.140533][ T9] usb 5-1: Manufacturer: syz [ 461.142514][ T9] usb 5-1: SerialNumber: syz [ 461.145495][ T9] usb 5-1: config 0 descriptor?? [ 461.358869][ T9] usb 5-1: USB disconnect, device number 18 [ 461.501721][T32552] netlink: 116 bytes leftover after parsing attributes in process `syz.8.12031'. [ 461.544191][T32557] smc: net device bond0 applied user defined pnetid SYZ2 [ 461.653787][T32560] PID 32560 killed due to inadequate hugepage pool [ 462.158839][ T6032] usb 13-1: new high-speed USB device number 34 using dummy_hcd [ 462.178816][ T6018] usb 5-1: new full-speed USB device number 19 using dummy_hcd [ 462.331267][ T6032] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 462.335630][ T6032] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 462.339527][ T6032] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 462.343583][ T6032] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 462.346465][ T6032] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 462.351714][ T6018] usb 5-1: config 0 has no interfaces? [ 462.354310][ T6032] usb 13-1: config 0 descriptor?? [ 462.357373][ T6018] usb 5-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87 [ 462.361337][ T6018] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 462.363937][ T6018] usb 5-1: Product: syz [ 462.365498][ T6018] usb 5-1: Manufacturer: syz [ 462.367359][ T6018] usb 5-1: SerialNumber: syz [ 462.370980][ T6018] usb 5-1: config 0 descriptor?? [ 462.767440][ T6032] plantronics 0003:047F:FFFF.0026: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 462.780974][T32596] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 462.784692][T32596] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 462.789545][ T6045] usb 5-1: USB disconnect, device number 19 [ 463.020448][ T6032] usb 13-1: USB disconnect, device number 34 [ 463.645213][T32651] veth0_to_hsr: entered promiscuous mode [ 463.647358][T32651] veth0_to_hsr: left promiscuous mode [ 463.808230][T32676] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12089'. [ 463.813658][T32676] netlink: 'syz.8.12089': attribute type 5 has an invalid length. [ 464.029019][T32703] loop7: detected capacity change from 0 to 7 [ 464.033160][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 464.036982][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 464.040690][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 464.044189][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 464.046870][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 464.049943][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 464.055138][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 464.058463][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 464.061709][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 464.065137][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 464.068574][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 464.071948][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 464.074562][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 464.077423][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 464.079944][T32703] ldm_validate_partition_table(): Disk read failed. [ 464.082390][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 464.085404][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 464.090392][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 464.095241][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 464.098417][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 464.101495][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 464.104276][T32703] Dev loop7: unable to read RDB block 0 [ 464.106375][T32703] loop7: unable to read partition table [ 464.108606][T32703] loop7: partition table beyond EOD, truncated [ 464.111517][T32703] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 464.151579][T32708] overlayfs: only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed. [ 464.262786][T32718] netlink: 48 bytes leftover after parsing attributes in process `syz.9.12108'. [ 464.358552][T32722] lo speed is unknown, defaulting to 1000 [ 464.468384][T32730] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 464.897270][T32757] vlan2: entered allmulticast mode [ 464.901503][T32757] bond0: entered allmulticast mode [ 464.903292][T32757] bond_slave_0: entered allmulticast mode [ 464.905184][T32757] bond_slave_1: entered allmulticast mode [ 464.907108][T32757] bond1: entered allmulticast mode [ 464.918832][T13546] usb 14-1: new high-speed USB device number 31 using dummy_hcd [ 465.078807][T13546] usb 14-1: Using ep0 maxpacket: 16 [ 465.082431][T13546] usb 14-1: config 0 has an invalid interface number: 8 but max is 0 [ 465.092247][T13546] usb 14-1: config 0 has no interface number 0 [ 465.101327][T13546] usb 14-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 465.106381][T13546] usb 14-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 465.112506][T13546] usb 14-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 465.115494][T13546] usb 14-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 465.118119][T13546] usb 14-1: Product: syz [ 465.119671][T13546] usb 14-1: SerialNumber: syz [ 465.123508][T13546] usb 14-1: config 0 descriptor?? [ 465.130507][T13546] cm109 14-1:0.8: invalid payload size 0, expected 4 [ 465.134651][T13546] input: CM109 USB driver as /devices/platform/dummy_hcd.9/usb14/14-1/14-1:0.8/input/input95 [ 465.333328][ C3] cm109 14-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90 [ 465.582524][ C1] cm109 14-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 465.587716][ C1] cm109 14-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 465.590807][ C1] cm109 14-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 465.593960][ C1] cm109 14-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 465.597066][ C1] cm109 14-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 465.600192][ C1] cm109 14-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 465.603250][ T29] usb 14-1: USB disconnect, device number 31 [ 465.605918][ C1] cm109 14-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 465.605939][ C1] cm109 14-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 465.614587][ T29] cm109 14-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 465.679116][ T6045] usb 13-1: new high-speed USB device number 35 using dummy_hcd [ 465.839332][ T6045] usb 13-1: Using ep0 maxpacket: 16 [ 465.843583][ T6045] usb 13-1: config 0 has no interfaces? [ 465.848264][ T6045] usb 13-1: New USB device found, idVendor=0458, idProduct=704a, bcdDevice=3a.55 [ 465.852652][ T6045] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 465.856244][ T6045] usb 13-1: Product: syz [ 465.858135][ T6045] usb 13-1: Manufacturer: syz [ 465.860949][ T6045] usb 13-1: SerialNumber: syz [ 465.865016][ T6045] usb 13-1: config 0 descriptor?? [ 466.077136][ T6032] usb 13-1: USB disconnect, device number 35 [ 466.174236][ T329] loop4: detected capacity change from 0 to 7 [ 466.181789][ T329] Dev loop4: unable to read RDB block 7 [ 466.183712][ T329] loop4: AHDI p1 [ 466.185004][ T329] loop4: partition table partially beyond EOD, truncated [ 466.654779][ T355] syzkaller1: entered promiscuous mode [ 466.656634][ T355] syzkaller1: entered allmulticast mode [ 467.140036][ T384] netlink: 212376 bytes leftover after parsing attributes in process `syz.9.12167'. [ 467.578831][T13546] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 467.738821][T13546] usb 5-1: Using ep0 maxpacket: 8 [ 467.744251][T13546] usb 5-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 467.750267][T13546] usb 5-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 467.754008][T13546] usb 5-1: config 0 interface 0 has no altsetting 0 [ 467.756558][T13546] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 467.760117][T13546] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.765387][T13546] usb 5-1: config 0 descriptor?? [ 468.178765][ T5340] Bluetooth: hci0: Opcode 0x1407 failed: -110 [ 468.179832][T13546] hid_parser_main: 5 callbacks suppressed [ 468.179844][T13546] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0 [ 468.184820][T13546] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0 [ 468.187016][T13546] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0 [ 468.189372][T13546] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0 [ 468.191546][T13546] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0 [ 468.194069][T13546] mcp2221 0003:04D8:00DD.0027: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 468.380160][ T6032] usb 5-1: USB disconnect, device number 20 [ 468.925675][ T435] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 469.155164][ T466] input: syz0 as /devices/virtual/input/input96 [ 469.372607][ T485] input input97: cannot allocate more than FF_MAX_EFFECTS effects [ 470.144002][ T513] input: syz1 as /devices/virtual/input/input98 [ 470.551204][ T6032] usb 13-1: new high-speed USB device number 36 using dummy_hcd [ 470.701903][ T6032] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 470.706800][ T6032] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 470.711346][ T6032] usb 13-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 470.715413][ T6032] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 470.729651][ T6032] usb 13-1: config 0 descriptor?? [ 470.878196][ T530] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 471.145433][ T6032] cm6533_jd 0003:0D8C:0022.0028: unknown main item tag 0x0 [ 471.149798][ T6032] cm6533_jd 0003:0D8C:0022.0028: unknown main item tag 0x0 [ 471.153871][ T6032] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/0003:0D8C:0022.0028/input/input99 [ 471.165351][ T6032] cm6533_jd 0003:0D8C:0022.0028: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.8-1/input0 [ 471.379727][ T544] unknown channel width for channel at 909000KHz? [ 471.391014][ T29] usb 13-1: USB disconnect, device number 36 [ 471.530189][ T550] input: syz0 as /devices/virtual/input/input100 [ 471.600037][ T558] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12244'. [ 471.602887][ T558] netlink: 16 bytes leftover after parsing attributes in process `syz.0.12244'. [ 472.209921][ T599] input input101: cannot allocate more than FF_MAX_EFFECTS effects [ 473.205870][ T634] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12280'. [ 473.579704][ T29] usb 13-1: new high-speed USB device number 37 using dummy_hcd [ 473.685185][ T5987] Bluetooth: hci4: sending frame failed (-49) [ 473.688983][ T5340] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 473.743277][ T29] usb 13-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 473.747986][ T29] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 473.749021][ T9] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 473.753319][ T29] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 473.760200][ T29] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 473.765523][ T29] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 473.769398][ T29] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 473.774818][ T29] usb 13-1: config 0 descriptor?? [ 473.875724][ T682] netlink: 212376 bytes leftover after parsing attributes in process `syz.9.12301'. [ 473.916326][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 473.921892][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 473.925870][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 473.931388][ T9] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 473.935146][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 473.941191][ T9] usb 5-1: config 0 descriptor?? [ 474.194791][ T29] plantronics 0003:047F:FFFF.0029: ignoring exceeding usage max [ 474.201803][ T29] plantronics 0003:047F:FFFF.0029: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 474.358422][ T9] plantronics 0003:047F:FFFF.002A: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 474.468961][T13546] usb 14-1: new full-speed USB device number 32 using dummy_hcd [ 474.640278][T13546] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 27750, setting to 64 [ 474.646734][T13546] usb 14-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 474.650625][T13546] usb 14-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 474.653957][T13546] usb 14-1: Product: syz [ 474.655568][T13546] usb 14-1: Manufacturer: syz [ 474.657622][T13546] usb 14-1: SerialNumber: syz [ 474.664201][T13546] usb 14-1: config 0 descriptor?? [ 475.092087][ T6018] usb 14-1: USB disconnect, device number 32 [ 475.412932][ T5986] usb 5-1: USB disconnect, device number 21 [ 476.198558][ T29] usb 13-1: USB disconnect, device number 37 [ 476.303067][ T40] audit: type=1326 audit(2000000700.517:8622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=772 comm="syz.3.12345" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70be579 code=0x0 [ 477.234745][ T838] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 477.576177][ T862] netlink: 44 bytes leftover after parsing attributes in process `syz.8.12381'. [ 477.581873][ T862] netlink: 43 bytes leftover after parsing attributes in process `syz.8.12381'. [ 477.585904][ T862] netlink: 'syz.8.12381': attribute type 6 has an invalid length. [ 477.590702][ T862] netlink: 'syz.8.12381': attribute type 5 has an invalid length. [ 477.594963][ T862] netlink: 43 bytes leftover after parsing attributes in process `syz.8.12381'. [ 478.174051][ T927] netlink: 348 bytes leftover after parsing attributes in process `syz.3.12409'. [ 478.205974][ T931] netlink: 48 bytes leftover after parsing attributes in process `syz.8.12412'. [ 478.324551][ T946] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12417'. [ 478.417192][ T964] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12424'. [ 478.739060][ T5986] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 478.894239][ T5986] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 478.899339][ T5986] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 478.904159][ T5986] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 478.909383][ T5986] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 478.914982][ T5986] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 478.918597][ T5986] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 478.922741][ T5986] usb 5-1: config 0 descriptor?? [ 479.345044][ T5986] plantronics 0003:047F:FFFF.002B: ignoring exceeding usage max [ 479.351173][ T5986] plantronics 0003:047F:FFFF.002B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 479.483592][ T1025] pim6reg1: entered promiscuous mode [ 479.486001][ T1025] pim6reg1: entered allmulticast mode [ 480.038270][ T1053] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 481.000627][ T1091] netlink: 'syz.9.12470': attribute type 4 has an invalid length. [ 481.298973][T13546] usb 14-1: new high-speed USB device number 33 using dummy_hcd [ 481.310573][ T1112] team_slave_0: entered promiscuous mode [ 481.313109][ T1112] team_slave_1: entered promiscuous mode [ 481.315426][ T1112] macsec1: entered promiscuous mode [ 481.317145][ T1112] team0: entered promiscuous mode [ 481.319597][ T1112] macsec1: entered allmulticast mode [ 481.321537][ T1112] team0: entered allmulticast mode [ 481.323194][ T1112] team_slave_0: entered allmulticast mode [ 481.325066][ T1112] team_slave_1: entered allmulticast mode [ 481.368369][ T1122] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.12482'. [ 481.419889][ T1330] usb 5-1: USB disconnect, device number 22 [ 481.458967][T13546] usb 14-1: Using ep0 maxpacket: 16 [ 481.462710][T13546] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 481.466346][T13546] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 481.469496][T13546] usb 14-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 481.473720][T13546] usb 14-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 481.476726][T13546] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 481.480371][T13546] usb 14-1: config 0 descriptor?? [ 481.538872][ T1134] block nbd1: server does not support multiple connections per device. [ 481.544706][ T1134] block nbd1: shutting down sockets [ 481.892537][T13546] shield 0003:0955:7214.002C: unknown main item tag 0x0 [ 481.894877][T13546] shield 0003:0955:7214.002C: unknown main item tag 0x0 [ 481.897091][T13546] shield 0003:0955:7214.002C: unknown main item tag 0x0 [ 481.899318][T13546] shield 0003:0955:7214.002C: unknown main item tag 0x0 [ 481.901521][T13546] shield 0003:0955:7214.002C: unknown main item tag 0x0 [ 481.904963][T13546] input: HID 0955:7214 Haptics as /devices/virtual/input/input102 [ 481.912662][T13546] shield 0003:0955:7214.002C: Registered Thunderstrike controller [ 481.915588][T13546] shield 0003:0955:7214.002C: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.9-1/input0 [ 481.972122][ T1160] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 482.073675][ T1165] pim6reg: entered allmulticast mode [ 482.083970][ T1165] pim6reg: left allmulticast mode [ 482.096203][ T1099] netlink: 'syz.9.12474': attribute type 2 has an invalid length. [ 482.099591][ T1099] netlink: 244 bytes leftover after parsing attributes in process `syz.9.12474'. [ 482.104943][ T61] shield 0003:0955:7214.002C: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 482.106337][ T6018] usb 14-1: USB disconnect, device number 33 [ 482.108340][ T61] shield 0003:0955:7214.002C: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 482.113950][ T61] shield 0003:0955:7214.002C: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 482.119989][ T61] shield 0003:0955:7214.002C: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 482.577673][ T1175] input: syz0 as /devices/virtual/input/input103 [ 483.137530][ T1195] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 483.613538][ T1208] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12512'. [ 483.617744][ T1208] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12512'. [ 483.672475][ T1215] input: syz1 as /devices/virtual/input/input104 [ 483.714905][ T1217] syzkaller1: entered promiscuous mode [ 483.717312][ T1217] syzkaller1: entered allmulticast mode [ 483.767869][ T1222] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12518'. [ 483.771860][ T1222] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address. [ 483.774659][ T1222] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (68719607821) [ 484.125412][ T1255] lo speed is unknown, defaulting to 1000 [ 484.164710][ T1256] netlink: 'syz.9.12531': attribute type 1 has an invalid length. [ 484.167930][ T1256] netlink: 'syz.9.12531': attribute type 2 has an invalid length. [ 484.319074][ T5986] usb 13-1: new high-speed USB device number 38 using dummy_hcd [ 484.470291][ T5986] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 484.475087][ T5986] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 484.479249][ T5986] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 484.484491][ T5986] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 484.487432][ T5986] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.496559][ T5986] usb 13-1: config 0 descriptor?? [ 484.728881][ T5340] Bluetooth: hci2: command 0x0c1a tx timeout [ 484.728941][ T6018] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 484.734758][ T6018] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 484.904660][ T5986] plantronics 0003:047F:FFFF.002D: unknown main item tag 0x0 [ 484.907036][ T5986] plantronics 0003:047F:FFFF.002D: unknown main item tag 0x0 [ 484.909634][ T5986] plantronics 0003:047F:FFFF.002D: unknown main item tag 0x0 [ 484.911997][ T5986] plantronics 0003:047F:FFFF.002D: unknown main item tag 0x0 [ 484.914464][ T5986] plantronics 0003:047F:FFFF.002D: unknown main item tag 0x0 [ 484.918949][ T5986] plantronics 0003:047F:FFFF.002D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 485.160767][ T61] usb 13-1: USB disconnect, device number 38 [ 486.098804][ T40] audit: type=1326 audit(2000000710.307:8623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1300 comm="syz.9.12549" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 486.107913][ T40] audit: type=1326 audit(2000000710.307:8624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1300 comm="syz.9.12549" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 486.117023][ T40] audit: type=1326 audit(2000000710.317:8625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1300 comm="syz.9.12549" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 486.126669][ T40] audit: type=1326 audit(2000000710.317:8626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1300 comm="syz.9.12549" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 486.134737][ T40] audit: type=1326 audit(2000000710.317:8627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1300 comm="syz.9.12549" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 486.143924][ T40] audit: type=1326 audit(2000000710.317:8628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1300 comm="syz.9.12549" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 486.152681][ T40] audit: type=1326 audit(2000000710.317:8629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1300 comm="syz.9.12549" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 486.161405][ T40] audit: type=1326 audit(2000000710.317:8630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1300 comm="syz.9.12549" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 486.170608][ T40] audit: type=1326 audit(2000000710.327:8631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1300 comm="syz.9.12549" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 486.180486][ T40] audit: type=1326 audit(2000000710.327:8632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1300 comm="syz.9.12549" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc1579 code=0x7ffc0000 [ 486.491159][ T1342] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12566'. [ 486.808880][ T6018] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 486.810794][ T5340] Bluetooth: hci3: command 0x0c1a tx timeout [ 486.811059][ T6018] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 486.855774][ T1381] netlink: 28 bytes leftover after parsing attributes in process `syz.9.12584'. [ 486.858753][ T1381] netlink: 'syz.9.12584': attribute type 7 has an invalid length. [ 486.861177][ T1381] netlink: 'syz.9.12584': attribute type 8 has an invalid length. [ 486.863464][ T1381] netlink: 4 bytes leftover after parsing attributes in process `syz.9.12584'. [ 486.869203][ T1381] gretap0: entered promiscuous mode [ 486.873449][ T1381] gretap0: left promiscuous mode [ 486.903641][ T1385] batadv_slave_0: entered promiscuous mode [ 487.481696][ T1428] netlink: 44 bytes leftover after parsing attributes in process `syz.9.12601'. [ 487.520427][ T1430] netlink: 'syz.9.12602': attribute type 10 has an invalid length. [ 487.594168][ T1434] kvm: user requested TSC rate below hardware speed [ 487.859359][ T1455] overlayfs: missing 'lowerdir' [ 488.079948][ T1485] netlink: 28 bytes leftover after parsing attributes in process `syz.3.12627'. [ 488.082756][ T1485] netlink: 'syz.3.12627': attribute type 7 has an invalid length. [ 488.085097][ T1485] netlink: 'syz.3.12627': attribute type 8 has an invalid length. [ 488.087513][ T1485] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12627'. [ 488.321012][ T1501] netlink: 'syz.9.12631': attribute type 3 has an invalid length. [ 488.431921][ T1514] input: syz1 as /devices/virtual/input/input105 [ 488.434861][ T1514] input: failed to attach handler leds to device input105, error: -6 [ 488.902322][ T5986] usb 13-1: new high-speed USB device number 39 using dummy_hcd [ 488.905874][ T6018] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 488.907930][ T6018] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 489.060424][ T5986] usb 13-1: config index 0 descriptor too short (expected 39, got 27) [ 489.064181][ T5986] usb 13-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 489.068291][ T5986] usb 13-1: config 0 interface 0 has no altsetting 0 [ 489.073878][ T5986] usb 13-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 489.077741][ T5986] usb 13-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 489.081279][ T5986] usb 13-1: Product: syz [ 489.083183][ T5986] usb 13-1: Manufacturer: syz [ 489.085201][ T5986] usb 13-1: SerialNumber: syz [ 489.088275][ T5986] usb 13-1: config 0 descriptor?? [ 489.097267][ T5986] hub 13-1:0.0: bad descriptor, ignoring hub [ 489.100174][ T5986] hub 13-1:0.0: probe with driver hub failed with error -5 [ 489.108969][ T5986] usb 13-1: selecting invalid altsetting 0 [ 489.128499][ T1558] netlink: 14528 bytes leftover after parsing attributes in process `syz.9.12659'. [ 489.189350][ T1561] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 489.820970][ T1593] input: syz1 as /devices/virtual/input/input106 [ 489.823652][ T1593] input: failed to attach handler leds to device input106, error: -6 [ 489.988875][ T1542] usb 13-1: reset high-speed USB device number 39 using dummy_hcd [ 490.162376][ T1542] usb 13-1: device firmware changed [ 490.165297][ T1330] usb 13-1: USB disconnect, device number 39 [ 490.182947][ T1609] kvm: user requested TSC rate below hardware speed [ 490.319070][ T1330] usb 13-1: new high-speed USB device number 40 using dummy_hcd [ 490.495700][ T1330] usb 13-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 490.499815][ T1330] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 490.503503][ T1330] usb 13-1: Product: syz [ 490.505476][ T1330] usb 13-1: Manufacturer: syz [ 490.507944][ T1330] usb 13-1: SerialNumber: syz [ 490.515430][ T1330] usb 13-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 490.568957][ T29] usb 13-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 490.784627][ T61] usb 13-1: USB disconnect, device number 40 [ 490.968805][ T5340] Bluetooth: hci1: command 0x040f tx timeout [ 490.971764][ T6018] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 490.974368][ T6018] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 491.208811][ T9] usb 14-1: new high-speed USB device number 34 using dummy_hcd [ 491.371296][ T9] usb 14-1: config index 0 descriptor too short (expected 45, got 36) [ 491.374265][ T9] usb 14-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 491.379391][ T9] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 491.384060][ T9] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 491.388807][ T9] usb 14-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 491.394054][ T9] usb 14-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 491.397818][ T9] usb 14-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 491.403060][ T9] usb 14-1: config 0 descriptor?? [ 491.406040][ T1649] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22 [ 491.608854][ T29] ath9k_htc 13-1:1.0: ath9k_htc: Target is unresponsive [ 491.612354][ T29] ath9k_htc: Failed to initialize the device [ 491.617904][ T61] usb 13-1: ath9k_htc: USB layer deinitialized [ 491.819811][ T9] hid_parser_main: 10 callbacks suppressed [ 491.819833][ T9] plantronics 0003:047F:FFFF.002E: unknown main item tag 0x0 [ 491.825639][ T9] plantronics 0003:047F:FFFF.002E: unknown main item tag 0x0 [ 491.827999][ T9] plantronics 0003:047F:FFFF.002E: unknown main item tag 0x0 [ 491.830927][ T9] plantronics 0003:047F:FFFF.002E: unknown main item tag 0x0 [ 491.833264][ T9] plantronics 0003:047F:FFFF.002E: unknown main item tag 0x0 [ 491.835850][ T9] plantronics 0003:047F:FFFF.002E: unknown main item tag 0x0 [ 491.839942][ T9] plantronics 0003:047F:FFFF.002E: unknown main item tag 0x0 [ 491.842606][ T9] plantronics 0003:047F:FFFF.002E: unknown main item tag 0x0 [ 491.845326][ T9] plantronics 0003:047F:FFFF.002E: unknown main item tag 0x0 [ 491.847986][ T9] plantronics 0003:047F:FFFF.002E: unknown main item tag 0x0 [ 491.852861][ T9] plantronics 0003:047F:FFFF.002E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0 [ 492.071030][ T61] usb 14-1: USB disconnect, device number 34 [ 492.138922][ T9] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 492.289179][ T9] usb 5-1: Using ep0 maxpacket: 8 [ 492.292619][ T9] usb 5-1: config 0 interface 0 has no altsetting 0 [ 492.295156][ T9] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 492.298359][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 492.302847][ T9] usb 5-1: config 0 descriptor?? [ 492.722565][ T9] mcp2221 0003:04D8:00DD.002F: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 492.916412][ T1671] i2c i2c-2: unsupported multi-msg i2c transaction [ 492.919754][ T9] usb 5-1: USB disconnect, device number 23 [ 493.292852][ T1714] gre0: entered allmulticast mode [ 493.294963][ T1714] gre0: left allmulticast mode [ 493.522592][ T1736] veth1_to_bond: entered allmulticast mode [ 493.525326][ T1736] veth1_to_bond: left allmulticast mode [ 493.571653][ T1738] geneve2: entered promiscuous mode [ 493.574064][ T1738] geneve2: entered allmulticast mode [ 495.427202][ T40] kauditd_printk_skb: 266 callbacks suppressed [ 495.427215][ T40] audit: type=1326 audit(2000000719.637:8899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1805 comm="syz.8.12773" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 495.436458][ T40] audit: type=1326 audit(2000000719.637:8900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1805 comm="syz.8.12773" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 495.443080][ T40] audit: type=1326 audit(2000000719.647:8901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1805 comm="syz.8.12773" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 495.450348][ T40] audit: type=1326 audit(2000000719.647:8902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1805 comm="syz.8.12773" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 495.457832][ T40] audit: type=1326 audit(2000000719.647:8903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1805 comm="syz.8.12773" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 495.466367][ T40] audit: type=1326 audit(2000000719.647:8904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1805 comm="syz.8.12773" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 495.474228][ T40] audit: type=1326 audit(2000000719.647:8905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1805 comm="syz.8.12773" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703e598 code=0x7ffc0000 [ 495.481939][ T40] audit: type=1326 audit(2000000719.647:8906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1805 comm="syz.8.12773" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf703e579 code=0x7ffc0000 [ 495.490073][ T40] audit: type=1326 audit(2000000719.647:8907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1805 comm="syz.8.12773" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703e598 code=0x7ffc0000 [ 495.497723][ T40] audit: type=1326 audit(2000000719.647:8908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1805 comm="syz.8.12773" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf703e598 code=0x7ffc0000 [ 495.637654][ T1818] Bluetooth: hci5: Frame reassembly failed (-84) [ 497.463180][ T1853] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 497.528853][ T5992] Bluetooth: hci4: command 0x1003 tx timeout [ 497.534428][ T5340] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 497.688771][ T5987] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 497.689350][ T5340] Bluetooth: hci5: command 0x1003 tx timeout [ 498.146960][ T1886] tipc: Started in network mode [ 498.149305][ T1886] tipc: Node identity ac1414aa, cluster identity 4711 [ 498.152642][ T1886] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 498.156165][ T1886] tipc: Enabled bearer , priority 10 [ 498.288947][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 498.327561][ T1896] smc: net device bond0 erased user defined pnetid SYZ2 [ 498.333803][ T1896] smc: ib device syz0 ibport 1 erased user defined pnetid SYZ0 [ 498.429160][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 498.568956][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 498.708716][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 498.848915][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 498.886221][ T1945] loop7: detected capacity change from 0 to 7 [ 498.888767][ T1945] Dev loop7: unable to read RDB block 7 [ 498.890620][ T1945] loop7: unable to read partition table [ 498.892483][ T1945] loop7: partition table beyond EOD, truncated [ 498.894434][ T1945] loop_reread_partitions: partition scan of loop7 (被x ) failed (rc=-5) [ 498.988770][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 498.989002][T13546] usb 13-1: new high-speed USB device number 41 using dummy_hcd [ 499.128828][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 499.160505][T13546] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 499.165161][T13546] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 499.169466][T13546] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 499.174734][T13546] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 499.178495][T13546] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 499.185713][T13546] usb 13-1: config 0 descriptor?? [ 499.269565][ T9] tipc: Node number set to 2886997162 [ 499.408801][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 499.603112][T13546] hid_parser_main: 5 callbacks suppressed [ 499.603125][T13546] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0 [ 499.607614][T13546] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0 [ 499.610512][T13546] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0 [ 499.613121][T13546] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0 [ 499.615677][T13546] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0 [ 499.617964][T13546] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0 [ 499.620422][T13546] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0 [ 499.622706][T13546] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0 [ 499.625019][T13546] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0 [ 499.627319][T13546] plantronics 0003:047F:FFFF.0030: unknown main item tag 0x0 [ 499.631759][T13546] plantronics 0003:047F:FFFF.0030: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 499.688732][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 499.849591][ T5340] Bluetooth: hci4: command 0x1003 tx timeout [ 499.850042][ T1975] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 499.854598][ T5987] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 499.858275][ T1974] IPVS: stopping master sync thread 1975 ... [ 499.879794][T13546] usb 13-1: USB disconnect, device number 41 [ 500.945123][ T2056] netlink: 188 bytes leftover after parsing attributes in process `syz.8.12887'. [ 501.054669][ T2070] netlink: 20 bytes leftover after parsing attributes in process `syz.9.12893'. [ 501.066739][ T1422] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.960443][ T2121] overlayfs: upper fs does not support file handles, falling back to index=off. [ 501.964633][ T2121] overlayfs: fs on './file0' does not support file handles, falling back to xino=off. [ 502.073683][ T2139] binder: 2138:2139 ioctl c0306201 0 returned -14 [ 502.128534][ T2145] input: syz1 as /devices/virtual/input/input108 [ 503.127148][ T2192] 9pnet: p9_errstr2errno: server reported unknown error (cF S+v3qf [ 503.368850][ C0] net_ratelimit: 3 callbacks suppressed [ 503.368867][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 504.010420][ T2230] Bluetooth: hci0: expected 2 bytes, got 7 bytes [ 504.409030][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 504.570006][ T2249] bridge_slave_0: left allmulticast mode [ 504.572354][ T2249] bridge_slave_0: left promiscuous mode [ 504.575094][ T2249] bridge0: port 1(bridge_slave_0) entered disabled state [ 504.580099][ T2249] bridge_slave_1: left allmulticast mode [ 504.582335][ T2249] bridge_slave_1: left promiscuous mode [ 504.584671][ T2249] bridge0: port 2(bridge_slave_1) entered disabled state [ 504.591212][ T2249] team0: Port device team_slave_0 removed [ 504.595661][ T2249] team0: Port device team_slave_1 removed [ 504.598586][ T2249] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 504.603009][ T2249] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 505.448981][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 505.828807][T13546] usb 13-1: new high-speed USB device number 42 using dummy_hcd [ 505.998808][T13546] usb 13-1: Using ep0 maxpacket: 8 [ 506.002593][T13546] usb 13-1: config 0 interface 0 has no altsetting 0 [ 506.004934][T13546] usb 13-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 506.007791][T13546] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 506.013102][T13546] usb 13-1: config 0 descriptor?? [ 506.426127][T13546] mcp2221 0003:04D8:00DD.0031: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.8-1/input0 [ 506.488800][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 506.627753][T13546] usb 13-1: USB disconnect, device number 42 [ 506.762979][ T2291] kernel read not supported for file /eth0 (pid: 2291 comm: syz.3.12996) [ 506.767399][ T40] kauditd_printk_skb: 66 callbacks suppressed [ 506.767414][ T40] audit: type=1800 audit(2000000730.977:8975): pid=2291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.12996" name="eth0" dev="mqueue" ino=179002 res=0 errno=0 [ 507.108543][T13546] kernel write not supported for file /sg0 (pid: 13546 comm: kworker/3:4) [ 507.302608][ T2347] sctp: [Deprecated]: syz.0.13023 (pid 2347) Use of struct sctp_assoc_value in delayed_ack socket option. [ 507.302608][ T2347] Use struct sctp_sack_info instead [ 507.529585][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 507.606795][ T2384] evm: overlay not supported [ 508.054019][ T2422] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes [ 508.169584][ T40] audit: type=1326 audit(2000000732.387:8976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2430 comm="syz.9.13063" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fc1579 code=0x0 [ 508.239909][ T2437] bridge_slave_0: left allmulticast mode [ 508.242393][ T2437] bridge_slave_0: left promiscuous mode [ 508.244872][ T2437] bridge0: port 1(bridge_slave_0) entered disabled state [ 508.251689][ T2437] bridge_slave_1: left allmulticast mode [ 508.254033][ T2437] bridge_slave_1: left promiscuous mode [ 508.256528][ T2437] bridge0: port 2(bridge_slave_1) entered disabled state [ 508.264932][ T2437] bond0: (slave bond_slave_0): Releasing backup interface [ 508.268498][ T2437] bond_slave_0: left allmulticast mode [ 508.273679][ T2437] bond0: (slave bond_slave_1): Releasing backup interface [ 508.278460][ T2437] bond_slave_1: left allmulticast mode [ 508.287498][ T2437] team_slave_0: left allmulticast mode [ 508.290951][ T2437] team_slave_0: left promiscuous mode [ 508.297156][ T2437] team0: Port device team_slave_0 removed [ 508.301331][ T2437] team_slave_1: left allmulticast mode [ 508.304459][ T2437] team_slave_1: left promiscuous mode [ 508.309380][ T2437] team0: Port device team_slave_1 removed [ 508.312566][ T2437] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 508.315052][ T2437] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 508.318394][ T2437] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 508.322984][ T2437] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 508.331377][ T6018] lo speed is unknown, defaulting to 1000 [ 508.568801][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 509.388491][ T2481] kvm: apic: phys broadcast and lowest prio [ 509.401104][ T2487] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 509.596890][ T2502] program syz.9.13095 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 509.608718][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 509.941714][ T2523] KVM: debugfs: duplicate directory 2523-4 [ 510.079147][ T2538] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 510.648972][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 511.496302][ T2630] netlink: 8 bytes leftover after parsing attributes in process `syz.8.13146'. [ 511.608410][ T2651] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 511.688889][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 511.754581][ T2663] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 511.780171][ T2669] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 512.068861][T13546] usb 14-1: new high-speed USB device number 35 using dummy_hcd [ 512.099735][ T2700] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13173'. [ 512.207078][ T2710] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 512.220884][T13546] usb 14-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 512.225915][T13546] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 512.231015][T13546] usb 14-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 512.235626][T13546] usb 14-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 512.242905][T13546] usb 14-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 512.246666][T13546] usb 14-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 512.250466][T13546] usb 14-1: Manufacturer: syz [ 512.254185][T13546] usb 14-1: config 0 descriptor?? [ 512.418792][ T61] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 512.578788][ T61] usb 5-1: Using ep0 maxpacket: 16 [ 512.581994][ T61] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 512.585861][ T61] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 512.589713][ T61] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 512.593878][ T61] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 512.596784][ T61] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 512.601377][ T61] usb 5-1: config 0 descriptor?? [ 512.667719][T13546] hid_parser_main: 5 callbacks suppressed [ 512.667731][T13546] appleir 0003:05AC:8243.0032: unknown main item tag 0x0 [ 512.677046][T13546] appleir 0003:05AC:8243.0032: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.9-1/input0 [ 512.728780][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 512.901387][ T2733] netlink: 212376 bytes leftover after parsing attributes in process `syz.8.13185'. [ 512.930951][ T9] usb 14-1: USB disconnect, device number 35 [ 512.943249][ T2738] netlink: 'syz.8.13186': attribute type 1 has an invalid length. [ 512.946699][ T2738] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13186'. [ 513.013908][ T61] shield 0003:0955:7214.0033: unknown main item tag 0x0 [ 513.017471][ T61] shield 0003:0955:7214.0033: unknown main item tag 0x0 [ 513.021145][ T61] shield 0003:0955:7214.0033: unknown main item tag 0x0 [ 513.024154][ T61] shield 0003:0955:7214.0033: unknown main item tag 0x0 [ 513.026949][ T61] shield 0003:0955:7214.0033: unknown main item tag 0x0 [ 513.033066][ T61] input: HID 0955:7214 Haptics as /devices/virtual/input/input111 [ 513.045766][ T61] shield 0003:0955:7214.0033: Registered Thunderstrike controller [ 513.055630][ T61] shield 0003:0955:7214.0033: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.0-1/input0 [ 513.214419][ T840] shield 0003:0955:7214.0033: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 513.214593][ T1330] usb 5-1: USB disconnect, device number 24 [ 513.218226][ T840] shield 0003:0955:7214.0033: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 513.223698][ T840] shield 0003:0955:7214.0033: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 513.227290][ T840] shield 0003:0955:7214.0033: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 513.768783][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 514.012916][ T5340] Bluetooth: hci4: sending frame failed (-49) [ 514.017527][ T5987] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 514.602165][ T2855] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13228'. [ 514.808756][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 514.922227][ T840] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 514.978112][ T2899] netlink: 4 bytes leftover after parsing attributes in process `syz.9.13240'. [ 515.034236][ T2902] hub 6-0:1.0: USB hub found [ 515.036774][ T2902] hub 6-0:1.0: 1 port detected [ 515.081875][ T840] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 515.086107][ T840] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 515.091047][ T840] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 515.094127][ T840] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 515.099344][ T2870] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 515.106443][ T840] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 515.349739][ T6032] usb 5-1: USB disconnect, device number 25 [ 515.545698][ T2951] netlink: 32 bytes leftover after parsing attributes in process `syz.9.13263'. [ 515.848761][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 516.073117][ T2995] input: syz0 as /devices/virtual/input/input112 [ 516.888739][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 517.431240][ T3052] netlink: 96 bytes leftover after parsing attributes in process `syz.9.13297'. [ 517.569379][ T3066] Invalid/unusable pipe [ 517.928815][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 518.628935][ T1330] usb 13-1: new high-speed USB device number 43 using dummy_hcd [ 518.789077][ T1330] usb 13-1: Using ep0 maxpacket: 8 [ 518.792910][ T3120] "syz.3.13326" (3120) uses obsolete ecb(arc4) skcipher [ 518.793501][ T1330] usb 13-1: config 0 interface 0 has no altsetting 0 [ 518.798246][ T1330] usb 13-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 518.801331][ T1330] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 518.805644][ T1330] usb 13-1: config 0 descriptor?? [ 518.968758][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 519.073074][ T3150] lo speed is unknown, defaulting to 1000 [ 519.221907][ T1330] mcp2221 0003:04D8:00DD.0034: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.8-1/input0 [ 519.431006][ T840] usb 13-1: USB disconnect, device number 43 [ 519.693217][ T3170] netlink: 96 bytes leftover after parsing attributes in process `syz.3.13345'. [ 519.927218][ T3190] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13354'. [ 519.931964][ T3190] netlink: 20 bytes leftover after parsing attributes in process `syz.3.13354'. [ 520.008780][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 520.034599][ T3200] netlink: 24 bytes leftover after parsing attributes in process `syz.3.13356'. [ 520.680329][ T3248] netlink: 'syz.0.13381': attribute type 1 has an invalid length. [ 520.683513][ T3248] netlink: 'syz.0.13381': attribute type 4 has an invalid length. [ 520.686905][ T3248] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.13381'. [ 520.930840][ T3260] IPv4: Oversized IP packet from 127.202.26.0 [ 521.058730][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 521.319459][ T3291] input: syz1 as /devices/virtual/input/input113 [ 521.341995][ T3293] vxcan1: entered allmulticast mode [ 521.386474][ T3299] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.13403'. [ 521.473596][ T3305] 8021q: adding VLAN 0 to HW filter on device bond1 [ 521.579895][ T3315] netlink: 24 bytes leftover after parsing attributes in process `syz.8.13411'. [ 521.864155][ T3331] netlink: 32 bytes leftover after parsing attributes in process `syz.0.13417'. [ 521.867855][ T3331] bridge: RTM_NEWNEIGH with invalid ether address [ 522.088782][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 522.317337][ T3366] [ 522.318158][ T3366] ===================================================== [ 522.320360][ T3366] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 522.322703][ T3366] syzkaller #0 Not tainted [ 522.324306][ T3366] ----------------------------------------------------- [ 522.328903][ T3366] syz.9.13432/3366 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 522.331702][ T3366] ffff888061769948 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x138/0x510 [ 522.334537][ T3366] [ 522.334537][ T3366] and this task is already holding: [ 522.337221][ T3366] ffff88806e9ee028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0x10e/0x9b0 [ 522.340758][ T3366] which would create a new lock dependency: [ 522.342771][ T3366] (&client->buffer_lock){....}-{3:3} -> (&new->fa_lock){....}-{3:3} [ 522.345330][ T3366] [ 522.345330][ T3366] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 522.348254][ T3366] (&dev->event_lock#2){..-.}-{3:3} [ 522.348275][ T3366] [ 522.348275][ T3366] ... which became SOFTIRQ-irq-safe at: [ 522.352310][ T3366] lock_acquire+0x179/0x350 [ 522.353790][ T3366] _raw_spin_lock_irqsave+0x3a/0x60 [ 522.355593][ T3366] input_inject_event+0x9f/0x3b0 [ 522.357369][ T3366] led_set_brightness+0x217/0x290 [ 522.359199][ T3366] led_trigger_event+0xda/0x270 [ 522.360794][ T3366] kbd_bh+0x21b/0x300 [ 522.362134][ T3366] tasklet_action_common+0x284/0x400 [ 522.363851][ T3366] handle_softirqs+0x219/0x8e0 [ 522.365430][ T3366] run_ksoftirqd+0x3a/0x60 [ 522.367027][ T3366] smpboot_thread_fn+0x3f7/0xae0 [ 522.368681][ T3366] kthread+0x3c5/0x780 [ 522.370029][ T3366] ret_from_fork+0x5d4/0x6f0 [ 522.371608][ T3366] ret_from_fork_asm+0x1a/0x30 [ 522.373717][ T3366] [ 522.373717][ T3366] to a SOFTIRQ-irq-unsafe lock: [ 522.376610][ T3366] (tasklist_lock){.+.+}-{3:3} [ 522.376638][ T3366] [ 522.376638][ T3366] ... which became SOFTIRQ-irq-unsafe at: [ 522.381722][ T3366] ... [ 522.381732][ T3366] lock_acquire+0x179/0x350 [ 522.384156][ T3366] _raw_read_lock+0x5f/0x70 [ 522.386025][ T3366] __do_wait+0x105/0x890 [ 522.387750][ T3366] do_wait+0x21e/0x5a0 [ 522.389411][ T3366] kernel_wait+0x9f/0x160 [ 522.391106][ T3366] call_usermodehelper_exec_work+0xf1/0x170 [ 522.393171][ T3366] process_one_work+0x9cf/0x1b70 [ 522.394788][ T3366] worker_thread+0x6c8/0xf10 [ 522.396340][ T3366] kthread+0x3c5/0x780 [ 522.397685][ T3366] ret_from_fork+0x5d4/0x6f0 [ 522.399366][ T3366] ret_from_fork_asm+0x1a/0x30 [ 522.400991][ T3366] [ 522.400991][ T3366] other info that might help us debug this: [ 522.400991][ T3366] [ 522.404244][ T3366] Chain exists of: [ 522.404244][ T3366] &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock [ 522.404244][ T3366] [ 522.408505][ T3366] Possible interrupt unsafe locking scenario: [ 522.408505][ T3366] [ 522.411511][ T3366] CPU0 CPU1 [ 522.413531][ T3366] ---- ---- [ 522.416142][ T3366] lock(tasklist_lock); [ 522.417987][ T3366] local_irq_disable(); [ 522.420548][ T3366] lock(&dev->event_lock#2); [ 522.423423][ T3366] lock(&client->buffer_lock); [ 522.426297][ T3366] [ 522.427711][ T3366] lock(&dev->event_lock#2); [ 522.429751][ T3366] [ 522.429751][ T3366] *** DEADLOCK *** [ 522.429751][ T3366] [ 522.433171][ T3366] 7 locks held by syz.9.13432/3366: [ 522.434937][ T3366] #0: ffff888042faa118 (&evdev->mutex){+.+.}-{4:4}, at: evdev_write+0x184/0x440 [ 522.437871][ T3366] #1: ffff888043b86230 (&dev->event_lock#2){..-.}-{3:3}, at: input_inject_event+0x9f/0x3b0 [ 522.441239][ T3366] #2: ffffffff8e5c10a0 (rcu_read_lock){....}-{1:3}, at: input_inject_event+0xbb/0x3b0 [ 522.444403][ T3366] #3: ffffffff8e5c10a0 (rcu_read_lock){....}-{1:3}, at: input_pass_values+0x80/0x880 [ 522.447888][ T3366] #4: ffffffff8e5c10a0 (rcu_read_lock){....}-{1:3}, at: evdev_events+0x7b/0x390 [ 522.451641][ T3366] #5: ffff88806e9ee028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0x10e/0x9b0 [ 522.455370][ T3366] #6: ffffffff8e5c10a0 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x62/0x510 [ 522.458629][ T3366] [ 522.458629][ T3366] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 522.462359][ T3366] -> (&dev->event_lock#2){..-.}-{3:3} { [ 522.464554][ T3366] IN-SOFTIRQ-W at: [ 522.466078][ T3366] lock_acquire+0x179/0x350 [ 522.468192][ T3366] _raw_spin_lock_irqsave+0x3a/0x60 [ 522.470432][ T3366] input_inject_event+0x9f/0x3b0 [ 522.472570][ T3366] led_set_brightness+0x217/0x290 [ 522.474699][ T3366] led_trigger_event+0xda/0x270 [ 522.476973][ T3366] kbd_bh+0x21b/0x300 [ 522.479102][ T3366] tasklet_action_common+0x284/0x400 [ 522.481458][ T3366] handle_softirqs+0x219/0x8e0 [ 522.483478][ T3366] run_ksoftirqd+0x3a/0x60 [ 522.485444][ T3366] smpboot_thread_fn+0x3f7/0xae0 [ 522.487606][ T3366] kthread+0x3c5/0x780 [ 522.489598][ T3366] ret_from_fork+0x5d4/0x6f0 [ 522.491694][ T3366] ret_from_fork_asm+0x1a/0x30 [ 522.493858][ T3366] INITIAL USE at: [ 522.495227][ T3366] lock_acquire+0x179/0x350 [ 522.497530][ T3366] _raw_spin_lock_irqsave+0x3a/0x60 [ 522.499821][ T3366] input_inject_event+0x9f/0x3b0 [ 522.501996][ T3366] led_set_brightness+0x217/0x290 [ 522.504144][ T3366] kbd_led_trigger_activate+0xcb/0x110 [ 522.506422][ T3366] led_trigger_set+0x59a/0xc50 [ 522.508622][ T3366] led_trigger_set_default+0x1e0/0x2e0 [ 522.510928][ T3366] led_classdev_register_ext+0x7b8/0xa10 [ 522.513248][ T3366] input_leds_connect+0x552/0x8e0 [ 522.515357][ T3366] input_attach_handler.isra.0+0x173/0x250 [ 522.517770][ T3366] input_register_device+0xab9/0x1180 [ 522.519984][ T3366] atkbd_connect+0x5f8/0xa40 [ 522.522050][ T3366] serio_driver_probe+0x7f/0xd0 [ 522.524123][ T3366] really_probe+0x241/0xa90 [ 522.526085][ T3366] __driver_probe_device+0x1de/0x440 [ 522.528252][ T3366] driver_probe_device+0x4c/0x1b0 [ 522.530451][ T3366] __driver_attach+0x283/0x580 [ 522.532527][ T3366] bus_for_each_dev+0x13e/0x1d0 [ 522.534604][ T3366] serio_handle_event+0x335/0xc30 [ 522.536784][ T3366] process_one_work+0x9cf/0x1b70 [ 522.539234][ T3366] worker_thread+0x6c8/0xf10 [ 522.541370][ T3366] kthread+0x3c5/0x780 [ 522.543266][ T3366] ret_from_fork+0x5d4/0x6f0 [ 522.545224][ T3366] ret_from_fork_asm+0x1a/0x30 [ 522.547283][ T3366] } [ 522.548145][ T3366] ... key at: [] __key.7+0x0/0x40 [ 522.550469][ T3366] -> (&client->buffer_lock){....}-{3:3} { [ 522.552280][ T3366] INITIAL USE at: [ 522.553566][ T3366] lock_acquire+0x179/0x350 [ 522.555563][ T3366] _raw_spin_lock+0x2e/0x40 [ 522.557514][ T3366] evdev_pass_values+0x10e/0x9b0 [ 522.559572][ T3366] evdev_events+0x1bb/0x390 [ 522.561562][ T3366] input_pass_values+0x74b/0x880 [ 522.563538][ T3366] input_handle_event+0xf00/0x14d0 [ 522.565612][ T3366] input_inject_event+0x1e8/0x3b0 [ 522.567741][ T3366] evdev_write+0x2e1/0x440 [ 522.569669][ T3366] vfs_write+0x2a0/0x11d0 [ 522.571601][ T3366] ksys_write+0x1f8/0x250 [ 522.573578][ T3366] __do_fast_syscall_32+0x7c/0x3a0 [ 522.575907][ T3366] do_fast_syscall_32+0x32/0x80 [ 522.578031][ T3366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 522.580559][ T3366] } [ 522.581390][ T3366] ... key at: [] __key.1+0x0/0x40 [ 522.583774][ T3366] ... acquired at: [ 522.585023][ T3366] _raw_spin_lock+0x2e/0x40 [ 522.586541][ T3366] evdev_pass_values+0x10e/0x9b0 [ 522.588194][ T3366] evdev_events+0x1bb/0x390 [ 522.589867][ T3366] input_pass_values+0x74b/0x880 [ 522.591455][ T3366] input_handle_event+0xf00/0x14d0 [ 522.593183][ T3366] input_inject_event+0x1e8/0x3b0 [ 522.594897][ T3366] evdev_write+0x2e1/0x440 [ 522.596387][ T3366] vfs_write+0x2a0/0x11d0 [ 522.597822][ T3366] ksys_write+0x1f8/0x250 [ 522.599258][ T3366] __do_fast_syscall_32+0x7c/0x3a0 [ 522.600967][ T3366] do_fast_syscall_32+0x32/0x80 [ 522.602560][ T3366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 522.604597][ T3366] [ 522.605369][ T3366] [ 522.605369][ T3366] the dependencies between the lock to be acquired [ 522.605375][ T3366] and SOFTIRQ-irq-unsafe lock: [ 522.609604][ T3366] -> (tasklist_lock){.+.+}-{3:3} { [ 522.611252][ T3366] HARDIRQ-ON-R at: [ 522.612561][ T3366] lock_acquire+0x179/0x350 [ 522.614628][ T3366] _raw_read_lock+0x5f/0x70 [ 522.616999][ T3366] __do_wait+0x105/0x890 [ 522.619334][ T3366] do_wait+0x21e/0x5a0 [ 522.621567][ T3366] kernel_wait+0x9f/0x160 [ 522.623695][ T3366] call_usermodehelper_exec_work+0xf1/0x170 [ 522.626997][ T3366] process_one_work+0x9cf/0x1b70 [ 522.629763][ T3366] worker_thread+0x6c8/0xf10 [ 522.631982][ T3366] kthread+0x3c5/0x780 [ 522.633884][ T3366] ret_from_fork+0x5d4/0x6f0 [ 522.635960][ T3366] ret_from_fork_asm+0x1a/0x30 [ 522.638242][ T3366] SOFTIRQ-ON-R at: [ 522.639681][ T3366] lock_acquire+0x179/0x350 [ 522.641892][ T3366] _raw_read_lock+0x5f/0x70 [ 522.644096][ T3366] __do_wait+0x105/0x890 [ 522.646091][ T3366] do_wait+0x21e/0x5a0 [ 522.647942][ T3366] kernel_wait+0x9f/0x160 [ 522.650097][ T3366] call_usermodehelper_exec_work+0xf1/0x170 [ 522.652925][ T3366] process_one_work+0x9cf/0x1b70 [ 522.655407][ T3366] worker_thread+0x6c8/0xf10 [ 522.657597][ T3366] kthread+0x3c5/0x780 [ 522.659573][ T3366] ret_from_fork+0x5d4/0x6f0 [ 522.662122][ T3366] ret_from_fork_asm+0x1a/0x30 [ 522.664707][ T3366] INITIAL USE at: [ 522.666068][ T3366] lock_acquire+0x179/0x350 [ 522.668215][ T3366] _raw_write_lock_irq+0x36/0x50 [ 522.670378][ T3366] copy_process+0x4caf/0x7690 [ 522.672515][ T3366] kernel_clone+0xfc/0x930 [ 522.674538][ T3366] user_mode_thread+0xc7/0x110 [ 522.676808][ T3366] rest_init+0x23/0x2b0 [ 522.678883][ T3366] start_kernel+0x3ee/0x4d0 [ 522.681219][ T3366] x86_64_start_reservations+0x18/0x30 [ 522.683750][ T3366] x86_64_start_kernel+0x130/0x190 [ 522.686007][ T3366] common_startup_64+0x13e/0x148 [ 522.688254][ T3366] INITIAL READ USE at: [ 522.689720][ T3366] lock_acquire+0x179/0x350 [ 522.691785][ T3366] _raw_read_lock+0x5f/0x70 [ 522.693851][ T3366] __do_wait+0x105/0x890 [ 522.695772][ T3366] do_wait+0x21e/0x5a0 [ 522.697781][ T3366] kernel_wait+0x9f/0x160 [ 522.700035][ T3366] call_usermodehelper_exec_work+0xf1/0x170 [ 522.703105][ T3366] process_one_work+0x9cf/0x1b70 [ 522.705391][ T3366] worker_thread+0x6c8/0xf10 [ 522.707555][ T3366] kthread+0x3c5/0x780 [ 522.709597][ T3366] ret_from_fork+0x5d4/0x6f0 [ 522.711859][ T3366] ret_from_fork_asm+0x1a/0x30 [ 522.714109][ T3366] } [ 522.715066][ T3366] ... key at: [] tasklist_lock+0x18/0x40 [ 522.718321][ T3366] ... acquired at: [ 522.719729][ T3366] _raw_read_lock+0x5f/0x70 [ 522.721438][ T3366] send_sigio+0xb8/0x3e0 [ 522.722901][ T3366] dnotify_handle_event+0x15e/0x2b0 [ 522.724602][ T3366] fsnotify_handle_inode_event.isra.0+0x1df/0x3f0 [ 522.726678][ T3366] fsnotify+0x13d6/0x1dc0 [ 522.728096][ T3366] path_openat+0x1b50/0x2cb0 [ 522.729609][ T3366] do_filp_open+0x20b/0x470 [ 522.731132][ T3366] do_sys_openat2+0x11b/0x1d0 [ 522.732701][ T3366] __ia32_compat_sys_openat+0x16d/0x210 [ 522.734528][ T3366] __do_fast_syscall_32+0x7c/0x3a0 [ 522.736216][ T3366] do_fast_syscall_32+0x32/0x80 [ 522.737818][ T3366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 522.739950][ T3366] [ 522.740713][ T3366] -> (&f_owner->lock){....}-{3:3} { [ 522.742320][ T3366] INITIAL USE at: [ 522.743587][ T3366] lock_acquire+0x179/0x350 [ 522.745455][ T3366] _raw_write_lock_irq+0x36/0x50 [ 522.747523][ T3366] __f_setown+0x61/0x3c0 [ 522.749517][ T3366] fcntl_dirnotify+0x7b1/0xb60 [ 522.751573][ T3366] do_fcntl+0xe62/0x15a0 [ 522.753463][ T3366] do_compat_fcntl64+0x367/0x710 [ 522.755535][ T3366] __do_fast_syscall_32+0x7c/0x3a0 [ 522.757811][ T3366] do_fast_syscall_32+0x32/0x80 [ 522.759901][ T3366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 522.762389][ T3366] INITIAL READ USE at: [ 522.763787][ T3366] lock_acquire+0x179/0x350 [ 522.765846][ T3366] _raw_read_lock_irqsave+0x74/0x90 [ 522.768243][ T3366] send_sigio+0x31/0x3e0 [ 522.770319][ T3366] dnotify_handle_event+0x15e/0x2b0 [ 522.772680][ T3366] fsnotify_handle_inode_event.isra.0+0x1df/0x3f0 [ 522.775395][ T3366] fsnotify+0x13d6/0x1dc0 [ 522.777551][ T3366] vfs_symlink+0x564/0x680 [ 522.780181][ T3366] do_symlinkat+0x261/0x310 [ 522.782550][ T3366] __ia32_sys_symlink+0x74/0x90 [ 522.784982][ T3366] __do_fast_syscall_32+0x7c/0x3a0 [ 522.787761][ T3366] do_fast_syscall_32+0x32/0x80 [ 522.790278][ T3366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 522.792859][ T3366] } [ 522.793715][ T3366] ... key at: [] __key.1+0x0/0x40 [ 522.795973][ T3366] ... acquired at: [ 522.797173][ T3366] _raw_read_lock_irqsave+0x74/0x90 [ 522.798998][ T3366] send_sigio+0x31/0x3e0 [ 522.800638][ T3366] kill_fasync+0x214/0x510 [ 522.802498][ T3366] lease_break_callback+0x23/0x30 [ 522.804580][ T3366] __break_lease+0x674/0x1810 [ 522.806361][ T3366] do_dentry_open+0x91f/0x1530 [ 522.807851][ T3366] vfs_open+0x82/0x3f0 [ 522.809150][ T3366] path_openat+0x1de4/0x2cb0 [ 522.810625][ T3366] do_filp_open+0x20b/0x470 [ 522.812037][ T3366] do_sys_openat2+0x11b/0x1d0 [ 522.813493][ T3366] __ia32_compat_sys_openat+0x16d/0x210 [ 522.815425][ T3366] __do_fast_syscall_32+0x7c/0x3a0 [ 522.817327][ T3366] do_fast_syscall_32+0x32/0x80 [ 522.818947][ T3366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 522.821225][ T3366] [ 522.822150][ T3366] -> (&new->fa_lock){....}-{3:3} { [ 522.824314][ T3366] INITIAL USE at: [ 522.825725][ T3366] lock_acquire+0x179/0x350 [ 522.827767][ T3366] _raw_write_lock_irq+0x36/0x50 [ 522.829855][ T3366] fasync_remove_entry+0xb2/0x1e0 [ 522.832092][ T3366] fasync_helper+0xaf/0xd0 [ 522.833978][ T3366] sg_fasync+0xe4/0x180 [ 522.835811][ T3366] __fput+0x96b/0xb70 [ 522.837679][ T3366] task_work_run+0x14d/0x240 [ 522.839718][ T3366] exit_to_user_mode_loop+0xeb/0x110 [ 522.842101][ T3366] __do_fast_syscall_32+0x2ac/0x3a0 [ 522.844581][ T3366] do_fast_syscall_32+0x32/0x80 [ 522.846801][ T3366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 522.849503][ T3366] INITIAL READ USE at: [ 522.850888][ T3366] lock_acquire+0x179/0x350 [ 522.853390][ T3366] _raw_read_lock_irqsave+0x74/0x90 [ 522.856419][ T3366] kill_fasync+0x138/0x510 [ 522.859341][ T3366] snd_fasync_work_fn+0x1ac/0x240 [ 522.862054][ T3366] process_one_work+0x9cf/0x1b70 [ 522.864808][ T3366] worker_thread+0x6c8/0xf10 [ 522.867440][ T3366] kthread+0x3c5/0x780 [ 522.869985][ T3366] ret_from_fork+0x5d4/0x6f0 [ 522.873070][ T3366] ret_from_fork_asm+0x1a/0x30 [ 522.875521][ T3366] } [ 522.876366][ T3366] ... key at: [] __key.0+0x0/0x40 [ 522.878564][ T3366] ... acquired at: [ 522.879954][ T3366] lock_acquire+0x179/0x350 [ 522.881517][ T3366] _raw_read_lock_irqsave+0x74/0x90 [ 522.883203][ T3366] kill_fasync+0x138/0x510 [ 522.884695][ T3366] evdev_pass_values+0x619/0x9b0 [ 522.886294][ T3366] evdev_events+0x1bb/0x390 [ 522.887870][ T3366] input_pass_values+0x74b/0x880 [ 522.889492][ T3366] input_handle_event+0xf00/0x14d0 [ 522.891157][ T3366] input_inject_event+0x1e8/0x3b0 [ 522.893063][ T3366] evdev_write+0x2e1/0x440 [ 522.894533][ T3366] vfs_write+0x2a0/0x11d0 [ 522.895988][ T3366] ksys_write+0x1f8/0x250 [ 522.897428][ T3366] __do_fast_syscall_32+0x7c/0x3a0 [ 522.899129][ T3366] do_fast_syscall_32+0x32/0x80 [ 522.900800][ T3366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 522.902953][ T3366] [ 522.903738][ T3366] [ 522.903738][ T3366] stack backtrace: [ 522.905661][ T3366] CPU: 1 UID: 0 PID: 3366 Comm: syz.9.13432 Not tainted syzkaller #0 PREEMPT(full) [ 522.905677][ T3366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 522.905683][ T3366] Call Trace: [ 522.905689][ T3366] [ 522.905695][ T3366] dump_stack_lvl+0x116/0x1f0 [ 522.905713][ T3366] check_irq_usage+0x7dc/0x920 [ 522.905730][ T3366] ? check_path.constprop.0+0x24/0x50 [ 522.905744][ T3366] ? __lock_acquire+0x12bc/0x1ce0 [ 522.905757][ T3366] __lock_acquire+0x12bc/0x1ce0 [ 522.905773][ T3366] lock_acquire+0x179/0x350 [ 522.905786][ T3366] ? kill_fasync+0x138/0x510 [ 522.905804][ T3366] _raw_read_lock_irqsave+0x74/0x90 [ 522.905817][ T3366] ? kill_fasync+0x138/0x510 [ 522.905831][ T3366] kill_fasync+0x138/0x510 [ 522.905846][ T3366] evdev_pass_values+0x619/0x9b0 [ 522.905859][ T3366] evdev_events+0x1bb/0x390 [ 522.905870][ T3366] input_pass_values+0x74b/0x880 [ 522.905885][ T3366] input_handle_event+0xf00/0x14d0 [ 522.905896][ T3366] ? _copy_from_user+0x59/0xd0 [ 522.905914][ T3366] input_inject_event+0x1e8/0x3b0 [ 522.905926][ T3366] evdev_write+0x2e1/0x440 [ 522.905937][ T3366] ? __pfx_evdev_write+0x10/0x10 [ 522.905946][ T3366] ? common_file_perm+0x1a9/0x340 [ 522.905960][ T3366] ? bpf_lsm_file_permission+0x9/0x10 [ 522.905976][ T3366] ? security_file_permission+0x71/0x210 [ 522.905992][ T3366] ? rw_verify_area+0xcf/0x6c0 [ 522.906005][ T3366] ? __pfx_evdev_write+0x10/0x10 [ 522.906020][ T3366] vfs_write+0x2a0/0x11d0 [ 522.906035][ T3366] ? __pfx_vfs_write+0x10/0x10 [ 522.906048][ T3366] ? find_held_lock+0x2b/0x80 [ 522.906059][ T3366] ? __fget_files+0x204/0x3c0 [ 522.906073][ T3366] ? __fget_files+0x20e/0x3c0 [ 522.906087][ T3366] ksys_write+0x1f8/0x250 [ 522.906101][ T3366] ? __pfx_ksys_write+0x10/0x10 [ 522.906115][ T3366] ? rcu_is_watching+0x12/0xc0 [ 522.906128][ T3366] __do_fast_syscall_32+0x7c/0x3a0 [ 522.906146][ T3366] do_fast_syscall_32+0x32/0x80 [ 522.906161][ T3366] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 522.906177][ T3366] RIP: 0023:0xf7fc1579 [ 522.906188][ T3366] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 522.906200][ T3366] RSP: 002b:00000000f54e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 522.906213][ T3366] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040 [ 522.906221][ T3366] RDX: 0000000000001068 RSI: 0000000000000000 RDI: 0000000000000000 [ 522.906228][ T3366] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 522.906235][ T3366] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 522.906242][ T3366] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 522.906254][ T3366] [ 523.008437][ C1] vkms_vblank_simulate: vblank timer overrun [ 523.138755][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 524.178890][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 525.208767][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 526.248913][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 527.288794][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 528.328777][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 529.378729][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 530.418764][ C0] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 531.448885][ C3] IPVS: nq: UDP 224.0.0.2:0 - no destination available VM DIAGNOSIS: 19:13:55 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffff88802b33ffc0 RCX=ffffffff81af11d1 RDX=ffff888024760000 RSI=ffffffff81af11ab RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90004467660 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=dffffc0000000000 R13=ffffed1005667ff9 R14=0000000000000001 R15=0000000000000001 RIP=ffffffff81af11b7 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880974c3000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7441594 CR3=0000000075e85000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85616e45 RDI=ffffffff9b0f9700 RBP=ffffffff9b0f96c0 RSP=ffffc900038572f0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000002d R14=ffffffff9b0f96c0 R15=ffffffff85616de0 RIP=ffffffff85616e6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880975c3000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f54e44b4 CR3=0000000054b7b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5b8937299cad3285 116ec3dd913603f2 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4d61c10ab231ffb3 85bc52400b73c6fa ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a0c6d1d8535179b 5b70fb441f510bd4 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6e19d7c1227b06e9 6dee94b46b3f3b01 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000021c0 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 cf840000399e0000 00000053013d637e ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 8b4b0000568c0000 0061000015f00000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 72c80000013d624f 00000062013d6245 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 013d63e2013d6455 7352000000000003 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 92448a193f0d1950 8b4478b5dcd40b27 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b3055d700c04d55 a02468deb912974d ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=ffffffff91d39db0 RBX=0000000000000002 RCX=dffffc0000000000 RDX=000000000000000a RSI=ffffffff91d39db0 RDI=ffffffff911e6d04 RBP=ffffffff911e6d04 RSP=ffffc900005384b8 R8 =ffffffff91d39dec R9 =0000000000000000 R10=ffffc90000538568 R11=0000000000086dc4 R12=ffffffff911e6d28 R13=ffffffff896dc4d9 R14=ffffffff911e6d04 R15=ffffffff911e6d04 RIP=ffffffff816aaaf9 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f490f07b300 ffffffff 00c00000 GS =0000 ffff8880976c3000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005561ebee1000 CR3=0000000051bec000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0003000000100008 0000000000000004 000c001a00100000 0014010000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000c000000080004 001c000e00000000 0000000000000000 3460000000200000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0468000000003455 3780000000140000 001c0000000e0014 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 d1f3ffffffff816e 1237ffffffff816e 11cdffffffff816e 11beffffffff8162 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 c675ffffffff8162 c66effffffff815f eae8ffffffff815f eabb000000960100 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000260000 04c400000010ffff ec54000003e60000 0008000400000008 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0008000000140000 09c000006e280000 13d800007b400000 95a4000000060000 ZMM24=70d816f770d816f7 70d816f770d816f7 70d816f770d816f7 70d816f770d816f7 70d816f770d816f7 70d816f770d816f7 70d816f770d816f7 70d816f770d816f7 ZMM25=a0782bb0a0782bb0 a0782bb0a0782bb0 a0782bb0a0782bb0 a0782bb0a0782bb0 a0782bb0a0782bb0 a0782bb0a0782bb0 a0782bb0a0782bb0 a0782bb0a0782bb0 ZMM26=8016930680169306 8016930680169306 8016930680169306 8016930680169306 8016930680169306 8016930680169306 8016930680169306 8016930680169306 ZMM27=5c415d245c415d24 5c415d245c415d24 5c415d245c415d24 5c415d245c415d24 5c415d245c415d24 5c415d245c415d24 5c415d245c415d24 5c415d245c415d24 ZMM28=00000200000001ff 000001fe000001fd 000001fc000001fb 000001fa000001f9 000001f8000001f7 000001f6000001f5 000001f4000001f3 000001f2000001f1 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=c47f0000c47f0000 c47f0000c47f0000 c47f0000c47f0000 c47f0000c47f0000 c47f0000c47f0000 c47f0000c47f0000 c47f0000c47f0000 c47f0000c47f0000 info registers vcpu 3 CPU#3 RAX=ffff888040885840 RBX=ffff888040885838 RCX=ffffffff822c2cac RDX=0000000000000001 RSI=0000000000000004 RDI=ffff88804088583c RBP=0000000000000000 RSP=ffffc900042af558 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=000000000000001e R12=ffff8880408857f0 R13=0000000000000001 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8220618b RFL=00000292 [--S-A--] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880977c3000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7f855c0 CR3=000000005439b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000