last executing test programs: 19.731316745s ago: executing program 2 (id=18265): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="90000000", @ANYRES16=r1, @ANYBLOB="01000000000000000000010000000c0005006c000000000000000c0002000000000000000000040007800c000800000000000000000008000100000000004400078008"], 0x90}}, 0x0) 19.673560011s ago: executing program 2 (id=18267): r0 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b\xba\xdf//\xdc/\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000880)="b9", 0x1}], 0x1}, 0x20048811) recvmsg$unix(r0, &(0x7f00000009c0)={0x0, 0x0, 0x0}, 0x40) 1.006824195s ago: executing program 1 (id=18919): timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) rt_sigtimedwait(&(0x7f0000000080)={[0x9, 0x5]}, 0x0, 0x0, 0x8) 826.776908ms ago: executing program 1 (id=18923): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0xe25, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000340)={0x2, 0x4e21, 0x0, @dev={0xfe, 0x80, '\x00', 0x16}}, 0x1c) 826.612655ms ago: executing program 1 (id=18924): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='sessionid\x00') prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) read$FUSE(r0, 0x0, 0x0) 313.962688ms ago: executing program 3 (id=18937): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x1c, r1, 0x483, 0x0, 0x25dfdbfe, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x4}, @ETHTOOL_A_STRSET_HEADER={0x4}]}, 0x1c}}, 0x804) 246.566342ms ago: executing program 3 (id=18938): bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCOUTQ(r0, 0x4bfb, &(0x7f0000000380)) 244.842983ms ago: executing program 0 (id=18940): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090f00080000000000000000850000000e000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r0}, 0x10) copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0x7, 0x0) 209.964197ms ago: executing program 3 (id=18941): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x20, r1, 0x30d, 0x0, 0x0, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8}]}]}, 0x20}}, 0x0) 209.62722ms ago: executing program 0 (id=18942): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0) sendmsg$NFC_CMD_START_POLL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)={0x2c, r1, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x12}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x60}]}, 0x2c}}, 0x0) 146.528425ms ago: executing program 0 (id=18943): r0 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x40, 0x4000, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0) 137.142807ms ago: executing program 0 (id=18944): r0 = socket$unix(0x1, 0x5, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000080)=0xcdb, 0x4) close(0x3) 66.463094ms ago: executing program 0 (id=18945): r0 = syz_open_dev$radio(&(0x7f0000000080), 0x3, 0x2) ioctl$VIDIOC_DQEVENT(r0, 0x80785659, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000140)={0x3, 0x98f90f, 0x1}) 65.401445ms ago: executing program 3 (id=18946): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f024}) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000980)={0x2, @pix_mp={0xa, 0x81, 0x50565559, 0x4, 0xb, [{0x200, 0x1}, {0xfffffff7, 0x9}, {0x5, 0x5}, {0x0, 0x3}, {0x8, 0x9d8}, {0x10, 0x4}, {0x1}, {0xfffff000}], 0xcb, 0x9, 0x8, 0x4, 0x6}}) 1.565682ms ago: executing program 3 (id=18947): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r0, &(0x7f0000000100)={&(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000440)=""/4095, 0xfff}], 0x1}, 0x0) 1.289113ms ago: executing program 0 (id=18948): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0xcc540, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) preadv2(r0, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffe00}], 0x1, 0x0, 0x0, 0x0) 0s ago: executing program 3 (id=18949): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, 0x0) kernel console output (not intermixed with test programs): 3819 comm="syz.1.14564" exe="/syz-executor" sig=0 arch=40000003 syscall=163 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 228.818533][ T40] audit: type=1326 audit(2000000004.426:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3819 comm="syz.1.14564" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 228.825202][ T3823] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 228.825883][ T40] audit: type=1326 audit(2000000004.426:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3819 comm="syz.1.14564" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 228.827325][ T3823] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 228.837676][ T3823] vhci_hcd vhci_hcd.0: Device attached [ 228.859237][ T3825] vhci_hcd: connection closed [ 228.859548][ T46] vhci_hcd: stop threads [ 228.862994][ T46] vhci_hcd: release socket [ 228.865265][ T46] vhci_hcd: disconnect device [ 229.534394][ T3841] netlink: 'syz.1.14571': attribute type 3 has an invalid length. [ 229.539426][ T3841] netlink: 'syz.1.14571': attribute type 2 has an invalid length. [ 229.640679][ T3851] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 229.643457][ T3851] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 229.648985][ T3851] vhci_hcd vhci_hcd.0: Device attached [ 229.654369][ T3853] usbip_core: unknown command [ 229.656179][ T3853] vhci_hcd: unknown pdu 0 [ 229.657733][ T3853] usbip_core: unknown command [ 229.659618][ T1141] vhci_hcd: stop threads [ 229.661896][ T1141] vhci_hcd: release socket [ 229.663855][ T1141] vhci_hcd: disconnect device [ 229.694206][ T3860] syz.2.14581: vmalloc error: size 2147483264, exceeds total pages, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 229.700265][ T3860] CPU: 0 UID: 0 PID: 3860 Comm: syz.2.14581 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 229.700281][ T3860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 229.700288][ T3860] Call Trace: [ 229.700292][ T3860] [ 229.700296][ T3860] dump_stack_lvl+0x16c/0x1f0 [ 229.700316][ T3860] warn_alloc+0x248/0x3a0 [ 229.700334][ T3860] ? __pfx_warn_alloc+0x10/0x10 [ 229.700348][ T3860] ? do_raw_spin_lock+0x12c/0x2b0 [ 229.700362][ T3860] ? lock_acquire+0x179/0x350 [ 229.700373][ T3860] ? __lock_acquire+0xaa4/0x1ba0 [ 229.700389][ T3860] ? do_replace+0x1c3/0x480 [ 229.700406][ T3860] __vmalloc_node_range_noprof+0x10ea/0x1540 [ 229.700422][ T3860] ? find_held_lock+0x2b/0x80 [ 229.700436][ T3860] ? do_replace+0x1c3/0x480 [ 229.700449][ T3860] ? __might_fault+0x13b/0x190 [ 229.700467][ T3860] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 229.700480][ T3860] ? _copy_from_user+0x59/0xd0 [ 229.700493][ T3860] ? copy_from_sockptr_offset.constprop.0+0xe5/0x170 [ 229.700509][ T3860] ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10 [ 229.700525][ T3860] ? copy_from_sockptr_offset.constprop.0+0xe5/0x170 [ 229.700541][ T3860] ? do_replace+0x1c3/0x480 [ 229.700556][ T3860] __vmalloc_noprof+0x6d/0x90 [ 229.700568][ T3860] ? do_replace+0x1c3/0x480 [ 229.700583][ T3860] do_replace+0x1c3/0x480 [ 229.700599][ T3860] ? __pfx_do_replace+0x10/0x10 [ 229.700619][ T3860] ? __lock_acquire+0xaa4/0x1ba0 [ 229.700636][ T3860] compat_do_replace+0x585/0x7c0 [ 229.700653][ T3860] ? __pfx_compat_do_replace+0x10/0x10 [ 229.700668][ T3860] ? aa_get_newest_label+0x375/0x680 [ 229.700679][ T3860] ? __pfx_aa_get_newest_label+0x10/0x10 [ 229.700695][ T3860] ? bpf_lsm_capable+0x9/0x10 [ 229.700709][ T3860] ? security_capable+0x7e/0x260 [ 229.700721][ T3860] do_ebt_set_ctl+0x429/0x4d0 [ 229.700737][ T3860] ? __pfx_do_ebt_set_ctl+0x10/0x10 [ 229.700754][ T3860] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 229.700767][ T3860] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 229.700784][ T3860] nf_setsockopt+0x8a/0xf0 [ 229.700799][ T3860] ip_setsockopt+0xcb/0xf0 [ 229.700810][ T3860] tcp_setsockopt+0xa4/0x100 [ 229.700822][ T3860] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 229.700839][ T3860] do_sock_setsockopt+0x221/0x470 [ 229.700854][ T3860] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 229.700876][ T3860] __sys_setsockopt+0x1a0/0x230 [ 229.700891][ T3860] __ia32_sys_setsockopt+0xbc/0x160 [ 229.700903][ T3860] ? lockdep_hardirqs_on+0x7c/0x110 [ 229.700917][ T3860] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 229.700932][ T3860] __do_fast_syscall_32+0x73/0x120 [ 229.700948][ T3860] do_fast_syscall_32+0x32/0x80 [ 229.700963][ T3860] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 229.700976][ T3860] RIP: 0023:0xf70ae579 [ 229.700985][ T3860] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 229.700995][ T3860] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 229.701008][ T3860] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 229.701017][ T3860] RDX: 0000000000000080 RSI: 0000000080000640 RDI: 00000000000001e8 [ 229.701026][ T3860] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 229.701034][ T3860] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 229.701041][ T3860] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 229.701054][ T3860] [ 229.701057][ T3860] Mem-Info: [ 229.813154][ T3860] active_anon:5897 inactive_anon:733 isolated_anon:0 [ 229.813154][ T3860] active_file:11223 inactive_file:1436 isolated_file:0 [ 229.813154][ T3860] unevictable:1768 dirty:401 writeback:0 [ 229.813154][ T3860] slab_reclaimable:5792 slab_unreclaimable:66455 [ 229.813154][ T3860] mapped:22453 shmem:1860 pagetables:807 [ 229.813154][ T3860] sec_pagetables:326 bounce:0 [ 229.813154][ T3860] kernel_misc_reclaimable:0 [ 229.813154][ T3860] free:64002 free_pcp:4807 free_cma:0 [ 229.833343][ T3860] Node 0 active_anon:2828kB inactive_anon:0kB active_file:2376kB inactive_file:408kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:384kB dirty:44kB writeback:0kB shmem:3644kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9100kB pagetables:932kB sec_pagetables:1176kB all_unreclaimable? yes Balloon:0kB [ 229.846483][ T3860] Node 1 active_anon:20760kB inactive_anon:2932kB active_file:42516kB inactive_file:5336kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:89428kB dirty:1560kB writeback:0kB shmem:3796kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3444kB pagetables:2296kB sec_pagetables:128kB all_unreclaimable? no Balloon:0kB [ 229.859874][ T3860] Node 0 DMA free:2904kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:12kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:164kB local_pcp:0kB free_cma:0kB [ 229.871087][ T3860] lowmem_reserve[]: 0 290 290 290 290 [ 229.873291][ T3860] Node 0 DMA32 free:17728kB boost:0kB min:13336kB low:16668kB high:20000kB reserved_highatomic:4096KB active_anon:2816kB inactive_anon:0kB active_file:2376kB inactive_file:408kB unevictable:3536kB writepending:44kB present:1032196kB managed:297476kB mlocked:0kB bounce:0kB free_pcp:2116kB local_pcp:388kB free_cma:0kB [ 229.885106][ T3860] lowmem_reserve[]: 0 0 0 0 0 [ 229.887144][ T3860] Node 1 DMA32 free:235256kB boost:0kB min:47148kB low:58932kB high:70716kB reserved_highatomic:2048KB active_anon:20756kB inactive_anon:2932kB active_file:42516kB inactive_file:5336kB unevictable:3536kB writepending:1560kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:16940kB local_pcp:3292kB free_cma:0kB [ 229.899735][ T3860] lowmem_reserve[]: 0 0 0 0 0 [ 229.901786][ T3860] Node 0 DMA: 44*4kB (UE) 19*8kB (UE) 7*16kB (UE) 27*32kB (UE) 5*64kB (UE) 2*128kB (E) 2*256kB (E) 1*512kB (E) 0*1024kB 0*2048kB 0*4096kB = 2904kB [ 229.907741][ T3860] Node 0 DMA32: 86*4kB (UMH) 91*8kB (UMEH) 33*16kB (UMEH) 24*32kB (UMEH) 25*64kB (UMH) 7*128kB (UM) 10*256kB (ME) 6*512kB (UMH) 3*1024kB (UM) 2*2048kB (M) 0*4096kB = 17664kB [ 229.914634][ T3860] Node 1 DMA32: 158*4kB (UMEH) 354*8kB (MEH) 146*16kB (UMEH) 26*32kB (MEH) 264*64kB (UME) 174*128kB (UME) 104*256kB (UM) 70*512kB (UM) 78*1024kB (UM) 17*2048kB (UM) 3*4096kB (UM) = 235240kB [ 229.922350][ T3860] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 229.926205][ T3860] Node 0 hugepages_total=94 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 229.930020][ T3860] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 229.933911][ T3860] Node 1 hugepages_total=4294967206 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 229.937890][ T3860] 15717 total pagecache pages [ 229.939837][ T3860] 1198 pages in swap cache [ 229.941639][ T3860] Free swap = 107164kB [ 229.943433][ T3860] Total swap = 124996kB [ 229.945095][ T3860] 524155 pages RAM [ 229.946607][ T3860] 0 pages HighMem/MovableOnly [ 229.948513][ T3860] 208875 pages reserved [ 229.950212][ T3860] 0 pages cma reserved [ 230.061965][ T3867] bond_slave_1: entered allmulticast mode [ 230.136606][ T3875] bond_slave_1: entered allmulticast mode [ 231.255216][ T3896] bond_slave_1: entered allmulticast mode [ 231.307915][ T3904] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 231.310079][ T3904] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 231.312760][ T3904] vhci_hcd vhci_hcd.0: Device attached [ 231.317740][ T3905] usbip_core: unknown command [ 231.319581][ T3905] vhci_hcd: unknown pdu 0 [ 231.321095][ T3905] usbip_core: unknown command [ 231.324149][ T1141] vhci_hcd: stop threads [ 231.326024][ T1141] vhci_hcd: release socket [ 231.327654][ T1141] vhci_hcd: disconnect device [ 231.347536][ T40] audit: type=1326 audit(2000000006.813:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3911 comm="syz.3.14601" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 231.392098][ T3914] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 231.394647][ T3914] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 231.398045][ T3914] vhci_hcd vhci_hcd.0: Device attached [ 231.404480][ T3915] vhci_hcd: connection closed [ 231.406495][ T46] vhci_hcd: stop threads [ 231.410180][ T46] vhci_hcd: release socket [ 231.411944][ T46] vhci_hcd: disconnect device [ 232.063114][ T3934] __nla_validate_parse: 15 callbacks suppressed [ 232.063126][ T3934] netlink: 12 bytes leftover after parsing attributes in process `syz.3.14613'. [ 232.068305][ T3934] netlink: 31 bytes leftover after parsing attributes in process `syz.3.14613'. [ 232.076158][ T3934] netlink: 'syz.3.14613': attribute type 3 has an invalid length. [ 232.079244][ T3934] netlink: 'syz.3.14613': attribute type 2 has an invalid length. [ 232.082603][ T3938] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 232.084146][ T3934] netlink: 31 bytes leftover after parsing attributes in process `syz.3.14613'. [ 232.085573][ T3938] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 232.095996][ T3938] vhci_hcd vhci_hcd.0: Device attached [ 232.103994][ T3939] usbip_core: unknown command [ 232.106277][ T3939] vhci_hcd: unknown pdu 0 [ 232.108188][ T3939] usbip_core: unknown command [ 232.111225][ T1141] vhci_hcd: stop threads [ 232.114216][ T1141] vhci_hcd: release socket [ 232.115732][ T1141] vhci_hcd: disconnect device [ 232.675032][ T3950] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 232.677728][ T3950] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 232.681840][ T3950] vhci_hcd vhci_hcd.0: Device attached [ 232.688009][ T3952] vhci_hcd: connection closed [ 232.691780][ T46] vhci_hcd: stop threads [ 232.694485][ T46] vhci_hcd: release socket [ 232.695836][ T46] vhci_hcd: disconnect device [ 233.031712][ T3958] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14633'. [ 233.034362][ T3958] netlink: 6 bytes leftover after parsing attributes in process `syz.1.14633'. [ 233.073658][ T3967] netlink: 'syz.1.14635': attribute type 1 has an invalid length. [ 233.076421][ T3967] netlink: 184 bytes leftover after parsing attributes in process `syz.1.14635'. [ 233.254664][ T3982] netlink: 12 bytes leftover after parsing attributes in process `syz.2.14628'. [ 233.258485][ T3982] netlink: 31 bytes leftover after parsing attributes in process `syz.2.14628'. [ 233.261810][ T3982] netlink: 'syz.2.14628': attribute type 3 has an invalid length. [ 233.264172][ T3982] netlink: 'syz.2.14628': attribute type 2 has an invalid length. [ 233.266886][ T3982] netlink: 31 bytes leftover after parsing attributes in process `syz.2.14628'. [ 233.271280][ T3985] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14636'. [ 233.328875][ T3994] netlink: 'syz.3.14642': attribute type 1 has an invalid length. [ 233.434824][ T4013] netlink: 'syz.2.14652': attribute type 1 has an invalid length. [ 236.413168][ T4043] netlink: 'syz.0.14664': attribute type 1 has an invalid length. [ 243.459855][ T835] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 243.540351][ T40] kauditd_printk_skb: 18 callbacks suppressed [ 243.540362][ T40] audit: type=1326 audit(2000000018.231:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4235 comm="syz.1.14759" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 243.551292][ T40] audit: type=1326 audit(2000000018.240:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4235 comm="syz.1.14759" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 243.575146][ T40] audit: type=1326 audit(2000000018.240:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4235 comm="syz.1.14759" exe="/syz-executor" sig=0 arch=40000003 syscall=114 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 243.582697][ T40] audit: type=1326 audit(2000000018.240:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4235 comm="syz.1.14759" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 243.589830][ T40] audit: type=1326 audit(2000000018.240:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4235 comm="syz.1.14759" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 243.630098][ T4249] ip6t_srh: unknown srh match flags FF3F [ 243.635977][ T4252] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 243.641577][ T835] usb 8-1: Using ep0 maxpacket: 16 [ 243.645492][ T835] usb 8-1: config 0 has an invalid interface number: 132 but max is 0 [ 243.648918][ T835] usb 8-1: config 0 has no interface number 0 [ 243.663322][ T835] usb 8-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 243.666729][ T4257] x_tables: ip6_tables: cgroup match: used from hooks FORWARD, but only valid from INPUT/OUTPUT/POSTROUTING [ 243.666972][ T835] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 243.674392][ T835] usb 8-1: Product: syz [ 243.676256][ T835] usb 8-1: Manufacturer: syz [ 243.678157][ T835] usb 8-1: SerialNumber: syz [ 243.689042][ T835] usb 8-1: config 0 descriptor?? [ 243.696840][ T835] hub 8-1:0.132: bad descriptor, ignoring hub [ 243.699885][ T835] hub 8-1:0.132: probe with driver hub failed with error -5 [ 243.706165][ T835] input: bcm5974 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.132/input/input46 [ 243.746461][ T4269] SET target dimension over the limit! [ 243.766831][ T4273] __nla_validate_parse: 8 callbacks suppressed [ 243.766845][ T4273] netlink: 72 bytes leftover after parsing attributes in process `syz.2.14777'. [ 243.840007][ T4283] ieee802154 phy1 wpan1: encryption failed: -22 [ 243.860700][ T4287] openvswitch: netlink: Flow key attribute not present in set flow. [ 243.909010][ T4297] netlink: 16 bytes leftover after parsing attributes in process `syz.2.14789'. [ 243.947547][ T4303] openvswitch: netlink: Missing key (keys=40, expected=100) [ 244.038082][ T4317] xt_ecn: cannot match TCP bits for non-tcp packets [ 244.091765][ T29] usb 8-1: USB disconnect, device number 11 [ 244.352555][ T4365] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 244.352719][ T4366] netlink: 132 bytes leftover after parsing attributes in process `syz.1.14822'. [ 244.471147][ T4386] netlink: 'syz.0.14832': attribute type 4 has an invalid length. [ 244.798110][ T4455] netlink: 'syz.3.14867': attribute type 10 has an invalid length. [ 244.800979][ T4455] Q: left promiscuous mode [ 244.804213][ T4455] Q: entered promiscuous mode [ 244.810110][ T4455] batman_adv: batadv0: Interface activated: vlan1 [ 244.812266][ T4455] team0: Device 0Q failed to register rx_handler [ 244.818463][ T4455] batman_adv: batadv0: Interface deactivated: vlan1 [ 244.869790][ T4468] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14873'. [ 244.926987][ T4485] netlink: 248 bytes leftover after parsing attributes in process `syz.3.14881'. [ 245.015139][ T4508] netlink: ct family unspecified [ 245.017411][ T4508] openvswitch: netlink: Actions may not be safe on all matching packets [ 245.060400][ T4518] tmpfs: Bad value for 'size' [ 245.069520][ T4522] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14899'. [ 245.090245][ T4527] netlink: 'syz.0.14901': attribute type 21 has an invalid length. [ 245.116433][ T4530] cgroup: Unknown subsys name 'cpuset' [ 245.174039][ T4543] openvswitch: netlink: Message has 4 unknown bytes. [ 245.233699][ T4555] openvswitch: netlink: Missing key (keys=40, expected=10000000) [ 245.382371][ T4586] openvswitch: netlink: Message has 8 unknown bytes. [ 245.442427][ T4600] No source specified [ 245.445401][ T4602] (unnamed net_device) (uninitialized): option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 245.550797][ T4625] netlink: 'syz.0.14952': attribute type 1 has an invalid length. [ 245.554062][ T4625] netlink: 224 bytes leftover after parsing attributes in process `syz.0.14952'. [ 245.606859][ T4639] netlink: 8 bytes leftover after parsing attributes in process `syz.3.14958'. [ 245.637373][ T4649] netlink: 'syz.3.14963': attribute type 1 has an invalid length. [ 245.640103][ T4649] netlink: 'syz.3.14963': attribute type 2 has an invalid length. [ 245.642550][ T4649] netlink: 3 bytes leftover after parsing attributes in process `syz.3.14963'. [ 245.795818][ T4688] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14982'. [ 245.908506][ T4708] netlink: 'syz.1.14992': attribute type 4 has an invalid length. [ 245.955115][ T40] audit: type=1326 audit(2000000020.486:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4711 comm="syz.1.14995" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 245.962754][ T40] audit: type=1326 audit(2000000020.486:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4711 comm="syz.1.14995" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 245.969585][ T40] audit: type=1326 audit(2000000020.486:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4711 comm="syz.1.14995" exe="/syz-executor" sig=0 arch=40000003 syscall=152 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 245.977143][ T40] audit: type=1326 audit(2000000020.486:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4711 comm="syz.1.14995" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 245.986497][ T40] audit: type=1326 audit(2000000020.496:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4715 comm="syz.2.14996" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 246.031555][ T4732] 9pnet_fd: p9_fd_create_tcp (4732): problem connecting socket to 127.0.0.1 [ 246.141353][ T4764] random: crng reseeded on system resumption [ 246.200665][ T4780] dlm: no locking on control device [ 246.383429][ T4826] random: crng reseeded on system resumption [ 246.752938][ T4900] netlink: 'syz.0.15087': attribute type 13 has an invalid length. [ 246.921301][ T4933] dlm: non-version read from control device 36 [ 246.944125][ T4938] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 246.948095][ T4938] overlayfs: overlapping lowerdir path [ 247.014258][ T4957] nfs: Unknown parameter 'ntext' [ 247.324226][ T5030] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 247.429820][ T5046] cgroup: Name too long [ 247.528324][ T5063] lo speed is unknown, defaulting to 1000 [ 247.554690][ T5068] cgroup: Invalid name [ 247.736510][ T5097] overlay: Bad value for 'workdir' [ 247.982848][ T5149] wlan1: mtu less than device minimum [ 247.985016][ T5149] team0: Device wlan1 failed to change mtu [ 248.165129][ T5170] 8021q: adding VLAN 0 to HW filter on device bond4 [ 248.421744][ T5207] trusted_key: encrypted_key: keyword 'neKfault' not recognized [ 248.595507][ T5232] netlink: 'syz.1.15245': attribute type 29 has an invalid length. [ 248.611755][ T5237] netlink: 'syz.0.15247': attribute type 1 has an invalid length. [ 248.613313][ T5234] hfs: unable to load iocharset "io#harset" [ 248.660469][ T5249] kAFS: unparsable volume name [ 248.814323][ T5283] xt_addrtype: ipv6 does not support BROADCAST matching [ 248.858532][ T5291] tc_dump_action: action bad kind [ 248.936646][ T5314] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 249.257208][ T5386] xt_CT: No such helper "snmp" [ 249.337286][ T5404] __nla_validate_parse: 10 callbacks suppressed [ 249.337297][ T5404] netlink: 152 bytes leftover after parsing attributes in process `syz.3.15324'. [ 249.342691][ T5404] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check. [ 249.359799][ T5407] xt_CT: You must specify a L4 protocol and not use inversions on it [ 249.432655][ T5423] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 249.645449][ T5472] nfs: Unknown parameter 'ntext' [ 249.721678][ T5488] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 249.729290][ T5488] overlayfs: overlapping lowerdir path [ 249.778142][ T5501] dlm: non-version read from control device 36 [ 249.835315][ T5515] validate_nla: 2 callbacks suppressed [ 249.835331][ T5515] netlink: 'syz.2.15379': attribute type 13 has an invalid length. [ 250.371732][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 250.371742][ T40] audit: type=1326 audit(2000000002.994:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5629 comm="syz.2.15443" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 250.381412][ T40] audit: type=1326 audit(2000000002.994:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5629 comm="syz.2.15443" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 250.390320][ T40] audit: type=1326 audit(2000000003.004:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5629 comm="syz.2.15443" exe="/syz-executor" sig=0 arch=40000003 syscall=114 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 250.404756][ T40] audit: type=1326 audit(2000000003.004:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5629 comm="syz.2.15443" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 250.412578][ T40] audit: type=1326 audit(2000000003.004:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5629 comm="syz.2.15443" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 250.622065][ T5682] SET target dimension over the limit! [ 250.628176][ T5686] netlink: 72 bytes leftover after parsing attributes in process `syz.0.15458'. [ 250.671572][ T5692] x_tables: ip6_tables: cgroup match: used from hooks FORWARD, but only valid from INPUT/OUTPUT/POSTROUTING [ 250.704674][ T5699] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow [ 250.728728][ T5703] ip6t_srh: unknown srh match flags FF3F [ 250.920297][ T5750] netlink: 16 bytes leftover after parsing attributes in process `syz.1.15490'. [ 251.028051][ T5766] openvswitch: netlink: Missing key (keys=40, expected=100) [ 251.105077][ T5782] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15506'. [ 251.229340][ T5809] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 251.342386][ T5836] xt_ecn: cannot match TCP bits for non-tcp packets [ 251.393855][ T5852] openvswitch: netlink: Message has 4 unknown bytes. [ 251.602336][ T5881] netlink: ct family unspecified [ 251.603976][ T5881] openvswitch: netlink: Actions may not be safe on all matching packets [ 251.756503][ T5901] netlink: 'syz.1.15557': attribute type 21 has an invalid length. [ 251.756619][ T5900] ieee802154 phy1 wpan1: encryption failed: -22 [ 251.762596][ T5903] openvswitch: netlink: Flow key attribute not present in set flow. [ 251.985101][ T5929] netlink: 132 bytes leftover after parsing attributes in process `syz.3.15571'. [ 252.071794][ T5941] netlink: 'syz.1.15576': attribute type 4 has an invalid length. [ 254.034184][ T5955] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 254.272286][ T6010] 9pnet_fd: p9_fd_create_unix (6010): address too long: ./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 254.296013][ T6016] netlink: 'syz.0.15617': attribute type 2 has an invalid length. [ 254.345613][ T6026] xt_cgroup: invalid path, errno=-2 [ 254.451610][ T6050] netlink: 80 bytes leftover after parsing attributes in process `syz.3.15634'. [ 254.454782][ T6050] netlink: 80 bytes leftover after parsing attributes in process `syz.3.15634'. [ 254.536182][ T6068] netlink: 'syz.2.15642': attribute type 1 has an invalid length. [ 254.566117][ T6073] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15644'. [ 254.691212][ T6090] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15653'. [ 254.728344][ T6096] program syz.0.15656 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 254.764337][ T6227] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 254.820817][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.823433][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.825727][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.828079][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.831879][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.834155][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.836452][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.838829][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.842419][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.844875][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.847129][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.849901][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.852330][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.854821][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.857080][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.859380][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.862017][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.864369][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.866766][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.869064][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.869134][ T6112] netlink: 'syz.0.15664': attribute type 2 has an invalid length. [ 254.871721][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.871750][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.871761][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.871773][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.871784][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.871795][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.871807][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.871818][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.871829][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.871840][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.871858][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.871869][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.871881][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.871892][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.871903][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.911030][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.913376][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.915754][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.918100][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.920411][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.922748][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.925148][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.927657][ T3231] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 254.933667][ T3231] hid-generic 0000:0000:0000.0002: hidraw1: HID v0.00 Device [syz0] on syz0 [ 254.935183][ T6227] usb 8-1: Using ep0 maxpacket: 32 [ 254.941454][ T6227] usb 8-1: unable to get BOS descriptor or descriptor too short [ 254.945706][ T6227] usb 8-1: config index 0 descriptor too short (expected 34347, got 43) [ 254.948628][ T6227] usb 8-1: config 31 has too many interfaces: 196, using maximum allowed: 32 [ 254.951391][ T6227] usb 8-1: config 31 has an invalid descriptor of length 0, skipping remainder of the config [ 254.954525][ T6227] usb 8-1: config 31 has 1 interface, different from the descriptor's value: 196 [ 254.957524][ T6227] usb 8-1: config 31 has no interface number 0 [ 254.959485][ T6227] usb 8-1: config 31 interface 81 altsetting 3 has an endpoint descriptor with address 0x93, changing to 0x83 [ 254.963097][ T6227] usb 8-1: config 31 interface 81 altsetting 3 bulk endpoint 0x83 has invalid maxpacket 150 [ 254.966344][ T6227] usb 8-1: config 31 interface 81 has no altsetting 0 [ 254.971836][ T6227] usb 8-1: string descriptor 0 read error: -22 [ 254.973892][ T6227] usb 8-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac [ 254.976656][ T6227] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.980952][ T6062] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 254.985475][ T6227] input: USB Touchscreen 0dfc:0001 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:31.81/input/input49 [ 255.000926][ T6116] usb usb8: usbfs: process 6116 (syz.0.15666) did not claim interface 0 before use [ 255.061986][ T6128] netlink: 'syz.2.15672': attribute type 12 has an invalid length. [ 255.111389][ T6134] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15675'. [ 255.120754][ T6136] mkiss: ax0: crc mode is auto. [ 255.272576][ T6227] usb 8-1: USB disconnect, device number 12 [ 255.358918][ T6169] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.15689'. [ 255.362045][ T6169] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 255.455859][ T6206] netlink: 'syz.1.15699': attribute type 1 has an invalid length. [ 255.458572][ T6206] netlink: 224 bytes leftover after parsing attributes in process `syz.1.15699'. [ 255.462396][ T6206] netlink: 8 bytes leftover after parsing attributes in process `syz.1.15699'. [ 255.529367][ T6233] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15705'. [ 255.690606][ T6260] netlink: 'syz.0.15716': attribute type 21 has an invalid length. [ 255.819060][ T6279] xt_cluster: you have exceeded the maximum number of cluster nodes (4294967293 > 32) [ 255.843142][ T6283] netlink: 4 bytes leftover after parsing attributes in process `syz.3.15727'. [ 256.112133][ T6341] xt_socket: unknown flags 0x46 [ 256.119602][ T40] audit: type=1326 audit(2000000008.366:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6342 comm="syz.3.15758" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 256.127627][ T40] audit: type=1326 audit(2000000008.385:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6342 comm="syz.3.15758" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 256.138946][ T40] audit: type=1326 audit(2000000008.395:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6342 comm="syz.3.15758" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 256.148690][ T40] audit: type=1326 audit(2000000008.395:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6342 comm="syz.3.15758" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 256.157768][ T40] audit: type=1326 audit(2000000008.395:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6342 comm="syz.3.15758" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 256.164818][ T6349] xt_CT: No such helper "syz0" [ 256.182201][ T6358] xt_hashlimit: overflow, rate too high: 0 [ 256.226280][ T6369] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15769'. [ 256.331066][ T6399] netlink: 'syz.0.15781': attribute type 10 has an invalid length. [ 256.340373][ T6399] veth0_vlan: left promiscuous mode [ 256.342999][ T6399] veth0_vlan: entered promiscuous mode [ 256.347337][ T6399] team0: Device veth0_vlan failed to register rx_handler [ 256.381599][ T40] audit: type=1326 audit(2000000008.619:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6408 comm="syz.2.15789" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 256.385410][ T6411] usb usb8: usbfs: process 6411 (syz.3.15790) did not claim interface 0 before use [ 256.397814][ T40] audit: type=1326 audit(2000000008.619:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6408 comm="syz.2.15789" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 256.407171][ T40] audit: type=1326 audit(2000000008.619:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6408 comm="syz.2.15789" exe="/syz-executor" sig=0 arch=40000003 syscall=439 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 256.418411][ T40] audit: type=1326 audit(2000000008.619:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6408 comm="syz.2.15789" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 256.425574][ T40] audit: type=1326 audit(2000000008.619:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6408 comm="syz.2.15789" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 256.504466][ T6436] netlink: 'syz.2.15801': attribute type 10 has an invalid length. [ 256.513260][ T6436] veth0_vlan: left promiscuous mode [ 256.518438][ T6436] veth0_vlan: entered promiscuous mode [ 256.523110][ T6436] team0: Device veth0_vlan failed to register rx_handler [ 256.594969][ T6457] netdevsim netdevsim1: Firmware load for './cgroup/../file0' refused, path contains '..' component [ 256.650978][ T6471] netlink: 'syz.0.15820': attribute type 10 has an invalid length. [ 256.655258][ T6471] veth0_vlan: left promiscuous mode [ 256.661263][ T6471] veth0_vlan: entered promiscuous mode [ 256.661946][ T6474] xt_hashlimit: overflow, rate too high: 0 [ 256.665613][ T6471] team0: Device veth0_vlan failed to register rx_handler [ 256.692777][ T6480] netlink: 100 bytes leftover after parsing attributes in process `syz.2.15824'. [ 256.989006][ T6554] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15860'. [ 257.015936][ T6556] xt_CT: No such helper "syz0" [ 257.200469][ T6611] xt_socket: unknown flags 0x46 [ 257.314048][ T6643] tmpfs: Bad value for 'size' [ 257.552988][ T6712] netlink: 'syz.1.15937': attribute type 4 has an invalid length. [ 257.626601][ T6729] netlink: 'syz.1.15944': attribute type 21 has an invalid length. [ 257.698665][ T6744] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 258.281692][ T65] usb 8-1: new low-speed USB device number 13 using dummy_hcd [ 258.442443][ T65] usb 8-1: config index 0 descriptor too short (expected 1307, got 27) [ 258.445006][ T65] usb 8-1: config 0 has an invalid interface number: 0 but max is -1 [ 258.447752][ T65] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 258.451235][ T65] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 258.457743][ T65] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 258.460954][ T65] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 258.466506][ T65] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 258.473930][ T65] usb 8-1: string descriptor 0 read error: -22 [ 258.476218][ T65] usb 8-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 258.479231][ T65] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 258.483398][ T65] usb 8-1: config 0 descriptor?? [ 258.486053][ T65] hub 8-1:0.0: bad descriptor, ignoring hub [ 258.487951][ T65] hub 8-1:0.0: probe with driver hub failed with error -5 [ 258.491570][ T65] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/input/input52 [ 258.767340][ T9] usb 8-1: USB disconnect, device number 13 [ 259.403053][ T6851] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 259.405284][ T6851] IPv6: NLM_F_CREATE should be set when creating new route [ 259.472615][ T6863] netlink: 'syz.2.16010': attribute type 1 has an invalid length. [ 259.530749][ T6879] random: crng reseeded on system resumption [ 259.646836][ T6909] (unnamed net_device) (uninitialized): option arp_validate: invalid value (524288) [ 259.735187][ T6933] program syz.3.16044 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 260.014611][ T6986] netlink: 'syz.2.16070': attribute type 1 has an invalid length. [ 260.018057][ T6986] netlink: 'syz.2.16070': attribute type 2 has an invalid length. [ 260.163264][ T7020] __nla_validate_parse: 13 callbacks suppressed [ 260.163275][ T7020] netlink: 20 bytes leftover after parsing attributes in process `syz.1.16088'. [ 260.373337][ T7069] IPv6: NLM_F_REPLACE set, but no existing node found! [ 260.466517][ T7084] : mtu less than device minimum [ 260.469000][ T7084] team0: Device  failed to change mtu [ 260.507295][ T7090] netlink: 84 bytes leftover after parsing attributes in process `syz.1.16123'. [ 260.571077][ T7100] 8021q: adding VLAN 0 to HW filter on device bond7 [ 260.598657][ T9] usb 8-1: new high-speed USB device number 14 using dummy_hcd [ 260.770680][ T9] usb 8-1: too many configurations: 9, using maximum allowed: 8 [ 260.771408][ T7137] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16144'. [ 260.784097][ T9] usb 8-1: config index 0 descriptor too short (expected 65412, got 72) [ 260.789583][ T9] usb 8-1: config index 1 descriptor too short (expected 65412, got 72) [ 260.794531][ T9] usb 8-1: config index 2 descriptor too short (expected 65412, got 72) [ 260.798062][ T9] usb 8-1: config index 3 descriptor too short (expected 65412, got 72) [ 260.801639][ T9] usb 8-1: config index 4 descriptor too short (expected 65412, got 72) [ 260.805399][ T9] usb 8-1: config index 5 descriptor too short (expected 65412, got 72) [ 260.808931][ T7142] cgroup: Name too long [ 260.809632][ T9] usb 8-1: config index 6 descriptor too short (expected 65412, got 72) [ 260.814521][ T9] usb 8-1: config index 7 descriptor too short (expected 65412, got 72) [ 260.818933][ T9] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 260.822333][ T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.825105][ T9] usb 8-1: Product: syz [ 260.826427][ T9] usb 8-1: Manufacturer: syz [ 260.827878][ T9] usb 8-1: SerialNumber: syz [ 260.834178][ T9] usb 8-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 260.846023][ T1017] usb 8-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 261.071347][ T65] usb 8-1: USB disconnect, device number 14 [ 261.248547][ T7193] validate_nla: 1 callbacks suppressed [ 261.248563][ T7193] netlink: 'syz.2.16178': attribute type 2 has an invalid length. [ 261.267183][ T7195] netlink: 'syz.1.16172': attribute type 12 has an invalid length. [ 261.304258][ T7203] netlink: 'syz.0.16176': attribute type 4 has an invalid length. [ 261.306726][ T7203] netlink: 152 bytes leftover after parsing attributes in process `syz.0.16176'. [ 261.312237][ T7203] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check. [ 261.411068][ T7223] netlink: 'syz.2.16188': attribute type 2 has an invalid length. [ 261.638987][ T7234] 9pnet_fd: p9_fd_create_tcp (7234): problem connecting socket to 127.0.0.1 [ 261.732078][ T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 261.890993][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 261.894541][ T9] usb 5-1: config 0 has an invalid interface number: 132 but max is 0 [ 261.897302][ T9] usb 5-1: config 0 has no interface number 0 [ 261.901286][ T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 261.905118][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 261.908031][ T9] usb 5-1: Product: syz [ 261.909577][ T9] usb 5-1: Manufacturer: syz [ 261.911310][ T9] usb 5-1: SerialNumber: syz [ 261.915124][ T9] usb 5-1: config 0 descriptor?? [ 261.918555][ T9] hub 5-1:0.132: bad descriptor, ignoring hub [ 261.920471][ T9] hub 5-1:0.132: probe with driver hub failed with error -5 [ 261.924248][ T9] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.132/input/input53 [ 261.942509][ T1017] ath9k_htc 8-1:1.0: ath9k_htc: Target is unresponsive [ 261.945426][ T1017] ath9k_htc: Failed to initialize the device [ 261.947971][ T65] usb 8-1: ath9k_htc: USB layer deinitialized [ 262.153609][ T7257] x_tables: ip6_tables: recent.0 match: invalid size 216 (kernel) != (user) 232 [ 262.186059][ T7261] wlan1: mtu less than device minimum [ 262.188637][ T7261] team0: Device wlan1 failed to change mtu [ 262.357075][ T7288] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 262.393452][ T835] usb 5-1: USB disconnect, device number 7 [ 263.240875][ T7362] xt_cgroup: invalid path, errno=-2 [ 263.291957][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.295132][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.309317][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.312981][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.316170][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.319359][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.324583][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.327799][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.331099][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.334905][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.338049][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.341164][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.345043][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.348127][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.351211][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.354253][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.357954][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.361060][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.364132][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.367839][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.371175][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.374404][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.383901][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.387615][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.390951][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.392368][ T7380] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16265'. [ 263.394147][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.401918][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.404948][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.408032][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.411370][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.414330][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.417427][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.420787][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.423769][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.426669][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.429860][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.432860][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.436082][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.439449][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.455943][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.459265][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.462597][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.465698][ T835] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 263.474343][ T835] hid-generic 0000:0000:0000.0003: hidraw1: HID v0.00 Device [syz0] on syz0 [ 263.639046][ T7409] 8021q: adding VLAN 0 to HW filter on device bond8 [ 263.705942][ T7418] netlink: 'syz.0.16283': attribute type 1 has an invalid length. [ 263.709213][ T7418] netlink: 224 bytes leftover after parsing attributes in process `syz.0.16283'. [ 263.712006][ T7418] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16283'. [ 263.763945][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.766641][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.769007][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.771831][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.774206][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.776628][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.779155][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.781559][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.784381][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.786690][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.788962][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.791354][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.795743][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.798089][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.798104][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.798115][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.805672][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.808527][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.810941][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.813214][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.815916][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.818227][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.820566][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.823071][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.826634][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.829207][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.831902][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.835005][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.837768][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.840431][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.843534][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.846082][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.849181][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.852224][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.854521][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.857513][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.860556][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.863169][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.866223][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.869081][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.871423][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.874063][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.877211][ T29] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 263.882116][ T29] hid-generic 0000:0000:0000.0004: hidraw1: HID v0.00 Device [syz0] on syz0 [ 263.925693][ T7434] netlink: 'syz.1.16287': attribute type 4 has an invalid length. [ 263.929003][ T7434] netlink: 152 bytes leftover after parsing attributes in process `syz.1.16287'. [ 263.938373][ T7434] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check. [ 264.064153][ T7457] usb usb8: usbfs: process 7457 (syz.1.16303) did not claim interface 0 before use [ 264.113553][ T1017] IPVS: starting estimator thread 0... [ 264.140257][ T7469] netlink: 100 bytes leftover after parsing attributes in process `syz.0.16308'. [ 264.221209][ T7465] IPVS: using max 23 ests per chain, 55200 per kthread [ 264.259292][ T7494] netlink: 'syz.0.16318': attribute type 4 has an invalid length. [ 264.370035][ T7515] netlink: 'syz.2.16331': attribute type 10 has an invalid length. [ 264.474390][ T7537] netlink: 'syz.1.16340': attribute type 32 has an invalid length. [ 264.477714][ T7537] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16340'. [ 264.481371][ T7537] (unnamed net_device) (uninitialized): Setting coupled_control to off (0) [ 264.572260][ T7562] netlink: 'syz.2.16354': attribute type 21 has an invalid length. [ 264.576458][ T7562] IPv6: NLM_F_CREATE should be specified when creating new route [ 265.309627][ T7578] vlan0: entered promiscuous mode [ 265.552637][ T7628] random: crng reseeded on system resumption [ 265.556579][ T3231] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 265.589637][ T40] kauditd_printk_skb: 10 callbacks suppressed [ 265.589647][ T40] audit: type=1326 audit(2000000004.520:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.16388" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f97579 code=0x7ffc0000 [ 265.598488][ T40] audit: type=1326 audit(2000000004.520:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.16388" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f97579 code=0x7ffc0000 [ 265.606044][ T40] audit: type=1326 audit(2000000004.520:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.16388" exe="/syz-executor" sig=0 arch=40000003 syscall=266 compat=1 ip=0xf7f97579 code=0x7ffc0000 [ 265.613992][ T40] audit: type=1326 audit(2000000004.520:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.16388" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f97579 code=0x7ffc0000 [ 265.622120][ T40] audit: type=1326 audit(2000000004.520:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.0.16388" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f97579 code=0x7ffc0000 [ 265.737632][ T3231] usb 6-1: Using ep0 maxpacket: 16 [ 265.742211][ T3231] usb 6-1: config 0 has an invalid interface number: 132 but max is 0 [ 265.744551][ T3231] usb 6-1: config 0 has no interface number 0 [ 265.748032][ T3231] usb 6-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25 [ 265.752422][ T7658] netlink: 48 bytes leftover after parsing attributes in process `syz.3.16398'. [ 265.752473][ T3231] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.756025][ T7658] unsupported nla_type 52263 [ 265.758156][ T3231] usb 6-1: Product: syz [ 265.758166][ T3231] usb 6-1: Manufacturer: syz [ 265.758173][ T3231] usb 6-1: SerialNumber: syz [ 265.759732][ T3231] usb 6-1: config 0 descriptor?? [ 265.766530][ T3231] hub 6-1:0.132: bad descriptor, ignoring hub [ 265.768292][ T3231] hub 6-1:0.132: probe with driver hub failed with error -5 [ 265.772724][ T3231] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.132/input/input55 [ 266.221620][ T1411] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.768247][ T7670] validate_nla: 2 callbacks suppressed [ 266.768263][ T7670] netlink: 'syz.3.16403': attribute type 21 has an invalid length. [ 266.774445][ T7670] netlink: 'syz.3.16403': attribute type 20 has an invalid length. [ 266.796361][ T7677] netlink: 'syz.2.16406': attribute type 1 has an invalid length. [ 266.849146][ T7689] netlink: 40 bytes leftover after parsing attributes in process `syz.3.16414'. [ 266.975927][ T7725] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16432'. [ 266.984609][ T7727] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16433'. [ 267.217991][ T7793] xt_bpf: check failed: parse error [ 267.469205][ T7850] kAFS: Can only specify source 'none' with -o dyn [ 267.532144][ T7859] netlink: 'syz.2.16499': attribute type 21 has an invalid length. [ 267.595852][ T7876] Invalid source name [ 267.674088][ T7895] openvswitch: netlink: Tunnel attr 303 out of range max 16 [ 267.705819][ T7902] xt_TPROXY: Can be used only with -p tcp or -p udp [ 267.764990][ T40] audit: type=1400 audit(256.610:879): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=232825227B2F292F7D2C5B272525265C232A pid=7919 comm="syz.2.16529" [ 267.784534][ T7924] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay' [ 267.807631][ T7930] netlink: 132 bytes leftover after parsing attributes in process `syz.3.16534'. [ 267.830087][ T7936] syz.2.16536: vmalloc error: size 2147483264, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 267.834625][ T7936] CPU: 1 UID: 0 PID: 7936 Comm: syz.2.16536 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 267.834642][ T7936] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 267.834650][ T7936] Call Trace: [ 267.834654][ T7936] [ 267.834659][ T7936] dump_stack_lvl+0x16c/0x1f0 [ 267.834679][ T7936] warn_alloc+0x248/0x3a0 [ 267.834698][ T7936] ? __pfx_warn_alloc+0x10/0x10 [ 267.834717][ T7936] ? find_held_lock+0x2b/0x80 [ 267.834731][ T7936] ? __might_fault+0xe3/0x190 [ 267.834746][ T7936] ? __might_fault+0xe3/0x190 [ 267.834761][ T7936] ? __might_fault+0x13b/0x190 [ 267.834787][ T7936] __vmalloc_node_range_noprof+0x10ea/0x1540 [ 267.834801][ T7936] ? copy_from_sockptr_offset.constprop.0+0xe5/0x170 [ 267.834820][ T7936] ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10 [ 267.834841][ T7936] ? compat_do_replace+0x1af/0x7c0 [ 267.834858][ T7936] ? __asan_memcpy+0x3c/0x60 [ 267.834876][ T7936] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 267.834895][ T7936] ? compat_do_replace+0x1af/0x7c0 [ 267.834912][ T7936] vmalloc_noprof+0x6b/0x90 [ 267.834925][ T7936] ? compat_do_replace+0x1af/0x7c0 [ 267.834942][ T7936] compat_do_replace+0x1af/0x7c0 [ 267.834960][ T7936] ? __pfx_compat_do_replace+0x10/0x10 [ 267.834976][ T7936] ? aa_get_newest_label+0x375/0x680 [ 267.834988][ T7936] ? __pfx_aa_get_newest_label+0x10/0x10 [ 267.835004][ T7936] ? bpf_lsm_capable+0x9/0x10 [ 267.835019][ T7936] ? security_capable+0x7e/0x260 [ 267.835031][ T7936] do_ebt_set_ctl+0x429/0x4d0 [ 267.835048][ T7936] ? __pfx_do_ebt_set_ctl+0x10/0x10 [ 267.835066][ T7936] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 267.835080][ T7936] ? nf_sockopt_find.constprop.0+0x222/0x290 [ 267.835097][ T7936] nf_setsockopt+0x8a/0xf0 [ 267.835113][ T7936] ip_setsockopt+0xcb/0xf0 [ 267.835124][ T7936] tcp_setsockopt+0xa4/0x100 [ 267.835138][ T7936] smc_setsockopt+0x1b3/0xa00 [ 267.835149][ T7936] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 267.835168][ T7936] ? __pfx_smc_setsockopt+0x10/0x10 [ 267.835179][ T7936] ? errseq_sample+0x53/0x70 [ 267.835196][ T7936] ? __pfx_smc_setsockopt+0x10/0x10 [ 267.835206][ T7936] do_sock_setsockopt+0x221/0x470 [ 267.835222][ T7936] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 267.835246][ T7936] __sys_setsockopt+0x1a0/0x230 [ 267.835262][ T7936] __ia32_sys_setsockopt+0xbc/0x160 [ 267.835274][ T7936] ? lockdep_hardirqs_on+0x7c/0x110 [ 267.835292][ T7936] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 267.835308][ T7936] __do_fast_syscall_32+0x73/0x120 [ 267.835325][ T7936] do_fast_syscall_32+0x32/0x80 [ 267.835340][ T7936] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 267.835353][ T7936] RIP: 0023:0xf70ae579 [ 267.835363][ T7936] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 267.835375][ T7936] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 267.835386][ T7936] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000 [ 267.835393][ T7936] RDX: 0000000000000080 RSI: 0000000080000180 RDI: 00000000000000e0 [ 267.835399][ T7936] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 267.835405][ T7936] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 267.835410][ T7936] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 267.835423][ T7936] [ 267.835427][ T7936] Mem-Info: [ 267.944104][ T7936] active_anon:18305 inactive_anon:726 isolated_anon:0 [ 267.944104][ T7936] active_file:11232 inactive_file:1467 isolated_file:0 [ 267.944104][ T7936] unevictable:1768 dirty:393 writeback:0 [ 267.944104][ T7936] slab_reclaimable:5827 slab_unreclaimable:67228 [ 267.944104][ T7936] mapped:22594 shmem:1886 pagetables:981 [ 267.944104][ T7936] sec_pagetables:326 bounce:0 [ 267.944104][ T7936] kernel_misc_reclaimable:0 [ 267.944104][ T7936] free:53461 free_pcp:1921 free_cma:0 [ 267.957548][ T7936] Node 0 active_anon:3800kB inactive_anon:0kB active_file:2376kB inactive_file:420kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:476kB dirty:36kB writeback:0kB shmem:3676kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9056kB pagetables:880kB sec_pagetables:1176kB all_unreclaimable? yes Balloon:0kB [ 267.967978][ T7936] Node 1 active_anon:69420kB inactive_anon:2904kB active_file:42552kB inactive_file:5448kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:89900kB dirty:1536kB writeback:0kB shmem:3868kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:3816kB pagetables:2944kB sec_pagetables:128kB all_unreclaimable? no Balloon:0kB [ 267.978044][ T7936] Node 0 DMA free:2936kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB active_anon:12kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:208kB local_pcp:0kB free_cma:0kB [ 267.986928][ T7936] lowmem_reserve[]: 0 290 290 290 290 [ 267.988677][ T7936] Node 0 DMA32 free:18060kB boost:0kB min:13336kB low:16668kB high:20000kB reserved_highatomic:4096KB active_anon:3788kB inactive_anon:0kB active_file:2376kB inactive_file:420kB unevictable:3536kB writepending:36kB present:1032196kB managed:297476kB mlocked:0kB bounce:0kB free_pcp:1780kB local_pcp:172kB free_cma:0kB [ 267.998128][ T7936] lowmem_reserve[]: 0 0 0 0 0 [ 267.999641][ T7936] Node 1 DMA32 free:194012kB boost:0kB min:47148kB low:58932kB high:70716kB reserved_highatomic:2048KB active_anon:69420kB inactive_anon:2904kB active_file:42552kB inactive_file:5448kB unevictable:3536kB writepending:1536kB present:1048432kB managed:948284kB mlocked:0kB bounce:0kB free_pcp:4500kB local_pcp:1308kB free_cma:0kB [ 268.008859][ T7936] lowmem_reserve[]: 0 0 0 0 0 [ 268.010370][ T7936] Node 0 DMA: 44*4kB (UE) 19*8kB (UE) 7*16kB (UE) 28*32kB (UE) 5*64kB (UE) 2*128kB (E) 2*256kB (E) 1*512kB (E) 0*1024kB 0*2048kB 0*4096kB = 2936kB [ 268.015277][ T7936] Node 0 DMA32: 102*4kB (UH) 102*8kB (UMEH) 11*16kB (UMEH) 40*32kB (UMEH) 25*64kB (UMEH) 6*128kB (UM) 10*256kB (ME) 6*512kB (UMH) 3*1024kB (UM) 2*2048kB (M) 0*4096kB = 17848kB [ 268.020701][ T7936] Node 1 DMA32: 69*4kB (UMEH) 91*8kB (UMEH) 30*16kB (UMEH) 112*32kB (UMEH) 101*64kB (UME) 176*128kB (UME) 110*256kB (UM) 73*512kB (UM) 66*1024kB (UM) 13*2048kB (UM) 0*4096kB = 193804kB [ 268.026554][ T7936] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 268.029514][ T7936] Node 0 hugepages_total=110 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 268.032594][ T7936] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 268.035950][ T7936] Node 1 hugepages_total=4294967190 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 268.039815][ T7936] 15792 total pagecache pages [ 268.041323][ T7936] 1207 pages in swap cache [ 268.042874][ T7936] Free swap = 107176kB [ 268.044184][ T7936] Total swap = 124996kB [ 268.046003][ T7936] 524155 pages RAM [ 268.047256][ T7936] 0 pages HighMem/MovableOnly [ 268.048733][ T7936] 208875 pages reserved [ 268.050041][ T7936] 0 pages cma reserved [ 268.103688][ T7967] program syz.2.16553 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 268.260968][ T8001] program syz.1.16568 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 268.292587][ T8009] xt_CONNSECMARK: invalid mode: 0 [ 268.349495][ T8021] netlink: 72 bytes leftover after parsing attributes in process `syz.2.16577'. [ 268.452661][ T8042] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16589'. [ 268.591774][ T8081] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16607'. [ 268.603303][ T8083] 9pnet_fd: Insufficient options for proto=fd [ 268.606916][ T8085] openvswitch: netlink: Missing valid actions attribute. [ 268.609231][ T8085] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 268.675284][ T8100] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16616'. [ 268.694136][ T8103] netlink: 'syz.2.16618': attribute type 8 has an invalid length. [ 268.696749][ T8103] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16618'. [ 268.705274][ T8107] usb usb8: usbfs: process 8107 (syz.3.16620) did not claim interface 2 before use [ 268.844628][ T8135] netlink: 'syz.1.16633': attribute type 2 has an invalid length. [ 269.125139][ T40] audit: type=1326 audit(257.892:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8196 comm="syz.1.16664" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 269.131497][ T40] audit: type=1326 audit(257.892:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8196 comm="syz.1.16664" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 269.140542][ T40] audit: type=1326 audit(257.892:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8196 comm="syz.1.16664" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 269.148106][ T40] audit: type=1326 audit(257.892:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8196 comm="syz.1.16664" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 269.231024][ T8217] exFAT-fs (nbd2): mounting with "discard" option, but the device does not support discard [ 269.231135][ T8217] syz.2.16675: attempt to access beyond end of device [ 269.231135][ T8217] nbd2: rw=0, sector=0, nr_sectors = 1 limit=0 [ 269.231169][ T8217] exFAT-fs (nbd2): unable to read boot sector [ 269.231175][ T8217] exFAT-fs (nbd2): failed to read boot sector [ 269.231180][ T8217] exFAT-fs (nbd2): failed to recognize exfat type [ 269.398711][ T8232] xt_hashlimit: size too large, truncated to 1048576 [ 269.419336][ T8232] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 269.459269][ T8241] netlink: 'syz.1.16687': attribute type 6 has an invalid length. [ 269.663486][ T9] usb 6-1: USB disconnect, device number 12 [ 269.776824][ T8306] bridge_slave_1: left allmulticast mode [ 269.778793][ T8306] bridge_slave_1: left promiscuous mode [ 269.780681][ T8306] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.790269][ T8306] bridge_slave_0: left allmulticast mode [ 269.792268][ T8306] bridge_slave_0: left promiscuous mode [ 269.794186][ T8306] bridge0: port 1(bridge_slave_0) entered disabled state [ 270.134840][ T8379] netlink: 'syz.2.16755': attribute type 8 has an invalid length. [ 270.168537][ T8384] netlink: 'syz.0.16757': attribute type 2 has an invalid length. [ 270.171853][ T8384] netlink: 'syz.0.16757': attribute type 8 has an invalid length. [ 270.342856][ T1017] usb 8-1: new high-speed USB device number 15 using dummy_hcd [ 270.511136][ T1017] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 270.515672][ T1017] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 270.519683][ T1017] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 270.524799][ T1017] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.530984][ T8367] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 270.540854][ T1017] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 270.583830][ T8438] kAFS: No cell specified [ 270.679400][ T8458] dummy0: entered promiscuous mode [ 270.681750][ T8458] : (slave dummy0): Enslaving as an active interface with an up link [ 270.801949][ T64] usb 8-1: USB disconnect, device number 15 [ 270.962534][ T1017] usb 5-1: new low-speed USB device number 8 using dummy_hcd [ 271.137366][ T1017] usb 5-1: config index 0 descriptor too short (expected 1307, got 27) [ 271.140082][ T1017] usb 5-1: config 0 has an invalid interface number: 0 but max is -1 [ 271.142685][ T1017] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 271.146271][ T1017] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 271.149611][ T1017] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 271.152706][ T1017] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 271.158397][ T1017] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 271.167404][ T1017] usb 5-1: string descriptor 0 read error: -22 [ 271.169448][ T1017] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 271.172197][ T1017] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.176551][ T1017] usb 5-1: config 0 descriptor?? [ 271.183978][ T1017] hub 5-1:0.0: bad descriptor, ignoring hub [ 271.185890][ T1017] hub 5-1:0.0: probe with driver hub failed with error -5 [ 271.190646][ T1017] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input58 [ 271.444292][ T8529] /dev/sr0: Can't open blockdev [ 271.471143][ T3231] usb 5-1: USB disconnect, device number 8 [ 271.475777][ T65] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 271.527429][ T8539] xt_TPROXY: Can be used only with -p tcp or -p udp [ 271.657140][ T65] usb 6-1: Using ep0 maxpacket: 32 [ 271.662818][ T65] usb 6-1: New USB device found, idVendor=1ba6, idProduct=0001, bcdDevice=49.88 [ 271.666748][ T65] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 271.670560][ T65] usb 6-1: Product: syz [ 271.672312][ T65] usb 6-1: Manufacturer: syz [ 271.674271][ T65] usb 6-1: SerialNumber: syz [ 271.688303][ T65] usb 6-1: config 0 descriptor?? [ 271.695024][ T65] as10x_usb: device has been detected [ 271.700608][ T65] dvbdev: DVB: registering new adapter (Abilis Systems DVB-Titan) [ 271.723012][ T65] usb 6-1: DVB: registering adapter 1 frontend 0 (Abilis Systems DVB-Titan)... [ 271.744980][ T65] as10x_usb: error during firmware upload part1 [ 271.748038][ T65] Registered device Abilis Systems DVB-Titan [ 271.793509][ T8572] __nla_validate_parse: 12 callbacks suppressed [ 271.793526][ T8572] netlink: 44 bytes leftover after parsing attributes in process `syz.2.16848'. [ 271.800670][ T8572] netlink: 43 bytes leftover after parsing attributes in process `syz.2.16848'. [ 271.804299][ T8572] netlink: 43 bytes leftover after parsing attributes in process `syz.2.16848'. [ 271.850638][ T8579] program syz.3.16852 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 271.917970][ T1017] usb 6-1: USB disconnect, device number 13 [ 271.944739][ T1017] Unregistered device Abilis Systems DVB-Titan [ 271.947551][ T1017] as10x_usb: device has been disconnected [ 272.021613][ T8585] /dev/sr0: Can't open blockdev [ 272.059754][ T8593] netlink: 128 bytes leftover after parsing attributes in process `syz.2.16859'. [ 272.063878][ T8593] netlink: 3 bytes leftover after parsing attributes in process `syz.2.16859'. [ 272.102217][ T8603] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 272.305040][ T8639] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16883'. [ 272.310406][ T8641] validate_nla: 7 callbacks suppressed [ 272.310421][ T8641] netlink: 'syz.3.16882': attribute type 21 has an invalid length. [ 272.332574][ T8643] team0: Port device dummy0 removed [ 272.347772][ T8646] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 272.486029][ T8669] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !寿$ULvyآDUDw}z [ 272.571677][ T8680] team0: left allmulticast mode [ 272.573719][ T8680] team_slave_0: left allmulticast mode [ 272.575733][ T8680] team_slave_1: left allmulticast mode [ 272.577874][ T8680] geneve0: left allmulticast mode [ 272.579561][ T8680] mac80211_hwsim hwsim9 wlan1: left allmulticast mode [ 272.581863][ T8680] bridge0: port 3(team0) entered disabled state [ 272.594600][ T8680] : (slave dummy0): Releasing backup interface [ 272.600185][ T8680] dummy0: left promiscuous mode [ 272.605884][ T8680] bridge_slave_0: left allmulticast mode [ 272.608249][ T8680] bridge_slave_0: left promiscuous mode [ 272.610200][ T8680] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.614319][ T8680] bridge_slave_1: left allmulticast mode [ 272.616138][ T8680] bridge_slave_1: left promiscuous mode [ 272.618029][ T8680] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.628467][ T8680] : (slave bond_slave_0): Releasing backup interface [ 272.633683][ T8680] bond_slave_0: left promiscuous mode [ 272.642729][ T8680] : (slave bond_slave_1): Releasing backup interface [ 272.646188][ T8680] team_slave_0: left promiscuous mode [ 272.657926][ T8680] team0: Port device team_slave_0 removed [ 272.660754][ T8680] team_slave_1: left promiscuous mode [ 272.667887][ T8680] team0: Port device team_slave_1 removed [ 272.670078][ T8680] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 272.673427][ T8680] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 272.676634][ T8680] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 272.679008][ T8680] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 272.683712][ T8680] batman_adv: batadv0: Removing interface: macvtap0 [ 272.687315][ T8680] geneve0: left promiscuous mode [ 272.698665][ T8680] team0: Port device geneve0 removed [ 272.701698][ T8680] mac80211_hwsim hwsim9 wlan1: left promiscuous mode [ 272.705619][ T8680] team0: Port device wlan1 removed [ 272.797271][ T8711] syz.2.16913: attempt to access beyond end of device [ 272.797271][ T8711] mtdblock0: rw=2048, sector=3656, nr_sectors = 8 limit=256 [ 272.914797][ T8741] netlink: 132 bytes leftover after parsing attributes in process `syz.1.16927'. [ 272.921387][ T8744] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 273.158749][ T8792] netlink: 'syz.0.16951': attribute type 10 has an invalid length. [ 273.211539][ T8804] sysfs: cannot create duplicate filename '/class/ieee80211/!寿$ULvyآDUDw}zR3' [ 273.216157][ T8804] CPU: 3 UID: 0 PID: 8804 Comm: syz.2.16956 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 273.216172][ T8804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 273.216180][ T8804] Call Trace: [ 273.216184][ T8804] [ 273.216188][ T8804] dump_stack_lvl+0x16c/0x1f0 [ 273.216208][ T8804] sysfs_warn_dup+0x7f/0xa0 [ 273.216225][ T8804] sysfs_do_create_link_sd+0x124/0x140 [ 273.216243][ T8804] sysfs_create_link+0x61/0xc0 [ 273.216259][ T8804] device_add+0x62c/0x1a70 [ 273.216274][ T8804] ? __pfx_device_add+0x10/0x10 [ 273.216283][ T8804] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 273.216296][ T8804] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 273.216316][ T8804] wiphy_register+0x1c9c/0x2850 [ 273.216326][ T8804] ? netdev_run_todo+0x864/0x1320 [ 273.216341][ T8804] ? __dev_printk+0x220/0x270 [ 273.216357][ T8804] ? __pfx_wiphy_register+0x10/0x10 [ 273.216391][ T8804] ieee80211_register_hw+0x2432/0x4020 [ 273.216408][ T8804] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 273.216420][ T8804] ? find_held_lock+0x2b/0x80 [ 273.216433][ T8804] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 273.216444][ T8804] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 273.216462][ T8804] ? __hrtimer_setup+0x176/0x280 [ 273.216475][ T8804] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 273.216496][ T8804] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 273.216514][ T8804] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 273.216527][ T8804] ? __asan_memcpy+0x3c/0x60 [ 273.216543][ T8804] hwsim_new_radio_nl+0xb51/0x12c0 [ 273.216557][ T8804] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 273.216573][ T8804] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 273.216584][ T8804] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 273.216598][ T8804] genl_family_rcv_msg_doit+0x206/0x2f0 [ 273.216609][ T8804] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 273.216619][ T8804] ? trace_cap_capable+0x18d/0x200 [ 273.216634][ T8804] ? bpf_lsm_capable+0x9/0x10 [ 273.216649][ T8804] ? security_capable+0x7e/0x260 [ 273.216659][ T8804] ? ns_capable+0xd7/0x110 [ 273.216674][ T8804] genl_rcv_msg+0x55c/0x800 [ 273.216689][ T8804] ? __pfx_genl_rcv_msg+0x10/0x10 [ 273.216703][ T8804] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 273.216728][ T8804] ? __lock_acquire+0xaa4/0x1ba0 [ 273.216755][ T8804] netlink_rcv_skb+0x16a/0x440 [ 273.216777][ T8804] ? __pfx_genl_rcv_msg+0x10/0x10 [ 273.216791][ T8804] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 273.216820][ T8804] ? __pfx_down_read+0x10/0x10 [ 273.216835][ T8804] ? netlink_deliver_tap+0x1ae/0xd30 [ 273.216858][ T8804] genl_rcv+0x28/0x40 [ 273.216875][ T8804] netlink_unicast+0x53a/0x7f0 [ 273.216892][ T8804] ? __pfx_netlink_unicast+0x10/0x10 [ 273.216911][ T8804] netlink_sendmsg+0x8d1/0xdd0 [ 273.216928][ T8804] ? __pfx_netlink_sendmsg+0x10/0x10 [ 273.216944][ T8804] ? __import_iovec+0x1c8/0x660 [ 273.216961][ T8804] ____sys_sendmsg+0xa95/0xc70 [ 273.216975][ T8804] ? __pfx_____sys_sendmsg+0x10/0x10 [ 273.216984][ T8804] ? get_compat_msghdr+0x11a/0x170 [ 273.217004][ T8804] ___sys_sendmsg+0x134/0x1d0 [ 273.217018][ T8804] ? __pfx____sys_sendmsg+0x10/0x10 [ 273.217050][ T8804] __sys_sendmsg+0x16d/0x220 [ 273.217063][ T8804] ? __pfx___sys_sendmsg+0x10/0x10 [ 273.217076][ T8804] ? __ia32_sys_futex_time32+0x1d9/0x460 [ 273.217097][ T8804] ? rcu_is_watching+0x12/0xc0 [ 273.217110][ T8804] ? rcu_is_watching+0x12/0xc0 [ 273.217125][ T8804] __do_fast_syscall_32+0x73/0x120 [ 273.217141][ T8804] do_fast_syscall_32+0x32/0x80 [ 273.217161][ T8804] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 273.217180][ T8804] RIP: 0023:0xf70ae579 [ 273.217190][ T8804] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 273.217200][ T8804] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 273.217210][ T8804] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040 [ 273.217217][ T8804] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 273.217223][ T8804] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 273.217228][ T8804] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 273.217234][ T8804] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 273.217247][ T8804] [ 273.355770][ T8806] netlink: 28 bytes leftover after parsing attributes in process `syz.3.16957'. [ 273.361827][ T8806] netlink: 28 bytes leftover after parsing attributes in process `syz.3.16957'. [ 273.612785][ T8841] team0: Port device team_slave_0 removed [ 273.619157][ T8841] team0: Port device team_slave_1 removed [ 273.621924][ T8841] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 273.625389][ T8841] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 273.631027][ T8841] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 273.633477][ T8841] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 273.647565][ T8841] team0: Port device geneve0 removed [ 273.662460][ T8841] team0: Port device  removed [ 273.722100][ T8852] usb usb5: usbfs: process 8852 (syz.3.16975) did not claim interface 0 before use [ 273.912038][ T8885] A link change request failed with some changes committed already. Interface xfrm0 may have been left with an inconsistent configuration, please check. [ 274.033978][ T8905] netlink: 56 bytes leftover after parsing attributes in process `syz.3.17001'. [ 274.040344][ T8907] binfmt_misc: register: failed to install interpreter file ./file0 [ 274.065471][ T8913] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 274.232353][ T65] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 274.415493][ T65] usb 5-1: Using ep0 maxpacket: 32 [ 274.421235][ T65] usb 5-1: New USB device found, idVendor=1ba6, idProduct=0001, bcdDevice=49.88 [ 274.425269][ T65] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 274.428470][ T65] usb 5-1: Product: syz [ 274.430220][ T65] usb 5-1: Manufacturer: syz [ 274.432077][ T65] usb 5-1: SerialNumber: syz [ 274.435628][ T65] usb 5-1: config 0 descriptor?? [ 274.440778][ T65] as10x_usb: device has been detected [ 274.442804][ T65] dvbdev: DVB: registering new adapter (Abilis Systems DVB-Titan) [ 274.456078][ T65] usb 5-1: DVB: registering adapter 1 frontend 0 (Abilis Systems DVB-Titan)... [ 274.468841][ T65] as10x_usb: error during firmware upload part1 [ 274.471777][ T65] Registered device Abilis Systems DVB-Titan [ 274.552814][ T64] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 274.667200][ T9] usb 5-1: USB disconnect, device number 9 [ 274.677167][ T9] Unregistered device Abilis Systems DVB-Titan [ 274.678615][ T9] as10x_usb: device has been disconnected [ 274.714641][ T64] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 274.719374][ T64] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 274.723368][ T64] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 274.727022][ T64] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.738812][ T8945] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 274.747245][ T64] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 275.016864][ T64] usb 6-1: USB disconnect, device number 14 [ 275.358779][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 275.358789][ T40] audit: type=1326 audit(263.723:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.17045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 275.370106][ T40] audit: type=1326 audit(263.723:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.17045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 275.378966][ T40] audit: type=1326 audit(263.732:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.17045" exe="/syz-executor" sig=0 arch=40000003 syscall=460 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 275.387721][ T40] audit: type=1326 audit(263.732:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.17045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 275.394894][ T40] audit: type=1326 audit(263.732:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.17045" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 275.545361][ T9016] batman_adv: batadv0: Interface deactivated: wlan0 [ 275.884352][ T9077] program syz.0.17077 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 276.302375][ T40] audit: type=1400 audit(264.603:890): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=9185 comm="syz.0.17121" [ 276.397309][ C3] ata1: illegal qc_active transition (00000000->00000002) [ 276.499208][ T9230] netlink: 'syz.0.17138': attribute type 4 has an invalid length. [ 276.525630][ T9234] ntfs3(nbd3): try to read out of volume at offset 0x0 [ 276.763276][ T1107] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300) [ 276.773130][ T1107] ata1.00: configured for UDMA/100 [ 276.788192][ T9212] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 276.790462][ T9212] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 276.796424][ T9212] vhci_hcd vhci_hcd.0: Device attached [ 276.802069][ T9294] vhci_hcd: connection closed [ 276.802403][ T1043] vhci_hcd: stop threads [ 276.805261][ T1043] vhci_hcd: release socket [ 276.806772][ T1043] vhci_hcd: disconnect device [ 276.946325][ T9332] xt_TPROXY: Can be used only with -p tcp or -p udp [ 276.960376][ T9337] netlink: 'syz.3.17181': attribute type 4 has an invalid length. [ 277.058500][ T9356] netlink: 'syz.2.17187': attribute type 1 has an invalid length. [ 277.061184][ T9356] A link change request failed with some changes committed already. Interface may have been left with an inconsistent configuration, please check. [ 277.166820][ T9380] __nla_validate_parse: 5 callbacks suppressed [ 277.166836][ T9380] netlink: 12 bytes leftover after parsing attributes in process `syz.0.17198'. [ 277.259751][ T40] audit: type=1326 audit(265.501:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9394 comm="syz.0.17204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f97579 code=0x7ffc0000 [ 277.270928][ T40] audit: type=1326 audit(265.501:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9394 comm="syz.0.17204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f97579 code=0x7ffc0000 [ 277.281496][ T40] audit: type=1326 audit(265.501:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9394 comm="syz.0.17204" exe="/syz-executor" sig=0 arch=40000003 syscall=136 compat=1 ip=0xf7f97579 code=0x7ffc0000 [ 277.289517][ T40] audit: type=1326 audit(265.501:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9394 comm="syz.0.17204" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f97579 code=0x7ffc0000 [ 277.304961][ T9403] netlink: 16 bytes leftover after parsing attributes in process `syz.3.17207'. [ 277.314544][ T9405] netlink: 412 bytes leftover after parsing attributes in process `syz.0.17209'. [ 277.363054][ T9415] netlink: 300 bytes leftover after parsing attributes in process `syz.2.17212'. [ 277.428714][ T9426] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem [ 277.506548][ T9443] netlink: 24 bytes leftover after parsing attributes in process `syz.2.17225'. [ 277.614664][ T9469] netlink: 'syz.1.17236': attribute type 4 has an invalid length. [ 277.648499][ T9479] netlink: 4 bytes leftover after parsing attributes in process `syz.1.17239'. [ 277.848112][ T9529] block device autoloading is deprecated and will be removed. [ 277.855592][ T9529] syz.0.17258: attempt to access beyond end of device [ 277.855592][ T9529] md2: rw=2048, sector=3656, nr_sectors = 8 limit=0 [ 277.954983][ T9557] netlink: 'syz.1.17271': attribute type 2 has an invalid length. [ 277.957484][ T9557] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 278.023677][ T9573] netlink: 3 bytes leftover after parsing attributes in process `syz.3.17278'. [ 278.212676][ T9591] infiniband syz0: set down [ 278.214213][ T9591] infiniband syz0: added ipvlan1 [ 278.214983][ T9614] netlink: 64 bytes leftover after parsing attributes in process `syz.0.17293'. [ 278.229510][ T9591] RDS/IB: syz0: added [ 278.230902][ T9591] smc: adding ib device syz0 with port count 1 [ 278.232883][ T9591] smc: ib device syz0 port 1 has pnetid [ 278.400142][ T9643] Process accounting resumed [ 278.454814][ T9658] netlink: 32 bytes leftover after parsing attributes in process `syz.1.17310'. [ 278.645538][ T9691] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw [ 278.654897][ T9693] netlink: 144 bytes leftover after parsing attributes in process `syz.3.17323'. [ 278.685420][ T9698] bond0: entered promiscuous mode [ 278.687148][ T9698] bond0: entered allmulticast mode [ 278.694961][ T9698] 8021q: adding VLAN 0 to HW filter on device bond0 [ 278.878895][ T9745] xt_CT: You must specify a L4 protocol and not use inversions on it [ 279.018133][ T9787] vivid-001: ================= START STATUS ================= [ 279.022811][ T9787] vivid-001: Radio HW Seek Mode: Bounded [ 279.025012][ T9787] vivid-001: Radio Programmable HW Seek: false [ 279.026949][ T9787] vivid-001: RDS Rx I/O Mode: Block I/O [ 279.029920][ T9787] vivid-001: Generate RBDS Instead of RDS: false [ 279.031958][ T9787] vivid-001: RDS Reception: true [ 279.033517][ T9787] vivid-001: RDS Program Type: 0 inactive [ 279.035417][ T9787] vivid-001: RDS PS Name: inactive [ 279.037211][ T9787] vivid-001: RDS Radio Text: inactive [ 279.038962][ T9787] vivid-001: RDS Traffic Announcement: false inactive [ 279.047276][ T9787] vivid-001: RDS Traffic Program: false inactive [ 279.049533][ T9787] vivid-001: RDS Music: false inactive [ 279.055999][ T9787] vivid-001: ================== END STATUS ================== [ 279.462336][ T9885] netlink: 'syz.2.17399': attribute type 23 has an invalid length. [ 279.541813][ T9898] can0: slcan on ptm0. [ 280.081687][ T9907] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 280.131462][ T9897] can0 (unregistered): slcan off ptm0. [ 280.160182][ T9918] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0 [ 280.797509][T10055] wireguard0: entered promiscuous mode [ 280.799248][T10055] wireguard0: entered allmulticast mode [ 281.802409][T10151] wg1: entered promiscuous mode [ 281.804017][T10151] wg1: entered allmulticast mode [ 282.129341][T10205] IPv6: NLM_F_CREATE should be specified when creating new route [ 282.280552][T10229] Zero length message leads to an empty skb [ 282.435847][T10253] 9pnet_virtio: no channels available for device 127.0.0.1 [ 282.458514][T10256] xfrm1: entered promiscuous mode [ 282.468805][T10256] xfrm1: entered allmulticast mode [ 282.529841][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 282.529851][ T40] audit: type=1326 audit(2000000002.235:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10265 comm="syz.3.17553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 282.541382][ T40] audit: type=1326 audit(2000000002.235:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10265 comm="syz.3.17553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 282.561453][ T40] audit: type=1326 audit(2000000002.235:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10265 comm="syz.3.17553" exe="/syz-executor" sig=0 arch=40000003 syscall=36 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 282.592485][ T40] audit: type=1326 audit(2000000002.291:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10265 comm="syz.3.17553" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 282.875181][T10328] __nla_validate_parse: 9 callbacks suppressed [ 282.875199][T10328] netlink: 20 bytes leftover after parsing attributes in process `syz.3.17582'. [ 282.991610][T10351] tipc: Started in network mode [ 282.994020][T10351] tipc: Node identity fe800000000000000000000000000013, cluster identity 4711 [ 283.003065][T10351] tipc: Enabled bearer , priority 10 [ 283.049017][T10359] netlink: 224 bytes leftover after parsing attributes in process `syz.3.17598'. [ 283.090299][T10367] netlink: 248 bytes leftover after parsing attributes in process `syz.3.17602'. [ 283.184029][T10384] netlink: 4 bytes leftover after parsing attributes in process `syz.2.17609'. [ 283.218271][ T40] audit: type=1326 audit(2000000002.871:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10387 comm="syz.1.17612" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 283.232569][ T40] audit: type=1326 audit(2000000002.871:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10387 comm="syz.1.17612" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 283.239245][ T40] audit: type=1326 audit(2000000002.871:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10387 comm="syz.1.17612" exe="/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 283.249838][ T40] audit: type=1326 audit(2000000002.871:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10387 comm="syz.1.17612" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 283.257215][ T40] audit: type=1326 audit(2000000002.871:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10387 comm="syz.1.17612" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 283.264339][ T40] audit: type=1326 audit(2000000002.871:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10387 comm="syz.1.17612" exe="/syz-executor" sig=0 arch=40000003 syscall=85 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 283.272682][T10398] netlink: 20 bytes leftover after parsing attributes in process `syz.2.17617'. [ 283.425256][T10428] input: syz0 as /devices/virtual/input/input60 [ 283.520693][T10440] xt_socket: unknown flags 0xd0 [ 283.739539][T10461] bridge8: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 283.894861][T10476] mkiss: ax0: crc mode is auto. [ 284.115863][T10494] netlink: 4 bytes leftover after parsing attributes in process `syz.1.17662'. [ 284.189021][T10497] bpf: Bad value for 'gid' [ 284.193818][ T6237] tipc: Node number set to 4269801491 [ 284.287783][T10508] overlayfs: conflicting options: userxattr,verity=require [ 284.326192][T10512] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 285.322355][T10538] netlink: 4 bytes leftover after parsing attributes in process `syz.3.17684'. [ 285.374860][T10545] netlink: 24 bytes leftover after parsing attributes in process `syz.2.17687'. [ 285.614396][T10478] syz.0.17654 (10478) used greatest stack depth: 20472 bytes left [ 285.614889][ T6250] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 285.707689][T10577] netlink: 'syz.2.17701': attribute type 8 has an invalid length. [ 285.807101][ T6250] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 285.810431][ T6250] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 285.813809][ T6250] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 285.823028][ T6250] usb 6-1: New USB device found, idVendor=05ac, idProduct=030a, bcdDevice=65.8c [ 285.826765][ T6250] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 285.840876][ T6250] usb 6-1: config 0 descriptor?? [ 285.854607][ T6250] input: appletouch as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input61 [ 286.167224][ T58] usb 6-1: USB disconnect, device number 15 [ 286.180856][ T58] appletouch 6-1:0.0: input: appletouch disconnected [ 286.189065][T10621] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17723'. [ 286.194538][T10621] netlink: 12 bytes leftover after parsing attributes in process `syz.3.17723'. [ 286.197518][T10621] netlink: 'syz.3.17723': attribute type 6 has an invalid length. [ 286.248754][T10628] Bluetooth: MGMT ver 1.23 [ 286.332434][T10640] sp0: Synchronizing with TNC [ 286.344986][T10639] [U] [ 287.079259][T10690] Bluetooth: MGMT ver 1.23 [ 287.427576][T10714] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 288.164042][T10771] delete_channel: no stack [ 288.165955][T10769] delete_channel: no stack [ 288.206030][ T6250] kernel write not supported for file /sg0 (pid: 6250 comm: kworker/1:4) [ 288.206679][T10775] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 288.257970][ T9] kernel write not supported for file /sysvipc/msg (pid: 9 comm: kworker/0:0) [ 288.682400][ T65] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 288.857821][ T65] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 288.861024][ T65] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 288.864795][ T65] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 288.871746][ T65] usb 7-1: New USB device found, idVendor=05ac, idProduct=030a, bcdDevice=65.8c [ 288.875908][ T65] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 288.884007][ T65] usb 7-1: config 0 descriptor?? [ 288.888205][ T65] input: appletouch as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input63 [ 288.968803][T10862] syz.1.17831 (10862) used obsolete PPPIOCDETACH ioctl [ 289.026376][T10869] __nla_validate_parse: 1 callbacks suppressed [ 289.026393][T10869] netlink: 216 bytes leftover after parsing attributes in process `syz.3.17834'. [ 289.032710][T10869] netlink: 24 bytes leftover after parsing attributes in process `syz.3.17834'. [ 289.038769][T10869] netlink: 16 bytes leftover after parsing attributes in process `syz.3.17834'. [ 289.181789][ T6250] usb 7-1: USB disconnect, device number 17 [ 289.193028][ T6250] appletouch 7-1:0.0: input: appletouch disconnected [ 289.386643][T10914] UHID_CREATE from different security context by process 8875 (syz.3.17857), this is not allowed. [ 289.407355][T10916] netlink: 76 bytes leftover after parsing attributes in process `syz.1.17858'. [ 289.525017][T10928] rtc_cmos 00:05: Alarms can be up to one day in the future [ 289.598010][T10941] program syz.0.17870 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 289.619981][ T65] rtc_cmos 00:05: Alarms can be up to one day in the future [ 289.631116][ T65] rtc_cmos 00:05: Alarms can be up to one day in the future [ 289.637713][ T65] rtc_cmos 00:05: Alarms can be up to one day in the future [ 289.641284][ T65] rtc_cmos 00:05: Alarms can be up to one day in the future [ 289.644794][ T65] rtc rtc0: __rtc_set_alarm: err=-22 [ 289.890740][ T9] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 290.072092][ T9] usb 6-1: Using ep0 maxpacket: 32 [ 290.084161][ T9] usb 6-1: unable to get BOS descriptor or descriptor too short [ 290.092332][ T9] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 290.097271][ T9] usb 6-1: can't read configurations, error -71 [ 290.360481][ T65] usb 8-1: new high-speed USB device number 16 using dummy_hcd [ 290.544179][ T65] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 290.548488][ T65] usb 8-1: config 0 interface 0 has no altsetting 0 [ 290.553771][ T65] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 290.557176][ T65] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 290.559798][ T65] usb 8-1: Product: syz [ 290.561654][ T65] usb 8-1: Manufacturer: syz [ 290.563885][ T65] usb 8-1: SerialNumber: syz [ 290.569465][ T65] usb 8-1: config 0 descriptor?? [ 290.576505][ T65] usb 8-1: selecting invalid altsetting 0 [ 290.799143][ T6250] usb 8-1: USB disconnect, device number 16 [ 290.807705][T11018] netlink: 20 bytes leftover after parsing attributes in process `syz.1.17906'. [ 291.212742][T11060] ptrace attach of "/syz-executor exec"[6189] was attempted by ""[11060] [ 291.468838][T11101] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17945'. [ 291.551085][T11115] program syz.0.17952 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 291.585871][T11119] netlink: 100 bytes leftover after parsing attributes in process `syz.0.17954'. [ 291.589826][T11119] netlink: 24 bytes leftover after parsing attributes in process `syz.0.17954'. [ 291.614435][T11126] netlink: 16 bytes leftover after parsing attributes in process `syz.3.17957'. [ 291.649447][T11131] netlink: 212392 bytes leftover after parsing attributes in process `syz.3.17960'. [ 291.652896][T11131] openvswitch: netlink: Message has 4 unknown bytes. [ 291.685305][T11137] team0: Port device bond0 added [ 291.801675][T11157] PKCS7: Unknown OID: [5] (bad) [ 291.804124][T11157] PKCS7: Only support pkcs7_signedData type [ 292.055642][ T40] kauditd_printk_skb: 3 callbacks suppressed [ 292.055653][ T40] audit: type=1326 audit(2000000011.141:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11198 comm="syz.1.17993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 292.065458][ T40] audit: type=1326 audit(2000000011.141:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11198 comm="syz.1.17993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 292.072878][ T40] audit: type=1326 audit(2000000011.141:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11198 comm="syz.1.17993" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 292.079922][ T40] audit: type=1326 audit(2000000011.141:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11198 comm="syz.1.17993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 292.088218][ T40] audit: type=1326 audit(2000000011.141:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11198 comm="syz.1.17993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 292.096566][ T40] audit: type=1326 audit(2000000011.141:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11198 comm="syz.1.17993" exe="/syz-executor" sig=0 arch=40000003 syscall=250 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 292.104586][ T40] audit: type=1326 audit(2000000011.141:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11198 comm="syz.1.17993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 292.115132][ T40] audit: type=1326 audit(2000000011.141:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11198 comm="syz.1.17993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 292.401914][T11226] overlayfs: workdir and upperdir must be separate subtrees [ 293.049252][T11245] mkiss: ax0: crc mode is auto. [ 293.150882][T11260] sp0: Synchronizing with TNC [ 293.156792][T11256] [U] [ 293.243218][ T40] audit: type=1326 audit(2000000012.254:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11272 comm="syz.2.18027" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70ae579 code=0x0 [ 293.274624][T11280] 9pnet_fd: p9_fd_create_unix (11280): problem connecting socket: ./file1: -2 [ 293.651317][T11330] ALSA: seq fatal error: cannot create timer (-22) [ 293.706475][T11338] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32 [ 293.804411][T11348] sg_write: process 9303 (syz.0.18062) changed security contexts after opening file descriptor, this is not allowed. [ 294.015873][ T40] audit: type=1326 audit(2000000012.974:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11363 comm="syz.1.18070" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 294.321874][T11393] No control pipe specified [ 295.599909][T11441] [U] R5JCҰ~V6|7KXVZZGR $ [ 295.748554][T11461] __nla_validate_parse: 3 callbacks suppressed [ 295.748565][T11461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.18111'. [ 295.755535][T11461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.18111'. [ 295.792307][T11467] netlink: 4 bytes leftover after parsing attributes in process `syz.1.18114'. [ 295.795866][T11467] netlink: 4 bytes leftover after parsing attributes in process `syz.1.18114'. [ 295.970387][T11495] netlink: 28 bytes leftover after parsing attributes in process `syz.0.18127'. [ 296.247082][T11538] netlink: 'syz.2.18147': attribute type 4 has an invalid length. [ 297.001731][T11644] netlink: 16 bytes leftover after parsing attributes in process `syz.0.18198'. [ 297.073857][T11660] netlink: 12 bytes leftover after parsing attributes in process `syz.0.18206'. [ 297.091344][T11666] netlink: 4 bytes leftover after parsing attributes in process `syz.2.18209'. [ 297.099554][T11666] vlan2: entered promiscuous mode [ 297.101256][T11666] bridge0: entered promiscuous mode [ 297.360052][T11705] netlink: 344 bytes leftover after parsing attributes in process `syz.0.18227'. [ 297.406229][T11714] netlink: 'syz.0.18233': attribute type 11 has an invalid length. [ 297.621016][T11740] ipt_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 297.796436][T11763] netlink: 16 bytes leftover after parsing attributes in process `syz.1.18253'. [ 297.989612][T11788] nbd: socks must be embedded in a SOCK_ITEM attr [ 298.027689][T11792] CIFS: Unable to determine destination address [ 298.196351][ T65] usb 8-1: new high-speed USB device number 17 using dummy_hcd [ 298.246183][T11814] vlan2: entered promiscuous mode [ 298.248059][T11814] bridge0: entered promiscuous mode [ 299.329294][ T65] usb 8-1: device descriptor read/64, error -71 [ 299.639344][ T65] usb 8-1: new high-speed USB device number 18 using dummy_hcd [ 299.801352][ T65] usb 8-1: config index 0 descriptor too short (expected 23569, got 27) [ 299.804865][ T65] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 299.809899][ T65] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 299.818067][ T65] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 299.821704][ T65] usb 8-1: Manufacturer: syz [ 299.827482][ T65] usb 8-1: config 0 descriptor?? [ 299.885196][ T65] rc_core: IR keymap rc-hauppauge not found [ 299.887188][ T65] Registered IR keymap rc-empty [ 299.896962][ T65] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0 [ 299.901458][ T65] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input64 [ 300.055248][ T65] usb 8-1: USB disconnect, device number 18 [ 300.803446][ T40] kauditd_printk_skb: 16 callbacks suppressed [ 300.803458][ T40] audit: type=1326 audit(2000000019.326:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11989 comm="syz.1.18362" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 300.820724][ T40] audit: type=1326 audit(2000000019.345:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11989 comm="syz.1.18362" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 300.830044][ T40] audit: type=1326 audit(2000000019.345:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11989 comm="syz.1.18362" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 300.845814][ T40] audit: type=1326 audit(2000000019.345:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11989 comm="syz.1.18362" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 300.857984][ T40] audit: type=1326 audit(2000000019.345:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11989 comm="syz.1.18362" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 300.864849][ T40] audit: type=1326 audit(2000000019.345:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11989 comm="syz.1.18362" exe="/syz-executor" sig=0 arch=40000003 syscall=337 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 300.871956][ T40] audit: type=1326 audit(2000000019.345:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11989 comm="syz.1.18362" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 300.878820][ T40] audit: type=1326 audit(2000000019.345:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11989 comm="syz.1.18362" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e579 code=0x7ffc0000 [ 300.887476][T11993] tipc: Enabled bearer , priority 22 [ 300.973959][ T40] audit: type=1326 audit(2000000019.485:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12000 comm="syz.3.18368" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf702e579 code=0x0 [ 301.351769][T12030] vivid-001: disconnect [ 301.353629][T12029] vivid-001: reconnect [ 301.382132][T12034] tmpfs: Cannot change global quota limit on remount [ 302.311644][T12040] orangefs_mount: mount request failed with -4 [ 302.354034][T12086] __nla_validate_parse: 9 callbacks suppressed [ 302.354044][T12086] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18406'. [ 302.887223][T12145] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 302.911406][ T1017] kernel write not supported for file /audio (pid: 1017 comm: kworker/0:2) [ 303.078728][T12174] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18447'. [ 303.279521][T12201] netlink: 72 bytes leftover after parsing attributes in process `syz.3.18459'. [ 304.000969][T12303] netlink: 'syz.0.18499': attribute type 1 has an invalid length. [ 304.459530][T12336] netlink: 'syz.1.18514': attribute type 5 has an invalid length. [ 304.463564][T12336] netlink: 24 bytes leftover after parsing attributes in process `syz.1.18514'. [ 304.534351][T12344] lo: MTU too low for tipc bearer [ 304.538593][T12344] tipc: Enabling of bearer rejected, failed to enable media [ 304.559335][T12348] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18520'. [ 304.586170][ T65] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0 [ 304.589747][ T65] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0 [ 304.596873][ T65] hid-generic 0000:0003:0000.0005: hidraw1: HID v0.00 Device [syz1] on syz0 [ 304.691451][T12364] netlink: 'syz.3.18528': attribute type 10 has an invalid length. [ 304.811196][T12378] program syz.1.18535 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 304.826657][T12380] netlink: 20 bytes leftover after parsing attributes in process `syz.0.18536'. [ 304.835835][T12380] vlan3: entered promiscuous mode [ 304.838088][T12380] gretap0: entered promiscuous mode [ 305.112439][T12421] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 305.216774][T12435] [U]  [ 305.217717][T12435] [U] K{ [ 305.218728][T12435] [U] t 1ŠFfˊ`GJgo/mC [ 305.222323][T12435] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!" (5Ob̓J [ 305.227850][T12435] [U] k\&}66XHX .`a$40|϶9ި U4Vbz}wMTQΦr 4 [ 305.239702][T12435] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_< ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq [ 305.255030][T12435] [U] +wG?]'a: )' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj ;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿B ٜNy"vI2 [ 305.262688][T12435] [U] T_K5tYJ9c$brLNul 9w|G"ʃ%C؝q 3qN^HP*$ .7yӱ2 [ 305.267722][T12435] [U] ? h*37鍾^#Q"0~ (oX Lb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ [ 305.271569][T12435] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<>{q_՝LX8U{Z)7?rR;crhײڣ1>)Măt(aϝ}9ڥJ*Mќġ'Lq DW=|q ÆW;5Ž!dBx`/E`ƦMX"\ [ 305.300683][T12446] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18563'. [ 305.303317][T12435] [U] {; ٘_o2)o.2W2yx_ HPϱSD:]{ [ 305.307948][T12446] netlink: 20 bytes leftover after parsing attributes in process `syz.1.18563'. [ 305.309656][T12435] [U] I,> 51^1N4oǶ'0?֒i9w._.WaV`)Zc6GiӹaXL[F*OW)+'\n[K@2Ǭp"^` [ 305.317779][T12435] [U] 22Ʃx?0;3u [ 305.319341][T12435] [U] ޜsObx8W4(~/KUԖoQe+G-ygY_>v3.hә]̈́2)D, D~d+w; A\FPȘ|$)KؐIɿkYT^R癵A=#ܜ aet1ݯ4K.e"RS|s:>p r"z#P!KY"}FN84hޱosߙ̫%Dlwm [ 305.327456][T12435] [U] [['xn' ,mr/1D=!Dx91BwRlfKZ#` l؛˜b~m [ 305.330768][T12435] [U] L>d+d"5h3<iR=F^fnvDOIO:U>Y [ 305.334156][T12435] [U] 'B6v20瞥׌"t8{9FW]쩍 [ 305.336638][T12435] [U] 72uC6τI]8ctۨQSkYI |V'TV/g$[ 9kh`"}[^=0]%̂TF_v4C [ 305.342305][T12435] [U] ec [ 305.343466][T12435] [U] |<:^3$7nK~-@?/mtl۾Iw@g~t{P+$jp| IRipm Y 8tV,l, [ 305.364337][T12450] netlink: 28 bytes leftover after parsing attributes in process `syz.1.18565'. [ 305.378317][T12434] [U] K)0~ʪiP'fzr @B]5{ʼ'8ƥFUTqUdǩK;70c[yYCذmL8T͚5rxW xoQhVi'8L [ 305.476855][T12462] netlink: 12 bytes leftover after parsing attributes in process `syz.1.18571'. [ 305.637413][ T58] usb 8-1: new high-speed USB device number 19 using dummy_hcd [ 305.797045][ T58] usb 8-1: Using ep0 maxpacket: 32 [ 305.800493][ T58] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 305.806410][ T58] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 305.811586][ T58] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 305.815625][ T58] usb 8-1: Product: syz [ 305.817610][ T58] usb 8-1: Manufacturer: syz [ 305.820091][ T58] usb 8-1: SerialNumber: syz [ 305.825895][ T58] usb 8-1: config 0 descriptor?? [ 305.828026][T12452] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 306.054765][ T65] usb 8-1: USB disconnect, device number 19 [ 306.962825][T12528] netlink: 'syz.3.18602': attribute type 3 has an invalid length. [ 307.181312][T12542] "syz.1.18609" (12542) uses obsolete ecb(arc4) skcipher [ 307.922958][T12633] __nla_validate_parse: 2 callbacks suppressed [ 307.922968][T12633] netlink: 12 bytes leftover after parsing attributes in process `syz.3.18644'. [ 308.232781][T12664] [U]  [ 308.233708][T12664] [U] K{ [ 308.235560][T12664] [U] t 1ŠFfˊ`GJgo/mC [ 308.237888][T12664] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!" (5Ob̓J [ 308.242997][T12664] [U] k\&}66XHX .`a$40|϶9ި U4Vbz}wMTQΦr 4 [ 308.246921][T12664] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_< ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq [ 308.259735][T12664] [U] +wG?]'a: )' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj ;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿B ٜNy"vI2 [ 308.268773][T12664] [U] T_K5tYJ9c$brLNul 9w|G"ʃ%C؝q 3qN^HP*$ .7yӱ2 [ 308.272790][T12664] [U] ? h*37鍾^#Q"0~ (oX Lb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ [ 308.277125][T12664] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<>{q_՝LX8U{Z)7?rR;crhײڣ1>)Măt(aϝ}9ڥJ*Mќġ'Lq DW=|q ÆW;5Ž!dBx`/E`ƦMX"\ [ 308.309030][T12664] [U] {; ٘_o2)o.2W2yx_ HPϱSD:]{ [ 308.311688][T12664] [U] I,> 51^1N4oǶ'0?֒i9w._.WaV`)Zc6GiӹaXL[F*OW)+'\n[K@2Ǭp"^` [ 308.315870][T12664] [U] 22Ʃx?0;3u [ 308.317345][T12664] [U] ޜsObx8W4(~/KUԖoQe+G-ygY_>v3.hә]̈́2)D, D~d+w; A\FPȘ|$)KؐIɿkYT^R癵A=#ܜ aet1ݯ4K.e"RS|s:>p r"z#P!KY"}FN84hޱosߙ̫%Dlwm [ 308.326681][T12664] [U] [['xn' ,mr/1D=!Dx91BwRlfKZ#` l؛˜b~m [ 308.329696][T12664] [U] L>d+d"5h3<iR=F^fnvDOIO:U>Y [ 308.332936][T12664] [U] 'B6v20瞥׌"t8{9FW]쩍 [ 308.334913][T12664] [U] 72uC6τI]8ctۨQSkYI |V'TV/g$[ 9kh`"}[^=0]%̂TF_v4C [ 308.338788][T12664] [U] ec [ 308.339812][T12664] [U] |<:^3$7nK~-@?/mtl۾Iw@g~t{P+$jp| IRipm Y 8tV,l, [ 308.351010][T12663] [U] K)0~ʪiP'fzr @B]5{ʼ'8ƥFUTqUdǩK;70c[yYCذmL8T͚5rxW xoQhVi'8L [ 308.502443][T12691] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18671'. [ 308.505265][T12691] netlink: 12 bytes leftover after parsing attributes in process `syz.0.18671'. [ 309.011337][T12729] bridge13: entered promiscuous mode [ 309.015355][T12729] team0: Port device bridge13 added [ 309.749722][T12807] netlink: 71 bytes leftover after parsing attributes in process `syz.1.18725'. [ 309.922762][T12827] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 310.104187][T12849] use of bytesused == 0 is deprecated and will be removed in the future, [ 310.112578][T12849] use the actual size instead. [ 310.197803][T12857] ALSA: seq fatal error: cannot create timer (-19) [ 311.175440][T12935] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18786'. [ 311.204456][T12937] netlink: 12 bytes leftover after parsing attributes in process `syz.3.18787'. [ 311.734538][T12965] program syz.1.18801 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 312.221917][ T835] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 312.228862][T13002] pim6reg: entered allmulticast mode [ 312.234654][T13002] pim6reg: left allmulticast mode [ 312.395814][ T835] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 312.399706][ T835] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 312.402982][ T835] usb 5-1: Product: syz [ 312.405235][ T835] usb 5-1: Manufacturer: syz [ 312.407068][ T835] usb 5-1: SerialNumber: syz [ 312.413624][ T835] usb 5-1: config 0 descriptor?? [ 312.446985][T13009] IPVS: sync thread started: state = MASTER, mcast_ifn = wg1, syncid = 262145, id = 0 [ 312.452144][T13008] IPVS: stopping master sync thread 13009 ... [ 312.531643][T13013] ucma_write: process 9476 (syz.1.18821) changed security contexts after opening file descriptor, this is not allowed. [ 312.618846][T13019] netlink: 592 bytes leftover after parsing attributes in process `syz.1.18824'. [ 312.622353][T13019] netlink: 592 bytes leftover after parsing attributes in process `syz.1.18824'. [ 312.649688][ T6237] usb 5-1: USB disconnect, device number 10 [ 313.395207][T13059] netlink: 8 bytes leftover after parsing attributes in process `syz.1.18844'. [ 314.663299][ T6197] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 314.670358][ T6197] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 314.674448][ T6197] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 314.681155][ T6197] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 314.684638][ T6197] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 314.700692][ T46] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 314.723194][ T6193] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 314.726882][ T6193] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 314.729852][ T6193] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 314.734294][ T6193] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 314.745349][ T6193] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 314.791182][T13118] lo speed is unknown, defaulting to 1000 [ 314.821038][ T46] netdevsim netdevsim2 netdevsim2 (unregistering): left allmulticast mode [ 314.825823][ T46] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 315.009518][ T46] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 315.099778][ T46] netdevsim netdevsim2  (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 315.100043][T13158] netlink: 28 bytes leftover after parsing attributes in process `syz.1.18891'. [ 315.107545][T13158] netlink: 60 bytes leftover after parsing attributes in process `syz.1.18891'. [ 315.241016][T13118] chnl_net:caif_netlink_parms(): no params data found [ 316.401556][T13209] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -512 0 [ 316.595278][ T46] bond0 (unregistering): Released all slaves [ 316.716051][ T46] bond1 (unregistering): Released all slaves [ 316.724377][ T46] bond2 (unregistering): Released all slaves [ 316.829506][T13234] netlink: 8 bytes leftover after parsing attributes in process `syz.0.18922'. [ 316.848561][ T46] bond3 (unregistering): Released all slaves [ 316.899068][ T40] audit: type=1326 audit(2000000034.387:944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13237 comm="syz.1.18924" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf710e579 code=0x0 [ 316.927425][ T6193] Bluetooth: hci1: command tx timeout [ 316.939984][ T46] bond4 (unregistering): Released all slaves [ 316.946434][ T46] bond5 (unregistering): Released all slaves [ 316.952689][ T46] bond6 (unregistering): Released all slaves [ 316.959025][ T46] bond7 (unregistering): Released all slaves [ 316.966386][T13118] bridge0: port 1(bridge_slave_0) entered blocking state [ 316.969849][T13118] bridge0: port 1(bridge_slave_0) entered disabled state [ 316.973095][T13118] bridge_slave_0: entered allmulticast mode [ 316.977199][T13118] bridge_slave_0: entered promiscuous mode [ 316.983636][T13118] bridge0: port 2(bridge_slave_1) entered blocking state [ 316.986776][T13118] bridge0: port 2(bridge_slave_1) entered disabled state [ 316.990091][T13118] bridge_slave_1: entered allmulticast mode [ 316.994140][T13118] bridge_slave_1: entered promiscuous mode [ 317.078403][T13245] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18927'. [ 317.082281][T13245] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18927'. [ 317.088157][T13245] netlink: 'syz.3.18927': attribute type 18 has an invalid length. [ 317.091571][T13245] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18927'. [ 317.096183][ T46] : left promiscuous mode [ 317.131310][T13118] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 317.136664][T13118] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 317.233069][T13118] team0: Port device team_slave_0 added [ 317.243281][T13118] team0: Port device team_slave_1 added [ 317.305956][T13118] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 317.308140][T13118] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 317.317258][T13118] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 317.335371][T13118] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 317.338114][T13118] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 317.348118][T13118] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 317.396842][T13118] hsr_slave_0: entered promiscuous mode [ 317.399133][T13118] hsr_slave_1: entered promiscuous mode [ 317.660921][ T46] veth1_vlan: left promiscuous mode [ 317.741906][ T46] [ 317.742694][ T46] ====================================================== [ 317.744779][ T46] WARNING: possible circular locking dependency detected [ 317.747623][ T46] 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 Not tainted [ 317.752489][ T46] ------------------------------------------------------ [ 317.755283][ T46] kworker/u32:2/46 is trying to acquire lock: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 317.757703][ T46] ffff88806be38e00 (team->team_lock_key#4){+.+.}-{4:4}, at: team_vlan_rx_kill_vid+0x34/0xf0 [ 317.761710][ T46] [ 317.761710][ T46] but task is already holding lock: [ 317.764130][ T46] ffff8880451b6d30 (&dev_instance_lock_key#3){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x14a1/0x25a0 [ 317.768085][ T46] [ 317.768085][ T46] which lock already depends on the new lock. [ 317.768085][ T46] [ 317.772345][ T46] [ 317.772345][ T46] the existing dependency chain (in reverse order) is: [ 317.776017][ T46] [ 317.776017][ T46] -> #1 (&dev_instance_lock_key#3){+.+.}-{4:4}: [ 317.779326][ T46] __mutex_lock+0x199/0xb90 [ 317.781406][ T46] dev_set_mtu+0xa2/0x260 [ 317.783361][ T46] team_add_slave+0x90f/0x21a0 [ 317.785706][ T46] do_set_master+0x40c/0x730 [ 317.787897][ T46] do_setlink.constprop.0+0xe66/0x44b0 [ 317.790337][ T46] rtnl_newlink+0x1446/0x2000 [ 317.792064][ T46] rtnetlink_rcv_msg+0x95b/0xe90 [ 317.794105][ T46] netlink_rcv_skb+0x16a/0x440 [ 317.796305][ T46] netlink_unicast+0x53a/0x7f0 [ 317.798179][ T46] netlink_sendmsg+0x8d1/0xdd0 [ 317.799774][ T46] ____sys_sendmsg+0xa95/0xc70 [ 317.801734][ T46] ___sys_sendmsg+0x134/0x1d0 [ 317.803927][ T46] __sys_sendmsg+0x16d/0x220 [ 317.806119][ T46] __do_fast_syscall_32+0x73/0x120 [ 317.808513][ T46] do_fast_syscall_32+0x32/0x80 [ 317.810672][ T46] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 317.812887][ T46] [ 317.812887][ T46] -> #0 (team->team_lock_key#4){+.+.}-{4:4}: [ 317.815329][ T46] __lock_acquire+0x1173/0x1ba0 [ 317.817400][ T46] lock_acquire+0x179/0x350 [ 317.819755][ T46] __mutex_lock+0x199/0xb90 [ 317.821856][ T46] team_vlan_rx_kill_vid+0x34/0xf0 [ 317.824181][ T46] vlan_kill_rx_filter_info+0x143/0x1e0 [ 317.826805][ T46] vlan_vid_del+0x22c/0x5f0 [ 317.828980][ T46] vlan_device_event+0x14c6/0x2290 [ 317.831402][ T46] notifier_call_chain+0xb9/0x410 [ 317.833508][ T46] call_netdevice_notifiers_info+0xbe/0x140 [ 317.835510][ T46] dev_close_many+0x319/0x630 [ 317.837613][ T46] unregister_netdevice_many_notify+0x384/0x25a0 [ 317.840264][ T46] default_device_exit_batch+0x853/0xaf0 [ 317.842726][ T46] ops_exit_list+0x128/0x180 [ 317.844870][ T46] cleanup_net+0x5c1/0xb30 [ 317.846931][ T46] process_one_work+0x9cc/0x1b70 [ 317.849069][ T46] worker_thread+0x6c8/0xf10 [ 317.851076][ T46] kthread+0x3c2/0x780 [ 317.852833][ T46] ret_from_fork+0x45/0x80 [ 317.855051][ T46] ret_from_fork_asm+0x1a/0x30 [ 317.857176][ T46] [ 317.857176][ T46] other info that might help us debug this: [ 317.857176][ T46] [ 317.861273][ T46] Possible unsafe locking scenario: [ 317.861273][ T46] [ 317.864430][ T46] CPU0 CPU1 [ 317.866324][ T46] ---- ---- [ 317.868491][ T46] lock(&dev_instance_lock_key#3); [ 317.870708][ T46] lock(team->team_lock_key#4); [ 317.873510][ T46] lock(&dev_instance_lock_key#3); [ 317.876374][ T46] lock(team->team_lock_key#4); [ 317.878475][ T46] [ 317.878475][ T46] *** DEADLOCK *** [ 317.878475][ T46] [ 317.881510][ T46] 5 locks held by kworker/u32:2/46: [ 317.883339][ T46] #0: ffff88801c68f948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 317.887528][ T46] #1: ffffc9000071fd18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 317.891985][ T46] #2: ffffffff90118850 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xc9/0xb30 [ 317.896033][ T46] #3: ffffffff9012e6e8 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0x8b/0xaf0 [ 317.900079][ T46] #4: ffff8880451b6d30 (&dev_instance_lock_key#3){+.+.}-{4:4}, at: unregister_netdevice_many_notify+0x14a1/0x25a0 [ 317.904737][ T46] [ 317.904737][ T46] stack backtrace: [ 317.907156][ T46] CPU: 3 UID: 0 PID: 46 Comm: kworker/u32:2 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(full) [ 317.907178][ T46] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 317.907190][ T46] Workqueue: netns cleanup_net [ 317.907214][ T46] Call Trace: [ 317.907220][ T46] [ 317.907227][ T46] dump_stack_lvl+0x116/0x1f0 [ 317.907250][ T46] print_circular_bug+0x275/0x350 [ 317.907275][ T46] check_noncircular+0x14c/0x170 [ 317.907306][ T46] __lock_acquire+0x1173/0x1ba0 [ 317.907334][ T46] lock_acquire+0x179/0x350 [ 317.907349][ T46] ? team_vlan_rx_kill_vid+0x34/0xf0 [ 317.907370][ T46] ? __pfx___might_resched+0x10/0x10 [ 317.907394][ T46] __mutex_lock+0x199/0xb90 [ 317.907417][ T46] ? team_vlan_rx_kill_vid+0x34/0xf0 [ 317.907436][ T46] ? team_vlan_rx_kill_vid+0x34/0xf0 [ 317.907456][ T46] ? __pfx___mutex_lock+0x10/0x10 [ 317.907479][ T46] ? lockdep_hardirqs_on+0x7c/0x110 [ 317.907502][ T46] ? __pfx___cancel_work+0x10/0x10 [ 317.907524][ T46] ? team_vlan_rx_kill_vid+0x34/0xf0 [ 317.907541][ T46] team_vlan_rx_kill_vid+0x34/0xf0 [ 317.907561][ T46] vlan_kill_rx_filter_info+0x143/0x1e0 [ 317.907580][ T46] vlan_vid_del+0x22c/0x5f0 [ 317.907595][ T46] ? dsa_user_netdevice_event+0x48a/0x3440 [ 317.907618][ T46] vlan_device_event+0x14c6/0x2290 [ 317.907635][ T46] ? phonet_device_notify+0x4ad/0xa70 [ 317.907653][ T46] ? find_held_lock+0x2b/0x80 [ 317.907671][ T46] ? __pfx_phonet_device_notify+0x10/0x10 [ 317.907689][ T46] ? __pfx_vlan_device_event+0x10/0x10 [ 317.907705][ T46] ? __pfx_br_device_event+0x10/0x10 [ 317.907725][ T46] ? raw_notifier+0xa4/0x850 [ 317.907745][ T46] ? isotp_notifier+0xa4/0x6d0 [ 317.907767][ T46] ? bcm_notifier+0xa4/0x810 [ 317.907787][ T46] ? ax25_device_event+0x74/0x6d0 [ 317.907801][ T46] ? cgw_notifier+0xa2/0x380 [ 317.907818][ T46] notifier_call_chain+0xb9/0x410 [ 317.907841][ T46] ? __pfx_vlan_device_event+0x10/0x10 [ 317.907859][ T46] call_netdevice_notifiers_info+0xbe/0x140 [ 317.907886][ T46] dev_close_many+0x319/0x630 [ 317.907902][ T46] ? __pfx_dev_close_many+0x10/0x10 [ 317.907919][ T46] unregister_netdevice_many_notify+0x384/0x25a0 [ 317.907945][ T46] ? lockdep_hardirqs_on+0x7c/0x110 [ 317.907965][ T46] ? batadv_tt_local_event+0x455/0x7f0 [ 317.907983][ T46] ? __local_bh_enable_ip+0xa4/0x120 [ 317.908004][ T46] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 317.908030][ T46] ? unregister_netdevice_queue+0x22e/0x3f0 [ 317.908054][ T46] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 317.908077][ T46] ? batadv_meshif_destroy_vlan+0xdf/0x160 [ 317.908105][ T46] default_device_exit_batch+0x853/0xaf0 [ 317.908131][ T46] ? __pfx_default_device_exit_batch+0x10/0x10 [ 317.908154][ T46] ? __pfx_rdma_dev_exit_net+0x10/0x10 [ 317.908175][ T46] ? __pfx___might_resched+0x10/0x10 [ 317.908196][ T46] ? __pfx_cfg802154_pernet_exit+0x10/0x10 [ 317.908219][ T46] ? __pfx_default_device_exit_batch+0x10/0x10 [ 317.908243][ T46] ops_exit_list+0x128/0x180 [ 317.908264][ T46] cleanup_net+0x5c1/0xb30 [ 317.908288][ T46] ? __pfx_cleanup_net+0x10/0x10 [ 317.908319][ T46] ? rcu_is_watching+0x12/0xc0 [ 317.908340][ T46] process_one_work+0x9cc/0x1b70 [ 317.908362][ T46] ? __pfx_process_one_work+0x10/0x10 [ 317.908382][ T46] ? assign_work+0x1a0/0x250 [ 317.908399][ T46] worker_thread+0x6c8/0xf10 [ 317.908421][ T46] ? __pfx_worker_thread+0x10/0x10 [ 317.908439][ T46] kthread+0x3c2/0x780 [ 317.908453][ T46] ? __pfx_kthread+0x10/0x10 [ 317.908468][ T46] ? __pfx_kthread+0x10/0x10 [ 317.908483][ T46] ? __pfx_kthread+0x10/0x10 [ 317.908497][ T46] ? __pfx_kthread+0x10/0x10 [ 317.908513][ T46] ? rcu_is_watching+0x12/0xc0 [ 317.908532][ T46] ? __pfx_kthread+0x10/0x10 [ 317.908547][ T46] ret_from_fork+0x45/0x80 [ 317.908564][ T46] ? __pfx_kthread+0x10/0x10 [ 317.908579][ T46] ret_from_fork_asm+0x1a/0x30 [ 317.908607][ T46] [ 319.141239][ T6193] Bluetooth: hci1: command tx timeout [ 319.478916][ T6190] syz-executor (6190) used greatest stack depth: 20216 bytes left VM DIAGNOSIS: 16:33:56 Registers: info registers vcpu 0 CPU#0 RAX=00000000000edfc4 RBX=0000000000000000 RCX=ffffffff8b702439 RDX=ffffed10056465be RSI=ffffffff8bf45080 RDI=ffffffff8191a751 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10 R8 =0000000000000000 R9 =ffffed10056465bd R10=ffff88802b232deb R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff90868010 R15=0000000000000000 RIP=ffffffff8b700ccf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880977b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055baca307728 CR3=000000004b2ba000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000002 RBX=0000000000000005 RCX=ffffffff822b3b7f RDX=ffff888026270000 RSI=ffffffff822b3cc2 RDI=0000000000000007 RBP=0000000000000001 RSP=ffffc9000e697680 R8 =0000000000000007 R9 =0000000000000005 R10=0000000000000005 R11=000000000001044f R12=0000000000000000 R13=0000000000000001 R14=dffffc0000000000 R15=0000000000000000 RIP=ffffffff81bb3cc8 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880978b9000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002ea12ffc CR3=0000000071bb8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000010 RCX=ffffffff84d3ca89 RDX=ffff888023ce4880 RSI=0000000000000040 RDI=0000000000000001 RBP=ffffc9000375f328 RSP=ffffc9000375f190 R8 =0000000000000001 R9 =0000000000000040 R10=0000000000000010 R11=0000000000000000 R12=0000000000000017 R13=ffffc9000375f308 R14=ffff88802a2384a3 R15=0000000000000010 RIP=ffffffff81bb3682 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fea7d08fd00 ffffffff 00c00000 GS =0000 ffff8880979b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055f294c05000 CR3=0000000051122000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=5f2fdd5e5f2fdd5e 5f2fdd5e5f2fdd5e 5f2fdd5e5f2fdd5e 5f2fdd5e5f2fdd5e 5f2fdd5e5f2fdd5e 5f2fdd5e5f2fdd5e 5f2fdd5e5f2fdd5e 5f2fdd5e5f2fdd5e ZMM22=37f563e237f563e2 37f563e237f563e2 37f563e237f563e2 37f563e237f563e2 37f563e237f563e2 37f563e237f563e2 37f563e237f563e2 37f563e237f563e2 ZMM23=70d7488d70d7488d 70d7488d70d7488d 70d7488d70d7488d 70d7488d70d7488d 70d7488d70d7488d 70d7488d70d7488d 70d7488d70d7488d 70d7488d70d7488d ZMM24=0e8739680e873968 0e8739680e873968 0e8739680e873968 0e8739680e873968 0e8739680e873968 0e8739680e873968 0e8739680e873968 0e8739680e873968 ZMM25=a8350157a8350157 a8350157a8350157 a8350157a8350157 a8350157a8350157 a8350157a8350157 a8350157a8350157 a8350157a8350157 a8350157a8350157 ZMM26=90f8108290f81082 90f8108290f81082 90f8108290f81082 90f8108290f81082 90f8108290f81082 90f8108290f81082 90f8108290f81082 90f8108290f81082 ZMM27=119583aa119583aa 119583aa119583aa 119583aa119583aa 119583aa119583aa 119583aa119583aa 119583aa119583aa 119583aa119583aa 119583aa119583aa ZMM28=000000f0000000ef 000000ee000000ed 000000ec000000eb 000000ea000000e9 000000e8000000e7 000000e6000000e5 000000e4000000e3 000000e2000000e1 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=8f4200008f420000 8f4200008f420000 8f4200008f420000 8f4200008f420000 8f4200008f420000 8f4200008f420000 8f4200008f420000 8f4200008f420000 info registers vcpu 3 CPU#3 RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854bc9a5 RDI=ffffffff9ae12b40 RBP=ffffffff9ae12b00 RSP=ffffc9000071ed48 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e35312e36 R12=0000000000000000 R13=0000000000000061 R14=ffffffff9ae12b00 R15=ffffffff854bc940 RIP=ffffffff854bc9cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097ab9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002ea19ffc CR3=000000000e182000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 37e07aeedf9164f1 407473f1f0a86d7e ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f8b4ed4df5fdbd16 bb7b64ad965f676e ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 51a73147cc766afc 4e191c5302adecf4 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 77a10b3216b54a61 b12ccf59aa58922c ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000013040 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c600800100000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c19733cdc1973a59 c197a4b500000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 56008001c19736ca 000000000e008001 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 c197a350b0008001 38008001c1972fa3 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e723a74a957b022a 1fa3a00f6a1ac854 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 56c19354f76ee7b0 62c8ca95a4f381ad ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000