last executing test programs: 2m19.314742894s ago: executing program 2 (id=1411): r0 = creat(&(0x7f0000000200)='./file1\x00', 0x28) syz_usb_connect(0x3, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0) close(0x3) syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02) read$FUSE(r0, 0x0, 0x0) 2m18.150297291s ago: executing program 2 (id=1444): r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00') open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x88) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x18404, &(0x7f0000000200)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}, {@max_read={'max_read', 0x3d, 0x2}}]}}) sendfile(r0, r0, &(0x7f0000000000)=0x2eb4, 0x2000007ff) 2m18.117669694s ago: executing program 2 (id=1445): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000400)={r1, 0x0, 0x0}, 0x10) 2m18.074128054s ago: executing program 2 (id=1448): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1edc01, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x887008, 0x0) 2m18.017760212s ago: executing program 2 (id=1449): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_clone(0xa0000680, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r1) ptrace$setopts(0x4206, r0, 0x0, 0x0) wait4(0x0, 0x0, 0x20000000, 0x0) 2m17.746047243s ago: executing program 2 (id=1453): r0 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x800) setresuid(0x0, 0xee00, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$DRM_IOCTL_SET_MASTER(r2, 0x641e) 2m17.652083171s ago: executing program 32 (id=1453): r0 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x800) setresuid(0x0, 0xee00, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$DRM_IOCTL_SET_MASTER(r2, 0x641e) 1m21.73329401s ago: executing program 0 (id=2644): r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0xaa001) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000480)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000600)={0x0, 0x0, r2, r3, 0x93, 0x8, 0x9, 0x80, {0x8, 0x0, 0x3, 0x4, 0x4, 0x5, 0xe, 0x3, 0x6, 0x3a, 0x4, 0x7, 0x5, 0xff, "e277757ff86700cce91500"}}) 1m21.602087003s ago: executing program 0 (id=2648): r0 = socket$qrtr(0x2a, 0x2, 0x0) r1 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x3, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x0, 0x0}) io_uring_enter(r1, 0x40f9, 0x217, 0xa5, 0x0, 0x0) 1m21.45133891s ago: executing program 0 (id=2652): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'lblc\x00', 0x11, 0xff, 0xf}, 0x2c) 1m21.383555214s ago: executing program 0 (id=2656): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 1m21.339529738s ago: executing program 0 (id=2657): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1) write$binfmt_format(r0, &(0x7f0000000100)='0\x00', 0x2) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) write$qrtrtun(r0, &(0x7f0000000300)="ca0e808bb3", 0x5) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7], 0x0, 0xe000000, 0x1}}, 0x3c) 1m20.964757906s ago: executing program 0 (id=2668): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000600)=ANY=[@ANYBLOB="010000000000000001000000b80300000280000060"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000780)=ANY=[@ANYBLOB="0100000000000000860400003fe3c3ab29cbe38e"]) 1m20.902824907s ago: executing program 33 (id=2668): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000600)=ANY=[@ANYBLOB="010000000000000001000000b80300000280000060"]) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000780)=ANY=[@ANYBLOB="0100000000000000860400003fe3c3ab29cbe38e"]) 44.644304669s ago: executing program 3 (id=3390): openat$audio(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x3, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7c, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x80000000, 0x3, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x5, 0x5, 0xffffffff, 0xe661, 0x4, 0x7, 0x5, 0x9, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x407, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x0, 0x7, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0xd, 0xea4, 0xffffffff, 0x5, 0x7, 0x7fff, 0x5a80, 0x420, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x8, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x9, 0x1, 0x3, 0x6c0, 0xbc46, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x8004, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x8, 0x7fff, 0x0, 0x5, 0x8, 0x4, 0x9, 0x2, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xfffffffa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2e9, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x1, 0x16, 0xffffffff, 0x80000003, 0x5, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x738, 0x1, 0x6c1b, 0x80, 0x4, 0x5, 0xb1e, 0x20000d7, 0x200, 0xffff3441, 0xfff]}, 0x45c) syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_open_dev$vim2m(&(0x7f0000000040), 0x40005, 0x2) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 44.590548664s ago: executing program 3 (id=3393): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c) sendto$inet6(r0, &(0x7f0000000380), 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='scalable\x00', 0x9) shutdown(r0, 0x1) 44.540644734s ago: executing program 3 (id=3394): r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) setreuid(0x0, 0xee00) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) sendto$packet(r0, &(0x7f0000000180)="a6bea8a120e5f8320c30ce5086dd", 0xe, 0x0, &(0x7f0000000140)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @random="ad446050e878"}, 0x14) 44.497660684s ago: executing program 3 (id=3396): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x260) 44.487267716s ago: executing program 3 (id=3398): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000580)={'netdevsim0\x00', 0x0}) r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r0, r2, 0x25, 0x4}, 0x14) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000680)={r3, r4, 0x4, r0}, 0x10) 44.213221435s ago: executing program 3 (id=3405): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000c, 0x204031, 0xffffffffffffffff, 0xffffd000) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3) r0 = syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00') mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) lseek(r0, 0x2004, 0x0) 44.140130968s ago: executing program 34 (id=3405): mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000c, 0x204031, 0xffffffffffffffff, 0xffffd000) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3) r0 = syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00') mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) lseek(r0, 0x2004, 0x0) 1.050644133s ago: executing program 5 (id=4064): bpf$PROG_LOAD(0x5, 0x0, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r0 = io_uring_setup(0x3eae, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1) syz_clone(0x62000000, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 820.853269ms ago: executing program 5 (id=4067): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000980)={'wg2\x00', 0x0}) sendto$packet(r1, &(0x7f0000000180)="0b031407e0ff640f0200475400f6a13bb1000e00080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) 733.651961ms ago: executing program 5 (id=4071): rt_sigprocmask(0x0, &(0x7f0000001480)={[0xffffffffffffffff]}, 0x0, 0x8) r0 = getpgrp(0x0) r1 = gettid() rt_tgsigqueueinfo(r0, r1, 0x7, &(0x7f00000000c0)={0x3a, 0x8000006, 0x4}) r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffff7]}, 0x8, 0x80000) read$FUSE(r2, &(0x7f0000002bc0)={0x2020}, 0x2020) 595.387725ms ago: executing program 5 (id=4076): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x84}, 0x8000) r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="7800000010000304000000000000000000007400", @ANYRES32=0x0, @ANYBLOB="00000000600000005800128008000100677470004c00028008000100", @ANYRES32=r0], 0x78}}, 0x20000800) r2 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r2, &(0x7f00000000c0), 0x492492492492627, 0x0) 519.845064ms ago: executing program 6 (id=4077): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x2c) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x1b, &(0x7f0000001800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000017000000180100002020690000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000700)={r1, r3, 0x25, 0x0, @val=@perf_event}, 0x18) syz_emit_ethernet(0x3a, &(0x7f0000000540)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x3e, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x1, 0x4e20, 0x18, 0x0, @wg=@data={0x4, 0x236, 0xffffffffffffff80}}}}}}, 0x0) 519.521028ms ago: executing program 1 (id=4078): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x48e80, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_CAP_X2APIC_API(r1, 0x4068aea3, &(0x7f00000000c0)={0x81, 0x0, 0x3}) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) 434.487929ms ago: executing program 5 (id=4080): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000a40)={@fallback=r0, r0, 0x2f}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000a40)={@fallback=r0, r1, 0x2f}, 0x20) bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f00000001c0)={0x0, 0x0}, 0x8) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000480)={@cgroup=r1, r1, 0x2f, 0x2028, 0x4, @void, @void, @value=r2}, 0x20) 434.332009ms ago: executing program 1 (id=4081): r0 = socket$inet6(0xa, 0x3, 0x3c) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback, 0x8}, 0x1c) sendmmsg$inet(r0, &(0x7f00000006c0)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001180)="84ae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc9603583f5d4b61fbc65b6ac744d7319535e75bf552062e4cfde1ba7ce29263322e18ea9740aa82ca692f123993e57cda00d2b1f4e070000000000000080fa91a42aaa8b1ebc4e0ea8fb12f2c71e6e5bc57a8e91f254005514721d93c13c5606ae1fea7f31f558d562bd5a8dfb0b9fed873efa221fccffa847cd374c92e6cbb03e6a9de890ce323f000000abcc6c01326d588495b7c1a7db31ec4129e6336f26bb9e0b7552af3cd2d5dda1632799bbc98425c433384d8a8e4071ff39a36dfdfdf05af35a4ddd340cfecd7ec935f4ce7d3e851583ba1cf53a90a7f7bce5703de57cc5e93ddef7849b30a01de0637e6d5e507b801d32e582e0c2d564539ebfc84c098a23e765552767b122885fb1629e9c180be47da7931bd125b80de15aab0c56a2edf2e0483b87f5ab299dc046076203dea10ccbfc631d5bf4a87ce67004519f248f086346ce6a8a9d181789a59f81d9b7f6781daac3e229914b8b8998c15c3b6302a519331cb05995bc60b7cb872dd3b5b43331c77c5d72e21f7bd2b1a915ff3204e3f20d3a20b22d6a58155b5a4ebf6d1d1cd90c656ecada531c07ff91deb3efa91762cdecfbcc43553750f22ac5c18cc5e8b6f790c2f4e6373af9f98d10e6df49ff8e5cbcbd68e11ed0b967add11410dc2e34f08dea658eb95d4d1153b4c6093192a340eb30fcc71619888c6486746a049500d249efb96b9cace83320b8f96b40ebe3a9a788d05a053380d1026b9434df87a3a387549bcabe88684c4dbf0da9a5212f3dbc8d1dff240856691243b203d7edd4d3cc89a38a6c80fdb1229a01044af7aaecb20d5570ebf24b30bbc6dfc3f70d85cd9f0d60ebd8fedd161d199d99a6a0e2d18d1c99bc7158564e0ddb4673055de196535d706d142e1dc7d404583923cb1b286cfc5418884ac7e605d93652dc48ff690894405a0b6abc3c4d0f6a16c0a95c0508bd7eeffcd1da0b17f7700000658864b429e9472edfeffbf34d6e7c78f4aa73c0ec84761a91a016f3f0926e3280582a3230e8e195574a0fb540410f5a1df7bf03fea1d2274fdc2df27726342e1b3cdd8b5fafb96997bd811cc3a8824deb6eaad37857f1fb10fc0c7b24ce1c3a8c5d1138e69c25c2c92fb2cdca447428cd8822216d5022f4dc415ecbd89d7b9dd475e21ff236611962a405178fe4daa0138505208792c56bb5d3a707cd3f62187b97cca9f9d4688b2b7791710bcd8cbf48956aac7978c85a33bb95d7067aa4564f6fab84e1eeff9459a4268987e1448a1b9c4c6324b092870d513ad091d656660500000000000000722cebb0c422fe7e3030c949d5274b6d04960361e7fb69b1ab915ec5d4ab54a5809cf072aa94d0884be112b635b10bf8260c39cb9b47e3398756f4b571c015b5d46254bd4af31728bc67e6712c785d41b52792c75e373d2c9493fa8dd623d28ec7e1ac66491e8ddbc4efa4ed4939b531e5b2eb86281b736043fbde530a9b842f24f7b00e0be423e6315a1d19b43d265b7f95fbfb", 0x447}, {&(0x7f0000000bc0)="ab29d92826349952eb8f7a2a74f535bc9739c1df57144c51a3391625b8b5354134b06ef1355506aeae96e3f097503998f375a054cf3d7de4fe53ea51518955349cdbadca60e1c65cc18dbe99369be03e492fb55fc9067bb6f7f7c3ee1720000000054a63ac58225ed0502f5ac8999e0c74a5dbb320bd54ec813e8bee6bfa5cbfb0726ac1b6ad97d802d5fae186f0769421fb965c7396854e2a3ac844a3769f8449901ba5e2b2da1ff6119aeb26ac204cfc6b54be73b6f195491ae2c0cb26b0cba61dae7a17740e8112ff188919c6e2e31a2a074863edba4a0e58b61faec4a42c29d7f9e48a43b8cb7d3c5a1e5aa67f87538140f8d633a54bceb8b1dda2397ea147d3b26e903f608b6ab1844ea7cf630d828118bba0f0f85e2e6316ae1ed9a2a7d08a05c170cb76bf111930df0cf760f7768571afde", 0x135}], 0x2, 0x0, 0x0, 0x900}}], 0x1, 0x4044040) 371.594086ms ago: executing program 5 (id=4082): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x2, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0x5}, {0x0, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_ECN={0x8, 0x4, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44000}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 369.777348ms ago: executing program 6 (id=4083): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r1}, 0x10) r2 = syz_io_uring_setup(0x373d, &(0x7f0000000500)={0x0, 0x4, 0x1, 0xa, 0xffffff}, &(0x7f0000000380), &(0x7f0000000400)) io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) 369.693146ms ago: executing program 1 (id=4084): r0 = userfaultfd(0x80001) r1 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x60000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$NBD_SET_SOCK(r1, 0xab00, r2) ioctl$NBD_SET_SOCK(r1, 0xab03, r2) close_range(r0, 0xffffffffffffffff, 0x0) 360.619533ms ago: executing program 4 (id=4085): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x4, @local, 'geneve1\x00'}}, 0x1e) r2 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r2, &(0x7f00000002c0)={0x18, 0x0, {0x3, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x26}, 'xfrm0\x00'}}, 0x1e) 306.76659ms ago: executing program 4 (id=4086): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000007fc0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000100)=0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0x55af) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x7a, &(0x7f0000000080), &(0x7f0000000000)=0x8) 306.500936ms ago: executing program 1 (id=4087): msgget(0x3, 0x710) msgget(0x2, 0x624) msgget(0x1, 0x240) msgctl$IPC_RMID(0x0, 0x0) msgget(0x3, 0x606) msgget(0x0, 0x200) 293.081439ms ago: executing program 6 (id=4088): unshare(0x22020600) r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x4) r2 = openat$cgroup_ro(r1, &(0x7f0000001140)='cgroup.stat\x00', 0x5000000, 0x0) readv(r2, &(0x7f00000012c0)=[{&(0x7f0000000100)=""/4096, 0x1000}], 0x1) 221.076137ms ago: executing program 1 (id=4089): mlock(&(0x7f00007fe000/0x800000)=nil, 0x800000) r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x10}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3}) ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000b72000/0x400000)=nil, 0x400000}, 0x1}) madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x19) 220.911977ms ago: executing program 4 (id=4090): mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100)) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5}) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}}) 220.648401ms ago: executing program 6 (id=4091): r0 = syz_io_uring_setup(0x81f, &(0x7f0000000100)={0x0, 0xfe15, 0x1000, 0x2, 0x93}, &(0x7f00000000c0)=0x0, &(0x7f0000000540)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x12c, 0x0, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x47bc, 0x0, 0x21, 0x0, 0x0) 220.287584ms ago: executing program 4 (id=4092): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x800) sendmmsg$alg(r1, &(0x7f0000000800)=[{0x0, 0x0, &(0x7f0000001e80)=[{&(0x7f0000000340)="7d7a68e25d38566c61856d6817441a9caa9b23557af3d00f974cd91d1b33a9d6e17fd477051346d814913f8a3ef2e1a781a2bbfc8d55dca693d39139f04047784190d93b5301b4abe27c9242396d40a5c2b7789629214281c8e09a6c1f1e0db5d1e74e1f27a89b2c25c2316fcddc9ff2a71eceb3094ba465389e", 0x7a}, {&(0x7f0000000080)="ce2ede98d4bde439a7931c4e260090a647151bacb721146be7ef4494578b05c18fc56c1571aa57d0f79d3ce5", 0x2c}, {&(0x7f0000000600)="5fec9dec1e9d48e2b3a02e29dcaadb6d242c08b8b6e2a34dd08e48e3d32aa2bf0bd42348d6bf39fd7dac80fedaaab8ff4258ecbc4e025305fab94303f773d083bb47da241fe082c8f8602308cd2f7dc846c93e62a8d53d22fcabce47b5531463290c970dccfaa7da3e4e457ea05fd85e6fcc1fcae56136f44b991100e3db7c750c3ccb3e01d6598d53d05ca7503d7430f3ff2b79ab629faa1dfb", 0xffb5}], 0x3, 0x0, 0x0, 0x2400c0a0}], 0x1, 0x48800) recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) 155.033097ms ago: executing program 6 (id=4093): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x9, 0x3, 0x3a0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x2d8, 0xffffffff, 0xffffffff, 0x2d8, 0xffffffff, 0x3, &(0x7f00000000c0), {[{{@uncond, 0x0, 0xc8, 0x1f0, 0x0, {}, [@inet=@rpfilter={{0x24}, {0x8}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x165f0a01, 'system_u:object_r:tetex_data_t:s0\x00'}}}, {{@ipv6={@mcast1, @remote, [0xffffffff, 0xffffffff, 0xffffff00, 0x80000000], [0xffffffff, 0xffffff00, 0x0, 0xff000000], 'bridge_slave_0\x00', 'vcan0\x00', {0xff}, {0xff}, 0x73, 0xd, 0x4, 0xe101753b3a1d0f45}, 0x0, 0xc8, 0xe8, 0x0, {}, [@common=@ipv6header={{0x24}, {0x21, 0x20, 0x1}}]}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x3fc) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x503, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20305}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_SCB={0x5, 0xb, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x44}, 0x1, 0x0, 0x0, 0x404c000}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) 154.754712ms ago: executing program 4 (id=4094): pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141b42, 0x4) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r2, 0x0, 0x1000, 0x0) splice(r0, 0x0, r4, 0x0, 0x80, 0x0) write$binfmt_aout(r1, &(0x7f00000004c0)=ANY=[], 0x120) 103.304147ms ago: executing program 6 (id=4095): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0xff5f) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x4, 0x0, 0x10, "0062ba7d82e7ff00000000000000f7ffffff00"}) r1 = syz_open_pts(r0, 0x120000) ioctl$FIONREAD(r1, 0x541b, &(0x7f00000000c0)) 24.580198ms ago: executing program 1 (id=4096): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x45) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r1) recvmmsg(r1, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0) 0s ago: executing program 4 (id=4097): syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0xf0ff}}]}) r0 = syz_open_dev$evdev(&(0x7f0000001540), 0x0, 0x0) ioctl$EVIOCGLED(r0, 0x5452, &(0x7f0000000240)=""/77) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000180)={0x57, 0x0, 0x0, {0xfffe, 0x1}, {0x74, 0x2}, @const={0x6, {0x7f, 0x0, 0x8000, 0xfffd}}}) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x78, 0x822b01) write$char_usb(r1, &(0x7f0000000040)="e2", 0x1068) kernel console output (not intermixed with test programs): tdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 119.715707][ T13] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 119.720285][ T13] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 119.734022][ T13] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 119.843705][ T29] vhci_hcd: vhci_device speed not set [ 120.236963][ T9833] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1646'. [ 120.247498][ T1138] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 120.250635][ T1138] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 120.254298][ T1138] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 120.258000][ T1138] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 120.614302][ T9849] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1653'. [ 120.653863][ T9851] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 120.658034][ T9851] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 121.032703][ T9859] 9pnet: p9_errstr2errno: server reported unknown error 18446 [ 121.113665][ T29] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 121.276910][ T29] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 121.281225][ T29] usb 5-1: config 0 interface 0 has no altsetting 0 [ 121.286450][ T29] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 121.290319][ T29] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 121.294152][ T29] usb 5-1: Product: syz [ 121.296632][ T29] usb 5-1: Manufacturer: syz [ 121.299221][ T29] usb 5-1: SerialNumber: syz [ 121.304046][ T29] usb 5-1: config 0 descriptor?? [ 121.310772][ T29] usb 5-1: selecting invalid altsetting 0 [ 121.517326][ T6017] usb 5-1: USB disconnect, device number 7 [ 122.113626][ T9868] syzkaller1: entered promiscuous mode [ 122.115823][ T9868] syzkaller1: entered allmulticast mode [ 122.814332][ T9913] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1682'. [ 122.858772][ T9916] : Can't lookup blockdev [ 123.221053][ T9950] bridge0: port 3(veth0_to_bridge) entered blocking state [ 123.224232][ T9950] bridge0: port 3(veth0_to_bridge) entered disabled state [ 123.227532][ T9950] veth0_to_bridge: entered allmulticast mode [ 123.232034][ T9950] veth0_to_bridge: entered promiscuous mode [ 123.240534][ T9950] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 123.246760][ T1138] bridge0: port 1(bridge_slave_0) entered disabled state [ 123.468038][ T9976] bridge0: port 3(veth0_to_bridge) entered blocking state [ 123.471039][ T9976] bridge0: port 3(veth0_to_bridge) entered disabled state [ 123.474070][ T9976] veth0_to_bridge: entered allmulticast mode [ 123.477287][ T9976] veth0_to_bridge: entered promiscuous mode [ 123.479694][ T9976] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 123.486977][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 123.535058][ T9983] loop7: detected capacity change from 0 to 7 [ 123.547222][ T9983] Dev loop7: unable to read RDB block 7 [ 123.551308][ T9983] loop7: unable to read partition table [ 123.553146][ T9983] loop7: partition table beyond EOD, truncated [ 123.557212][ T9983] loop_reread_partitions: partition scan of loop7 (被x ) failed (rc=-5) [ 123.694496][ T9998] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.1721'. [ 123.700587][ T9989] lo speed is unknown, defaulting to 1000 [ 123.704193][ T9989] lo speed is unknown, defaulting to 1000 [ 124.177493][ T5979] Bluetooth: hci3: unexpected subevent 0x01 length: 37 > 18 [ 124.393690][ T8237] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 124.555143][ T8237] usb 9-1: Using ep0 maxpacket: 16 [ 124.558994][ T8237] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 124.564022][ T8237] usb 9-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 124.567523][ T8237] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.573863][ T8237] usb 9-1: config 0 descriptor?? [ 124.582501][ T8237] input: bcm5974 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input30 [ 124.783545][ T5368] bcm5974 9-1:0.0: could not read from device [ 124.791120][ T8237] bcm5974 9-1:0.0: could not read from device [ 124.798371][ T5368] bcm5974 9-1:0.0: could not read from device [ 124.803723][ T8237] input: failed to attach handler mousedev to device input30, error: -5 [ 124.808603][ T8237] usb 9-1: USB disconnect, device number 3 [ 124.808913][ T5368] bcm5974 9-1:0.0: could not read from device [ 125.270869][T10080] debugfs: Invalid gid '0x00000000ffffffff' [ 125.332347][T10086] kvm: user requested TSC rate below hardware speed [ 125.370747][T10089] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 125.488049][T10100] loop7: detected capacity change from 0 to 7 [ 125.496232][ C1] blk_print_req_error: 2 callbacks suppressed [ 125.496254][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.503348][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 125.512976][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.516994][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 125.520845][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.525104][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 125.529263][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.533305][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 125.541981][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.550561][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.554281][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 125.558053][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.562141][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 125.565881][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.569223][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 125.571829][T10100] ldm_validate_partition_table(): Disk read failed. [ 125.575109][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.578950][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 125.582551][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 125.585545][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 125.593191][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 125.597481][T10100] Dev loop7: unable to read RDB block 0 [ 125.600400][T10100] loop7: unable to read partition table [ 125.603335][T10100] loop7: partition table beyond EOD, truncated [ 125.608563][T10100] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 125.719735][T10115] syzkaller1: entered promiscuous mode [ 125.723067][T10115] syzkaller1: entered allmulticast mode [ 126.097478][T10147] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.1777'. [ 126.223658][ T5979] Bluetooth: hci3: command tx timeout [ 126.281331][T10162] netlink: 360 bytes leftover after parsing attributes in process `syz.1.1784'. [ 126.392854][T10170] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 126.573748][ T54] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 126.592790][T10178] tipc: Started in network mode [ 126.594826][T10178] tipc: Node identity ac1414bb, cluster identity 4711 [ 126.597965][T10178] tipc: Enabling of bearer rejected, failed to enable media [ 126.734626][T10190] overlayfs: upper fs does not support tmpfile. [ 126.743698][ T54] usb 5-1: Using ep0 maxpacket: 16 [ 126.747602][ T54] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 126.752301][ T54] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 126.758251][ T54] usb 5-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.00 [ 126.762468][ T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.769871][ T54] usb 5-1: config 0 descriptor?? [ 126.985284][ T60] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 127.133596][ T60] usb 6-1: Using ep0 maxpacket: 8 [ 127.133634][ T29] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 127.137895][ T60] usb 6-1: config 0 interface 0 has no altsetting 0 [ 127.140071][ T60] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 127.142948][ T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.146949][ T60] usb 6-1: config 0 descriptor?? [ 127.189983][ T54] input: HID 0458:5012 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5012.0018/input/input31 [ 127.258037][ T54] input: HID 0458:5012 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5012.0018/input/input32 [ 127.303581][ T29] usb 9-1: Using ep0 maxpacket: 16 [ 127.308071][ T29] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 127.312324][ T29] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 127.316397][ T29] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 127.321462][ T54] kye 0003:0458:5012.0018: input,hiddev0,hidraw1: USB HID v0.09 Device [HID 0458:5012] on usb-dummy_hcd.0-1/input0 [ 127.321883][ T29] usb 9-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 127.330730][ T29] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.343573][ T29] usb 9-1: config 0 descriptor?? [ 127.386892][ T6017] usb 5-1: USB disconnect, device number 8 [ 127.563342][ T60] mcp2221 0003:04D8:00DD.0019: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 127.764176][T10191] i2c i2c-2: unsupported multi-msg i2c transaction [ 127.769103][ T6057] usb 6-1: USB disconnect, device number 10 [ 127.798093][ T29] shield 0003:0955:7214.001A: unknown main item tag 0x0 [ 127.800908][ T29] shield 0003:0955:7214.001A: unknown main item tag 0x0 [ 127.804304][ T29] shield 0003:0955:7214.001A: unknown main item tag 0x0 [ 127.807659][ T29] shield 0003:0955:7214.001A: unknown main item tag 0x0 [ 127.810990][ T29] shield 0003:0955:7214.001A: unknown main item tag 0x0 [ 127.816514][ T29] input: HID 0955:7214 Haptics as /devices/virtual/input/input33 [ 127.838121][ T29] shield 0003:0955:7214.001A: Registered Thunderstrike controller [ 127.847558][ T29] shield 0003:0955:7214.001A: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.4-1/input0 [ 127.998267][ T5972] shield 0003:0955:7214.001A: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 127.998512][ T6057] usb 9-1: USB disconnect, device number 4 [ 128.003091][ T5972] shield 0003:0955:7214.001A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 128.011057][ T5972] shield 0003:0955:7214.001A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 128.015903][ T5972] shield 0003:0955:7214.001A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 128.183556][ T9] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 128.345418][ T9] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 128.350902][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 128.356602][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 128.361060][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 128.366569][ T9] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 128.370469][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.377028][ T9] usb 5-1: config 0 descriptor?? [ 128.381057][T10205] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 128.533541][ T54] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 128.703663][ T54] usb 6-1: Using ep0 maxpacket: 8 [ 128.706755][ T54] usb 6-1: config 0 interface 0 has no altsetting 0 [ 128.708856][ T54] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 128.711705][ T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.717025][ T54] usb 6-1: config 0 descriptor?? [ 128.798061][ T9] plantronics 0003:047F:FFFF.001B: reserved main item tag 0xd [ 128.808974][ T9] plantronics 0003:047F:FFFF.001B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 128.814088][ T6733] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 128.979323][ T6733] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 128.984143][ T6733] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 128.988259][ T6733] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 128.992120][ T6733] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 129.002851][T10217] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 129.009760][ T6733] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 129.058491][ T9] usb 5-1: USB disconnect, device number 9 [ 129.131580][ T54] mcp2221 0003:04D8:00DD.001C: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 129.229978][ T6017] usb 9-1: USB disconnect, device number 5 [ 129.325206][T10236] lo speed is unknown, defaulting to 1000 [ 129.328914][T10236] lo speed is unknown, defaulting to 1000 [ 129.331436][ T54] usb 6-1: USB disconnect, device number 11 [ 129.843983][ T6017] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 130.003575][ T6017] usb 5-1: Using ep0 maxpacket: 16 [ 130.032944][ T6017] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 130.036682][ T6017] usb 5-1: config 0 has no interface number 0 [ 130.039312][ T6017] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 130.050512][ T6017] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 130.057353][ T6017] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 130.061230][ T6017] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 130.071680][ T6017] usb 5-1: Product: syz [ 130.073847][ T6017] usb 5-1: SerialNumber: syz [ 130.080973][ T6017] usb 5-1: config 0 descriptor?? [ 130.096345][ T6017] cm109 5-1:0.8: invalid payload size 0, expected 4 [ 130.104347][ T6017] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.8/input/input35 [ 130.131136][T10283] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 130.317743][ C2] cm109 5-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90 [ 130.359826][T10296] syzkaller1: entered promiscuous mode [ 130.361846][T10296] syzkaller1: entered allmulticast mode [ 130.479251][ T5334] Bluetooth: hci4: sending frame failed (-49) [ 130.483365][ T5979] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 130.539100][T10307] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.1848'. [ 130.588432][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 130.593300][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 130.597349][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 130.600507][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 130.603558][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 130.606655][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 130.609759][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 130.612956][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 130.616948][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 130.620818][ C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 130.624171][ T6057] usb 5-1: USB disconnect, device number 10 [ 130.626801][ C0] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 130.647687][ T6057] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 131.403627][ T6057] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 131.556652][ T6057] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 131.560584][ T6057] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 131.564368][ T6057] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 131.567834][ T6057] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 131.573225][ T6057] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 131.576910][ T6057] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.581490][ T6057] usb 5-1: config 0 descriptor?? [ 131.643626][ T5972] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 131.803535][ T5972] usb 6-1: Using ep0 maxpacket: 8 [ 131.806974][ T5972] usb 6-1: config 0 interface 0 has no altsetting 0 [ 131.809520][ T5972] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 131.812352][ T5972] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.816736][ T5972] usb 6-1: config 0 descriptor?? [ 131.994402][ T6057] plantronics 0003:047F:FFFF.001D: ignoring exceeding usage max [ 132.000183][ T6057] plantronics 0003:047F:FFFF.001D: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 132.232720][ T5972] mcp2221 0003:04D8:00DD.001E: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 132.308340][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.310924][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.431900][ T6057] usb 6-1: USB disconnect, device number 12 [ 133.253481][ T5972] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 133.413568][ T5972] usb 6-1: Using ep0 maxpacket: 16 [ 133.417636][ T5972] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 133.422489][ T5972] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 133.427255][ T5972] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 133.433142][ T5972] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 133.436924][ T5972] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.442412][ T5972] usb 6-1: config 0 descriptor?? [ 133.857155][ T5972] shield 0003:0955:7214.001F: unknown main item tag 0x0 [ 133.860158][ T5972] shield 0003:0955:7214.001F: unknown main item tag 0x0 [ 133.863202][ T5972] shield 0003:0955:7214.001F: unknown main item tag 0x0 [ 133.866317][ T5972] shield 0003:0955:7214.001F: unknown main item tag 0x0 [ 133.869391][ T5972] shield 0003:0955:7214.001F: unknown main item tag 0x0 [ 133.877694][ T5972] input: HID 0955:7214 Haptics as /devices/virtual/input/input36 [ 133.891030][T10373] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1879'. [ 133.895180][T10373] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1879'. [ 133.899012][T10373] netlink: 'syz.4.1879': attribute type 18 has an invalid length. [ 133.911708][ T5972] shield 0003:0955:7214.001F: Registered Thunderstrike controller [ 133.916191][ T5972] shield 0003:0955:7214.001F: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0 [ 133.919733][ T13] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 133.924726][ T13] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 133.928470][ T13] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 133.932313][ T13] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 133.952030][T10374] block nbd0: shutting down sockets [ 134.057371][ T29] shield 0003:0955:7214.001F: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 134.057689][ T54] usb 6-1: USB disconnect, device number 13 [ 134.061872][ T29] shield 0003:0955:7214.001F: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 134.068791][ T29] shield 0003:0955:7214.001F: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 134.074461][ T29] shield 0003:0955:7214.001F: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 134.087181][ T6057] usb 5-1: USB disconnect, device number 11 [ 134.320290][T10395] netlink: 'syz.4.1888': attribute type 3 has an invalid length. [ 134.833008][T10442] unknown channel width for channel at 909000KHz? [ 134.867178][T10450] raw_sendmsg: syz.1.1915 forgot to set AF_INET. Fix it! [ 135.688506][T10516] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 136.433697][ T6017] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 136.556519][T10564] macsec1: entered allmulticast mode [ 136.601052][ T6017] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 136.606321][ T6017] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 136.610632][ T6017] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 136.616625][ T6017] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 136.620435][ T6017] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 136.628176][ T6017] usb 5-1: config 0 descriptor?? [ 136.769052][T10566] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1969'. [ 136.830211][ T40] kauditd_printk_skb: 158 callbacks suppressed [ 136.830223][ T40] audit: type=1326 audit(1756148550.266:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10567 comm="syz.4.1970" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fc6579 code=0x0 [ 137.045095][ T6017] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 137.049210][ T6017] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 137.056049][ T6017] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 137.058607][ T6017] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 137.061181][ T6017] plantronics 0003:047F:FFFF.0020: unknown main item tag 0x0 [ 137.066292][ T6017] plantronics 0003:047F:FFFF.0020: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 137.070543][T10582] vivid-002: disconnect [ 137.074134][T10581] vivid-002: reconnect [ 137.309505][ T6017] usb 5-1: USB disconnect, device number 12 [ 137.796394][T10604] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 138.106751][T10641] binder: 10640:10641 ioctl c018620c 80000000 returned -22 [ 138.156860][T10648] vlan2: entered allmulticast mode [ 138.159297][T10648] bond0: entered allmulticast mode [ 138.161613][T10648] bond_slave_0: entered allmulticast mode [ 138.168444][T10648] bond_slave_1: entered allmulticast mode [ 138.550893][T10668] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2014'. [ 138.834049][ T6017] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 138.983666][ T6017] usb 6-1: Using ep0 maxpacket: 8 [ 138.987331][ T6017] usb 6-1: config 0 interface 0 has no altsetting 0 [ 138.990330][ T6017] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 138.993241][ T6017] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.000069][ T6017] usb 6-1: config 0 descriptor?? [ 139.223671][ T60] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 139.376806][ T60] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 139.381022][ T60] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 139.386559][ T60] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 139.390122][ T60] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 139.405163][T10678] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22 [ 139.411326][ T60] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 139.432725][ T6017] mcp2221 0003:04D8:00DD.0021: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 139.610523][ T54] usb 9-1: USB disconnect, device number 6 [ 139.624493][ T6733] usb 6-1: USB disconnect, device number 14 [ 141.086474][T10701] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 141.089663][T10701] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 141.092719][T10701] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 141.110880][T10725] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 141.111018][T10701] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 141.115213][T10725] batadv_slave_0: entered promiscuous mode [ 141.122677][T10701] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 141.125662][T10701] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 141.141629][T10701] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 141.157357][T10701] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 141.170949][T10701] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 141.173326][T10701] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 141.185027][T10701] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 141.925402][T10783] pim6reg1: entered promiscuous mode [ 141.927618][T10783] pim6reg1: entered allmulticast mode [ 142.011880][T10788] input: syz0 as /devices/virtual/input/input37 [ 142.365588][T10825] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 142.369179][T10825] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 142.372680][T10827] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2081'. [ 142.374840][T10825] overlayfs: failed to get uuid (531/file1, err=-13); falling back to uuid=null. [ 142.403244][T10831] netlink: zone id is out of range [ 142.405297][T10831] netlink: zone id is out of range [ 142.407357][T10831] netlink: zone id is out of range [ 142.409707][T10831] netlink: zone id is out of range [ 142.411541][T10831] netlink: zone id is out of range [ 142.425304][T10831] netlink: set zone limit has 4 unknown bytes [ 142.429642][T10831] netlink: del zone limit has 4 unknown bytes [ 142.464140][ T6733] lo speed is unknown, defaulting to 1000 [ 142.466446][ T6733] syz0: Port: 1 Link DOWN [ 142.646368][T10846] netlink: 'syz.0.2091': attribute type 2 has an invalid length. [ 143.006162][T10859] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 143.077351][T10862] netlink: 116 bytes leftover after parsing attributes in process `syz.0.2098'. [ 143.103610][ T5979] Bluetooth: hci2: command 0x040f tx timeout [ 143.194182][ T5979] Bluetooth: hci1: command 0x0c1a tx timeout [ 143.195096][ T5334] Bluetooth: hci3: command 0x0c1a tx timeout [ 143.305524][T10872] input: syz1 as /devices/virtual/input/input38 [ 143.308180][T10872] input: failed to attach handler leds to device input38, error: -6 [ 143.627389][T10899] [U] [ 144.108236][T10932] macvtap0: refused to change device tx_queue_len [ 144.405110][T10956] lo speed is unknown, defaulting to 1000 [ 144.409086][T10956] lo speed is unknown, defaulting to 1000 [ 144.417115][T10960] Trying to write to read-only block-device nullb0 [ 144.471523][T10961] lo speed is unknown, defaulting to 1000 [ 144.481257][T10961] lo speed is unknown, defaulting to 1000 [ 145.183685][ T5979] Bluetooth: hci2: command 0x040f tx timeout [ 145.187593][ T5334] Bluetooth: hci2: Opcode 0x0401 failed: -110 [ 145.263629][ T5334] Bluetooth: hci3: command 0x0c1a tx timeout [ 145.273695][ T5334] Bluetooth: hci1: command 0x0c1a tx timeout [ 145.736908][T11006] input: syz1 as /devices/virtual/input/input39 [ 145.739103][T11006] input: failed to attach handler leds to device input39, error: -6 [ 145.882948][T11024] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 145.917132][T11031] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2173'. [ 146.025609][T11046] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2180'. [ 146.070153][T11049] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 146.331846][T11059] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 146.548195][T11065] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2190'. [ 146.560745][T11067] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2191'. [ 146.901216][ T40] audit: type=1800 audit(1756148560.336:350): pid=11086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2199" name="file0" dev="9p" ino=35913908 res=0 errno=0 [ 147.264890][ T5334] Bluetooth: hci2: command 0x040f tx timeout [ 147.343571][ T5334] Bluetooth: hci1: command 0x0c1a tx timeout [ 147.344151][ T5979] Bluetooth: hci3: command 0x0c1a tx timeout [ 148.253987][T11165] geneve2: entered promiscuous mode [ 148.256919][T11165] geneve2: entered allmulticast mode [ 148.483242][T11177] bridge0: port 4(syz_tun) entered blocking state [ 148.487010][T11177] bridge0: port 4(syz_tun) entered disabled state [ 148.491498][T11177] syz_tun: entered allmulticast mode [ 148.495736][T11177] syz_tun: entered promiscuous mode [ 148.498541][T11177] bridge0: port 4(syz_tun) entered blocking state [ 148.501005][T11177] bridge0: port 4(syz_tun) entered forwarding state [ 148.593561][ T60] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 148.757772][ T60] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 148.762051][ T60] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 148.765401][ T60] usb 6-1: Product: syz [ 148.767344][ T60] usb 6-1: Manufacturer: syz [ 148.769448][ T60] usb 6-1: SerialNumber: syz [ 148.774107][ T60] usb 6-1: config 0 descriptor?? [ 148.822193][ T40] audit: type=1800 audit(1756148562.256:351): pid=11182 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2242" name="file0" dev="9p" ino=35913908 res=0 errno=0 [ 148.904569][T11186] 9pnet_virtio: no channels available for device syz [ 148.971837][T11191] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2247'. [ 149.003339][ T5975] usb 6-1: USB disconnect, device number 15 [ 149.347009][ T5979] Bluetooth: hci2: command 0x040f tx timeout [ 149.423717][ T5979] Bluetooth: hci3: command 0x0c1a tx timeout [ 149.458233][T11217] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2258'. [ 149.663961][T11228] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 149.668656][T11228] batadv_slave_0: entered promiscuous mode [ 150.084733][T11241] overlayfs: invalid origin (000000790066696c6530000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 150.381050][T11255] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 150.854197][T11278] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2286'. [ 150.970815][T11288] bridge0: port 4(syz_tun) entered blocking state [ 150.974096][T11288] bridge0: port 4(syz_tun) entered disabled state [ 150.977306][T11288] syz_tun: entered allmulticast mode [ 150.983178][T11288] syz_tun: left allmulticast mode [ 151.150899][T11305] veth0_to_hsr: entered promiscuous mode [ 151.154392][T11305] veth0_to_hsr: left promiscuous mode [ 151.279869][T11317] input: syz0 as /devices/virtual/input/input41 [ 151.300933][T11319] loop7: detected capacity change from 0 to 7 [ 151.485243][ T5978] Dev loop7: unable to read RDB block 7 [ 151.488168][ C1] blk_print_req_error: 11 callbacks suppressed [ 151.488181][ C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 151.494135][ C1] buffer_io_error: 10 callbacks suppressed [ 151.494148][ C1] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 151.499161][ T5978] loop7: unable to read partition table [ 151.503177][ T5978] loop7: partition table beyond EOD, truncated [ 151.729490][T11319] Dev loop7: unable to read RDB block 7 [ 151.731610][T11319] loop7: unable to read partition table [ 151.737572][T11319] loop7: partition table beyond EOD, truncated [ 151.739839][T11319] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 151.970186][T11365] netlink: 'syz.4.2324': attribute type 2 has an invalid length. [ 151.973573][T11365] netlink: 1184 bytes leftover after parsing attributes in process `syz.4.2324'. [ 152.073532][ T60] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 152.233503][ T60] usb 5-1: Using ep0 maxpacket: 8 [ 152.237551][ T60] usb 5-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 152.244322][ T60] usb 5-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 152.248660][ T60] usb 5-1: config 0 interface 0 has no altsetting 0 [ 152.251504][ T60] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 152.255602][ T60] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 152.264725][ T60] usb 5-1: config 0 descriptor?? [ 152.624225][T11394] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 152.627282][T11396] mmap: syz.4.2339 (11396) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 152.686333][ T60] hid_parser_main: 10 callbacks suppressed [ 152.686354][ T60] mcp2221 0003:04D8:00DD.0022: unknown main item tag 0x0 [ 152.692188][ T60] mcp2221 0003:04D8:00DD.0022: unknown main item tag 0x0 [ 152.696191][ T60] mcp2221 0003:04D8:00DD.0022: unknown main item tag 0x0 [ 152.699231][ T60] mcp2221 0003:04D8:00DD.0022: unknown main item tag 0x0 [ 152.702157][ T60] mcp2221 0003:04D8:00DD.0022: unknown main item tag 0x0 [ 152.705774][ T60] mcp2221 0003:04D8:00DD.0022: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 152.887775][ T60] usb 5-1: USB disconnect, device number 13 [ 153.038870][ T40] audit: type=1326 audit(1756148566.476:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11421 comm="syz.4.2351" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fc6579 code=0x0 [ 153.112749][T11426] tun0: tun_chr_ioctl cmd 1074025675 [ 153.114557][T11426] tun0: persist enabled [ 153.116707][T11426] tun0: tun_chr_ioctl cmd 1074025675 [ 153.118797][T11426] tun0: persist disabled [ 153.213680][ T5972] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 153.363673][ T5972] usb 6-1: Using ep0 maxpacket: 8 [ 153.367991][ T5972] usb 6-1: config 0 interface 0 has no altsetting 0 [ 153.371572][ T5972] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 153.375903][ T5972] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.387297][ T5972] usb 6-1: config 0 descriptor?? [ 153.432008][T11431] input: syz0 as /devices/virtual/input/input43 [ 153.807618][ T5972] mcp2221 0003:04D8:00DD.0023: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 153.973740][ C2] vkms_vblank_simulate: vblank timer overrun [ 154.006540][ T6037] usb 6-1: USB disconnect, device number 16 [ 154.414561][T11457] input: syz0 as /devices/virtual/input/input44 [ 154.721920][T11477] input: syz0 as /devices/virtual/input/input45 [ 154.827108][ T40] audit: type=1326 audit(1756148568.266:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11483 comm="syz.4.2376" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000 [ 154.838123][ T40] audit: type=1326 audit(1756148568.266:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11483 comm="syz.4.2376" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000 [ 154.846400][ T40] audit: type=1326 audit(1756148568.266:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11483 comm="syz.4.2376" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000 [ 154.853539][ T5972] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 154.854466][ T40] audit: type=1326 audit(1756148568.266:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11483 comm="syz.4.2376" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000 [ 154.864410][ T40] audit: type=1326 audit(1756148568.266:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11483 comm="syz.4.2376" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000 [ 154.873684][ T40] audit: type=1326 audit(1756148568.266:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11483 comm="syz.4.2376" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000 [ 154.889206][ T40] audit: type=1326 audit(1756148568.266:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11483 comm="syz.4.2376" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000 [ 154.896739][ T40] audit: type=1326 audit(1756148568.266:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11483 comm="syz.4.2376" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000 [ 154.904950][ T40] audit: type=1326 audit(1756148568.266:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11483 comm="syz.4.2376" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7ffc0000 [ 155.002262][ T54] kernel write not supported for file [eventfd] (pid: 54 comm: kworker/3:1) [ 155.006397][ T5972] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 155.011010][ T5972] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 155.020480][ T5972] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 155.024412][ T5972] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.030486][T11472] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 155.036190][ T5972] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 155.243028][ T5972] usb 5-1: USB disconnect, device number 14 [ 155.983683][ T60] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 156.143685][ T60] usb 6-1: Using ep0 maxpacket: 8 [ 156.149396][ T60] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 156.162970][ T60] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 156.167774][ T60] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 156.171729][ T60] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 156.177037][ T60] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 156.180605][ T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.384785][T11537] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2398'. [ 156.392276][ T60] usb 6-1: GET_CAPABILITIES returned 0 [ 156.394630][ T60] usbtmc 6-1:16.0: can't read capabilities [ 156.606165][ T60] usb 6-1: USB disconnect, device number 17 [ 156.863607][ T5334] Bluetooth: hci4: command 0x1003 tx timeout [ 156.864673][ T5979] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 157.110550][T11583] pim6reg1: entered promiscuous mode [ 157.112754][T11583] pim6reg1: entered allmulticast mode [ 157.154530][T11587] syzkaller1: entered promiscuous mode [ 157.156853][T11587] syzkaller1: entered allmulticast mode [ 157.255222][T11598] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2428'. [ 157.459888][T11607] openvswitch: netlink: IPv6 tunnel dst address is zero [ 158.193475][T11650] gre0: entered allmulticast mode [ 158.203487][T11650] gre0: left allmulticast mode [ 158.315478][T11652] block nbd3: Send control failed (result -32) [ 158.317561][T11652] block nbd3: Request send failed, requeueing [ 158.319899][ T1166] block nbd3: Dead connection, failed to find a fallback [ 158.322096][ T1166] block nbd3: shutting down sockets [ 158.323762][ T1166] I/O error, dev nbd3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 158.328370][T11652] I/O error, dev nbd3, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 158.333120][T11652] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 158.339416][T11652] I/O error, dev nbd3, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 158.343105][T11652] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 158.348652][T11652] I/O error, dev nbd3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 158.353124][T11652] I/O error, dev nbd3, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 158.357173][T11652] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 158.361253][T11652] I/O error, dev nbd3, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 158.365625][T11652] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 158.370490][T11652] I/O error, dev nbd3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 158.375943][T11652] I/O error, dev nbd3, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 158.379728][T11652] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 158.384168][T11652] I/O error, dev nbd3, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 158.387461][T11652] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 158.391610][T11652] I/O error, dev nbd3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 158.395588][T11652] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 158.400195][T11652] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 158.411804][T11652] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1) [ 158.449317][T11665] input: syz0 as /devices/virtual/input/input46 [ 158.564583][T11677] loop4: detected capacity change from 0 to 7 [ 158.574018][ T5978] Dev loop4: unable to read RDB block 7 [ 158.576491][ T5978] loop4: unable to read partition table [ 158.578730][ T5978] loop4: partition table beyond EOD, truncated [ 158.591350][T11677] Dev loop4: unable to read RDB block 7 [ 158.594996][T11677] loop4: unable to read partition table [ 158.597625][T11677] loop4: partition table beyond EOD, truncated [ 158.600242][T11677] loop_reread_partitions: partition scan of loop4 (xݗ ) failed (rc=-5) [ 159.025814][T11703] batadv_slave_1: entered promiscuous mode [ 159.029279][T11702] batadv_slave_1: left promiscuous mode [ 159.313111][T11714] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.2479'. [ 159.606941][T11733] Invalid ELF header magic: != ELF [ 160.206170][T11787] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2513'. [ 160.266463][T11794] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2516'. [ 160.269995][T11794] netlink: 'syz.0.2516': attribute type 5 has an invalid length. [ 161.555214][T11867] random: crng reseeded on system resumption [ 161.625823][T11875] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2553'. [ 161.629580][T11875] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2553'. [ 161.676456][T11877] siw: device registration error -23 [ 162.283581][ T6057] usb 9-1: new high-speed USB device number 7 using dummy_hcd [ 162.433623][ T6057] usb 9-1: Using ep0 maxpacket: 16 [ 162.436555][ T6057] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 162.439993][ T6057] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 162.443527][ T6057] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 162.446583][ T6057] usb 9-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 162.451458][ T6057] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 162.454516][ T6057] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 162.457080][ T6057] usb 9-1: SerialNumber: syz [ 162.464925][ T6057] hub 9-1:1.0: bad descriptor, ignoring hub [ 162.466896][ T6057] hub 9-1:1.0: probe with driver hub failed with error -5 [ 162.470323][ T6057] cdc_ether 9-1:1.0: probe with driver cdc_ether failed with error -22 [ 162.667749][ T40] kauditd_printk_skb: 104 callbacks suppressed [ 162.667761][ T40] audit: type=1326 audit(1756148576.106:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11886 comm="syz.1.2558" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7fc00000 [ 162.865642][T11889] raw-gadget.1 gadget.4: fail, usb_ep_set_wedge returned -11 [ 162.973788][ T60] usb 9-1: USB disconnect, device number 7 [ 163.634586][T11909] netlink: 'syz.4.2566': attribute type 4 has an invalid length. [ 163.713924][ T60] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 163.867201][ T60] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 163.870153][ T60] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 163.873335][ T60] usb 6-1: Product: syz [ 163.874893][ T60] usb 6-1: Manufacturer: syz [ 163.876699][ T60] usb 6-1: SerialNumber: syz [ 163.884445][ T60] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 163.897964][ T6054] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 164.110693][ T54] usb 6-1: USB disconnect, device number 18 [ 164.311960][T11924] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 164.312550][ T5975] IPVS: starting estimator thread 0... [ 164.413627][T11927] IPVS: using max 25 ests per chain, 60000 per kthread [ 164.943684][ T6054] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive [ 164.946819][ T6054] ath9k_htc: Failed to initialize the device [ 164.951487][ T54] usb 6-1: ath9k_htc: USB layer deinitialized [ 165.094518][T11997] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 165.376066][T12011] input: syz1 as /devices/virtual/input/input47 [ 165.640760][T12020] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 165.643474][ T6054] IPVS: starting estimator thread 0... [ 165.716955][T12029] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2618'. [ 165.743663][T12024] IPVS: using max 28 ests per chain, 67200 per kthread [ 165.957773][T12048] af_packet: tpacket_rcv: packet too big, clamped from 44 to 4294967272. macoff=96 [ 165.971257][T12050] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 166.340312][T12077] kernel read not supported for file /eth0 (pid: 12077 comm: syz.0.2640) [ 166.348736][ T40] audit: type=1800 audit(1756148579.786:467): pid=12077 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2640" name="eth0" dev="mqueue" ino=45734 res=0 errno=0 [ 166.366650][T12081] loop4: detected capacity change from 0 to 7 [ 166.370490][T12081] Dev loop4: unable to read RDB block 7 [ 166.373519][T12081] loop4: AHDI p1 [ 166.375489][T12081] loop4: partition table partially beyond EOD, truncated [ 166.736881][T12104] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 167.469021][ T5334] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 167.475902][ T5334] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 167.481405][ T5334] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 167.485819][ T5334] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 167.488495][ T5334] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 167.520292][T12141] lo speed is unknown, defaulting to 1000 [ 167.524075][T12141] lo speed is unknown, defaulting to 1000 [ 167.644709][T12141] chnl_net:caif_netlink_parms(): no params data found [ 167.721991][T12141] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.725081][T12141] bridge0: port 1(bridge_slave_0) entered disabled state [ 167.727536][T12141] bridge_slave_0: entered allmulticast mode [ 167.731338][T12141] bridge_slave_0: entered promiscuous mode [ 167.735674][T12141] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.738717][T12141] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.741568][T12141] bridge_slave_1: entered allmulticast mode [ 167.745341][T12141] bridge_slave_1: entered promiscuous mode [ 167.787932][T12141] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 167.794365][T12141] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 167.835272][T12141] team0: Port device team_slave_0 added [ 167.838761][T12141] team0: Port device team_slave_1 added [ 167.868926][T12141] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 167.871451][T12141] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.880508][T12141] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 167.886632][T12141] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 167.888789][T12141] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 167.897141][T12141] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 167.936478][T12141] hsr_slave_0: entered promiscuous mode [ 167.939122][T12141] hsr_slave_1: entered promiscuous mode [ 167.941371][T12141] debugfs: 'hsr0' already exists in 'hsr' [ 167.943183][T12141] Cannot create hsr debugfs directory [ 168.082629][T12141] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 168.087521][T12141] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 168.093029][T12141] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 168.098048][T12141] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 168.144754][ C3] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 168.157933][T12141] 8021q: adding VLAN 0 to HW filter on device bond0 [ 168.171382][T12141] 8021q: adding VLAN 0 to HW filter on device team0 [ 168.179142][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 168.181436][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 168.189746][ T81] bridge0: port 2(bridge_slave_1) entered blocking state [ 168.192060][ T81] bridge0: port 2(bridge_slave_1) entered forwarding state [ 168.350062][T12141] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 168.543467][T12141] veth0_vlan: entered promiscuous mode [ 168.551393][T12141] veth1_vlan: entered promiscuous mode [ 168.576846][T12141] veth0_macvtap: entered promiscuous mode [ 168.582778][T12141] veth1_macvtap: entered promiscuous mode [ 168.602015][T12141] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 168.609662][T12141] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 168.618955][ T81] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.622912][ T81] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.630643][ T1138] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.634275][ T1138] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.688306][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 168.691558][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 168.715445][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 168.719450][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 169.503717][ T5979] Bluetooth: hci0: command tx timeout [ 169.777041][ T40] audit: type=1326 audit(1756148583.216:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12185 comm="syz.5.2682" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 169.785722][ T40] audit: type=1326 audit(1756148583.216:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12185 comm="syz.5.2682" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 169.792848][ T40] audit: type=1326 audit(1756148583.216:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12185 comm="syz.5.2682" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 169.800173][ T40] audit: type=1326 audit(1756148583.216:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12185 comm="syz.5.2682" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 169.805579][T12189] binder: BINDER_SET_CONTEXT_MGR bad uid 60928 != 0 [ 169.810587][ T40] audit: type=1326 audit(1756148583.216:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12185 comm="syz.5.2682" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 169.810765][T12189] binder: 12188:12189 ioctl 4018620d 80004a80 returned -1 [ 169.817453][ T40] audit: type=1326 audit(1756148583.216:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12185 comm="syz.5.2682" exe="/syz-executor" sig=0 arch=40000003 syscall=116 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 169.817488][ T40] audit: type=1326 audit(1756148583.216:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12185 comm="syz.5.2682" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 169.817508][ T40] audit: type=1326 audit(1756148583.216:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12185 comm="syz.5.2682" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x7ffc0000 [ 170.160127][ T40] audit: type=1326 audit(1756148583.596:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12209 comm="syz.3.2693" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 170.168583][ T40] audit: type=1326 audit(1756148583.596:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12209 comm="syz.3.2693" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 170.248186][T12214] vivid-002: disconnect [ 170.255206][T12211] vivid-002: reconnect [ 171.022914][T12253] Bluetooth: MGMT ver 1.23 [ 171.034903][ T3243] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 171.186311][T12261] gretap0: entered promiscuous mode [ 171.191096][T12261] batman_adv: batadv0: Adding interface: macvlan2 [ 171.195237][T12261] batman_adv: batadv0: The MTU of interface macvlan2 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 171.196885][ T3243] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 171.206377][T12261] batman_adv: batadv0: Interface activated: macvlan2 [ 171.210992][ T3243] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 171.217513][ T3243] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 171.221240][ T3243] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 171.227789][ T3243] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 171.231724][ T3243] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.237614][ T3243] usb 6-1: config 0 descriptor?? [ 171.583601][ T5334] Bluetooth: hci0: command tx timeout [ 171.652588][ T3243] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 171.655903][ T3243] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 171.658297][ T3243] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 171.660669][ T3243] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 171.663055][ T3243] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 171.665944][ T3243] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 171.668315][ T3243] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 171.670930][ T3243] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 171.674199][ T3243] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 171.677346][ T3243] plantronics 0003:047F:FFFF.0024: unknown main item tag 0x0 [ 171.683099][ T3243] plantronics 0003:047F:FFFF.0024: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 171.915549][ T6017] usb 6-1: USB disconnect, device number 19 [ 173.104352][ T5979] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 173.327072][T12390] lo speed is unknown, defaulting to 1000 [ 173.330335][T12390] lo speed is unknown, defaulting to 1000 [ 173.676452][ T5979] Bluetooth: hci0: command 0x040f tx timeout [ 173.823689][ T54] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 173.985181][ T54] usb 6-1: config index 0 descriptor too short (expected 39, got 27) [ 173.988859][ T54] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 173.993101][ T54] usb 6-1: config 0 interface 0 has no altsetting 0 [ 173.999799][ T54] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 174.004549][ T54] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 174.008142][ T54] usb 6-1: Product: syz [ 174.009887][ T54] usb 6-1: Manufacturer: syz [ 174.011781][ T54] usb 6-1: SerialNumber: syz [ 174.016760][ T54] usb 6-1: config 0 descriptor?? [ 174.020954][ T54] hub 6-1:0.0: bad descriptor, ignoring hub [ 174.023624][ T54] hub 6-1:0.0: probe with driver hub failed with error -5 [ 174.027860][ T54] usb 6-1: selecting invalid altsetting 0 [ 174.943742][T12409] usb 6-1: reset high-speed USB device number 20 using dummy_hcd [ 175.026274][ T5979] Bluetooth: hci4: command 0x1003 tx timeout [ 175.036454][ T5334] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 175.294510][ T6054] kernel write not supported for file /sg0 (pid: 6054 comm: kworker/2:5) [ 175.324649][T12409] usb 6-1: failed to restore interface 0 altsetting 251 (error=-71) [ 175.329922][ T6017] usb 6-1: USB disconnect, device number 20 [ 175.350302][ T40] kauditd_printk_skb: 15 callbacks suppressed [ 175.350320][ T40] audit: type=1326 audit(1756148588.786:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12425 comm="syz.3.2791" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 175.361892][ T40] audit: type=1326 audit(1756148588.786:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12425 comm="syz.3.2791" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 175.372798][ T40] audit: type=1326 audit(1756148588.796:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12425 comm="syz.3.2791" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 175.383169][ T40] audit: type=1326 audit(1756148588.796:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12425 comm="syz.3.2791" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 175.393701][ T40] audit: type=1326 audit(1756148588.796:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12425 comm="syz.3.2791" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 175.402543][ T40] audit: type=1326 audit(1756148588.796:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12425 comm="syz.3.2791" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 175.412458][ T40] audit: type=1326 audit(1756148588.796:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12425 comm="syz.3.2791" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 175.422852][ T40] audit: type=1326 audit(1756148588.796:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12425 comm="syz.3.2791" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 175.430881][ T40] audit: type=1326 audit(1756148588.816:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12425 comm="syz.3.2791" exe="/syz-executor" sig=0 arch=40000003 syscall=180 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 175.438182][ T40] audit: type=1326 audit(1756148588.816:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12425 comm="syz.3.2791" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 175.743500][ T5334] Bluetooth: hci0: command 0x040f tx timeout [ 176.098819][T12470] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2812'. [ 176.222269][T12482] input: syz0 as /devices/virtual/input/input48 [ 176.850622][T12530] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 177.046405][T12551] syzkaller1: entered promiscuous mode [ 177.048883][T12551] syzkaller1: entered allmulticast mode [ 177.162467][T12559] input: syz1 as /devices/virtual/input/input49 [ 177.284338][T12568] sctp: [Deprecated]: syz.1.2844 (pid 12568) Use of struct sctp_assoc_value in delayed_ack socket option. [ 177.284338][T12568] Use struct sctp_sack_info instead [ 177.407412][T12577] syzkaller1: entered promiscuous mode [ 177.407434][T12577] syzkaller1: entered allmulticast mode [ 177.823689][ T5334] Bluetooth: hci0: command 0x040f tx timeout [ 178.385587][ T5334] Bluetooth: hci2: command 0x040f tx timeout [ 178.388315][ T6017] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 178.391663][ T6017] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 178.803772][T12647] team_slave_0: entered promiscuous mode [ 178.806555][T12647] team_slave_1: entered promiscuous mode [ 178.809104][T12647] macsec1: entered promiscuous mode [ 178.811459][T12647] team0: entered promiscuous mode [ 178.814442][T12647] macsec1: entered allmulticast mode [ 178.816556][T12647] team0: entered allmulticast mode [ 178.818388][T12647] team_slave_0: entered allmulticast mode [ 178.820455][T12647] team_slave_1: entered allmulticast mode [ 179.236799][T12676] input: syz0 as /devices/virtual/input/input50 [ 179.266867][T12680] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2897'. [ 179.355197][T12690] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2902'. [ 179.398765][T12694] siw: device registration error -23 [ 179.479372][T12705] syzkaller1: entered promiscuous mode [ 179.481454][T12705] syzkaller1: entered allmulticast mode [ 179.554537][T12712] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2913'. [ 180.130741][T12756] syzkaller1: entered promiscuous mode [ 180.132527][T12756] syzkaller1: entered allmulticast mode [ 180.463644][ T5334] Bluetooth: hci3: command 0x0c1a tx timeout [ 180.463671][ T6017] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 180.468721][ T6017] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 180.474337][T12770] block nbd0: server does not support multiple connections per device. [ 180.484841][T12770] block nbd0: shutting down sockets [ 181.018452][T12803] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 181.018496][T12803] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 181.019263][T12803] vhci_hcd vhci_hcd.0: Device attached [ 181.037300][T12804] usbip_core: unknown command [ 181.037314][T12804] vhci_hcd: unknown pdu 0 [ 181.037323][T12804] usbip_core: unknown command [ 181.039475][ T12] vhci_hcd: stop threads [ 181.039492][ T12] vhci_hcd: release socket [ 181.039501][ T12] vhci_hcd: disconnect device [ 181.287297][T12815] syzkaller1: entered promiscuous mode [ 181.287312][T12815] syzkaller1: entered allmulticast mode [ 181.618074][T12840] 9pnet: p9_errstr2errno: server reported unknown error @΂00000000000000000005 [ 181.787770][T12852] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2968'. [ 181.867761][T12860] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2972'. [ 181.941881][T12869] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2973'. [ 181.943682][T12871] input: syz0 as /devices/virtual/input/input51 [ 181.947395][T12862] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2973'. [ 182.031808][T12882] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2982'. [ 182.076512][T12889] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 182.201952][T12902] syzkaller1: entered promiscuous mode [ 182.201974][T12902] syzkaller1: entered allmulticast mode [ 182.623664][ T6017] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 182.623700][ T5334] Bluetooth: hci1: command 0x0c1a tx timeout [ 182.626024][ T6017] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 182.833698][ C2] vcan0: j1939_tp_rxtimer: 0xffff88802af30400: rx timeout, send abort [ 182.838002][ C2] vcan0: j1939_tp_rxtimer: 0xffff888022f46800: rx timeout, send abort [ 182.840577][ C2] vcan0: j1939_xtp_rx_abort_one: 0xffff88802af30400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 182.845609][ C2] vcan0: j1939_xtp_rx_abort_one: 0xffff888022f46800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 182.991144][T12941] input: syz1 as /devices/virtual/input/input52 [ 183.047485][T12944] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 183.048293][T12943] IPVS: stopping master sync thread 12944 ... [ 183.240257][T12954] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 183.244216][T12954] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 183.342372][T12960] mkiss: ax0: crc mode is auto. [ 183.661976][T12986] vivid-003: disconnect [ 183.667364][T12985] vivid-003: reconnect [ 183.984747][T13003] veth1_to_bond: entered allmulticast mode [ 183.987855][T13003] veth1_to_bond: left allmulticast mode [ 184.133843][ T3243] usb 9-1: new high-speed USB device number 8 using dummy_hcd [ 184.229068][T13011] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3040'. [ 184.233682][T13010] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.3040'. [ 184.285367][ T3243] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 184.290101][ T3243] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 184.297451][ T3243] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 184.303011][ T3243] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 184.307093][ T3243] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.312607][ T3243] usb 9-1: config 0 descriptor?? [ 184.402829][T13020] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 184.403447][T13018] IPVS: stopping master sync thread 13020 ... [ 184.533980][T13030] netlink: 348 bytes leftover after parsing attributes in process `syz.5.3048'. [ 184.703827][ T6017] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 184.705245][ T5334] Bluetooth: hci0: command 0x040f tx timeout [ 184.706035][ T6017] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 184.743492][ T3243] plantronics 0003:047F:FFFF.0025: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 184.996050][ T9] usb 9-1: USB disconnect, device number 8 [ 185.844244][ T5975] usb 9-1: new high-speed USB device number 9 using dummy_hcd [ 185.873615][ T3243] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 185.881245][T13076] netlink: 'syz.5.3071': attribute type 1 has an invalid length. [ 185.900144][T13076] bond1: entered promiscuous mode [ 185.902490][T13076] bond1: entered allmulticast mode [ 185.924431][T13076] bond1: (slave erspan1): making interface the new active one [ 185.927800][T13076] erspan1: entered promiscuous mode [ 185.930072][T13076] erspan1: entered allmulticast mode [ 185.933269][T13076] bond1: (slave erspan1): Enslaving as an active interface with an up link [ 186.015485][ T5975] usb 9-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 186.020072][ T5975] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 186.022999][ T5975] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 186.025616][ T5975] usb 9-1: SerialNumber: syz [ 186.026502][ T3243] usb 6-1: config 1 interface 0 altsetting 127 bulk endpoint 0x81 has invalid maxpacket 64 [ 186.031083][ T3243] usb 6-1: config 1 interface 0 altsetting 127 bulk endpoint 0x2 has invalid maxpacket 32 [ 186.035223][ T3243] usb 6-1: config 1 interface 0 has no altsetting 0 [ 186.040093][ T3243] usb 6-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.40 [ 186.042883][ T3243] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.045774][ T3243] usb 6-1: Product: syz [ 186.047541][ T3243] usb 6-1: Manufacturer: syz [ 186.049350][ T3243] usb 6-1: SerialNumber: syz [ 186.053737][T13066] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 186.057269][T13066] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 186.655907][ T5975] cdc_ether 9-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.4-1, CDC Ethernet Device, 42:42:42:42:42:42 [ 187.020514][T13104] IPv4: Oversized IP packet from 127.202.26.0 [ 187.051227][ T9] usb 9-1: USB disconnect, device number 9 [ 187.062296][ T9] cdc_ether 9-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.4-1, CDC Ethernet Device [ 187.080954][ T3243] (unnamed net_device) (uninitialized): Assigned a random MAC address: b2:3e:c0:47:97:a0 [ 187.131083][T13114] ubi0: attaching mtd0 [ 187.148476][T13114] ubi0: scanning is finished [ 187.150356][T13114] ubi0: empty MTD device detected [ 187.159328][ T3243] rtl8150 6-1:1.0: eth6: rtl8150 is detected [ 187.171800][ T3243] usb 6-1: USB disconnect, device number 21 [ 187.206217][T13119] loop3: detected capacity change from 0 to 7 [ 187.212424][ T5978] Dev loop3: unable to read RDB block 7 [ 187.215367][ T5978] loop3: unable to read partition table [ 187.217461][ T5978] loop3: partition table beyond EOD, truncated [ 187.223058][T13119] Dev loop3: unable to read RDB block 7 [ 187.225642][T13119] loop3: unable to read partition table [ 187.227522][T13119] loop3: partition table beyond EOD, truncated [ 187.230351][T13119] loop_reread_partitions: partition scan of loop3 (被x ) failed (rc=-5) [ 187.266319][T13114] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 187.268819][T13114] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 187.276299][T13114] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 187.278682][T13114] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 187.281336][T13114] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 187.284204][T13114] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 187.286782][T13114] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 721851189 [ 187.290265][T13114] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 187.295671][T13121] ubi0: background thread "ubi_bgt0d" started, PID 13121 [ 187.295858][T13117] ubi0: detaching mtd0 [ 187.305017][T13117] ubi0: mtd0 is detached [ 187.633505][ T5975] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 187.785396][ T5975] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 187.789732][ T5975] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 187.793837][ T5975] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 187.797590][ T5975] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 187.798426][T13157] syz.4.3094: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1 [ 187.802912][ T5975] usb 10-1: config 0 descriptor?? [ 187.807631][T13157] CPU: 3 UID: 0 PID: 13157 Comm: syz.4.3094 Not tainted syzkaller #0 PREEMPT(full) [ 187.807649][T13157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 187.807656][T13157] Call Trace: [ 187.807661][T13157] [ 187.807666][T13157] dump_stack_lvl+0x16c/0x1f0 [ 187.807733][T13157] warn_alloc+0x248/0x3a0 [ 187.807772][T13157] ? __pfx_warn_alloc+0x10/0x10 [ 187.807785][T13157] ? __pfx_stack_trace_save+0x10/0x10 [ 187.807804][T13157] ? kasan_save_stack+0x42/0x60 [ 187.807817][T13157] ? kasan_save_stack+0x33/0x60 [ 187.807830][T13157] ? kasan_save_track+0x14/0x30 [ 187.807843][T13157] ? xskq_create+0x52/0x1d0 [ 187.807855][T13157] ? xsk_setsockopt+0x792/0x9a0 [ 187.807865][T13157] ? do_sock_setsockopt+0xf3/0x1d0 [ 187.807884][T13157] ? xskq_create+0xfb/0x1d0 [ 187.807896][T13157] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 187.807911][T13157] ? xskq_create+0xfb/0x1d0 [ 187.807925][T13157] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 187.807940][T13157] ? xskq_create+0xfb/0x1d0 [ 187.807951][T13157] vmalloc_user_noprof+0x9e/0xe0 [ 187.807964][T13157] ? xskq_create+0xfb/0x1d0 [ 187.807976][T13157] xskq_create+0xfb/0x1d0 [ 187.807988][T13157] xsk_setsockopt+0x792/0x9a0 [ 187.808000][T13157] ? __pfx_xsk_setsockopt+0x10/0x10 [ 187.808010][T13157] ? find_held_lock+0x2b/0x80 [ 187.808023][T13157] ? aa_sock_opt_perm+0xfd/0x1c0 [ 187.808035][T13157] ? __pfx_xsk_setsockopt+0x10/0x10 [ 187.808046][T13157] do_sock_setsockopt+0xf3/0x1d0 [ 187.808064][T13157] __sys_setsockopt+0x120/0x1a0 [ 187.808080][T13157] __ia32_sys_setsockopt+0xbc/0x160 [ 187.808093][T13157] ? lockdep_hardirqs_on+0x7c/0x110 [ 187.808107][T13157] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 187.808122][T13157] __do_fast_syscall_32+0x7c/0x3a0 [ 187.808138][T13157] do_fast_syscall_32+0x32/0x80 [ 187.808153][T13157] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 187.808167][T13157] RIP: 0023:0xf7fc6579 [ 187.808176][T13157] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 187.808186][T13157] RSP: 002b:00000000f54e655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 187.808197][T13157] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000011b [ 187.808204][T13157] RDX: 0000000000000002 RSI: 0000000080000900 RDI: 0000000000000004 [ 187.808210][T13157] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 187.808216][T13157] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 187.808222][T13157] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 187.808235][T13157] [ 187.808240][T13157] Mem-Info: [ 187.808247][T13157] active_anon:11732 inactive_anon:149 isolated_anon:0 [ 187.808247][T13157] active_file:4169 inactive_file:37787 isolated_file:0 [ 187.808247][T13157] unevictable:1768 dirty:319 writeback:0 [ 187.808247][T13157] slab_reclaimable:8198 slab_unreclaimable:60642 [ 187.808247][T13157] mapped:24476 shmem:6981 pagetables:1603 [ 187.808247][T13157] sec_pagetables:305 bounce:0 [ 187.808247][T13157] kernel_misc_reclaimable:0 [ 187.808247][T13157] free:37590 free_pcp:16153 free_cma:0 [ 187.808275][T13157] Node 0 active_anon:1304kB inactive_anon:4kB active_file:5936kB inactive_file:520kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:820kB dirty:4kB writeback:0kB shmem:4528kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8400kB pagetables:1248kB sec_pagetables:1124kB all_unreclaimable? yes Balloon:0kB [ 187.808302][T13157] Node 1 active_anon:45624kB inactive_anon:592kB active_file:10740kB inactive_file:150628kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:97084kB dirty:1272kB writeback:0kB shmem:23396kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB kernel_stack:5436kB pagetables:5164kB sec_pagetables:96kB all_unreclaimable? no Balloon:0kB [ 187.808329][T13157] Node 0 DMA free:2076kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:760kB local_pcp:228kB free_cma:0kB [ 187.808361][T13157] lowmem_reserve[]: 0 288 288 288 288 [ 187.808385][T13157] Node 0 DMA32 free:21968kB boost:2048kB min:15268kB low:18572kB high:21876kB reserved_highatomic:4096KB free_highatomic:3452KB active_anon:1304kB inactive_anon:4kB active_file:5936kB inactive_file:520kB unevictable:3536kB writepending:4kB present:1032196kB managed:295136kB mlocked:0kB bounce:0kB free_pcp:14740kB local_pcp:4100kB free_cma:0kB [ 187.808419][T13157] lowmem_reserve[]: 0 0 0 0 0 [ 187.808441][T13157] Node 1 DMA32 free:126316kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:10240KB free_highatomic:5800KB active_anon:45624kB inactive_anon:592kB active_file:10740kB inactive_file:150628kB unevictable:3536kB writepending:1272kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:49112kB local_pcp:13924kB free_cma:0kB [ 187.808473][T13157] lowmem_reserve[]: 0 0 0 0 0 [ 187.808493][T13157] Node 0 DMA: 1*4kB (U) 31*8kB (U) 14*16kB (U) 6*32kB (U) 2*64kB (U) 2*128kB (U) 0*256kB 0*512kB 1*1024kB (U) 0*2048kB 0*4096kB = 2076kB [ 187.808703][T13157] Node 0 DMA32: 792*4kB (UMH) 174*8kB (UMEH) 24*16kB (UME) 162*32kB (UMEH) 61*64kB (UEH) 24*128kB (UMEH) 9*256kB (UH) 1*512kB (H) 2*1024kB (H) 0*2048kB 0*4096kB = 21968kB [ 187.808798][T13157] Node 1 DMA32: 524*4kB (UMEH) 569*8kB (UMEH) 108*16kB (UEH) 196*32kB (UEH) 127*64kB (UEH) 93*128kB (UMEH) 63*256kB (UMEH) 47*512kB (UMEH) 24*1024kB (UMH) 7*2048kB (UM) 3*4096kB (UM) = 126072kB [ 187.808894][T13157] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 187.808903][T13157] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 187.808911][T13157] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 187.808919][T13157] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 187.808928][T13157] 49113 total pagecache pages [ 187.808932][T13157] 180 pages in swap cache [ 187.808936][T13157] Free swap = 121488kB [ 187.808941][T13157] Total swap = 124996kB [ 187.808945][T13157] 524155 pages RAM [ 187.808949][T13157] 0 pages HighMem/MovableOnly [ 187.808953][T13157] 209476 pages reserved [ 187.808957][T13157] 0 pages cma reserved [ 187.887372][ T6017] libceph: connect (1)[c::]:6789 error -101 [ 187.952072][ T6057] libceph: connect (1)[c::]:6789 error -101 [ 187.957080][ T6017] libceph: mon0 (1)[c::]:6789 connect error [ 187.964698][ T6057] libceph: mon0 (1)[c::]:6789 connect error [ 188.128643][T13168] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3097'. [ 188.238741][ T6017] libceph: connect (1)[c::]:6789 error -101 [ 188.241070][ T6017] libceph: mon0 (1)[c::]:6789 connect error [ 188.293937][ T6057] libceph: connect (1)[c::]:6789 error -101 [ 188.296499][ T6057] libceph: mon0 (1)[c::]:6789 connect error [ 188.317839][ T5975] keytouch 0003:0926:3333.0026: fixing up Keytouch IEC report descriptor [ 188.325507][ T5975] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/0003:0926:3333.0026/input/input53 [ 188.451127][ T5975] keytouch 0003:0926:3333.0026: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0 [ 188.507262][T13193] tls_set_device_offload: netdev not found [ 188.519521][ T3243] usb 10-1: USB disconnect, device number 2 [ 188.590750][T13200] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3111'. [ 188.708529][T13161] ceph: No mds server is up or the cluster is laggy [ 188.708531][T13164] ceph: No mds server is up or the cluster is laggy [ 189.103621][ T24] usb 9-1: new high-speed USB device number 10 using dummy_hcd [ 189.263613][ T24] usb 9-1: Using ep0 maxpacket: 8 [ 189.266942][ T24] usb 9-1: config index 0 descriptor too short (expected 301, got 45) [ 189.269505][ T24] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 189.272984][ T24] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 189.283592][ T24] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 189.293548][ T24] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 189.298700][ T24] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 189.301761][ T24] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.561741][ T24] usb 9-1: usb_control_msg returned -32 [ 189.564268][ T24] usbtmc 9-1:16.0: can't read capabilities [ 189.824358][T13229] netlink: 240 bytes leftover after parsing attributes in process `syz.5.3123'. [ 189.916723][ T5975] usb 9-1: USB disconnect, device number 10 [ 189.981992][T13238] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3127'. [ 190.016404][T13240] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3128'. [ 190.282029][T13255] netlink: 'syz.1.3135': attribute type 10 has an invalid length. [ 190.286546][T13255] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3135'. [ 190.290642][T13255] dummy0: entered promiscuous mode [ 190.293717][T13255] bridge0: port 3(dummy0) entered blocking state [ 190.296724][T13255] bridge0: port 3(dummy0) entered disabled state [ 190.299782][T13255] dummy0: entered allmulticast mode [ 190.303529][T13255] bridge0: port 3(dummy0) entered blocking state [ 190.306049][T13255] bridge0: port 3(dummy0) entered forwarding state [ 190.833906][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 190.923628][ T3243] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 191.073694][ T54] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 191.079762][ T3243] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 191.084696][ T3243] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 191.088620][ T3243] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.095728][ T3243] usb 6-1: config 0 descriptor?? [ 191.225292][ T54] usb 10-1: config index 0 descriptor too short (expected 45, got 36) [ 191.227999][ T54] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 191.231534][ T54] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 191.235285][ T54] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 191.238917][ T54] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 191.242903][ T54] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 191.245787][ T54] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.250254][ T54] usb 10-1: config 0 descriptor?? [ 191.253076][T13291] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22 [ 191.309653][ T3243] usbhid 6-1:0.0: can't add hid device: -71 [ 191.311678][ T3243] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 191.316033][ T3243] usb 6-1: USB disconnect, device number 22 [ 191.676160][ T54] plantronics 0003:047F:FFFF.0027: reserved main item tag 0xd [ 191.683592][ T3243] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 191.686796][ T54] plantronics 0003:047F:FFFF.0027: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 191.835693][ T3243] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 191.839303][ T3243] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 191.842494][ T3243] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 191.845951][ T3243] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 191.851693][T13298] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 191.857385][ T3243] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 191.960270][ T6057] usb 10-1: USB disconnect, device number 3 [ 192.121004][ T54] usb 6-1: USB disconnect, device number 23 [ 192.144913][ T3243] usb 9-1: new high-speed USB device number 11 using dummy_hcd [ 192.296192][ T3243] usb 9-1: config index 0 descriptor too short (expected 45, got 36) [ 192.299406][ T3243] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 192.304880][ T3243] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 192.309595][ T3243] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 192.314931][ T3243] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 192.319895][ T3243] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 192.323516][ T3243] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.327926][ T3243] usb 9-1: config 0 descriptor?? [ 192.330409][T13319] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 192.689912][T13338] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 192.694630][T13338] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 192.741766][ T3243] plantronics 0003:047F:FFFF.0028: reserved main item tag 0xd [ 192.748755][ T3243] plantronics 0003:047F:FFFF.0028: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 192.761958][T13344] veth0: entered promiscuous mode [ 192.767682][T13344] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3174'. [ 193.016768][ T1466] usb 9-1: USB disconnect, device number 11 [ 193.312469][T13374] Invalid ELF header len 8 [ 193.368040][T13382] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 193.372303][T13382] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 193.588513][T13399] overlayfs: invalid origin (00000000d1d3e81a820eee8a94416592a5356da96db48150eae08457fbc30ece5e7e7e318cb2b4b2f8bddb73e65c239a40942f00000000000000000000000000) [ 193.621423][ T6057] libceph: connect (1)[c::]:6789 error -22 [ 193.626442][ T6057] libceph: mon0 (1)[c::]:6789 connect error [ 193.674183][ T3243] libceph: connect (1)[c::]:6789 error -22 [ 193.676455][ T3243] libceph: mon0 (1)[c::]:6789 connect error [ 193.747762][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.750607][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.883917][ T6057] libceph: connect (1)[c::]:6789 error -22 [ 193.889582][ T6057] libceph: mon0 (1)[c::]:6789 connect error [ 193.933906][ T3243] libceph: connect (1)[c::]:6789 error -22 [ 193.936550][ T3243] libceph: mon0 (1)[c::]:6789 connect error [ 194.394885][ T9] libceph: connect (1)[c::]:6789 error -22 [ 194.396909][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 194.445022][ T3243] libceph: connect (1)[c::]:6789 error -22 [ 194.447656][ T3243] libceph: mon0 (1)[c::]:6789 connect error [ 194.447919][T13401] ceph: No mds server is up or the cluster is laggy [ 194.447977][T13406] ceph: No mds server is up or the cluster is laggy [ 194.604677][T13440] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3215'. [ 195.081559][T13465] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 195.087198][T13465] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.181132][T13465] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 195.185330][T13465] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.288007][T13465] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 195.292286][T13465] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.372609][T13465] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 195.376277][T13465] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.486587][ T12] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 195.490825][ T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.510994][ T12] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 195.515817][ T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.526341][ T61] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 195.530066][ T61] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.542991][ T1137] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 195.546113][ T1137] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.753615][ T5975] usb 9-1: new high-speed USB device number 12 using dummy_hcd [ 195.913571][ T1466] usb 10-1: new high-speed USB device number 4 using dummy_hcd [ 195.916316][ T5975] usb 9-1: Using ep0 maxpacket: 8 [ 195.920036][ T5975] usb 9-1: config index 0 descriptor too short (expected 301, got 45) [ 195.923140][ T5975] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 195.926818][ T5975] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 195.930358][ T5975] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 195.934167][ T5975] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 195.938265][ T5975] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 195.941995][ T5975] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.085481][ T1466] usb 10-1: config 0 has no interfaces? [ 196.087303][ T1466] usb 10-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 196.090199][ T1466] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.096023][ T1466] usb 10-1: config 0 descriptor?? [ 196.156490][ T5975] usb 9-1: usb_control_msg returned -32 [ 196.158518][ T5975] usbtmc 9-1:16.0: can't read capabilities [ 196.310195][ T6057] usb 10-1: USB disconnect, device number 4 [ 196.868307][T13495] usbtmc 9-1:16.0: usb_control_msg returned -71 [ 197.070360][ T24] usb 9-1: USB disconnect, device number 12 [ 197.835730][T13543] loop7: detected capacity change from 0 to 16384 [ 197.876411][T13543] loop7: detected capacity change from 16384 to 16383 [ 198.557016][T13614] bond0: Device is already in use. [ 199.035020][T13642] netlink: 'syz.5.3301': attribute type 13 has an invalid length. [ 199.141661][T13646] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3302'. [ 199.229596][T13646] vxlan1: entered promiscuous mode [ 200.433102][T13696] netlink: 'syz.1.3323': attribute type 13 has an invalid length. [ 200.463597][ T8237] usb 9-1: new high-speed USB device number 13 using dummy_hcd [ 200.518718][ T3243] lo speed is unknown, defaulting to 1000 [ 200.629749][ T8237] usb 9-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00 [ 200.634288][ T8237] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 200.637705][ T8237] usb 9-1: Product: syz [ 200.638754][T13708] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3328'. [ 200.639098][ T8237] usb 9-1: Manufacturer: syz [ 200.644542][ T8237] usb 9-1: SerialNumber: syz [ 200.902425][ T8237] rtl8150 9-1:1.0: couldn't reset the device [ 200.905804][ T8237] rtl8150 9-1:1.0: probe with driver rtl8150 failed with error -5 [ 200.914598][ T8237] usb 9-1: USB disconnect, device number 13 [ 201.430370][T13721] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 201.910572][T13756] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 201.915436][T13756] syzkaller1: Linktype set failed because interface is up [ 202.078750][ T24] libceph: connect (1)[c::]:6789 error -101 [ 202.081261][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 202.139096][ T1466] libceph: connect (1)[c::]:6789 error -101 [ 202.142582][ T1466] libceph: mon0 (1)[c::]:6789 connect error [ 202.186254][T13785] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 202.191818][T13785] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address [ 202.197007][T13785] bond0: (slave ipvlan2): Error -95 calling set_mac_address [ 202.354180][ T24] libceph: connect (1)[c::]:6789 error -101 [ 202.357480][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 202.413842][ T1466] libceph: connect (1)[c::]:6789 error -101 [ 202.416040][ T1466] libceph: mon0 (1)[c::]:6789 connect error [ 202.581491][T13805] kernel read not supported for file /eth0 (pid: 13805 comm: syz.3.3368) [ 202.586426][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 202.586444][ T40] audit: type=1800 audit(1756148616.026:504): pid=13805 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3368" name="eth0" dev="mqueue" ino=22257 res=0 errno=0 [ 202.788108][T13814] lo speed is unknown, defaulting to 1000 [ 202.792221][T13814] lo speed is unknown, defaulting to 1000 [ 202.867338][ T24] libceph: connect (1)[c::]:6789 error -101 [ 202.870022][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 202.881514][T13778] ceph: No mds server is up or the cluster is laggy [ 202.881641][T13771] ceph: No mds server is up or the cluster is laggy [ 203.180516][T13833] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 203.186885][T13833] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address [ 203.192052][T13833] bond0: (slave ipvlan2): Error -95 calling set_mac_address [ 203.460370][T13840] "syz.3.3383" (13840) uses obsolete ecb(arc4) skcipher [ 203.642077][T13874] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 203.652848][T13874] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 203.784186][T13821] overlayfs: statfs failed on './file0' [ 204.182898][ T5979] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 204.187573][ T5979] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 204.192555][ T5979] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 204.199145][ T5979] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 204.205330][ T5979] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 204.230328][T13900] lo speed is unknown, defaulting to 1000 [ 204.233010][T13900] lo speed is unknown, defaulting to 1000 [ 204.352106][T13900] chnl_net:caif_netlink_parms(): no params data found [ 204.449548][T13900] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.451854][T13900] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.454408][T13900] bridge_slave_0: entered allmulticast mode [ 204.457369][T13900] bridge_slave_0: entered promiscuous mode [ 204.462228][T13900] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.464610][T13900] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.466952][T13900] bridge_slave_1: entered allmulticast mode [ 204.471070][T13900] bridge_slave_1: entered promiscuous mode [ 204.512209][T13900] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 204.517034][T13900] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 204.558147][T13900] team0: Port device team_slave_0 added [ 204.561447][T13900] team0: Port device team_slave_1 added [ 204.611466][T13900] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 204.613943][T13900] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 204.622569][T13900] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 204.627445][T13900] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 204.630156][T13900] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 204.641262][T13900] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 204.695271][T13900] hsr_slave_0: entered promiscuous mode [ 204.698267][T13900] hsr_slave_1: entered promiscuous mode [ 204.700438][T13900] debugfs: 'hsr0' already exists in 'hsr' [ 204.702729][T13900] Cannot create hsr debugfs directory [ 204.997182][T13900] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 205.003590][T13900] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 205.010126][T13900] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 205.017868][T13900] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 205.045347][T13900] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.048124][T13900] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.051015][T13900] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.055157][T13900] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.101224][T13900] 8021q: adding VLAN 0 to HW filter on device bond0 [ 205.120081][ T81] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.128655][ T81] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.155824][T13900] 8021q: adding VLAN 0 to HW filter on device team0 [ 205.161679][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.164799][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 205.183290][ T81] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.186336][ T81] bridge0: port 2(bridge_slave_1) entered forwarding state [ 205.199019][T13945] input: syz0 as /devices/virtual/input/input56 [ 205.258284][ T9] libceph: connect (1)[c::]:6789 error -101 [ 205.260307][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 205.312319][ T24] libceph: connect (1)[c::]:6789 error -101 [ 205.315553][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 205.348007][T13900] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 205.434863][ T5972] usb 10-1: new high-speed USB device number 5 using dummy_hcd [ 205.524110][ T9] libceph: connect (1)[c::]:6789 error -101 [ 205.526323][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 205.532502][T13900] veth0_vlan: entered promiscuous mode [ 205.540579][T13900] veth1_vlan: entered promiscuous mode [ 205.561869][T13900] veth0_macvtap: entered promiscuous mode [ 205.566511][T13900] veth1_macvtap: entered promiscuous mode [ 205.573863][ T24] libceph: connect (1)[c::]:6789 error -101 [ 205.576041][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 205.576993][T13900] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 205.585981][T13900] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 205.595946][ T1138] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.598983][ T1138] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.600421][T13964] kvm: kvm [13963]: vcpu0, guest rIP: 0xeeee8000 Unhandled WRMSR(0x40000006) = 0x0 [ 205.602380][ T1138] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.608590][ T1138] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 205.609713][ T5972] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 205.616615][ T5972] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 205.620628][ T5972] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 205.626198][ T5972] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 205.630223][ T5972] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 205.633202][ T5972] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.640047][ T5972] usb 10-1: config 0 descriptor?? [ 205.643166][T13943] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 205.666829][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 205.669514][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 205.683724][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 205.687092][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 205.804272][T13971] input: syz1 as /devices/virtual/input/input57 [ 205.948847][ T6017] libceph: connect (1)[c::]:6789 error -101 [ 205.951730][ T6017] libceph: mon0 (1)[c::]:6789 connect error [ 206.000723][ T29] libceph: connect (1)[b::]:6789 error -101 [ 206.004196][ T29] libceph: mon0 (1)[b::]:6789 connect error [ 206.044722][ T6057] libceph: connect (1)[c::]:6789 error -101 [ 206.047439][ T6057] libceph: mon0 (1)[c::]:6789 connect error [ 206.071174][ T5972] plantronics 0003:047F:FFFF.0029: reserved main item tag 0xd [ 206.077257][ T5972] plantronics 0003:047F:FFFF.0029: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 206.083896][ T6017] libceph: connect (1)[c::]:6789 error -101 [ 206.085591][T13948] ceph: No mds server is up or the cluster is laggy [ 206.086525][ T6017] libceph: mon0 (1)[c::]:6789 connect error [ 206.086947][T13953] ceph: No mds server is up or the cluster is laggy [ 206.220061][ T6017] libceph: connect (1)[c::]:6789 error -101 [ 206.222805][ T6017] libceph: mon0 (1)[c::]:6789 connect error [ 206.225048][ T5334] Bluetooth: hci2: command tx timeout [ 206.274155][ T5972] libceph: connect (1)[b::]:6789 error -101 [ 206.276981][ T5972] libceph: mon0 (1)[b::]:6789 connect error [ 206.335051][ T6017] usb 10-1: USB disconnect, device number 5 [ 206.733828][ T6017] libceph: connect (1)[c::]:6789 error -101 [ 206.736514][ T6017] libceph: mon0 (1)[c::]:6789 connect error [ 206.775784][T13976] ceph: No mds server is up or the cluster is laggy [ 206.775856][T13973] ceph: No mds server is up or the cluster is laggy [ 206.784042][ T29] libceph: connect (1)[b::]:6789 error -101 [ 206.791514][ T29] libceph: mon0 (1)[b::]:6789 connect error [ 207.088736][T14012] serio: Serial port ptm0 [ 207.541415][T14026] netlink: 'syz.6.3446': attribute type 1 has an invalid length. [ 207.554102][T14026] bond0: (slave geneve2): Enslaving as an active interface with an up link [ 208.264666][T14039] vcan0: tx drop: invalid sa for name 0x0000000000000002 [ 208.303569][ T5977] Bluetooth: hci2: command tx timeout [ 209.263666][ T5977] Bluetooth: hci4: command 0x1003 tx timeout [ 209.263710][ T5334] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 209.399890][T14074] binder: 14071:14074 ioctl c0185649 0 returned -22 [ 209.663627][ T5979] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 209.722884][T14088] loop3: detected capacity change from 0 to 1 [ 209.726668][T14088] Dev loop3: unable to read RDB block 1 [ 209.728738][T14088] loop3: unable to read partition table [ 209.731375][T14088] loop3: partition table beyond EOD, truncated [ 209.734457][T14088] loop_reread_partitions: partition scan of loop3 (被x ) failed (rc=-5) [ 209.781033][T14094] input: syz0 as /devices/virtual/input/input59 [ 209.970462][ T40] audit: type=1800 audit(1756148623.406:505): pid=14112 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3479" name="bus" dev="9p" ino=35913921 res=0 errno=0 [ 210.236886][T14134] binder: 14133:14134 ioctl c0306201 800001c0 returned -22 [ 210.384226][ T5979] Bluetooth: hci2: command tx timeout [ 211.076132][T14179] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3509'. [ 212.316248][T14216] blk_print_req_error: 2 callbacks suppressed [ 212.316266][T14216] I/O error, dev loop11, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 212.323154][T14216] SQUASHFS error: Failed to read block 0x0: -5 [ 212.463784][ T5979] Bluetooth: hci2: command tx timeout [ 212.652174][T14224] random: crng reseeded on system resumption [ 212.792053][T14242] Bluetooth: hci0: too big key_count value 34945 [ 213.300903][ T29] libceph: connect (1)[c::]:6789 error -101 [ 213.304642][ T29] libceph: mon0 (1)[c::]:6789 connect error [ 213.358386][ T29] libceph: connect (1)[b::]:6789 error -101 [ 213.361316][ T29] libceph: mon0 (1)[b::]:6789 connect error [ 213.563988][ T29] libceph: connect (1)[c::]:6789 error -101 [ 213.567062][ T29] libceph: mon0 (1)[c::]:6789 connect error [ 213.616838][T14298] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 213.619230][T14298] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 213.622382][T14298] vhci_hcd vhci_hcd.0: Device attached [ 213.624003][ T29] libceph: connect (1)[b::]:6789 error -101 [ 213.627765][ T29] libceph: mon0 (1)[b::]:6789 connect error [ 213.873505][ T3243] usb 47-1: new low-speed USB device number 2 using vhci_hcd [ 213.876314][ T8237] usb 10-1: new high-speed USB device number 6 using dummy_hcd [ 214.023648][ T8237] usb 10-1: Using ep0 maxpacket: 16 [ 214.027542][ T8237] usb 10-1: config 0 has no interfaces? [ 214.029905][ T8237] usb 10-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 214.033514][ T8237] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.044243][ T8237] usb 10-1: config 0 descriptor?? [ 214.083843][ T29] libceph: connect (1)[c::]:6789 error -101 [ 214.086984][ T29] libceph: mon0 (1)[c::]:6789 connect error [ 214.128931][T14268] ceph: No mds server is up or the cluster is laggy [ 214.133064][T14273] ceph: No mds server is up or the cluster is laggy [ 214.152378][ T29] libceph: connect (1)[b::]:6789 error -101 [ 214.156865][ T29] libceph: mon0 (1)[b::]:6789 connect error [ 214.254561][T14299] usb 47-1: recv xbuf, 0 [ 214.258929][ T1137] vhci_hcd: stop threads [ 214.260357][ T8237] usb 10-1: USB disconnect, device number 6 [ 214.260475][ T1137] vhci_hcd: release socket [ 214.264967][ T1137] vhci_hcd: disconnect device [ 214.300622][T14325] loop2: detected capacity change from 0 to 7 [ 214.305080][T14325] Dev loop2: unable to read RDB block 7 [ 214.307442][T14325] loop2: unable to read partition table [ 214.309988][T14325] loop2: partition table beyond EOD, truncated [ 214.312618][T14325] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 214.333533][ T3243] vhci_hcd: vhci_device speed not set [ 214.396372][T14332] input input60: cannot allocate more than FF_MAX_EFFECTS effects [ 214.401081][ T40] audit: type=1326 audit(1756148627.836:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14331 comm="syz.4.3573" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fc6579 code=0x0 [ 214.883641][ T24] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 214.990983][T14360] batman_adv: batadv0: Adding interface: dummy0 [ 214.993134][T14360] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 215.001362][T14360] batman_adv: batadv0: Interface activated: dummy0 [ 215.021754][T14360] batadv0: mtu less than device minimum [ 215.026698][T14360] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 215.031356][T14360] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 215.035100][T14360] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 215.038825][T14360] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 215.042436][T14360] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 215.046193][T14360] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 215.050236][T14360] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 215.054294][T14360] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 215.058754][T14360] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 215.074541][ T24] usb 6-1: Using ep0 maxpacket: 16 [ 215.079215][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 215.084614][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 215.089644][ T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 215.096197][ T24] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 215.100065][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.114595][ T24] usb 6-1: config 0 descriptor?? [ 215.363933][T14381] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.3595'. [ 215.539832][ T24] hid_parser_main: 5 callbacks suppressed [ 215.539851][ T24] shield 0003:0955:7214.002A: unknown main item tag 0x0 [ 215.545273][ T24] shield 0003:0955:7214.002A: unknown main item tag 0x0 [ 215.547981][ T24] shield 0003:0955:7214.002A: unknown main item tag 0x0 [ 215.551085][ T24] shield 0003:0955:7214.002A: unknown main item tag 0x0 [ 215.554571][ T24] shield 0003:0955:7214.002A: unknown main item tag 0x0 [ 215.560732][ T24] input: HID 0955:7214 Haptics as /devices/virtual/input/input61 [ 215.588159][ T24] shield 0003:0955:7214.002A: Registered Thunderstrike controller [ 215.591418][ T24] shield 0003:0955:7214.002A: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0 [ 215.735098][T14344] netlink: 'syz.1.3579': attribute type 2 has an invalid length. [ 215.737748][T14344] netlink: 224 bytes leftover after parsing attributes in process `syz.1.3579'. [ 215.744716][ T60] shield 0003:0955:7214.002A: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 215.744980][ T3243] usb 6-1: USB disconnect, device number 24 [ 215.748635][ T60] shield 0003:0955:7214.002A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 215.755388][ T60] shield 0003:0955:7214.002A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 215.759827][ T60] shield 0003:0955:7214.002A: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 215.969495][T14411] kvm: user requested TSC rate below hardware speed [ 215.984568][T14411] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 216.275585][T14443] netlink: 156 bytes leftover after parsing attributes in process `syz.1.3621'. [ 216.391213][T14455] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.481077][T14455] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.549063][T14455] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.652730][T14455] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 216.679419][T14469] netlink: 'syz.6.3631': attribute type 10 has an invalid length. [ 216.683913][T14469] batman_adv: batadv0: Interface deactivated: dummy0 [ 216.688774][T14469] batman_adv: batadv0: Removing interface: dummy0 [ 216.700392][T14469] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 216.738488][ T1137] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.749637][ T1137] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.758671][ T13] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.771855][ T13] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 217.229673][T14478] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3635'. [ 217.363018][T14482] netlink: 'syz.1.3637': attribute type 12 has an invalid length. [ 217.366402][T14482] netlink: 'syz.1.3637': attribute type 29 has an invalid length. [ 217.369723][T14482] netlink: 148 bytes leftover after parsing attributes in process `syz.1.3637'. [ 217.373830][T14482] netlink: 'syz.1.3637': attribute type 2 has an invalid length. [ 217.377344][T14482] netlink: 'syz.1.3637': attribute type 3 has an invalid length. [ 217.380940][T14482] netlink: 3 bytes leftover after parsing attributes in process `syz.1.3637'. [ 217.702665][T14505] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 217.706488][T14505] IPv6: NLM_F_CREATE should be set when creating new route [ 217.712663][T14505] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 217.741301][T14510] input: syz1 as /devices/virtual/input/input62 [ 218.599402][T14560] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3669'. [ 218.892664][T14580] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.955688][ T6017] libceph: connect (1)[c::]:6789 error -101 [ 218.958398][ T6017] libceph: mon0 (1)[c::]:6789 connect error [ 219.224793][ T6017] libceph: connect (1)[c::]:6789 error -101 [ 219.227400][ T6017] libceph: mon0 (1)[c::]:6789 connect error [ 219.527256][T14613] netlink: 84 bytes leftover after parsing attributes in process `syz.6.3687'. [ 219.734594][ T6017] libceph: connect (1)[c::]:6789 error -101 [ 219.736664][ T6017] libceph: mon0 (1)[c::]:6789 connect error [ 219.777765][T14585] ceph: No mds server is up or the cluster is laggy [ 221.904878][T14708] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3724'. [ 222.033838][T14708] team0: Port device team_slave_0 removed [ 222.598661][T14744] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3740'. [ 222.804213][T14764] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3750'. [ 223.646461][ T40] audit: type=1326 audit(1756148637.086:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14829 comm="syz.4.3779" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000 [ 223.655658][ T40] audit: type=1326 audit(1756148637.086:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14829 comm="syz.4.3779" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc6579 code=0x7fc00000 [ 223.893808][T14852] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3788'. [ 224.212539][ T1466] IPVS: starting estimator thread 0... [ 224.225958][T14869] tipc: Started in network mode [ 224.228413][T14869] tipc: Node identity ac1414aa, cluster identity 4711 [ 224.232735][T14869] tipc: Enabled bearer , priority 10 [ 224.323530][ T40] audit: type=1326 audit(1756148637.756:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14829 comm="syz.4.3779" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc6598 code=0x7fc00000 [ 224.331777][T14870] IPVS: using max 43 ests per chain, 103200 per kthread [ 224.420108][T14885] dummy0: entered allmulticast mode [ 224.422937][T14885] dummy0: left allmulticast mode [ 224.494217][T14891] binder: 14890:14891 ioctl c0306201 80000380 returned -14 [ 224.653578][T14903] kvm: user requested TSC rate below hardware speed [ 224.662738][T14903] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 224.843987][ T60] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 224.980956][ T1466] lo speed is unknown, defaulting to 1000 [ 224.982981][ T1466] syz2: Port: 1 Link DOWN [ 225.224832][ T1466] tipc: Node number set to 2886997162 [ 235.516942][ T40] audit: type=1326 audit(1756148648.956:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14972 comm="syz.6.3827" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe1579 code=0x0 [ 235.714886][T14984] fuse: Bad value for 'fd' [ 235.936623][T14994] overlayfs: failed to clone upperpath [ 236.019925][T14996] net_ratelimit: 11 callbacks suppressed [ 236.019943][T14996] IPVS: lblc: UDP 224.0.0.2:0 - no destination available [ 236.427584][ T3243] libceph: connect (1)[c::]:6789 error -101 [ 236.430722][ T3243] libceph: mon0 (1)[c::]:6789 connect error [ 236.495177][T15014] netlink: 'syz.6.3843': attribute type 2 has an invalid length. [ 236.501240][T15014] netlink: 532 bytes leftover after parsing attributes in process `syz.6.3843'. [ 236.522275][T15014] bond0: (slave dummy0): Releasing backup interface [ 236.527725][T15008] ceph: No mds server is up or the cluster is laggy [ 236.549954][T15017] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3844'. [ 236.701896][T15019] netlink: 'syz.1.3845': attribute type 30 has an invalid length. [ 236.815071][T15027] vxcan1: entered allmulticast mode [ 237.321673][T15057] 9pnet_fd: Insufficient options for proto=fd [ 237.906573][T15064] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.3866'. [ 237.998129][T15070] netlink: 'syz.1.3869': attribute type 4 has an invalid length. [ 238.022344][T15070] netlink: 'syz.1.3869': attribute type 4 has an invalid length. [ 238.029190][ T6017] lo speed is unknown, defaulting to 1000 [ 238.031746][ T6017] syz2: Port: 1 Link ACTIVE [ 238.087809][ T5334] Bluetooth: hci4: sending frame failed (-49) [ 238.091360][ T5979] Bluetooth: hci4: Opcode 0x1003 failed: -49 [ 238.261267][T15094] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3880'. [ 238.283591][T15094] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3880'. [ 238.344262][ T60] IPVS: starting estimator thread 0... [ 238.453705][T15104] IPVS: using max 43 ests per chain, 103200 per kthread [ 238.504951][T15099] lo speed is unknown, defaulting to 1000 [ 238.508433][T15099] lo speed is unknown, defaulting to 1000 [ 238.652609][T15115] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3888'. [ 238.844954][T15115] hsr_slave_0 (unregistering): left promiscuous mode [ 239.407135][T15172] netlink: 'syz.5.3912': attribute type 10 has an invalid length. [ 239.424247][T15172] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 239.603723][T15172] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 239.609717][T15172] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 239.629332][T15172] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 239.636721][T15172] bond0 (unregistering): Released all slaves [ 239.906887][T15188] netlink: 'syz.1.3919': attribute type 10 has an invalid length. [ 239.910120][T15188] syz_tun: entered promiscuous mode [ 239.923150][T15188] syz_tun: entered allmulticast mode [ 239.925666][T15188] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 240.056962][T15196] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3922'. [ 240.073631][T15196] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3922'. [ 240.962329][T15232] lo speed is unknown, defaulting to 1000 [ 240.965030][T15232] lo speed is unknown, defaulting to 1000 [ 241.046953][T15157] Set syz1 is full, maxelem 65536 reached [ 242.153147][ T40] audit: type=1326 audit(1756148655.586:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15256 comm="syz.1.3947" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7fc00000 [ 242.194496][T15274] block nbd4: shutting down sockets [ 242.508584][T15310] "syz.1.3970" (15310) uses obsolete ecb(arc4) skcipher [ 242.534138][T15315] 9pnet_fd: Insufficient options for proto=fd [ 242.658164][T15330] syzkaller1: entered promiscuous mode [ 242.660590][T15330] syzkaller1: entered allmulticast mode [ 242.675236][ T40] audit: type=1326 audit(1756148656.106:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15331 comm="syz.1.3979" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x0 [ 243.153496][ T29] usb 11-1: new high-speed USB device number 2 using dummy_hcd [ 243.314865][ T29] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 243.318392][ T29] usb 11-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 243.321658][ T29] usb 11-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 243.327323][ T29] usb 11-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 243.330218][ T29] usb 11-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.339340][ T29] usb 11-1: config 0 descriptor?? [ 243.607538][T15359] block device autoloading is deprecated and will be removed. [ 243.748350][ T29] plantronics 0003:047F:FFFF.002B: reserved main item tag 0xd [ 243.760284][ T29] plantronics 0003:047F:FFFF.002B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0 [ 244.006711][ T29] usb 11-1: USB disconnect, device number 2 [ 244.633990][T15407] lo speed is unknown, defaulting to 1000 [ 244.637631][T15407] lo speed is unknown, defaulting to 1000 [ 244.688911][T15408] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4009'. [ 245.301022][T15424] netlink: 52 bytes leftover after parsing attributes in process `syz.1.4017'. [ 245.490144][T15440] netlink: 'syz.4.4025': attribute type 10 has an invalid length. [ 245.495280][T15440] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4025'. [ 245.498955][T15440] dummy0: entered promiscuous mode [ 245.943563][T15466] could not open pipe file descriptor [ 246.366809][T15483] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4042'. [ 246.410044][T15398] Set syz1 is full, maxelem 65536 reached [ 246.468240][T15485] 8021q: adding VLAN 0 to HW filter on device bond1 [ 246.502292][T15490] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4045'. [ 246.505837][T15490] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4045'. [ 246.827548][T15514] loop2: detected capacity change from 0 to 7 [ 246.835568][T15082] Dev loop2: unable to read RDB block 7 [ 246.840163][T15082] loop2: AHDI p1 p2 p3 [ 246.842353][T15082] loop2: partition table partially beyond EOD, truncated [ 246.846443][T15082] loop2: p3 start 335544320 is beyond EOD, truncated [ 246.852091][T15514] Dev loop2: unable to read RDB block 7 [ 246.855387][T15514] loop2: AHDI p1 p2 p3 [ 246.856836][T15514] loop2: partition table partially beyond EOD, truncated [ 246.859285][T15514] loop2: p3 start 335544320 is beyond EOD, truncated [ 247.140174][T15535] lo speed is unknown, defaulting to 1000 [ 247.146753][T15535] lo speed is unknown, defaulting to 1000 [ 247.284612][T15543] input: syz0 as /devices/virtual/input/input64 [ 247.287841][T15543] input: failed to attach handler leds to device input64, error: -6 [ 247.630516][T15565] netlink: 64 bytes leftover after parsing attributes in process `syz.5.4076'. [ 247.641906][T15565] netlink: 64 bytes leftover after parsing attributes in process `syz.5.4076'. [ 247.822056][T15583] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4082'. [ 247.837473][T15583] vxlan0: entered promiscuous mode [ 247.854193][ T81] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 247.857845][ T81] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 247.866542][ T81] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 247.870109][ T81] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 247.991295][T15599] mac80211_hwsim hwsim20 wlan0: entered promiscuous mode [ 247.996043][T15599] macsec1: entered promiscuous mode [ 247.998945][T15599] macsec1: entered allmulticast mode [ 248.000789][T15599] mac80211_hwsim hwsim20 wlan0: entered allmulticast mode [ 248.173672][T15612] [ 248.174880][T15612] ===================================================== [ 248.178187][T15612] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 248.182021][T15612] syzkaller #0 Not tainted [ 248.184443][T15612] ----------------------------------------------------- [ 248.189181][T15612] syz.4.4097/15612 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 248.192356][T15612] ffff888068c86360 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x138/0x510 [ 248.196005][T15612] [ 248.196005][T15612] and this task is already holding: [ 248.198839][T15612] ffff888013ab7028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0x10e/0x9b0 [ 248.202674][T15612] which would create a new lock dependency: [ 248.204758][T15612] (&client->buffer_lock){....}-{3:3} -> (&new->fa_lock){....}-{3:3} [ 248.207806][T15612] [ 248.207806][T15612] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 248.211483][T15612] (&dev->event_lock#2){..-.}-{3:3} [ 248.211518][T15612] [ 248.211518][T15612] ... which became SOFTIRQ-irq-safe at: [ 248.216238][T15612] lock_acquire+0x179/0x350 [ 248.218133][T15612] _raw_spin_lock_irqsave+0x3a/0x60 [ 248.220128][T15612] input_inject_event+0x9f/0x3b0 [ 248.222083][T15612] led_set_brightness+0x217/0x290 [ 248.223674][T15612] led_trigger_event+0xda/0x270 [ 248.225705][T15612] kbd_bh+0x21b/0x300 [ 248.227461][T15612] tasklet_action_common+0x284/0x400 [ 248.229719][T15612] handle_softirqs+0x219/0x8e0 [ 248.231786][T15612] run_ksoftirqd+0x3a/0x60 [ 248.233731][T15612] smpboot_thread_fn+0x3f4/0xae0 [ 248.235848][T15612] kthread+0x3c5/0x780 [ 248.237652][T15612] ret_from_fork+0x5d4/0x6f0 [ 248.239601][T15612] ret_from_fork_asm+0x1a/0x30 [ 248.241744][T15612] [ 248.241744][T15612] to a SOFTIRQ-irq-unsafe lock: [ 248.244952][T15612] (tasklist_lock){.+.+}-{3:3} [ 248.244988][T15612] [ 248.244988][T15612] ... which became SOFTIRQ-irq-unsafe at: [ 248.251697][T15612] ... [ 248.251708][T15612] lock_acquire+0x179/0x350 [ 248.255178][T15612] _raw_read_lock+0x5f/0x70 [ 248.257141][T15612] __do_wait+0x105/0x890 [ 248.258999][T15612] do_wait+0x21e/0x5a0 [ 248.260773][T15612] kernel_wait+0x9f/0x160 [ 248.262494][T15612] call_usermodehelper_exec_work+0xf1/0x170 [ 248.264922][T15612] process_one_work+0x9cf/0x1b70 [ 248.267042][T15612] worker_thread+0x6c8/0xf10 [ 248.269085][T15612] kthread+0x3c5/0x780 [ 248.270866][T15612] ret_from_fork+0x5d4/0x6f0 [ 248.272952][T15612] ret_from_fork_asm+0x1a/0x30 [ 248.275077][T15612] [ 248.275077][T15612] other info that might help us debug this: [ 248.275077][T15612] [ 248.279264][T15612] Chain exists of: [ 248.279264][T15612] &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock [ 248.279264][T15612] [ 248.285122][T15612] Possible interrupt unsafe locking scenario: [ 248.285122][T15612] [ 248.288931][T15612] CPU0 CPU1 [ 248.291618][T15612] ---- ---- [ 248.293906][T15612] lock(tasklist_lock); [ 248.295690][T15612] local_irq_disable(); [ 248.298496][T15612] lock(&dev->event_lock#2); [ 248.301504][T15612] lock(&client->buffer_lock); [ 248.304520][T15612] [ 248.305929][T15612] lock(&dev->event_lock#2); [ 248.307933][T15612] [ 248.307933][T15612] *** DEADLOCK *** [ 248.307933][T15612] [ 248.311170][T15612] 7 locks held by syz.4.4097/15612: [ 248.313314][T15612] #0: ffff888028c8d118 (&evdev->mutex){+.+.}-{4:4}, at: evdev_write+0x184/0x440 [ 248.317310][T15612] #1: ffff888040efc230 (&dev->event_lock#2){..-.}-{3:3}, at: input_inject_event+0x9f/0x3b0 [ 248.322078][T15612] #2: ffffffff8e5c10a0 (rcu_read_lock){....}-{1:3}, at: input_inject_event+0xbb/0x3b0 [ 248.326034][T15612] #3: ffffffff8e5c10a0 (rcu_read_lock){....}-{1:3}, at: input_pass_values+0x80/0x880 [ 248.329714][T15612] #4: ffffffff8e5c10a0 (rcu_read_lock){....}-{1:3}, at: evdev_events+0x7b/0x390 [ 248.333437][T15612] #5: ffff888013ab7028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0x10e/0x9b0 [ 248.337446][T15612] #6: ffffffff8e5c10a0 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x62/0x510 [ 248.341078][T15612] [ 248.341078][T15612] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 248.345659][T15612] -> (&dev->event_lock#2){..-.}-{3:3} { [ 248.348251][T15612] IN-SOFTIRQ-W at: [ 248.349981][T15612] lock_acquire+0x179/0x350 [ 248.352605][T15612] _raw_spin_lock_irqsave+0x3a/0x60 [ 248.355522][T15612] input_inject_event+0x9f/0x3b0 [ 248.358298][T15612] led_set_brightness+0x217/0x290 [ 248.361107][T15612] led_trigger_event+0xda/0x270 [ 248.363844][T15612] kbd_bh+0x21b/0x300 [ 248.366335][T15612] tasklet_action_common+0x284/0x400 [ 248.369026][T15612] handle_softirqs+0x219/0x8e0 [ 248.371399][T15612] run_ksoftirqd+0x3a/0x60 [ 248.374139][T15612] smpboot_thread_fn+0x3f4/0xae0 [ 248.377285][T15612] kthread+0x3c5/0x780 [ 248.379908][T15612] ret_from_fork+0x5d4/0x6f0 [ 248.382821][T15612] ret_from_fork_asm+0x1a/0x30 [ 248.385611][T15612] INITIAL USE at: [ 248.387271][T15612] lock_acquire+0x179/0x350 [ 248.389828][T15612] _raw_spin_lock_irqsave+0x3a/0x60 [ 248.393037][T15612] input_inject_event+0x9f/0x3b0 [ 248.396165][T15612] led_set_brightness+0x217/0x290 [ 248.399497][T15612] kbd_led_trigger_activate+0xcb/0x110 [ 248.402342][T15612] led_trigger_set+0x59a/0xc50 [ 248.404848][T15612] led_trigger_set_default+0x1e0/0x2e0 [ 248.407518][T15612] led_classdev_register_ext+0x7b8/0xa10 [ 248.410460][T15612] input_leds_connect+0x552/0x8e0 [ 248.413233][T15612] input_attach_handler.isra.0+0x173/0x250 [ 248.415813][T15612] input_register_device+0xab9/0x1180 [ 248.418493][T15612] atkbd_connect+0x5f8/0xa40 [ 248.420561][T15612] serio_driver_probe+0x7f/0xd0 [ 248.422515][T15612] really_probe+0x241/0xa90 [ 248.424332][T15612] __driver_probe_device+0x1de/0x440 [ 248.426546][T15612] driver_probe_device+0x4c/0x1b0 [ 248.429053][T15612] __driver_attach+0x283/0x580 [ 248.431264][T15612] bus_for_each_dev+0x13e/0x1d0 [ 248.433765][T15612] serio_handle_event+0x335/0xc30 [ 248.436328][T15612] process_one_work+0x9cf/0x1b70 [ 248.438666][T15612] worker_thread+0x6c8/0xf10 [ 248.441058][T15612] kthread+0x3c5/0x780 [ 248.442873][T15612] ret_from_fork+0x5d4/0x6f0 [ 248.445015][T15612] ret_from_fork_asm+0x1a/0x30 [ 248.447084][T15612] } [ 248.447942][T15612] ... key at: [] __key.7+0x0/0x40 [ 248.450644][T15612] -> (&client->buffer_lock){....}-{3:3} { [ 248.452790][T15612] INITIAL USE at: [ 248.454275][T15612] lock_acquire+0x179/0x350 [ 248.456434][T15612] _raw_spin_lock_irqsave+0x3a/0x60 [ 248.459378][T15612] evdev_do_ioctl+0x347/0x1b30 [ 248.461417][T15612] evdev_ioctl_compat+0x16f/0x1a0 [ 248.463728][T15612] __ia32_compat_sys_ioctl+0x242/0x370 [ 248.466576][T15612] __do_fast_syscall_32+0x7c/0x3a0 [ 248.469189][T15612] do_fast_syscall_32+0x32/0x80 [ 248.471242][T15612] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 248.473786][T15612] } [ 248.474625][T15612] ... key at: [] __key.1+0x0/0x40 [ 248.476861][T15612] ... acquired at: [ 248.478096][T15612] _raw_spin_lock+0x2e/0x40 [ 248.479667][T15612] evdev_pass_values+0x10e/0x9b0 [ 248.481288][T15612] evdev_events+0x104/0x390 [ 248.482885][T15612] input_pass_values+0x138/0x880 [ 248.484746][T15612] input_handle_event+0xf00/0x14d0 [ 248.486586][T15612] input_inject_event+0x1e8/0x3b0 [ 248.488419][T15612] evdev_write+0x2e1/0x440 [ 248.490427][T15612] vfs_write+0x2a0/0x11d0 [ 248.492316][T15612] ksys_write+0x1f8/0x250 [ 248.493905][T15612] __do_fast_syscall_32+0x7c/0x3a0 [ 248.496268][T15612] do_fast_syscall_32+0x32/0x80 [ 248.498458][T15612] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 248.501286][T15612] [ 248.502347][T15612] [ 248.502347][T15612] the dependencies between the lock to be acquired [ 248.502357][T15612] and SOFTIRQ-irq-unsafe lock: [ 248.508393][T15612] -> (tasklist_lock){.+.+}-{3:3} { [ 248.511113][T15612] HARDIRQ-ON-R at: [ 248.513054][T15612] lock_acquire+0x179/0x350 [ 248.515726][T15612] _raw_read_lock+0x5f/0x70 [ 248.518009][T15612] __do_wait+0x105/0x890 [ 248.520063][T15612] do_wait+0x21e/0x5a0 [ 248.521966][T15612] kernel_wait+0x9f/0x160 [ 248.523922][T15612] call_usermodehelper_exec_work+0xf1/0x170 [ 248.526358][T15612] process_one_work+0x9cf/0x1b70 [ 248.528752][T15612] worker_thread+0x6c8/0xf10 [ 248.530922][T15612] kthread+0x3c5/0x780 [ 248.533237][T15612] ret_from_fork+0x5d4/0x6f0 [ 248.535330][T15612] ret_from_fork_asm+0x1a/0x30 [ 248.538104][T15612] SOFTIRQ-ON-R at: [ 248.539631][T15612] lock_acquire+0x179/0x350 [ 248.541671][T15612] _raw_read_lock+0x5f/0x70 [ 248.543708][T15612] __do_wait+0x105/0x890 [ 248.545687][T15612] do_wait+0x21e/0x5a0 [ 248.547661][T15612] kernel_wait+0x9f/0x160 [ 248.549878][T15612] call_usermodehelper_exec_work+0xf1/0x170 [ 248.552244][T15612] process_one_work+0x9cf/0x1b70 [ 248.554307][T15612] worker_thread+0x6c8/0xf10 [ 248.556294][T15612] kthread+0x3c5/0x780 [ 248.558207][T15612] ret_from_fork+0x5d4/0x6f0 [ 248.560305][T15612] ret_from_fork_asm+0x1a/0x30 [ 248.562394][T15612] INITIAL USE at: [ 248.563670][T15612] lock_acquire+0x179/0x350 [ 248.565676][T15612] _raw_write_lock_irq+0x36/0x50 [ 248.567786][T15612] copy_process+0x4caf/0x7690 [ 248.570162][T15612] kernel_clone+0xfc/0x930 [ 248.572830][T15612] user_mode_thread+0xc7/0x110 [ 248.575492][T15612] rest_init+0x23/0x2b0 [ 248.577419][T15612] start_kernel+0x3ee/0x4d0 [ 248.579563][T15612] x86_64_start_reservations+0x18/0x30 [ 248.582519][T15612] x86_64_start_kernel+0x130/0x190 [ 248.585424][T15612] common_startup_64+0x13e/0x148 [ 248.587767][T15612] INITIAL READ USE at: [ 248.589510][T15612] lock_acquire+0x179/0x350 [ 248.591874][T15612] _raw_read_lock+0x5f/0x70 [ 248.594532][T15612] __do_wait+0x105/0x890 [ 248.596895][T15612] do_wait+0x21e/0x5a0 [ 248.599372][T15612] kernel_wait+0x9f/0x160 [ 248.602283][T15612] call_usermodehelper_exec_work+0xf1/0x170 [ 248.605430][T15612] process_one_work+0x9cf/0x1b70 [ 248.607879][T15612] worker_thread+0x6c8/0xf10 [ 248.610249][T15612] kthread+0x3c5/0x780 [ 248.612372][T15612] ret_from_fork+0x5d4/0x6f0 [ 248.614611][T15612] ret_from_fork_asm+0x1a/0x30 [ 248.616845][T15612] } [ 248.617746][T15612] ... key at: [] tasklist_lock+0x18/0x40 [ 248.620770][T15612] ... acquired at: [ 248.622473][T15612] _raw_read_lock+0x5f/0x70 [ 248.624454][T15612] send_sigurg+0xed/0xc80 [ 248.626247][T15612] sk_send_sigurg+0x76/0x360 [ 248.627734][T15612] unix_stream_sendmsg+0xfa5/0x1340 [ 248.629501][T15612] ____sys_sendmsg+0xa95/0xc70 [ 248.631146][T15612] ___sys_sendmsg+0x134/0x1d0 [ 248.632833][T15612] __sys_sendmmsg+0x2f9/0x420 [ 248.634494][T15612] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 248.636568][T15612] __do_fast_syscall_32+0x7c/0x3a0 [ 248.638474][T15612] do_fast_syscall_32+0x32/0x80 [ 248.640348][T15612] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 248.642451][T15612] [ 248.643237][T15612] -> (&f_owner->lock){....}-{3:3} { [ 248.644893][T15612] INITIAL USE at: [ 248.646151][T15612] lock_acquire+0x179/0x350 [ 248.648086][T15612] _raw_write_lock_irq+0x36/0x50 [ 248.650187][T15612] __f_setown+0x61/0x3c0 [ 248.652041][T15612] generic_setlease+0xef2/0x1300 [ 248.654091][T15612] kernel_setlease+0x106/0x140 [ 248.656091][T15612] vfs_setlease+0x258/0x2d0 [ 248.657949][T15612] fcntl_setlease+0x3ed/0x5a0 [ 248.660373][T15612] do_fcntl+0x751/0x15a0 [ 248.662476][T15612] do_compat_fcntl64+0x367/0x710 [ 248.664524][T15612] __do_fast_syscall_32+0x7c/0x3a0 [ 248.666641][T15612] do_fast_syscall_32+0x32/0x80 [ 248.669027][T15612] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 248.671697][T15612] INITIAL READ USE at: [ 248.673134][T15612] lock_acquire+0x179/0x350 [ 248.675285][T15612] _raw_read_lock_irqsave+0x74/0x90 [ 248.677642][T15612] send_sigio+0x31/0x3e0 [ 248.680024][T15612] dnotify_handle_event+0x15e/0x2b0 [ 248.682466][T15612] fsnotify_handle_inode_event.isra.0+0x1e2/0x3f0 [ 248.685187][T15612] fsnotify+0x13d6/0x1dc0 [ 248.687167][T15612] vfs_mkdir+0x71d/0x8c0 [ 248.689336][T15612] do_mkdirat+0x304/0x3e0 [ 248.691592][T15612] __ia32_sys_mkdirat+0x82/0xb0 [ 248.693797][T15612] __do_fast_syscall_32+0x7c/0x3a0 [ 248.696200][T15612] do_fast_syscall_32+0x32/0x80 [ 248.698648][T15612] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 248.701527][T15612] } [ 248.702449][T15612] ... key at: [] __key.1+0x0/0x40 [ 248.704995][T15612] ... acquired at: [ 248.706263][T15612] _raw_read_lock_irqsave+0x74/0x90 [ 248.708059][T15612] send_sigio+0x31/0x3e0 [ 248.709950][T15612] kill_fasync+0x214/0x510 [ 248.711873][T15612] lease_break_callback+0x23/0x30 [ 248.713637][T15612] __break_lease+0x671/0x1810 [ 248.715166][T15612] do_dentry_open+0x91f/0x1530 [ 248.716727][T15612] vfs_open+0x82/0x3f0 [ 248.718103][T15612] path_openat+0x1de4/0x2cb0 [ 248.719884][T15612] do_filp_open+0x20b/0x470 [ 248.721401][T15612] do_sys_openat2+0x11b/0x1d0 [ 248.722978][T15612] __ia32_sys_creat+0xcb/0x120 [ 248.724585][T15612] __do_fast_syscall_32+0x7c/0x3a0 [ 248.726385][T15612] do_fast_syscall_32+0x32/0x80 [ 248.728503][T15612] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 248.731708][T15612] [ 248.732828][T15612] -> (&new->fa_lock){....}-{3:3} { [ 248.735121][T15612] INITIAL USE at: [ 248.736775][T15612] lock_acquire+0x179/0x350 [ 248.739276][T15612] _raw_write_lock_irq+0x36/0x50 [ 248.741870][T15612] fasync_remove_entry+0xb2/0x1e0 [ 248.744081][T15612] fasync_helper+0xaf/0xd0 [ 248.746284][T15612] lease_modify+0x232/0x500 [ 248.748378][T15612] locks_remove_file+0x29e/0x5c0 [ 248.750669][T15612] __fput+0x351/0xb70 [ 248.752455][T15612] task_work_run+0x14d/0x240 [ 248.754395][T15612] exit_to_user_mode_loop+0xeb/0x110 [ 248.756531][T15612] __do_fast_syscall_32+0x2ac/0x3a0 [ 248.758606][T15612] do_fast_syscall_32+0x32/0x80 [ 248.760426][T15612] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 248.762837][T15612] INITIAL READ USE at: [ 248.764198][T15612] lock_acquire+0x179/0x350 [ 248.766229][T15612] _raw_read_lock_irqsave+0x74/0x90 [ 248.768470][T15612] kill_fasync+0x138/0x510 [ 248.770508][T15612] splice_to_socket+0x50b/0x1110 [ 248.772667][T15612] do_splice+0x1478/0x1fc0 [ 248.774825][T15612] __do_splice+0x32a/0x360 [ 248.777038][T15612] __ia32_sys_splice+0x189/0x250 [ 248.779626][T15612] __do_fast_syscall_32+0x7c/0x3a0 [ 248.782346][T15612] do_fast_syscall_32+0x32/0x80 [ 248.784931][T15612] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 248.788278][T15612] } [ 248.789199][T15612] ... key at: [] __key.0+0x0/0x40 [ 248.791462][T15612] ... acquired at: [ 248.792853][T15612] lock_acquire+0x179/0x350 [ 248.794582][T15612] _raw_read_lock_irqsave+0x74/0x90 [ 248.796372][T15612] kill_fasync+0x138/0x510 [ 248.797946][T15612] evdev_pass_values+0x619/0x9b0 [ 248.799754][T15612] evdev_events+0x1bb/0x390 [ 248.801513][T15612] input_pass_values+0x74b/0x880 [ 248.803555][T15612] input_handle_event+0xf00/0x14d0 [ 248.805789][T15612] input_inject_event+0x1e8/0x3b0 [ 248.807785][T15612] evdev_write+0x2e1/0x440 [ 248.809550][T15612] vfs_write+0x2a0/0x11d0 [ 248.811067][T15612] ksys_write+0x1f8/0x250 [ 248.812545][T15612] __do_fast_syscall_32+0x7c/0x3a0 [ 248.814198][T15612] do_fast_syscall_32+0x32/0x80 [ 248.815838][T15612] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 248.817972][T15612] [ 248.818802][T15612] [ 248.818802][T15612] stack backtrace: [ 248.820776][T15612] CPU: 2 UID: 0 PID: 15612 Comm: syz.4.4097 Not tainted syzkaller #0 PREEMPT(full) [ 248.820791][T15612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 248.820797][T15612] Call Trace: [ 248.820803][T15612] [ 248.820807][T15612] dump_stack_lvl+0x116/0x1f0 [ 248.820823][T15612] check_irq_usage+0x7dc/0x920 [ 248.820839][T15612] ? check_path.constprop.0+0x24/0x50 [ 248.820852][T15612] ? __lock_acquire+0x12bc/0x1ce0 [ 248.820865][T15612] __lock_acquire+0x12bc/0x1ce0 [ 248.820880][T15612] lock_acquire+0x179/0x350 [ 248.820893][T15612] ? kill_fasync+0x138/0x510 [ 248.820911][T15612] _raw_read_lock_irqsave+0x74/0x90 [ 248.820923][T15612] ? kill_fasync+0x138/0x510 [ 248.820937][T15612] kill_fasync+0x138/0x510 [ 248.820954][T15612] evdev_pass_values+0x619/0x9b0 [ 248.820967][T15612] evdev_events+0x1bb/0x390 [ 248.820977][T15612] input_pass_values+0x74b/0x880 [ 248.820988][T15612] input_handle_event+0xf00/0x14d0 [ 248.820998][T15612] ? _copy_from_user+0x59/0xd0 [ 248.821016][T15612] input_inject_event+0x1e8/0x3b0 [ 248.821027][T15612] evdev_write+0x2e1/0x440 [ 248.821037][T15612] ? __pfx_evdev_write+0x10/0x10 [ 248.821047][T15612] ? common_file_perm+0x1a9/0x340 [ 248.821060][T15612] ? bpf_lsm_file_permission+0x9/0x10 [ 248.821075][T15612] ? security_file_permission+0x71/0x210 [ 248.821090][T15612] ? rw_verify_area+0xcf/0x6c0 [ 248.821100][T15612] ? __pfx_evdev_write+0x10/0x10 [ 248.821109][T15612] vfs_write+0x2a0/0x11d0 [ 248.821122][T15612] ? __pfx_vfs_write+0x10/0x10 [ 248.821133][T15612] ? find_held_lock+0x2b/0x80 [ 248.821142][T15612] ? __fget_files+0x204/0x3c0 [ 248.821154][T15612] ? __fget_files+0x20e/0x3c0 [ 248.821166][T15612] ksys_write+0x1f8/0x250 [ 248.821178][T15612] ? __pfx_ksys_write+0x10/0x10 [ 248.821190][T15612] ? rcu_is_watching+0x12/0xc0 [ 248.821206][T15612] __do_fast_syscall_32+0x7c/0x3a0 [ 248.821221][T15612] do_fast_syscall_32+0x32/0x80 [ 248.821234][T15612] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 248.821248][T15612] RIP: 0023:0xf7fc6579 [ 248.821256][T15612] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 248.821267][T15612] RSP: 002b:00000000f54e655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 248.821277][T15612] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040 [ 248.821284][T15612] RDX: 0000000000001068 RSI: 0000000000000000 RDI: 0000000000000000 [ 248.821290][T15612] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 248.821296][T15612] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 248.821302][T15612] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 248.821311][T15612] [ 255.196014][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.198531][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 VM DIAGNOSIS: 19:00:04 Registers: info registers vcpu 0 CPU#0 RAX=ffffffff81f52250 RBX=ffff88806c4ca988 RCX=ffffffff81f50213 RDX=ffff888023872440 RSI=ffffea00016f3e00 RDI=ffff88806c4ca988 RBP=ffffea00016f3e00 RSP=ffffc90002e8eaf8 R8 =0000000000000005 R9 =00000000000000f5 R10=00000000000000ff R11=0000000000000012 R12=000000000000001e R13=dffffc0000000000 R14=ffff88802b233370 R15=ffff88802b233468 RIP=ffffffff81f52250 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880974c3000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c290a86 CR3=00000000276e8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000001e81bc RBX=0000000000000001 RCX=ffffffff8b90abf9 RDX=ffffed1005666656 RSI=ffffffff8c162c80 RDI=ffffffff8190ccb1 RBP=ffffed1003bd8488 RSP=ffffc9000046fdf8 R8 =0000000000000000 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000000 R12=0000000000000001 R13=ffff88801dec2440 R14=ffffffff90ab8290 R15=0000000000000000 RIP=ffffffff8b90975f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880975c3000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f744d6f0 CR3=000000002519b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85617045 RDI=ffffffff9b0f9700 RBP=ffffffff9b0f96c0 RSP=ffffc900041af2f0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000002d R14=ffffffff9b0f96c0 R15=ffffffff85616fe0 RIP=ffffffff8561706f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880976c3000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080006018 CR3=000000006a192000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000001 RBX=ffff88806ca2e1c0 RCX=ffffffff8197ae03 RDX=0000000000000000 RSI=0000000000000004 RDI=ffff88806ca2e1c0 RBP=ffff88806ca2e1c8 RSP=ffffc900041cf838 R8 =0000000000000000 R9 =ffffed100d945c38 R10=ffff88806ca2e1c3 R11=0000000000000003 R12=ffff88806ca2e1d0 R13=0000000000000000 R14=0000000080000000 R15=ffff8880129fa400 RIP=ffffffff8b935ce0 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880977c3000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080017018 CR3=000000005fc3d000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000