last executing test programs: 43.522182312s ago: executing program 0 (id=712): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@bridge_delneigh={0x28, 0x1d, 0x1, 0x70bd2c, 0x25dfdbed, {0x7, 0x0, 0x0, r1, 0x80, 0x22, 0x1}, [@NDA_LLADDR={0xa, 0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}]}, 0x28}, 0x1, 0x0, 0x0, 0x404c893}, 0x40040) 43.454880728s ago: executing program 0 (id=705): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) listen(r0, 0xc) connect$x25(r0, 0x0, 0x0) 43.453534525s ago: executing program 0 (id=707): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000340)=[{0x20, 0xc, 0x77, 0xfffff010}, {0x28, 0x0, 0x0, 0xfffff038}, {0x6, 0x0, 0x0, 0x2}]}, 0x8) sendmmsg(r0, &(0x7f000000bd00)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="0a1057d48a", 0x33fe0}], 0x1}}], 0x1, 0x48844) 43.453121967s ago: executing program 0 (id=709): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x40, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_LABELS_MASK={0x4}, @CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_LABELS={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x0) 43.380591137s ago: executing program 0 (id=711): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x100) fcntl$notify(r0, 0x402, 0x8000000b) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20) 43.380249577s ago: executing program 0 (id=714): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x8004, 0x0, 0x81, 0xffffffff}) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @empty, 0x3}, @l2={0x1f, 0x1, @any, 0x8cc8}, @in={0x2, 0x4e20, @multicast2}, 0x501, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x304}) 27.979143888s ago: executing program 32 (id=714): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x8004, 0x0, 0x81, 0xffffffff}) r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @empty, 0x3}, @l2={0x1f, 0x1, @any, 0x8cc8}, @in={0x2, 0x4e20, @multicast2}, 0x501, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x304}) 1.279403146s ago: executing program 4 (id=2239): openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') close(0x3) 1.279276251s ago: executing program 4 (id=2240): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448de, 0x0) bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) 1.279066345s ago: executing program 4 (id=2242): syz_usb_connect(0x2, 0x24, &(0x7f0000002040)=ANY=[@ANYBLOB="12010000fe76181004160780a6af011703010902120001000000000904"], 0x0) r0 = syz_open_dev$sndctrl(&(0x7f00000000c0), 0x4ea3, 0x100) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, &(0x7f0000000000)=""/147) 359.724657ms ago: executing program 1 (id=2289): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40980, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x32) 308.446794ms ago: executing program 1 (id=2292): r0 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x0, 0xc00, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0, &(0x7f0000000180)=0x0) syz_io_uring_submit(r1, r2, r3, &(0x7f00000001c0)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x102, 0x0, 0x1}) io_uring_enter(r0, 0x1, 0x1, 0x1, 0x0, 0x0) 308.282626ms ago: executing program 1 (id=2293): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15) ioctl$TCSETS(r0, 0xc0384707, &(0x7f0000000040)={0x80000004, 0x0, 0xa, 0x400000, 0x18, "3eccd8000000000000000010000000040100"}) 307.284047ms ago: executing program 1 (id=2294): io_setup(0x800, &(0x7f0000000440)=0x0) r1 = eventfd(0x0) io_submit(r0, 0x1, &(0x7f0000000940)=[&(0x7f0000000240)={0x0, 0x0, 0x8, 0x0, 0x0, r1, 0x0, 0x4f}]) 259.204269ms ago: executing program 2 (id=2297): mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) r0 = socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_SECURITY_KEY(r0, 0x110, 0x1, &(0x7f0000000200)='D]{!\x00', 0x5) 259.121859ms ago: executing program 2 (id=2298): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x40, 0x7, &(0x7f0000006680)) madvise(&(0x7f0000797000/0x14000)=nil, 0x14000, 0xa) init_module(0x0, 0x0, 0x0) 230.975833ms ago: executing program 2 (id=2299): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x88f}}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2b, '\x00', r1, @sched_cls, 0x0, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 178.587152ms ago: executing program 2 (id=2301): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000004, 0x31, 0xffffffffffffffff, 0x1de12000) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_FLUSH(r0, 0x0, 0xd0, &(0x7f0000000000)=0xa4, 0x4) 178.250692ms ago: executing program 2 (id=2303): write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0xa, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b3266078b089b3b083844090890e0878f0e1ac6e7049b3d6d959b3b9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b333b0d07680936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0afc9397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6258742317662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e0088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76ccc2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2e57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849d11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f9d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f0712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1ccced94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2302, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40186f40, &(0x7f0000000180)=0x100) 178.145495ms ago: executing program 2 (id=2304): r0 = socket$netlink(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r1, 0x1, 0x3, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 134.114666ms ago: executing program 3 (id=2306): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000b80), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x1c, r1, 0x1ffd1684a4a9b69d, 0x70bd25, 0x25dfdbff, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x40010) 133.595538ms ago: executing program 1 (id=2307): r0 = timerfd_create(0x8, 0x80000) timerfd_settime(r0, 0x1, &(0x7f0000007000)={{0x0, 0x4}, {0x0, 0x989680}}, 0x0) timerfd_gettime(r0, &(0x7f0000000000)) 132.627963ms ago: executing program 4 (id=2308): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1e, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1c}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x4}, {0x3, 0x0, 0x3, 0xa, 0x2}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x4, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 79.065148ms ago: executing program 3 (id=2315): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb010018000000000000007c0000007c000000020000000000b1000000000e0000000000000000000000000600000d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00e935a483000000000000090000000000000000000000090000000000000000000000090200000001"], 0x0, 0x96}, 0x28) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x28) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000002000000000000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2}, 0x80) 78.786965ms ago: executing program 1 (id=2309): syz_emit_ethernet(0x3e, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0x8, 0x0, 0x1, @dev={0xfe, 0x80, '\x00', 0x12}, @loopback, {[@routing={0x32, 0x0, 0x1, 0x4}]}}}}}, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000240)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0xffffffffffffff6b, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48) 78.480876ms ago: executing program 3 (id=2310): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'veth0_to_bridge\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xffe5}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x12}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2004c849}, 0x0) 77.312962ms ago: executing program 3 (id=2311): r0 = socket$l2tp(0x2, 0x2, 0x73) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000f40)={'vxcan0\x00', 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000010c0)={0x6, 0x5, &(0x7f0000000d80)=@raw=[@tail_call], &(0x7f0000000e00)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x20, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x90}, 0x94) 54.834324ms ago: executing program 4 (id=2312): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000020}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=@mpls_getroute={0xa0, 0x1a, 0x1, 0x0, 0x0, {0x1c, 0x14}, [@RTA_NEWDST={0x84}]}, 0xa0}}, 0x0) 403.439µs ago: executing program 3 (id=2313): timer_create(0x8, &(0x7f00000002c0)={0x0, 0x21}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) set_mempolicy(0x3, &(0x7f0000000000)=0x7, 0x7) 88.344µs ago: executing program 4 (id=2314): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)={0x28, r1, 0x1, 0x1000000, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xe, 0x1, @l2={'eth', 0x3a, 'vlan0\x00'}}]}]}, 0x28}}, 0x0) 0s ago: executing program 3 (id=2316): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) ioctl$int_in(r0, 0x5452, &(0x7f0000000140)=0x3) ppoll(&(0x7f0000003840)=[{r0, 0x40}], 0x1, 0x0, 0x0, 0x0) 0s ago: executing program 3 (id=2318): ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0), 0x0, 0x0}) r0 = syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x0, 0x40002) ioctl$FE_SET_PROPERTY(r0, 0x80106f53, &(0x7f00000001c0)={0x1e, 0x0}) kernel console output (not intermixed with test programs): th an up link [ 74.675350][ T5741] team0: Port device team_slave_0 added [ 74.678141][ T5741] team0: Port device team_slave_1 added [ 74.683847][ T5742] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.696927][ T5742] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.702975][ T5737] team0: Port device team_slave_0 added [ 74.704921][ T5734] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.707312][ T5734] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.709644][ T5734] bridge_slave_0: entered allmulticast mode [ 74.712115][ T5734] bridge_slave_0: entered promiscuous mode [ 74.723969][ T5737] team0: Port device team_slave_1 added [ 74.728882][ T5734] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.731947][ T5734] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.734871][ T5734] bridge_slave_1: entered allmulticast mode [ 74.737569][ T5734] bridge_slave_1: entered promiscuous mode [ 74.745443][ T5741] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.748176][ T5741] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 74.757807][ T5741] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.762480][ T5741] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.765342][ T5741] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 74.775021][ T5741] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.781587][ T5742] team0: Port device team_slave_0 added [ 74.788326][ T5742] team0: Port device team_slave_1 added [ 74.795552][ T5734] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.802209][ T5734] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.805580][ T5737] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.808174][ T5737] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 74.817467][ T5737] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.834153][ T5737] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.837128][ T5737] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 74.846574][ T5737] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.858305][ T5742] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.860733][ T5742] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 74.868622][ T5742] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.878967][ T5734] team0: Port device team_slave_0 added [ 74.885258][ T5742] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.887469][ T5742] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 74.895188][ T5742] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.901979][ T5734] team0: Port device team_slave_1 added [ 74.906141][ T5741] hsr_slave_0: entered promiscuous mode [ 74.908725][ T5741] hsr_slave_1: entered promiscuous mode [ 74.922918][ T5737] hsr_slave_0: entered promiscuous mode [ 74.925394][ T5737] hsr_slave_1: entered promiscuous mode [ 74.927729][ T5737] debugfs: 'hsr0' already exists in 'hsr' [ 74.929499][ T5737] Cannot create hsr debugfs directory [ 74.953317][ T5734] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 74.955628][ T5734] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 74.965349][ T5734] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.979034][ T5742] hsr_slave_0: entered promiscuous mode [ 74.981900][ T5742] hsr_slave_1: entered promiscuous mode [ 74.983850][ T5742] debugfs: 'hsr0' already exists in 'hsr' [ 74.985655][ T5742] Cannot create hsr debugfs directory [ 74.989367][ T5734] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.992453][ T5734] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 75.002734][ T5734] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.046582][ T5734] hsr_slave_0: entered promiscuous mode [ 75.049380][ T5734] hsr_slave_1: entered promiscuous mode [ 75.051386][ T5734] debugfs: 'hsr0' already exists in 'hsr' [ 75.053264][ T5734] Cannot create hsr debugfs directory [ 75.147375][ T5741] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 75.153047][ T5741] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 75.158392][ T5741] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 75.164650][ T5741] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 75.168503][ T5741] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 75.171726][ T5741] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 75.174256][ T5741] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 75.177361][ T5741] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 75.195184][ T5737] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 75.199189][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 75.210359][ T5737] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 75.214876][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 75.217872][ T5737] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 75.222320][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 75.225868][ T5737] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 75.230347][ T5737] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 75.237202][ T5741] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.240015][ T5741] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.242798][ T5741] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.245340][ T5741] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.257065][ T5742] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 75.263876][ T5742] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 75.271237][ T5742] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 75.274719][ T5742] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 75.277298][ T5742] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 75.281447][ T5742] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 75.284037][ T5742] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 75.287918][ T5742] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 75.290492][ T5737] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.292762][ T5737] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.295065][ T5737] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.297232][ T5737] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.323531][ T5734] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 75.328292][ T5734] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 75.331533][ T5734] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 75.337633][ T5734] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 75.343615][ T5734] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 75.349757][ T5734] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 75.353558][ T5742] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.355811][ T5742] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.358086][ T5742] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.360315][ T5742] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.366551][ T5741] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.369625][ T5734] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 75.374588][ T5734] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 75.395677][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.400436][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.403621][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.406816][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.411381][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.414475][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.435066][ T5741] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.439020][ T5737] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.451978][ T5737] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.464852][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.467195][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.470470][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.473432][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.477815][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.480460][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.491273][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.493707][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.501989][ T5742] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.506780][ T5734] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.518426][ T5742] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.526516][ T5734] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.531867][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.534362][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.541695][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.543952][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.554374][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.557373][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.561591][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.563797][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.725112][ T5741] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.740673][ T5737] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.745973][ T5741] veth0_vlan: entered promiscuous mode [ 75.752766][ T5742] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.759079][ T5741] veth1_vlan: entered promiscuous mode [ 75.766241][ T5734] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.785190][ T5741] veth0_macvtap: entered promiscuous mode [ 75.790556][ T5741] veth1_macvtap: entered promiscuous mode [ 75.793119][ T5742] veth0_vlan: entered promiscuous mode [ 75.801271][ T5737] veth0_vlan: entered promiscuous mode [ 75.808932][ T5741] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.814903][ T5737] veth1_vlan: entered promiscuous mode [ 75.817300][ T5742] veth1_vlan: entered promiscuous mode [ 75.823731][ T5741] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.830772][ T5812] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.833932][ T5812] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.839765][ T5734] veth0_vlan: entered promiscuous mode [ 75.842432][ T5812] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.846819][ T5812] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.853710][ T5734] veth1_vlan: entered promiscuous mode [ 75.868446][ T5737] veth0_macvtap: entered promiscuous mode [ 75.873578][ T5737] veth1_macvtap: entered promiscuous mode [ 75.877406][ T5742] veth0_macvtap: entered promiscuous mode [ 75.881792][ T107] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.884315][ T107] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.885194][ T5742] veth1_macvtap: entered promiscuous mode [ 75.897574][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.897717][ T5734] veth0_macvtap: entered promiscuous mode [ 75.900250][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.904449][ T5734] veth1_macvtap: entered promiscuous mode [ 75.908796][ T5737] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.915496][ T5742] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.918698][ T5737] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.923571][ T5734] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.928788][ T5741] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 75.929213][ T5742] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.936389][ T5734] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.939266][ T5812] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.942245][ T5812] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.949407][ T5741] ebtables: xtables 32bit compat interface no longer supported in namespaces and will be removed soon. [ 75.952076][ T5812] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.956722][ T5812] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.960559][ T5741] arp_tables: xtables 32bit compat interface no longer supported in namespaces and will be removed soon. [ 75.965182][ T5812] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.965840][ T5741] ip_tables: xtables 32bit compat interface no longer supported in namespaces and will be removed soon. [ 75.975239][ T5812] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.976315][ T5741] ip6_tables: xtables 32bit compat interface no longer supported in namespaces and will be removed soon. [ 75.977918][ T5812] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.992623][ T5812] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.995444][ T5812] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.004280][ T5812] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.007909][ T5812] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.019608][ T5812] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.026838][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.031917][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.034632][ T225] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.037412][ T225] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.039755][ T5886] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 76.042671][ T5886] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 76.045429][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.045439][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.046442][ T5886] vhci_hcd vhci_hcd.0: Device attached [ 76.056193][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.057097][ T5887] vhci_hcd: connection closed [ 76.059336][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.061177][ T5812] vhci_hcd vhci_hcd.2: stop threads [ 76.065201][ T5812] vhci_hcd vhci_hcd.2: release socket [ 76.066941][ T5812] vhci_hcd vhci_hcd.2: disconnect device [ 76.075420][ T107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.079360][ T107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.080163][ T225] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.085200][ T225] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.121670][ T1434] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.123853][ T1434] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.152022][ T5892] pim6reg: entered allmulticast mode [ 76.158465][ T5892] pim6reg: left allmulticast mode [ 76.266440][ T5911] Driver unsupported XDP return value 0 on prog (id 2) dev N/A, expect packet loss! [ 76.268112][ T5913] capability: warning: `syz.3.13' uses 32-bit capabilities (legacy support in use) [ 76.352524][ T5738] Bluetooth: hci3: command tx timeout [ 76.352543][ T5743] Bluetooth: hci0: command tx timeout [ 76.352559][ T5743] Bluetooth: hci1: command tx timeout [ 76.354836][ T5740] Bluetooth: hci2: command tx timeout [ 76.380518][ T5932] kernel profiling enabled (shift: 9) [ 76.381508][ T5933] netlink: 4 bytes leftover after parsing attributes in process `syz.1.23'. [ 76.433979][ T5943] process 'syz.3.28' launched './file1' with NULL argv: empty string added [ 76.439051][ T5943] ======================================================= [ 76.439051][ T5943] WARNING: The mand mount option has been deprecated and [ 76.439051][ T5943] and is ignored by this kernel. Remove the mand [ 76.439051][ T5943] option from the mount to silence this warning. [ 76.439051][ T5943] ======================================================= [ 76.476189][ T5946] netlink: 8 bytes leftover after parsing attributes in process `syz.1.30'. [ 76.594881][ T5961] No buffer was provided with the request [ 76.649882][ T5971] netlink: 28 bytes leftover after parsing attributes in process `syz.2.41'. [ 76.936294][ T6012] Bluetooth: MGMT ver 1.23 [ 77.028920][ T6020] netlink: 4 bytes leftover after parsing attributes in process `syz.3.64'. [ 77.085255][ T6030] Invalid source name [ 77.086523][ T6030] UBIFS error (pid: 6030): cannot open "./file0", error -22 [ 77.176871][ T6050] nftables ruleset with unbound set [ 77.446575][ T6084] Bluetooth: MGMT ver 1.23 [ 77.591069][ T5809] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 77.742322][ T5809] usb 5-1: config 0 has no interfaces? [ 77.745407][ T5809] usb 5-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice=a4.46 [ 77.748350][ T5809] usb 5-1: New USB device strings: Mfr=133, Product=2, SerialNumber=0 [ 77.751081][ T5809] usb 5-1: Product: syz [ 77.752641][ T5809] usb 5-1: Manufacturer: syz [ 77.755353][ T5809] usb 5-1: config 0 descriptor?? [ 77.962548][ T5740] Bluetooth: hci0: Malformed LE Event: 0x0d [ 77.964030][ T5883] usb 5-1: USB disconnect, device number 2 [ 78.118266][ T6134] capability: warning: `syz.3.119' uses deprecated v2 capabilities in a way that may be insecure [ 78.312571][ T6152] tipc: Started in network mode [ 78.314565][ T6152] tipc: Node identity ff000000000000000000000000000001, cluster identity 4711 [ 78.318097][ T6152] tipc: Enabling of bearer rejected, failed to enable media [ 78.431114][ T5740] Bluetooth: hci0: command tx timeout [ 78.431426][ T5738] Bluetooth: hci2: command tx timeout [ 78.431474][ T64] Bluetooth: hci3: command tx timeout [ 78.431518][ T5743] Bluetooth: hci1: command tx timeout [ 78.476168][ T6166] netlink: 4 bytes leftover after parsing attributes in process `syz.3.135'. [ 78.480454][ T6166] netlink: 277 bytes leftover after parsing attributes in process `syz.3.135'. [ 78.484453][ T6166] netlink: 277 bytes leftover after parsing attributes in process `syz.3.135'. [ 78.549046][ T6175] ALSA: seq fatal error: cannot create timer (-19) [ 79.010682][ T6219] netlink: 48 bytes leftover after parsing attributes in process `syz.2.160'. [ 79.015065][ T6221] netlink: 4 bytes leftover after parsing attributes in process `syz.1.161'. [ 79.302665][ T6253] netlink: 24 bytes leftover after parsing attributes in process `syz.1.177'. [ 79.306276][ T6255] program syz.2.178 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 79.408440][ T6273] usb 1-1: USB disconnect, device number 2 [ 79.673410][ T42] audit: type=1326 audit(1781754371.036:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6311 comm="syz.2.207" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7ff8fec code=0x0 [ 79.724884][ T5882] kernel write not supported for file /radio5 (pid: 5882 comm: kworker/1:4) [ 79.787616][ T6339] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 79.797648][ T6339] CIFS mount error: No usable UNC path provided in device string! [ 79.797648][ T6339] [ 79.801354][ T6339] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 79.854045][ T5882] kernel write not supported for file /amidi2 (pid: 5882 comm: kworker/1:4) [ 79.910006][ T6367] syz.1.233: vmalloc error: size 4284481866, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 79.915406][ T6367] CPU: 3 UID: 0 PID: 6367 Comm: syz.1.233 Tainted: G L syzkaller #0 PREEMPT(full) [ 79.915425][ T6367] Tainted: [L]=SOFTLOCKUP [ 79.915429][ T6367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 79.915436][ T6367] Call Trace: [ 79.915440][ T6367] [ 79.915445][ T6367] dump_stack_lvl+0x100/0x190 [ 79.915466][ T6367] warn_alloc.cold+0x95/0x1c1 [ 79.915478][ T6367] ? __pfx_warn_alloc+0x10/0x10 [ 79.915493][ T6367] ? __do_fast_syscall_32+0xe7/0x970 [ 79.915509][ T6367] ? do_fast_syscall_32+0x32/0x70 [ 79.915523][ T6367] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 79.915540][ T6367] __vmalloc_node_range_noprof+0x136c/0x1630 [ 79.915552][ T6367] ? rcu_is_watching+0x12/0xc0 [ 79.915562][ T6367] ? lock_acquire+0x301/0x370 [ 79.915577][ T6367] ? trace_contention_end+0x126/0x160 [ 79.915592][ T6367] ? dvb_demux_do_ioctl+0x9e0/0x1200 [ 79.915609][ T6367] ? dvb_demux_do_ioctl+0x929/0x1200 [ 79.915626][ T6367] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 79.915638][ T6367] ? __pfx___mutex_lock+0x10/0x10 [ 79.915652][ T6367] ? lock_release+0x24d/0x310 [ 79.915666][ T6367] ? tomoyo_path_number_perm+0x188/0x580 [ 79.915680][ T6367] ? dvb_demux_do_ioctl+0x9e0/0x1200 [ 79.915697][ T6367] __vmalloc_node_noprof+0xad/0xf0 [ 79.915708][ T6367] ? dvb_demux_do_ioctl+0x9e0/0x1200 [ 79.915730][ T6367] dvb_demux_do_ioctl+0x9e0/0x1200 [ 79.915747][ T6367] ? do_vfs_ioctl+0x226/0x13e0 [ 79.915763][ T6367] dvb_usercopy+0x167/0x340 [ 79.915778][ T6367] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 79.915796][ T6367] ? __pfx_dvb_usercopy+0x10/0x10 [ 79.915813][ T6367] ? __fget_files+0x21f/0x3d0 [ 79.915831][ T6367] dvb_demux_ioctl+0x29/0x40 [ 79.915846][ T6367] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 79.915862][ T6367] __ia32_compat_sys_ioctl+0x2cf/0x360 [ 79.915877][ T6367] __do_fast_syscall_32+0xe7/0x970 [ 79.915893][ T6367] do_fast_syscall_32+0x32/0x70 [ 79.915907][ T6367] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 79.915920][ T6367] RIP: 0023:0xf7f56fec [ 79.915933][ T6367] Code: Unable to access opcode bytes at 0xf7f56fc2. [ 79.915937][ T6367] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 79.915948][ T6367] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000006f2d [ 79.915955][ T6367] RDX: 00000000ff60014a RSI: 0000000000000000 RDI: 0000000000000000 [ 79.915961][ T6367] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 79.915967][ T6367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 79.915973][ T6367] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 79.915982][ T6367] [ 79.915986][ T6367] Mem-Info: [ 80.013797][ T6367] active_anon:5496 inactive_anon:0 isolated_anon:0 [ 80.013797][ T6367] active_file:22373 inactive_file:37135 isolated_file:0 [ 80.013797][ T6367] unevictable:1768 dirty:340 writeback:0 [ 80.013797][ T6367] slab_reclaimable:8676 slab_unreclaimable:51282 [ 80.013797][ T6367] mapped:23571 shmem:2170 pagetables:1179 [ 80.013797][ T6367] sec_pagetables:297 bounce:0 [ 80.013797][ T6367] kernel_misc_reclaimable:0 [ 80.013797][ T6367] free:37237 free_pcp:15700 free_cma:0 [ 80.029128][ T6367] Node 0 active_anon:60kB inactive_anon:0kB active_file:52kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:32kB dirty:16kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8448kB pagetables:1124kB sec_pagetables:1132kB all_unreclaimable? yes Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 80.040058][ T6367] Node 1 active_anon:21924kB inactive_anon:0kB active_file:89440kB inactive_file:148540kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:94252kB dirty:1344kB writeback:0kB shmem:5144kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4412kB pagetables:3692kB sec_pagetables:56kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 80.050586][ T6367] Node 0 DMA free:2084kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:8kB inactive_file:0kB unevictable:0kB writepending:4kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:428kB local_pcp:88kB free_cma:0kB [ 80.060326][ T6367] lowmem_reserve[]: 0 284 284 284 284 [ 80.062071][ T6367] Node 0 DMA32 free:14548kB boost:2048kB min:15124kB low:18392kB high:21660kB reserved_highatomic:0KB free_highatomic:0KB active_anon:56kB inactive_anon:0kB active_file:44kB inactive_file:0kB unevictable:3536kB writepending:12kB zspages:0kB present:1032196kB managed:291748kB mlocked:0kB bounce:0kB free_pcp:10012kB local_pcp:2228kB free_cma:0kB [ 80.071486][ T6367] lowmem_reserve[]: 0 0 0 0 0 [ 80.072955][ T6367] Node 1 DMA32 free:132316kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:22024kB inactive_anon:0kB active_file:89440kB inactive_file:148540kB unevictable:3536kB writepending:1344kB zspages:1772kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:52680kB local_pcp:12696kB free_cma:0kB [ 80.083138][ T6367] lowmem_reserve[]: 0 0 0 0 0 [ 80.084641][ T6367] Node 0 DMA: 113*4kB (UM) 30*8kB (UM) 3*16kB (UM) 6*32kB (UM) 6*64kB (UM) 4*128kB (M) 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 2084kB [ 80.089042][ T6367] Node 0 DMA32: 419*4kB (UE) 217*8kB (UME) 72*16kB (UME) 50*32kB (UME) 39*64kB (UM) 18*128kB (UME) 8*256kB (UM) 3*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 14548kB [ 80.094632][ T6367] Node 1 DMA32: 450*4kB (UM) 188*8kB (UM) 304*16kB (UME) 24*32kB (M) 29*64kB (UME) 26*128kB (UME) 17*256kB (UM) 18*512kB (UM) 12*1024kB (UME) 13*2048kB (UME) 16*4096kB (M) = 132136kB [ 80.100046][ T6367] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 80.102963][ T6367] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 80.105761][ T6367] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 80.108559][ T6367] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 80.111777][ T6367] 61784 total pagecache pages [ 80.113258][ T6367] 110 pages in swap cache [ 80.114625][ T6367] Free swap = 121180kB [ 80.115891][ T6367] Total swap = 124996kB [ 80.117174][ T6367] 524155 pages RAM [ 80.118326][ T6367] 0 pages HighMem/MovableOnly [ 80.119756][ T6367] 210325 pages reserved [ 80.121151][ T6367] 0 pages cma reserved [ 80.159777][ T6394] netlink: 'syz.1.246': attribute type 1 has an invalid length. [ 80.511438][ T5738] Bluetooth: hci1: command tx timeout [ 80.511509][ T5743] Bluetooth: hci3: command tx timeout [ 80.515542][ T5740] Bluetooth: hci2: command tx timeout [ 80.521200][ T5743] Bluetooth: hci0: command tx timeout [ 80.586684][ T6428] x_tables: ip6_tables: recent.0 match: invalid size 216 (kernel) != (user) 232 [ 80.634928][ T6432] batadv0: entered promiscuous mode [ 80.637321][ T6432] macsec1: entered promiscuous mode [ 80.639727][ T6432] macsec1: entered allmulticast mode [ 80.643588][ T6432] batadv0: entered allmulticast mode [ 80.646729][ T6432] 8021q: adding VLAN 0 to HW filter on device macsec1 [ 80.651418][ T6432] batadv0: left allmulticast mode [ 80.653773][ T6432] batadv0: left promiscuous mode [ 80.659217][ T6434] block nbd0: not configured, cannot reconfigure [ 81.233346][ T6513] use of bytesused == 0 is deprecated and will be removed in the future, [ 81.236886][ T6513] use the actual size instead. [ 81.242343][ T1043] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 81.242542][ T10] cfg80211: failed to load regulatory.db [ 81.402843][ T1043] usb 8-1: config 1 has an invalid interface number: 7 but max is 0 [ 81.407488][ T1043] usb 8-1: config 1 has no interface number 0 [ 81.409405][ T1043] usb 8-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B [ 81.413000][ T1043] usb 8-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 81.418329][ T1043] usb 8-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 81.423263][ T1043] usb 8-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00 [ 81.426196][ T1043] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 81.428709][ T1043] usb 8-1: Product: syz [ 81.429995][ T1043] usb 8-1: Manufacturer: syz [ 81.432606][ T1043] usb 8-1: SerialNumber: syz [ 81.435314][ T6481] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 81.504766][ T6547] __nla_validate_parse: 8 callbacks suppressed [ 81.504777][ T6547] netlink: 76 bytes leftover after parsing attributes in process `syz.2.318'. [ 81.584100][ T42] audit: type=1326 audit(1781754372.946:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6560 comm="syz.2.324" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7ff8fec code=0x0 [ 81.994854][ T6593] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 82.437191][ T6598] netlink: 8 bytes leftover after parsing attributes in process `syz.1.341'. [ 82.437291][ T6599] netlink: 'syz.0.348': attribute type 1 has an invalid length. [ 82.440297][ T6598] netlink: 4 bytes leftover after parsing attributes in process `syz.1.341'. [ 82.442728][ T6599] netlink: 'syz.0.348': attribute type 1 has an invalid length. [ 82.445893][ T6598] netlink: 'syz.1.341': attribute type 13 has an invalid length. [ 82.448058][ T6599] netlink: 40 bytes leftover after parsing attributes in process `syz.0.348'. [ 82.454141][ T6598] netlink: 'syz.1.341': attribute type 12 has an invalid length. [ 82.488958][ T6604] netlink: 24 bytes leftover after parsing attributes in process `syz.1.343'. [ 82.561962][ T6622] ALSA: mixer_oss: invalid OSS volume '' [ 82.591789][ T5743] Bluetooth: hci0: command tx timeout [ 82.597714][ T6632] netlink: 'syz.2.358': attribute type 1 has an invalid length. [ 82.600529][ T6632] netlink: 96 bytes leftover after parsing attributes in process `syz.2.358'. [ 82.601180][ T5743] Bluetooth: hci1: command tx timeout [ 82.603569][ T5740] Bluetooth: hci3: command tx timeout [ 82.604496][ T5738] Bluetooth: hci2: command tx timeout [ 82.605083][ T6632] netlink: 'syz.2.358': attribute type 1 has an invalid length. [ 82.605095][ T6632] netlink: 'syz.2.358': attribute type 8 has an invalid length. [ 82.605102][ T6632] netlink: 606 bytes leftover after parsing attributes in process `syz.2.358'. [ 82.605110][ T6632] netlink: 1 bytes leftover after parsing attributes in process `syz.2.358'. [ 82.698931][ T6657] [U] CQ(QXryNpc)u7lo@s>_7ǹk{v$bم؎Y:s( GYO"oN/"kn6jo'j6 0ք1obuȋ[vzh8u :Dx-'ze Xyp^]b֙ 3%lc~s#ݴ# [ 82.714569][ T6656] [U] t[ [ 82.718091][ T6661] netlink: 36 bytes leftover after parsing attributes in process `syz.0.372'. [ 82.973608][ T6697] CUSE: unknown device info "" [ 82.975696][ T6697] CUSE: unknown device info "" [ 82.977333][ T6697] CUSE: unknown device info "" [ 82.978949][ T6697] CUSE: unknown device info "" [ 82.980592][ T6697] CUSE: unknown device info "" [ 82.982800][ T6697] CUSE: unknown device info "" [ 82.984415][ T6697] CUSE: unknown device info "" [ 82.986058][ T6697] CUSE: unknown device info "" [ 82.987631][ T6697] CUSE: unknown device info "" [ 82.989240][ T6697] CUSE: unknown device info "" [ 82.990891][ T6697] CUSE: unknown device info "" [ 82.992548][ T6697] CUSE: unknown device info "r" [ 82.994155][ T6697] CUSE: unknown device info "#" [ 82.996125][ T6697] CUSE: unknown device info "" [ 82.997817][ T6697] CUSE: unknown device info "" [ 82.999419][ T6697] CUSE: unknown device info "" [ 83.001263][ T6697] CUSE: DEVNAME unspecified [ 83.244705][ T6721] netlink: 'syz.2.399': attribute type 4 has an invalid length. [ 83.247066][ T6721] netlink: 240 bytes leftover after parsing attributes in process `syz.2.399'. [ 83.326530][ T6733] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 83.631117][ T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 83.783565][ T10] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 83.786536][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.789010][ T10] usb 7-1: Product: syz [ 83.790538][ T10] usb 7-1: Manufacturer: syz [ 83.792045][ T10] usb 7-1: SerialNumber: syz [ 83.794256][ T10] usb 7-1: config 0 descriptor?? [ 84.005379][ T5820] usb 7-1: USB disconnect, device number 2 [ 84.016967][ T1043] usb 8-1: Incompatible driver and firmware versions [ 84.020053][ T1043] usb 8-1: USB disconnect, device number 2 [ 84.366368][ T6815] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 84.544052][ C2] sr 2:0:0:0: [sr0] tag#16 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 84.547232][ C2] sr 2:0:0:0: [sr0] tag#16 CDB: Regenerate(16) 82 5a 86 a5 26 a3 50 1f b1 dd 8d ff 3e 90 d6 f5 [ 84.720925][ T6880] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1312 [ 84.826152][ T6896] xt_l2tp: wrong L2TP version: 0 [ 85.916513][ T7055] sch_fq: defrate 4294967295 ignored. [ 85.972652][ T7069] nbd: illegal input index 131084 [ 86.042636][ T7084] netlink: 'syz.0.566': attribute type 12 has an invalid length. [ 86.045201][ T7084] netlink: 'syz.0.566': attribute type 29 has an invalid length. [ 86.047734][ T7084] netlink: 'syz.0.566': attribute type 7 has an invalid length. [ 86.097018][ C3] IPv4: Oversized IP packet from 127.0.0.1 [ 86.098683][ T7093] syz.3.571 (7093) used obsolete PPPIOCDETACH ioctl [ 86.429949][ T7120] kAFS: unable to lookup cell '(,c' [ 86.472881][ T10] kernel write not supported for file /dsp1 (pid: 10 comm: kworker/0:1) [ 86.509393][ T7130] pimreg3: entered allmulticast mode [ 86.574985][ T7141] tipc: Enabling not permitted [ 86.577081][ T7141] tipc: Enabling of bearer rejected, failed to enable media [ 86.681610][ T5740] Bluetooth: hci3: command tx timeout [ 86.827884][ T7159] __nla_validate_parse: 9 callbacks suppressed [ 86.827899][ T7159] netlink: 16 bytes leftover after parsing attributes in process `syz.0.602'. [ 86.985014][ T42] audit: type=1326 audit(1781754378.346:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7178 comm="syz.0.612" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f94fec code=0x0 [ 87.134540][ T7195] netlink: 32 bytes leftover after parsing attributes in process `syz.1.619'. [ 87.500596][ T7228] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 87.525888][ T7232] netlink: 4 bytes leftover after parsing attributes in process `syz.1.636'. [ 87.631371][ T7149] comedi comedi0: reset error (fatal) [ 87.974972][ T42] audit: type=1326 audit(1781754379.336:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7290 comm="syz.1.665" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f56fec code=0x0 [ 88.170035][ T7308] netlink: 8 bytes leftover after parsing attributes in process `syz.0.672'. [ 88.307393][ T7331] block nbd0: not configured, cannot reconfigure [ 88.511337][ T10] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 88.661712][ T10] usb 8-1: too many configurations: 9, using maximum allowed: 8 [ 88.665281][ T10] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 88.668643][ T10] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 88.673665][ T10] usb 8-1: config 0 interface 0 has no altsetting 0 [ 88.678043][ T10] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 88.682151][ T10] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 88.686983][ T10] usb 8-1: config 0 interface 0 has no altsetting 0 [ 88.690771][ T10] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 88.693932][ T10] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 88.698384][ T10] usb 8-1: config 0 interface 0 has no altsetting 0 [ 88.701612][ T10] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 88.704674][ T10] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 88.709289][ T10] usb 8-1: config 0 interface 0 has no altsetting 0 [ 88.713366][ T10] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 88.717308][ T10] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 88.721463][ T10] usb 8-1: config 0 interface 0 has no altsetting 0 [ 88.725537][ T10] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 88.729501][ T10] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 88.734298][ T10] usb 8-1: config 0 interface 0 has no altsetting 0 [ 88.738339][ T10] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 88.741380][ T10] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 88.745617][ T10] usb 8-1: config 0 interface 0 has no altsetting 0 [ 88.749299][ T10] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 88.752291][ T10] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 88.755755][ T10] usb 8-1: config 0 interface 0 has no altsetting 0 [ 88.760817][ T10] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 88.765013][ T10] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 88.768760][ T10] usb 8-1: Product: syz [ 88.770625][ T10] usb 8-1: Manufacturer: syz [ 88.772846][ T10] usb 8-1: SerialNumber: syz [ 88.775403][ T10] usb 8-1: config 0 descriptor?? [ 88.780063][ T10] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0 [ 88.829340][ T7340] sctp: [Deprecated]: syz.0.685 (pid 7340) Use of struct sctp_assoc_value in delayed_ack socket option. [ 88.829340][ T7340] Use struct sctp_sack_info instead [ 88.904839][ T34] hid-generic 00A6:0060:056A.0002: unknown main item tag 0x0 [ 88.907677][ T34] hid-generic 00A6:0060:056A.0002: unknown main item tag 0x0 [ 88.910396][ T34] hid-generic 00A6:0060:056A.0002: unknown main item tag 0x0 [ 88.916036][ T34] hid-generic 00A6:0060:056A.0002: unknown main item tag 0x0 [ 88.919218][ T34] hid-generic 00A6:0060:056A.0002: unknown main item tag 0x0 [ 88.922441][ T34] hid-generic 00A6:0060:056A.0002: unknown main item tag 0x0 [ 88.925192][ T34] hid-generic 00A6:0060:056A.0002: unknown main item tag 0x0 [ 88.927857][ T34] hid-generic 00A6:0060:056A.0002: unknown main item tag 0x0 [ 88.930584][ T34] hid-generic 00A6:0060:056A.0002: unknown main item tag 0x0 [ 88.933490][ T34] hid-generic 00A6:0060:056A.0002: unknown main item tag 0x0 [ 88.960250][ T34] hid-generic 00A6:0060:056A.0002: hidraw0: HID v0.03 Device [syz0] on syz1 [ 88.981538][ T5810] usb 8-1: USB disconnect, device number 3 [ 88.981809][ T7355] fido_id[7355]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 88.985712][ T5810] yurex 8-1:0.0: USB YUREX #0 now disconnected [ 89.004493][ T7362] ebtables: wrong size: *len 168, entries_size 48, replsz 48 [ 89.074685][ T7374] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 89.109672][ T7378] netlink: 8 bytes leftover after parsing attributes in process `syz.2.704'. [ 89.170947][ T7390] netlink: 8 bytes leftover after parsing attributes in process `syz.2.710'. [ 89.300446][ T7398] netlink: 16 bytes leftover after parsing attributes in process `syz.2.716'. [ 89.457924][ T7410] vivid-000: ================= START STATUS ================= [ 89.461653][ T7410] vivid-000: Test Pattern: 75% Colorbar [ 89.464764][ T7410] vivid-000: Fill Percentage of Frame: 100 [ 89.467255][ T7410] vivid-000: Horizontal Movement: No Movement [ 89.469860][ T7410] vivid-000: Vertical Movement: No Movement [ 89.473264][ T7410] vivid-000: OSD Text Mode: All [ 89.474984][ T7410] vivid-000: Show Border: false [ 89.476642][ T7410] vivid-000: Show Square: false [ 89.478381][ T7410] vivid-000: Sensor Flipped Horizontally: false [ 89.480499][ T7410] vivid-000: Sensor Flipped Vertically: false [ 89.482682][ T7410] vivid-000: Insert SAV Code in Image: false [ 89.484702][ T7410] vivid-000: Insert EAV Code in Image: false [ 89.486645][ T7410] vivid-000: Insert Video Guard Band: false [ 89.488630][ T7410] vivid-000: Reduced Framerate: false [ 89.490373][ T7410] vivid-000: HDMI 000-0 Is Connected To: Test Pattern Generator [ 89.492978][ T7410] vivid-000: S-Video 000-0 Is Connected To: Test Pattern Generator [ 89.495827][ T7410] vivid-000: Enable Capture Cropping: true grabbed [ 89.498161][ T7410] vivid-000: Enable Capture Composing: true grabbed [ 89.500390][ T7410] vivid-000: Enable Capture Scaler: true grabbed [ 89.502871][ T7410] vivid-000: Timestamp Source: End of Frame [ 89.504920][ T7410] vivid-000: Colorspace: sRGB [ 89.506568][ T7410] vivid-000: Transfer Function: Default [ 89.508459][ T7410] vivid-000: Y'CbCr Encoding: Default [ 89.510290][ T7410] vivid-000: HSV Encoding: Hue 0-179 [ 89.512151][ T7410] vivid-000: Quantization: Default [ 89.514140][ T7410] vivid-000: Apply Alpha To Red Only: false [ 89.516179][ T7410] vivid-000: Standard Aspect Ratio: 4x3 [ 89.518113][ T7410] vivid-000: DV Timings Signal Mode: Current DV Timings inactive [ 89.520702][ T7410] vivid-000: DV Timings: 640x480p59 inactive [ 89.522921][ T7410] vivid-000: DV Timings Aspect Ratio: Source Width x Height [ 89.525763][ T7410] vivid-000: Maximum EDID Blocks: 2 [ 89.527530][ T7410] vivid-000: Limited RGB Range (16-235): false [ 89.529459][ T7410] vivid-000: Rx RGB Quantization Range: Automatic [ 89.531596][ T7410] vivid-000: Power Present: 0x00000001 [ 89.533433][ T7410] tpg source WxH: 320x240 (Y'CbCr) [ 89.535154][ T7410] tpg field: 1 [ 89.536275][ T7410] tpg crop: (0,0)/320x240 [ 89.537679][ T7410] tpg compose: (0,0)/320x240 [ 89.539194][ T7410] tpg colorspace: 8 [ 89.540442][ T7410] tpg transfer function: 0/2 [ 89.542240][ T7410] tpg Y'CbCr encoding: 0/1 [ 89.543754][ T7410] tpg quantization: 0/2 [ 89.545163][ T7410] tpg RGB range: 0/2 [ 89.546411][ T7410] vivid-000: ================== END STATUS ================== [ 89.791151][ T10] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 89.943861][ T10] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 89.947671][ T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 89.951412][ T10] usb 8-1: Product: syz [ 89.953157][ T10] usb 8-1: Manufacturer: syz [ 89.955164][ T10] usb 8-1: SerialNumber: syz [ 89.960821][ T10] usb 8-1: config 0 descriptor?? [ 90.175622][ T5882] usb 8-1: USB disconnect, device number 4 [ 90.206765][ T42] audit: type=1326 audit(1781754381.566:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7446 comm="syz.1.740" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 90.215650][ T42] audit: type=1326 audit(1781754381.566:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7446 comm="syz.1.740" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 90.224889][ T42] audit: type=1326 audit(1781754381.566:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7446 comm="syz.1.740" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 90.234667][ T42] audit: type=1326 audit(1781754381.566:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7446 comm="syz.1.740" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 90.242883][ T42] audit: type=1326 audit(1781754381.566:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7446 comm="syz.1.740" exe="/syz-executor" sig=0 arch=40000003 syscall=307 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 90.251839][ T42] audit: type=1326 audit(1781754381.566:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7446 comm="syz.1.740" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 90.260675][ T42] audit: type=1326 audit(1781754381.566:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7446 comm="syz.1.740" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 90.334397][ T7460] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it. [ 90.398595][ T34] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.03 Device [syz1] on syz1 [ 90.420217][ T7465] fido_id[7465]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 90.607764][ T7493] usb usb8: usbfs: process 7493 (syz.1.762) did not claim interface 0 before use [ 90.713080][ T7508] team0: entered allmulticast mode [ 90.714803][ T7508] team_slave_0: entered allmulticast mode [ 90.717869][ T7508] team_slave_1: entered allmulticast mode [ 90.748624][ T7516] netlink: 12 bytes leftover after parsing attributes in process `syz.2.773'. [ 90.784784][ T7522] netlink: 8 bytes leftover after parsing attributes in process `syz.2.776'. [ 90.787915][ T7522] netlink: 4 bytes leftover after parsing attributes in process `syz.2.776'. [ 90.791070][ T7522] netlink: 'syz.2.776': attribute type 11 has an invalid length. [ 90.870940][ T7533] tmpfs: Cannot change global quota limit on remount [ 91.009891][ T36] Bluetooth: hci4: Frame reassembly failed (-84) [ 91.166447][ T7563] sch_tbf: burst 240 is lower than device lo mtu (65550) ! [ 91.371584][ T42] audit: type=1326 audit(1781754382.736:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7575 comm="syz.3.802" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f88fec code=0x0 [ 91.377556][ T7578] Zero length message leads to an empty skb [ 91.613865][ T7604] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_vlan, syncid = 0, id = 0 [ 92.309105][ T7633] IPVS: Error connecting to the multicast addr [ 92.735064][ T7669] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 92.789003][ T7675] syz.3.846 (7675) used greatest stack depth: 18976 bytes left [ 92.928215][ T7687] netlink: 'syz.3.853': attribute type 1 has an invalid length. [ 93.012220][ T10] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 93.018258][ T9] IPVS: starting estimator thread 0... [ 93.071224][ T5740] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 93.111426][ T7692] IPVS: using max 56 ests per chain, 134400 per kthread [ 93.174870][ T10] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 93.177580][ T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.181130][ T10] usb 7-1: Product: syz [ 93.182386][ T10] usb 7-1: Manufacturer: syz [ 93.182681][ T42] audit: type=1326 audit(1781754384.546:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.1.868" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 93.183816][ T10] usb 7-1: SerialNumber: syz [ 93.184453][ T10] usb 7-1: config 0 descriptor?? [ 93.195478][ T42] audit: type=1326 audit(1781754384.546:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.1.868" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 93.211169][ T42] audit: type=1326 audit(1781754384.546:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.1.868" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 93.221931][ T42] audit: type=1326 audit(1781754384.546:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.1.868" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 93.228513][ T42] audit: type=1326 audit(1781754384.546:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.1.868" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 93.235302][ T42] audit: type=1326 audit(1781754384.546:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.1.868" exe="/syz-executor" sig=0 arch=40000003 syscall=61 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 93.241593][ T42] audit: type=1326 audit(1781754384.546:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.1.868" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 93.248536][ T42] audit: type=1326 audit(1781754384.546:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.1.868" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 93.277470][ T7732] ptrace attach of "/syz-executor exec"[5737] was attempted by ""[7732] [ 93.351668][ T7744] [U]  [ 93.405458][ T10] usb 7-1: USB disconnect, device number 3 [ 93.564585][ T7766] __nla_validate_parse: 3 callbacks suppressed [ 93.564598][ T7766] netlink: 256 bytes leftover after parsing attributes in process `syz.3.891'. [ 93.569279][ T7766] netlink: 'syz.3.891': attribute type 10 has an invalid length. [ 93.631095][ T5743] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 93.631108][ T5740] Bluetooth: hci0: command 0x0c1a tx timeout [ 93.756371][ T7797] netlink: 'syz.3.906': attribute type 5 has an invalid length. [ 93.801438][ T7802] sch_tbf: peakrate 9 is lower than or equals to rate 8022975959529529383 ! [ 94.001706][ T5882] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 94.161062][ T5882] usb 6-1: Using ep0 maxpacket: 16 [ 94.164325][ T5882] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 94.168245][ T5882] usb 6-1: config 0 interface 0 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 94.172924][ T5882] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 94.177284][ T5882] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 94.180770][ T5882] usb 6-1: config 0 interface 0 has no altsetting 0 [ 94.185166][ T5882] usb 6-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 94.188019][ T5882] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 94.190667][ T5882] usb 6-1: Product: syz [ 94.192108][ T5882] usb 6-1: Manufacturer: syz [ 94.193561][ T5882] usb 6-1: SerialNumber: syz [ 94.196130][ T5882] usb 6-1: config 0 descriptor?? [ 94.198779][ T7795] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 94.404063][ T7795] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 94.410104][ T5882] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input5 [ 94.610400][ T1043] usb 6-1: USB disconnect, device number 2 [ 94.919504][ T7869] warning: `syz.3.935' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 95.171516][ T5820] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 95.323518][ T5820] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 95.331062][ T5820] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 95.334282][ T5820] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 95.337106][ T5820] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.340885][ T7871] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 95.347950][ T5820] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 95.419338][ T7889] netlink: 8 bytes leftover after parsing attributes in process `syz.1.945'. [ 95.534693][ T7893] netlink: 24 bytes leftover after parsing attributes in process `syz.1.947'. [ 95.577173][ T1043] usb 8-1: USB disconnect, device number 5 [ 95.722726][ T7909] loop6: detected capacity change from 0 to 524287999 [ 95.726191][ T7909] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.729302][ T7909] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.732824][ T7909] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.735855][ T7909] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.739037][ T7909] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.742598][ T7909] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.746069][ T7909] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.749433][ T7909] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.753732][ T7909] ldm_validate_partition_table(): Disk read failed. [ 95.756536][ T7909] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.759711][ T7909] Buffer I/O error on dev loop6, logical block 0, async page read [ 95.763622][ T7909] Dev loop6: unable to read RDB block 0 [ 95.766253][ T7909] loop6: unable to read partition table [ 95.768581][ T7909] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 96.042762][ T7929] netlink: 'syz.1.965': attribute type 14 has an invalid length. [ 96.809873][ T5740] Bluetooth: Unexpected continuation frame (len 4) [ 96.869372][ T42] audit: type=1800 audit(1781754388.226:22): pid=8006 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1003" name="file0" dev="tmpfs" ino=1272 res=0 errno=0 [ 97.045103][ T8027] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1012'. [ 97.053382][ T8027] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1012'. [ 97.131056][ T8037] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1017'. [ 97.134151][ T8037] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1017'. [ 97.137777][ T8037] netlink: 'syz.3.1017': attribute type 13 has an invalid length. [ 97.141189][ T8037] netlink: 'syz.3.1017': attribute type 14 has an invalid length. [ 97.851897][ T8101] tipc: Started in network mode [ 97.854082][ T8101] tipc: Node identity ac14142f, cluster identity 4711 [ 97.856975][ T8101] tipc: New replicast peer: 0.0.0.0 [ 97.859295][ T8101] tipc: Enabled bearer , priority 10 [ 98.521566][ T5740] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 98.524219][ T5740] Bluetooth: hci2: Injecting HCI hardware error event [ 98.526562][ T5740] Bluetooth: hci2: hardware error 0x00 [ 98.806826][ T8137] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1065'. [ 98.809682][ T8137] netlink: 'syz.2.1065': attribute type 5 has an invalid length. [ 98.812586][ T8137] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1065'. [ 98.858218][ T42] audit: type=1800 audit(1781754390.216:23): pid=8141 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1067" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 98.971246][ T5882] tipc: Node number set to 2886997039 [ 99.061115][ T5820] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 99.088576][ T8155] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1075'. [ 99.117108][ T42] audit: type=1326 audit(1781754390.476:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8156 comm="syz.3.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88fec code=0x7ffc0000 [ 99.126017][ T42] audit: type=1326 audit(1781754390.476:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8156 comm="syz.3.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88fec code=0x7ffc0000 [ 99.135170][ T42] audit: type=1326 audit(1781754390.476:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8156 comm="syz.3.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=322 compat=1 ip=0xf7f88fec code=0x7ffc0000 [ 99.144433][ T42] audit: type=1326 audit(1781754390.476:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8156 comm="syz.3.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88fec code=0x7ffc0000 [ 99.153288][ T42] audit: type=1326 audit(1781754390.476:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8156 comm="syz.3.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=326 compat=1 ip=0xf7f88fec code=0x7ffc0000 [ 99.162432][ T42] audit: type=1326 audit(1781754390.476:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8156 comm="syz.3.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88fec code=0x7ffc0000 [ 99.171200][ T42] audit: type=1326 audit(1781754390.476:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8156 comm="syz.3.1076" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88fec code=0x7ffc0000 [ 99.211107][ T5820] usb 7-1: Using ep0 maxpacket: 32 [ 99.218126][ T5820] usb 7-1: unable to get BOS descriptor or descriptor too short [ 99.229563][ T5820] usb 7-1: config 8 has an invalid interface number: 188 but max is 0 [ 99.232181][ T5820] usb 7-1: config 8 has no interface number 0 [ 99.234055][ T5820] usb 7-1: config 8 interface 188 has no altsetting 0 [ 99.240626][ T5820] usb 7-1: string descriptor 0 read error: -22 [ 99.242718][ T5820] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e [ 99.245729][ T5820] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 99.251373][ T5820] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state. [ 99.252804][ T8167] tipc: Cannot configure node identity twice [ 99.253988][ T5820] dw2102: su3000_power_ctrl: 1, initialized 0 [ 99.255871][ T8167] tipc: Cannot configure node identity twice [ 99.258323][ T5820] dvb-usb: bulk message failed: -22 (2/0) [ 99.263765][ T5820] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 99.267943][ T5820] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3) [ 99.271792][ T5820] usb 7-1: media controller created [ 99.274035][ T5820] dvb-usb: bulk message failed: -22 (6/0) [ 99.277064][ T5820] dw2102: i2c transfer failed. [ 99.279262][ T5820] dvb-usb: bulk message failed: -22 (6/0) [ 99.288157][ T5820] dw2102: i2c transfer failed. [ 99.290264][ T5820] dvb-usb: bulk message failed: -22 (6/0) [ 99.292877][ T5820] dw2102: i2c transfer failed. [ 99.294897][ T5820] dvb-usb: bulk message failed: -22 (6/0) [ 99.297281][ T5820] dw2102: i2c transfer failed. [ 99.299206][ T5820] dvb-usb: bulk message failed: -22 (6/0) [ 99.302038][ T5820] dw2102: i2c transfer failed. [ 99.304079][ T5820] dvb-usb: bulk message failed: -22 (6/0) [ 99.309579][ T5820] dw2102: i2c transfer failed. [ 99.312252][ T5820] dvb-usb: MAC address: 02:02:02:02:02:02 [ 99.317297][ T8171] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 99.319906][ T5820] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 99.329174][ T5820] dvb-usb: bulk message failed: -22 (3/0) [ 99.331588][ T5820] dw2102: command 0x0e transfer failed. [ 99.333929][ T5820] dvb-usb: bulk message failed: -22 (3/0) [ 99.336292][ T5820] dw2102: command 0x0e transfer failed. [ 99.443817][ T8183] team0: entered allmulticast mode [ 99.445535][ T8183] team_slave_0: entered allmulticast mode [ 99.447648][ T8183] team_slave_1: entered allmulticast mode [ 99.641140][ T5820] dvb-usb: bulk message failed: -22 (3/0) [ 99.643534][ T5820] dw2102: command 0x0e transfer failed. [ 99.646004][ T5820] dvb-usb: bulk message failed: -22 (3/0) [ 99.651247][ T5820] dw2102: command 0x0e transfer failed. [ 99.653224][ T5820] dvb-usb: bulk message failed: -22 (1/0) [ 99.655011][ T5820] dw2102: command 0x51 transfer failed. [ 99.656798][ T8139] dvb-usb: bulk message failed: -22 (4/0) [ 99.658804][ T8139] dw2102: i2c transfer failed. [ 99.669577][ T5820] DVB: Unable to find symbol ds3000_attach() [ 99.672077][ T5820] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3' [ 99.712221][ T5820] rc_core: IR keymap rc-su3000 not found [ 99.714276][ T5820] Registered IR keymap rc-empty [ 99.716304][ T5820] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0 [ 99.721507][ T5820] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0/input6 [ 99.725584][ T5820] dvb-usb: schedule remote query interval to 150 msecs. [ 99.728191][ T5820] dw2102: su3000_power_ctrl: 0, initialized 1 [ 99.730699][ T5820] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected. [ 99.734458][ T5820] usb 7-1: USB disconnect, device number 4 [ 99.744447][ T5820] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected. [ 99.791140][ T8209] netlink: 'syz.1.1099': attribute type 1 has an invalid length. [ 99.794005][ T8209] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1099'. [ 99.797195][ T8209] netlink: 'syz.1.1099': attribute type 1 has an invalid length. [ 99.799764][ T8209] netlink: 'syz.1.1099': attribute type 8 has an invalid length. [ 99.803247][ T8209] netlink: 606 bytes leftover after parsing attributes in process `syz.1.1099'. [ 100.183816][ T8220] tipc: Started in network mode [ 100.185610][ T8220] tipc: Node identity 7f, cluster identity 4 [ 100.187646][ T8220] tipc: Node number set to 127 [ 100.189336][ T8220] tipc: Cannot configure node identity twice [ 100.321830][ T8230] xt_l2tp: missing protocol rule (udp|l2tpip) [ 100.591084][ T5740] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 100.593115][ T5882] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 100.699282][ T8236] CUSE: DEVNAME unspecified [ 100.762456][ T5882] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 100.765813][ T5882] usb 7-1: config 0 interface 0 has no altsetting 0 [ 100.769364][ T5882] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 100.774984][ T5882] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 100.778988][ T5882] usb 7-1: Product: syz [ 100.780752][ T5882] usb 7-1: Manufacturer: syz [ 100.782894][ T5882] usb 7-1: SerialNumber: syz [ 100.785881][ T5882] usb 7-1: config 0 descriptor?? [ 100.793033][ T5882] usb 7-1: selecting invalid altsetting 0 [ 101.004243][ T10] usb 7-1: USB disconnect, device number 5 [ 101.525616][ T8268] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1135'. [ 101.529326][ T8268] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1135'. [ 101.533202][ T8268] netlink: 'syz.1.1135': attribute type 12 has an invalid length. [ 101.554675][ T42] audit: type=1326 audit(1781754392.916:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8263 comm="syz.3.1128" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f88fec code=0x0 [ 101.571298][ T8270] can0: slcan on ptm0. [ 101.631719][ T8269] can0 (unregistered): slcan off ptm0. [ 101.766717][ T8295] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1141'. [ 102.385514][ T8331] netlink: 216 bytes leftover after parsing attributes in process `syz.3.1156'. [ 102.389471][ T8331] netlink: 216 bytes leftover after parsing attributes in process `syz.3.1156'. [ 102.401753][ T8334] overlayfs: only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed. [ 102.421276][ T8336] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 102.525447][ T8343] netlink: 'syz.2.1161': attribute type 2 has an invalid length. [ 104.682167][ T5743] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 104.684591][ T5743] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 104.686922][ T5743] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 104.689557][ T5743] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 104.692354][ T5743] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 104.889561][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.900677][ T8359] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.903316][ T8359] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.905694][ T8359] bridge_slave_0: entered allmulticast mode [ 104.908104][ T8359] bridge_slave_0: entered promiscuous mode [ 104.911198][ T8359] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.913923][ T8359] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.916490][ T8359] bridge_slave_1: entered allmulticast mode [ 104.918804][ T8359] bridge_slave_1: entered promiscuous mode [ 104.929041][ T8359] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.933354][ T8359] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.943013][ T8359] team0: Port device team_slave_0 added [ 104.947071][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.953778][ T8359] team0: Port device team_slave_1 added [ 104.966118][ T8359] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.968998][ T8359] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 104.979971][ T8359] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.985410][ T8359] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.988324][ T8359] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 104.998792][ T8359] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.016512][ T8359] hsr_slave_0: entered promiscuous mode [ 105.019134][ T8359] hsr_slave_1: entered promiscuous mode [ 105.022507][ T8359] debugfs: 'hsr0' already exists in 'hsr' [ 105.024814][ T8359] Cannot create hsr debugfs directory [ 105.030011][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.076067][ T8359] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 105.079760][ T8359] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 105.082396][ T8359] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 105.085673][ T8359] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 105.088313][ T8359] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 105.091775][ T8359] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 105.094474][ T8359] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 105.098178][ T8359] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 105.106088][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.118306][ T8359] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.121410][ T8359] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.124003][ T8359] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.126878][ T8359] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.150601][ T8359] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.156401][ T1162] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.158920][ T1162] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.164299][ T8359] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.168875][ T1162] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.171506][ T1162] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.176907][ T1162] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.179505][ T1162] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.205651][ T12] bridge_slave_1: left allmulticast mode [ 105.207400][ T12] bridge_slave_1: left promiscuous mode [ 105.209169][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.212431][ T12] bridge_slave_0: left allmulticast mode [ 105.214200][ T12] bridge_slave_0: left promiscuous mode [ 105.215969][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.219521][ T12] pimreg3: left allmulticast mode [ 105.252240][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 105.256089][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 105.259292][ T12] bond0 (unregistering): Released all slaves [ 105.352149][ T5442] 8021q: adding VLAN 0 to HW filter on device eth2 [ 105.397266][ T8359] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 105.460825][ T5442] 8021q: adding VLAN 0 to HW filter on device eth3 [ 105.500844][ T8359] veth0_vlan: entered promiscuous mode [ 105.509550][ T12] hsr_slave_0: left promiscuous mode [ 105.512529][ T12] hsr_slave_1: left promiscuous mode [ 105.515096][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 105.517611][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 105.520753][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 105.523467][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 105.527436][ T12] veth1_macvtap: left promiscuous mode [ 105.529103][ T12] veth0_macvtap: left promiscuous mode [ 105.530852][ T12] veth1_vlan: left promiscuous mode [ 105.533675][ T12] veth0_vlan: left promiscuous mode [ 105.597401][ T12] team0 (unregistering): Port device team_slave_1 removed [ 105.601725][ T12] team0 (unregistering): Port device team_slave_0 removed [ 105.640884][ T8359] veth1_vlan: entered promiscuous mode [ 105.643992][ T5442] 8021q: adding VLAN 0 to HW filter on device eth4 [ 105.657199][ T8359] veth0_macvtap: entered promiscuous mode [ 105.660377][ T8359] veth1_macvtap: entered promiscuous mode [ 105.667003][ T8359] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.672424][ T8359] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.678072][ T5812] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.681825][ T5812] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.686013][ T5812] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.689163][ T5812] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.709816][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.714499][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.725809][ T1162] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.729348][ T1162] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.780748][ T5442] 8021q: adding VLAN 0 to HW filter on device eth5 [ 106.738211][ T8462] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported [ 106.751271][ T5743] Bluetooth: hci4: command tx timeout [ 106.831605][ T8474] faux_driver vgem: [drm] Unknown color mode 11173; guessing buffer size. [ 106.851501][ T8476] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1190'. [ 107.041906][ T8503] tmpfs: Bad value for 'mpol' [ 107.097557][ T8509] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1206'. [ 107.125381][ T8513] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 107.718943][ T8522] tipc: Enabled bearer , priority 10 [ 107.754344][ T8530] mmap: syz.1.1215 (8530) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 108.006372][ T8568] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1228'. [ 108.009101][ T8568] openvswitch: netlink: IPv4 frag type 127 is out of range max 2 [ 108.016713][ T8570] sch_tbf: burst 240 is lower than device lo mtu (65550) ! [ 108.432966][ T8592] sch_tbf: burst 240 is lower than device lo mtu (65550) ! [ 108.455090][ T8598] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1248'. [ 108.623992][ T1043] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 108.634318][ T42] audit: type=1326 audit(1781754399.996:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8619 comm="syz.4.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708efec code=0x7ffc0000 [ 108.641177][ T42] audit: type=1326 audit(1781754399.996:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8619 comm="syz.4.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708efec code=0x7ffc0000 [ 108.642538][ T8622] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 108.648079][ T42] audit: type=1326 audit(1781754400.006:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8619 comm="syz.4.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=278 compat=1 ip=0xf708efec code=0x7ffc0000 [ 108.650083][ T8622] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 108.657111][ T42] audit: type=1326 audit(1781754400.006:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8619 comm="syz.4.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708efec code=0x7ffc0000 [ 108.668390][ T42] audit: type=1326 audit(1781754400.006:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8619 comm="syz.4.1260" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf708efec code=0x7ffc0000 [ 108.675649][ T8624] loop6: detected capacity change from 0 to 524287999 [ 108.683322][ T8624] buffer_io_error: 7 callbacks suppressed [ 108.683335][ T8624] Buffer I/O error on dev loop6, logical block 0, async page read [ 108.689354][ T8624] Buffer I/O error on dev loop6, logical block 0, async page read [ 108.692830][ T8624] Buffer I/O error on dev loop6, logical block 0, async page read [ 108.696293][ T8366] Buffer I/O error on dev loop6, logical block 0, async page read [ 108.699727][ T8624] Buffer I/O error on dev loop6, logical block 0, async page read [ 108.704053][ T8624] Buffer I/O error on dev loop6, logical block 0, async page read [ 108.707230][ T8624] Buffer I/O error on dev loop6, logical block 0, async page read [ 108.710441][ T8624] Buffer I/O error on dev loop6, logical block 0, async page read [ 108.713419][ T8624] Buffer I/O error on dev loop6, logical block 0, async page read [ 108.715825][ T8624] ldm_validate_partition_table(): Disk read failed. [ 108.717824][ T8624] Buffer I/O error on dev loop6, logical block 0, async page read [ 108.720246][ T8624] Dev loop6: unable to read RDB block 0 [ 108.722283][ T8624] loop6: unable to read partition table [ 108.725771][ T8624] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 108.804860][ T1043] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 108.808182][ T1043] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 108.811909][ T1043] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 108.814793][ T1043] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 108.817928][ T1043] usb 6-1: config 0 descriptor?? [ 108.820719][ T1043] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 108.822996][ T1043] dvb-usb: bulk message failed: -22 (3/0) [ 108.825429][ T1043] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 108.828273][ T1043] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 108.830427][ T1043] usb 6-1: media controller created [ 108.832728][ T1043] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 108.836250][ T1043] dvb-usb: bulk message failed: -22 (6/0) [ 108.838278][ T1043] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 108.841960][ T1043] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb6/6-1/input/input7 [ 108.846654][ T1043] dvb-usb: schedule remote query interval to 150 msecs. [ 108.848852][ T1043] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 108.951056][ T5820] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 109.001240][ T1043] dvb-usb: bulk message failed: -22 (1/0) [ 109.003028][ T1043] dvb-usb: error while querying for an remote control event. [ 109.010096][ T8653] loop6: detected capacity change from 0 to 524287999 [ 109.012687][ T8653] ldm_validate_partition_table(): Disk read failed. [ 109.015286][ T8653] Dev loop6: unable to read RDB block 0 [ 109.017937][ T8653] loop6: unable to read partition table [ 109.020510][ T8653] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 109.022592][ T8580] dvb-usb: bulk message failed: -22 (2/0) [ 109.026880][ T5882] usb 6-1: USB disconnect, device number 3 [ 109.037522][ T5882] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 109.056850][ T8655] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1275'. [ 109.101084][ T5820] usb 8-1: Using ep0 maxpacket: 8 [ 109.104740][ T5820] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 109.108145][ T5820] usb 8-1: config 0 has no interface number 0 [ 109.110855][ T5820] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 109.115524][ T5820] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 109.119536][ T5820] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 109.124053][ T5820] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.129539][ T5820] usb 8-1: config 0 descriptor?? [ 109.136300][ T5820] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 109.253221][ T8672] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1290'. [ 109.256560][ T8672] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1290'. [ 109.335833][ T8628] iowarrior 8-1:0.1: Error -90 while submitting URB [ 109.339613][ T5811] usb 8-1: USB disconnect, device number 6 [ 109.878169][ T8684] loop6: detected capacity change from 0 to 524287999 [ 109.881780][ T8684] ldm_validate_partition_table(): Disk read failed. [ 109.884724][ T8684] Dev loop6: unable to read RDB block 0 [ 109.887230][ T8684] loop6: unable to read partition table [ 109.890654][ T8684] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 109.898421][ T5140] ldm_validate_partition_table(): Disk read failed. [ 109.901694][ T5140] Dev loop6: unable to read RDB block 0 [ 109.904145][ T5140] loop6: unable to read partition table [ 109.912815][ T8692] vlan2: entered promiscuous mode [ 109.914735][ T8692] bridge0: entered promiscuous mode [ 109.952199][ T42] audit: type=1326 audit(1781754401.316:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8701 comm="syz.2.1299" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7ff8fec code=0x0 [ 109.986515][ T8712] loop6: detected capacity change from 0 to 524287999 [ 109.989438][ T8712] ldm_validate_partition_table(): Disk read failed. [ 109.992388][ T8712] Dev loop6: unable to read RDB block 0 [ 109.994701][ T8712] loop6: unable to read partition table [ 109.995884][ T8714] tmpfs: Cannot change global quota limit on remount [ 109.996580][ T8712] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 110.115289][ T8737] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1316'. [ 110.289327][ T8765] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1337'. [ 110.509277][ T8791] netlink: 666 bytes leftover after parsing attributes in process `syz.1.1342'. [ 110.620412][ T8806] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 110.771066][ T5882] usb 6-1: new low-speed USB device number 4 using dummy_hcd [ 110.891090][ T5827] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 110.926583][ T5882] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 110.929925][ T5882] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 110.932759][ T5882] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8 [ 110.936157][ T5882] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 110.938931][ T5882] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.943223][ T8793] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 110.947802][ T5882] hub 6-1:1.0: bad descriptor, ignoring hub [ 110.949727][ T5882] hub 6-1:1.0: probe with driver hub failed with error -5 [ 110.951981][ T5810] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 110.954491][ T5882] cdc_wdm 6-1:1.0: skipping garbage [ 110.956137][ T5882] cdc_wdm 6-1:1.0: skipping garbage [ 110.958702][ T5882] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 110.960684][ T5882] cdc_wdm 6-1:1.0: Unknown control protocol [ 111.052399][ T5827] usb 8-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 111.056467][ T5827] usb 8-1: config 0 interface 0 has no altsetting 0 [ 111.060709][ T5827] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 111.064237][ T5827] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 111.067322][ T5827] usb 8-1: Product: syz [ 111.068963][ T5827] usb 8-1: Manufacturer: syz [ 111.070665][ T5827] usb 8-1: SerialNumber: syz [ 111.073841][ T5827] usb 8-1: config 0 descriptor?? [ 111.077098][ T5827] usb 8-1: selecting invalid altsetting 0 [ 111.101153][ T5810] usb 9-1: Using ep0 maxpacket: 32 [ 111.106341][ T5810] usb 9-1: unable to get BOS descriptor or descriptor too short [ 111.115834][ T5810] usb 9-1: string descriptor 0 read error: -22 [ 111.118462][ T5810] usb 9-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.0e [ 111.122677][ T5810] usb 9-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3 [ 111.129696][ T5810] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state. [ 111.132450][ T5810] dw2102: su3000_power_ctrl: 1, initialized 0 [ 111.134462][ T5810] dvb-usb: bulk message failed: -22 (2/0) [ 111.137625][ T5810] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 111.140834][ T5810] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3) [ 111.144437][ T5810] usb 9-1: media controller created [ 111.147377][ T5810] dvb-usb: bulk message failed: -22 (6/0) [ 111.149694][ T5810] dw2102: i2c transfer failed. [ 111.151671][ T5810] dvb-usb: bulk message failed: -22 (6/0) [ 111.154032][ T5810] dw2102: i2c transfer failed. [ 111.156003][ T5810] dvb-usb: bulk message failed: -22 (6/0) [ 111.158399][ T5810] dw2102: i2c transfer failed. [ 111.160349][ T5810] dvb-usb: bulk message failed: -22 (6/0) [ 111.162852][ T5810] dw2102: i2c transfer failed. [ 111.164797][ T5810] dvb-usb: bulk message failed: -22 (6/0) [ 111.167029][ T5810] dw2102: i2c transfer failed. [ 111.168800][ T5810] dvb-usb: bulk message failed: -22 (6/0) [ 111.170490][ T5810] dw2102: i2c transfer failed. [ 111.172194][ T5810] dvb-usb: MAC address: 02:02:02:02:02:02 [ 111.179070][ T5810] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 111.189081][ T5810] dvb-usb: bulk message failed: -22 (3/0) [ 111.191847][ T5810] dw2102: command 0x0e transfer failed. [ 111.194163][ T5810] dvb-usb: bulk message failed: -22 (3/0) [ 111.196522][ T5810] dw2102: command 0x0e transfer failed. [ 111.284911][ T5827] usb 8-1: USB disconnect, device number 7 [ 111.322884][ T5883] usb 6-1: USB disconnect, device number 4 [ 111.501106][ T5810] dvb-usb: bulk message failed: -22 (3/0) [ 111.503566][ T5810] dw2102: command 0x0e transfer failed. [ 111.505853][ T5810] dvb-usb: bulk message failed: -22 (3/0) [ 111.508218][ T5810] dw2102: command 0x0e transfer failed. [ 111.510522][ T5810] dvb-usb: bulk message failed: -22 (1/0) [ 111.513014][ T5810] dw2102: command 0x51 transfer failed. [ 111.515394][ T8815] dvb-usb: bulk message failed: -22 (5/0) [ 111.517853][ T8815] dw2102: i2c transfer failed. [ 111.529750][ T5810] DVB: Unable to find symbol ds3000_attach() [ 111.532996][ T5810] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3' [ 111.581045][ T5810] rc_core: IR keymap rc-su3000 not found [ 111.582985][ T5810] Registered IR keymap rc-empty [ 111.584896][ T5810] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0 [ 111.589076][ T5810] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0/input8 [ 111.593742][ T5810] dvb-usb: schedule remote query interval to 150 msecs. [ 111.595955][ T5810] dw2102: su3000_power_ctrl: 0, initialized 1 [ 111.597866][ T5810] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected. [ 111.601692][ T5810] usb 9-1: USB disconnect, device number 2 [ 111.610298][ T5810] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected. [ 112.005881][ T8871] tmpfs: Cannot change global quota limit on remount [ 112.139527][ T8885] tipc: Enabled bearer , priority 10 [ 112.173215][ T8889] vlan3: entered promiscuous mode [ 112.174965][ T8889] bridge0: entered promiscuous mode [ 112.221327][ T9] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 112.371273][ T8903] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1385'. [ 112.372319][ T9] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 112.377989][ T9] usb 6-1: config 0 interface 0 has no altsetting 0 [ 112.382007][ T9] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 112.385814][ T9] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 112.388475][ T9] usb 6-1: Product: syz [ 112.389789][ T9] usb 6-1: Manufacturer: syz [ 112.391563][ T9] usb 6-1: SerialNumber: syz [ 112.394116][ T9] usb 6-1: config 0 descriptor?? [ 112.397357][ T9] usb 6-1: selecting invalid altsetting 0 [ 112.511076][ T5743] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 112.514363][ T5743] Bluetooth: hci4: Injecting HCI hardware error event [ 112.516663][ T5743] Bluetooth: hci4: hardware error 0x00 [ 112.602809][ T5810] usb 6-1: USB disconnect, device number 5 [ 112.671128][ T5740] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 112.673796][ T5740] Bluetooth: hci3: Injecting HCI hardware error event [ 112.676091][ T5738] Bluetooth: hci3: hardware error 0x00 [ 113.139968][ T8917] vlan2: entered promiscuous mode [ 113.142344][ T8917] bridge0: entered promiscuous mode [ 113.145658][ T1043] tipc: Node number set to 4278190081 [ 113.150843][ T8920] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 113.179285][ T8926] Cache volume key already in use (9p,syz,) [ 113.186837][ T8928] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1404'. [ 113.424350][ T8937] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1409'. [ 113.435872][ T8937] bond1: option lacp_strict: mode dependency failed, not supported in mode balance-rr(0) [ 113.439552][ T8937] bond1 (unregistering): Released all slaves [ 113.478389][ T8942] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 113.482709][ T8942] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 113.515431][ T8946] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 113.546387][ T8948] vlan2: entered promiscuous mode [ 113.548035][ T8948] bridge0: entered promiscuous mode [ 113.705704][ T8969] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1422'. [ 113.778696][ T8975] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 113.923494][ T8993] trusted_key: encrypted_key: key trusted:syz not found [ 114.137429][ T9040] binder: 9039:9040 ioctl 4018620d 0 returned -22 [ 114.143186][ T9040] binder: 9039:9040 ioctl c0306201 80000180 returned -11 [ 114.182064][ T9049] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.237065][ T9049] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.272933][ T9] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 114.297043][ T9049] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.349623][ T9049] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.414086][ T5537] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.416676][ T5537] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.421250][ T5537] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.426187][ T5537] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.431239][ T9] usb 9-1: Using ep0 maxpacket: 16 [ 114.434046][ T9] usb 9-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 114.437088][ T9] usb 9-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 114.440430][ T9] usb 9-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0 [ 114.443645][ T9] usb 9-1: config 0 interface 0 has no altsetting 0 [ 114.447010][ T9] usb 9-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 114.449845][ T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 114.452649][ T9] usb 9-1: Product: syz [ 114.454257][ T9] usb 9-1: Manufacturer: syz [ 114.455968][ T9] usb 9-1: SerialNumber: syz [ 114.458331][ T9] usb 9-1: config 0 descriptor?? [ 114.601111][ T5743] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 114.649647][ T42] audit: type=1326 audit(1781754406.006:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9100 comm="syz.1.1488" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f56fec code=0x0 [ 114.666445][ T9] input: syz syz as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/input/input9 [ 114.669814][ T5125] synaptics_usb 9-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 114.673649][ T5125] synaptics_usb 9-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 114.678776][ T5125] synaptics_usb 9-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 114.682920][ T5125] synaptics_usb 9-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 114.688472][ T5125] synaptics_usb 9-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 114.692601][ T8360] synaptics_usb 9-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 114.696047][ T5125] synaptics_usb 9-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 114.704540][ T5125] synaptics_usb 9-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 114.707739][ T5125] synaptics_usb 9-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 114.761112][ T5738] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 114.866660][ T9023] synaptics_usb 9-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 114.870469][ T9] usb 9-1: USB disconnect, device number 3 [ 115.089963][ T9111] PKCS8: Unsupported PKCS#8 version [ 115.141132][ T5811] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 115.301058][ T5811] usb 7-1: Using ep0 maxpacket: 8 [ 115.304668][ T5811] usb 7-1: config 0 has an invalid interface number: 1 but max is 0 [ 115.308141][ T5811] usb 7-1: config 0 has no interface number 0 [ 115.310704][ T5811] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 115.314266][ T5811] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 115.317437][ T5811] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 115.320394][ T5811] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 115.323750][ T5811] usb 7-1: config 0 descriptor?? [ 115.327497][ T5811] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 115.522286][ T9135] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1503'. [ 115.531313][ T9107] iowarrior 7-1:0.1: Error -90 while submitting URB [ 115.534564][ T5811] usb 7-1: USB disconnect, device number 6 [ 115.567454][ T9144] xt_AUDIT: Audit type out of range (valid range: 0..2) [ 115.612385][ T9151] netlink: 'syz.4.1510': attribute type 4 has an invalid length. [ 115.625682][ T9151] netlink: 'syz.4.1510': attribute type 4 has an invalid length. [ 115.678175][ T9167] comedi comedi3: pcl711: I/O base address not correctly aligned [ 115.745751][ T9176] netlink: 'syz.3.1523': attribute type 4 has an invalid length. [ 115.756181][ T9176] netlink: 'syz.3.1523': attribute type 4 has an invalid length. [ 115.868410][ T9205] netlink: 'syz.1.1536': attribute type 4 has an invalid length. [ 115.881832][ T9205] netlink: 'syz.1.1536': attribute type 4 has an invalid length. [ 116.082504][ T9220] macvlan0: entered promiscuous mode [ 116.160169][ T9241] netlink: 'syz.2.1551': attribute type 4 has an invalid length. [ 116.167527][ T9243] tipc: Enabling of bearer rejected, media not registered [ 116.170944][ T9241] netlink: 'syz.2.1551': attribute type 4 has an invalid length. [ 116.391219][ T9] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 116.551136][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 116.554909][ T9] usb 6-1: config 0 has an invalid interface number: 1 but max is 0 [ 116.557665][ T9] usb 6-1: config 0 has no interface number 0 [ 116.560113][ T9] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 116.561143][ T5811] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 116.564378][ T9] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 116.570536][ T9] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 116.574125][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.577712][ T9] usb 6-1: config 0 descriptor?? [ 116.584393][ T9] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 116.721060][ T5811] usb 8-1: Using ep0 maxpacket: 32 [ 116.723919][ T5811] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 116.727029][ T5811] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 116.731631][ T5811] usb 8-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a [ 116.734480][ T5811] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 116.736959][ T5811] usb 8-1: Product: syz [ 116.738226][ T5811] usb 8-1: Manufacturer: syz [ 116.739610][ T5811] usb 8-1: SerialNumber: syz [ 116.744330][ T5811] usb 8-1: config 0 descriptor?? [ 116.788494][ T9231] iowarrior 6-1:0.1: Error -90 while submitting URB [ 116.792699][ T9] usb 6-1: USB disconnect, device number 6 [ 116.951958][ T9267] netlink: 'syz.3.1566': attribute type 1 has an invalid length. [ 116.955185][ T9267] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1566'. [ 116.958854][ T9267] NCSI netlink: No device for ifindex 0 [ 116.962110][ T5810] usb 8-1: USB disconnect, device number 8 [ 117.449999][ T9329] macsec1: entered promiscuous mode [ 117.452662][ T9329] macsec1: entered allmulticast mode [ 117.547647][ T9351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1593'. [ 117.555642][ T9351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1593'. [ 117.560926][ T9351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1593'. [ 117.564828][ T9351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1593'. [ 117.568492][ T9351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1593'. [ 117.880888][ T9406] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1619'. [ 117.931128][ T9414] usb usb7: usbfs: process 9414 (syz.3.1624) did not claim interface 0 before use [ 117.933234][ T9] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 118.081930][ T9] usb 9-1: Using ep0 maxpacket: 32 [ 118.087299][ T9] usb 9-1: New USB device found, idVendor=2304, idProduct=0222, bcdDevice=77.3f [ 118.091286][ T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 118.094685][ T9] usb 9-1: Product: syz [ 118.096374][ T9] usb 9-1: Manufacturer: syz [ 118.097843][ T9] usb 9-1: SerialNumber: syz [ 118.100175][ T9] usb 9-1: config 0 descriptor?? [ 118.103634][ T9] dvb-usb: found a 'Pinnacle 450e DVB-S USB2.0' in warm state. [ 118.106261][ T9] dvb-usb: bulk message failed: -22 (4/0) [ 118.108684][ T9] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 118.113328][ T9] dvb-usb: bulk message failed: -22 (5/0) [ 118.115715][ T9] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 118.119634][ T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 118.123122][ T9] dvbdev: DVB: registering new adapter (Pinnacle 450e DVB-S USB2.0) [ 118.126089][ T9] usb 9-1: media controller created [ 118.131245][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 118.137658][ T9] usb 9-1: selecting invalid altsetting 3 [ 118.139595][ T9] ttusb2: set interface to alts=3 failed [ 118.180256][ T9] DVB: Unable to find symbol tda10086_attach() [ 118.186322][ T9] dvb-usb: no frontend was attached by 'Pinnacle 450e DVB-S USB2.0' [ 118.192264][ T9] dvb-usb: bulk message failed: -22 (4/0) [ 118.197239][ T9] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 118.203707][ T9] dvb-usb: bulk message failed: -22 (5/0) [ 118.208276][ T9] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 118.218216][ T9] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully initialized and connected. [ 118.249991][ T9466] genirq: Flags mismatch irq 4. 00200000 (pcl818) vs. 00200080 (ttyS0) [ 118.310110][ T9385] ttusb2: more than 2 i2c messages at a time is not handled yet. TODO. [ 118.313982][ T9385] dvb-usb: bulk message failed: -22 (7/0) [ 118.315955][ T9385] ttusb2: there might have been an error during control message transfer. (rlen = 3, was 0) [ 118.320208][ T9385] ttusb2: i2c transfer failed. [ 118.323112][ T5820] usb 9-1: USB disconnect, device number 4 [ 118.334965][ T5820] dvb-usb: Pinnacle 450e DVB-S USB2.0 successfully deinitialized and disconnected. [ 118.491089][ T9499] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1671'. [ 118.495389][ T9499] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1671'. [ 118.499326][ T9499] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1671'. [ 118.503520][ T9499] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1671'. [ 118.847275][ T9504] bond0: (slave macvlan1): Error: Device can not be enslaved while up [ 118.912117][ T5810] kernel read not supported for file /vga_arbiter (pid: 5810 comm: kworker/1:2) [ 118.918676][ T5820] IPVS: starting estimator thread 0... [ 119.001257][ T9523] IPVS: using max 54 ests per chain, 129600 per kthread [ 119.019083][ T9540] pimreg: entered allmulticast mode [ 119.022821][ T9540] pimreg: left allmulticast mode [ 119.213017][ T9] usb 7-1: new full-speed USB device number 7 using dummy_hcd [ 119.363092][ T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 119.367236][ T9] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 119.370925][ T9] usb 7-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 119.375270][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 119.380129][ T9] usb 7-1: config 0 descriptor?? [ 119.384415][ T9] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 119.387342][ T9] dvb-usb: bulk message failed: -22 (3/0) [ 119.391692][ T9] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 119.396092][ T9] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 119.398995][ T9] usb 7-1: media controller created [ 119.401878][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 119.406888][ T9] dvb-usb: bulk message failed: -22 (6/0) [ 119.409249][ T9] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 119.413442][ T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb7/7-1/input/input11 [ 119.418838][ T9] dvb-usb: schedule remote query interval to 150 msecs. [ 119.421956][ T9] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 119.581092][ T9] dvb-usb: bulk message failed: -22 (1/0) [ 119.583325][ T9] dvb-usb: error while querying for an remote control event. [ 119.587769][ T9536] dvb-usb: bulk message failed: -22 (4/0) [ 119.590196][ T34] usb 7-1: USB disconnect, device number 7 [ 119.598361][ T34] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 119.901799][ T34] kernel read not supported for file /vga_arbiter (pid: 34 comm: kworker/3:0) [ 119.954772][ T9625] can0: slcan on ttynull. [ 120.001420][ T9632] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 120.031614][ T9623] can0 (unregistered): slcan off ttynull. [ 120.039844][ T9634] macsec1: entered promiscuous mode [ 120.113947][ T9648] macsec1: entered promiscuous mode [ 120.115810][ T9648] macsec1: entered allmulticast mode [ 120.201134][ T9663] fuseblk: block size(5632) > page size(4096) not supported by filesystem [ 120.275251][ T9685] hub 8-0:1.0: USB hub found [ 120.276949][ T9685] hub 8-0:1.0: 1 port detected [ 120.279904][ T9689] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.1755' resets device [ 120.786230][ T9802] IPv6: NLM_F_CREATE should be specified when creating new route [ 120.811674][ T9804] veth1_macvtap: left promiscuous mode [ 120.813338][ T9804] macsec0: entered allmulticast mode [ 120.819543][ T9804] veth1_macvtap: entered promiscuous mode [ 120.822773][ T9804] veth1_macvtap: entered allmulticast mode [ 120.825661][ T9804] macsec0: left allmulticast mode [ 120.827836][ T9804] veth1_macvtap: left allmulticast mode [ 121.137610][ T9815] pimreg: entered allmulticast mode [ 121.144086][ T9815] pimreg: left allmulticast mode [ 121.479666][ T9835] pimreg: entered allmulticast mode [ 121.485104][ T9835] pimreg: left allmulticast mode [ 121.851077][ T5883] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 122.002612][ T5883] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 122.006522][ T5883] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 122.010201][ T5883] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 122.013997][ T5883] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 122.018571][ T5883] usb 6-1: config 0 descriptor?? [ 122.022724][ T5883] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 122.025461][ T5883] dvb-usb: bulk message failed: -22 (3/0) [ 122.028936][ T5883] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 122.032840][ T5883] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 122.035538][ T5883] usb 6-1: media controller created [ 122.038232][ T5883] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 122.045578][ T5883] dvb-usb: bulk message failed: -22 (6/0) [ 122.047978][ T5883] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 122.052189][ T5883] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb6/6-1/input/input12 [ 122.057663][ T5883] dvb-usb: schedule remote query interval to 150 msecs. [ 122.060232][ T5883] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 122.211451][ T5883] dvb-usb: bulk message failed: -22 (1/0) [ 122.213675][ T5883] dvb-usb: error while querying for an remote control event. [ 122.227015][ T9850] dvb-usb: bulk message failed: -22 (4/0) [ 122.229862][ T5882] usb 6-1: USB disconnect, device number 7 [ 122.447820][ T5882] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 122.484432][ T9860] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.616303][ T9860] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.667815][ T9860] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.735873][ T9860] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.808830][ T12] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.813810][ T12] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.818948][ T12] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.822589][ T9891] __nla_validate_parse: 5 callbacks suppressed [ 122.822599][ T9891] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1850'. [ 122.830352][ T12] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.853600][ T9896] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1853'. [ 122.856392][ T9896] netlink: 'syz.2.1853': attribute type 5 has an invalid length. [ 122.858741][ T9896] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1853'. [ 122.866060][ T9896] geneve2: entered promiscuous mode [ 122.867938][ T9896] geneve2: entered allmulticast mode [ 122.870120][ T12] netdevsim netdevsim2 eth0: set [1, 1] type 2 family 0 port 256 - 0 [ 122.875920][ T12] netdevsim netdevsim2 eth1: set [1, 1] type 2 family 0 port 256 - 0 [ 122.883450][ T12] netdevsim netdevsim2 eth2: set [1, 1] type 2 family 0 port 256 - 0 [ 122.888948][ T12] netdevsim netdevsim2 eth3: set [1, 1] type 2 family 0 port 256 - 0 [ 122.900302][ T9907] hugetlbfs: Bad value '' for mount option 'size' [ 122.900302][ T9907] [ 122.913137][ T9910] netlink: 'syz.4.1861': attribute type 1 has an invalid length. [ 122.943732][ T9916] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 123.003229][ T9928] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.058561][ T9928] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.137686][ T9947] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 123.149119][ T9928] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.181556][ T9] usb 8-1: new full-speed USB device number 9 using dummy_hcd [ 123.226364][ T9928] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.246492][ T5882] hid (null): global environment stack underflow [ 123.253563][ T5882] hid-generic 616F:20C2607D:F72986D9.0004: global environment stack underflow [ 123.257565][ T5882] hid-generic 616F:20C2607D:F72986D9.0004: item 0 1 1 11 parsing failed [ 123.260321][ T5882] hid-generic 616F:20C2607D:F72986D9.0004: probe with driver hid-generic failed with error -22 [ 123.291323][ T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.296510][ T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.310330][ T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.315423][ T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.342767][ T9] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 123.346020][ T9] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 123.349598][ T9] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 123.352415][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.357983][ T9] usb 8-1: config 0 descriptor?? [ 123.360762][ T9] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 123.364079][ T9] dvb-usb: bulk message failed: -22 (3/0) [ 123.368477][ T9] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 123.374989][ T9] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 123.377824][ T9] usb 8-1: media controller created [ 123.380229][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 123.387727][ T9] dvb-usb: bulk message failed: -22 (6/0) [ 123.388735][ T9970] raw_sendmsg: syz.1.1889 forgot to set AF_INET. Fix it! [ 123.393514][ T9] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 123.396947][ T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input13 [ 123.406633][ T9] dvb-usb: schedule remote query interval to 150 msecs. [ 123.408965][ T9] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 123.562407][ T9] dvb-usb: bulk message failed: -22 (1/0) [ 123.568164][ T9919] dvb-usb: bulk message failed: -22 (4/0) [ 123.570592][ T9] dvb-usb: error while querying for an remote control event. [ 123.574053][ T9] usb 8-1: USB disconnect, device number 9 [ 123.581991][ T9] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 123.901462][ T34] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 124.051711][ T34] usb 6-1: Using ep0 maxpacket: 8 [ 124.054520][ T34] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 124.056952][ T34] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 124.060386][ T34] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 124.064750][ T34] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 124.068521][ T34] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 124.072271][ T34] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 124.076956][ T34] usb 6-1: config 168 interface 0 has no altsetting 0 [ 124.080502][ T34] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 124.083738][ T34] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 124.089090][ T34] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 124.094272][ T34] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 124.099089][ T34] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 124.104423][ T34] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 124.109167][ T34] usb 6-1: config 168 interface 0 has no altsetting 0 [ 124.113495][ T34] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 124.116599][ T34] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 124.121929][ T34] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 124.126835][ T34] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 124.132276][ T34] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 124.137515][ T34] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 124.143947][ T34] usb 6-1: config 168 interface 0 has no altsetting 0 [ 124.149110][ T34] usb 6-1: string descriptor 0 read error: -22 [ 124.152973][ T34] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 124.156786][ T34] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 124.164559][ T34] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 124.371363][ T5820] usb 6-1: USB disconnect, device number 8 [ 124.372672][T10058] netlink: 'syz.2.1932': attribute type 11 has an invalid length. [ 125.085377][T10137] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1968'. [ 125.911224][ T40] usb 6-1: new full-speed USB device number 9 using dummy_hcd [ 125.981109][ T9] usb 8-1: new full-speed USB device number 10 using dummy_hcd [ 126.005023][T10184] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1989'. [ 126.066339][ T40] usb 6-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 126.069943][ T40] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 126.073726][ T40] usb 6-1: Product: syz [ 126.075410][ T40] usb 6-1: Manufacturer: syz [ 126.077282][ T40] usb 6-1: SerialNumber: syz [ 126.081574][ T40] usb 6-1: config 0 descriptor?? [ 126.128700][ T34] hid-generic FFFF:0008:0003.0005: item fetching failed at offset 0/1 [ 126.133100][ T34] hid-generic FFFF:0008:0003.0005: probe with driver hid-generic failed with error -22 [ 126.153477][ T9] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 126.157962][ T9] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 126.161732][ T9] usb 8-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 126.165521][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.170086][ T9] usb 8-1: config 0 descriptor?? [ 126.176480][ T9] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 126.180948][ T9] dvb-usb: bulk message failed: -22 (3/0) [ 126.189248][ T9] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 126.195301][ T9] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 126.199241][ T9] usb 8-1: media controller created [ 126.202536][ T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 126.213794][ T9] dvb-usb: bulk message failed: -22 (6/0) [ 126.216168][ T9] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 126.220807][ T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb8/8-1/input/input15 [ 126.226740][ T9] dvb-usb: schedule remote query interval to 150 msecs. [ 126.229686][ T9] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 126.289908][ T34] usb 6-1: USB disconnect, device number 9 [ 126.380530][T10166] dvb-usb: bulk message failed: -22 (2/0) [ 126.383095][ T9] dvb-usb: bulk message failed: -22 (1/0) [ 126.385644][ T9] dvb-usb: error while querying for an remote control event. [ 126.385931][ T5820] usb 8-1: USB disconnect, device number 10 [ 126.396179][ T5820] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 126.832040][T10212] blktrace: Concurrent blktraces are not allowed on sg0 [ 127.017253][T10230] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.100737][T10230] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.186506][T10230] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.285539][T10230] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.409251][ T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.414768][ T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.419058][ T12] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.424034][ T12] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.559943][T10271] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.563255][T10273] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2030'. [ 127.582452][T10275] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.585398][T10277] input input16: cannot allocate more than FF_MAX_EFFECTS effects [ 127.643331][T10281] block nbd3: shutting down sockets [ 127.646746][T10275] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.669451][T10290] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2040'. [ 127.704960][T10275] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.764706][T10275] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 127.864529][ T5537] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.871953][ T12] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.879827][ T12] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.885599][ T12] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.890901][T10318] program syz.2.2053 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 127.894533][T10318] ata1.00: non-matching transfer count (7936/0) [ 127.975631][T10334] overlayfs: conflicting lowerdir path [ 128.109810][T10354] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.160889][T10358] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2072'. [ 128.185862][T10354] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.365050][T10354] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.381609][ T40] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 128.473491][T10354] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 128.538280][ T5537] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.544488][ T5537] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.549762][ T5537] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.555818][ T5537] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.795287][T10388] e1000e 0000:00:02.0 eth1: NIC Link is Down [ 129.393323][T10426] tipc: Enabled bearer , priority 10 [ 129.574821][T10455] devpts: Bad value for 'max' [ 129.582375][T10458] netlink: 'syz.2.2106': attribute type 21 has an invalid length. [ 129.585223][T10458] IPv6: NLM_F_CREATE should be specified when creating new route [ 129.587747][T10458] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 129.589985][T10458] IPv6: NLM_F_CREATE should be set when creating new route [ 129.592896][T10458] IPv6: NLM_F_CREATE should be set when creating new route [ 129.595912][T10458] IPv6: NLM_F_CREATE should be set when creating new route [ 129.602744][T10458] netlink: 'syz.2.2106': attribute type 21 has an invalid length. [ 129.605450][T10458] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 129.694530][ T42] audit: type=1326 audit(1781754421.056:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10484 comm="syz.1.2118" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 129.701996][ T42] audit: type=1326 audit(1781754421.056:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10484 comm="syz.1.2118" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 129.708667][ T42] audit: type=1326 audit(1781754421.056:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10484 comm="syz.1.2118" exe="/syz-executor" sig=0 arch=40000003 syscall=329 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 129.717458][ T42] audit: type=1326 audit(1781754421.056:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10484 comm="syz.1.2118" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 129.726623][ T42] audit: type=1326 audit(1781754421.056:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10484 comm="syz.1.2118" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 129.734723][ T42] audit: type=1326 audit(1781754421.056:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10484 comm="syz.1.2118" exe="/syz-executor" sig=0 arch=40000003 syscall=256 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 129.742145][ T42] audit: type=1326 audit(1781754421.066:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10484 comm="syz.1.2118" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 129.748625][ T42] audit: type=1326 audit(1781754421.066:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10484 comm="syz.1.2118" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56fec code=0x7ffc0000 [ 129.903887][T10517] binder: 10514:10517 unknown command 71 [ 129.905719][T10517] binder: 10514:10517 ioctl c0306201 80000080 returned -22 [ 130.545547][T10638] netlink: 296 bytes leftover after parsing attributes in process `syz.4.2193'. [ 130.746566][T10663] random: crng reseeded on system resumption [ 130.776111][ T42] audit: type=1326 audit(1781754422.136:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10664 comm="syz.3.2206" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88fec code=0x7ffc0000 [ 130.784299][ T42] audit: type=1326 audit(1781754422.136:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10664 comm="syz.3.2206" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f88fec code=0x7ffc0000 [ 130.803322][T10668] netlink: 348 bytes leftover after parsing attributes in process `syz.2.2207'. [ 130.854388][T10680] program syz.3.2213 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 131.249952][T10732] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2235'. [ 131.465220][T10764] support for cryptoloop has been removed. Use dm-crypt instead. [ 131.533024][T10771] random: crng reseeded on system resumption [ 131.582477][ T5820] usb 9-1: new full-speed USB device number 5 using dummy_hcd [ 131.733780][ T5820] usb 9-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 131.736623][ T5820] usb 9-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 131.739096][ T5820] usb 9-1: Product: syz [ 131.742641][ T5820] usb 9-1: Manufacturer: syz [ 131.744165][ T5820] usb 9-1: SerialNumber: syz [ 131.746196][ T5820] usb 9-1: config 0 descriptor?? [ 131.958598][ T5810] usb 9-1: USB disconnect, device number 5 [ 132.065011][T10807] nd_bus ndbus0: __nd_ioctl:bus unknown input size cmd: cmd_call field: 1 [ 132.160240][T10826] netlink: 'syz.3.2279': attribute type 7 has an invalid length. [ 132.162717][T10826] netlink: 'syz.3.2279': attribute type 8 has an invalid length. [ 132.436354][T10876] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.439490][T10876] netdevsim netdevsim2 eth3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 132.485943][T10876] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.490001][T10876] netdevsim netdevsim2 eth2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0 [ 132.597323][T10898] tipc: Started in network mode [ 132.599329][T10898] tipc: Node identity aaaaaaaaaa32, cluster identity 4711 [ 132.602726][T10898] tipc: Enabled bearer , priority 10 [ 132.625565][T10904] ================================================================== [ 132.628032][T10904] BUG: KASAN: slab-out-of-bounds in try_module_get+0x4c/0xd0 [ 132.630206][T10904] Write of size 4 at addr ffff888000661f08 by task syz.3.2318/10904 [ 132.633895][T10904] [ 132.635472][T10904] CPU: 1 UID: 0 PID: 10904 Comm: syz.3.2318 Tainted: G L syzkaller #0 PREEMPT(full) [ 132.635502][T10904] Tainted: [L]=SOFTLOCKUP [ 132.635510][T10904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 132.635522][T10904] Call Trace: [ 132.635530][T10904] [ 132.635536][T10904] dump_stack_lvl+0x100/0x190 [ 132.635572][T10904] print_report+0x13d/0x4b0 [ 132.635600][T10904] ? __virt_addr_valid+0x239/0x430 [ 132.635629][T10904] ? try_module_get+0x4c/0xd0 [ 132.635651][T10904] kasan_report+0xdf/0x1c0 [ 132.635681][T10904] ? try_module_get+0x4c/0xd0 [ 132.635703][T10904] kasan_check_range+0x10f/0x1e0 [ 132.635724][T10904] try_module_get+0x4c/0xd0 [ 132.635745][T10904] dvb_device_open+0x124/0x3b0 [ 132.635770][T10904] ? __pfx_dvb_device_open+0x10/0x10 [ 132.635792][T10904] chrdev_open+0x234/0x6a0 [ 132.635807][T10904] ? __pfx_apparmor_file_open+0x10/0x10 [ 132.635823][T10904] ? __pfx_chrdev_open+0x10/0x10 [ 132.635839][T10904] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 132.635862][T10904] do_dentry_open+0x6ab/0x14d0 [ 132.635880][T10904] ? __pfx_chrdev_open+0x10/0x10 [ 132.635900][T10904] vfs_open+0x82/0x3f0 [ 132.635922][T10904] path_openat+0x2873/0x4280 [ 132.635941][T10904] ? do_int80_emulation+0x14b/0x720 [ 132.635978][T10904] ? __pfx_path_openat+0x10/0x10 [ 132.636000][T10904] do_file_open+0x20e/0x430 [ 132.636018][T10904] ? __pfx_do_file_open+0x10/0x10 [ 132.636045][T10904] ? _raw_spin_unlock+0x28/0x50 [ 132.636066][T10904] ? alloc_fd+0x471/0x7a0 [ 132.636097][T10904] do_sys_openat2+0x10f/0x1e0 [ 132.636120][T10904] ? __pfx_do_sys_openat2+0x10/0x10 [ 132.636145][T10904] ? __ia32_sys_futex_time32+0x2f4/0x470 [ 132.636215][T10904] __ia32_compat_sys_openat+0x12d/0x210 [ 132.636239][T10904] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 132.636266][T10904] ? rcu_is_watching+0x12/0xc0 [ 132.636284][T10904] ? rcu_is_watching+0x12/0xc0 [ 132.636302][T10904] do_int80_emulation+0x14b/0x720 [ 132.636329][T10904] asm_int80_emulation+0x1a/0x20 [ 132.636347][T10904] RIP: 0023:0xf71861eb [ 132.636363][T10904] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 132.636383][T10904] RSP: 002b:00000000f544603c EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 132.636402][T10904] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5446100 [ 132.636415][T10904] RDX: 0000000000040002 RSI: 0000000000000000 RDI: 0000000000000000 [ 132.636428][T10904] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 132.636439][T10904] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 132.636452][T10904] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 132.636469][T10904] [ 132.636475][T10904] [ 132.732755][T10904] Allocated by task 1: [ 132.734164][T10904] kasan_save_stack+0x30/0x50 [ 132.736021][T10904] kasan_save_track+0x14/0x30 [ 132.737855][T10904] __kasan_kmalloc+0xaa/0xb0 [ 132.739287][T10904] bus_add_driver+0x92/0x5b0 [ 132.740673][T10904] driver_register+0x1e2/0x360 [ 132.742132][T10904] i2c_register_driver+0xd9/0x1f0 [ 132.743784][T10904] do_one_initcall+0x11d/0x700 [ 132.745349][T10904] kernel_init_freeable+0x6ea/0x7b0 [ 132.746944][T10904] kernel_init+0x1f/0x1e0 [ 132.748258][T10904] ret_from_fork+0x72b/0xd50 [ 132.749633][T10904] ret_from_fork_asm+0x1a/0x30 [ 132.751100][T10904] [ 132.751855][T10904] The buggy address belongs to the object at ffff888000661e00 [ 132.751855][T10904] which belongs to the cache kmalloc-256 of size 256 [ 132.756412][T10904] The buggy address is located 56 bytes to the right of [ 132.756412][T10904] allocated 208-byte region [ffff888000661e00, ffff888000661ed0) [ 132.760689][T10904] [ 132.761422][T10904] The buggy address belongs to the physical page: [ 132.763467][T10904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x660 [ 132.766840][T10904] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 132.770175][T10904] flags: 0x7ff00000000040(head|node=0|zone=0|lastcpupid=0x7ff) [ 132.773162][T10904] page_type: f5(slab) [ 132.774412][T10904] raw: 007ff00000000040 ffff88801b842b40 dead000000000100 dead000000000122 [ 132.777270][T10904] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000 [ 132.780585][T10904] head: 007ff00000000040 ffff88801b842b40 dead000000000100 dead000000000122 [ 132.784079][T10904] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000 [ 132.787424][T10904] head: 007ff00000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff [ 132.790881][T10904] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 132.794239][T10904] page dumped because: kasan: bad access detected [ 132.796799][T10904] page_owner tracks the page as allocated [ 132.799068][T10904] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 17399605285, free_ts 17391255062 [ 132.806982][T10904] post_alloc_hook+0xfd/0x120 [ 132.808980][T10904] get_page_from_freelist+0x812/0x3d20 [ 132.811187][T10904] __alloc_frozen_pages_noprof+0x27c/0x2b60 [ 132.813582][T10904] new_slab+0xa2/0x670 [ 132.815314][T10904] refill_objects+0xe3/0x430 [ 132.817277][T10904] __pcs_replace_empty_main+0x375/0x660 [ 132.819466][T10904] __kmalloc_cache_noprof+0x48d/0x6e0 [ 132.821618][T10904] bus_add_driver+0x92/0x5b0 [ 132.823405][T10904] driver_register+0x1e2/0x360 [ 132.824868][T10904] usb_register_driver+0x21c/0x3e0 [ 132.826614][T10904] do_one_initcall+0x11d/0x700 [ 132.828552][T10904] kernel_init_freeable+0x6ea/0x7b0 [ 132.830602][T10904] kernel_init+0x1f/0x1e0 [ 132.832330][T10904] ret_from_fork+0x72b/0xd50 [ 132.834194][T10904] ret_from_fork_asm+0x1a/0x30 [ 132.836153][T10904] page last free pid 29 tgid 29 stack trace: [ 132.838557][T10904] __free_frozen_pages+0x794/0x10a0 [ 132.840696][T10904] vfree+0x15f/0x8d0 [ 132.842035][T10904] delayed_vfree_work+0x56/0x80 [ 132.843795][T10904] process_one_work+0xa23/0x1940 [ 132.845371][T10904] worker_thread+0x5ef/0xe50 [ 132.846742][T10904] kthread+0x370/0x450 [ 132.847970][T10904] ret_from_fork+0x72b/0xd50 [ 132.849341][T10904] ret_from_fork_asm+0x1a/0x30 [ 132.850717][T10904] [ 132.851485][T10904] Memory state around the buggy address: [ 132.853440][T10904] ffff888000661e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 132.856291][T10904] ffff888000661e80: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 132.858672][T10904] >ffff888000661f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 132.861036][T10904] ^ [ 132.862336][T10904] ffff888000661f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 132.864884][T10904] ffff888000662000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 132.867402][T10904] ================================================================== [ 132.873312][T10904] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 132.876160][T10904] CPU: 0 UID: 0 PID: 10904 Comm: syz.3.2318 Tainted: G L syzkaller #0 PREEMPT(full) [ 132.879950][T10904] Tainted: [L]=SOFTLOCKUP [ 132.881273][T10904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 132.884242][T10904] Call Trace: [ 132.885282][T10904] [ 132.886330][T10904] dump_stack_lvl+0x100/0x190 [ 132.887862][T10904] vpanic+0x552/0x970 [ 132.889220][T10904] ? __pfx_vpanic+0x10/0x10 [ 132.890708][T10904] ? rcu_is_watching+0x12/0xc0 [ 132.892246][T10904] ? try_module_get+0x4c/0xd0 [ 132.893839][T10904] panic+0xd1/0xe0 [ 132.895307][T10904] ? __pfx_panic+0x10/0x10 [ 132.897115][T10904] ? try_module_get+0x4c/0xd0 [ 132.898956][T10904] ? preempt_schedule_common+0x42/0xc0 [ 132.901242][T10904] check_panic_on_warn.cold+0x19/0x34 [ 132.903501][T10904] end_report.part.0+0x3a/0x90 [ 132.905490][T10904] kasan_report.cold+0xe/0x18 [ 132.907475][T10904] ? try_module_get+0x4c/0xd0 [ 132.909453][T10904] kasan_check_range+0x10f/0x1e0 [ 132.911535][T10904] try_module_get+0x4c/0xd0 [ 132.913444][T10904] dvb_device_open+0x124/0x3b0 [ 132.915428][T10904] ? __pfx_dvb_device_open+0x10/0x10 [ 132.917598][T10904] chrdev_open+0x234/0x6a0 [ 132.919432][T10904] ? __pfx_apparmor_file_open+0x10/0x10 [ 132.921723][T10904] ? __pfx_chrdev_open+0x10/0x10 [ 132.923829][T10904] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 132.926457][T10904] do_dentry_open+0x6ab/0x14d0 [ 132.928500][T10904] ? __pfx_chrdev_open+0x10/0x10 [ 132.930498][T10904] vfs_open+0x82/0x3f0 [ 132.932049][T10904] path_openat+0x2873/0x4280 [ 132.933521][T10904] ? do_int80_emulation+0x14b/0x720 [ 132.935174][T10904] ? __pfx_path_openat+0x10/0x10 [ 132.936882][T10904] do_file_open+0x20e/0x430 [ 132.938316][T10904] ? __pfx_do_file_open+0x10/0x10 [ 132.939922][T10904] ? _raw_spin_unlock+0x28/0x50 [ 132.941405][T10904] ? alloc_fd+0x471/0x7a0 [ 132.942722][T10904] do_sys_openat2+0x10f/0x1e0 [ 132.944185][T10904] ? __pfx_do_sys_openat2+0x10/0x10 [ 132.945779][T10904] ? __ia32_sys_futex_time32+0x2f4/0x470 [ 132.947559][T10904] __ia32_compat_sys_openat+0x12d/0x210 [ 132.949286][T10904] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 132.951160][T10904] ? rcu_is_watching+0x12/0xc0 [ 132.952637][T10904] ? rcu_is_watching+0x12/0xc0 [ 132.954087][T10904] do_int80_emulation+0x14b/0x720 [ 132.955619][T10904] asm_int80_emulation+0x1a/0x20 [ 132.957190][T10904] RIP: 0023:0xf71861eb [ 132.958436][T10904] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53 [ 132.964307][T10904] RSP: 002b:00000000f544603c EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 132.966914][T10904] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000f5446100 [ 132.969171][T10904] RDX: 0000000000040002 RSI: 0000000000000000 RDI: 0000000000000000 [ 132.971570][T10904] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 132.974158][T10904] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 132.976691][T10904] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 132.979067][T10904] [ 132.980593][T10904] Kernel Offset: disabled [ 132.981895][T10904] Rebooting in 86400 seconds.. VM DIAGNOSIS: 03:47:04 Registers: info registers vcpu 0 CPU#0 RAX=00000000000907ec RBX=ffffffff8e491480 RCX=ffffffff8b90e2b5 RDX=0000000000000001 RSI=ffffffff8c1cf300 RDI=ffffffff81dda1e7 RBP=fffffbfff1c92290 RSP=ffffffff8e407e10 R8 =0000000000000000 R9 =ffffed100564678d R10=ffff88802b233c6b R11=ffffffff81d4786c R12=0000000000000000 R13=0000000000000000 R14=1ffffffff1c80fc6 R15=dffffc0000000000 RIP=ffffffff8b90c87f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809713b000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f5445ff4 CR3=0000000077bbe000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff857ffd55 RDI=ffffffff9b49cba0 RBP=ffffffff9b49cb60 RSP=ffffc900049b72b8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030383838666657 R12=0000000000000000 R13=0000000000000030 R14=0000000000000010 R15=ffffffff857ffcf0 RIP=ffffffff857ffd7f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88809723b000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000033523ffc CR3=000000006f539000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffff000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff81fc32fd RDX=ffff8880285aca80 RSI=ffffffff81fc32d7 RDI=ffff8880285aca80 RBP=ffff88802b3431a0 RSP=ffffc90003f27460 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=0000000000000003 R13=ffffed1005668635 R14=0000000000000001 R15=ffff88802b43c840 RIP=ffffffff81fc32de RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88809733b000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7f76ec0 CR3=000000000e592000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000585858585858 2e7a797300000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000000 RBX=ffffea0001aca188 RCX=0000000000000801 RDX=1ffffd400028a152 RSI=0000000000000001 RDI=ffffea0001aca190 RBP=ffffea0001450a90 RSP=ffffc90004eb6fd8 R8 =ffff88802b541540 R9 =ffff88802b541540 R10=ffff88807ffd6900 R11=0000000000000000 R12=ffffea0001450a88 R13=dffffc0000000000 R14=ffffea0001aca180 R15=ffffea0001aca190 RIP=ffffffff85039d77 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88809743b000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000000c368978 CR3=0000000053238000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000