last executing test programs: 42.840887584s ago: executing program 1 (id=328): ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="020000000000ffffffff"]) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000003b80)={0x3, 0x0, 0xf000, 0x2000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4048aecb, &(0x7f0000000080)) 42.718006829s ago: executing program 1 (id=333): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e24}, 0x6e) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e24}, 0x52) r2 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000240)={0x4c, 0x14, 0x1, 0x70bd25, 0x25dfdbfd, {0x1, 0x1f, 0x8, 0x10, {0x4e26, 0x4e22, [0x3, 0x6, 0xe, 0xc3], [0x6, 0xe, 0x40000000, 0x7], 0x0, [0x1, 0x4]}, 0x9, 0xc7}}, 0x4c}, 0x1, 0x0, 0x0, 0x404c0c8}, 0x4040000) 42.671538566s ago: executing program 1 (id=336): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) r2 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r0, r1, 0x4, 0x0, @void}, 0x10) bpf$LINK_DETACH(0x22, &(0x7f00000002c0)=r2, 0x4) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]}) close_range(r3, 0xffffffffffffffff, 0x0) 42.6091389s ago: executing program 1 (id=338): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 42.608197847s ago: executing program 1 (id=339): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f00000001c0), 0x8) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r1, &(0x7f0000000000), 0x8) listen(r1, 0x0) listen(r0, 0x0) 42.381686275s ago: executing program 1 (id=342): openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000140)={0x0, 0x0, 0x1}, 0x18) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='smaps_rollup\x00') fchdir(r0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', &(0x7f0000000140)={0x474082, 0x5c, 0x8}, 0x18) 42.352780455s ago: executing program 32 (id=342): openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000140)={0x0, 0x0, 0x1}, 0x18) syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='smaps_rollup\x00') fchdir(r0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', &(0x7f0000000140)={0x474082, 0x5c, 0x8}, 0x18) 17.473363706s ago: executing program 0 (id=611): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000580)=@newqdisc={0x54, 0x24, 0xd0f, 0x4703d2d, 0xfffffffd, {0x60, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x5, 0x8, 0x5, 0xd, 0x2, 0x3, 0x3}}, {0x4}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x24000040}, 0x44080) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4000) 17.46868842s ago: executing program 0 (id=615): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000280)=ANY=[@ANYBLOB="01"]) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000040)={0x1, 0x0, [{0x80000008, 0x0, 0x2, 0xe, 0x6}]}) 17.28858964s ago: executing program 0 (id=618): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000300)={0xa, 0x3, 0x8, @loopback, 0xfffffffe}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000400)="89000000120081ae08060cdc03a6000000000002000000006ee2ffca1b1f0000000004c00e72f750375ed08a563319bf9ed720000000d6e747033a0093b837dc6cc01e32efaec8c7a6ec0012100002400d0c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0) 17.212307907s ago: executing program 0 (id=623): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 17.20692567s ago: executing program 0 (id=624): r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) fchdir(r0) open(&(0x7f0000000180)='./cgroup\x00', 0x183681, 0x8) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) syz_emit_ethernet(0x2a, 0x0, 0x0) rename(&(0x7f0000000100)='./cgroup\x00', &(0x7f0000000140)='./cgroup\x00') 16.471750923s ago: executing program 0 (id=631): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = epoll_create1(0x0) r1 = eventfd2(0x0, 0x0) epoll_pwait2(r0, &(0x7f0000000040)=[{}], 0x1, 0x0, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000b80)) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000180)={0x20000005}) 16.439198496s ago: executing program 33 (id=631): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = epoll_create1(0x0) r1 = eventfd2(0x0, 0x0) epoll_pwait2(r0, &(0x7f0000000040)=[{}], 0x1, 0x0, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000b80)) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000180)={0x20000005}) 1.799548067s ago: executing program 5 (id=811): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000200)={&(0x7f00002ca000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x1000, 0x2}) 1.486994086s ago: executing program 3 (id=818): r0 = socket$alg(0x26, 0x5, 0x0) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x5a) syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x0) write(r1, &(0x7f0000000040)="cb", 0xfffffdef) 1.486851455s ago: executing program 5 (id=819): name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1400) timer_create(0x4, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x5, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) 1.451406527s ago: executing program 5 (id=823): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SPLICE={0x1e, 0x48, 0x0, @fd, 0x3, {}, 0xa6, 0x3}) io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_IO_FLUSHER(0x43, 0x1) prctl$PR_SET_IO_FLUSHER(0x43, 0x0) 1.359602111s ago: executing program 5 (id=824): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0) write$cgroup_int(r1, &(0x7f0000000540), 0xfffffdd8) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) 1.355960475s ago: executing program 2 (id=825): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0xc, 0x288}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r1, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}}) io_uring_enter(r2, 0x3516, 0x0, 0x4, 0x0, 0x0) shutdown(r0, 0x0) 1.218513408s ago: executing program 2 (id=826): socket(0x2, 0x80805, 0x0) r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0) read(r1, &(0x7f0000000200)=""/202, 0xca) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, {0x3}}) tkill(r0, 0x7) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f0000000000)={0x1, 0x2, 0x0, 'queue0\x00', 0x3}) 1.216206556s ago: executing program 3 (id=827): r0 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x25e4, 0x3180, 0x8000, 0x400252}, &(0x7f0000002340)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$uinput_user_dev(r3, &(0x7f0000000fc0)={'syz1\x00', {0x6, 0x9, 0x444, 0x529}, 0x25, [0xf5, 0x8, 0x80000001, 0x2, 0x200, 0x3, 0x8e, 0x9, 0x9, 0x4, 0x0, 0x9, 0x7, 0x1, 0x71c, 0x38, 0xffffff7f, 0xac, 0x5, 0x3ff, 0x0, 0xea7, 0x1, 0x9be4bf38, 0x0, 0x20002, 0xc, 0x0, 0x8, 0x6, 0x84, 0xd3, 0x8001, 0x3, 0x2001, 0xb, 0x2, 0x5f85, 0xfffffffe, 0xc1e, 0x6, 0x939a, 0x8000, 0x1, 0x5c, 0x8, 0x7f, 0xd1, 0xf2b, 0x1, 0x6, 0xfffffffa, 0xffff, 0x8, 0x2, 0x6, 0xffffff80, 0x9, 0x6, 0xd2, 0x3ff, 0x5, 0x52, 0x1], [0x5, 0x2, 0xd91, 0x8, 0x401, 0xfffffff8, 0x4000000a, 0x5, 0xfffffffe, 0x40a89, 0xffb, 0xffffff4b, 0x1, 0x2, 0x0, 0x0, 0x8, 0x8, 0x0, 0x405, 0x2, 0x9, 0x5, 0x9, 0xd, 0x9, 0x206, 0x9, 0x8, 0x5, 0xf, 0xb2d1, 0x1, 0x200, 0x10000000, 0x9, 0xe22, 0x9, 0x5, 0x10001, 0x1, 0x865f, 0x80000000, 0x3, 0x801, 0x4, 0x3, 0x29e3, 0x7fc, 0xb4e5, 0x20000, 0x200, 0x6e99, 0x4, 0xff, 0x9, 0x1d, 0x3, 0x10000, 0xa, 0x26, 0x2, 0x6, 0x7fff], [0x4343fe9f, 0xfffffffd, 0x101, 0xffffffff, 0x7f, 0x8, 0x3, 0x3, 0xc, 0x9, 0xcb06, 0xfffeffff, 0x5, 0x37, 0x5, 0x80003, 0xc8, 0x8, 0x8000, 0x2, 0xdf9e, 0x40005, 0x8, 0xf9f, 0x3, 0x7, 0x401, 0x5, 0x2, 0x2, 0x3, 0x2, 0x1, 0x1, 0x10000004, 0x911, 0x6, 0x8000, 0x31c1, 0x8, 0xb, 0x4, 0x2, 0x1f85, 0x9, 0x3, 0x2, 0x8, 0x7, 0x402, 0x9, 0xffff, 0x40, 0x80000000, 0x3, 0xa, 0x80, 0xf, 0x8, 0x8, 0x9, 0x4, 0x4, 0x6], [0x27b, 0x5, 0x6, 0x10, 0x7, 0x8, 0x8, 0x6, 0x7fffffff, 0xe00e, 0xfffffff8, 0x8, 0xffff7bfb, 0x0, 0x401, 0x100, 0x404, 0x0, 0xa, 0x8, 0x3, 0x5, 0xfffffc00, 0x4, 0x9, 0x4, 0x2, 0x2, 0xa, 0x27, 0x400, 0x70, 0x2, 0xffc, 0x400002, 0xc, 0xffffffff, 0x49, 0x80088, 0x10, 0xfff, 0x9a2, 0x81, 0x3, 0x400, 0x4, 0x8, 0x5, 0x0, 0xfffffffe, 0xb, 0x1, 0xc3, 0x9, 0x807ff, 0x1, 0x3, 0xfffffbff, 0x4, 0xb, 0x5, 0x8, 0xa, 0xfffffff7]}, 0x45c) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x20008891, 0x1}) io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x0) 1.059998325s ago: executing program 2 (id=828): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f00000000c0)={0xfffc}, 0x8) sendto$inet6(r1, &(0x7f00000004c0)='W', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback, 0x8}, 0x1c) 1.059842463s ago: executing program 3 (id=829): pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r2 = dup(r1) open(&(0x7f0000000100)='./file0\x00', 0x440, 0x0) write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x3b9}}, 0x18) write$FUSE_INIT(r2, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x0, 0x8004000, 0x7, 0x8, 0x8000, 0x4, 0x0, 0x0, 0x10, 0x5}}, 0x50) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080), 0x1010412, &(0x7f0000000700)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}}) 1.054900522s ago: executing program 3 (id=831): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = syz_io_uring_setup(0x507d, &(0x7f0000000480)={0x0, 0x0, 0x10100, 0x0, 0xffffffff}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='net_prio.prioidx\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='6'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 831.183714ms ago: executing program 3 (id=832): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SPLICE={0x1e, 0x48, 0x0, @fd, 0x3, {}, 0xa6, 0x3}) io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_IO_FLUSHER(0x43, 0x1) prctl$PR_SET_IO_FLUSHER(0x43, 0x0) 740.997149ms ago: executing program 3 (id=833): r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0) syz_usb_disconnect(r0) r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[], 0x0) syz_usb_control_io$hid(r1, 0x0, 0x0) syz_usb_disconnect(0xffffffffffffffff) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$F2FS_IOC_PRECACHE_EXTENTS(r2, 0xf50f, 0x0) 724.026838ms ago: executing program 5 (id=834): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0xd146, 0x0, 0xc, 0x288}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r1, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='0'], 0x30}}) io_uring_enter(r2, 0x3516, 0x0, 0x4, 0x0, 0x0) shutdown(r0, 0x0) 537.28099ms ago: executing program 5 (id=836): r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x1, 0x81, 0x1ff, 0x801, 0x1}, 0x1c) sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) bind$tipc(r1, 0x0, 0x0) recvmmsg$unix(r0, &(0x7f0000004400)=[{{0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)=""/41, 0x29}], 0x1}}], 0x1, 0x0, 0x0) 439.617883ms ago: executing program 4 (id=837): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000040)="f30f01a64addbad004ed260f01c5c6f87e0f01cf631c66b88889118366efbafc0cb80a00ef0f0fb3fed6bfc4e38d449c7a7a0fba4100b000eef30fa7d0", 0x3d}], 0x1, 0x12, 0x0, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x100000020) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x4, 0x0, 0x2, 0x0, 0x7fffffff], 0x80a0000}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 271.458924ms ago: executing program 4 (id=838): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x6a) r0 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r1 = openat$cgroup_procs(r0, 0x0, 0x2, 0x0) write$cgroup_pid(r1, 0x0, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = openat$cgroup_type(r2, &(0x7f0000000100), 0x2, 0x0) write$cgroup_type(r3, &(0x7f0000000280), 0x9) 271.192701ms ago: executing program 4 (id=839): r0 = syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x6d89, 0x400, 0x40000, 0x115}, &(0x7f0000000400)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_CONNECT={0x10, 0x1d, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x3529, 0xf7da, 0x2, 0x0, 0x0) r3 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2) read(r3, &(0x7f0000000080)=""/116, 0xfffffeb2) read(r3, &(0x7f0000000280)=""/96, 0x60) 171.351847ms ago: executing program 4 (id=840): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = syz_io_uring_setup(0x117, &(0x7f0000000300)={0x0, 0x0, 0x10100, 0x200000, 0x1000000}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='rdma.current\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000000c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 171.072125ms ago: executing program 4 (id=841): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SPLICE={0x1e, 0x48, 0x0, @fd, 0x3, {}, 0xa6, 0x3}) io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_IO_FLUSHER(0x43, 0x1) prctl$PR_SET_IO_FLUSHER(0x43, 0x0) 100.389099ms ago: executing program 2 (id=842): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0xa7, &(0x7f00000003c0)={&(0x7f0000000300)={0x4c, 0x0, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x8, 0x8e, 0x1}}]}, 0x4c}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local}) io_uring_enter(0xffffffffffffffff, 0xd7c, 0xfcfc, 0x2e, 0x0, 0x0) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef) 38.313758ms ago: executing program 2 (id=843): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000111c0)='ext4_sync_fs\x00', r1, 0x0, 0x5}, 0x18) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r2], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000111c0)='ext4_sync_fs\x00', r3, 0x0, 0x5}, 0x18) sync() 37.879482ms ago: executing program 4 (id=844): setreuid(0xffffffffffffffff, 0xee00) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x8001) r2 = getpgid(0x0) fcntl$setownex(r1, 0xf, &(0x7f0000000140)={0x2, r2}) sendmmsg$unix(r0, &(0x7f0000006c40)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000008c0)='\x00', 0x1}], 0x1}}], 0x1, 0x408b1) 0s ago: executing program 2 (id=845): r0 = socket$kcm(0x11, 0x200000000000003, 0x300) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f00000003c0), 0x4) recvmsg$kcm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000200)=""/78, 0x4e}], 0x1}, 0x0) r1 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:48927' (ED25519) to the list of known hosts. [ 41.165848][ T5878] cgroup: Unknown subsys name 'net' [ 41.268342][ T5878] cgroup: Unknown subsys name 'cpuset' [ 41.272274][ T5878] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 42.100408][ T5878] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.831178][ T5321] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.840347][ T5964] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.842967][ T5963] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.846244][ T5963] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.848747][ T5963] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.851483][ T5963] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 45.853973][ T5969] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.854250][ T5963] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 45.856883][ T5969] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.859101][ T5963] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 45.861030][ T5969] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.863936][ T5963] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 45.865724][ T5967] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 45.871006][ T5967] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 45.872159][ T5973] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.875098][ T5967] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 45.879980][ T5973] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 45.882892][ T5973] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.889792][ T5972] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.892379][ T5972] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 46.227726][ T5965] chnl_net:caif_netlink_parms(): no params data found [ 46.232617][ T5956] chnl_net:caif_netlink_parms(): no params data found [ 46.259603][ T5957] chnl_net:caif_netlink_parms(): no params data found [ 46.309504][ T5968] chnl_net:caif_netlink_parms(): no params data found [ 46.480414][ T5965] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.483938][ T5965] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.486823][ T5965] bridge_slave_0: entered allmulticast mode [ 46.489630][ T5965] bridge_slave_0: entered promiscuous mode [ 46.548689][ T5965] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.551781][ T5965] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.555304][ T5965] bridge_slave_1: entered allmulticast mode [ 46.558437][ T5965] bridge_slave_1: entered promiscuous mode [ 46.660818][ T5957] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.666243][ T5957] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.669478][ T5957] bridge_slave_0: entered allmulticast mode [ 46.673447][ T5957] bridge_slave_0: entered promiscuous mode [ 46.702943][ T5965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.723426][ T5956] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.726688][ T5956] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.729785][ T5956] bridge_slave_0: entered allmulticast mode [ 46.733537][ T5956] bridge_slave_0: entered promiscuous mode [ 46.737784][ T5957] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.740948][ T5957] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.744360][ T5957] bridge_slave_1: entered allmulticast mode [ 46.748338][ T5957] bridge_slave_1: entered promiscuous mode [ 46.755225][ T5965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.759142][ T5968] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.762158][ T5968] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.765462][ T5968] bridge_slave_0: entered allmulticast mode [ 46.769179][ T5968] bridge_slave_0: entered promiscuous mode [ 46.773364][ T5956] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.776584][ T5956] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.779593][ T5956] bridge_slave_1: entered allmulticast mode [ 46.783517][ T5956] bridge_slave_1: entered promiscuous mode [ 46.885263][ T5968] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.887515][ T5968] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.889775][ T5968] bridge_slave_1: entered allmulticast mode [ 46.892446][ T5968] bridge_slave_1: entered promiscuous mode [ 46.912286][ T5957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.918473][ T5965] team0: Port device team_slave_0 added [ 46.956523][ T5957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.962857][ T5965] team0: Port device team_slave_1 added [ 46.987196][ T5956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.045959][ T5968] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.051017][ T5956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.103067][ T5968] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.160384][ T5956] team0: Port device team_slave_0 added [ 47.165724][ T5957] team0: Port device team_slave_0 added [ 47.169211][ T5965] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.172142][ T5965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.182805][ T5965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.212703][ T5956] team0: Port device team_slave_1 added [ 47.230180][ T5957] team0: Port device team_slave_1 added [ 47.233265][ T5965] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.235550][ T5965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.243452][ T5965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.260702][ T5968] team0: Port device team_slave_0 added [ 47.344136][ T5957] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.346979][ T5957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.359480][ T5957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.366664][ T5968] team0: Port device team_slave_1 added [ 47.369435][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.371481][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.379745][ T5956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.384658][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.386755][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.394837][ T5956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.399066][ T5957] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.401507][ T5957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.410184][ T5957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.484904][ T5965] hsr_slave_0: entered promiscuous mode [ 47.488094][ T5965] hsr_slave_1: entered promiscuous mode [ 47.491922][ T5968] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.494194][ T5968] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.502131][ T5968] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.508577][ T5968] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.510733][ T5968] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.518645][ T5968] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.653378][ T5956] hsr_slave_0: entered promiscuous mode [ 47.656808][ T5956] hsr_slave_1: entered promiscuous mode [ 47.659638][ T5956] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.662896][ T5956] Cannot create hsr debugfs directory [ 47.667905][ T5968] hsr_slave_0: entered promiscuous mode [ 47.671676][ T5968] hsr_slave_1: entered promiscuous mode [ 47.674787][ T5968] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.677078][ T5968] Cannot create hsr debugfs directory [ 47.720891][ T5957] hsr_slave_0: entered promiscuous mode [ 47.723363][ T5957] hsr_slave_1: entered promiscuous mode [ 47.727065][ T5957] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.729645][ T5957] Cannot create hsr debugfs directory [ 47.924364][ T5972] Bluetooth: hci0: command tx timeout [ 47.926296][ T5964] Bluetooth: hci2: command tx timeout [ 47.934245][ T5964] Bluetooth: hci3: command tx timeout [ 47.935266][ T5972] Bluetooth: hci1: command tx timeout [ 48.141254][ T5965] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 48.150462][ T5965] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 48.156289][ T5965] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 48.167262][ T5965] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 48.195084][ T5968] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 48.201941][ T5968] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 48.209429][ T5968] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 48.215460][ T5968] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 48.274189][ T5956] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 48.280999][ T5956] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 48.288045][ T5956] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 48.292979][ T5956] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 48.347890][ T5957] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 48.354116][ T5957] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 48.360081][ T5957] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 48.364706][ T5957] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 48.396466][ T5965] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.430534][ T5965] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.445228][ T87] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.447452][ T87] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.452443][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.454627][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.465873][ T5968] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.494788][ T5968] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.509466][ T1139] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.512432][ T1139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.519932][ T5956] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.524935][ T5957] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.537747][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.539970][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.563055][ T5957] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.568741][ T5956] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.582469][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.585431][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.590013][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.592537][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.607659][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.609858][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.614264][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.616483][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.698367][ T5965] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.731900][ T5965] veth0_vlan: entered promiscuous mode [ 48.738666][ T5968] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.742912][ T5965] veth1_vlan: entered promiscuous mode [ 48.774578][ T5965] veth0_macvtap: entered promiscuous mode [ 48.779871][ T5965] veth1_macvtap: entered promiscuous mode [ 48.782661][ T5968] veth0_vlan: entered promiscuous mode [ 48.804468][ T5965] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.811316][ T5968] veth1_vlan: entered promiscuous mode [ 48.820760][ T5957] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.827695][ T5965] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.839554][ T5965] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.843279][ T5965] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.847446][ T5965] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.850899][ T5965] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.861771][ T5956] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.896320][ T5968] veth0_macvtap: entered promiscuous mode [ 48.900135][ T5968] veth1_macvtap: entered promiscuous mode [ 48.936666][ T5957] veth0_vlan: entered promiscuous mode [ 48.943248][ T5968] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.948433][ T87] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.951789][ T87] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.951908][ T5956] veth0_vlan: entered promiscuous mode [ 48.961429][ T5957] veth1_vlan: entered promiscuous mode [ 48.966632][ T5968] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.983831][ T5968] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.986531][ T5968] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.989188][ T5968] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.991924][ T5968] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.007565][ T5956] veth1_vlan: entered promiscuous mode [ 49.016611][ T93] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.019343][ T93] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.047816][ T5956] veth0_macvtap: entered promiscuous mode [ 49.055987][ T93] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.058762][ T93] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.061767][ T5956] veth1_macvtap: entered promiscuous mode [ 49.063343][ T5965] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 49.070331][ T5957] veth0_macvtap: entered promiscuous mode [ 49.078894][ T5957] veth1_macvtap: entered promiscuous mode [ 49.110217][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.112653][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.118749][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.118976][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.130027][ T5956] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.133465][ T5956] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.138037][ T5956] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.141677][ T5956] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.148302][ T5957] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.167119][ T5957] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.177660][ T5957] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.180951][ T5957] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.186326][ T5957] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.189292][ T5957] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.217511][ T1139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.220617][ T1139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.262186][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.262203][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.317292][ T1139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.320489][ T1139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.360233][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.362649][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.386494][ T6058] batadv0: entered allmulticast mode [ 49.389087][ T6057] batadv0: left allmulticast mode [ 49.440034][ T6027] libceph: connect (1)[c::]:6789 error -101 [ 49.442177][ T6027] libceph: mon0 (1)[c::]:6789 connect error [ 49.513227][ T6044] libceph: connect (1)[c::]:6789 error -101 [ 49.516050][ T6044] libceph: mon0 (1)[c::]:6789 connect error [ 49.631953][ T6079] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13'. [ 49.705817][ T6027] libceph: connect (1)[c::]:6789 error -101 [ 49.708181][ T6027] libceph: mon0 (1)[c::]:6789 connect error [ 49.784455][ T6006] libceph: connect (1)[c::]:6789 error -101 [ 49.786350][ T6006] libceph: mon0 (1)[c::]:6789 connect error [ 49.930108][ T40] audit: type=1326 audit(1752649724.197:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.0.17" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7fc00000 [ 50.003980][ T5972] Bluetooth: hci3: command tx timeout [ 50.004145][ T5964] Bluetooth: hci2: command tx timeout [ 50.006132][ T5973] Bluetooth: hci0: command tx timeout [ 50.007218][ T5972] Bluetooth: hci1: command tx timeout [ 50.145119][ T29] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 50.214489][ T6027] libceph: connect (1)[c::]:6789 error -101 [ 50.216504][ T6027] libceph: mon0 (1)[c::]:6789 connect error [ 50.269758][ T6063] ceph: No mds server is up or the cluster is laggy [ 50.269845][ T6069] ceph: No mds server is up or the cluster is laggy [ 50.304321][ T29] usb 6-1: Using ep0 maxpacket: 16 [ 50.312790][ T29] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 50.317902][ T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 50.322290][ T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 50.327762][ T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 50.331525][ T29] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 50.339925][ T29] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 50.344071][ T29] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 50.347323][ T29] usb 6-1: Manufacturer: syz [ 50.354244][ T29] usb 6-1: config 0 descriptor?? [ 50.550653][ T40] audit: type=1326 audit(1752649724.817:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6086 comm="syz.0.17" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70be579 code=0x7fc00000 [ 50.593653][ T9] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 50.604435][ T29] rc_core: IR keymap rc-hauppauge not found [ 50.606967][ T29] Registered IR keymap rc-empty [ 50.609155][ T29] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 50.624794][ T29] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 50.654713][ T29] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0 [ 50.660289][ T29] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input5 [ 50.668986][ T29] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 50.684044][ T29] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 50.706581][ T29] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 50.735857][ T29] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 50.753635][ T9] usb 7-1: Using ep0 maxpacket: 16 [ 50.756409][ T29] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 50.757042][ T9] usb 7-1: config 0 has no interfaces? [ 50.761110][ T9] usb 7-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88 [ 50.764498][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 50.769889][ T9] usb 7-1: config 0 descriptor?? [ 50.774095][ T29] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 50.795171][ T29] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 50.823732][ T29] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 50.853840][ T29] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 50.874888][ T29] mceusb 6-1:0.0: Error: mce write submit urb error = -90 [ 50.897916][ T29] mceusb 6-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 50.901896][ T29] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 50.984510][ T60] usb 7-1: USB disconnect, device number 2 [ 51.015336][ T29] usb 6-1: USB disconnect, device number 2 [ 51.308355][ T6134] syzkaller1: entered promiscuous mode [ 51.310414][ T6134] syzkaller1: entered allmulticast mode [ 51.547078][ T6147] netlink: 'syz.1.40': attribute type 10 has an invalid length. [ 51.549227][ T6147] netlink: 40 bytes leftover after parsing attributes in process `syz.1.40'. [ 51.551876][ T6147] dummy0: entered promiscuous mode [ 51.556783][ T6147] bridge0: port 3(dummy0) entered blocking state [ 51.559196][ T6147] bridge0: port 3(dummy0) entered disabled state [ 51.561663][ T6147] dummy0: entered allmulticast mode [ 51.565913][ T6147] bridge0: port 3(dummy0) entered blocking state [ 51.568562][ T6147] bridge0: port 3(dummy0) entered forwarding state [ 51.904012][ T6168] netlink: 24 bytes leftover after parsing attributes in process `syz.1.49'. [ 52.084089][ T5973] Bluetooth: hci2: command tx timeout [ 52.093805][ T5973] Bluetooth: hci0: command tx timeout [ 52.094045][ T5321] Bluetooth: hci1: command tx timeout [ 52.095615][ T5964] Bluetooth: hci3: command tx timeout [ 52.203785][ T840] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 52.364935][ T840] usb 6-1: config 0 has no interfaces? [ 52.366850][ T840] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 52.369727][ T840] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 52.374749][ T840] usb 6-1: config 0 descriptor?? [ 52.584660][ T53] usb 6-1: USB disconnect, device number 3 [ 53.195768][ T6209] syz.1.69 uses obsolete (PF_INET,SOCK_PACKET) [ 53.624717][ T6231] input: syz1 as /devices/virtual/input/input6 [ 53.873756][ T6246] Bluetooth: MGMT ver 1.23 [ 53.954956][ T6249] netlink: 4 bytes leftover after parsing attributes in process `syz.0.82'. [ 54.165220][ T5964] Bluetooth: hci0: command tx timeout [ 54.167098][ T5964] Bluetooth: hci1: command tx timeout [ 54.167447][ T5973] Bluetooth: hci3: command tx timeout [ 54.169033][ T5964] Bluetooth: hci2: command tx timeout [ 54.427074][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.435995][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.448844][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.495673][ T6287] ALSA: seq fatal error: cannot create timer (-16) [ 54.498682][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.544517][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.548320][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.553921][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.711621][ T6306] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 54.863807][ T29] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 55.025929][ T29] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 55.030707][ T29] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 55.035995][ T29] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 55.039123][ T29] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.044934][ T29] usb 8-1: config 0 descriptor?? [ 55.120558][ T6325] netem: change failed [ 55.262621][ T29] usbhid 8-1:0.0: can't add hid device: -71 [ 55.264970][ T29] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 55.268852][ T29] usb 8-1: USB disconnect, device number 2 [ 56.104025][ T61] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 56.254122][ T61] usb 8-1: too many configurations: 9, using maximum allowed: 8 [ 56.257908][ T61] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 56.260718][ T61] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 56.265626][ T61] usb 8-1: config 0 interface 0 has no altsetting 0 [ 56.268616][ T61] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 56.271436][ T61] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 56.274990][ T61] usb 8-1: config 0 interface 0 has no altsetting 0 [ 56.278322][ T61] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 56.281425][ T61] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 56.285802][ T61] usb 8-1: config 0 interface 0 has no altsetting 0 [ 56.288625][ T61] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 56.291478][ T61] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 56.294998][ T61] usb 8-1: config 0 interface 0 has no altsetting 0 [ 56.298675][ T61] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 56.301815][ T61] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 56.305443][ T61] usb 8-1: config 0 interface 0 has no altsetting 0 [ 56.308233][ T61] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 56.311026][ T61] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 56.314656][ T61] usb 8-1: config 0 interface 0 has no altsetting 0 [ 56.320155][ T61] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 56.323255][ T61] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 56.326948][ T61] usb 8-1: config 0 interface 0 has no altsetting 0 [ 56.329896][ T61] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 56.332677][ T61] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 56.336103][ T61] usb 8-1: config 0 interface 0 has no altsetting 0 [ 56.340249][ T61] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 56.343111][ T61] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 56.345975][ T61] usb 8-1: Product: syz [ 56.347301][ T61] usb 8-1: Manufacturer: syz [ 56.348965][ T61] usb 8-1: SerialNumber: syz [ 56.351928][ T61] usb 8-1: config 0 descriptor?? [ 56.359945][ T61] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0 [ 56.614518][ C3] usb 8-1: yurex_control_callback - control failed: -71 [ 56.619231][ T9] usb 8-1: USB disconnect, device number 3 [ 56.622331][ T9] yurex 8-1:0.0: USB YUREX #0 now disconnected [ 57.370103][ T40] audit: type=1326 audit(1752649731.637:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6404 comm="syz.2.148" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee579 code=0x7fc00000 [ 57.593665][ T6027] usb 6-1: new full-speed USB device number 4 using dummy_hcd [ 57.728684][ T6454] netlink: 4 bytes leftover after parsing attributes in process `syz.2.169'. [ 57.749236][ T6027] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 57.752720][ T6027] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 57.755996][ T6027] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 57.758702][ T6027] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.762385][ T6027] usb 6-1: config 0 descriptor?? [ 57.768372][ T6027] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 57.771230][ T6027] dvb-usb: bulk message failed: -22 (3/0) [ 57.779103][ T6027] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 57.782315][ T6027] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 57.785219][ T6027] usb 6-1: media controller created [ 57.788193][ T6027] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 57.797225][ T6027] dvb-usb: bulk message failed: -22 (6/0) [ 57.801839][ T6027] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 57.808738][ T6027] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb6/6-1/input/input7 [ 57.817801][ T6027] dvb-usb: schedule remote query interval to 150 msecs. [ 57.820168][ T6027] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 57.975091][ T6027] dvb-usb: bulk message failed: -22 (1/0) [ 57.977494][ T24] usb 6-1: USB disconnect, device number 4 [ 57.978254][ T6027] dvb-usb: error while querying for an remote control event. [ 57.979302][ T6458] netlink: 4 bytes leftover after parsing attributes in process `syz.2.171'. [ 58.000232][ T24] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 58.143751][ T53] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 58.295328][ T6027] libceph: connect (1)[c::]:6789 error -101 [ 58.297674][ T6027] libceph: mon0 (1)[c::]:6789 connect error [ 58.316957][ T53] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 58.320446][ T53] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 58.324136][ T53] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 58.328349][ T53] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 58.333260][ T53] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 58.336862][ T53] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 58.339353][ T53] usb 5-1: Manufacturer: syz [ 58.342057][ T53] usb 5-1: config 0 descriptor?? [ 58.395647][ T6472] ceph: No mds server is up or the cluster is laggy [ 58.756234][ T53] appleir 0003:05AC:8243.0002: unknown main item tag 0x0 [ 58.762953][ T53] appleir 0003:05AC:8243.0002: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 59.162176][ T40] audit: type=1800 audit(1752649733.427:5): pid=6497 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.186" name="bus" dev="9p" ino=36047890 res=0 errno=0 [ 59.382386][ T6508] netlink: 12 bytes leftover after parsing attributes in process `syz.1.190'. [ 59.485704][ T6516] netlink: 4 bytes leftover after parsing attributes in process `syz.2.193'. [ 59.489867][ T6516] netlink: 4 bytes leftover after parsing attributes in process `syz.2.193'. [ 59.612062][ T6525] mmap: syz.2.197 (6525) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 59.634666][ T9] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 59.743730][ T34] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 59.809535][ T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 59.815886][ T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 59.819840][ T9] usb 8-1: New USB device found, idVendor=056a, idProduct=00e3, bcdDevice= 0.00 [ 59.822713][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.827782][ T9] usb 8-1: config 0 descriptor?? [ 59.903754][ T34] usb 6-1: Using ep0 maxpacket: 32 [ 59.907471][ T34] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 59.910985][ T34] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 59.915062][ T34] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 59.918781][ T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 59.922736][ T34] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 59.937504][ T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 59.942370][ T34] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 59.946360][ T34] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 59.950653][ T34] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 59.954740][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.959137][ T34] usb 6-1: config 0 descriptor?? [ 60.041100][ T6506] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 60.045069][ T6506] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 60.070597][ T9] usbhid 8-1:0.0: can't add hid device: -71 [ 60.072582][ T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 60.076451][ T9] usb 8-1: USB disconnect, device number 4 [ 60.172442][ T34] usblp 6-1:0.0: usblp1: USB Bidirectional printer dev 5 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 60.177301][ T34] usb 6-1: USB disconnect, device number 5 [ 60.182129][ T34] usblp1: removed [ 60.230993][ T40] audit: type=1326 audit(1752649734.497:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6544 comm="syz.3.206" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf705e579 code=0x0 [ 60.527443][ T6548] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer. [ 60.633673][ T24] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 60.795362][ T24] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 60.798219][ T24] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 60.801049][ T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 60.804143][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 60.807025][ T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 60.810063][ T24] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 60.815146][ T24] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 60.818728][ T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.822585][ T24] usb 6-1: config 0 descriptor?? [ 61.014030][ T53] usb 5-1: reset high-speed USB device number 2 using dummy_hcd [ 61.017481][ T53] usb 5-1: device reset changed ep0 maxpacket size! [ 61.020960][ T61] usb 5-1: USB disconnect, device number 2 [ 61.034325][ T24] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 61.113681][ T6044] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 61.163720][ T61] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 61.235453][ T9] usb 6-1: USB disconnect, device number 6 [ 61.241048][ T9] usblp0: removed [ 61.263995][ T6044] usb 7-1: Using ep0 maxpacket: 32 [ 61.267171][ T6044] usb 7-1: config 0 has an invalid interface number: 12 but max is 0 [ 61.269669][ T6044] usb 7-1: config 0 has no interface number 0 [ 61.271591][ T6044] usb 7-1: config 0 interface 12 has no altsetting 0 [ 61.285873][ T6044] usb 7-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40 [ 61.288782][ T6044] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 61.291327][ T6044] usb 7-1: Product: syz [ 61.292670][ T6044] usb 7-1: Manufacturer: syz [ 61.297181][ T6044] usb 7-1: SerialNumber: syz [ 61.299954][ T6044] usb 7-1: config 0 descriptor?? [ 61.302943][ T6044] f81534 7-1:0.12: required endpoints missing [ 61.333654][ T61] usb 5-1: Using ep0 maxpacket: 8 [ 61.336778][ T61] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 61.339973][ T61] usb 5-1: config 0 has no interfaces? [ 61.341783][ T61] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 61.344677][ T61] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 61.348400][ T61] usb 5-1: config 0 descriptor?? [ 61.512008][ T9] usb 7-1: USB disconnect, device number 3 [ 61.572468][ T6044] usb 5-1: USB disconnect, device number 3 [ 62.108464][ T6572] netlink: 12 bytes leftover after parsing attributes in process `syz.3.215'. [ 62.121024][ T6572] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 62.123960][ T6572] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 62.126627][ T6572] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 62.129758][ T6572] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 62.136352][ T6572] vxlan0: entered promiscuous mode [ 62.151469][ T6577] af_packet: tpacket_rcv: packet too big, clamped from 1 to 4294967272. macoff=96 [ 62.273638][ T29] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 62.439995][ T29] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 62.443413][ T29] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024 [ 62.452225][ T29] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 62.455310][ T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 62.457868][ T29] usb 6-1: Product: syz [ 62.459208][ T29] usb 6-1: Manufacturer: syz [ 62.460792][ T29] usb 6-1: SerialNumber: syz [ 62.465215][ T29] cdc_mbim 6-1:1.0: skipping garbage [ 62.566947][ T59] Bluetooth: (null): Invalid header checksum [ 62.568962][ T59] Bluetooth: (null): Invalid header checksum [ 62.669193][ T6565] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 62.684602][ T1139] Bluetooth: (null): Invalid header checksum [ 62.703699][ T61] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 62.794034][ T1139] Bluetooth: (null): Invalid header checksum [ 62.833662][ T6044] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 62.854784][ T61] usb 5-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 62.858224][ T61] usb 5-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0 [ 62.861231][ T61] usb 5-1: config 0 interface 0 has no altsetting 0 [ 62.863383][ T61] usb 5-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 62.866257][ T61] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 62.870586][ T61] usb 5-1: config 0 descriptor?? [ 62.910539][ T1139] Bluetooth: (null): Invalid header checksum [ 62.985297][ T6044] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 62.988796][ T6044] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 62.992174][ T6044] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 62.995929][ T6044] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 62.999763][ T6044] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 63.002442][ T6044] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.006667][ T6044] usb 7-1: config 0 descriptor?? [ 63.008745][ T6603] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22 [ 63.014124][ T1139] Bluetooth: (null): Invalid header checksum [ 63.080597][ T61] usbhid 5-1:0.0: can't add hid device: -71 [ 63.082516][ T61] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 63.085939][ T61] usb 5-1: USB disconnect, device number 4 [ 63.275333][ T6565] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 63.278012][ T29] cdc_mbim 6-1:1.0: setting tx_max = 184 [ 63.281617][ T29] cdc_mbim 6-1:1.0: cdc-wdm0: USB WDM device [ 63.286495][ T29] wwan wwan0: port wwan0mbim0 attached [ 63.292477][ T29] cdc_mbim 6-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.1-1, CDC MBIM, ee:f5:39:54:3f:1d [ 63.421182][ T6044] plantronics 0003:047F:FFFF.0003: reserved main item tag 0xd [ 63.427730][ T6044] plantronics 0003:047F:FFFF.0003: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 63.481315][ C1] cdc_mbim 6-1:1.0: nonzero urb status received: -71 [ 63.483665][ C1] cdc_mbim 6-1:1.0: wdm_int_callback - 0 bytes [ 63.485726][ C1] cdc_mbim 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1 [ 63.487015][ T5672] 8021q: adding VLAN 0 to HW filter on device wwan0 [ 63.490503][ T29] usb 6-1: USB disconnect, device number 7 [ 63.495164][ T29] cdc_mbim 6-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.1-1, CDC MBIM [ 63.577616][ T29] wwan wwan0: port wwan0mbim0 disconnected [ 63.620314][ T6044] usb 7-1: USB disconnect, device number 4 [ 63.685245][ T6045] hid-generic 00A0:0008:0003.0004: unknown main item tag 0x0 [ 63.687734][ T6045] hid-generic 00A0:0008:0003.0004: unknown main item tag 0x0 [ 63.690346][ T6045] hid-generic 00A0:0008:0003.0004: unknown main item tag 0x0 [ 63.692789][ T6045] hid-generic 00A0:0008:0003.0004: unknown main item tag 0x0 [ 63.695302][ T6045] hid-generic 00A0:0008:0003.0004: unknown main item tag 0x0 [ 63.697607][ T6045] hid-generic 00A0:0008:0003.0004: unknown main item tag 0x0 [ 63.699904][ T6045] hid-generic 00A0:0008:0003.0004: unknown main item tag 0x0 [ 63.702302][ T6045] hid-generic 00A0:0008:0003.0004: unknown main item tag 0x0 [ 63.705902][ T6045] hid-generic 00A0:0008:0003.0004: unknown main item tag 0x0 [ 63.708196][ T6045] hid-generic 00A0:0008:0003.0004: unknown main item tag 0x0 [ 63.710455][ T6045] hid-generic 00A0:0008:0003.0004: unknown main item tag 0x0 [ 63.712830][ T6045] hid-generic 00A0:0008:0003.0004: unknown main item tag 0x0 [ 63.715241][ T6045] hid-generic 00A0:0008:0003.0004: unknown main item tag 0x0 [ 63.719841][ T6045] hid-generic 00A0:0008:0003.0004: hidraw1: HID v0.05 Device [syz1] on syz0 [ 64.202873][ T6651] netlink: 'syz.2.246': attribute type 1 has an invalid length. [ 64.226015][ T6654] input: syz1 as /devices/virtual/input/input9 [ 64.237655][ T6656] netlink: 'syz.3.248': attribute type 4 has an invalid length. [ 64.238339][ T6651] netlink: 4 bytes leftover after parsing attributes in process `syz.2.246'. [ 64.247768][ T6656] netlink: 'syz.3.248': attribute type 4 has an invalid length. [ 64.262656][ T6651] 8021q: adding VLAN 0 to HW filter on device bond2 [ 64.267300][ T6651] bond1: (slave bond2): making interface the new active one [ 64.270045][ T6651] bond1: (slave bond2): Enslaving as an active interface with an up link [ 64.279699][ T6659] dummy0: left allmulticast mode [ 64.281438][ T6659] bridge0: port 3(dummy0) entered disabled state [ 64.288367][ T6659] bridge_slave_0: left allmulticast mode [ 64.290176][ T6659] bridge_slave_0: left promiscuous mode [ 64.292134][ T6659] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.297530][ T6659] bridge_slave_1: left allmulticast mode [ 64.299364][ T6659] bridge_slave_1: left promiscuous mode [ 64.301294][ T6659] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.319897][ T6659] bond0: (slave bond_slave_0): Releasing backup interface [ 64.326810][ T6659] bond0: (slave bond_slave_1): Releasing backup interface [ 64.339698][ T6659] team0: Port device team_slave_0 removed [ 64.344238][ T6661] kvm: vcpu 512: requested lapic timer restore with starting count register 0x390=1814518830 (232258410240 ns) > initial count (2458284544 ns). Using initial count to start timer. [ 64.356159][ T6659] team0: Port device team_slave_1 removed [ 64.358500][ T6659] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 64.360785][ T6659] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 64.364618][ T6659] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 64.366958][ T6659] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 64.392917][ T6662] team0: Mode changed to "loadbalance" [ 64.460176][ T6672] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 64.462596][ T6672] IPv6: NLM_F_CREATE should be set when creating new route [ 64.466248][ T6672] Zero length message leads to an empty skb [ 64.503619][ T40] audit: type=1804 audit(1752649738.767:7): pid=6675 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.256" name="/newroot/63/file0/file0" dev="9p" ino=36047812 res=1 errno=0 [ 64.503801][ T6677] netlink: 8 bytes leftover after parsing attributes in process `syz.1.257'. [ 64.523810][ T6677] netlink: 24 bytes leftover after parsing attributes in process `syz.1.257'. [ 64.685967][ T6044] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 64.729885][ T6699] netlink: 48 bytes leftover after parsing attributes in process `syz.1.264'. [ 64.843783][ T6044] usb 8-1: Using ep0 maxpacket: 8 [ 64.847490][ T6044] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 64.853624][ T6044] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 64.856609][ T6044] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 64.860266][ T6044] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 64.874488][ T6044] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 64.880767][ T6044] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 64.884049][ T6044] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.969200][ T6723] Bluetooth: hci0: unsupported parameter 5148 [ 64.971355][ T6723] Bluetooth: hci0: unsupported parameter 65024 [ 64.973268][ T6723] Bluetooth: hci0: unsupported parameter 5148 [ 64.975343][ T6725] netlink: 4 bytes leftover after parsing attributes in process `syz.0.278'. [ 64.976274][ T6723] Bluetooth: hci0: unsupported parameter 65024 [ 65.096506][ T6044] usb 8-1: GET_CAPABILITIES returned 0 [ 65.098565][ T6044] usbtmc 8-1:16.0: can't read capabilities [ 65.102715][ T6739] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.284'. [ 65.321607][ T6027] usb 8-1: USB disconnect, device number 5 [ 65.377991][ T6761] netlink: 8 bytes leftover after parsing attributes in process `syz.2.293'. [ 65.380882][ T6761] netlink: 4 bytes leftover after parsing attributes in process `syz.2.293'. [ 65.389203][ T6761] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 65.392605][ T6761] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 65.395778][ T6761] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 65.398492][ T6761] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 65.699522][ T6769] @: renamed from vlan0 (while UP) [ 65.823811][ T6045] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 65.973675][ T6045] usb 7-1: Using ep0 maxpacket: 8 [ 65.977244][ T6045] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 65.980571][ T6045] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 65.985075][ T6045] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 65.988403][ T6045] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 65.992466][ T6045] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 65.995354][ T6045] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.210390][ T6045] usb 7-1: GET_CAPABILITIES returned 0 [ 66.212174][ T6045] usbtmc 7-1:16.0: can't read capabilities [ 66.340739][ T6781] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 66.343074][ T6781] overlayfs: failed to set xattr on upper [ 66.346981][ T6781] overlayfs: ...falling back to redirect_dir=nofollow. [ 66.349491][ T6781] overlayfs: ...falling back to index=off. [ 66.351330][ T6781] overlayfs: ...falling back to uuid=null. [ 66.353278][ T6781] overlayfs: ...falling back to xino=off. [ 66.356449][ T6781] overlayfs: conflicting lowerdir path [ 66.413908][ C3] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 66.418330][ T61] usb 7-1: USB disconnect, device number 5 [ 66.957650][ T6798] netlink: 'syz.2.311': attribute type 1 has an invalid length. [ 66.960261][ T6798] netlink: 'syz.2.311': attribute type 4 has an invalid length. [ 66.962666][ T6798] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.311'. [ 67.089228][ T6803] pim6reg1: entered promiscuous mode [ 67.090984][ T6803] pim6reg1: entered allmulticast mode [ 67.530372][ T6817] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 67.550051][ T6817] 8021q: adding VLAN 0 to HW filter on device bond1 [ 67.603148][ T6817] bond1 (unregistering): Released all slaves [ 67.844292][ T5321] Bluetooth: hci4: command 0x1003 tx timeout [ 67.847094][ T5964] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 68.125555][ T6840] input: syz0 as /devices/virtual/input/input10 [ 68.235536][ T6850] trusted_key: syz.0.335 sent an empty control message without MSG_MORE. [ 68.498274][ T93] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.565485][ T93] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.574978][ C3] ata1: illegal qc_active transition (00000000->20000000) [ 68.623790][ T93] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.682590][ T93] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.898586][ T1109] ata1: SATA link up 1.5 Gbps (SStatus 113 SControl 300) [ 68.904659][ T1109] ata1.00: configured for UDMA/100 [ 69.113151][ T5321] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 69.123020][ T5321] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 69.126105][ T5321] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 69.129371][ T5321] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 69.133517][ T5321] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 69.155625][ T93] bond0 (unregistering): Released all slaves [ 69.273521][ T6876] chnl_net:caif_netlink_parms(): no params data found [ 69.353685][ T61] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 69.366890][ T6897] netlink: 8 bytes leftover after parsing attributes in process `syz.3.350'. [ 69.385732][ T6876] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.388024][ T6876] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.390301][ T6876] bridge_slave_0: entered allmulticast mode [ 69.395945][ T6876] bridge_slave_0: entered promiscuous mode [ 69.398301][ T40] audit: type=1326 audit(1752649743.667:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6898 comm="syz.3.351" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf705e579 code=0x0 [ 69.399044][ T6876] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.408140][ T6876] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.410401][ T6876] bridge_slave_1: entered allmulticast mode [ 69.412984][ T6876] bridge_slave_1: entered promiscuous mode [ 69.461360][ T6876] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.466299][ T6876] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.501325][ T6876] team0: Port device team_slave_0 added [ 69.505953][ T6876] team0: Port device team_slave_1 added [ 69.525370][ T61] usb 5-1: config index 0 descriptor too short (expected 23569, got 27) [ 69.528095][ T61] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 69.531877][ T61] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 69.534952][ T61] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 69.537486][ T61] usb 5-1: Manufacturer: syz [ 69.540240][ T61] usb 5-1: config 0 descriptor?? [ 69.556102][ T93] hsr_slave_0: left promiscuous mode [ 69.558250][ T93] hsr_slave_1: left promiscuous mode [ 69.574562][ T93] veth1_macvtap: left promiscuous mode [ 69.576434][ T93] veth0_macvtap: left promiscuous mode [ 69.578133][ T93] veth1_vlan: left promiscuous mode [ 69.579838][ T93] veth0_vlan: left promiscuous mode [ 69.593743][ T61] rc_core: IR keymap rc-hauppauge not found [ 69.595660][ T61] Registered IR keymap rc-empty [ 69.597921][ T61] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 69.602155][ T61] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input11 [ 69.754927][ T61] usb 5-1: USB disconnect, device number 5 [ 69.792029][ T6913] Invalid source name [ 69.793343][ T6913] UBIFS error (pid: 6913): cannot open "./file0", error -22 [ 70.319786][ T6924] KVM: debugfs: duplicate directory 6924-5 [ 70.540158][ T6876] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.542941][ T6876] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.551303][ T6876] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.569669][ T6916] syz_tun: entered allmulticast mode [ 70.580431][ T6876] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.582569][ T6876] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.590658][ T6876] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.598107][ T6914] syz_tun: left allmulticast mode [ 70.670294][ T6876] hsr_slave_0: entered promiscuous mode [ 70.672624][ T6876] hsr_slave_1: entered promiscuous mode [ 70.674917][ T6876] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.677347][ T6876] Cannot create hsr debugfs directory [ 70.808154][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.816447][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.887940][ T6956] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3897524436 (7795048872 ns) > initial count (2759807172 ns). Using initial count to start timer. [ 70.891107][ T6876] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 70.894349][ T6956] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3996681224 (15986724896 ns) > initial count (3709615788 ns). Using initial count to start timer. [ 70.911776][ T6876] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 70.918168][ T6876] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 70.925263][ T6876] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 70.996834][ T6876] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.014941][ T6876] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.020702][ T90] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.023538][ T90] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.057010][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.059326][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.190584][ T6876] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.213684][ T5321] Bluetooth: hci1: command tx timeout [ 71.363208][ T6876] veth0_vlan: entered promiscuous mode [ 71.370899][ T6876] veth1_vlan: entered promiscuous mode [ 71.384751][ T6876] veth0_macvtap: entered promiscuous mode [ 71.388323][ T6876] veth1_macvtap: entered promiscuous mode [ 71.397594][ T6876] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.402639][ T6876] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.414854][ T6876] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.417450][ T6876] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.420089][ T6876] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.422676][ T6876] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.466308][ T1139] Bluetooth: hci4: Frame reassembly failed (-84) [ 71.474791][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.477203][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.490854][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 71.493534][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 71.590604][ T7031] syzkaller1: entered promiscuous mode [ 71.592627][ T7031] syzkaller1: entered allmulticast mode [ 71.703675][ T29] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 71.863899][ T29] usb 7-1: Using ep0 maxpacket: 16 [ 71.866652][ T29] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 71.870016][ T29] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 71.875007][ T29] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 71.877706][ T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.881783][ T29] usb 7-1: config 0 descriptor?? [ 72.292446][ T29] HID 045e:07da: Invalid code 65791 type 1 [ 72.300257][ T29] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:045E:07DA.0005/input/input12 [ 72.311275][ T29] microsoft 0003:045E:07DA.0005: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 72.783730][ T6027] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 72.935029][ T6027] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 72.938435][ T6027] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 72.942623][ T6027] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 72.946289][ T6027] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 72.951257][ T6027] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 72.954089][ T6027] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 72.956491][ T6027] usb 5-1: Manufacturer: syz [ 72.960314][ T6027] usb 5-1: config 0 descriptor?? [ 73.090700][ T34] usb 7-1: USB disconnect, device number 6 [ 73.283904][ T5964] Bluetooth: hci1: command tx timeout [ 73.371634][ T6027] appleir 0003:05AC:8243.0006: unknown main item tag 0x0 [ 73.376491][ T6027] appleir 0003:05AC:8243.0006: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 73.523780][ T5964] Bluetooth: hci4: command 0x1003 tx timeout [ 73.524037][ T5321] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 73.881761][ T24] usb 5-1: USB disconnect, device number 6 [ 73.931978][ T7091] netfs: Couldn't get user pages (rc=-14) [ 74.219691][ T7103] block nbd3: shutting down sockets [ 74.259558][ T7107] @: renamed from vlan0 (while UP) [ 74.283776][ T6044] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 74.310351][ T7109] netlink: 'syz.3.405': attribute type 1 has an invalid length. [ 74.338021][ T7109] netlink: 4 bytes leftover after parsing attributes in process `syz.3.405'. [ 74.350078][ T7109] 8021q: adding VLAN 0 to HW filter on device bond2 [ 74.354345][ T7109] bond1: (slave bond2): making interface the new active one [ 74.356918][ T7109] bond1: (slave bond2): Enslaving as an active interface with an up link [ 74.435685][ T6044] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 74.438987][ T6044] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 74.441907][ T6044] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 74.446049][ T6044] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 74.448731][ T6044] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.452244][ T6044] usb 7-1: config 0 descriptor?? [ 74.463683][ T6115] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 74.613723][ T6115] usb 9-1: Using ep0 maxpacket: 16 [ 74.617107][ T6115] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 74.620158][ T6115] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 74.623507][ T6115] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 74.627810][ T6115] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 74.630684][ T6115] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 74.635852][ T6115] usb 9-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 74.638538][ T6115] usb 9-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 74.640924][ T6115] usb 9-1: Manufacturer: syz [ 74.643818][ T6115] usb 9-1: config 0 descriptor?? [ 74.863530][ T6044] plantronics 0003:047F:FFFF.0007: reserved main item tag 0xd [ 74.866318][ T6044] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 74.868610][ T6044] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 74.873935][ T6044] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 74.893675][ T6115] rc_core: IR keymap rc-hauppauge not found [ 74.895769][ T6115] Registered IR keymap rc-empty [ 74.897447][ T6115] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 74.913768][ T6115] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 74.934363][ T6115] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0 [ 74.938815][ T6115] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:0.0/rc/rc0/input13 [ 74.943812][ T6115] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 74.963804][ T6115] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 74.993657][ T6115] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 75.023772][ T6115] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 75.043679][ T6115] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 75.063691][ T6115] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 75.083695][ T6115] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 75.103655][ T6115] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 75.123838][ T6115] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 75.143662][ T6115] mceusb 9-1:0.0: Error: mce write submit urb error = -90 [ 75.146528][ T6045] usb 7-1: USB disconnect, device number 7 [ 75.165185][ T6115] mceusb 9-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 75.168024][ T6115] mceusb 9-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 75.289239][ T6115] usb 9-1: USB disconnect, device number 2 [ 75.363685][ T5964] Bluetooth: hci1: command tx timeout [ 75.862227][ T7140] netlink: 'syz.4.415': attribute type 1 has an invalid length. [ 75.865699][ T7140] netlink: 4 bytes leftover after parsing attributes in process `syz.4.415'. [ 75.877021][ T7140] batman_adv: batadv0: Adding interface: bond1 [ 75.879314][ T7140] batman_adv: batadv0: The MTU of interface bond1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.888138][ T7140] batman_adv: batadv0: Not using interface bond1 (retrying later): interface not active [ 76.224656][ T12] Bluetooth: (null): Invalid header checksum [ 76.226877][ T12] Bluetooth: (null): Invalid header checksum [ 76.343983][ T87] Bluetooth: (null): Invalid header checksum [ 76.363754][ T6045] usb 9-1: new full-speed USB device number 3 using dummy_hcd [ 76.454339][ T59] Bluetooth: (null): Invalid header checksum [ 76.515378][ T6045] usb 9-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 76.519914][ T6045] usb 9-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0 [ 76.523666][ T6045] usb 9-1: config 0 interface 0 has no altsetting 0 [ 76.525748][ T6045] usb 9-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 76.528604][ T6045] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 76.532866][ T6045] usb 9-1: config 0 descriptor?? [ 76.565747][ T87] Bluetooth: (null): Invalid header checksum [ 76.674686][ T59] Bluetooth: (null): Invalid header checksum [ 76.743902][ T6045] usbhid 9-1:0.0: can't add hid device: -71 [ 76.746530][ T6045] usbhid 9-1:0.0: probe with driver usbhid failed with error -71 [ 76.752473][ T6045] usb 9-1: USB disconnect, device number 3 [ 77.195861][ T7171] input: syz1 as /devices/virtual/input/input14 [ 77.283762][ T5321] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 77.283779][ T5964] Bluetooth: hci4: command 0x1003 tx timeout [ 77.443740][ T5321] Bluetooth: hci1: command tx timeout [ 77.936046][ T90] Bluetooth: (null): Invalid header checksum [ 77.938609][ T90] Bluetooth: (null): Invalid header checksum [ 78.045497][ T90] Bluetooth: (null): Invalid header checksum [ 78.073904][ T61] usb 7-1: new full-speed USB device number 8 using dummy_hcd [ 78.157443][ T90] Bluetooth: (null): Invalid header checksum [ 78.239119][ T61] usb 7-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 78.242435][ T61] usb 7-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0 [ 78.253647][ T61] usb 7-1: config 0 interface 0 has no altsetting 0 [ 78.255673][ T61] usb 7-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00 [ 78.258576][ T61] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.262730][ T61] usb 7-1: config 0 descriptor?? [ 78.265298][ T90] Bluetooth: (null): Invalid header checksum [ 78.366012][ T7206] input: syz1 as /devices/virtual/input/input15 [ 78.374917][ T93] Bluetooth: (null): Invalid header checksum [ 78.474635][ T61] usbhid 7-1:0.0: can't add hid device: -71 [ 78.476492][ T61] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 78.480851][ T61] usb 7-1: USB disconnect, device number 8 [ 78.698744][ T59] Bluetooth: hci4: Frame reassembly failed (-84) [ 79.249453][ T40] audit: type=1800 audit(1752649753.517:9): pid=7208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.438" name="file1" dev="9p" ino=36047813 res=0 errno=0 [ 79.515687][ T7208] syz.0.438 (7208) used greatest stack depth: 20424 bytes left [ 79.773689][ T34] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 79.923738][ T34] usb 8-1: Using ep0 maxpacket: 8 [ 79.927026][ T34] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 79.931201][ T34] usb 8-1: config 0 has no interfaces? [ 79.933527][ T34] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 79.937455][ T34] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.942666][ T34] usb 8-1: config 0 descriptor?? [ 80.159909][ T34] usb 8-1: USB disconnect, device number 6 [ 80.723802][ T5321] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 80.723879][ T5964] Bluetooth: hci4: command 0x1003 tx timeout [ 81.047523][ T10] cfg80211: failed to load regulatory.db [ 81.504046][ T34] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 81.623765][ T6027] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 81.683677][ T34] usb 7-1: Using ep0 maxpacket: 8 [ 81.686934][ T34] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 81.690329][ T34] usb 7-1: config 0 has no interfaces? [ 81.692041][ T34] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 81.695284][ T34] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.702002][ T34] usb 7-1: config 0 descriptor?? [ 81.776128][ T6027] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 81.779862][ T6027] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 81.785062][ T6027] usb 5-1: New USB device found, idVendor=056a, idProduct=00e3, bcdDevice= 0.00 [ 81.788010][ T6027] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 81.793364][ T6027] usb 5-1: config 0 descriptor?? [ 81.935421][ T6044] usb 7-1: USB disconnect, device number 9 [ 82.010225][ T7231] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 82.014709][ T7231] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 82.108650][ T6027] usbhid 5-1:0.0: can't add hid device: -71 [ 82.111025][ T6027] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 82.117847][ T6027] usb 5-1: USB disconnect, device number 7 [ 82.473953][ T7276] 9pnet_virtio: no channels available for device syz [ 82.487044][ T40] audit: type=1804 audit(1752649756.757:10): pid=7274 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.454" name="/newroot/116/file0/file0" dev="9p" ino=36047812 res=1 errno=0 [ 82.534587][ T7284] 9pnet_virtio: no channels available for device syz [ 83.004482][ T6044] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 83.156233][ T6044] usb 9-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 83.160713][ T6044] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 83.165325][ T6044] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 83.169230][ T6044] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 83.174389][ T6044] usb 9-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 83.177398][ T6044] usb 9-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 83.180041][ T6044] usb 9-1: Manufacturer: syz [ 83.183320][ T6044] usb 9-1: config 0 descriptor?? [ 83.599091][ T6044] appleir 0003:05AC:8243.0008: unknown main item tag 0x0 [ 83.603827][ T6044] appleir 0003:05AC:8243.0008: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0 [ 84.563742][ T5321] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 84.563771][ T5964] Bluetooth: hci4: command 0x1003 tx timeout [ 85.128665][ T7335] KVM: debugfs: duplicate directory 7335-5 [ 85.130316][ T40] audit: type=1804 audit(1752649759.397:11): pid=7331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.468" name="/newroot/132/file0/file0" dev="9p" ino=36047812 res=1 errno=0 [ 85.270638][ T840] libceph: connect (1)[c::]:6789 error -101 [ 85.273301][ T840] libceph: mon0 (1)[c::]:6789 connect error [ 85.366491][ T7341] ceph: No mds server is up or the cluster is laggy [ 85.507930][ T6044] libceph: connect (1)[c::]:6789 error -101 [ 85.509861][ T6044] libceph: mon0 (1)[c::]:6789 connect error [ 85.595474][ T7355] ceph: No mds server is up or the cluster is laggy [ 85.703640][ T6027] usb 9-1: USB disconnect, device number 4 [ 85.719877][ T7366] netlink: 8 bytes leftover after parsing attributes in process `syz.0.489'. [ 85.850012][ T40] audit: type=1326 audit(1752649760.117:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7383 comm="syz.0.490" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70be579 code=0x0 [ 86.035690][ T7400] netlink: 8 bytes leftover after parsing attributes in process `syz.2.495'. [ 86.074896][ T7402] syz_tun: entered allmulticast mode [ 86.077681][ T7401] syz_tun: left allmulticast mode [ 86.427790][ T7423] netlink: 8 bytes leftover after parsing attributes in process `syz.4.507'. [ 86.481614][ T7429] netlink: 4 bytes leftover after parsing attributes in process `syz.3.517'. [ 86.592160][ T7432] syz_tun: entered allmulticast mode [ 86.595543][ T7430] syz_tun: left allmulticast mode [ 86.624160][ T7434] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.511'. [ 86.700153][ T7438] Invalid source name [ 86.701502][ T7438] UBIFS error (pid: 7438): cannot open "./file0", error -22 [ 86.727008][ T7442] netlink: 8 bytes leftover after parsing attributes in process `syz.4.515'. [ 86.732353][ T7442] netlink: 4 bytes leftover after parsing attributes in process `syz.4.515'. [ 86.739081][ T7442] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 86.741866][ T7442] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 86.744724][ T7442] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 86.747533][ T7442] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 86.994073][ T7456] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.523'. [ 87.011194][ T7460] syz_tun: entered allmulticast mode [ 87.014254][ T7459] syz_tun: left allmulticast mode [ 87.057529][ T7462] netlink: 4 bytes leftover after parsing attributes in process `syz.0.524'. [ 87.341326][ T7472] netlink: 'syz.2.529': attribute type 4 has an invalid length. [ 87.343982][ T6027] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 87.350507][ T7472] netlink: 'syz.2.529': attribute type 4 has an invalid length. [ 87.504895][ T6027] usb 8-1: config index 0 descriptor too short (expected 23569, got 27) [ 87.508381][ T6027] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 87.513093][ T6027] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 87.516170][ T6027] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 87.516600][ T7482] bridge_slave_0: left allmulticast mode [ 87.518645][ T6027] usb 8-1: Manufacturer: syz [ 87.520014][ T6027] usb 8-1: config 0 descriptor?? [ 87.520563][ T7482] bridge_slave_0: left promiscuous mode [ 87.526090][ T7482] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.531878][ T7482] bridge_slave_1: left allmulticast mode [ 87.535064][ T7482] bridge_slave_1: left promiscuous mode [ 87.537805][ T7482] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.548239][ T7482] bond0: (slave bond_slave_0): Releasing backup interface [ 87.555171][ T7482] bond0: (slave bond_slave_1): Releasing backup interface [ 87.568095][ T7482] team0: Port device team_slave_0 removed [ 87.572834][ T7482] team0: Port device team_slave_1 removed [ 87.575626][ T7482] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 87.578241][ T7482] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 87.581829][ T7482] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 87.584085][ T6027] rc_core: IR keymap rc-hauppauge not found [ 87.584445][ T7482] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 87.586015][ T6027] Registered IR keymap rc-empty [ 87.586954][ T6027] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0 [ 87.596546][ T6027] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input16 [ 87.616739][ T7486] team0: Mode changed to "loadbalance" [ 87.727506][ T6115] usb 8-1: USB disconnect, device number 7 [ 88.348179][ T7499] netlink: 'syz.0.540': attribute type 4 has an invalid length. [ 88.356909][ T7500] netlink: 4 bytes leftover after parsing attributes in process `syz.4.539'. [ 88.359567][ T7499] netlink: 'syz.0.540': attribute type 4 has an invalid length. [ 88.746143][ T7516] bridge_slave_0: left allmulticast mode [ 88.748012][ T7516] bridge_slave_0: left promiscuous mode [ 88.749852][ T7516] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.753922][ T7516] bridge_slave_1: left allmulticast mode [ 88.755713][ T7516] bridge_slave_1: left promiscuous mode [ 88.757517][ T7516] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.762660][ T7516] bond0: (slave bond_slave_0): Releasing backup interface [ 88.770051][ T7516] bond0: (slave bond_slave_1): Releasing backup interface [ 88.781442][ T7516] team0: Port device team_slave_0 removed [ 88.789771][ T7516] team0: Port device team_slave_1 removed [ 88.792034][ T7516] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 88.794896][ T7516] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 88.798000][ T7516] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 88.800323][ T7516] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 88.806622][ T7516] bond1: (slave bond2): Releasing backup interface [ 88.822316][ T7519] team0: Mode changed to "loadbalance" [ 88.983671][ T6027] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 89.134893][ T6027] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 89.138967][ T6027] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 89.142456][ T6027] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 89.146014][ T6027] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 89.150115][ T6027] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 89.153469][ T6027] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 89.157123][ T6027] usb 5-1: config 0 descriptor?? [ 89.159997][ T7518] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 89.515522][ T7537] netlink: 'syz.4.552': attribute type 4 has an invalid length. [ 89.525986][ T7537] netlink: 'syz.4.552': attribute type 4 has an invalid length. [ 89.572948][ T6027] plantronics 0003:047F:FFFF.0009: reserved main item tag 0xd [ 89.581428][ T6027] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 89.652181][ T7548] bridge_slave_0: left allmulticast mode [ 89.654734][ T7548] bridge_slave_0: left promiscuous mode [ 89.656493][ T7548] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.669234][ T7548] bridge_slave_1: left allmulticast mode [ 89.671381][ T7548] bridge_slave_1: left promiscuous mode [ 89.673248][ T7548] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.681014][ T7548] bond0: (slave bond_slave_0): Releasing backup interface [ 89.687134][ T7548] bond0: (slave bond_slave_1): Releasing backup interface [ 89.700691][ T7548] team0: Port device team_slave_0 removed [ 89.706669][ T7548] team0: Port device team_slave_1 removed [ 89.708971][ T7548] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 89.711404][ T7548] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 89.720328][ T7548] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 89.722661][ T7548] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 89.729992][ T7548] batman_adv: batadv0: Removing interface: bond1 [ 89.753186][ T7549] team0: Mode changed to "loadbalance" [ 89.839398][ T60] usb 5-1: USB disconnect, device number 8 [ 90.000854][ T40] audit: type=1800 audit(1752649764.267:13): pid=7560 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.562" name="bus" dev="9p" ino=36047890 res=0 errno=0 [ 90.571956][ T40] audit: type=1800 audit(1752649764.837:14): pid=7602 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.580" name="bus" dev="9p" ino=36047890 res=0 errno=0 [ 90.733704][ T60] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 90.906725][ T60] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 90.910324][ T60] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 90.914449][ T60] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 90.919892][ T60] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 90.934502][ T60] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 90.937686][ T60] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.941982][ T60] usb 8-1: config 0 descriptor?? [ 90.945461][ T7597] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 90.959241][ T7623] input: syz0 as /devices/virtual/input/input18 [ 91.361991][ T60] plantronics 0003:047F:FFFF.000A: reserved main item tag 0xd [ 91.368309][ T60] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 91.627383][ T6027] usb 8-1: USB disconnect, device number 8 [ 92.421135][ T7656] syzkaller1: entered promiscuous mode [ 92.422891][ T7656] syzkaller1: entered allmulticast mode [ 93.293696][ T7671] syzkaller1: entered promiscuous mode [ 93.295437][ T7671] syzkaller1: entered allmulticast mode [ 93.413863][ T7685] input: syz0 as /devices/virtual/input/input20 [ 93.454033][ T60] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 93.616159][ T60] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 93.619726][ T60] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 93.623183][ T60] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 93.627569][ T60] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 93.631589][ T60] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 93.634856][ T60] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.643868][ T60] usb 9-1: config 0 descriptor?? [ 93.646106][ T7674] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 94.078954][ T60] plantronics 0003:047F:FFFF.000B: reserved main item tag 0xd [ 94.083902][ T60] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 94.337087][ T10] usb 9-1: USB disconnect, device number 5 [ 94.411785][ T1139] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.510402][ T1139] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.557652][ T7727] netlink: 4 bytes leftover after parsing attributes in process `syz.2.635'. [ 94.577285][ T1139] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.618130][ T5964] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 94.621139][ T5964] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 94.625409][ T5964] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 94.629409][ T5964] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 94.632007][ T5964] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 94.652912][ T1139] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.755292][ T7728] chnl_net:caif_netlink_parms(): no params data found [ 94.983025][ T1139] bond0 (unregistering): Released all slaves [ 95.054955][ T7728] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.057221][ T7728] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.059423][ T7728] bridge_slave_0: entered allmulticast mode [ 95.061961][ T7728] bridge_slave_0: entered promiscuous mode [ 95.066652][ T7728] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.070776][ T7728] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.072989][ T7728] bridge_slave_1: entered allmulticast mode [ 95.077084][ T7728] bridge_slave_1: entered promiscuous mode [ 95.122552][ T7728] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.127376][ T7728] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.185610][ T7728] team0: Port device team_slave_0 added [ 95.188919][ T7728] team0: Port device team_slave_1 added [ 95.221909][ T7728] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.225546][ T7728] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.233488][ T7728] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.238121][ T7728] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.240324][ T7728] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.249880][ T7728] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.307164][ T7728] hsr_slave_0: entered promiscuous mode [ 95.309436][ T7728] hsr_slave_1: entered promiscuous mode [ 95.311553][ T7728] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 95.314284][ T7728] Cannot create hsr debugfs directory [ 95.429913][ T1139] hsr_slave_0: left promiscuous mode [ 95.432003][ T1139] hsr_slave_1: left promiscuous mode [ 95.444514][ T1139] veth1_macvtap: left promiscuous mode [ 95.446966][ T1139] veth0_macvtap: left promiscuous mode [ 96.367739][ T7728] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 96.374269][ T7728] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 96.378086][ T7728] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 96.382329][ T7728] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 96.431848][ T7728] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.443855][ T7728] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.448325][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.450485][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.455966][ T1186] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.458135][ T1186] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.496070][ T7728] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 96.578365][ T7728] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.653649][ T5321] Bluetooth: hci2: command tx timeout [ 96.706889][ T7728] veth0_vlan: entered promiscuous mode [ 96.711630][ T7728] veth1_vlan: entered promiscuous mode [ 96.722603][ T7728] veth0_macvtap: entered promiscuous mode [ 96.728301][ T7728] veth1_macvtap: entered promiscuous mode [ 96.737191][ T7728] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.742332][ T7728] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.748640][ T7728] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.752164][ T7728] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.755847][ T7728] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.759413][ T7728] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.790889][ T93] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.793356][ T93] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.809985][ T1186] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.812378][ T1186] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.145254][ T7855] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 98.035536][ T7889] netlink: 'syz.4.666': attribute type 11 has an invalid length. [ 98.071132][ T7893] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 98.087519][ T7897] input: syz0 as /devices/virtual/input/input22 [ 98.383704][ T6115] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 98.385589][ T7919] netlink: 'syz.5.679': attribute type 11 has an invalid length. [ 98.534458][ T6115] usb 7-1: Using ep0 maxpacket: 8 [ 98.538286][ T6115] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 98.542531][ T6115] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 98.548491][ T6115] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 98.553082][ T6115] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 98.561807][ T6115] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 98.565991][ T6115] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 98.577227][ T6115] hub 7-1:1.0: bad descriptor, ignoring hub [ 98.579767][ T6115] hub 7-1:1.0: probe with driver hub failed with error -5 [ 98.589530][ T6115] cdc_wdm 7-1:1.0: skipping garbage [ 98.591787][ T6115] cdc_wdm 7-1:1.0: skipping garbage [ 98.595525][ T6115] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 98.598021][ T6115] cdc_wdm 7-1:1.0: Unknown control protocol [ 98.733656][ T5321] Bluetooth: hci2: command tx timeout [ 98.776291][ T7927] input: syz0 as /devices/virtual/input/input23 [ 99.198268][ T7904] cdc_wdm 7-1:1.0: Error autopm - -16 [ 99.198369][ T24] usb 7-1: USB disconnect, device number 10 [ 99.353673][ T24] usb 7-1: new full-speed USB device number 11 using dummy_hcd [ 99.526551][ T24] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 99.530564][ T24] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 99.534352][ T24] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64 [ 99.538643][ T24] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 99.542214][ T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.548903][ T7933] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 99.553313][ T24] hub 7-1:1.0: bad descriptor, ignoring hub [ 99.555879][ T24] hub 7-1:1.0: probe with driver hub failed with error -5 [ 99.559033][ T24] cdc_wdm 7-1:1.0: skipping garbage [ 99.561135][ T24] cdc_wdm 7-1:1.0: skipping garbage [ 99.565469][ T24] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 99.567870][ T24] cdc_wdm 7-1:1.0: Unknown control protocol [ 99.873861][ T24] usb 7-1: USB disconnect, device number 11 [ 100.803701][ T5321] Bluetooth: hci2: command tx timeout [ 100.853659][ T6027] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 101.003634][ T6027] usb 9-1: Using ep0 maxpacket: 8 [ 101.007521][ T6027] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 101.010775][ T6027] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 101.014115][ T6027] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 101.017634][ T6027] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 101.021255][ T6027] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 101.024975][ T6027] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.031831][ T6027] hub 9-1:1.0: bad descriptor, ignoring hub [ 101.033820][ T6027] hub 9-1:1.0: probe with driver hub failed with error -5 [ 101.036450][ T6027] cdc_wdm 9-1:1.0: skipping garbage [ 101.038208][ T6027] cdc_wdm 9-1:1.0: skipping garbage [ 101.041246][ T6027] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device [ 101.043295][ T6027] cdc_wdm 9-1:1.0: Unknown control protocol [ 101.332543][ T8019] syzkaller1: entered promiscuous mode [ 101.334461][ T8019] syzkaller1: entered allmulticast mode [ 101.949071][ T7973] cdc_wdm 9-1:1.0: Error autopm - -16 [ 101.950670][ T6045] usb 9-1: USB disconnect, device number 6 [ 102.083877][ T6045] usb 9-1: new full-speed USB device number 7 using dummy_hcd [ 102.245153][ T6045] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 102.248328][ T6045] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 102.251236][ T6045] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64 [ 102.255262][ T6045] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 102.258041][ T6045] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 102.262659][ T8012] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 102.265836][ T6045] hub 9-1:1.0: bad descriptor, ignoring hub [ 102.268012][ T6045] hub 9-1:1.0: probe with driver hub failed with error -5 [ 102.270435][ T6045] cdc_wdm 9-1:1.0: skipping garbage [ 102.272300][ T6045] cdc_wdm 9-1:1.0: skipping garbage [ 102.276382][ T6045] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device [ 102.278338][ T6045] cdc_wdm 9-1:1.0: Unknown control protocol [ 102.584084][ T6115] usb 9-1: USB disconnect, device number 7 [ 102.693838][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.883792][ T5321] Bluetooth: hci2: command tx timeout [ 103.613783][ T6115] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 103.774120][ T6115] usb 8-1: Using ep0 maxpacket: 8 [ 103.777497][ T6115] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 103.780697][ T6115] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 103.783483][ T6115] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 103.787048][ T6115] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 103.790473][ T6115] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 103.793259][ T6115] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 103.799756][ T6115] hub 8-1:1.0: bad descriptor, ignoring hub [ 103.801630][ T6115] hub 8-1:1.0: probe with driver hub failed with error -5 [ 103.804157][ T6115] cdc_wdm 8-1:1.0: skipping garbage [ 103.805787][ T6115] cdc_wdm 8-1:1.0: skipping garbage [ 103.808168][ T6115] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 103.810032][ T6115] cdc_wdm 8-1:1.0: Unknown control protocol [ 104.414354][ T8100] cdc_wdm 8-1:1.0: Error autopm - -16 [ 104.416692][ T6045] usb 8-1: USB disconnect, device number 9 [ 104.543642][ T6045] usb 8-1: new full-speed USB device number 10 using dummy_hcd [ 104.704959][ T6045] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 104.707960][ T6045] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 104.710584][ T6045] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64 [ 104.714399][ T6045] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 104.717028][ T6045] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.721439][ T8118] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 104.724616][ T6045] hub 8-1:1.0: bad descriptor, ignoring hub [ 104.726504][ T6045] hub 8-1:1.0: probe with driver hub failed with error -5 [ 104.728839][ T6045] cdc_wdm 8-1:1.0: skipping garbage [ 104.730416][ T6045] cdc_wdm 8-1:1.0: skipping garbage [ 104.739875][ T6045] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 104.741738][ T6045] cdc_wdm 8-1:1.0: Unknown control protocol [ 105.044366][ T6115] usb 8-1: USB disconnect, device number 10 [ 105.470276][ T8126] input: syz0 as /devices/virtual/input/input24 [ 105.983721][ T53] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 106.036502][ T8154] netlink: 'syz.3.773': attribute type 1 has an invalid length. [ 106.038889][ T8154] netlink: 'syz.3.773': attribute type 4 has an invalid length. [ 106.041354][ T8154] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.773'. [ 106.145052][ T53] usb 10-1: Using ep0 maxpacket: 8 [ 106.150066][ T53] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 106.154292][ T53] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 106.157850][ T53] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 106.162224][ T53] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 106.166713][ T53] usb 10-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 106.170252][ T53] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.178907][ T53] hub 10-1:1.0: bad descriptor, ignoring hub [ 106.181346][ T53] hub 10-1:1.0: probe with driver hub failed with error -5 [ 106.185367][ T53] cdc_wdm 10-1:1.0: skipping garbage [ 106.187507][ T53] cdc_wdm 10-1:1.0: skipping garbage [ 106.191788][ T53] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device [ 106.194284][ T53] cdc_wdm 10-1:1.0: Unknown control protocol [ 106.696964][ T6045] libceph: connect (1)[c::]:6789 error -101 [ 106.700652][ T6045] libceph: mon0 (1)[c::]:6789 connect error [ 106.730057][ T8169] pim6reg1: entered promiscuous mode [ 106.731856][ T8169] pim6reg1: entered allmulticast mode [ 106.764037][ T6115] libceph: connect (1)[c::]:6789 error -101 [ 106.766018][ T6115] libceph: mon0 (1)[c::]:6789 connect error [ 106.954008][ T6045] libceph: connect (1)[c::]:6789 error -101 [ 106.957492][ T6045] libceph: mon0 (1)[c::]:6789 connect error [ 107.024069][ T6115] libceph: connect (1)[c::]:6789 error -101 [ 107.029714][ T6115] libceph: mon0 (1)[c::]:6789 connect error [ 107.076210][ T8145] cdc_wdm 10-1:1.0: Error autopm - -16 [ 107.076313][ T53] usb 10-1: USB disconnect, device number 2 [ 107.213783][ T53] usb 10-1: new full-speed USB device number 3 using dummy_hcd [ 107.385378][ T53] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 107.389029][ T53] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 107.392073][ T53] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64 [ 107.400167][ T53] usb 10-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 107.402949][ T53] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.407843][ T8158] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 107.411680][ T53] hub 10-1:1.0: bad descriptor, ignoring hub [ 107.416710][ T53] hub 10-1:1.0: probe with driver hub failed with error -5 [ 107.419480][ T53] cdc_wdm 10-1:1.0: skipping garbage [ 107.421157][ T53] cdc_wdm 10-1:1.0: skipping garbage [ 107.423400][ T53] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device [ 107.425541][ T53] cdc_wdm 10-1:1.0: Unknown control protocol [ 107.464300][ T840] libceph: connect (1)[c::]:6789 error -101 [ 107.466135][ T840] libceph: mon0 (1)[c::]:6789 connect error [ 107.526810][ T8162] ceph: No mds server is up or the cluster is laggy [ 107.529205][ T8171] ceph: No mds server is up or the cluster is laggy [ 107.534466][ T29] libceph: connect (1)[c::]:6789 error -101 [ 107.540516][ T29] libceph: mon0 (1)[c::]:6789 connect error [ 107.723879][ T6045] usb 10-1: USB disconnect, device number 3 [ 108.277411][ T8216] netlink: 'syz.3.790': attribute type 2 has an invalid length. [ 108.280154][ T8216] netlink: 16 bytes leftover after parsing attributes in process `syz.3.790'. [ 108.540828][ T8232] Driver unsupported XDP return value 0 on prog (id 107) dev N/A, expect packet loss! [ 109.884445][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 109.887395][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.434310][ T6027] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 110.583648][ T6027] usb 8-1: Using ep0 maxpacket: 32 [ 110.586577][ T6027] usb 8-1: config index 0 descriptor too short (expected 29220, got 36) [ 110.589258][ T6027] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 110.592028][ T6027] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 110.595108][ T6027] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 110.598121][ T6027] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 110.601139][ T6027] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 110.605379][ T6027] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 110.608077][ T6027] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.612067][ T6027] usb 8-1: config 0 descriptor?? [ 110.803739][ T5964] Bluetooth: hci0: command 0x1407 tx timeout [ 110.804315][ T5321] Bluetooth: hci0: Opcode 0x1407 failed: -110 [ 110.826677][ T6027] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 11 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 110.835384][ T6027] usb 8-1: USB disconnect, device number 11 [ 110.841006][ T6027] usblp0: removed [ 110.917270][ T8388] [ 110.918085][ T8388] ===================================================== [ 110.920768][ T8388] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 110.923658][ T8388] 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 Not tainted [ 110.926831][ T8388] ----------------------------------------------------- [ 110.929697][ T8388] syz.4.844/8388 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 110.932067][ T8388] ffff88804b894a20 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x31/0x3e0 [ 110.934762][ T8388] [ 110.934762][ T8388] and this task is already holding: [ 110.937194][ T8388] ffff888068b2c018 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x138/0x510 [ 110.939820][ T8388] which would create a new lock dependency: [ 110.941873][ T8388] (&new->fa_lock){....}-{3:3} -> (&f_owner->lock){....}-{3:3} [ 110.944298][ T8388] [ 110.944298][ T8388] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 110.947204][ T8388] (&dev->event_lock#2){..-.}-{3:3} [ 110.947225][ T8388] [ 110.947225][ T8388] ... which became SOFTIRQ-irq-safe at: [ 110.951227][ T8388] lock_acquire+0x179/0x350 [ 110.952693][ T8388] _raw_spin_lock_irqsave+0x3a/0x60 [ 110.954345][ T8388] input_event+0x70/0xb0 [ 110.955723][ T8388] hidinput_report_event+0xb2/0x100 [ 110.957380][ T8388] hid_report_raw_event+0x268/0x1290 [ 110.958998][ T8388] __hid_input_report.constprop.0+0x33f/0x450 [ 110.960940][ T8388] hid_irq_in+0x35e/0x870 [ 110.962349][ T8388] __usb_hcd_giveback_urb+0x38a/0x6e0 [ 110.964104][ T8388] usb_hcd_giveback_urb+0x39b/0x450 [ 110.966156][ T8388] dummy_timer+0x180e/0x3a20 [ 110.967926][ T8388] __hrtimer_run_queues+0x1ff/0xad0 [ 110.969633][ T8388] hrtimer_run_softirq+0x17d/0x350 [ 110.971314][ T8388] handle_softirqs+0x219/0x8e0 [ 110.972850][ T8388] __irq_exit_rcu+0x109/0x170 [ 110.974354][ T8388] irq_exit_rcu+0x9/0x30 [ 110.975725][ T8388] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 110.977503][ T8388] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 110.979405][ T8388] pv_native_safe_halt+0xf/0x20 [ 110.980993][ T8388] default_idle+0x13/0x20 [ 110.982402][ T8388] default_idle_call+0x6d/0xb0 [ 110.983931][ T8388] do_idle+0x391/0x510 [ 110.985241][ T8388] cpu_startup_entry+0x4f/0x60 [ 110.986766][ T8388] start_secondary+0x21d/0x2b0 [ 110.988297][ T8388] common_startup_64+0x13e/0x148 [ 110.989967][ T8388] [ 110.989967][ T8388] to a SOFTIRQ-irq-unsafe lock: [ 110.992509][ T8388] (tasklist_lock){.+.+}-{3:3} [ 110.992528][ T8388] [ 110.992528][ T8388] ... which became SOFTIRQ-irq-unsafe at: [ 110.997355][ T8388] ... [ 110.997362][ T8388] lock_acquire+0x179/0x350 [ 110.999819][ T8388] _raw_read_lock+0x5f/0x70 [ 111.001402][ T8388] __do_wait+0x105/0x890 [ 111.002946][ T8388] do_wait+0x21e/0x5a0 [ 111.004520][ T8388] kernel_wait+0x9f/0x160 [ 111.006175][ T8388] call_usermodehelper_exec_work+0xf1/0x170 [ 111.008302][ T8388] process_one_work+0x9cf/0x1b70 [ 111.010235][ T8388] worker_thread+0x6c8/0xf10 [ 111.011918][ T8388] kthread+0x3c2/0x780 [ 111.013368][ T8388] ret_from_fork+0x5d7/0x6f0 [ 111.015031][ T8388] ret_from_fork_asm+0x1a/0x30 [ 111.016762][ T8388] [ 111.016762][ T8388] other info that might help us debug this: [ 111.016762][ T8388] [ 111.020344][ T8388] Chain exists of: [ 111.020344][ T8388] &dev->event_lock#2 --> &new->fa_lock --> tasklist_lock [ 111.020344][ T8388] [ 111.025080][ T8388] Possible interrupt unsafe locking scenario: [ 111.025080][ T8388] [ 111.028126][ T8388] CPU0 CPU1 [ 111.030042][ T8388] ---- ---- [ 111.031833][ T8388] lock(tasklist_lock); [ 111.033227][ T8388] local_irq_disable(); [ 111.035269][ T8388] lock(&dev->event_lock#2); [ 111.037732][ T8388] lock(&new->fa_lock); [ 111.040234][ T8388] [ 111.041484][ T8388] lock(&dev->event_lock#2); [ 111.043380][ T8388] [ 111.043380][ T8388] *** DEADLOCK *** [ 111.043380][ T8388] [ 111.046340][ T8388] 3 locks held by syz.4.844/8388: [ 111.048191][ T8388] #0: ffffffff8e5c4c80 (rcu_read_lock){....}-{1:3}, at: sock_def_readable+0x97/0x600 [ 111.051337][ T8388] #1: ffffffff8e5c4c80 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x62/0x510 [ 111.054166][ T8388] #2: ffff888068b2c018 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x138/0x510 [ 111.057170][ T8388] [ 111.057170][ T8388] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 111.060410][ T8388] -> (&dev->event_lock#2){..-.}-{3:3} { [ 111.062166][ T8388] IN-SOFTIRQ-W at: [ 111.063473][ T8388] lock_acquire+0x179/0x350 [ 111.065460][ T8388] _raw_spin_lock_irqsave+0x3a/0x60 [ 111.067810][ T8388] input_event+0x70/0xb0 [ 111.069763][ T8388] hidinput_report_event+0xb2/0x100 [ 111.072008][ T8388] hid_report_raw_event+0x268/0x1290 [ 111.074293][ T8388] __hid_input_report.constprop.0+0x33f/0x450 [ 111.076797][ T8388] hid_irq_in+0x35e/0x870 [ 111.078785][ T8388] __usb_hcd_giveback_urb+0x38a/0x6e0 [ 111.081287][ T8388] usb_hcd_giveback_urb+0x39b/0x450 [ 111.083878][ T8388] dummy_timer+0x180e/0x3a20 [ 111.086107][ T8388] __hrtimer_run_queues+0x1ff/0xad0 [ 111.088450][ T8388] hrtimer_run_softirq+0x17d/0x350 [ 111.090808][ T8388] handle_softirqs+0x219/0x8e0 [ 111.092885][ T8388] __irq_exit_rcu+0x109/0x170 [ 111.094879][ T8388] irq_exit_rcu+0x9/0x30 [ 111.096830][ T8388] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 111.099194][ T8388] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 111.101649][ T8388] pv_native_safe_halt+0xf/0x20 [ 111.103778][ T8388] default_idle+0x13/0x20 [ 111.105736][ T8388] default_idle_call+0x6d/0xb0 [ 111.107829][ T8388] do_idle+0x391/0x510 [ 111.109719][ T8388] cpu_startup_entry+0x4f/0x60 [ 111.111744][ T8388] start_secondary+0x21d/0x2b0 [ 111.114042][ T8388] common_startup_64+0x13e/0x148 [ 111.116162][ T8388] INITIAL USE at: [ 111.117449][ T8388] lock_acquire+0x179/0x350 [ 111.119448][ T8388] _raw_spin_lock_irqsave+0x3a/0x60 [ 111.121707][ T8388] input_inject_event+0x9f/0x390 [ 111.123835][ T8388] led_set_brightness+0x214/0x290 [ 111.125994][ T8388] kbd_led_trigger_activate+0xcb/0x110 [ 111.128257][ T8388] led_trigger_set+0x597/0xc50 [ 111.130606][ T8388] led_trigger_set_default+0x1e0/0x2e0 [ 111.133035][ T8388] led_classdev_register_ext+0x7b8/0xa10 [ 111.135949][ T8388] input_leds_connect+0x552/0x8e0 [ 111.138440][ T8388] input_attach_handler.isra.0+0x184/0x260 [ 111.141073][ T8388] input_register_device+0xa84/0x1130 [ 111.143377][ T8388] atkbd_connect+0x5da/0xa20 [ 111.145483][ T8388] serio_driver_probe+0x74/0xb0 [ 111.147907][ T8388] really_probe+0x23e/0xa90 [ 111.150197][ T8388] __driver_probe_device+0x1de/0x440 [ 111.152705][ T8388] driver_probe_device+0x4c/0x1b0 [ 111.155091][ T8388] __driver_attach+0x283/0x580 [ 111.157354][ T8388] bus_for_each_dev+0x13b/0x1d0 [ 111.159812][ T8388] serio_handle_event+0x247/0xa50 [ 111.162250][ T8388] process_one_work+0x9cf/0x1b70 [ 111.164759][ T8388] worker_thread+0x6c8/0xf10 [ 111.166783][ T8388] kthread+0x3c2/0x780 [ 111.168683][ T8388] ret_from_fork+0x5d7/0x6f0 [ 111.170713][ T8388] ret_from_fork_asm+0x1a/0x30 [ 111.172787][ T8388] } [ 111.173667][ T8388] ... key at: [] __key.7+0x0/0x40 [ 111.175955][ T8388] -> (&client->buffer_lock){....}-{3:3} { [ 111.177798][ T8388] INITIAL USE at: [ 111.179047][ T8388] lock_acquire+0x179/0x350 [ 111.181030][ T8388] _raw_spin_lock+0x2e/0x40 [ 111.182994][ T8388] evdev_pass_values+0x10e/0x9b0 [ 111.185092][ T8388] evdev_events+0x1bb/0x390 [ 111.187323][ T8388] input_pass_values+0x6c7/0x890 [ 111.189526][ T8388] input_handle_event+0xf00/0x14d0 [ 111.191680][ T8388] input_inject_event+0x1cd/0x390 [ 111.193812][ T8388] evdev_write+0x2e1/0x440 [ 111.195755][ T8388] vfs_write+0x29d/0x1150 [ 111.197650][ T8388] ksys_write+0x1f8/0x250 [ 111.199567][ T8388] __do_fast_syscall_32+0x7c/0x3a0 [ 111.201875][ T8388] do_fast_syscall_32+0x32/0x80 [ 111.203945][ T8388] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 111.206495][ T8388] } [ 111.207348][ T8388] ... key at: [] __key.1+0x0/0x40 [ 111.209580][ T8388] ... acquired at: [ 111.210814][ T8388] _raw_spin_lock+0x2e/0x40 [ 111.212323][ T8388] evdev_pass_values+0x10e/0x9b0 [ 111.213924][ T8388] evdev_events+0x1bb/0x390 [ 111.215426][ T8388] input_pass_values+0x6c7/0x890 [ 111.217027][ T8388] input_handle_event+0xf00/0x14d0 [ 111.218720][ T8388] input_inject_event+0x1cd/0x390 [ 111.220647][ T8388] evdev_write+0x2e1/0x440 [ 111.222461][ T8388] vfs_write+0x29d/0x1150 [ 111.224258][ T8388] ksys_write+0x1f8/0x250 [ 111.226038][ T8388] __do_fast_syscall_32+0x7c/0x3a0 [ 111.228112][ T8388] do_fast_syscall_32+0x32/0x80 [ 111.230086][ T8388] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 111.232634][ T8388] [ 111.233585][ T8388] -> (&new->fa_lock){....}-{3:3} { [ 111.235602][ T8388] INITIAL USE at: [ 111.237144][ T8388] lock_acquire+0x179/0x350 [ 111.239451][ T8388] _raw_write_lock_irq+0x36/0x50 [ 111.241627][ T8388] fasync_remove_entry+0xb2/0x1e0 [ 111.243682][ T8388] fasync_helper+0xaf/0xd0 [ 111.245541][ T8388] lease_modify+0x232/0x500 [ 111.247439][ T8388] locks_remove_file+0x29e/0x5c0 [ 111.249460][ T8388] __fput+0x351/0xb70 [ 111.251221][ T8388] task_work_run+0x150/0x240 [ 111.253126][ T8388] exit_to_user_mode_loop+0xeb/0x110 [ 111.255294][ T8388] __do_fast_syscall_32+0x2ac/0x3a0 [ 111.257393][ T8388] do_fast_syscall_32+0x32/0x80 [ 111.259381][ T8388] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 111.261853][ T8388] INITIAL READ USE at: [ 111.263221][ T8388] lock_acquire+0x179/0x350 [ 111.265230][ T8388] _raw_read_lock_irqsave+0x74/0x90 [ 111.267470][ T8388] kill_fasync+0x138/0x510 [ 111.269510][ T8388] evdev_pass_values+0x619/0x9b0 [ 111.271670][ T8388] evdev_events+0x1bb/0x390 [ 111.273676][ T8388] input_pass_values+0x6c7/0x890 [ 111.275822][ T8388] input_handle_event+0xf00/0x14d0 [ 111.278013][ T8388] input_inject_event+0x1cd/0x390 [ 111.280232][ T8388] evdev_write+0x2e1/0x440 [ 111.282223][ T8388] vfs_write+0x29d/0x1150 [ 111.284180][ T8388] ksys_write+0x1f8/0x250 [ 111.286147][ T8388] __do_fast_syscall_32+0x7c/0x3a0 [ 111.288444][ T8388] do_fast_syscall_32+0x32/0x80 [ 111.290675][ T8388] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 111.293357][ T8388] } [ 111.294172][ T8388] ... key at: [] __key.0+0x0/0x40 [ 111.296269][ T8388] ... acquired at: [ 111.297448][ T8388] _raw_read_lock_irqsave+0x74/0x90 [ 111.299127][ T8388] kill_fasync+0x138/0x510 [ 111.300611][ T8388] evdev_pass_values+0x619/0x9b0 [ 111.302217][ T8388] evdev_events+0x1bb/0x390 [ 111.303702][ T8388] input_pass_values+0x6c7/0x890 [ 111.305337][ T8388] input_handle_event+0xf00/0x14d0 [ 111.306986][ T8388] input_inject_event+0x1cd/0x390 [ 111.308623][ T8388] evdev_write+0x2e1/0x440 [ 111.310057][ T8388] vfs_write+0x29d/0x1150 [ 111.311514][ T8388] ksys_write+0x1f8/0x250 [ 111.312903][ T8388] __do_fast_syscall_32+0x7c/0x3a0 [ 111.314651][ T8388] do_fast_syscall_32+0x32/0x80 [ 111.316526][ T8388] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 111.318826][ T8388] [ 111.319768][ T8388] [ 111.319768][ T8388] the dependencies between the lock to be acquired [ 111.319774][ T8388] and SOFTIRQ-irq-unsafe lock: [ 111.324389][ T8388] -> (tasklist_lock){.+.+}-{3:3} { [ 111.325959][ T8388] HARDIRQ-ON-R at: [ 111.327387][ T8388] lock_acquire+0x179/0x350 [ 111.329625][ T8388] _raw_read_lock+0x5f/0x70 [ 111.331647][ T8388] __do_wait+0x105/0x890 [ 111.333815][ T8388] do_wait+0x21e/0x5a0 [ 111.335771][ T8388] kernel_wait+0x9f/0x160 [ 111.337819][ T8388] call_usermodehelper_exec_work+0xf1/0x170 [ 111.340168][ T8388] process_one_work+0x9cf/0x1b70 [ 111.342198][ T8388] worker_thread+0x6c8/0xf10 [ 111.344154][ T8388] kthread+0x3c2/0x780 [ 111.345964][ T8388] ret_from_fork+0x5d7/0x6f0 [ 111.347985][ T8388] ret_from_fork_asm+0x1a/0x30 [ 111.349969][ T8388] SOFTIRQ-ON-R at: [ 111.351268][ T8388] lock_acquire+0x179/0x350 [ 111.353171][ T8388] _raw_read_lock+0x5f/0x70 [ 111.355112][ T8388] __do_wait+0x105/0x890 [ 111.356964][ T8388] do_wait+0x21e/0x5a0 [ 111.358772][ T8388] kernel_wait+0x9f/0x160 [ 111.360662][ T8388] call_usermodehelper_exec_work+0xf1/0x170 [ 111.363024][ T8388] process_one_work+0x9cf/0x1b70 [ 111.365086][ T8388] worker_thread+0x6c8/0xf10 [ 111.366997][ T8388] kthread+0x3c2/0x780 [ 111.368795][ T8388] ret_from_fork+0x5d7/0x6f0 [ 111.370733][ T8388] ret_from_fork_asm+0x1a/0x30 [ 111.372750][ T8388] INITIAL USE at: [ 111.373958][ T8388] lock_acquire+0x179/0x350 [ 111.375893][ T8388] _raw_write_lock_irq+0x36/0x50 [ 111.377893][ T8388] copy_process+0x4c68/0x7650 [ 111.379955][ T8388] kernel_clone+0xfc/0x960 [ 111.382135][ T8388] user_mode_thread+0xc7/0x110 [ 111.384274][ T8388] rest_init+0x23/0x2b0 [ 111.386341][ T8388] start_kernel+0x3ee/0x4d0 [ 111.388691][ T8388] x86_64_start_reservations+0x18/0x30 [ 111.391166][ T8388] x86_64_start_kernel+0x130/0x190 [ 111.393607][ T8388] common_startup_64+0x13e/0x148 [ 111.395994][ T8388] INITIAL READ USE at: [ 111.397568][ T8388] lock_acquire+0x179/0x350 [ 111.399812][ T8388] _raw_read_lock+0x5f/0x70 [ 111.402110][ T8388] __do_wait+0x105/0x890 [ 111.404182][ T8388] do_wait+0x21e/0x5a0 [ 111.406300][ T8388] kernel_wait+0x9f/0x160 [ 111.408608][ T8388] call_usermodehelper_exec_work+0xf1/0x170 [ 111.411390][ T8388] process_one_work+0x9cf/0x1b70 [ 111.413668][ T8388] worker_thread+0x6c8/0xf10 [ 111.416121][ T8388] kthread+0x3c2/0x780 [ 111.418131][ T8388] ret_from_fork+0x5d7/0x6f0 [ 111.420353][ T8388] ret_from_fork_asm+0x1a/0x30 [ 111.422890][ T8388] } [ 111.423873][ T8388] ... key at: [] tasklist_lock+0x18/0x40 [ 111.426514][ T8388] ... acquired at: [ 111.427880][ T8388] _raw_read_lock+0x5f/0x70 [ 111.429556][ T8388] send_sigurg+0xed/0xc80 [ 111.430965][ T8388] sk_send_sigurg+0x76/0x360 [ 111.432510][ T8388] unix_stream_sendmsg+0xeb3/0x11d0 [ 111.434394][ T8388] ____sys_sendmsg+0xa95/0xc70 [ 111.436038][ T8388] ___sys_sendmsg+0x134/0x1d0 [ 111.437720][ T8388] __sys_sendmsg+0x16d/0x220 [ 111.439394][ T8388] __do_fast_syscall_32+0x7c/0x3a0 [ 111.441225][ T8388] do_fast_syscall_32+0x32/0x80 [ 111.442819][ T8388] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 111.444848][ T8388] [ 111.445611][ T8388] -> (&f_owner->lock){....}-{3:3} { [ 111.447316][ T8388] INITIAL USE at: [ 111.448623][ T8388] lock_acquire+0x179/0x350 [ 111.450715][ T8388] _raw_write_lock_irq+0x36/0x50 [ 111.452742][ T8388] __f_setown+0x61/0x3c0 [ 111.454642][ T8388] fcntl_dirnotify+0x78f/0xb50 [ 111.456866][ T8388] do_fcntl+0xe62/0x15a0 [ 111.458677][ T8388] do_compat_fcntl64+0x367/0x710 [ 111.460667][ T8388] __do_fast_syscall_32+0x7c/0x3a0 [ 111.462681][ T8388] do_fast_syscall_32+0x32/0x80 [ 111.463652][ T6027] usb 8-1: new high-speed USB device number 12 using dummy_hcd [ 111.464595][ T8388] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 111.464611][ T8388] INITIAL READ USE at: [ 111.464618][ T8388] lock_acquire+0x179/0x350 [ 111.464632][ T8388] _raw_read_lock_irqsave+0x74/0x90 [ 111.475553][ T8388] send_sigurg+0x5f/0xc80 [ 111.477478][ T8388] sk_send_sigurg+0x76/0x360 [ 111.479513][ T8388] unix_stream_sendmsg+0xeb3/0x11d0 [ 111.481760][ T8388] ____sys_sendmsg+0xa95/0xc70 [ 111.483814][ T8388] ___sys_sendmsg+0x134/0x1d0 [ 111.485848][ T8388] __sys_sendmsg+0x16d/0x220 [ 111.487853][ T8388] __do_fast_syscall_32+0x7c/0x3a0 [ 111.490027][ T8388] do_fast_syscall_32+0x32/0x80 [ 111.492155][ T8388] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 111.494697][ T8388] } [ 111.495523][ T8388] ... key at: [] __key.1+0x0/0x40 [ 111.497708][ T8388] ... acquired at: [ 111.498905][ T8388] lock_acquire+0x179/0x350 [ 111.500403][ T8388] _raw_read_lock_irqsave+0x74/0x90 [ 111.501995][ T8388] send_sigio+0x31/0x3e0 [ 111.503390][ T8388] kill_fasync+0x214/0x510 [ 111.504836][ T8388] sock_wake_async+0x132/0x160 [ 111.506415][ T8388] sock_def_readable+0x522/0x600 [ 111.508018][ T8388] unix_stream_sendmsg+0xeeb/0x11d0 [ 111.509691][ T8388] ____sys_sendmsg+0xa95/0xc70 [ 111.511268][ T8388] ___sys_sendmsg+0x134/0x1d0 [ 111.512791][ T8388] __sys_sendmmsg+0x2f9/0x420 [ 111.514306][ T8388] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 111.516150][ T8388] __do_fast_syscall_32+0x7c/0x3a0 [ 111.517835][ T8388] do_fast_syscall_32+0x32/0x80 [ 111.519455][ T8388] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 111.521507][ T8388] [ 111.522279][ T8388] [ 111.522279][ T8388] stack backtrace: [ 111.524135][ T8388] CPU: 2 UID: 60928 PID: 8388 Comm: syz.4.844 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 111.524149][ T8388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 111.524156][ T8388] Call Trace: [ 111.524160][ T8388] [ 111.524165][ T8388] dump_stack_lvl+0x116/0x1f0 [ 111.524181][ T8388] check_irq_usage+0x7dc/0x920 [ 111.524195][ T8388] ? arch_stack_walk+0xa6/0x100 [ 111.524207][ T8388] ? check_path.constprop.0+0x24/0x50 [ 111.524225][ T8388] ? __lock_acquire+0x1285/0x1c90 [ 111.524239][ T8388] __lock_acquire+0x1285/0x1c90 [ 111.524253][ T8388] ? lockdep_unlock+0x64/0xe0 [ 111.524263][ T8388] ? __lock_acquire+0x1053/0x1c90 [ 111.524277][ T8388] lock_acquire+0x179/0x350 [ 111.524290][ T8388] ? send_sigio+0x31/0x3e0 [ 111.524301][ T8388] ? lock_acquire+0x179/0x350 [ 111.524315][ T8388] _raw_read_lock_irqsave+0x74/0x90 [ 111.524329][ T8388] ? send_sigio+0x31/0x3e0 [ 111.524339][ T8388] send_sigio+0x31/0x3e0 [ 111.524350][ T8388] kill_fasync+0x214/0x510 [ 111.524360][ T8388] sock_wake_async+0x132/0x160 [ 111.524371][ T8388] sock_def_readable+0x522/0x600 [ 111.524384][ T8388] unix_stream_sendmsg+0xeeb/0x11d0 [ 111.524399][ T8388] ? aa_sk_perm+0x2f4/0xb10 [ 111.524411][ T8388] ? __pfx_unix_stream_sendmsg+0x10/0x10 [ 111.524425][ T8388] ? __pfx_aa_sk_perm+0x10/0x10 [ 111.524437][ T8388] ? __import_iovec+0x1dd/0x650 [ 111.524447][ T8388] ____sys_sendmsg+0xa95/0xc70 [ 111.524458][ T8388] ? __pfx_____sys_sendmsg+0x10/0x10 [ 111.524469][ T8388] ? get_compat_msghdr+0x11a/0x170 [ 111.524486][ T8388] ? futex_unqueue+0x133/0x2c0 [ 111.524499][ T8388] ___sys_sendmsg+0x134/0x1d0 [ 111.524513][ T8388] ? futex_unqueue+0x13d/0x2c0 [ 111.524525][ T8388] ? __pfx____sys_sendmsg+0x10/0x10 [ 111.524539][ T8388] ? __lock_acquire+0x622/0x1c90 [ 111.524559][ T8388] __sys_sendmmsg+0x2f9/0x420 [ 111.524574][ T8388] ? __pfx___sys_sendmmsg+0x10/0x10 [ 111.524589][ T8388] ? __pfx_do_fcntl+0x10/0x10 [ 111.524600][ T8388] ? __pfx_do_futex+0x10/0x10 [ 111.524614][ T8388] ? __pfx___ia32_sys_futex_time32+0x10/0x10 [ 111.524630][ T8388] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 111.524647][ T8388] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 111.524663][ T8388] __do_fast_syscall_32+0x7c/0x3a0 [ 111.524679][ T8388] do_fast_syscall_32+0x32/0x80 [ 111.524694][ T8388] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 111.524706][ T8388] RIP: 0023:0xf70de579 [ 111.524714][ T8388] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 111.524724][ T8388] RSP: 002b:00000000f50ce55c EFLAGS: 00000296 ORIG_RAX: 0000000000000159 [ 111.524734][ T8388] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080006c40 [ 111.524741][ T8388] RDX: 0000000000000001 RSI: 00000000000408b1 RDI: 0000000000000000 [ 111.524747][ T8388] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 111.524752][ T8388] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 111.524758][ T8388] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 111.524767][ T8388] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 111.633983][ T6027] usb 8-1: Using ep0 maxpacket: 32 [ 111.637024][ T6027] usb 8-1: config index 0 descriptor too short (expected 29220, got 36) [ 111.640124][ T6027] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 111.653348][ T6027] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 111.656482][ T6027] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 111.659415][ T6027] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 111.662378][ T6027] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 111.670295][ T6027] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 111.673142][ T6027] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.684106][ T6027] usb 8-1: config 0 descriptor?? [ 111.907923][ T1186] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 111.911197][ T1186] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.945250][ T6027] usb 8-1: can't set config #0, error -71 [ 111.947451][ T6027] usb 8-1: USB disconnect, device number 12 [ 112.016247][ T1186] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 112.019457][ T1186] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.077868][ T1186] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 112.081791][ T1186] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.168543][ T1186] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 112.171865][ T1186] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 112.443677][ T1186] bond0 (unregistering): Released all slaves [ 112.449066][ T1186] bond1 (unregistering): Released all slaves [ 112.712074][ T1186] hsr_slave_0: left promiscuous mode [ 112.714141][ T1186] hsr_slave_1: left promiscuous mode [ 112.717337][ T1186] veth1_macvtap: left promiscuous mode [ 112.719132][ T1186] veth0_macvtap: left promiscuous mode [ 113.449214][ T1186] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.539327][ T1186] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.604560][ T1186] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.668580][ T1186] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.747393][ T1186] bridge_slave_1: left allmulticast mode [ 113.749170][ T1186] bridge_slave_1: left promiscuous mode [ 113.750912][ T1186] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.754633][ T1186] bridge_slave_0: left allmulticast mode [ 113.756460][ T1186] bridge_slave_0: left promiscuous mode [ 113.758302][ T1186] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.879657][ T1186] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 113.883431][ T1186] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 113.887876][ T1186] bond0 (unregistering): Released all slaves [ 114.133639][ T1186] hsr_slave_0: left promiscuous mode [ 114.135911][ T1186] hsr_slave_1: left promiscuous mode [ 114.137829][ T1186] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 114.140338][ T1186] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 114.142999][ T1186] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 114.146202][ T1186] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 114.150470][ T1186] veth1_macvtap: left promiscuous mode [ 114.153632][ T1186] veth0_macvtap: left promiscuous mode [ 114.155806][ T1186] veth1_vlan: left promiscuous mode [ 114.157610][ T1186] veth0_vlan: left promiscuous mode [ 114.292870][ T1186] team0 (unregistering): Port device team_slave_1 removed [ 114.322805][ T1186] team0 (unregistering): Port device team_slave_0 removed VM DIAGNOSIS: 07:09:45 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffff88802b43ff60 RCX=ffffffff81af49cd RDX=ffff8880237e2440 RSI=ffffffff81af49a9 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc90003607678 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=000000000000001e R12=dffffc0000000000 R13=0000000000000003 R14=ffffed1005687fed R15=ffff88802b23b6c0 RIP=ffffffff81af49ab RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097520000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7fb55c0 CR3=0000000069fd9000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7443ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000000cce0c RBX=0000000000000001 RCX=ffffffff8b847c69 RDX=ffffed1005666646 RSI=ffffffff8c1578e0 RDI=ffffffff819197b1 RBP=ffffed1003bd9488 RSP=ffffc9000046fdf8 R8 =0000000000000000 R9 =ffffed1005666645 R10=ffff88802b33322b R11=0000000000000000 R12=0000000000000001 R13=ffff88801deca440 R14=ffffffff90a9a150 R15=0000000000000000 RIP=ffffffff8b8467cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097620000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f740435c CR3=000000006c288000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85584895 RDI=ffffffff9b0ac980 RBP=ffffffff9b0ac940 RSP=ffffc9000c86f0a0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=0000000000000031 R14=ffffffff9b0ac940 R15=ffffffff85584830 RIP=ffffffff855848bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097720000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000581094c0 CR3=000000006c288000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000000b0b84 RBX=0000000000000003 RCX=ffffffff8b847c69 RDX=ffffed10056a6646 RSI=ffffffff8c1578e0 RDI=ffffffff819197b1 RBP=ffffed1003bdc000 RSP=ffffc9000048fdf8 R8 =0000000000000000 R9 =ffffed10056a6645 R10=ffff88802b53322b R11=0000000000000000 R12=0000000000000003 R13=ffff88801dee0000 R14=ffffffff90a9a150 R15=0000000000000000 RIP=ffffffff8b8467cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097820000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7269e60 CR3=000000006618a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000