last executing test programs: 2m11.169275023s ago: executing program 2 (id=3121): r0 = socket$inet(0x2, 0x3, 0x8) setsockopt$inet_int(r0, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4) r1 = socket$inet(0x2, 0x3, 0x6) r2 = dup3(r0, r1, 0x0) setsockopt$inet_int(r2, 0x0, 0x5, 0x0, 0x0) 2m11.103304149s ago: executing program 2 (id=3122): bpf$BPF_PROG_DETACH(0x9, &(0x7f00000009c0)=ANY=[@ANYBLOB=')'], 0x20) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4) sendto$packet(r0, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c153cfdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) 2m10.998617202s ago: executing program 2 (id=3123): openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000) r0 = syz_io_uring_setup(0x88f, &(0x7f00000001c0)={0x0, 0xaee2, 0x10, 0xffffffff, 0x16}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) 2m10.919213053s ago: executing program 2 (id=3126): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 2m10.844100273s ago: executing program 2 (id=3128): mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000280)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f0000000180)={0xfffffffffffffffc, 0x1, 0x2000200000a95c, 0xa, 0x4000000200, 0x80000001, 0x48cd, 0xfdfffffffffffffc, 0x800000df}) 2m10.543677762s ago: executing program 2 (id=3138): r0 = syz_io_uring_setup(0x837, &(0x7f0000000180)={0x0, 0xf79a, 0x0, 0x2000004, 0x3ce}, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r3 = socket$kcm(0xa, 0x2, 0x73) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x2400c0c7, 0x1}) io_uring_enter(r0, 0x3516, 0x0, 0x69, 0x0, 0x0) 2m10.419371843s ago: executing program 32 (id=3138): r0 = syz_io_uring_setup(0x837, &(0x7f0000000180)={0x0, 0xf79a, 0x0, 0x2000004, 0x3ce}, &(0x7f0000000000)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r3 = socket$kcm(0xa, 0x2, 0x73) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x2400c0c7, 0x1}) io_uring_enter(r0, 0x3516, 0x0, 0x69, 0x0, 0x0) 2m8.985082617s ago: executing program 3 (id=3161): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000b40)={'wpan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r1, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000e40)={0x38, r3, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_LEVEL={0x1c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x31}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x6}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x8004}, 0x40000) 2m8.978431886s ago: executing program 3 (id=3162): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) r1 = socket$kcm(0x10, 0x3, 0x10) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000980)=r0, 0x4) bpf$ENABLE_STATS(0x20, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000003c0)="1400000017000b63d25a80648c2594f934a3c92b", 0x14}], 0x1}, 0x0) 2m8.912740219s ago: executing program 3 (id=3164): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000240), 0xc0802, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000440)=0x800004) ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004) pwritev(r0, &(0x7f0000000180)=[{&(0x7f0000000380)="00214717a70700000000030600710a5eeb71200000000500000000000000ffff0342844d50e77d0d9c081cb49f1930e7d07fbd", 0x33}], 0x1, 0xee, 0x1) 2m7.52265964s ago: executing program 3 (id=3173): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x48) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x227) 2m7.517553982s ago: executing program 3 (id=3175): r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000000)={0x0, "08000000000000000000000000000000000000b582000000010000000100", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000080)={"6739669f274d13b691ebe45b00e4f5b53e0ca34dd02acecdc67c5e3126628168", r1, 0xffffffffffffffff}) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x5) ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f0000000080)={"000c00816800df00"}) 2m7.217699539s ago: executing program 3 (id=3182): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x101880, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000000c0)={0x10000, 0xc000, 0x1}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000000)={0x2000}) 2m7.090889608s ago: executing program 33 (id=3182): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x101880, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000000c0)={0x10000, 0xc000, 0x1}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000000)={0x2000}) 2m3.801816589s ago: executing program 4 (id=3139): write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000080)={0xc, {"a2e3ad21ed0d52f91b5d520987f70e06d038e7ff7fc6e5539b3247298b089b0708356d090890e0878f0e1ac6e7049b3350959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b31070d074b0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db871953330271c4aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd55acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x38}, 0x1, 0x300}, 0x20044041) r0 = socket(0x10, 0x3, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="280000002100010002000000000000000a00000000000001016200000c001480"], 0x28}], 0x1}, 0x0) sendmmsg$alg(r0, &(0x7f0000000140), 0x4924b68, 0x0) 2m3.732754768s ago: executing program 4 (id=3205): unshare(0x2c020400) r0 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x5885, 0x100, 0x0, 0xffeffc03}, &(0x7f0000000340)=0x0, &(0x7f0000000240)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000004c0)='./file0\x00', 0x80}) io_uring_enter(r0, 0x351e, 0x483, 0x0, 0x0, 0x0) 2m3.684576526s ago: executing program 4 (id=3206): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x48) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x227) 2m3.602473593s ago: executing program 4 (id=3207): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="12010000000000408c0d220000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000740)={0x2c, &(0x7f0000000980)=ANY=[@ANYBLOB="00000001"], 0x0, 0x0, 0x0, 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCGPHYS(r1, 0x80404812, &(0x7f0000000000)) 2m2.567593688s ago: executing program 4 (id=3234): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local}) ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe3, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcb776f6, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7357c35c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x9, 0x0, 0x0, 0x5, 0x4, 0x40000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1cd5a44b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f95, 0xfffffffc, 0x4], 0x1, 0x400}) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r0, 0x7b0, &(0x7f00000000c0)={@hyper, 0x1}) 2m2.456599986s ago: executing program 34 (id=3234): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local}) ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe3, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcb776f6, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7357c35c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x9, 0x0, 0x0, 0x5, 0x4, 0x40000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1cd5a44b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f95, 0xfffffffc, 0x4], 0x1, 0x400}) ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r0, 0x7b0, &(0x7f00000000c0)={@hyper, 0x1}) 1m39.393339279s ago: executing program 6 (id=3664): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001"], 0xb8}}, 0x0) r0 = epoll_create1(0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40088a01, &(0x7f0000000000)) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000040)={0x1}) 1m39.3931648s ago: executing program 6 (id=3665): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$xdp(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000300)="0534bea033be0b9cf99376f819e54b40a13f5b6b9a10a21063c37ade6a34cee6506e0a053bb7007b679e3d3d86da41d594ca0404073607718b312e22be3a0ce232c6f21e2f98f5e2ce76ec2e558c34fd1c34228f1b6f7c5e0fb399f465aa5d59328deaf036ccb96f63c6687994544f8282f7493996b00b6ee51b1f1ea7a840492d0a4151c52bf44d", 0x88}, {&(0x7f0000000500)="c0311201c3f172910bef9fa241fd42db2093d0aad85bb03e93b2f54c603a5d2dde965761688c045eaa4b8fc0746e9660efc2c45945fe8de41dd18a35c4bbd770b161f6b804df42730bea983f3d3890cbaf157bbb28be70aa48d5ed5f74c864a2d24cd880d2dea66c7ff964b5e274ac48aa974ecaf45194f1caea816e8b0cc708f908d83376ac21a959a404", 0x8b}, {&(0x7f00000005c0)="88416bed45cccafa64c581ca0249c14b319c2ba1b87e493677799ebc2d5575bec611032f54e743331d66707c3cd5788121f74cb947b2292736b35ad023fdac0eb20759cf30c7c273f040cadd3301b26c36a9b1f1726fb2f2acea5dbabe4f61333d7a80d1ccd2a407d7995b91e639034983bdc5b14ac217c3ac3c2e8fac1c79ec96cc2cc4c9f7eb70cba651b9388641c9c8dc36ac947fcc41f63f16d1ee9b3c4988c64d429ea237c7dfa062e2d6fba105d988ac1f6929927eac823a23a3cb4df695d9e7956539a059cf4518544d937504cf2b3cc37b35096311b9478fb974130aa91eaf8baf968d9983ee11", 0xeb}, {&(0x7f0000000440)="7395fc31720b646d", 0x8}, {&(0x7f00000006c0)="3646febaf5bc4afcf8b8", 0xa}], 0x5, 0x0, 0x0, 0x24004000}, 0x4000) 1m39.333784877s ago: executing program 6 (id=3667): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) write(r1, &(0x7f0000000100)="52000300010007", 0x7) 1m39.333467535s ago: executing program 6 (id=3669): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1edc01, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x887008, 0x0) 1m39.28283409s ago: executing program 6 (id=3671): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) r0 = socket$kcm(0x10, 0x100000000002, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000001100)=ANY=[@ANYBLOB="b7020000b96871dfbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe0000004f850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d62de53a9a53608c10556e5734eb84049761451ce2e2d9f8004e26f7fcc059c06220002595f6dba87b81d1106fb026cce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895c679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd6fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f2fcb6d753a78845d8363e0401861abebe428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30810400000000000000d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f804924600273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c048d46362ea0d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b10700ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d120ea257bba458ecd989cb3581a3f270ad48255ac0dad4923e3e357e4e90583ce8d43ec65ed491d87a51d7c13f665dcf772e3ead71112008b16b0ea821f70aee1ccbd71c5a1c21e87d5b7b73d356337dbcf3456ff6cd0d6b98a258e3509a7d15b9dcae4d0d750ffa07909c955e718585b2456308beda2fa03bb9bcf03cdff31ee4b1665b987829c0f0872c006c6e4ed666fe23b343aae943923eedbdb0e7abee90e3da7b98b7d07d2d4816201ad1737798635b0a3ebd3aed120e4500c16e6c9dc729f009db49c6b8b19613e4d792cb4ff5106419291d4222980b49ddb9527ce785822d8f4e2bc30a96767f500b9e26e3b12854da63083320d8bfe49d85e0842803dc59d6375bce2b8a93caf39c0ba767880bbb9bf9407e6a6c0f9a43d1ab51dabf9423b482e848fbe1653ff0c6161fa43543546ce17a42e6cddadaf0767d84407478ffe2d0b567d81201efc81e800d4c0874235ff5cd7f5f0ee71cc2b0193bfc9290627ceaeb0b02931a817688f3a51fa2861e70cbab50a5d434ed8d8841694dba46f3d5a95ae86e4d471684ccf427b2ba53a157b2a7cf7a4c10051bb77822190a14c2ab1f271a7cf9c240b99"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x54}, 0x42) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4) sendmsg$kcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180000000171300883795c04a31ba377a1b2cc32b38d3740000ffffffffffffffff", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0) 1m39.119179036s ago: executing program 6 (id=3676): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000005000000014d564b00000000af"]) ioctl$KVM_KVMCLOCK_CTRL(r2, 0xaead) 1m39.049994826s ago: executing program 35 (id=3676): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000005000000014d564b00000000af"]) ioctl$KVM_KVMCLOCK_CTRL(r2, 0xaead) 1.99159948s ago: executing program 0 (id=5777): openat$ttynull(0xffffffffffffff9c, &(0x7f00000008c0), 0x40000, 0x0) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x2, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') read$FUSE(r1, &(0x7f0000003980)={0x2020}, 0x2020) mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) read$FUSE(r1, 0x0, 0x0) 1.88413162s ago: executing program 1 (id=5779): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) 1.881545644s ago: executing program 1 (id=5780): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000180)) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) write$dsp(r0, &(0x7f0000000200)="dce480febb0ccd0bcb66ade3495e87b440e5afdc984cc06eb1c91c85a7fec04b2f82e267c1edd1543b79d80c0f949073bdbaa464c040e61ea6e658101100101097a5821b6c0c79d177b96995281707ce6d20a6db", 0x54) write$dsp(r0, &(0x7f0000000080)="cd", 0x1) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) 1.158410763s ago: executing program 0 (id=5786): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) write$FUSE_NOTIFY_RETRIEVE(r0, &(0x7f0000000280)={0x30, 0x5, 0x0, {0x0, 0x1, 0x3}}, 0x30) read$FUSE(r0, &(0x7f0000004180)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_OPEN(r0, &(0x7f00000002c0)={0x20, 0x0, r1}, 0x20) 1.021284714s ago: executing program 0 (id=5789): r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0) fcntl$setlease(r0, 0x400, 0x1) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x103000, 0x8d) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x20000, 0x71) pread64(r1, &(0x7f0000001440)=""/126, 0x7e, 0x41) 1.019639366s ago: executing program 1 (id=5790): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = epoll_create(0x50) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x8}) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) 1.017419945s ago: executing program 5 (id=5791): r0 = syz_open_procfs(0x0, &(0x7f0000000380)='map_files\x00') r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x6000, 0x1) write$UHID_CREATE2(r1, &(0x7f00000000c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000000), 0x2, 0x0) 932.584809ms ago: executing program 5 (id=5792): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d4", 0x5) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x48814}, 0x14000012) recvmmsg$unix(r1, &(0x7f0000000640)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000002a00)=""/4100, 0x1004}], 0x1}}], 0x1, 0x10000, 0x0) 932.371475ms ago: executing program 5 (id=5794): r0 = socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc}, 0x10) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) recvmmsg(r1, &(0x7f00000038c0)=[{{0x0, 0x0, &(0x7f0000003b80)=[{&(0x7f0000000100)=""/173, 0xad}], 0x1}, 0x2}, {{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000780)=""/39, 0x27}], 0x1}, 0x3}, {{0x0, 0x0, &(0x7f0000002d00)=[{&(0x7f0000000980)=""/87, 0x57}], 0x1}}, {{0x0, 0x0, &(0x7f0000003500)=[{&(0x7f0000002ec0)=""/240, 0xf0}], 0x1}, 0x10000}], 0x4, 0x7ffeedc0, 0x0) 866.08425ms ago: executing program 1 (id=5795): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001400)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r2, {0x4, 0x4}, {}, {0x1, 0xf}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0x9, 0xe}}]}}]}, 0x38}}, 0x20040054) 865.78836ms ago: executing program 5 (id=5796): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000540)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x40010}, 0x14000012) recvmsg$can_raw(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)=""/34, 0x22}], 0x1}, 0x40010042) 862.436796ms ago: executing program 1 (id=5797): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x13) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000006a80), 0x101101, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='./cgroup.net/cgroup.procs\x00', &(0x7f0000000140), 0x21c804, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x11) 860.954581ms ago: executing program 5 (id=5798): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000180)="3bef", 0x2}], 0x1) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x1], 0x0, 0x0, 0x1, 0x1}}, 0x40) r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x44) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000001, 0x12, r2, 0x0) 778.938146ms ago: executing program 5 (id=5799): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000240)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000400)) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) 253.118729ms ago: executing program 7 (id=5805): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0x8, &(0x7f0000006680)) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0) chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00') mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000002c0)='sysfs\x00', 0x0, 0x0) pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00') 252.938995ms ago: executing program 7 (id=5806): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) r2 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) bind$can_j1939(r2, &(0x7f00000000c0)={0x1d, r3}, 0x18) bind$can_j1939(r2, &(0x7f0000000080)={0x1d, r1, 0x1, {0x1, 0xf0, 0x3}, 0x1}, 0x18) 199.13778ms ago: executing program 7 (id=5807): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000440)={{0xfffe, 0x5, 0x2, 0x5}, 'syz1\x00', 0x53}) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x12) ioctl$UI_DEV_CREATE(r0, 0x5501) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002100)='/proc/bus/input/devices\x00', 0x0, 0x0) read$FUSE(r1, &(0x7f0000000040)={0x2020}, 0x2020) 191.203298ms ago: executing program 0 (id=5808): syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x68001, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000440)={@val={0x11}, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x452c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0xffffdd86}}}}}}}, 0xfdef) 190.007223ms ago: executing program 7 (id=5809): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x509, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x0, 0x0, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r4, 0x0, 0x0, 0x0, {@ip4=@broadcast, 0x86dd}}}]}, 0x38}}, 0x0) 113.095448ms ago: executing program 7 (id=5810): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = dup(r0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) listen(r1, 0x0) mount$9p_fd(0x0, &(0x7f0000000540)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) sendmsg$NFT_MSG_GETTABLE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x4000000}, 0x20008085) 75.539663ms ago: executing program 0 (id=5811): r0 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x1, 0x0) fchdir(r1) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)=@generic={&(0x7f0000000140)='./file0\x00', r2}, 0x18) 70.781549ms ago: executing program 7 (id=5812): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = socket(0x10, 0x803, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001400)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r2, {0x4, 0x4}, {}, {0x1, 0xf}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0x9, 0xe}}]}}]}, 0x38}}, 0x20040054) 909.633µs ago: executing program 0 (id=5813): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_LK(r0, &(0x7f00000000c0)={0x28, 0x0, r1, {{0x7, 0x8000000000000000, 0x1, 0xffffffffffffffff}}}, 0x28) mknod$loop(&(0x7f00000002c0)='./file0/../file0/file0\x00', 0xffff2000, 0x0) 0s ago: executing program 1 (id=5814): syz_usb_connect(0x4, 0x0, 0x0, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0xf0ff}}]}) r0 = syz_open_dev$evdev(&(0x7f0000001540), 0x0, 0x0) ioctl$EVIOCGLED(r0, 0x5452, &(0x7f0000000240)=""/77) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000180)={0x57, 0x0, 0x0, {0xfffe, 0x1}, {0x74, 0x2}, @const={0x6, {0x7f, 0x0, 0x8000, 0xfffd}}}) r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x78, 0x822b01) write$char_usb(r1, &(0x7f0000000040)="e2", 0x1068) kernel console output (not intermixed with test programs): butes in process `syz.7.4036'. [ 234.804654][T15138] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4036'. [ 235.086085][ T60] usb 12-1: new high-speed USB device number 5 using dummy_hcd [ 235.129437][T15154] bridge0: port 3(veth0_to_bridge) entered blocking state [ 235.131790][T15154] bridge0: port 3(veth0_to_bridge) entered disabled state [ 235.134377][T15154] veth0_to_bridge: entered allmulticast mode [ 235.137842][T15154] veth0_to_bridge: entered promiscuous mode [ 235.139814][T15154] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 235.144499][ T221] bridge0: port 1(bridge_slave_0) entered disabled state [ 235.245996][ T60] usb 12-1: Using ep0 maxpacket: 16 [ 235.248932][ T60] usb 12-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 235.251926][ T60] usb 12-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 180, changing to 11 [ 235.255432][ T60] usb 12-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid maxpacket 26584, setting to 1024 [ 235.259262][ T60] usb 12-1: config 0 interface 0 has no altsetting 0 [ 235.262860][ T60] usb 12-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 235.265724][ T60] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 235.268315][ T60] usb 12-1: Product: syz [ 235.269908][ T60] usb 12-1: Manufacturer: syz [ 235.271411][ T60] usb 12-1: SerialNumber: syz [ 235.277070][ T60] usb 12-1: config 0 descriptor?? [ 235.284714][T15140] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 235.492548][T15140] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22 [ 235.497493][ T60] input: syz syz as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/input/input53 [ 235.710327][ T29] usb 12-1: USB disconnect, device number 5 [ 235.776472][ T34] usb 10-1: new high-speed USB device number 8 using dummy_hcd [ 235.944749][ T34] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 235.948295][ T34] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 235.952161][ T34] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 235.955071][ T34] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 235.958520][ T34] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 235.963261][ T34] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 235.966241][ T34] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 235.968713][ T34] usb 10-1: Product: syz [ 235.970046][ T34] usb 10-1: Manufacturer: syz [ 235.977433][ T34] cdc_wdm 10-1:1.0: skipping garbage [ 235.979580][ T34] cdc_wdm 10-1:1.0: skipping garbage [ 235.982076][ T34] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device [ 235.984066][ T34] cdc_wdm 10-1:1.0: Unknown control protocol [ 236.124531][ T60] usb 6-1: USB disconnect, device number 22 [ 236.186903][ C3] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 236.189718][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 236.192486][ C3] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 236.195383][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 236.198402][ C3] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 236.201183][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 236.203871][ C3] cdc_wdm 10-1:1.0: nonzero urb status received: -71 [ 236.206572][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes [ 236.210504][ T34] usb 10-1: USB disconnect, device number 8 [ 236.213514][ C3] cdc_wdm 10-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 236.445994][ T60] usb 6-1: new high-speed USB device number 23 using dummy_hcd [ 236.605918][ T60] usb 6-1: Using ep0 maxpacket: 8 [ 236.608797][ T60] usb 6-1: config index 0 descriptor too short (expected 301, got 45) [ 236.611624][ T60] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 236.614658][ T60] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 236.617785][ T60] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 236.621901][ T60] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 236.627180][ T60] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 236.630221][ T60] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.839344][ T60] usb 6-1: usb_control_msg returned -32 [ 236.841896][ T60] usbtmc 6-1:16.0: can't read capabilities [ 236.939672][T15209] netlink: 116 bytes leftover after parsing attributes in process `syz.5.4071'. [ 237.193237][T15221] usbtmc 6-1:16.0: INITIATE_CLEAR returned 0 [ 237.394467][ T60] usb 6-1: USB disconnect, device number 23 [ 238.346003][T15207] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 238.346049][ T5979] Bluetooth: hci3: command 0x0c1a tx timeout [ 239.250426][T15207] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 239.252924][T15207] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 239.255594][T15207] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 239.259134][T15207] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 239.263642][T15216] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 239.442857][T15248] input: syz0 as /devices/virtual/input/input54 [ 239.805605][T15278] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4099'. [ 239.816973][T15279] [U] [ 239.851637][T15287] syzkaller1: entered promiscuous mode [ 239.853905][T15287] syzkaller1: entered allmulticast mode [ 240.426167][ T5979] Bluetooth: hci0: command 0x0c1a tx timeout [ 240.490035][T15325] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 240.493398][T15325] batadv_slave_0: entered promiscuous mode [ 240.906607][T15345] netlink: 83 bytes leftover after parsing attributes in process `syz.5.4131'. [ 240.944287][T15350] unknown channel width for channel at 909000KHz? [ 240.946815][T15350] unknown channel width for channel at 909000KHz? [ 240.948902][T15350] unknown channel width for channel at 909000KHz? [ 241.156167][ T29] usb 12-1: new high-speed USB device number 6 using dummy_hcd [ 241.245090][ T40] audit: type=1326 audit(2000000162.047:1589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15368 comm="syz.0.4141" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 241.254454][ T40] audit: type=1326 audit(2000000162.047:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15368 comm="syz.0.4141" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 241.264245][ T40] audit: type=1326 audit(2000000162.057:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15368 comm="syz.0.4141" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 241.271467][ T40] audit: type=1326 audit(2000000162.057:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15368 comm="syz.0.4141" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 241.280841][ T40] audit: type=1326 audit(2000000162.057:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15368 comm="syz.0.4141" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 241.289945][ T40] audit: type=1326 audit(2000000162.057:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15368 comm="syz.0.4141" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 241.299526][ T40] audit: type=1326 audit(2000000162.057:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15368 comm="syz.0.4141" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000 [ 241.306004][ T29] usb 12-1: Using ep0 maxpacket: 8 [ 241.309037][ T40] audit: type=1326 audit(2000000162.057:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15368 comm="syz.0.4141" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000 [ 241.310433][ T5979] Bluetooth: hci2: command 0x0c1a tx timeout [ 241.316450][ T40] audit: type=1326 audit(2000000162.057:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15368 comm="syz.0.4141" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000 [ 241.325009][ T29] usb 12-1: config index 0 descriptor too short (expected 301, got 45) [ 241.328759][ T29] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 241.334331][ T29] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 241.338333][ T40] audit: type=1326 audit(2000000162.057:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15368 comm="syz.0.4141" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000 [ 241.346854][ T29] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 241.350456][ T29] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 241.355372][ T29] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 241.358929][ T29] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 241.576175][ T29] usb 12-1: GET_CAPABILITIES returned 0 [ 241.578126][ T29] usbtmc 12-1:16.0: can't read capabilities [ 241.790852][ T29] usb 12-1: USB disconnect, device number 6 [ 241.843413][T15409] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4159'. [ 242.413845][T15429] syzkaller1: entered promiscuous mode [ 242.415727][T15429] syzkaller1: entered allmulticast mode [ 242.744889][T15451] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 242.746786][T15450] IPVS: stopping master sync thread 15451 ... [ 242.854188][T15464] input: syz0 as /devices/virtual/input/input55 [ 242.935057][T15470] netlink: 44 bytes leftover after parsing attributes in process `syz.7.4182'. [ 243.085186][T15484] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 243.158629][T15495] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 243.160771][T15495] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 243.164797][T15495] vhci_hcd vhci_hcd.0: Device attached [ 243.289228][T15512] overlay: filesystem on ./bus not supported as upperdir [ 243.337206][ T6053] vhci_hcd: vhci_device speed not set [ 243.397156][ T5979] Bluetooth: hci2: command 0x0c1a tx timeout [ 243.405971][ T6053] usb 37-1: new full-speed USB device number 2 using vhci_hcd [ 243.416151][ T29] usb 5-1: new low-speed USB device number 24 using dummy_hcd [ 243.428275][T15528] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4210'. [ 243.577091][ T29] usb 5-1: config 0 has no interfaces? [ 243.577110][ T29] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 243.577122][ T29] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.578358][ T29] usb 5-1: config 0 descriptor?? [ 243.678801][T15543] openvswitch: netlink: IPv4 tun info is not correct [ 243.761180][T15547] netlink: 14528 bytes leftover after parsing attributes in process `syz.1.4219'. [ 243.783937][ T29] usb 5-1: USB disconnect, device number 24 [ 243.791949][T15497] vhci_hcd: connection reset by peer [ 243.796306][ T1208] vhci_hcd: stop threads [ 243.796330][ T1208] vhci_hcd: release socket [ 243.800230][ T1208] vhci_hcd: disconnect device [ 243.846081][ T6053] vhci_hcd: vhci_device speed not set [ 243.880576][T15556] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4223'. [ 243.880595][T15556] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 243.896305][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 245.015946][ T60] usb 10-1: new high-speed USB device number 9 using dummy_hcd [ 245.189913][ T60] usb 10-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 245.194144][ T60] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 245.199147][ T60] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 245.203121][ T60] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 245.208410][ T60] usb 10-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 245.211626][ T60] usb 10-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 245.214155][ T60] usb 10-1: Manufacturer: syz [ 245.227782][ T60] usb 10-1: config 0 descriptor?? [ 245.466123][ T5979] Bluetooth: hci2: command 0x0c1a tx timeout [ 245.475983][ T34] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 245.630709][ T34] usb 5-1: config index 0 descriptor too short (expected 45, got 36) [ 245.634774][ T34] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 245.639339][ T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 245.644330][ T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 245.648731][ T60] hid_parser_main: 6 callbacks suppressed [ 245.648749][ T60] appleir 0003:05AC:8243.001C: unknown main item tag 0x0 [ 245.650782][ T34] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 245.655128][ T60] appleir 0003:05AC:8243.001C: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0 [ 245.660016][ T34] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 245.660044][ T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 245.680178][ T34] usb 5-1: config 0 descriptor?? [ 245.683130][T15619] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 245.900308][ T6053] usb 10-1: USB disconnect, device number 9 [ 245.999769][T15667] sctp: [Deprecated]: syz.7.4274 (pid 15667) Use of struct sctp_assoc_value in delayed_ack socket option. [ 245.999769][T15667] Use struct sctp_sack_info instead [ 246.071826][T15673] Bluetooth: hci0: invalid length 0, exp 2 for type 0 [ 246.100893][ T34] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0 [ 246.103977][ T34] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0 [ 246.108680][ T34] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0 [ 246.112038][ T34] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0 [ 246.115028][ T34] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0 [ 246.118151][ T34] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0 [ 246.121052][ T34] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0 [ 246.123965][ T34] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0 [ 246.128340][ T34] plantronics 0003:047F:FFFF.001D: unknown main item tag 0x0 [ 246.138262][ T34] plantronics 0003:047F:FFFF.001D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 246.361644][ T34] usb 5-1: USB disconnect, device number 25 [ 246.411438][T15701] syzkaller1: entered promiscuous mode [ 246.413483][T15701] syzkaller1: entered allmulticast mode [ 246.792045][T15733] veth0_to_hsr: entered promiscuous mode [ 246.795116][T15733] veth0_to_hsr: left promiscuous mode [ 246.859507][T15740] syzkaller1: entered promiscuous mode [ 246.861440][T15740] syzkaller1: entered allmulticast mode [ 246.864717][T15740] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 6 [ 248.066131][ T34] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 248.227560][ T34] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 248.231856][ T34] usb 5-1: config 0 interface 0 has no altsetting 0 [ 248.237854][ T34] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 248.241486][ T34] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 248.244548][ T34] usb 5-1: Product: syz [ 248.246015][ T34] usb 5-1: Manufacturer: syz [ 248.247910][ T34] usb 5-1: SerialNumber: syz [ 248.251960][ T34] usb 5-1: config 0 descriptor?? [ 248.258743][ T34] usb 5-1: selecting invalid altsetting 0 [ 248.461915][ T6016] usb 5-1: USB disconnect, device number 26 [ 248.823602][T15844] netlink: 'syz.7.4352': attribute type 1 has an invalid length. [ 248.827879][T15844] netlink: 168864 bytes leftover after parsing attributes in process `syz.7.4352'. [ 249.012033][ T40] kauditd_printk_skb: 413 callbacks suppressed [ 249.012044][ T40] audit: type=1326 audit(2000000169.817:2012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15855 comm="syz.7.4356" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f44598 code=0x7ffc0000 [ 249.022816][ T40] audit: type=1326 audit(2000000169.817:2013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15855 comm="syz.7.4356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 249.031152][ T40] audit: type=1326 audit(2000000169.817:2014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15855 comm="syz.7.4356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 249.038588][ T40] audit: type=1326 audit(2000000169.827:2015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15855 comm="syz.7.4356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 249.049366][ T40] audit: type=1326 audit(2000000169.827:2016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15855 comm="syz.7.4356" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f44598 code=0x7ffc0000 [ 249.057605][ T40] audit: type=1326 audit(2000000169.827:2017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15855 comm="syz.7.4356" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f44598 code=0x7ffc0000 [ 249.064539][ T40] audit: type=1326 audit(2000000169.827:2018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15855 comm="syz.7.4356" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f44598 code=0x7ffc0000 [ 249.071669][ T40] audit: type=1326 audit(2000000169.827:2019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15855 comm="syz.7.4356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 249.080785][ T40] audit: type=1326 audit(2000000169.827:2020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15855 comm="syz.7.4356" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 249.089139][ T40] audit: type=1326 audit(2000000169.827:2021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15855 comm="syz.7.4356" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f44598 code=0x7ffc0000 [ 249.250193][T15880] input: syz0 as /devices/virtual/input/input57 [ 249.361121][T15895] input: syz0 as /devices/virtual/input/input58 [ 249.545961][ T6053] usb 12-1: new high-speed USB device number 7 using dummy_hcd [ 249.715958][ T6053] usb 12-1: Using ep0 maxpacket: 16 [ 249.717215][ T6053] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 249.722727][ T6053] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 249.722750][ T6053] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 249.722788][ T6053] usb 12-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 249.734009][ T6053] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 249.735124][ T6053] usb 12-1: config 0 descriptor?? [ 249.785984][ T5990] Bluetooth: hci2: command 0x0c1a tx timeout [ 249.915964][ T841] usb 10-1: new high-speed USB device number 10 using dummy_hcd [ 250.065953][ T841] usb 10-1: Using ep0 maxpacket: 8 [ 250.067257][ T841] usb 10-1: config 0 interface 0 has no altsetting 0 [ 250.069847][ T841] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 250.072819][ T841] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 250.074327][ T841] usb 10-1: config 0 descriptor?? [ 250.149582][ T6053] input: HID 0955:7214 Haptics as /devices/virtual/input/input59 [ 250.168014][ T6053] shield 0003:0955:7214.001E: Registered Thunderstrike controller [ 250.170676][ T6053] shield 0003:0955:7214.001E: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.7-1/input0 [ 250.348293][T15891] random: crng reseeded on system resumption [ 250.364260][ T53] shield 0003:0955:7214.001E: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 250.364388][ T9909] usb 12-1: USB disconnect, device number 7 [ 250.372750][ T53] shield 0003:0955:7214.001E: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 250.379883][ T53] shield 0003:0955:7214.001E: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 250.384567][ T53] shield 0003:0955:7214.001E: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 250.487973][ T841] mcp2221 0003:04D8:00DD.001F: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 250.626112][ T6047] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 250.656027][ T34] usb 6-1: new high-speed USB device number 24 using dummy_hcd [ 250.688906][ T53] usb 10-1: USB disconnect, device number 10 [ 250.776770][ T6047] usb 5-1: Using ep0 maxpacket: 16 [ 250.780738][ T6047] usb 5-1: config 0 has no interfaces? [ 250.785438][ T6047] usb 5-1: New USB device found, idVendor=0458, idProduct=704a, bcdDevice=3a.55 [ 250.789058][ T6047] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 250.791616][ T6047] usb 5-1: Product: syz [ 250.793027][ T6047] usb 5-1: Manufacturer: syz [ 250.794592][ T6047] usb 5-1: SerialNumber: syz [ 250.802102][ T6047] usb 5-1: config 0 descriptor?? [ 250.807755][ T34] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 250.811957][ T34] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 250.815754][ T34] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 250.819509][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 250.825123][T15928] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 250.830414][ T34] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 251.014510][ T53] usb 5-1: USB disconnect, device number 27 [ 251.036294][ T34] usb 6-1: USB disconnect, device number 24 [ 251.653082][T15988] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4418'. [ 251.658521][T15988] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4418'. [ 251.828966][T16004] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3) [ 251.831132][T16004] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 251.833772][T16004] vhci_hcd vhci_hcd.0: Device attached [ 251.836096][ T9909] usb 12-1: new high-speed USB device number 8 using dummy_hcd [ 251.997286][ T9909] usb 12-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 252.001200][ T9909] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 252.004533][ T9909] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 252.008457][ T9909] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 252.012499][ T9909] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 252.015705][ T9909] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.015958][ T6047] vhci_hcd: vhci_device speed not set [ 252.019551][ T9909] usb 12-1: config 0 descriptor?? [ 252.075953][ T6047] usb 47-1: new full-speed USB device number 2 using vhci_hcd [ 252.077982][ T53] usb 10-1: new low-speed USB device number 11 using dummy_hcd [ 252.227473][ T53] usb 10-1: config 0 has no interfaces? [ 252.229415][ T53] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 252.232539][ T53] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.236678][ T53] usb 10-1: config 0 descriptor?? [ 252.432072][ T9909] plantronics 0003:047F:FFFF.0020: ignoring exceeding usage max [ 252.441723][ T9909] plantronics 0003:047F:FFFF.0020: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 252.446597][ T53] usb 10-1: USB disconnect, device number 11 [ 252.451698][T16005] vhci_hcd: connection reset by peer [ 252.456359][ T1208] vhci_hcd: stop threads [ 252.459731][ T1208] vhci_hcd: release socket [ 252.461718][ T1208] vhci_hcd: disconnect device [ 252.505933][ T6047] vhci_hcd: vhci_device speed not set [ 252.643998][T16011] syzkaller1: entered promiscuous mode [ 252.645706][T16011] syzkaller1: entered allmulticast mode [ 253.059453][T16050] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4447'. [ 253.064061][T16050] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address. [ 253.067163][T16050] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (68719607821) [ 253.087683][T16054] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4449'. [ 253.090626][T16054] netlink: 'syz.1.4449': attribute type 30 has an invalid length. [ 253.100319][ T1208] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 253.103427][ T1208] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 253.107603][ T1208] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 253.110526][T16056] unknown channel width for channel at 909000KHz? [ 253.112903][ T1208] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 253.137902][T16060] pim6reg1: entered promiscuous mode [ 253.139685][T16060] pim6reg1: entered allmulticast mode [ 253.199941][T16068] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 253.542695][T16098] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 253.546382][T16098] overlayfs: fs on './file0' does not support file handles, falling back to xino=off. [ 253.816051][ T6047] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 253.968309][ T6047] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 253.973095][ T6047] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 253.977234][ T6047] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 253.992814][ T6047] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 253.997963][ T6047] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 254.001605][ T6047] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.007799][ T6047] usb 5-1: config 0 descriptor?? [ 254.191251][T16128] GUP no longer grows the stack in syz.5.4483 (16128): 80004000-8000a000 (80002000) [ 254.194763][T16128] CPU: 2 UID: 0 PID: 16128 Comm: syz.5.4483 Not tainted syzkaller #0 PREEMPT(full) [ 254.194780][T16128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 254.194799][T16128] Call Trace: [ 254.194804][T16128] [ 254.194810][T16128] dump_stack_lvl+0x16c/0x1f0 [ 254.194872][T16128] gup_vma_lookup+0x1d2/0x220 [ 254.194910][T16128] __get_user_pages+0x243/0x34a0 [ 254.194931][T16128] ? find_held_lock+0x2b/0x80 [ 254.194943][T16128] ? __pfx___get_user_pages+0x10/0x10 [ 254.194964][T16128] get_user_pages_remote+0x243/0xab0 [ 254.194981][T16128] ? mas_parent_gap+0x6f0/0x7b0 [ 254.194997][T16128] ? __pfx_get_user_pages_remote+0x10/0x10 [ 254.195014][T16128] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 254.195032][T16128] __access_remote_vm+0x24d/0x850 [ 254.195049][T16128] ? do_raw_spin_lock+0x12c/0x2b0 [ 254.195064][T16128] ? __pfx___access_remote_vm+0x10/0x10 [ 254.195082][T16128] proc_pid_cmdline_read+0x4de/0x8e0 [ 254.195095][T16128] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 254.195107][T16128] ? rw_verify_area+0xcf/0x6c0 [ 254.195119][T16128] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 254.195152][T16128] vfs_readv+0x5be/0x8b0 [ 254.195168][T16128] ? __pfx_vfs_readv+0x10/0x10 [ 254.195190][T16128] ? __fget_files+0x20e/0x3c0 [ 254.195207][T16128] ? do_preadv+0x1a6/0x270 [ 254.195217][T16128] do_preadv+0x1a6/0x270 [ 254.195229][T16128] ? __pfx_do_preadv+0x10/0x10 [ 254.195242][T16128] ? rcu_is_watching+0x12/0xc0 [ 254.195256][T16128] __do_fast_syscall_32+0x7c/0x3a0 [ 254.195273][T16128] do_fast_syscall_32+0x32/0x80 [ 254.195288][T16128] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 254.195301][T16128] RIP: 0023:0xf7f28579 [ 254.195310][T16128] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 254.195320][T16128] RSP: 002b:00000000f544655c EFLAGS: 00000296 ORIG_RAX: 000000000000014d [ 254.195330][T16128] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 254.195337][T16128] RDX: 0000000000000001 RSI: 0000000000000300 RDI: 0000000000000000 [ 254.195343][T16128] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 254.195348][T16128] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 254.195354][T16128] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 254.195367][T16128] [ 254.472910][ T6047] hid_parser_main: 11 callbacks suppressed [ 254.472924][ T6047] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 254.477281][ T6047] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 254.486462][ T6047] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 254.489178][ T6047] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 254.491548][ T6047] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 254.493922][ T6047] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 254.496754][ T6047] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 254.499520][ T6047] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 254.501812][ T6047] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 254.504154][ T6047] plantronics 0003:047F:FFFF.0021: unknown main item tag 0x0 [ 254.509862][ T6047] plantronics 0003:047F:FFFF.0021: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 254.727509][T13224] usb 5-1: USB disconnect, device number 28 [ 254.765963][ T60] usb 12-1: reset high-speed USB device number 8 using dummy_hcd [ 254.775993][ T6047] usb 10-1: new high-speed USB device number 12 using dummy_hcd [ 254.921648][ T60] usb 12-1: device firmware changed [ 254.925408][ T841] usb 12-1: USB disconnect, device number 8 [ 254.925933][ T6047] usb 10-1: Using ep0 maxpacket: 16 [ 254.932375][ T6047] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 254.936297][ T6047] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 254.939463][ T6047] usb 10-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.00 [ 254.942801][ T6047] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 254.949475][ T6047] usb 10-1: config 0 descriptor?? [ 255.055999][ T841] usb 12-1: new high-speed USB device number 9 using dummy_hcd [ 255.096052][ T9909] usb 6-1: new high-speed USB device number 25 using dummy_hcd [ 255.207562][ T841] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 255.212025][ T841] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 255.215088][ T841] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 255.219650][ T841] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 255.223079][ T841] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.226876][ T841] usb 12-1: config 0 descriptor?? [ 255.229663][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.231730][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.245958][ T9909] usb 6-1: Using ep0 maxpacket: 8 [ 255.248978][ T9909] usb 6-1: config 0 interface 0 has no altsetting 0 [ 255.251157][ T9909] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 255.254009][ T9909] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.258306][ T9909] usb 6-1: config 0 descriptor?? [ 255.366758][ T6047] input: HID 0458:5012 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/0003:0458:5012.0022/input/input61 [ 255.428357][ T6047] input: HID 0458:5012 as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/0003:0458:5012.0022/input/input62 [ 255.447195][T16161] input: syz1 as /devices/virtual/input/input63 [ 255.536334][ T6047] kye 0003:0458:5012.0022: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5012] on usb-dummy_hcd.5-1/input0 [ 255.568659][T13224] usb 10-1: USB disconnect, device number 12 [ 255.651467][ T841] plantronics 0003:047F:FFFF.0023: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 255.672230][ T9909] mcp2221 0003:04D8:00DD.0024: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 255.715244][T16170] loop8: detected capacity change from 0 to 7 [ 255.721034][T16170] Dev loop8: unable to read RDB block 7 [ 255.723014][T16170] loop8: AHDI p1 p2 p3 [ 255.724426][T16170] loop8: partition table partially beyond EOD, truncated [ 255.727739][T16170] loop8: p1 start 1601398130 is beyond EOD, truncated [ 255.729856][T16170] loop8: p2 start 1702059890 is beyond EOD, truncated [ 255.809962][T13360] Dev loop8: unable to read RDB block 7 [ 255.811799][T13360] loop8: AHDI p1 p2 p3 [ 255.813188][T13360] loop8: partition table partially beyond EOD, truncated [ 255.816171][T13360] loop8: p1 start 1601398130 is beyond EOD, truncated [ 255.818306][T13360] loop8: p2 start 1702059890 is beyond EOD, truncated [ 255.823003][T16170] Dev loop8: unable to read RDB block 7 [ 255.824815][T16170] loop8: AHDI p1 p2 p3 [ 255.826234][T16170] loop8: partition table partially beyond EOD, truncated [ 255.828705][T16170] loop8: p1 start 1601398130 is beyond EOD, truncated [ 255.830880][T16170] loop8: p2 start 1702059890 is beyond EOD, truncated [ 255.873494][ T9909] usb 6-1: USB disconnect, device number 25 [ 255.908347][T13224] usb 12-1: USB disconnect, device number 9 [ 256.133672][T16180] sp0: Synchronizing with TNC [ 256.140266][T16179] [U] [ 256.456120][T16196] syzkaller1: entered promiscuous mode [ 256.458526][T16196] syzkaller1: entered allmulticast mode [ 256.466283][T16196] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 6 [ 256.562791][T16204] mkiss: ax0: crc mode is auto. [ 256.668634][T16216] vivid-001: disconnect [ 256.673513][T16211] vivid-001: reconnect [ 256.727825][T16224] can0: slcan on ptm0. [ 256.966116][ T53] usb 6-1: new high-speed USB device number 26 using dummy_hcd [ 257.126063][ T53] usb 6-1: Using ep0 maxpacket: 8 [ 257.132556][ T53] usb 6-1: unable to get BOS descriptor or descriptor too short [ 257.132811][T16256] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 257.135860][ T53] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 257.141286][ T53] usb 6-1: can't read configurations, error -71 [ 257.186970][T16223] can0 (unregistered): slcan off ptm0. [ 258.124625][T16296] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 258.205191][T16304] netlink: 348 bytes leftover after parsing attributes in process `syz.5.4563'. [ 259.129648][T16341] ptrace attach of "/syz-executor exec"[5987] was attempted by ""[16341] [ 259.320517][T16358] kvm: user requested TSC rate below hardware speed [ 259.724535][T16386] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4598'. [ 259.727508][T16386] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4598'. [ 260.373369][T16430] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4617'. [ 260.727542][T16470] netlink: 188 bytes leftover after parsing attributes in process `syz.0.4637'. [ 260.759658][T16476] 9pnet: p9_errstr2errno: server reported unknown error @0x0000000000000004 [ 260.782798][T16480] loop4: detected capacity change from 0 to 7 [ 260.789605][T13360] Dev loop4: unable to read RDB block 7 [ 260.791411][T13360] loop4: unable to read partition table [ 260.793325][T13360] loop4: partition table beyond EOD, truncated [ 260.796847][T16480] Dev loop4: unable to read RDB block 7 [ 260.799188][T16480] loop4: unable to read partition table [ 260.801494][T16480] loop4: partition table beyond EOD, truncated [ 260.803932][T16480] loop_reread_partitions: partition scan of loop4 (xݗ ) failed (rc=-5) [ 260.840155][T16484] netlink: 16402 bytes leftover after parsing attributes in process `syz.7.4644'. [ 260.992715][T16508] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4654'. [ 261.331099][T16547] syzkaller1: entered promiscuous mode [ 261.333249][T16547] syzkaller1: entered allmulticast mode [ 261.555979][ T9909] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 261.615917][ T6041] usb 10-1: new high-speed USB device number 13 using dummy_hcd [ 261.705940][ T9909] usb 5-1: Using ep0 maxpacket: 8 [ 261.709152][ T9909] usb 5-1: config 0 interface 0 has no altsetting 0 [ 261.711548][ T9909] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 261.714732][ T9909] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.719976][ T9909] usb 5-1: config 0 descriptor?? [ 261.766998][ T6041] usb 10-1: Using ep0 maxpacket: 16 [ 261.781762][ T6041] usb 10-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 261.789931][ T6041] usb 10-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 261.792760][ T6041] usb 10-1: Product: syz [ 261.794178][ T6041] usb 10-1: Manufacturer: syz [ 261.795667][ T6041] usb 10-1: SerialNumber: syz [ 261.800660][ T6041] usb 10-1: config 0 descriptor?? [ 262.013750][ T6041] usb 10-1: USB disconnect, device number 13 [ 262.130713][ T9909] mcp2221 0003:04D8:00DD.0025: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 262.330994][ T6047] usb 5-1: USB disconnect, device number 29 [ 263.126290][ T29] usb 12-1: new high-speed USB device number 10 using dummy_hcd [ 263.293481][ T29] usb 12-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 263.298447][ T29] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 263.302230][ T29] usb 12-1: Product: syz [ 263.303969][ T29] usb 12-1: Manufacturer: syz [ 263.306136][ T29] usb 12-1: SerialNumber: syz [ 263.310043][ T29] usb 12-1: config 0 descriptor?? [ 263.367876][T16657] syzkaller1: entered promiscuous mode [ 263.370154][T16657] syzkaller1: entered allmulticast mode [ 263.424860][T16661] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 263.498609][T16661] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 263.543152][ T6047] usb 12-1: USB disconnect, device number 10 [ 264.128334][T16699] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 264.417271][ T40] kauditd_printk_skb: 80 callbacks suppressed [ 264.417283][ T40] audit: type=1326 audit(2000000185.227:2102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16730 comm="syz.5.4754" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f28579 code=0x0 [ 264.572701][T16742] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 264.577334][T16742] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null. [ 264.690708][ T6047] IPVS: starting estimator thread 0... [ 264.786097][T16754] IPVS: using max 46 ests per chain, 110400 per kthread [ 264.895006][T16775] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 264.943778][T16775] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 265.031343][T16780] vlan2: entered allmulticast mode [ 265.033358][T16780] bond0: entered allmulticast mode [ 265.035572][T16780] bond_slave_0: entered allmulticast mode [ 265.038709][T16780] bond_slave_1: entered allmulticast mode [ 265.336703][T13224] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 265.489155][T13224] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 265.491931][T13224] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.494230][T13224] usb 5-1: Product: syz [ 265.495389][T13224] usb 5-1: Manufacturer: syz [ 265.496828][T13224] usb 5-1: SerialNumber: syz [ 265.499845][T13224] usb 5-1: config 0 descriptor?? [ 265.536515][ T6041] usb 10-1: new high-speed USB device number 14 using dummy_hcd [ 265.635983][ T6047] usb 6-1: new high-speed USB device number 28 using dummy_hcd [ 265.705977][ T6041] usb 10-1: Using ep0 maxpacket: 8 [ 265.709331][ T6041] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 265.713722][ T6041] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 265.716932][ T6041] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 265.723946][ T53] usb 5-1: USB disconnect, device number 30 [ 265.726415][ T6041] usb 10-1: config 0 descriptor?? [ 265.785973][ T6047] usb 6-1: Using ep0 maxpacket: 16 [ 265.789372][ T6047] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 265.793499][ T6047] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 265.799205][ T6047] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 265.804226][ T6047] usb 6-1: config 0 descriptor?? [ 265.813345][ T6047] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input64 [ 265.922952][T16818] loop7: detected capacity change from 0 to 7 [ 265.926147][T16818] Dev loop7: unable to read RDB block 7 [ 265.928544][T16818] loop7: unable to read partition table [ 265.931061][T16818] loop7: partition table beyond EOD, truncated [ 265.933808][T16818] loop_reread_partitions: partition scan of loop7 (被x ) failed (rc=-5) [ 265.943484][ T6041] iowarrior 10-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 265.981803][ T40] audit: type=1326 audit(2000000186.787:2103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16819 comm="syz.7.4794" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 265.991434][ T40] audit: type=1326 audit(2000000186.787:2104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16819 comm="syz.7.4794" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f44598 code=0x7ffc0000 [ 266.000798][ T40] audit: type=1326 audit(2000000186.787:2105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16819 comm="syz.7.4794" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f44598 code=0x7ffc0000 [ 266.007955][ T40] audit: type=1326 audit(2000000186.787:2106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16819 comm="syz.7.4794" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 266.021392][ T40] audit: type=1326 audit(2000000186.787:2107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16819 comm="syz.7.4794" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f44598 code=0x7ffc0000 [ 266.024108][ T5373] bcm5974 6-1:0.0: could not read from device [ 266.028589][ T40] audit: type=1326 audit(2000000186.787:2108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16819 comm="syz.7.4794" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f44598 code=0x7ffc0000 [ 266.028616][ T40] audit: type=1326 audit(2000000186.787:2109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16819 comm="syz.7.4794" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 266.028637][ T40] audit: type=1326 audit(2000000186.787:2110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16819 comm="syz.7.4794" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f44598 code=0x7ffc0000 [ 266.029440][ T40] audit: type=1326 audit(2000000186.787:2111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16819 comm="syz.7.4794" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 266.064160][ T6047] bcm5974 6-1:0.0: could not read from device [ 266.069553][ T5373] bcm5974 6-1:0.0: could not read from device [ 266.077636][ T6047] input: failed to attach handler mousedev to device input64, error: -5 [ 266.084691][ T5373] bcm5974 6-1:0.0: could not read from device [ 266.086721][ T6047] usb 6-1: USB disconnect, device number 28 [ 266.089951][ T5373] bcm5974 6-1:0.0: could not read from device [ 266.094055][T13360] bcm5974 6-1:0.0: could not read from device [ 266.160367][ T6041] usb 10-1: USB disconnect, device number 14 [ 266.162884][ C0] iowarrior 10-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19 [ 266.275984][ T53] usb 12-1: new high-speed USB device number 11 using dummy_hcd [ 266.428097][ T53] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 266.432664][ T53] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 266.436559][ T53] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 266.442330][ T53] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 266.445447][ T53] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.451671][ T53] usb 12-1: config 0 descriptor?? [ 266.863387][ T53] plantronics 0003:047F:FFFF.0026: reserved main item tag 0xd [ 266.868492][ T53] plantronics 0003:047F:FFFF.0026: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 267.005914][ T6041] usb 6-1: new high-speed USB device number 29 using dummy_hcd [ 267.119926][ T60] usb 12-1: USB disconnect, device number 11 [ 267.165980][ T6041] usb 6-1: Using ep0 maxpacket: 32 [ 267.169290][ T6041] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 267.172407][ T6041] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 267.175737][ T6041] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 267.179369][ T6041] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 267.183329][ T6041] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 267.186755][ T6041] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 267.190831][ T6041] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 267.193946][ T6041] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 267.197949][ T6041] usb 6-1: config 0 descriptor?? [ 267.410232][ T6041] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 29 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 267.555375][T16849] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.4808'. [ 267.614327][T13224] usb 6-1: USB disconnect, device number 29 [ 267.620296][T13224] usblp0: removed [ 268.010133][T16887] vivid-001: disconnect [ 268.014371][T16884] vivid-001: reconnect [ 268.042874][T16889] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(4) [ 268.044977][T16889] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 268.050207][T16889] vhci_hcd vhci_hcd.0: Device attached [ 268.225935][ T29] vhci_hcd: vhci_device speed not set [ 268.285992][ T53] usb 10-1: new low-speed USB device number 15 using dummy_hcd [ 268.289002][ T29] usb 47-1: new full-speed USB device number 3 using vhci_hcd [ 268.346013][ T6041] usb 12-1: new high-speed USB device number 12 using dummy_hcd [ 268.437472][ T53] usb 10-1: config 0 has no interfaces? [ 268.439401][ T53] usb 10-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 268.442327][ T53] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.446627][ T53] usb 10-1: config 0 descriptor?? [ 268.515967][ T6041] usb 12-1: Using ep0 maxpacket: 32 [ 268.520669][ T6041] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 268.524365][ T6041] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 268.527808][ T6041] usb 12-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 268.530835][ T6041] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 268.536315][ T6041] usb 12-1: config 0 descriptor?? [ 268.655202][T16890] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 2 [ 268.655981][ T841] usb 10-1: USB disconnect, device number 15 [ 268.659758][ T221] vhci_hcd: stop threads [ 268.662071][ T221] vhci_hcd: release socket [ 268.663626][ T221] vhci_hcd: disconnect device [ 268.956294][ T6041] savu 0003:1E7D:2D5A.0027: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.7-1/input0 [ 269.210394][ T6041] usb 12-1: USB disconnect, device number 12 [ 269.248086][T16919] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4838'. [ 269.251812][T16919] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4838'. [ 269.255603][T16919] netlink: 'syz.5.4838': attribute type 18 has an invalid length. [ 269.263042][ T85] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 269.266330][ T85] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 269.271379][ T85] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 269.274607][ T85] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 269.430154][T16925] bridge0: port 2(bridge_slave_1) entered disabled state [ 269.477531][T16925] netlink: 'syz.5.4841': attribute type 16 has an invalid length. [ 269.479979][T16925] netlink: 'syz.5.4841': attribute type 17 has an invalid length. [ 269.491593][T16925] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 269.915040][T16970] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.4862'. [ 270.136079][ T841] usb 12-1: new high-speed USB device number 13 using dummy_hcd [ 270.186013][ T5979] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 270.186028][ T5990] Bluetooth: hci4: command 0x1003 tx timeout [ 270.255509][ T40] kauditd_printk_skb: 24 callbacks suppressed [ 270.255523][ T40] audit: type=1326 audit(2000000191.057:2136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16986 comm="syz.0.4870" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000 [ 270.267662][ T40] audit: type=1326 audit(2000000191.057:2137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16986 comm="syz.0.4870" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000 [ 270.274729][ T40] audit: type=1326 audit(2000000191.057:2138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16986 comm="syz.0.4870" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 270.282061][ T40] audit: type=1326 audit(2000000191.057:2139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16986 comm="syz.0.4870" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 270.286104][ T841] usb 12-1: Using ep0 maxpacket: 8 [ 270.290343][ T40] audit: type=1326 audit(2000000191.067:2140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16986 comm="syz.0.4870" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 270.293257][ T841] usb 12-1: config 168 descriptor has 1 excess byte, ignoring [ 270.299284][ T40] audit: type=1326 audit(2000000191.067:2141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16986 comm="syz.0.4870" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000 [ 270.302806][ T841] usb 12-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 270.309411][ T40] audit: type=1326 audit(2000000191.067:2142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16986 comm="syz.0.4870" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 270.314117][ T841] usb 12-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 270.320989][ T40] audit: type=1326 audit(2000000191.067:2143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16986 comm="syz.0.4870" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 270.325504][ T841] usb 12-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 270.332563][ T40] audit: type=1326 audit(2000000191.067:2144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16986 comm="syz.0.4870" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 270.337727][ T841] usb 12-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 270.345469][ T40] audit: type=1326 audit(2000000191.067:2145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16986 comm="syz.0.4870" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 270.349182][ T841] usb 12-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 270.360810][ T841] usb 12-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 270.365055][ T841] usb 12-1: config 168 interface 0 has no altsetting 0 [ 270.368353][ T841] usb 12-1: config 168 descriptor has 1 excess byte, ignoring [ 270.370953][ T841] usb 12-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 270.376550][ T841] usb 12-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 270.381043][ T841] usb 12-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 270.384886][ T841] usb 12-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 270.388638][ T841] usb 12-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 270.400457][ T841] usb 12-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 270.408778][ T841] usb 12-1: config 168 interface 0 has no altsetting 0 [ 270.411865][ T841] usb 12-1: config 168 descriptor has 1 excess byte, ignoring [ 270.414457][ T841] usb 12-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 270.419839][ T841] usb 12-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 270.424237][ T841] usb 12-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 270.428369][ T841] usb 12-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 270.433194][ T841] usb 12-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 270.438102][ T841] usb 12-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 270.442699][ T841] usb 12-1: config 168 interface 0 has no altsetting 0 [ 270.448732][ T841] usb 12-1: string descriptor 0 read error: -22 [ 270.450861][ T841] usb 12-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 270.453843][ T841] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 270.464334][ T841] adutux 12-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 270.667323][ T841] usb 12-1: USB disconnect, device number 13 [ 270.707223][ T6053] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 270.875936][ T6053] usb 5-1: Using ep0 maxpacket: 8 [ 270.880272][ T6053] usb 5-1: config 0 interface 0 has no altsetting 0 [ 270.883527][ T6053] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 270.888103][ T6053] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.892238][ T6053] usb 5-1: config 0 descriptor?? [ 270.964208][T17015] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4881'. [ 270.968057][T17015] netlink: 'syz.5.4881': attribute type 7 has an invalid length. [ 270.971246][T17015] netlink: 'syz.5.4881': attribute type 8 has an invalid length. [ 270.974458][T17015] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4881'. [ 271.164511][T17020] macsec0: entered promiscuous mode [ 271.166949][T17020] team0: entered promiscuous mode [ 271.169486][T17020] macsec0: entered allmulticast mode [ 271.171814][T17020] team0: entered allmulticast mode [ 271.317702][ T6053] mcp2221 0003:04D8:00DD.0028: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 271.516454][ T6047] usb 5-1: USB disconnect, device number 31 [ 271.611719][T17049] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4896'. [ 271.755762][T17061] input input66: cannot allocate more than FF_MAX_EFFECTS effects [ 272.006003][ T6016] usb 12-1: new high-speed USB device number 14 using dummy_hcd [ 272.095007][ T5979] Bluetooth: hci3: unexpected cc 0x2039 length: 9 > 1 [ 272.099998][ T5979] Bluetooth: hci3: unexpected event for opcode 0x2039 [ 272.155962][ T6016] usb 12-1: Using ep0 maxpacket: 8 [ 272.159290][ T6016] usb 12-1: config 168 descriptor has 1 excess byte, ignoring [ 272.162437][ T6016] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 272.169815][ T6016] usb 12-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 272.174627][ T6016] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 272.180318][ T6016] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 272.187072][ T6016] usb 12-1: config 168 descriptor has 1 excess byte, ignoring [ 272.189392][ T6016] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 272.193963][ T6016] usb 12-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 272.198889][ T6016] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 272.203859][ T6016] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 272.210907][ T6016] usb 12-1: config 168 descriptor has 1 excess byte, ignoring [ 272.214227][ T6016] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 272.219055][ T6016] usb 12-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 272.224025][ T6016] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 272.228553][ T6016] usb 12-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 272.236437][ T6016] usb 12-1: string descriptor 0 read error: -22 [ 272.239284][ T6016] usb 12-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 272.243074][ T6016] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 272.255101][ T6016] adutux 12-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 272.464689][ T6016] usb 12-1: USB disconnect, device number 14 [ 272.983380][T17132] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4933'. [ 272.986449][T17132] tipc: Cannot configure node identity twice [ 273.386434][ T29] vhci_hcd: vhci_device speed not set [ 273.721795][T17182] loop2: detected capacity change from 0 to 7 [ 273.725194][T13360] Dev loop2: unable to read RDB block 7 [ 273.728244][T13360] loop2: AHDI p1 p2 p3 [ 273.729801][T13360] loop2: partition table partially beyond EOD, truncated [ 273.732638][T13360] loop2: p1 start 1601398130 is beyond EOD, truncated [ 273.734803][T13360] loop2: p2 start 1702059890 is beyond EOD, truncated [ 273.740446][T17182] Dev loop2: unable to read RDB block 7 [ 273.742559][T17182] loop2: AHDI p1 p2 p3 [ 273.743880][T17182] loop2: partition table partially beyond EOD, truncated [ 273.746585][T17182] loop2: p1 start 1601398130 is beyond EOD, truncated [ 273.748807][T17182] loop2: p2 start 1702059890 is beyond EOD, truncated [ 274.011902][T17189] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 274.316019][ T841] usb 5-1: new high-speed USB device number 32 using dummy_hcd [ 274.367380][T13224] usb 12-1: new high-speed USB device number 15 using dummy_hcd [ 274.486317][ T841] usb 5-1: Using ep0 maxpacket: 32 [ 274.489318][ T841] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 274.493267][ T841] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 274.496780][ T841] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 274.501262][ T841] usb 5-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 274.504575][ T841] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.508499][ T841] usb 5-1: config 0 descriptor?? [ 274.536049][T13224] usb 12-1: Using ep0 maxpacket: 32 [ 274.541094][T13224] usb 12-1: config index 0 descriptor too short (expected 29220, got 36) [ 274.543878][T13224] usb 12-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 274.547183][T13224] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 274.550071][T13224] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 274.553517][T13224] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 274.556842][T13224] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 274.560236][T13224] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 274.563253][T13224] usb 12-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 274.567991][T13224] usb 12-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 274.571326][T13224] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.576472][T13224] usb 12-1: config 0 descriptor?? [ 274.785756][T13224] usblp 12-1:0.0: usblp0: USB Bidirectional printer dev 15 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 274.793181][T13224] usb 12-1: USB disconnect, device number 15 [ 274.797794][T13224] usblp0: removed [ 274.930125][ T841] input: HID 0458:5011 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5011.0029/input/input67 [ 274.992428][ T841] input: HID 0458:5011 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0458:5011.0029/input/input68 [ 275.017969][ T841] kye 0003:0458:5011.0029: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.0-1/input0 [ 275.088759][T17239] tipc: Started in network mode [ 275.090416][T17239] tipc: Node identity ac1414aa, cluster identity 4711 [ 275.093183][T17239] tipc: Enabled bearer , priority 10 [ 275.221115][T17246] netlink: 'syz.1.4984': attribute type 1 has an invalid length. [ 275.316051][T13224] usb 12-1: new high-speed USB device number 16 using dummy_hcd [ 275.389169][T17253] netlink: 5 bytes leftover after parsing attributes in process `syz.1.4987'. [ 275.425245][T17255] netlink: 'syz.1.4988': attribute type 23 has an invalid length. [ 275.475905][T13224] usb 12-1: Using ep0 maxpacket: 32 [ 275.479230][T13224] usb 12-1: config index 0 descriptor too short (expected 29220, got 36) [ 275.483169][T13224] usb 12-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 275.486515][T13224] usb 12-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 275.489655][T13224] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 275.494891][T13224] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 275.499000][T13224] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 275.503112][T13224] usb 12-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 275.507566][T13224] usb 12-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 275.513436][T13224] usb 12-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 275.517205][T13224] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 275.528230][T13224] usb 12-1: config 0 descriptor?? [ 275.582537][T17262] overlayfs: upper fs does not support file handles, falling back to index=off. [ 275.590059][T17262] overlayfs: fs on './file0' does not support file handles, falling back to xino=off. [ 275.738698][T13224] usblp 12-1:0.0: usblp1: USB Bidirectional printer dev 16 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 275.795092][T17272] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 649 [ 275.997666][ C3] kye 0003:0458:5011.0029: usb_submit_urb(ctrl) failed: -1 [ 276.002909][ T841] usb 12-1: USB disconnect, device number 16 [ 276.006554][ T841] usblp1: removed [ 276.106004][ T5979] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 276.110054][ T5979] Bluetooth: hci3: Injecting HCI hardware error event [ 276.115480][ T5990] Bluetooth: hci3: hardware error 0x00 [ 276.116069][ T61] tipc: Node number set to 2886997162 [ 276.431203][ T40] kauditd_printk_skb: 131 callbacks suppressed [ 276.431220][ T40] audit: type=1326 audit(2000000197.237:2277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17297 comm="syz.5.5008" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f28579 code=0x0 [ 276.648092][T17308] tipc: Started in network mode [ 276.650307][T17308] tipc: Node identity ac1414aa, cluster identity 4711 [ 276.652710][T17308] tipc: Enabling of bearer rejected, failed to enable media [ 276.659394][T17312] loop7: detected capacity change from 0 to 7 [ 276.663355][ C0] blk_print_req_error: 26 callbacks suppressed [ 276.663373][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 276.669628][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 276.674911][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 276.681556][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 276.687459][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 276.691967][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 276.694586][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 276.697424][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 276.701662][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 276.705656][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 276.711361][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 276.715361][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 276.720869][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 276.723886][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 276.729189][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 276.733722][T17312] ldm_validate_partition_table(): Disk read failed. [ 276.736810][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 276.739880][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 276.742640][ C2] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 276.745729][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 276.748685][ C2] Buffer I/O error on dev loop7, logical block 0, async page read [ 276.751644][T17312] Dev loop7: unable to read RDB block 0 [ 276.754378][T17312] loop7: unable to read partition table [ 276.757051][T17312] loop7: partition table beyond EOD, truncated [ 276.760385][T17312] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 276.789539][ T1147] tipc: Left network mode [ 276.791786][ T6047] usb 5-1: USB disconnect, device number 32 [ 277.536023][ T6047] usb 12-1: new high-speed USB device number 17 using dummy_hcd [ 277.649854][T17389] ALSA: mixer_oss: invalid OSS volume '' [ 277.699982][T17391] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 277.707206][ T6047] usb 12-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 277.711215][ T6047] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 277.715007][ T6047] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 277.722068][ T6047] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 277.731104][ T6047] usb 12-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 277.734363][ T6047] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 277.740069][ T6047] usb 12-1: config 0 descriptor?? [ 278.158809][ T6047] plantronics 0003:047F:FFFF.002A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0 [ 278.196005][ T5990] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 278.302175][T17418] bond0: entered promiscuous mode [ 278.303923][T17418] bond_slave_0: entered promiscuous mode [ 278.306125][T17418] bond_slave_1: entered promiscuous mode [ 278.308867][T17418] batadv0: entered promiscuous mode [ 278.311230][T17418] debugfs: 'hsr1' already exists in 'hsr' [ 278.313212][T17418] Cannot create hsr debugfs directory [ 278.315001][T17418] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network [ 278.318587][T17418] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 278.786410][T17437] io-wq is not configured for unbound workers [ 278.847528][T17443] syzkaller1: entered promiscuous mode [ 278.851218][T17443] syzkaller1: entered allmulticast mode [ 278.908729][T17447] netlink: 48 bytes leftover after parsing attributes in process `syz.5.5074'. [ 279.183249][T17474] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5086'. [ 279.189417][T17474] netlink: 168 bytes leftover after parsing attributes in process `syz.5.5086'. [ 279.193515][T17474] netlink: 168 bytes leftover after parsing attributes in process `syz.5.5086'. [ 279.229053][T17476] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 279.466448][T17356] usb 12-1: string descriptor 0 read error: -2 [ 279.888076][T17498] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5097'. [ 280.015707][T17511] bond0: entered promiscuous mode [ 280.018417][T17511] bond_slave_0: entered promiscuous mode [ 280.020745][T17511] bond_slave_1: entered promiscuous mode [ 280.023473][T17511] batadv0: entered promiscuous mode [ 280.025472][T17511] debugfs: 'hsr1' already exists in 'hsr' [ 280.027361][T17511] Cannot create hsr debugfs directory [ 280.029289][T17511] 8021q: adding VLAN 0 to HW filter on device hsr1 [ 280.051353][T13360] udevd[13360]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 280.198023][ T34] usb 10-1: new high-speed USB device number 16 using dummy_hcd [ 280.248214][T13224] usb 12-1: USB disconnect, device number 17 [ 280.348363][ T34] usb 10-1: config index 0 descriptor too short (expected 45, got 36) [ 280.351090][ T34] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 280.354637][ T34] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 280.358201][ T34] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 280.361614][ T34] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 280.365517][ T34] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 280.368369][ T34] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 280.371985][ T34] usb 10-1: config 0 descriptor?? [ 280.374076][T17506] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 280.786025][ T34] plantronics 0003:047F:FFFF.002B: reserved main item tag 0xd [ 280.797026][ T34] plantronics 0003:047F:FFFF.002B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 280.884245][T17529] netlink: 176 bytes leftover after parsing attributes in process `syz.0.5107'. [ 281.049875][ T24] usb 10-1: USB disconnect, device number 16 [ 281.308226][ T40] audit: type=1326 audit(2000000202.117:2278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17547 comm="syz.0.5116" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7ff1579 code=0x0 [ 281.698616][T17568] input: syz0 as /devices/virtual/input/input71 [ 282.037047][ T34] kernel write not supported for file /dsp (pid: 34 comm: kworker/3:0) [ 282.147183][T17607] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 282.151742][T17607] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 282.158499][T17607] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 282.186018][ T5990] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 282.220837][ T40] audit: type=1326 audit(2000000203.027:2279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17615 comm="syz.5.5144" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x0 [ 282.701935][T17650] overlayfs: upper fs does not support file handles, falling back to index=off. [ 282.704891][T17650] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 283.082608][T17667] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5167'. [ 283.086932][T17667] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5167'. [ 283.588261][T17685] infiniband syz0: set down [ 283.590290][T17685] infiniband syz0: added ipvlan1 [ 283.611557][T17685] RDS/IB: syz0: added [ 283.613386][T17685] smc: adding ib device syz0 with port count 1 [ 283.615355][T17685] smc: ib device syz0 port 1 has pnetid [ 283.685309][T17689] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5177'. [ 283.688468][T17689] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5177'. [ 283.698458][ T85] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 283.701480][ T85] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 283.704751][ T85] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 283.705910][ T6041] usb 10-1: new high-speed USB device number 17 using dummy_hcd [ 283.708211][ T85] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 283.855988][ T6041] usb 10-1: Using ep0 maxpacket: 8 [ 283.860835][ T6041] usb 10-1: config 0 interface 0 has no altsetting 0 [ 283.864586][ T6041] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 283.876864][ T6041] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.885565][ T6041] usb 10-1: config 0 descriptor?? [ 283.897638][T17702] input: syz1 as /devices/virtual/input/input72 [ 284.000321][T17710] af_packet: tpacket_rcv: packet too big, clamped from 44 to 4294967272. macoff=96 [ 284.014210][T17711] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5186'. [ 284.028107][T17711] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5186'. [ 284.222607][T17713] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5188'. [ 284.228472][T17713] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5188'. [ 284.298753][ T6041] mcp2221 0003:04D8:00DD.002C: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0 [ 284.497326][ T53] usb 10-1: USB disconnect, device number 17 [ 284.725974][ T34] usb 5-1: new high-speed USB device number 33 using dummy_hcd [ 284.887777][ T34] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 284.892428][ T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 284.896969][ T34] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 284.900869][ T34] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 284.906094][ T34] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 284.909705][ T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.913868][ T34] usb 5-1: config 0 descriptor?? [ 285.325647][ T34] hid_parser_main: 20 callbacks suppressed [ 285.325658][ T34] plantronics 0003:047F:FFFF.002D: unknown main item tag 0x0 [ 285.338611][ T34] plantronics 0003:047F:FFFF.002D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 285.558150][T17767] block nbd5: shutting down sockets [ 285.588234][ T53] usb 5-1: USB disconnect, device number 33 [ 285.826066][T17786] block nbd2: server does not support multiple connections per device. [ 285.831456][T17786] block nbd2: shutting down sockets [ 285.863067][T17795] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5225'. [ 286.014670][T17814] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5233'. [ 286.020373][T17814] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5233'. [ 286.025948][T13224] usb 12-1: new high-speed USB device number 18 using dummy_hcd [ 286.118962][T17820] overlayfs: workdir and upperdir must reside under the same mount [ 286.185919][T13224] usb 12-1: Using ep0 maxpacket: 8 [ 286.189971][T13224] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 286.193590][T13224] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 286.197540][T13224] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 286.200819][T13224] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 286.205572][T13224] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 286.208797][T13224] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.420514][T13224] usb 12-1: GET_CAPABILITIES returned 0 [ 286.423141][T13224] usbtmc 12-1:16.0: can't read capabilities [ 286.621426][ T60] usb 12-1: USB disconnect, device number 18 [ 286.861144][T17851] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.5251'. [ 287.011774][T17863] Trying to write to read-only block-device nullb0 [ 287.083408][T17870] netlink: 'syz.1.5260': attribute type 4 has an invalid length. [ 287.308548][T17888] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5269'. [ 287.365901][ T53] usb 6-1: new high-speed USB device number 30 using dummy_hcd [ 287.380339][ T40] audit: type=1326 audit(2000000208.187:2280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17892 comm="syz.7.5271" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 287.388793][ T40] audit: type=1326 audit(2000000208.187:2281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17892 comm="syz.7.5271" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 287.395739][ T40] audit: type=1326 audit(2000000208.187:2282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17892 comm="syz.7.5271" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 287.403194][ T40] audit: type=1326 audit(2000000208.187:2283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17892 comm="syz.7.5271" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 287.411466][ T40] audit: type=1326 audit(2000000208.197:2284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17892 comm="syz.7.5271" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 287.419366][ T40] audit: type=1326 audit(2000000208.197:2285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17892 comm="syz.7.5271" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 287.427322][ T40] audit: type=1326 audit(2000000208.197:2286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17892 comm="syz.7.5271" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f44598 code=0x7ffc0000 [ 287.434708][ T40] audit: type=1326 audit(2000000208.197:2287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17892 comm="syz.7.5271" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 287.443091][ T40] audit: type=1326 audit(2000000208.197:2288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17892 comm="syz.7.5271" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f44579 code=0x7ffc0000 [ 287.450316][ T40] audit: type=1326 audit(2000000208.197:2289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17892 comm="syz.7.5271" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f44598 code=0x7ffc0000 [ 287.525972][ T53] usb 6-1: Using ep0 maxpacket: 8 [ 287.529620][ T53] usb 6-1: config 0 interface 0 has no altsetting 0 [ 287.533056][ T53] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 287.536369][ T53] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 287.541302][ T53] usb 6-1: config 0 descriptor?? [ 287.953179][ T53] mcp2221 0003:04D8:00DD.002E: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0 [ 288.153465][ T53] usb 6-1: USB disconnect, device number 30 [ 288.185961][ T63] Bluetooth: hci4: command 0x1003 tx timeout [ 288.186010][ T5990] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 288.232737][T17918] input: syz1 as /devices/virtual/input/input74 [ 288.418810][T17929] netlink: 'syz.7.5288': attribute type 29 has an invalid length. [ 288.746382][ T5979] Bluetooth: hci0: Opcode 0x1407 failed: -110 [ 288.756028][ T5979] Bluetooth: hci0: command 0x0c1a tx timeout [ 288.785679][T17947] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5296'. [ 288.946299][ T53] usb 10-1: new high-speed USB device number 18 using dummy_hcd [ 289.097333][ T53] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 289.101171][ T53] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 289.105762][ T53] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 289.110463][ T53] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 289.116844][ T53] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 289.120609][ T53] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 289.124945][ T53] usb 10-1: config 0 descriptor?? [ 289.206646][T17959] input: syz0 as /devices/virtual/input/input75 [ 289.468655][T17970] netlink: 'syz.0.5307': attribute type 1 has an invalid length. [ 289.471232][T17970] netlink: 'syz.0.5307': attribute type 2 has an invalid length. [ 289.537116][ T53] plantronics 0003:047F:FFFF.002F: ignoring exceeding usage max [ 289.543976][ T53] plantronics 0003:047F:FFFF.002F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 289.734711][ C2] vcan0: j1939_tp_rxtimer: 0xffff88806c2f7000: rx timeout, send abort [ 289.739409][ C2] vcan0: j1939_xtp_rx_abort_one: 0xffff88806c2f7000: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session. [ 289.887286][T17986] overlayfs: failed lookup in lower (newroot/1272, name='file1', err=-40): overlapping layers [ 290.214659][T18007] tipc: Cannot configure node identity twice [ 290.549049][ T6041] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0 [ 290.556580][ T6041] hid-generic 0000:0000:0000.0030: hidraw1: HID v0.00 Device [syz1] on syz0 [ 291.618644][ T53] usb 10-1: USB disconnect, device number 18 [ 291.825971][ T9909] usb 6-1: new high-speed USB device number 31 using dummy_hcd [ 291.987761][ T9909] usb 6-1: Using ep0 maxpacket: 16 [ 291.991942][ T9909] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 291.995866][ T9909] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 33, using maximum allowed: 30 [ 291.999460][ T9909] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 33 [ 292.003502][ T9909] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 292.006602][ T9909] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 292.010940][ T9909] usb 6-1: config 0 descriptor?? [ 292.015241][ T9909] input: bcm5974 as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input76 [ 292.269900][ T5373] bcm5974 6-1:0.0: could not read from device [ 292.277435][T18100] bcm5974 6-1:0.0: could not read from device [ 292.288678][ T5373] bcm5974 6-1:0.0: could not read from device [ 292.296153][ T5373] bcm5974 6-1:0.0: could not read from device [ 292.297569][ T9909] usb 6-1: USB disconnect, device number 31 [ 292.305413][ T5373] bcm5974 6-1:0.0: could not read from device [ 292.395932][ T6041] usb 12-1: new high-speed USB device number 19 using dummy_hcd [ 292.464502][T18145] netlink: 44 bytes leftover after parsing attributes in process `syz.5.5385'. [ 292.467998][T18145] netlink: 43 bytes leftover after parsing attributes in process `syz.5.5385'. [ 292.471164][T18145] netlink: 'syz.5.5385': attribute type 6 has an invalid length. [ 292.475401][T18145] netlink: 'syz.5.5385': attribute type 5 has an invalid length. [ 292.479664][T18145] netlink: 43 bytes leftover after parsing attributes in process `syz.5.5385'. [ 292.547131][T13224] kernel write not supported for file /sequencer2 (pid: 13224 comm: kworker/3:4) [ 292.559507][ T6041] usb 12-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 292.563236][ T6041] usb 12-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 292.567310][ T6041] usb 12-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 292.570167][ T6041] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 292.578850][T18129] raw-gadget.1 gadget.7: fail, usb_ep_enable returned -22 [ 292.587345][ T6041] usb 12-1: Quirk or no altset; falling back to MIDI 1.0 [ 292.792461][ T6041] usb 12-1: USB disconnect, device number 19 [ 293.830275][T13224] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 293.841676][T18202] veth0: entered promiscuous mode [ 293.845464][T18201] veth0: left promiscuous mode [ 293.976036][T13224] usb 5-1: Using ep0 maxpacket: 16 [ 293.987400][T13224] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 293.991587][T13224] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 33, using maximum allowed: 30 [ 293.999657][T13224] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 33 [ 294.004861][T13224] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 294.008836][T13224] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.013787][T13224] usb 5-1: config 0 descriptor?? [ 294.024732][T13224] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input77 [ 294.230064][T18236] Bluetooth: hci0: load_link_keys: too big key_count value 28530 [ 294.276954][ T5373] bcm5974 5-1:0.0: could not read from device [ 294.287300][T18185] bcm5974 5-1:0.0: could not read from device [ 294.303119][ T5373] bcm5974 5-1:0.0: could not read from device [ 294.305402][T13224] usb 5-1: USB disconnect, device number 35 [ 294.309630][ T5373] bcm5974 5-1:0.0: could not read from device [ 294.411229][T18257] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5436'. [ 294.415034][T18257] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5436'. [ 294.651451][T18281] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5447'. [ 294.695258][T18285] pim6reg1: entered promiscuous mode [ 294.698084][T18285] pim6reg1: entered allmulticast mode [ 294.786416][ T9909] usb 10-1: new high-speed USB device number 19 using dummy_hcd [ 294.928524][T18297] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 294.935727][T18297] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.951089][ T9909] usb 10-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 294.954241][ T9909] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 294.958166][ T9909] usb 10-1: Product: syz [ 294.960021][ T9909] usb 10-1: Manufacturer: syz [ 294.962342][ T9909] usb 10-1: SerialNumber: syz [ 294.968914][ T9909] usb 10-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 295.010144][ T9909] usb 10-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 295.022440][T18297] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 295.026701][T18297] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.086783][T18297] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 295.090808][T18297] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.145919][ T53] usb 12-1: new high-speed USB device number 20 using dummy_hcd [ 295.176432][T18297] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 295.180027][T18297] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.222030][T13224] usb 10-1: USB disconnect, device number 19 [ 295.266683][ T1147] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 295.269479][ T1147] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.277001][ T1147] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 295.280051][ T1147] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.289468][ T1147] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 295.292392][ T1147] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.296053][ T53] usb 12-1: Using ep0 maxpacket: 8 [ 295.299859][ T53] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 295.302525][ T46] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 295.303727][ T53] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 295.307266][ T46] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.315242][ T53] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 295.319955][ T53] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 295.325773][ T53] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 295.330544][ T53] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 295.357062][T18305] veth1_to_bond: entered allmulticast mode [ 295.360274][T18305] veth1_to_bond: left allmulticast mode [ 295.540426][ T53] usb 12-1: GET_CAPABILITIES returned 0 [ 295.542240][ T53] usbtmc 12-1:16.0: can't read capabilities [ 295.748319][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.751834][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.755206][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.759383][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.763632][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.767090][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.770290][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.773509][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.776916][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.779868][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.782695][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.785796][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.788901][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.792024][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.795013][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 295.798187][ C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2 [ 295.803581][ T34] usb 12-1: USB disconnect, device number 20 [ 296.026008][ T9909] ath9k_htc 10-1:1.0: ath9k_htc: Target is unresponsive [ 296.029262][ T9909] ath9k_htc: Failed to initialize the device [ 296.033054][T13224] usb 10-1: ath9k_htc: USB layer deinitialized [ 296.336521][T13224] usb 10-1: new high-speed USB device number 20 using dummy_hcd [ 296.427992][ T60] hid-generic 00A0:0006:0003.0031: unknown main item tag 0x0 [ 296.430444][ T60] hid-generic 00A0:0006:0003.0031: unknown main item tag 0x0 [ 296.432816][ T60] hid-generic 00A0:0006:0003.0031: unknown main item tag 0x0 [ 296.435154][ T60] hid-generic 00A0:0006:0003.0031: unknown main item tag 0x0 [ 296.440567][ T60] hid-generic 00A0:0006:0003.0031: unknown main item tag 0x0 [ 296.442996][ T60] hid-generic 00A0:0006:0003.0031: unknown main item tag 0x0 [ 296.445313][ T60] hid-generic 00A0:0006:0003.0031: unknown main item tag 0x0 [ 296.447690][ T60] hid-generic 00A0:0006:0003.0031: unknown main item tag 0x0 [ 296.451367][ T60] hid-generic 00A0:0006:0003.0031: unknown main item tag 0x0 [ 296.453875][ T60] hid-generic 00A0:0006:0003.0031: unknown main item tag 0x0 [ 296.457547][ T60] hid-generic 00A0:0006:0003.0031: hidraw0: HID v0.05 Device [syz1] on syz0 [ 296.506930][T13224] usb 10-1: too many configurations: 9, using maximum allowed: 8 [ 296.510647][T13224] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 296.514268][T13224] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 296.518456][T13224] usb 10-1: config 0 interface 0 has no altsetting 0 [ 296.521631][T13224] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 296.524726][T13224] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 296.528352][T13224] usb 10-1: config 0 interface 0 has no altsetting 0 [ 296.531888][T13224] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 296.537153][T13224] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 296.541122][T13224] usb 10-1: config 0 interface 0 has no altsetting 0 [ 296.544251][T13224] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 296.548022][T13224] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 296.551933][T13224] usb 10-1: config 0 interface 0 has no altsetting 0 [ 296.554978][T13224] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 296.557912][T13224] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 296.561285][T13224] usb 10-1: config 0 interface 0 has no altsetting 0 [ 296.564418][T13224] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 296.567489][ T34] usb 12-1: new high-speed USB device number 21 using dummy_hcd [ 296.570011][T13224] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 296.574500][T13224] usb 10-1: config 0 interface 0 has no altsetting 0 [ 296.577721][T13224] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 296.581320][T13224] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 296.585195][T13224] usb 10-1: config 0 interface 0 has no altsetting 0 [ 296.588164][T13224] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 296.591127][T13224] usb 10-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 296.594871][T13224] usb 10-1: config 0 interface 0 has no altsetting 0 [ 296.598893][T13224] usb 10-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 296.601748][T13224] usb 10-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 296.604775][T13224] usb 10-1: Product: syz [ 296.606463][T13224] usb 10-1: Manufacturer: syz [ 296.608919][T13224] usb 10-1: SerialNumber: syz [ 296.613429][T13224] usb 10-1: config 0 descriptor?? [ 296.621734][T13224] yurex 10-1:0.0: USB YUREX device now attached to Yurex #0 [ 296.656183][ T841] usb 6-1: new full-speed USB device number 32 using dummy_hcd [ 296.755991][ T34] usb 12-1: Using ep0 maxpacket: 16 [ 296.758333][ T40] kauditd_printk_skb: 41 callbacks suppressed [ 296.758348][ T40] audit: type=1326 audit(2000000473.568:2331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18334 comm="syz.0.5472" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000 [ 296.768829][ T40] audit: type=1326 audit(2000000473.568:2332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18334 comm="syz.0.5472" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 296.779031][ T40] audit: type=1326 audit(2000000473.568:2333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18334 comm="syz.0.5472" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 296.779620][ T34] usb 12-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 296.787178][ T40] audit: type=1326 audit(2000000473.568:2334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18334 comm="syz.0.5472" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000 [ 296.790466][ T34] usb 12-1: too many endpoints for config 0 interface 0 altsetting 0: 33, using maximum allowed: 30 [ 296.800178][ T40] audit: type=1326 audit(2000000473.568:2335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18334 comm="syz.0.5472" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 296.802579][ T34] usb 12-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 33 [ 296.812233][ T40] audit: type=1326 audit(2000000473.568:2336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18334 comm="syz.0.5472" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000 [ 296.817757][ T34] usb 12-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 296.826806][ T40] audit: type=1326 audit(2000000473.568:2337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18334 comm="syz.0.5472" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 296.826851][ T40] audit: type=1326 audit(2000000473.568:2338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18334 comm="syz.0.5472" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000 [ 296.826886][ T40] audit: type=1326 audit(2000000473.568:2339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18334 comm="syz.0.5472" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7ff1598 code=0x7ffc0000 [ 296.826922][ T40] audit: type=1326 audit(2000000473.568:2340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18334 comm="syz.0.5472" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff1579 code=0x7ffc0000 [ 296.835341][ T60] usb 10-1: USB disconnect, device number 20 [ 296.840165][ T34] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 296.849309][ T60] yurex 10-1:0.0: USB YUREX #0 now disconnected [ 296.859423][ T841] usb 6-1: config 0 has no interfaces? [ 296.873442][ T34] usb 12-1: config 0 descriptor?? [ 296.875195][ T841] usb 6-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00 [ 296.878984][ T841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 296.881455][ T34] input: bcm5974 as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/input/input78 [ 296.889877][ T841] usb 6-1: config 0 descriptor?? [ 297.099114][ T9909] usb 6-1: USB disconnect, device number 32 [ 297.128550][T18348] evm: overlay not supported [ 297.146043][ T5373] bcm5974 12-1:0.0: could not read from device [ 297.150384][T18312] bcm5974 12-1:0.0: could not read from device [ 297.164564][ T5373] bcm5974 12-1:0.0: could not read from device [ 297.169753][ T34] usb 12-1: USB disconnect, device number 21 [ 297.237848][T18353] block device autoloading is deprecated and will be removed. [ 297.360993][T18359] bridge_slave_0: left allmulticast mode [ 297.363647][T18359] bridge0: port 1(bridge_slave_0) entered disabled state [ 297.373102][T18359] bridge_slave_1: left allmulticast mode [ 297.375541][T18359] bridge_slave_1: left promiscuous mode [ 297.379612][T18359] bridge0: port 2(bridge_slave_1) entered disabled state [ 297.385687][T18359] bond0: (slave bond_slave_0): Releasing backup interface [ 297.389722][T18359] bond_slave_0: left promiscuous mode [ 297.412438][T18359] bond0: (slave bond_slave_1): Releasing backup interface [ 297.415661][T18359] bond_slave_1: left promiscuous mode [ 297.422524][T18359] team0: Port device team_slave_0 removed [ 297.437493][T18359] team0: Port device team_slave_1 removed [ 297.440881][T18359] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 297.585761][T18369] loop3: detected capacity change from 0 to 7 [ 297.591388][T13360] Dev loop3: unable to read RDB block 7 [ 297.593224][T13360] loop3: unable to read partition table [ 297.595146][T13360] loop3: partition table beyond EOD, truncated [ 297.601561][T18369] Dev loop3: unable to read RDB block 7 [ 297.603415][T18369] loop3: unable to read partition table [ 297.605298][T18369] loop3: partition table beyond EOD, truncated [ 297.607490][T18369] loop_reread_partitions: partition scan of loop3 (被x ) failed (rc=-5) [ 297.686103][ T29] usb 10-1: new high-speed USB device number 21 using dummy_hcd [ 297.875058][ T29] usb 10-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 297.880860][ T29] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 297.884333][ T29] usb 10-1: Product: syz [ 297.886277][ T29] usb 10-1: Manufacturer: syz [ 297.888212][ T29] usb 10-1: SerialNumber: syz [ 297.894682][ T29] usb 10-1: config 0 descriptor?? [ 298.020307][T18401] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5501'. [ 298.108689][ T53] usb 10-1: USB disconnect, device number 21 [ 298.316130][ T29] usb 6-1: new high-speed USB device number 33 using dummy_hcd [ 298.476022][ T29] usb 6-1: Using ep0 maxpacket: 8 [ 298.484553][ T29] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 298.488438][ T29] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 298.492954][ T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 298.497698][ T29] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 298.502511][ T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 298.508621][ T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 298.513312][ T29] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 298.518466][ T29] usb 6-1: config 168 interface 0 has no altsetting 0 [ 298.521615][ T29] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 298.523922][ T29] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 298.528760][ T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 298.533421][ T29] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 298.538520][ T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 298.542950][ T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 298.546809][ T29] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 298.551568][ T29] usb 6-1: config 168 interface 0 has no altsetting 0 [ 298.556340][ T29] usb 6-1: config 168 descriptor has 1 excess byte, ignoring [ 298.559272][ T29] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30 [ 298.563109][ T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 298.567019][ T29] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 298.571217][ T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 298.575249][ T29] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 298.579846][ T29] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100 [ 298.584118][ T29] usb 6-1: config 168 interface 0 has no altsetting 0 [ 298.590336][ T29] usb 6-1: string descriptor 0 read error: -22 [ 298.593132][ T29] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 298.597168][ T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 298.606641][ T29] adutux 6-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 298.812076][ T34] usb 6-1: USB disconnect, device number 33 [ 299.115928][ T9909] usb 10-1: new high-speed USB device number 22 using dummy_hcd [ 299.169924][T18458] input: syz1 as /devices/virtual/input/input79 [ 299.288511][ T9909] usb 10-1: config index 0 descriptor too short (expected 39, got 27) [ 299.291684][ T9909] usb 10-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 299.295336][ T9909] usb 10-1: config 0 interface 0 has no altsetting 0 [ 299.306646][ T9909] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 299.310010][ T9909] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 299.313117][ T9909] usb 10-1: Product: syz [ 299.314734][ T9909] usb 10-1: Manufacturer: syz [ 299.319951][ T9909] usb 10-1: SerialNumber: syz [ 299.322807][ T9909] usb 10-1: config 0 descriptor?? [ 299.329948][ T9909] hub 10-1:0.0: bad descriptor, ignoring hub [ 299.332440][ T9909] hub 10-1:0.0: probe with driver hub failed with error -5 [ 299.346444][ T9909] usb 10-1: selecting invalid altsetting 0 [ 300.245948][T18439] usb 10-1: reset high-speed USB device number 22 using dummy_hcd [ 300.408208][T18439] usb 10-1: device firmware changed [ 300.413076][ T9909] usb 10-1: USB disconnect, device number 22 [ 300.556133][ T9909] usb 10-1: new high-speed USB device number 23 using dummy_hcd [ 300.606144][T18552] bond0: (slave ipvlan3): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 300.610280][T18552] bond0: (slave ipvlan3): The slave device specified does not support setting the MAC address [ 300.614235][T18552] bond0: (slave ipvlan3): Error -95 calling set_mac_address [ 300.729452][ T9909] usb 10-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 300.732627][ T9909] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 300.735185][ T9909] usb 10-1: Product: syz [ 300.736668][ T9909] usb 10-1: Manufacturer: syz [ 300.738203][ T9909] usb 10-1: SerialNumber: syz [ 300.744185][ T9909] usb 10-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 300.758922][ T6041] usb 10-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 300.972802][ T6053] usb 10-1: USB disconnect, device number 23 [ 301.785972][ T6041] ath9k_htc 10-1:1.0: ath9k_htc: Target is unresponsive [ 301.788364][ T6041] ath9k_htc: Failed to initialize the device [ 301.791991][ T6053] usb 10-1: ath9k_htc: USB layer deinitialized [ 301.946259][ T5990] Bluetooth: hci4: command 0xfc11 tx timeout [ 301.946372][ T5979] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 302.415970][ T60] usb 10-1: new high-speed USB device number 24 using dummy_hcd [ 302.568105][ T60] usb 10-1: config 0 has no interfaces? [ 302.569784][ T60] usb 10-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 302.572928][ T60] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 302.585668][ T60] usb 10-1: config 0 descriptor?? [ 302.796002][ T6041] usb 10-1: USB disconnect, device number 24 [ 303.084135][T18639] netlink: 'syz.0.5602': attribute type 1 has an invalid length. [ 303.100601][T18639] 8021q: adding VLAN 0 to HW filter on device bond1 [ 303.123673][T18639] bond1: (slave geneve2): making interface the new active one [ 303.129037][T18639] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 303.357481][T18648] netlink: 'syz.5.5606': attribute type 4 has an invalid length. [ 303.470209][T18656] kvm: user requested TSC rate below hardware speed [ 303.477615][T18656] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 303.947611][ T6041] kernel read not supported for file /1424/oom_adj (pid: 6041 comm: kworker/0:4) [ 304.172106][T18704] netlink: 'syz.1.5630': attribute type 1 has an invalid length. [ 304.174798][T18704] netlink: 16074 bytes leftover after parsing attributes in process `syz.1.5630'. [ 304.240112][T18700] syz.0.5628 (18700): drop_caches: 2 [ 304.766283][T18726] netlink: 'syz.7.5639': attribute type 12 has an invalid length. [ 304.769449][T18726] netlink: 'syz.7.5639': attribute type 29 has an invalid length. [ 304.772119][T18726] netlink: 148 bytes leftover after parsing attributes in process `syz.7.5639'. [ 304.775135][T18726] netlink: 'syz.7.5639': attribute type 2 has an invalid length. [ 304.778926][T18726] netlink: 'syz.7.5639': attribute type 3 has an invalid length. [ 304.781304][T18726] netlink: 3 bytes leftover after parsing attributes in process `syz.7.5639'. [ 304.855995][ T53] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 305.028327][ T53] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 305.031948][ T53] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 305.035673][ T53] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 305.041751][ T53] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 305.047747][ T53] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 305.051580][ T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 305.063206][ T53] usb 5-1: config 0 descriptor?? [ 305.066497][T18719] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 305.162383][T18748] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 305.245944][ T9909] usb 10-1: new high-speed USB device number 25 using dummy_hcd [ 305.249459][T18748] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 305.334652][T18748] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 305.410707][ T9909] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 305.414619][ T9909] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 305.418277][ T9909] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 305.421887][ T9909] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 305.426087][ T9909] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 305.429031][ T9909] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 305.430123][T18748] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 305.432836][ T9909] usb 10-1: config 0 descriptor?? [ 305.439015][T18739] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22 [ 305.479054][ T53] hid_parser_main: 3 callbacks suppressed [ 305.479066][ T53] plantronics 0003:047F:FFFF.0032: unknown main item tag 0x0 [ 305.483252][ T53] plantronics 0003:047F:FFFF.0032: unknown main item tag 0x0 [ 305.485550][ T53] plantronics 0003:047F:FFFF.0032: unknown main item tag 0x0 [ 305.488714][ T53] plantronics 0003:047F:FFFF.0032: unknown main item tag 0x0 [ 305.491047][ T53] plantronics 0003:047F:FFFF.0032: unknown main item tag 0x0 [ 305.493385][ T53] plantronics 0003:047F:FFFF.0032: unknown main item tag 0x0 [ 305.495667][ T53] plantronics 0003:047F:FFFF.0032: unknown main item tag 0x0 [ 305.498179][ T53] plantronics 0003:047F:FFFF.0032: unknown main item tag 0x0 [ 305.500528][ T53] plantronics 0003:047F:FFFF.0032: unknown main item tag 0x0 [ 305.503010][ T53] plantronics 0003:047F:FFFF.0032: unknown main item tag 0x0 [ 305.510461][ T53] plantronics 0003:047F:FFFF.0032: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 305.520885][ T1208] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.531522][ T1208] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.541799][ T1208] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.553190][ T1208] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 305.616726][ T29] usb 6-1: new high-speed USB device number 34 using dummy_hcd [ 305.654825][T18758] netlink: 'syz.7.5655': attribute type 10 has an invalid length. [ 305.657529][T18758] netlink: 40 bytes leftover after parsing attributes in process `syz.7.5655'. [ 305.666841][T18758] team0: Port device geneve0 added [ 305.737592][ T53] usb 5-1: USB disconnect, device number 36 [ 305.777173][ T29] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 305.780566][ T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 305.784035][ T29] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 305.788084][ T29] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 305.793715][ T29] usb 6-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 305.798265][ T29] usb 6-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 305.801326][ T29] usb 6-1: Manufacturer: syz [ 305.804548][ T29] usb 6-1: config 0 descriptor?? [ 305.852257][ T9909] plantronics 0003:047F:FFFF.0033: reserved main item tag 0xd [ 305.858024][ T9909] plantronics 0003:047F:FFFF.0033: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0 [ 306.117961][ T841] usb 10-1: USB disconnect, device number 25 [ 306.219462][ T29] appleir 0003:05AC:8243.0034: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 306.383475][T18776] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 306.388370][T18776] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 306.485565][T18776] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 306.488909][T18776] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 306.557716][T18776] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 306.561233][T18776] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 306.634120][T18776] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 306.637678][T18776] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 306.718022][ T53] kernel read not supported for file /rfkill (pid: 53 comm: kworker/1:1) [ 306.800273][ T46] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 306.803373][ T46] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 306.811654][ T1208] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 306.814489][ T1208] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 306.824141][ T1208] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 306.827645][ T1208] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 306.838422][ T1208] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 306.841105][ T1208] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 308.307183][ T6053] usb 6-1: USB disconnect, device number 34 [ 308.585025][T18818] Invalid ELF header magic: != ELF [ 308.825993][T18780] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 308.826004][ T5979] Bluetooth: hci0: command 0x0c1a tx timeout [ 308.830193][T18780] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 308.965931][ T6016] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 309.117205][ T6016] usb 5-1: config 0 has no interfaces? [ 309.120220][ T6016] usb 5-1: New USB device found, idVendor=7d25, idProduct=8e26, bcdDevice= 0.40 [ 309.123642][ T6016] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 309.126695][ T6016] usb 5-1: Product: syz [ 309.128203][ T6016] usb 5-1: Manufacturer: syz [ 309.131073][ T6016] usb 5-1: config 0 descriptor?? [ 309.347796][ T6016] usb 5-1: USB disconnect, device number 37 [ 309.650427][T18780] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 309.652867][T18780] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 309.894604][T18820] Set syz1 is full, maxelem 65536 reached [ 310.005950][ T24] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 310.157524][ T24] usb 5-1: config 0 has no interfaces? [ 310.165770][ T24] usb 5-1: New USB device found, idVendor=7d25, idProduct=8e26, bcdDevice= 0.40 [ 310.168720][ T24] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 310.171696][ T24] usb 5-1: Product: syz [ 310.173063][ T24] usb 5-1: Manufacturer: syz [ 310.176615][ T24] usb 5-1: config 0 descriptor?? [ 310.387535][ T24] usb 5-1: USB disconnect, device number 38 [ 310.858888][T18889] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.5708'. [ 310.957636][T18894] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5709'. [ 311.390863][T18869] Set syz1 is full, maxelem 65536 reached [ 311.827402][T18916] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5720'. [ 312.101714][T18932] input: syz0 as /devices/virtual/input/input81 [ 312.131371][T18929] "syz.0.5725" (18929) uses obsolete ecb(arc4) skcipher [ 312.224859][T18947] block nbd0: Cannot use ioctl interface on a netlink controlled device. [ 312.229523][T18947] block nbd0: shutting down sockets [ 312.363128][T18967] input: syz1 as /devices/virtual/input/input82 [ 312.480104][ T24] libceph: connect (1)[c::]:6789 error -101 [ 312.482395][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 312.557062][T18992] binder: 18990:18992 ioctl c0306201 80000380 returned -14 [ 312.706369][T19004] netlink: 112 bytes leftover after parsing attributes in process `syz.5.5758'. [ 312.731012][T19006] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5759'. [ 312.749162][ T24] libceph: connect (1)[c::]:6789 error -101 [ 312.751344][ T24] libceph: mon0 (1)[c::]:6789 connect error [ 312.846042][ T841] usb 12-1: new high-speed USB device number 22 using dummy_hcd [ 312.997475][ T841] usb 12-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 313.001209][ T841] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 313.004838][ T841] usb 12-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 313.008047][ T841] usb 12-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 313.013464][ T841] usb 12-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 313.016935][ T841] usb 12-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 313.019615][ T841] usb 12-1: Manufacturer: syz [ 313.023017][ T841] usb 12-1: config 0 descriptor?? [ 313.256167][ T6016] libceph: connect (1)[c::]:6789 error -101 [ 313.259375][ T6016] libceph: mon0 (1)[c::]:6789 connect error [ 313.300117][T18979] ceph: No mds server is up or the cluster is laggy [ 313.432730][ T841] hid_parser_main: 6 callbacks suppressed [ 313.432742][ T841] appleir 0003:05AC:8243.0035: unknown main item tag 0x0 [ 313.439791][ T841] appleir 0003:05AC:8243.0035: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.7-1/input0 [ 313.698185][ T24] usb 12-1: USB disconnect, device number 22 [ 313.909217][T19059] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5781'. [ 313.922818][T19059] 8021q: adding VLAN 0 to HW filter on device bond2 [ 313.946663][T19059] 8021q: adding VLAN 0 to HW filter on device bond2 [ 313.949624][T19059] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address [ 313.954883][T19059] bond2: (slave vxcan3): Error -95 calling set_mac_address [ 315.031875][ T40] kauditd_printk_skb: 218 callbacks suppressed [ 315.031887][ T40] audit: type=1326 audit(2000000747.829:2559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19102 comm="syz.5.5799" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x7fc00000 [ 315.041309][ T40] audit: type=1326 audit(2000000747.829:2560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19102 comm="syz.5.5799" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x7fc00000 [ 315.048030][ T40] audit: type=1326 audit(2000000747.829:2561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19102 comm="syz.5.5799" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x7fc00000 [ 315.054478][ T40] audit: type=1326 audit(2000000747.829:2562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19102 comm="syz.5.5799" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f28579 code=0x7fc00000 [ 315.252124][T19111] netlink: 32 bytes leftover after parsing attributes in process `syz.7.5802'. [ 315.284919][T19113] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5803'. [ 315.415238][T19121] input: syz1 as /devices/virtual/input/input83 [ 315.655599][T19137] [ 315.656758][T19137] ===================================================== [ 315.659674][T19137] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 315.662848][T19137] syzkaller #0 Not tainted [ 315.664818][T19137] ----------------------------------------------------- [ 315.669291][T19137] syz.1.5814/19137 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 315.672481][T19137] ffff88806a429750 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x138/0x510 [ 315.676043][T19137] [ 315.676043][T19137] and this task is already holding: [ 315.678691][T19137] ffff888055fdd028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0x10e/0x9b0 [ 315.681925][T19137] which would create a new lock dependency: [ 315.684271][T19137] (&client->buffer_lock){....}-{3:3} -> (&new->fa_lock){....}-{3:3} [ 315.687459][T19137] [ 315.687459][T19137] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 315.691042][T19137] (&dev->event_lock#2){..-.}-{3:3} [ 315.691076][T19137] [ 315.691076][T19137] ... which became SOFTIRQ-irq-safe at: [ 315.696126][T19137] lock_acquire+0x179/0x350 [ 315.697967][T19137] _raw_spin_lock_irqsave+0x3a/0x60 [ 315.700049][T19137] input_inject_event+0x9f/0x3b0 [ 315.702033][T19137] led_set_brightness+0x217/0x290 [ 315.704135][T19137] led_trigger_event+0xda/0x270 [ 315.706119][T19137] kbd_bh+0x21b/0x300 [ 315.707864][T19137] tasklet_action_common+0x284/0x400 [ 315.710120][T19137] handle_softirqs+0x219/0x8e0 [ 315.712306][T19137] run_ksoftirqd+0x3a/0x60 [ 315.714273][T19137] smpboot_thread_fn+0x3f7/0xae0 [ 315.716599][T19137] kthread+0x3c5/0x780 [ 315.718311][T19137] ret_from_fork+0x5d4/0x6f0 [ 315.720160][T19137] ret_from_fork_asm+0x1a/0x30 [ 315.721954][T19137] [ 315.721954][T19137] to a SOFTIRQ-irq-unsafe lock: [ 315.724214][T19137] (tasklist_lock){.+.+}-{3:3} [ 315.724232][T19137] [ 315.724232][T19137] ... which became SOFTIRQ-irq-unsafe at: [ 315.729009][T19137] ... [ 315.729017][T19137] lock_acquire+0x179/0x350 [ 315.731944][T19137] _raw_read_lock+0x5f/0x70 [ 315.733634][T19137] __do_wait+0x105/0x890 [ 315.735738][T19137] do_wait+0x21e/0x5a0 [ 315.737232][T19137] kernel_wait+0x9f/0x160 [ 315.738296][ T40] audit: type=1326 audit(2000000748.519:2563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19102 comm="syz.5.5799" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f28598 code=0x7fc00000 [ 315.738685][T19137] call_usermodehelper_exec_work+0xf1/0x170 [ 315.749518][T19137] process_one_work+0x9cf/0x1b70 [ 315.751156][T19137] worker_thread+0x6c8/0xf10 [ 315.752759][T19137] kthread+0x3c5/0x780 [ 315.754113][T19137] ret_from_fork+0x5d4/0x6f0 [ 315.755645][T19137] ret_from_fork_asm+0x1a/0x30 [ 315.757417][T19137] [ 315.757417][T19137] other info that might help us debug this: [ 315.757417][T19137] [ 315.761015][T19137] Chain exists of: [ 315.761015][T19137] &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock [ 315.761015][T19137] [ 315.765349][T19137] Possible interrupt unsafe locking scenario: [ 315.765349][T19137] [ 315.768252][T19137] CPU0 CPU1 [ 315.769919][T19137] ---- ---- [ 315.771603][T19137] lock(tasklist_lock); [ 315.772949][T19137] local_irq_disable(); [ 315.775035][T19137] lock(&dev->event_lock#2); [ 315.777311][T19137] lock(&client->buffer_lock); [ 315.779600][T19137] [ 315.780708][T19137] lock(&dev->event_lock#2); [ 315.782255][T19137] [ 315.782255][T19137] *** DEADLOCK *** [ 315.782255][T19137] [ 315.784741][T19137] 7 locks held by syz.1.5814/19137: [ 315.786256][T19137] #0: ffff888041aad118 (&evdev->mutex){+.+.}-{4:4}, at: evdev_write+0x184/0x440 [ 315.789100][T19137] #1: ffff888023072230 (&dev->event_lock#2){..-.}-{3:3}, at: input_inject_event+0x9f/0x3b0 [ 315.792265][T19137] #2: ffffffff8e5c10a0 (rcu_read_lock){....}-{1:3}, at: input_inject_event+0xbb/0x3b0 [ 315.795230][T19137] #3: ffffffff8e5c10a0 (rcu_read_lock){....}-{1:3}, at: input_pass_values+0x80/0x880 [ 315.798314][T19137] #4: ffffffff8e5c10a0 (rcu_read_lock){....}-{1:3}, at: evdev_events+0x7b/0x390 [ 315.801535][T19137] #5: ffff888055fdd028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0x10e/0x9b0 [ 315.805306][T19137] #6: ffffffff8e5c10a0 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x62/0x510 [ 315.808789][T19137] [ 315.808789][T19137] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 315.812368][T19137] -> (&dev->event_lock#2){..-.}-{3:3} { [ 315.814597][T19137] IN-SOFTIRQ-W at: [ 315.815911][T19137] lock_acquire+0x179/0x350 [ 315.818377][T19137] _raw_spin_lock_irqsave+0x3a/0x60 [ 315.820580][T19137] input_inject_event+0x9f/0x3b0 [ 315.822722][T19137] led_set_brightness+0x217/0x290 [ 315.824842][T19137] led_trigger_event+0xda/0x270 [ 315.827030][T19137] kbd_bh+0x21b/0x300 [ 315.828853][T19137] tasklet_action_common+0x284/0x400 [ 315.831056][T19137] handle_softirqs+0x219/0x8e0 [ 315.833107][T19137] run_ksoftirqd+0x3a/0x60 [ 315.835050][T19137] smpboot_thread_fn+0x3f7/0xae0 [ 315.837202][T19137] kthread+0x3c5/0x780 [ 315.839052][T19137] ret_from_fork+0x5d4/0x6f0 [ 315.841042][T19137] ret_from_fork_asm+0x1a/0x30 [ 315.843087][T19137] INITIAL USE at: [ 315.844335][T19137] lock_acquire+0x179/0x350 [ 315.846268][T19137] _raw_spin_lock_irqsave+0x3a/0x60 [ 315.848591][T19137] input_inject_event+0x9f/0x3b0 [ 315.850931][T19137] led_set_brightness+0x217/0x290 [ 315.853181][T19137] kbd_led_trigger_activate+0xcb/0x110 [ 315.855433][T19137] led_trigger_set+0x59a/0xc50 [ 315.857547][T19137] led_trigger_set_default+0x1e0/0x2e0 [ 315.859796][T19137] led_classdev_register_ext+0x7b8/0xa10 [ 315.862098][T19137] input_leds_connect+0x552/0x8e0 [ 315.864198][T19137] input_attach_handler.isra.0+0x173/0x250 [ 315.866539][T19137] input_register_device+0xab9/0x1180 [ 315.868876][T19137] atkbd_connect+0x5f8/0xa40 [ 315.871034][T19137] serio_driver_probe+0x7f/0xd0 [ 315.873435][T19137] really_probe+0x23e/0xa90 [ 315.875790][T19137] __driver_probe_device+0x1de/0x440 [ 315.878097][T19137] driver_probe_device+0x4c/0x1b0 [ 315.880246][T19137] __driver_attach+0x283/0x580 [ 315.882587][T19137] bus_for_each_dev+0x13b/0x1d0 [ 315.885330][T19137] serio_handle_event+0x335/0xc30 [ 315.887566][T19137] process_one_work+0x9cf/0x1b70 [ 315.889713][T19137] worker_thread+0x6c8/0xf10 [ 315.891849][T19137] kthread+0x3c5/0x780 [ 315.894286][T19137] ret_from_fork+0x5d4/0x6f0 [ 315.896975][T19137] ret_from_fork_asm+0x1a/0x30 [ 315.899522][T19137] } [ 315.900360][T19137] ... key at: [] __key.7+0x0/0x40 [ 315.902625][T19137] -> (&client->buffer_lock){....}-{3:3} { [ 315.904369][T19137] INITIAL USE at: [ 315.905569][T19137] lock_acquire+0x179/0x350 [ 315.907725][T19137] _raw_spin_lock+0x2e/0x40 [ 315.909894][T19137] evdev_pass_values+0x10e/0x9b0 [ 315.912039][T19137] evdev_events+0x1bb/0x390 [ 315.913919][T19137] input_pass_values+0x74b/0x880 [ 315.915987][T19137] input_handle_event+0xb29/0x14d0 [ 315.918582][T19137] input_inject_event+0x1e8/0x3b0 [ 315.920648][T19137] kd_sound_helper+0x17a/0x280 [ 315.922653][T19137] input_handler_for_each_handle+0xd4/0x250 [ 315.924946][T19137] kd_mksound+0x88/0x130 [ 315.926843][T19137] do_con_write+0x3241/0x8280 [ 315.929337][T19137] con_write+0x23/0xb0 [ 315.931151][T19137] n_tty_write+0x41f/0x11e0 [ 315.933058][T19137] file_tty_write.constprop.0+0x504/0x9b0 [ 315.935333][T19137] vfs_write+0x7d0/0x11d0 [ 315.937393][T19137] ksys_write+0x12a/0x250 [ 315.939696][T19137] __do_fast_syscall_32+0x7c/0x3a0 [ 315.941793][T19137] do_fast_syscall_32+0x32/0x80 [ 315.943788][T19137] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 315.946217][T19137] } [ 315.947165][T19137] ... key at: [] __key.1+0x0/0x40 [ 315.949474][T19137] ... acquired at: [ 315.951029][T19137] _raw_spin_lock+0x2e/0x40 [ 315.952956][T19137] evdev_pass_values+0x10e/0x9b0 [ 315.955062][T19137] evdev_events+0x1bb/0x390 [ 315.956980][T19137] input_pass_values+0x74b/0x880 [ 315.959032][T19137] input_handle_event+0xb29/0x14d0 [ 315.961175][T19137] input_inject_event+0x1e8/0x3b0 [ 315.963312][T19137] kd_sound_helper+0x17a/0x280 [ 315.965318][T19137] input_handler_for_each_handle+0xd4/0x250 [ 315.967871][T19137] kd_mksound+0x88/0x130 [ 315.969776][T19137] do_con_write+0x3241/0x8280 [ 315.971904][T19137] con_write+0x23/0xb0 [ 315.973681][T19137] n_tty_write+0x41f/0x11e0 [ 315.975541][T19137] file_tty_write.constprop.0+0x504/0x9b0 [ 315.977556][T19137] vfs_write+0x7d0/0x11d0 [ 315.979439][T19137] ksys_write+0x12a/0x250 [ 315.981368][T19137] __do_fast_syscall_32+0x7c/0x3a0 [ 315.983599][T19137] do_fast_syscall_32+0x32/0x80 [ 315.985778][T19137] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 315.988540][T19137] [ 315.989583][T19137] [ 315.989583][T19137] the dependencies between the lock to be acquired [ 315.989592][T19137] and SOFTIRQ-irq-unsafe lock: [ 315.995278][T19137] -> (tasklist_lock){.+.+}-{3:3} { [ 315.997281][T19137] HARDIRQ-ON-R at: [ 315.998675][T19137] lock_acquire+0x179/0x350 [ 316.000818][T19137] _raw_read_lock+0x5f/0x70 [ 316.002953][T19137] __do_wait+0x105/0x890 [ 316.004915][T19137] do_wait+0x21e/0x5a0 [ 316.007059][T19137] kernel_wait+0x9f/0x160 [ 316.009004][T19137] call_usermodehelper_exec_work+0xf1/0x170 [ 316.011435][T19137] process_one_work+0x9cf/0x1b70 [ 316.013586][T19137] worker_thread+0x6c8/0xf10 [ 316.015636][T19137] kthread+0x3c5/0x780 [ 316.017721][T19137] ret_from_fork+0x5d4/0x6f0 [ 316.020117][T19137] ret_from_fork_asm+0x1a/0x30 [ 316.022319][T19137] SOFTIRQ-ON-R at: [ 316.023676][T19137] lock_acquire+0x179/0x350 [ 316.025791][T19137] _raw_read_lock+0x5f/0x70 [ 316.028352][T19137] __do_wait+0x105/0x890 [ 316.030973][T19137] do_wait+0x21e/0x5a0 [ 316.033542][T19137] kernel_wait+0x9f/0x160 [ 316.036204][T19137] call_usermodehelper_exec_work+0xf1/0x170 [ 316.039067][T19137] process_one_work+0x9cf/0x1b70 [ 316.041282][T19137] worker_thread+0x6c8/0xf10 [ 316.043425][T19137] kthread+0x3c5/0x780 [ 316.045377][T19137] ret_from_fork+0x5d4/0x6f0 [ 316.047518][T19137] ret_from_fork_asm+0x1a/0x30 [ 316.049672][T19137] INITIAL USE at: [ 316.051035][T19137] lock_acquire+0x179/0x350 [ 316.053215][T19137] _raw_write_lock_irq+0x36/0x50 [ 316.055401][T19137] copy_process+0x4caf/0x7690 [ 316.057558][T19137] kernel_clone+0xfc/0x930 [ 316.059578][T19137] user_mode_thread+0xc7/0x110 [ 316.061735][T19137] rest_init+0x23/0x2b0 [ 316.063710][T19137] start_kernel+0x3ee/0x4d0 [ 316.065755][T19137] x86_64_start_reservations+0x18/0x30 [ 316.068160][T19137] x86_64_start_kernel+0x130/0x190 [ 316.070390][T19137] common_startup_64+0x13e/0x148 [ 316.072604][T19137] INITIAL READ USE at: [ 316.074059][T19137] lock_acquire+0x179/0x350 [ 316.076212][T19137] _raw_read_lock+0x5f/0x70 [ 316.078375][T19137] __do_wait+0x105/0x890 [ 316.080496][T19137] do_wait+0x21e/0x5a0 [ 316.082555][T19137] kernel_wait+0x9f/0x160 [ 316.084749][T19137] call_usermodehelper_exec_work+0xf1/0x170 [ 316.087403][T19137] process_one_work+0x9cf/0x1b70 [ 316.089724][T19137] worker_thread+0x6c8/0xf10 [ 316.091989][T19137] kthread+0x3c5/0x780 [ 316.094075][T19137] ret_from_fork+0x5d4/0x6f0 [ 316.096304][T19137] ret_from_fork_asm+0x1a/0x30 [ 316.098590][T19137] } [ 316.099508][T19137] ... key at: [] tasklist_lock+0x18/0x40 [ 316.101972][T19137] ... acquired at: [ 316.103279][T19137] _raw_read_lock+0x5f/0x70 [ 316.104766][T19137] send_sigurg+0xed/0xc80 [ 316.106186][T19137] sk_send_sigurg+0x76/0x360 [ 316.107719][T19137] unix_stream_sendmsg+0xfa5/0x1340 [ 316.109426][T19137] ____sys_sendmsg+0xa98/0xc70 [ 316.110983][T19137] ___sys_sendmsg+0x134/0x1d0 [ 316.112556][T19137] __sys_sendmmsg+0x2f9/0x420 [ 316.114089][T19137] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 316.115947][T19137] __do_fast_syscall_32+0x7c/0x3a0 [ 316.117637][T19137] do_fast_syscall_32+0x32/0x80 [ 316.119281][T19137] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.121295][T19137] [ 316.122101][T19137] -> (&f_owner->lock){....}-{3:3} { [ 316.123852][T19137] INITIAL USE at: [ 316.125253][T19137] lock_acquire+0x179/0x350 [ 316.127449][T19137] _raw_write_lock_irq+0x36/0x50 [ 316.129635][T19137] __f_setown+0x61/0x3c0 [ 316.131633][T19137] generic_setlease+0xeef/0x1300 [ 316.133760][T19137] kernel_setlease+0x106/0x140 [ 316.135928][T19137] vfs_setlease+0x258/0x2d0 [ 316.137955][T19137] fcntl_setlease+0x3ed/0x5a0 [ 316.140034][T19137] do_fcntl+0x751/0x15a0 [ 316.141947][T19137] do_compat_fcntl64+0x367/0x710 [ 316.144038][T19137] __do_fast_syscall_32+0x7c/0x3a0 [ 316.146247][T19137] do_fast_syscall_32+0x32/0x80 [ 316.148358][T19137] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.151046][T19137] INITIAL READ USE at: [ 316.152481][T19137] lock_acquire+0x179/0x350 [ 316.154580][T19137] _raw_read_lock_irqsave+0x74/0x90 [ 316.156942][T19137] send_sigio+0x31/0x3e0 [ 316.159034][T19137] kill_fasync+0x214/0x510 [ 316.161153][T19137] lease_break_callback+0x23/0x30 [ 316.163511][T19137] __break_lease+0x671/0x1810 [ 316.165732][T19137] do_dentry_open+0x91f/0x1530 [ 316.167969][T19137] vfs_open+0x82/0x3f0 [ 316.169976][T19137] path_openat+0x1de4/0x2cb0 [ 316.172178][T19137] do_filp_open+0x20b/0x470 [ 316.174293][T19137] do_sys_openat2+0x11b/0x1d0 [ 316.176465][T19137] __ia32_compat_sys_open+0x146/0x1e0 [ 316.178909][T19137] __do_fast_syscall_32+0x7c/0x3a0 [ 316.181240][T19137] do_fast_syscall_32+0x32/0x80 [ 316.183485][T19137] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.186113][T19137] } [ 316.187027][T19137] ... key at: [] __key.1+0x0/0x40 [ 316.189320][T19137] ... acquired at: [ 316.190592][T19137] _raw_read_lock_irqsave+0x74/0x90 [ 316.192356][T19137] send_sigio+0x31/0x3e0 [ 316.193784][T19137] kill_fasync+0x214/0x510 [ 316.195288][T19137] lease_break_callback+0x23/0x30 [ 316.197105][T19137] __break_lease+0x671/0x1810 [ 316.198915][T19137] do_dentry_open+0x91f/0x1530 [ 316.200975][T19137] vfs_open+0x82/0x3f0 [ 316.202520][T19137] path_openat+0x1de4/0x2cb0 [ 316.203988][T19137] do_filp_open+0x20b/0x470 [ 316.205443][T19137] do_sys_openat2+0x11b/0x1d0 [ 316.206950][T19137] __ia32_compat_sys_open+0x146/0x1e0 [ 316.208724][T19137] __do_fast_syscall_32+0x7c/0x3a0 [ 316.210339][T19137] do_fast_syscall_32+0x32/0x80 [ 316.211845][T19137] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.213722][T19137] [ 316.214457][T19137] -> (&new->fa_lock){....}-{3:3} { [ 316.216060][T19137] INITIAL USE at: [ 316.217258][T19137] lock_acquire+0x179/0x350 [ 316.219042][T19137] _raw_write_lock_irq+0x36/0x50 [ 316.220973][T19137] fasync_insert_entry+0x1ca/0x2a0 [ 316.222987][T19137] lease_setup+0x9d/0x160 [ 316.224772][T19137] generic_setlease+0xeef/0x1300 [ 316.226715][T19137] kernel_setlease+0x106/0x140 [ 316.228594][T19137] vfs_setlease+0x258/0x2d0 [ 316.230477][T19137] fcntl_setlease+0x3ed/0x5a0 [ 316.232432][T19137] do_fcntl+0x751/0x15a0 [ 316.234246][T19137] do_compat_fcntl64+0x367/0x710 [ 316.236254][T19137] __do_fast_syscall_32+0x7c/0x3a0 [ 316.238310][T19137] do_fast_syscall_32+0x32/0x80 [ 316.240241][T19137] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.242606][T19137] INITIAL READ USE at: [ 316.243926][T19137] lock_acquire+0x179/0x350 [ 316.246078][T19137] _raw_read_lock_irqsave+0x74/0x90 [ 316.248974][T19137] kill_fasync+0x138/0x510 [ 316.251637][T19137] lease_break_callback+0x23/0x30 [ 316.254477][T19137] __break_lease+0x671/0x1810 [ 316.257100][T19137] do_dentry_open+0x91f/0x1530 [ 316.259501][T19137] vfs_open+0x82/0x3f0 [ 316.261367][T19137] path_openat+0x1de4/0x2cb0 [ 316.263383][T19137] do_filp_open+0x20b/0x470 [ 316.265333][T19137] do_sys_openat2+0x11b/0x1d0 [ 316.267399][T19137] __ia32_compat_sys_open+0x146/0x1e0 [ 316.269857][T19137] __do_fast_syscall_32+0x7c/0x3a0 [ 316.272412][T19137] do_fast_syscall_32+0x32/0x80 [ 316.274482][T19137] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.277169][T19137] } [ 316.278011][T19137] ... key at: [] __key.0+0x0/0x40 [ 316.280307][T19137] ... acquired at: [ 316.281542][T19137] lock_acquire+0x179/0x350 [ 316.283094][T19137] _raw_read_lock_irqsave+0x74/0x90 [ 316.284830][T19137] kill_fasync+0x138/0x510 [ 316.286316][T19137] evdev_pass_values+0x619/0x9b0 [ 316.288390][T19137] evdev_events+0x1bb/0x390 [ 316.290114][T19137] input_pass_values+0x74b/0x880 [ 316.291756][T19137] input_handle_event+0xf00/0x14d0 [ 316.293410][T19137] input_inject_event+0x1e8/0x3b0 [ 316.295049][T19137] evdev_write+0x2e1/0x440 [ 316.296487][T19137] vfs_write+0x29d/0x11d0 [ 316.297946][T19137] ksys_write+0x1f8/0x250 [ 316.299371][T19137] __do_fast_syscall_32+0x7c/0x3a0 [ 316.301011][T19137] do_fast_syscall_32+0x32/0x80 [ 316.302592][T19137] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.304599][T19137] [ 316.305361][T19137] [ 316.305361][T19137] stack backtrace: [ 316.307238][T19137] CPU: 3 UID: 0 PID: 19137 Comm: syz.1.5814 Not tainted syzkaller #0 PREEMPT(full) [ 316.307252][T19137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 316.307259][T19137] Call Trace: [ 316.307264][T19137] [ 316.307269][T19137] dump_stack_lvl+0x116/0x1f0 [ 316.307283][T19137] check_irq_usage+0x7dc/0x920 [ 316.307297][T19137] ? tracing_record_taskinfo_sched_switch+0x54/0x400 [ 316.307314][T19137] ? check_path.constprop.0+0x24/0x50 [ 316.307328][T19137] ? __lock_acquire+0x12bc/0x1ce0 [ 316.307340][T19137] __lock_acquire+0x12bc/0x1ce0 [ 316.307355][T19137] lock_acquire+0x179/0x350 [ 316.307367][T19137] ? kill_fasync+0x138/0x510 [ 316.307384][T19137] _raw_read_lock_irqsave+0x74/0x90 [ 316.307395][T19137] ? kill_fasync+0x138/0x510 [ 316.307409][T19137] kill_fasync+0x138/0x510 [ 316.307423][T19137] evdev_pass_values+0x619/0x9b0 [ 316.307434][T19137] evdev_events+0x1bb/0x390 [ 316.307445][T19137] input_pass_values+0x74b/0x880 [ 316.307455][T19137] input_handle_event+0xf00/0x14d0 [ 316.307464][T19137] ? _copy_from_user+0x59/0xd0 [ 316.307482][T19137] input_inject_event+0x1e8/0x3b0 [ 316.307493][T19137] evdev_write+0x2e1/0x440 [ 316.307502][T19137] ? __pfx_evdev_write+0x10/0x10 [ 316.307511][T19137] ? common_file_perm+0x1a9/0x340 [ 316.307524][T19137] ? bpf_lsm_file_permission+0x9/0x10 [ 316.307539][T19137] ? security_file_permission+0x71/0x210 [ 316.307553][T19137] ? rw_verify_area+0xcf/0x6c0 [ 316.307563][T19137] ? __pfx_evdev_write+0x10/0x10 [ 316.307572][T19137] vfs_write+0x29d/0x11d0 [ 316.307584][T19137] ? __pfx_vfs_write+0x10/0x10 [ 316.307595][T19137] ? find_held_lock+0x2b/0x80 [ 316.307604][T19137] ? __fget_files+0x204/0x3c0 [ 316.307616][T19137] ? __fget_files+0x20e/0x3c0 [ 316.307628][T19137] ksys_write+0x1f8/0x250 [ 316.307639][T19137] ? __pfx_ksys_write+0x10/0x10 [ 316.307650][T19137] ? rcu_is_watching+0x12/0xc0 [ 316.307661][T19137] __do_fast_syscall_32+0x7c/0x3a0 [ 316.307676][T19137] do_fast_syscall_32+0x32/0x80 [ 316.307689][T19137] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.307702][T19137] RIP: 0023:0xf70ee579 [ 316.307710][T19137] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 316.307720][T19137] RSP: 002b:00000000f54de55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 316.307730][T19137] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000040 [ 316.307736][T19137] RDX: 0000000000001068 RSI: 0000000000000000 RDI: 0000000000000000 [ 316.307742][T19137] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 316.307748][T19137] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 316.307754][T19137] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 316.307763][T19137] [ 316.678338][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.680473][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 VM DIAGNOSIS: 16:12:28 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffff88802b53ffc0 RCX=ffffffff81af11d1 RDX=ffff8880201bc880 RSI=ffffffff81af11ab RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc900006df888 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=dffffc0000000000 R13=ffffed10056a7ff9 R14=0000000000000001 R15=0000000000000003 RIP=ffffffff81af11b2 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880974c3000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080003000 CR3=000000000e380000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffffc9000391ff58 RCX=0000000000000814 RDX=0000000000000000 RSI=ffffffff8c162c80 RDI=0000000000000014 RBP=ffffc9000391ff48 RSP=ffffc9000391ff18 R8 =0000000000000000 R9 =fffffbfff2156f32 R10=ffffffff90ab7997 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff81695968 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880975c3000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000032417ffc CR3=000000005a310000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=ffff888025ee29cc RCX=ffffffff8b919618 RDX=0000000000000009 RSI=ffff888025ee2440 RDI=ffff88802b43a440 RBP=ffffc90002f1fc28 RSP=ffffc90002f1fa68 R8 =0000000000000000 R9 =ffffed1004bdc488 R10=ffff888025ee2447 R11=0000000000000000 R12=0000000000000000 R13=0000000017237e00 R14=ffff88802b43a440 R15=ffff888025ee2458 RIP=ffffffff818d9a1e RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880976c3000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f8dd51225d0 CR3=000000002a069000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73f4ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000000002d RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85616d85 RDI=ffffffff9b0f9700 RBP=ffffffff9b0f96c0 RSP=ffffc900037df2f0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000002d R14=ffffffff9b0f96c0 R15=ffffffff85616d20 RIP=ffffffff85616daf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880977c3000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f744d6f0 CR3=00000000612e7000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000