last executing test programs: 7.245867883s ago: executing program 4 (id=16682): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000010000100ab5a0000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4024}, 0x4000010) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40) syz_emit_ethernet(0x86, &(0x7f00000004c0)={@random="158962126af4", @multicast, @void, {@ipv6={0x86dd, @generic={0x9, 0x6, "0251c6", 0x50, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @remote, {[@hopopts={0x0, 0x9, '\x00', [@jumbo={0xc2, 0x4, 0xb6}, @enc_lim={0x4, 0x1, 0x9}, @enc_lim, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @generic={0x1, 0x24, "605433ec4ec9652b595e9bae14bb07760e4fa2a9749490561352d096965ec28cd4a866d4"}, @ra={0x5, 0x2, 0x8000}]}]}}}}}, 0x0) 6.985071861s ago: executing program 4 (id=16684): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x0, 0x0, @remote, 0x9}], 0x1c) sendmsg$inet(r0, &(0x7f0000001540)={&(0x7f0000000000)={0x2, 0x4e1e, @rand_addr=0x640100fc}, 0x10, &(0x7f00000014c0)=[{&(0x7f0000000040)='I', 0x1}], 0x1}, 0x80) setsockopt(r0, 0x84, 0x7f, &(0x7f0000000140)="0200000009800089", 0x8) 5.900050422s ago: executing program 4 (id=16697): syz_open_dev$sndpcmc(&(0x7f0000000d00), 0x0, 0x0) io_setup(0x6, &(0x7f0000001380)=0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00') io_submit(r0, 0x1, &(0x7f00000002c0)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x1000, r1, 0x0, 0x0, 0x3, 0x0, 0x2, r1}]) 5.649952955s ago: executing program 4 (id=16701): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000480)={0x53, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) readv(r1, &(0x7f0000000380)=[{&(0x7f0000000100)=""/176, 0xb0}], 0x1) 2.47218675s ago: executing program 4 (id=16748): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000800)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0xffea, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3000000071000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0c00018008000100000001000c0002"], 0x30}}, 0x0) 2.431682274s ago: executing program 1 (id=16749): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x2c, r1, 0x1, 0x0, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x6, 0x1, [0xc, 0xc]}]}]}]}, 0x2c}}, 0x0) 2.308485208s ago: executing program 4 (id=16751): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10c4, 0xea90, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)={0x0, 0x0, 0x8, {0x8, 0x0, "392cdaab4a73"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000500)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x1, 0x3, '\x00\x00\x00'}, 0x0}) 2.261995998s ago: executing program 2 (id=16752): r0 = syz_open_dev$media(&(0x7f0000000000), 0x3f, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000006, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc01c7c02, &(0x7f00000000c0)={0x80000000, 0x0, &(0x7f0000002c40)}) 2.232646364s ago: executing program 1 (id=16753): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}, 0x11}], 0x400000000000172, 0x4001c00) 2.04757504s ago: executing program 1 (id=16757): r0 = syz_usb_connect(0x3, 0x2d, &(0x7f00000006c0)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000800)={0x2c, &(0x7f0000000840)={0x20, 0x1}, 0x0, 0x0, 0x0, 0x0}) 1.830993717s ago: executing program 0 (id=16760): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000014000100fcffffff000000000a000000", @ANYRES32=r2, @ANYBLOB="14000100ff02000000000000000000000000e900080008000204000014000600050000000700"], 0x48}}, 0x0) 1.730328596s ago: executing program 0 (id=16762): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000240)={0xffffffffffffffff}, 0x111, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000080)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000380), r1, 0x0, 0x2, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000040)={0x7, 0x8, 0xfa00, {r1}}, 0x10) 1.559867928s ago: executing program 0 (id=16764): r0 = socket(0x1000000000000010, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001100)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000200000000000c00095000000000000002ba728041598d6fbd30cb599e83d24a3aa81d36b26fb0b71d0e6adfefcf1d8f7faf75e0f226bd99eea7960717142fa9ea4318123741c4a0e168c1886d0d4d94f2f4e345c652fbc16ee988e6e0dc8cedf3ce99fbfbf9b0a4def23d410f6296b32a334388107200759cda9036b4e369a9e152ddcc7f05a5f3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c3b35967deabe802f5ab3e89bd6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ececb0cd2b6d357b85a0218ce740068725837074e098ee207d2f73902fbcfcf49822775985bf32d715f5888b24efa000000000000ffffffdf000000000000000000000089a7b9b00000000000000000000000000000b27cf3d1848a54d7132be1ffb0adf9deab29ea3323aa9fdfb52faf449c3bfd09000000b91ab219efdebb7b3de8f67581cf796a1d4223b9ff7ffcad3f6c962b9f292324b7ab7f91a31cf41ab11f12fb1e0a494034127de7c6592df1a6c64d8f20a67745409e011f1264d43e153b3d34899f40159e800ea2474b544035a30b23bcee46762c2093bcc9eae5dff5adbdee3e980026c96f80ee1a74e04bde740750fa4d9aaa705989b8e673e3296e52d337c56abf1128744bab6677fcb78e313841ec309baed0495f06d058a75fa4c81e5c9f42d9383e41d277b10392a912ffaf6f658f3fadd16286744f839c3f128f8f92d0992239eafce5c1b3f97a297c9e49a0c3510ef74080e6d1e0c8a868a353409e34d3e82279637598f37ad380a447483cac394c7bbdcd0e3b1c39b6e00916de48a4e70f03cc4146a77af02c1d4cef5379da860aed8477dfa8ceefb405005c6977c78cdbf37704ec73755539280b064bda154910fe050038ec9e47de89298b7bf4d769ccc18eede00e8ca5457870eb30d211e23ccc8e06cd58b61799257ab55ff413c86ba9affb12ec757c7234c270246c87a901160e6c07bc6cf8809c3a0d46ff7f008000000000ad1e1f493354b2822b98371d000000167d78e65b90eba0768e825972ea3b774a1467c89fa0f82e8440105051e5510a33dcda5e143fbfff161c12ca389cbe4c51b3fa00675cd1b66c5fd9c26a54d43fa050645bd9109b7e7131421c0f39113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a84a4e3344b155cc20f49e298727340e97cdefb40e56e9cfad973347d0de7ba4754ff231a1b033d8f931ba3442b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf46306f2ef79b8d4c2ff030000000000000007b82e6044f643068cd47ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c99220002af8c5e53d52c83ac3fa7c3a3ee6c08384865b66d2b4dcb5dd9cba16b64ebbbf8702ae12c77e6e34991a225c120a3c950942fe0bc9f2a1a7506d35e5b439edeb7088aeda890cf8a4a6f31ba6d9b8cb098f935bdcbb29fd0f1a342c9eed00000000ab6648a9dea0b6c91996d65da6c24a702a86c814459f3cdaaf99000000000000000000bfb32c826563c518d0ad23bc83ba3f3757210a057eff7615c868bd7d74233da1a3b56d4e04a7ec4792b1c4cffddbbdcfdd23ab5268f1b3d08ebb8ce498cbaaf5aaab812201d1aba3d70471fcd9b466569f3ef72f39d87fcccab514fc02b70be8629c9b73ce7bc4be7f8be71cb7b2d0a4acff8f6abe7dbad64dfa44966945d93c33b038ce0d890f851811e387723a25dda119f64b35e71c5400000000000000000000000000000034c751ebdf3f20a95b817ea3df3d6c0002a41783058e56c70afe8016b3dd9dc7785b36e609f173cc6b893ecd138289709839747837d6a6283b3452c57a5d44cacd363589845637071320921d22c1663964eddec902fc7cc33158bc306d8c3bdae8108a23d2dc96a5cdb518f58832ec0906aaec43659c79c8ad37b0f961f3beaa3e02f7762c5dd633d13b5e487e996597b2ab42c898b7dd8390e13b395aacce4683e55bcfe8c17615257364365fd48bd77da79e52ce9adfe6dca9c42c4d719347f39ef006c2df747ee6adb7cd04faf05c36de72354c64ebaf28a3de18607ebc4b70f50f71dae565749568a23319232dc213342fb472e98c9a412199ce7976bee5eaf40e60cb3fbe8b92dae5008e92d17d05ce74ffffe74ae71d5b8bd43a4e0bf0390335aa489689f5e3a4ac5adca96caab658b43cd499d95d3876c220d147ad1d0e626621d88f1370982f663793cac52ea0d14e595ff1f56427a0a813bb3b84d31d021eeea8faeff25bb66f5940d08a5509a66fc43962bcb2f7415bc38e355e80ec935aa6fe2d74bd475d89449fb46320fee40faff2fd005549fe6a042bd95decfde5e166971935f4cfd9c9e5bfd2d803644f4e5b7e6dc1a7a35df7134e2fad79269bf24bea4eb0213068e3054d9e4a8d1a9eb032cb390e2016d0ce10549728cb4732dc5adab16fa19ac70780b29e079be27c95d3dd2bd91a584c46d84d430fc6ea31ce0ba62fa27be9f6bc435203da7c3a5d68bf4dd4f81cbfaa1c87a15b9272853c9837db930952dca667194b71815a9eb49b495360dcdf31e0e560857d0541a916d6b5469ac1b36babc5a91e1d58925f20d9d5f8a0da3c30711b0d101cabceffbe072be69613ea0003c6e9bb5cd2413c8ddc17cfa319cf7aaeed0ffb07a08f8fb439f709dfe0732fe42192819870bdd87d5f612ade03540a28be446095269d9ea5a60bba1f2462f9921f2a731dbcf1d03964ea1e4f79514914d37877f57617b60fa2b58aa694fcb023024653c4b73efb12a57ffc6f8943262b77be933051e12bd4d768a422ea652d45b04a9c43b5c97fc3edea7002d51a0a74889334ee"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x29}, 0x48) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000000)=r1, 0x4) sendmsg(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="5500000018007fd500fe01b2a4a280930a06000000a843089100fe800c00080008001100080000002d000f009b2c136ef75afb83de448daa72540d8302d2c55327c43ab82286ef1fdd20642383656d4d2449155037", 0x55}], 0x1}, 0x0) 1.396850959s ago: executing program 0 (id=16766): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002880)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0) write$FUSE_INIT(r0, &(0x7f0000002200)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x8, 0x0, 0x238d117e3578a04a, 0x0, 0x2, 0x7f, 0x2bf, 0x0, 0x0, 0x10}}, 0x50) open(&(0x7f0000000940)='./file0\x00', 0x5bf403, 0xa7) 1.362561513s ago: executing program 2 (id=16767): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xffe6}}, [@qdisc_kind_options=@q_cake={{0x9, 0x104}, {0x4}}]}, 0x34}}, 0x0) 1.285345926s ago: executing program 2 (id=16768): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0xc208ae62, &(0x7f00000002c0)={0x1, 0x0, @pic={0x1, 0x7f, 0x4, 0xb, 0xf, 0x6, 0x3, 0x1, 0x7f, 0x92, 0x6, 0x24, 0xfe, 0x1, 0x0, 0x8}}) 1.126658884s ago: executing program 2 (id=16770): r0 = socket(0x10, 0x3, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES64=r0], 0x40}}, 0x0) ppoll(&(0x7f00000005c0)=[{r1, 0x10}], 0x1, 0x0, 0x0, 0x0) 966.202062ms ago: executing program 2 (id=16772): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) fcntl$lock(r0, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8}) fcntl$lock(r0, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd}) fcntl$lock(r0, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9}) 459.931207ms ago: executing program 3 (id=16780): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) rt_sigtimedwait(&(0x7f0000000040)={[0x3, 0x5]}, &(0x7f0000000200), 0x0, 0x8) 432.223809ms ago: executing program 0 (id=16781): r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000000c0)={0x2, 0x8, 0x2}) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000240)={0x5, 0x4, 0x1}) close(0x3) 382.162812ms ago: executing program 3 (id=16782): rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) process_madvise(r1, &(0x7f0000000200)=[{&(0x7f0000000000)='U', 0x1}], 0x1, 0x19, 0x0) 326.852581ms ago: executing program 0 (id=16783): setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x60ae0}], 0x318, 0x0, 0xdb0, 0xf5ffffff}, 0x3f01) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x18, &(0x7f00000000c0), 0x31}, 0x0) 266.415789ms ago: executing program 3 (id=16784): syz_emit_ethernet(0x2a, &(0x7f0000000100)={@multicast, @random="8a0a63cdec59", @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, @remote, @dev, @remote}}}}, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14) 259.1654ms ago: executing program 1 (id=16785): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=@newsa={0x128, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2, 0x0, 0x10000000}, {0x0, 0x200000, 0x7}, {0x40000, 0xfffffffd, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}, @lifetime_val={0x24, 0x9, {0xb4, 0x8000000000000001, 0xb4, 0x5}}]}, 0x128}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x1a, 0x7, 0x0, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, @in=@multicast2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0xb400, 0x2}, {0x0, 0x200000, 0x7, 0xfffffffffffffffd}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0) 189.788618ms ago: executing program 3 (id=16786): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$inet6(r1, &(0x7f0000007bc0)=[{{0x0, 0x0, &(0x7f0000001d80)=[{&(0x7f0000000280)="a9cff351c0016f245d698d8c14cdacc0e4d7fc6a44004aacd85ebc47b5a17462dc6abc5ca3d1a7b99ba8420e05cfc8ac59487a7cb73617b9c2badd825e", 0x3d}, {&(0x7f0000001980)="5fb3450effde69bf04e3e44a973930e0b6f397ee7a964d6dbf627acb2d94", 0x1e}], 0x2}}], 0x1, 0x20000040) 129.774998ms ago: executing program 1 (id=16787): setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x8000000}]}, 0x8) r0 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r0, &(0x7f0000000140)={0xa, 0xfffd, 0x0, @mcast1, 0x9}, 0x1c) sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9511, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004) 92.532814ms ago: executing program 3 (id=16788): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000001840)={0x4c, r1, 0x1, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'caif0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}]}]]}, 0x4c}, 0x1, 0x0, 0x0, 0xc804}, 0x0) 26.783308ms ago: executing program 2 (id=16789): r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f0000006400), &(0x7f0000006c00)={'syz', 0x3}, &(0x7f0000006900)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b0204dc55ea62d43c809e0ed6e56163fdab317afd5c34d614367e4425bb9a97e38b8beb84ef6d549eed", 0x89, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r2}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}}) 782.024µs ago: executing program 3 (id=16790): r0 = open(&(0x7f0000000280)='.\x00', 0x80, 0x122) fcntl$notify(r0, 0x402, 0x8000003d) fcntl$setown(r0, 0x8, 0xffffffffffffffff) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) 0s ago: executing program 1 (id=16791): mmap(&(0x7f0000581000/0x3000)=nil, 0x3000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000000)=0x91, 0x2, 0x0) set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1, 0x0) mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000) kernel console output (not intermixed with test programs): type=1326 audit(1753666747.051:3449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4175 comm="syz.3.14126" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1045.458883][ T30] audit: type=1326 audit(1753666747.051:3450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4175 comm="syz.3.14126" exe="/root/syz-executor" sig=0 arch=40000003 syscall=440 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1045.489512][ T30] audit: type=1326 audit(1753666747.051:3451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4175 comm="syz.3.14126" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1045.534193][ T4188] binder: BC_ACQUIRE_RESULT not supported [ 1045.540003][ T4188] binder: 4187:4188 ioctl c0306201 800003c0 returned -22 [ 1045.605684][ T4194] netlink: 'syz.3.14134': attribute type 21 has an invalid length. [ 1045.642931][ T4194] netlink: 'syz.3.14134': attribute type 1 has an invalid length. [ 1045.655512][ T4194] netlink: 'syz.3.14134': attribute type 2 has an invalid length. [ 1045.677409][ T4194] netlink: 15970 bytes leftover after parsing attributes in process `syz.3.14134'. [ 1048.265197][ T4297] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1048.280375][ T4297] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1048.332109][ T4297] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1048.359369][ T4297] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1048.372842][ T4297] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1048.395913][ T4297] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1048.409222][ T4297] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1048.426563][ T4297] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1048.450308][ T4297] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1048.473651][ T4297] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1048.483174][ T4297] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1048.670254][ T4309] input: syz0 as /devices/virtual/input/input98 [ 1050.223544][ T4299] Bluetooth: hci3: command 0x0406 tx timeout [ 1050.233402][ T4348] kvm_intel: kvm [4346]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x2 [ 1050.302374][ T4352] tap0: tun_chr_ioctl cmd 2147767520 [ 1050.390337][ T4299] Bluetooth: hci1: command 0x0406 tx timeout [ 1050.464683][ T4299] Bluetooth: hci4: command 0x0406 tx timeout [ 1050.470930][ T4299] Bluetooth: hci0: command 0x0406 tx timeout [ 1050.543443][ T4299] Bluetooth: hci2: command 0x0406 tx timeout [ 1052.304644][ T4299] Bluetooth: hci3: command 0x0406 tx timeout [ 1052.463649][ T4299] Bluetooth: hci1: command 0x0406 tx timeout [ 1052.543015][ T4299] Bluetooth: hci0: command 0x0406 tx timeout [ 1052.543025][T21548] Bluetooth: hci4: command 0x0406 tx timeout [ 1052.624696][ T4299] Bluetooth: hci2: command 0x0406 tx timeout [ 1052.648096][ T43] usb 4-1: new high-speed USB device number 125 using dummy_hcd [ 1052.718240][ T30] audit: type=1326 audit(1753666754.681:3452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4433 comm="syz.0.14245" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1052.771712][ T30] audit: type=1326 audit(1753666754.711:3453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4433 comm="syz.0.14245" exe="/root/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1052.795912][ T30] audit: type=1326 audit(1753666754.711:3454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4433 comm="syz.0.14245" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1052.818335][ T43] usb 4-1: Using ep0 maxpacket: 32 [ 1052.819334][ T30] audit: type=1326 audit(1753666754.711:3455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4433 comm="syz.0.14245" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1052.857631][ T43] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1052.873500][ T30] audit: type=1326 audit(1753666754.711:3456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4433 comm="syz.0.14245" exe="/root/syz-executor" sig=0 arch=40000003 syscall=341 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1052.909937][ T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 1052.927052][ T30] audit: type=1326 audit(1753666754.711:3457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4433 comm="syz.0.14245" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1052.953193][ T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1052.983888][ T43] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 1053.005716][ T30] audit: type=1326 audit(1753666754.711:3458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4433 comm="syz.0.14245" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1053.016572][ T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1053.059099][ T30] audit: type=1326 audit(1753666754.711:3459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4433 comm="syz.0.14245" exe="/root/syz-executor" sig=0 arch=40000003 syscall=342 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1053.099367][ T43] usb 4-1: config 0 descriptor?? [ 1053.109443][ T30] audit: type=1326 audit(1753666754.711:3460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4433 comm="syz.0.14245" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1053.131765][ T4423] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1053.135147][ T43] hub 4-1:0.0: USB hub found [ 1053.205991][ T30] audit: type=1326 audit(1753666754.711:3461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4433 comm="syz.0.14245" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1053.361366][ T43] hub 4-1:0.0: config failed, hub has too many ports! (err -19) [ 1053.447807][ T4448] netlink: 'syz.0.14250': attribute type 14 has an invalid length. [ 1053.810893][ T43] hid-generic 0003:046D:C314.00D2: hidraw0: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.3-1/input0 [ 1054.069701][ T4461] pimreg: entered allmulticast mode [ 1054.148847][ T4461] pimreg: left allmulticast mode [ 1054.244725][ T43] usb 4-1: USB disconnect, device number 125 [ 1054.389899][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.396428][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1054.405518][ T4299] Bluetooth: hci3: command 0x0406 tx timeout [ 1055.178288][ T4498] tipc: New replicast peer: 255.255.255.255 [ 1055.204195][ T4498] tipc: Enabled bearer , priority 20 [ 1055.240673][ T4498] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14274'. [ 1055.309694][ T4502] loop9: detected capacity change from 0 to 7 [ 1055.328760][T25386] buffer_io_error: 7 callbacks suppressed [ 1055.328778][T25386] Buffer I/O error on dev loop9, logical block 0, async page read [ 1055.360323][T25386] Buffer I/O error on dev loop9, logical block 0, async page read [ 1055.380377][T25386] Buffer I/O error on dev loop9, logical block 0, async page read [ 1055.399542][T25386] Buffer I/O error on dev loop9, logical block 0, async page read [ 1055.419830][T25386] Buffer I/O error on dev loop9, logical block 0, async page read [ 1055.443639][T25386] Buffer I/O error on dev loop9, logical block 0, async page read [ 1055.468268][T25386] Buffer I/O error on dev loop9, logical block 0, async page read [ 1055.490926][T25386] ldm_validate_partition_table(): Disk read failed. [ 1055.504818][T25386] Buffer I/O error on dev loop9, logical block 0, async page read [ 1055.513670][T25386] Buffer I/O error on dev loop9, logical block 0, async page read [ 1055.522173][T25386] Buffer I/O error on dev loop9, logical block 0, async page read [ 1055.540183][T25386] Dev loop9: unable to read RDB block 0 [ 1055.547133][T25386] loop9: unable to read partition table [ 1055.565726][T25386] loop9: partition table beyond EOD, truncated [ 1055.597084][ T4502] ldm_validate_partition_table(): Disk read failed. [ 1055.604908][ T4502] Dev loop9: unable to read RDB block 0 [ 1055.619178][ T4502] loop9: unable to read partition table [ 1055.630806][ T4502] loop9: partition table beyond EOD, truncated [ 1055.660581][ T4502] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 1055.660581][ T4502] ) failed (rc=-5) [ 1056.660850][ T4552] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1056.904988][T23700] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1056.919329][T23700] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1056.963035][T23700] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1056.981143][T23700] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1057.022066][T23700] rtc rtc0: __rtc_set_alarm: err=-22 [ 1057.261849][ T4575] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14311'. [ 1057.355272][ T4581] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14311'. [ 1057.683339][T22197] usb 4-1: new high-speed USB device number 126 using dummy_hcd [ 1057.852667][T22197] usb 4-1: Using ep0 maxpacket: 8 [ 1057.880725][T22197] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1057.925212][T22197] usb 4-1: config 4 interface 0 has no altsetting 0 [ 1057.961497][T22197] usb 4-1: string descriptor 0 read error: -22 [ 1057.972649][T22197] usb 4-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05 [ 1057.997188][T22197] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3 [ 1058.029828][T22197] usb 4-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state [ 1058.069489][T22197] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 1058.107112][T22197] dvbdev: DVB: registering new adapter (Sigmatek DVB-110) [ 1058.119179][T22197] usb 4-1: media controller created [ 1058.157945][T22197] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1059.093070][ T4618] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.14328'. [ 1059.382889][T22197] usb 4-1: USB disconnect, device number 126 [ 1062.287752][ T4715] loop6: detected capacity change from 0 to 63 [ 1062.295725][ T4715] buffer_io_error: 23 callbacks suppressed [ 1062.295744][ T4715] Buffer I/O error on dev loop6, logical block 0, async page read [ 1062.318809][ T4715] Buffer I/O error on dev loop6, logical block 0, async page read [ 1062.331177][ T4715] Buffer I/O error on dev loop6, logical block 0, async page read [ 1062.348556][ T4715] Buffer I/O error on dev loop6, logical block 0, async page read [ 1062.358506][ T4715] Buffer I/O error on dev loop6, logical block 0, async page read [ 1062.367076][ T4715] Buffer I/O error on dev loop6, logical block 0, async page read [ 1062.375385][ T4715] Buffer I/O error on dev loop6, logical block 0, async page read [ 1062.387409][ T4715] Buffer I/O error on dev loop6, logical block 0, async page read [ 1062.399598][ T4715] ldm_validate_partition_table(): Disk read failed. [ 1062.409848][ T4715] Buffer I/O error on dev loop6, logical block 0, async page read [ 1062.419460][ T4715] Buffer I/O error on dev loop6, logical block 0, async page read [ 1062.430509][ T4715] Dev loop6: unable to read RDB block 0 [ 1062.438371][ T4715] loop6: unable to read partition table [ 1062.455644][ T4715] loop_reread_partitions: partition scan of loop6 (3 ) failed (rc=-5) [ 1063.862669][T22197] usb 4-1: new high-speed USB device number 127 using dummy_hcd [ 1064.023572][T22197] usb 4-1: config index 0 descriptor too short (expected 23569, got 27) [ 1064.049314][T22197] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1064.084149][T22197] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 1064.101888][T22197] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 1064.120436][T22197] usb 4-1: Manufacturer: syz [ 1064.141371][T22197] usb 4-1: config 0 descriptor?? [ 1064.293024][T22197] rc_core: IR keymap rc-hauppauge not found [ 1064.299001][T22197] Registered IR keymap rc-empty [ 1064.340785][T22197] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 1064.392882][T22197] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input99 [ 1064.430384][T22197] usb 4-1: USB disconnect, device number 127 [ 1064.650504][ T4789] team0: Device gtp0 is of different type [ 1065.462637][ T5847] usb 3-1: new high-speed USB device number 121 using dummy_hcd [ 1065.498657][ T4812] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14413'. [ 1065.632977][ T5847] usb 3-1: Using ep0 maxpacket: 8 [ 1065.643271][ T5847] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1065.666012][ T5847] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1065.681671][ T5847] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1065.694101][ T5847] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1065.717239][ T5847] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 1065.735872][ T5847] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1065.938298][ T4828] hsr0: entered promiscuous mode [ 1065.945964][ T4828] macvlan3: entered allmulticast mode [ 1065.951398][ T4828] hsr0: entered allmulticast mode [ 1065.959605][ T4828] hsr_slave_0: entered allmulticast mode [ 1065.967081][ T4828] hsr_slave_1: entered allmulticast mode [ 1065.976459][ T4828] hsr0: left allmulticast mode [ 1065.981599][ T4828] hsr_slave_0: left allmulticast mode [ 1065.981901][ T5847] usb 3-1: GET_CAPABILITIES returned 0 [ 1065.987513][ T4828] hsr_slave_1: left allmulticast mode [ 1066.020714][ T5847] usbtmc 3-1:16.0: can't read capabilities [ 1066.264997][T22197] usb 3-1: USB disconnect, device number 121 [ 1066.461246][ T4840] netlink: 203516 bytes leftover after parsing attributes in process `syz.1.14424'. [ 1066.501624][ T4840] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16) [ 1066.537474][ T4840] openvswitch: netlink: Duplicate key (type 0). [ 1066.784175][ T4846] netlink: 60 bytes leftover after parsing attributes in process `syz.1.14428'. [ 1066.941907][ T4848] sctp: [Deprecated]: syz.4.14429 (pid 4848) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1066.941907][ T4848] Use struct sctp_sack_info instead [ 1067.029848][ T4854] netlink: 16410 bytes leftover after parsing attributes in process `syz.2.14432'. [ 1067.655808][ T4885] could not allocate digest TFM handle _!5(iHP,omxę*71U"~ 2.>~e>/y [ 1068.207842][ T4907] netlink: 'syz.2.14456': attribute type 1 has an invalid length. [ 1068.246918][ T4909] netlink: 16 bytes leftover after parsing attributes in process `syz.1.14457'. [ 1068.587101][ T4923] netlink: 10 bytes leftover after parsing attributes in process `syz.1.14463'. [ 1068.597082][ T43] usb 3-1: new high-speed USB device number 122 using dummy_hcd [ 1068.725583][ T4927] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14465'. [ 1068.747459][ T4927] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14465'. [ 1068.760287][ T4929] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14466'. [ 1068.780289][ T43] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1068.792812][ T43] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1068.804278][ T43] usb 3-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce [ 1068.818602][ T4929] netlink: 8 bytes leftover after parsing attributes in process `syz.1.14466'. [ 1068.832652][ T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1068.850965][ T43] usb 3-1: Product: syz [ 1068.861095][ T43] usb 3-1: Manufacturer: syz [ 1068.870815][ T43] usb 3-1: SerialNumber: syz [ 1068.893045][ T43] usb 3-1: config 0 descriptor?? [ 1068.915311][ T43] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state. [ 1068.941027][ T43] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1068.961162][ T43] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0) [ 1068.970620][ T43] usb 3-1: media controller created [ 1069.040860][ T43] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1069.064244][ T4936] bridge0: entered promiscuous mode [ 1069.074100][ T4936] macvlan2: entered promiscuous mode [ 1069.191975][ T43] DVB: Unable to find symbol tda10046_attach() [ 1069.215063][ T43] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0' [ 1069.239652][ T43] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected. [ 1069.250506][ T4944] af_packet: tpacket_rcv: packet too big, clamped from 32 to 4294967272. macoff=96 [ 1069.353441][ T4948] netlink: 'syz.3.14475': attribute type 13 has an invalid length. [ 1069.772731][T22197] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 1069.861381][ T43] dvb_usb_m920x 3-1:0.0: probe with driver dvb_usb_m920x failed with error -71 [ 1069.913768][ T43] usb 3-1: USB disconnect, device number 122 [ 1069.943348][T22197] usb 4-1: Using ep0 maxpacket: 16 [ 1069.983453][T22197] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1070.007632][T22197] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1070.037344][T22197] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1070.050982][T22197] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 1070.073573][T22197] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1070.111144][T22197] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1070.122342][T22197] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1070.139013][T22197] usb 4-1: Manufacturer: syz [ 1070.156826][T22197] usb 4-1: config 0 descriptor?? [ 1070.487075][T22197] rc_core: IR keymap rc-hauppauge not found [ 1070.499452][T22197] Registered IR keymap rc-empty [ 1070.511826][T22197] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1070.552731][T22197] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1070.578722][T22197] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 1070.606034][T22197] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input100 [ 1070.630833][T22197] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1070.667497][T22197] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1070.702802][T22197] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1070.727822][T22197] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1070.753261][T22197] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1070.793571][T22197] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1070.814470][T22197] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1070.852616][T22197] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1070.882696][T22197] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1070.912618][T22197] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1070.946224][T22197] mceusb 4-1:0.0: Registered with mce emulator interface version 1 [ 1070.958168][T22197] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 1070.987424][T22197] usb 4-1: USB disconnect, device number 2 [ 1071.515843][ T4995] __nla_validate_parse: 2 callbacks suppressed [ 1071.515863][ T4995] netlink: 16 bytes leftover after parsing attributes in process `syz.1.14495'. [ 1072.527621][ T5035] loop6: detected capacity change from 0 to 63 [ 1072.550309][ T5035] buffer_io_error: 13 callbacks suppressed [ 1072.550328][ T5035] Buffer I/O error on dev loop6, logical block 0, async page read [ 1072.574256][ T5035] Buffer I/O error on dev loop6, logical block 0, async page read [ 1072.589143][ T5035] Buffer I/O error on dev loop6, logical block 0, async page read [ 1072.610659][ T5035] Buffer I/O error on dev loop6, logical block 0, async page read [ 1072.647317][ T5035] Buffer I/O error on dev loop6, logical block 0, async page read [ 1072.656861][ T5035] Buffer I/O error on dev loop6, logical block 0, async page read [ 1072.683266][ T5035] Buffer I/O error on dev loop6, logical block 0, async page read [ 1072.707638][ T5035] Buffer I/O error on dev loop6, logical block 0, async page read [ 1072.724416][ T5035] ldm_validate_partition_table(): Disk read failed. [ 1072.731188][ T5035] Buffer I/O error on dev loop6, logical block 0, async page read [ 1072.772791][ T5035] Buffer I/O error on dev loop6, logical block 0, async page read [ 1072.781004][ T5035] Dev loop6: unable to read RDB block 0 [ 1072.822149][ T5035] loop6: unable to read partition table [ 1072.852964][ T5035] loop_reread_partitions: partition scan of loop6 (3 ) failed (rc=-5) [ 1073.059627][ T5052] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14519'. [ 1073.522576][ T30] audit: type=1326 audit(1753666775.471:3462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5041 comm="syz.3.14516" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7fc00000 [ 1074.280716][ T5092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14537'. [ 1074.964499][ T5117] ip6tnl0: Caught tx_queue_len zero misconfig [ 1075.920328][ T5142] tap0: tun_chr_ioctl cmd 1074025677 [ 1075.930499][ T5142] tap0: linktype set to 0 [ 1078.862750][ T43] usb 3-1: new high-speed USB device number 123 using dummy_hcd [ 1079.005226][ T5265] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14613'. [ 1079.025278][ T43] usb 3-1: config index 0 descriptor too short (expected 3133, got 61) [ 1079.039377][ T43] usb 3-1: config 0 has an invalid interface number: 156 but max is 1 [ 1079.057123][ T43] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1079.079116][ T43] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 1079.098110][ T43] usb 3-1: config 0 has no interface number 0 [ 1079.112574][ T43] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 1079.135717][ T43] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 1079.163840][ T43] usb 3-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 1079.179865][ T43] usb 3-1: config 0 interface 156 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1079.203949][ T43] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 1079.214721][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1079.226623][ T43] usb 3-1: config 0 descriptor?? [ 1079.237695][ T43] gspca_main: spca561-2.14.0 probing abcd:cdee [ 1079.432998][ T5270] netlink: 'syz.4.14615': attribute type 7 has an invalid length. [ 1079.460605][ T43] spca561 3-1:0.156: probe with driver spca561 failed with error -22 [ 1079.480847][ T43] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 1079.499615][ T43] usb 3-1: MIDIStreaming interface descriptor not found [ 1079.633111][ T43] usb 3-1: USB disconnect, device number 123 [ 1081.002623][ T5315] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14634'. [ 1081.412673][ T43] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 1081.594932][ T43] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1081.623280][ T43] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1081.678054][ T43] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1081.697670][ T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1081.732631][ T43] usb 4-1: Product: syz [ 1081.736874][ T43] usb 4-1: Manufacturer: syz [ 1081.741547][ T43] usb 4-1: SerialNumber: syz [ 1082.203447][ T43] usb 4-1: 0:2 : does not exist [ 1082.553361][ T30] audit: type=1804 audit(1753666784.511:3463): pid=5364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.14656" name="/" dev="pidfs" ino=37663 res=1 errno=0 [ 1082.654124][T23700] usb 4-1: USB disconnect, device number 3 [ 1082.752904][ T43] usb 3-1: new high-speed USB device number 124 using dummy_hcd [ 1082.912629][ T43] usb 3-1: Using ep0 maxpacket: 16 [ 1082.930499][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1082.958067][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1082.989338][ T43] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1083.008922][ T43] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1083.031696][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1083.060998][ T43] usb 3-1: config 0 descriptor?? [ 1083.417023][ T5390] netlink: 20 bytes leftover after parsing attributes in process `syz.1.14668'. [ 1083.499467][ T43] microsoft 0003:045E:07DA.00D3: unknown main item tag 0x0 [ 1083.522697][ T43] microsoft 0003:045E:07DA.00D3: unknown main item tag 0x0 [ 1083.532877][ T43] microsoft 0003:045E:07DA.00D3: unknown main item tag 0x0 [ 1083.554531][ T43] microsoft 0003:045E:07DA.00D3: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 1083.577127][ T43] microsoft 0003:045E:07DA.00D3: no inputs found [ 1083.602378][ T43] microsoft 0003:045E:07DA.00D3: could not initialize ff, continuing anyway [ 1083.741848][ T5847] usb 3-1: USB disconnect, device number 124 [ 1084.125638][ T5406] geneve4: entered allmulticast mode [ 1086.808764][ T5497] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14716'. [ 1087.244326][ T5509] netlink: 31 bytes leftover after parsing attributes in process `syz.3.14722'. [ 1087.255007][ T5509] netlink: 20 bytes leftover after parsing attributes in process `syz.3.14722'. [ 1087.710052][ T5524] netlink: 27 bytes leftover after parsing attributes in process `syz.3.14726'. [ 1088.282774][ T9] usb 4-1: new full-speed USB device number 4 using dummy_hcd [ 1088.435211][ T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1088.446000][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 1088.465681][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1088.486045][ T9] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 1088.502770][ T43] usb 2-1: new high-speed USB device number 117 using dummy_hcd [ 1088.511401][ T9] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1088.525924][ T9] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1088.539727][ T9] usb 4-1: Manufacturer: syz [ 1088.551750][ T9] usb 4-1: config 0 descriptor?? [ 1088.664796][ T43] usb 2-1: Using ep0 maxpacket: 32 [ 1088.677263][ T43] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1088.699747][ T43] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 1088.716353][ T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1088.739956][ T43] usb 2-1: Product: syz [ 1088.745191][ T43] usb 2-1: Manufacturer: syz [ 1088.749842][ T43] usb 2-1: SerialNumber: syz [ 1088.765868][ T43] usb 2-1: config 0 descriptor?? [ 1088.882973][ T9] rc_core: IR keymap rc-hauppauge not found [ 1088.898054][ T9] Registered IR keymap rc-empty [ 1088.913352][ T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1088.951278][ T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1089.013944][ T9] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 1089.060964][ T9] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input102 [ 1089.092803][ T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1089.122720][ T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1089.173074][ T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1089.183817][ T43] gs_usb 2-1:0.0: Configuring for 3 interfaces [ 1089.232948][ T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1089.263513][ T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1089.313121][ T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1089.418614][ T43] gs_usb 2-1:0.0: Couldn't register candev for channel 0 (-EINVAL) [ 1089.450618][ T43] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -22 [ 1089.452548][ T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1089.503191][ T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1089.537800][ T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1089.597752][ T9] mceusb 4-1:0.0: Error: mce write submit urb error = -90 [ 1089.666226][ T9] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 1089.675784][ T43] usb 2-1: USB disconnect, device number 117 [ 1089.704848][ T9] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 1089.777386][ T9] usb 4-1: USB disconnect, device number 4 [ 1090.227266][ T5581] loop4: detected capacity change from 0 to 524255232 [ 1090.383336][ T5581] loop4: detected capacity change from 524255232 to 524287935 [ 1091.382629][ T5847] usb 3-1: new high-speed USB device number 125 using dummy_hcd [ 1091.554096][ T5847] usb 3-1: Using ep0 maxpacket: 16 [ 1091.630445][ T5847] usb 3-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90 [ 1091.641963][ T5847] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1091.677782][ T5847] usb 3-1: Product: syz [ 1091.682025][ T5847] usb 3-1: Manufacturer: syz [ 1091.716455][ T5847] usb 3-1: SerialNumber: syz [ 1091.763626][ T5847] usb 3-1: config 0 descriptor?? [ 1091.771250][ T5847] ums-onetouch 3-1:0.0: USB Mass Storage device detected [ 1091.887506][ T5627] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14769'. [ 1092.087560][ T5847] usb 3-1: USB disconnect, device number 125 [ 1092.539695][ T5636] netlink: 'syz.1.14772': attribute type 10 has an invalid length. [ 1092.611580][ T5636] team0: Port device dummy0 added [ 1092.623306][ T5642] netlink: 'syz.1.14772': attribute type 10 has an invalid length. [ 1092.753026][ T5642] team0: Port device dummy0 removed [ 1092.775688][ T5642] dummy0: entered allmulticast mode [ 1092.785652][ T5646] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14776'. [ 1092.812386][ T5642] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 1092.820364][ T5646] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14776'. [ 1093.181645][ T5661] netlink: 44 bytes leftover after parsing attributes in process `syz.4.14781'. [ 1093.224213][ T5661] netlink: 43 bytes leftover after parsing attributes in process `syz.4.14781'. [ 1093.241584][ T5661] netlink: 'syz.4.14781': attribute type 6 has an invalid length. [ 1093.256831][ T5661] netlink: 'syz.4.14781': attribute type 5 has an invalid length. [ 1093.269002][ T5661] netlink: 43 bytes leftover after parsing attributes in process `syz.4.14781'. [ 1093.684091][ T5847] usb 2-1: new high-speed USB device number 118 using dummy_hcd [ 1093.854642][ T5847] usb 2-1: Using ep0 maxpacket: 16 [ 1093.865169][ T5847] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 1093.889003][ T5847] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 1093.912576][ T5847] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1093.941077][ T5847] usb 2-1: Product: syz [ 1093.952780][ T5847] usb 2-1: Manufacturer: syz [ 1093.962827][ T5847] usb 2-1: SerialNumber: syz [ 1093.985194][ T5847] usb 2-1: config 0 descriptor?? [ 1094.016720][ T5847] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected [ 1094.046792][ T5847] usb 2-1: Detected FT232R [ 1094.208901][ T5695] openvswitch: netlink: IPv4 tunnel dst address is zero [ 1094.231737][ T5847] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 1094.347039][ T5698] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.14798'. [ 1094.474887][ T5847] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 1094.674046][ T5847] usb 2-1: USB disconnect, device number 118 [ 1094.745133][ T5847] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 1094.765812][ T5847] ftdi_sio 2-1:0.0: device disconnected [ 1095.372649][ T30] audit: type=1326 audit(1753666797.331:3464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5737 comm="syz.2.14816" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1095.446488][ T30] audit: type=1326 audit(1753666797.331:3465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5737 comm="syz.2.14816" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1095.518724][ T30] audit: type=1326 audit(1753666797.351:3466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5737 comm="syz.2.14816" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1095.572477][ T30] audit: type=1326 audit(1753666797.351:3467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5737 comm="syz.2.14816" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1095.640357][ T5745] netlink: 36 bytes leftover after parsing attributes in process `syz.3.14819'. [ 1095.647794][ T30] audit: type=1326 audit(1753666797.351:3468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5737 comm="syz.2.14816" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1095.672985][ T9] usb 2-1: new high-speed USB device number 119 using dummy_hcd [ 1095.718821][ T30] audit: type=1326 audit(1753666797.351:3469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5737 comm="syz.2.14816" exe="/root/syz-executor" sig=0 arch=40000003 syscall=434 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1095.772596][ T30] audit: type=1326 audit(1753666797.351:3470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5737 comm="syz.2.14816" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1095.817419][ T30] audit: type=1326 audit(1753666797.351:3471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5737 comm="syz.2.14816" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1095.872631][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 1095.891990][ T9] usb 2-1: unable to get BOS descriptor or descriptor too short [ 1095.911652][ T9] usb 2-1: config 125 has an invalid interface number: 27 but max is 0 [ 1095.924900][ T30] audit: type=1326 audit(1753666797.361:3472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5737 comm="syz.2.14816" exe="/root/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1095.952600][ T9] usb 2-1: config 125 has no interface number 0 [ 1095.964655][ T9] usb 2-1: config 125 interface 27 altsetting 24 has an endpoint descriptor with address 0xBA, changing to 0x8A [ 1095.982749][ T9] usb 2-1: config 125 interface 27 altsetting 24 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 1096.001566][ T30] audit: type=1326 audit(1753666797.361:3473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5737 comm="syz.2.14816" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1096.025595][ T9] usb 2-1: config 125 interface 27 altsetting 24 endpoint 0x8A has invalid maxpacket 50534, setting to 1024 [ 1096.037355][ T9] usb 2-1: config 125 interface 27 altsetting 24 has an invalid descriptor for endpoint zero, skipping [ 1096.061162][ T9] usb 2-1: config 125 interface 27 altsetting 24 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 1096.086030][ T9] usb 2-1: config 125 interface 27 has no altsetting 0 [ 1096.096616][ T9] usb 2-1: New USB device found, idVendor=1199, idProduct=68aa, bcdDevice=a4.70 [ 1096.108196][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1096.124290][ T9] usb 2-1: Product: syz [ 1096.132706][ T9] usb 2-1: Manufacturer: syz [ 1096.148888][ T9] usb 2-1: SerialNumber: syz [ 1096.166284][ T5738] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1096.404632][ T9] hub 2-1:125.27: bad descriptor, ignoring hub [ 1096.426768][ T9] hub 2-1:125.27: probe with driver hub failed with error -5 [ 1096.460272][ T9] sierra 2-1:125.27: Sierra USB modem converter detected [ 1096.505098][ T9] usb 2-1: Sierra USB modem converter now attached to ttyUSB0 [ 1096.566297][ T9] usb 2-1: USB disconnect, device number 119 [ 1096.623614][ T9] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0 [ 1096.658638][ T9] sierra 2-1:125.27: device disconnected [ 1096.848957][ T5779] input: syz1 as /devices/virtual/input/input104 [ 1096.923177][ T5847] usb 3-1: new high-speed USB device number 126 using dummy_hcd [ 1097.082794][ T5847] usb 3-1: Using ep0 maxpacket: 32 [ 1097.100549][ T5847] usb 3-1: config 0 has an invalid interface number: 66 but max is 0 [ 1097.122553][ T5847] usb 3-1: config 0 has no interface number 0 [ 1097.142913][ T5847] usb 3-1: New USB device found, idVendor=0fe9, idProduct=d501, bcdDevice=23.50 [ 1097.162511][ T5847] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1097.170775][ T5847] usb 3-1: Product: syz [ 1097.180927][ T5847] usb 3-1: Manufacturer: syz [ 1097.202195][ T5847] usb 3-1: SerialNumber: syz [ 1097.222041][ T5847] usb 3-1: config 0 descriptor?? [ 1097.255384][ T5847] dvb-usb: found a 'DViCO FusionHDTV5 USB Gold' in warm state. [ 1097.281350][ T5847] dvb-usb: bulk message failed: -22 (2/0) [ 1097.298358][ T5847] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1097.318811][ T5847] dvbdev: DVB: registering new adapter (DViCO FusionHDTV5 USB Gold) [ 1097.327754][ T5847] usb 3-1: media controller created [ 1097.370512][ T5847] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1097.433247][ T5847] cxusb: set interface failed [ 1097.439563][ T5847] dvb-usb: bulk message failed: -22 (1/0) [ 1097.593047][ T5847] DVB: Unable to find symbol lgdt330x_attach() [ 1097.599287][ T5847] dvb-usb: no frontend was attached by 'DViCO FusionHDTV5 USB Gold' [ 1097.772645][ T5847] rc_core: IR keymap rc-dvico-portable not found [ 1097.779094][ T5847] Registered IR keymap rc-empty [ 1097.798056][ T5847] rc rc0: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0 [ 1097.850782][ T5847] input: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0/input105 [ 1097.913341][ T5847] dvb-usb: schedule remote query interval to 100 msecs. [ 1097.920370][ T5847] dvb-usb: DViCO FusionHDTV5 USB Gold successfully initialized and connected. [ 1097.985422][ T5847] usb 3-1: USB disconnect, device number 126 [ 1098.239602][ T5847] dvb-usb: DViCO FusionHDTV5 USB Gold successfully deinitialized and disconnected. [ 1098.950496][ T5848] delete_channel: no stack [ 1099.422971][ T43] usb 3-1: new high-speed USB device number 127 using dummy_hcd [ 1099.581616][ T43] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1099.604416][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1099.629153][ T43] usb 3-1: config 0 descriptor?? [ 1099.648688][ T43] cp210x 3-1:0.0: cp210x converter detected [ 1100.035741][ T5918] netlink: 112 bytes leftover after parsing attributes in process `syz.0.14879'. [ 1100.051034][ T5918] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14879'. [ 1100.270067][ T43] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 1100.296928][ T43] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 1100.328215][ T43] usb 3-1: cp210x converter now attached to ttyUSB0 [ 1100.368075][ T43] usb 3-1: USB disconnect, device number 127 [ 1100.403306][ T43] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1100.441443][ T43] cp210x 3-1:0.0: device disconnected [ 1101.073659][ T5967] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14896'. [ 1102.167671][ T5998] delete_channel: no stack [ 1103.052993][ T5847] usb 2-1: new high-speed USB device number 120 using dummy_hcd [ 1103.152589][ T6032] tap0: tun_chr_ioctl cmd 35111 [ 1103.224763][ T5847] usb 2-1: Using ep0 maxpacket: 8 [ 1103.238168][ T5847] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 1103.249921][ T5847] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1103.288642][ T5847] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1103.305971][ T5847] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1103.339094][ T5847] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1103.362578][ T5847] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1103.389869][ T5847] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1103.420448][ T43] hid-generic 0000:0000:0000.00D4: unknown main item tag 0x0 [ 1103.469176][ T43] hid-generic 0000:0000:0000.00D4: hidraw0: HID v0.00 Device [syz0] on syz0 [ 1103.639106][ T5847] usb 2-1: GET_CAPABILITIES returned 0 [ 1103.649153][ T5847] usbtmc 2-1:16.0: can't read capabilities [ 1103.908696][ T5847] usb 2-1: USB disconnect, device number 120 [ 1104.772128][ T6071] netlink: 72 bytes leftover after parsing attributes in process `syz.4.14944'. [ 1105.488882][ T6100] syzkaller1: tun_chr_ioctl cmd 21731 [ 1105.743079][ T5847] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 1105.920418][ T5847] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1105.929730][ T5847] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 1105.948266][ T5847] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1105.962068][ T5847] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 1105.980016][ T5847] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 1106.021008][ T5847] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1106.032839][ T5847] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1106.060177][ T5847] usb 4-1: Product: syz [ 1106.071920][ T5847] usb 4-1: Manufacturer: syz [ 1106.115034][ T5847] cdc_wdm 4-1:1.0: skipping garbage [ 1106.120314][ T5847] cdc_wdm 4-1:1.0: skipping garbage [ 1106.131800][ T5847] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 1106.150044][ T5847] cdc_wdm 4-1:1.0: Unknown control protocol [ 1106.359990][ C0] cdc_wdm 4-1:1.0: unknown notification 110 received: index 65336 len 25860 [ 1106.422224][ T6129] netlink: 8 bytes leftover after parsing attributes in process `syz.2.14971'. [ 1106.584123][ T5847] usb 4-1: USB disconnect, device number 5 [ 1108.634592][ T6183] netlink: 136784 bytes leftover after parsing attributes in process `syz.2.14996'. [ 1108.666757][ T6183] netlink: zone id is out of range [ 1108.674137][ T6183] netlink: zone id is out of range [ 1108.679321][ T6183] netlink: zone id is out of range [ 1108.718755][ T6183] netlink: zone id is out of range [ 1108.742431][ T6187] netem: incorrect gi model size [ 1108.748577][ T6183] netlink: zone id is out of range [ 1108.748646][ T6187] netem: change failed [ 1108.782951][ T6183] netlink: zone id is out of range [ 1108.788231][ T6183] netlink: zone id is out of range [ 1108.823142][ T6183] netlink: zone id is out of range [ 1108.828351][ T6183] netlink: zone id is out of range [ 1108.855579][ T6183] netlink: zone id is out of range [ 1110.109393][ T6230] netlink: 4 bytes leftover after parsing attributes in process `syz.3.15019'. [ 1111.543622][ T6273] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15037'. [ 1114.091755][ T6113] net_ratelimit: 4052 callbacks suppressed [ 1114.091781][ T6113] Set syz1 is full, maxelem 65536 reached [ 1115.832109][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1115.838590][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1115.882628][ T43] usb 2-1: new low-speed USB device number 121 using dummy_hcd [ 1116.045891][ T43] usb 2-1: config 129 has an invalid interface number: 99 but max is 0 [ 1116.065398][ T43] usb 2-1: config 129 has an invalid interface number: 3 but max is 0 [ 1116.082644][ T43] usb 2-1: config 129 has 2 interfaces, different from the descriptor's value: 1 [ 1116.096185][ T43] usb 2-1: config 129 has no interface number 0 [ 1116.102768][ T43] usb 2-1: config 129 has no interface number 1 [ 1116.109801][ T43] usb 2-1: config 129 interface 99 altsetting 76 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1116.124118][ T43] usb 2-1: too many endpoints for config 129 interface 3 altsetting 0: 81, using maximum allowed: 30 [ 1116.135541][ T43] usb 2-1: config 129 interface 3 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 81 [ 1116.150793][ T43] usb 2-1: config 129 interface 99 has no altsetting 0 [ 1116.162631][ T43] usb 2-1: string descriptor 0 read error: -22 [ 1116.169012][ T43] usb 2-1: New USB device found, idVendor=07b8, idProduct=200c, bcdDevice=4c.00 [ 1116.178828][ T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1116.605583][ T43] pegasus 2-1:129.99: probe with driver pegasus failed with error -71 [ 1116.620971][ T43] pegasus 2-1:129.3: probe with driver pegasus failed with error -71 [ 1116.637958][ T43] usb 2-1: USB disconnect, device number 121 [ 1117.633358][ T5847] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 1117.794557][ T5847] usb 4-1: config index 0 descriptor too short (expected 23569, got 27) [ 1117.812873][ T5847] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1117.850787][ T5847] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 1117.886125][ T5847] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 1117.903188][ T5847] usb 4-1: Manufacturer: syz [ 1117.910813][ T5847] usb 4-1: config 0 descriptor?? [ 1118.025471][ T5847] rc_core: IR keymap rc-hauppauge not found [ 1118.031457][ T5847] Registered IR keymap rc-empty [ 1118.045042][ T5847] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 1118.085208][ T5847] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input106 [ 1118.384055][ T6414] rc rc0: two consecutive events of type space [ 1118.588069][ T43] usb 4-1: USB disconnect, device number 6 [ 1119.930424][ T6463] Attempt to restore checkpoint with obsolete wellknown handles [ 1120.791559][ T6488] block device autoloading is deprecated and will be removed. [ 1121.299388][ T6496] loop6: detected capacity change from 0 to 524287999 [ 1121.307288][ T6496] buffer_io_error: 13 callbacks suppressed [ 1121.307306][ T6496] Buffer I/O error on dev loop6, logical block 0, async page read [ 1121.341699][ T6496] Buffer I/O error on dev loop6, logical block 0, async page read [ 1121.362359][ T6496] Buffer I/O error on dev loop6, logical block 0, async page read [ 1121.389425][ T6496] Buffer I/O error on dev loop6, logical block 0, async page read [ 1121.421348][ T6496] Buffer I/O error on dev loop6, logical block 0, async page read [ 1121.431831][ T6496] Buffer I/O error on dev loop6, logical block 0, async page read [ 1121.460534][ T6496] Buffer I/O error on dev loop6, logical block 0, async page read [ 1121.482718][ T6496] Buffer I/O error on dev loop6, logical block 0, async page read [ 1121.512093][ T6496] ldm_validate_partition_table(): Disk read failed. [ 1121.532132][ T6496] Buffer I/O error on dev loop6, logical block 0, async page read [ 1121.563775][ T6496] Buffer I/O error on dev loop6, logical block 0, async page read [ 1121.573380][ T6496] Dev loop6: unable to read RDB block 0 [ 1121.590075][ T6496] loop6: unable to read partition table [ 1121.603971][ T6496] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 1121.645691][ T5217] ldm_validate_partition_table(): Disk read failed. [ 1121.670504][ T5217] Dev loop6: unable to read RDB block 0 [ 1121.693415][ T5217] loop6: unable to read partition table [ 1121.976765][ T6517] sg_write: data in/out 41084/1 bytes for SCSI command 0x1c-- guessing data in; [ 1121.976765][ T6517] program syz.4.15145 not setting count and/or reply_len properly [ 1122.536720][ T6531] netlink: 128 bytes leftover after parsing attributes in process `syz.1.15151'. [ 1122.559836][ T6531] netlink: 20 bytes leftover after parsing attributes in process `syz.1.15151'. [ 1124.289579][T21548] Bluetooth: hci3: SCO packet for unknown connection handle 200 [ 1124.324194][T21548] Bluetooth: hci3: unexpected event for opcode 0x0c22 [ 1125.172582][T23700] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 1125.341305][T23700] usb 3-1: Using ep0 maxpacket: 16 [ 1125.367436][T23700] usb 3-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15 [ 1125.378997][T23700] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1125.388732][T23700] usb 3-1: Product: syz [ 1125.394272][T23700] usb 3-1: Manufacturer: syz [ 1125.399034][T23700] usb 3-1: SerialNumber: syz [ 1125.417244][T23700] usb 3-1: config 0 descriptor?? [ 1125.444942][T23700] ssu100 3-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected [ 1125.542521][ T43] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 1125.723164][ T43] usb 4-1: Using ep0 maxpacket: 8 [ 1125.736319][ T43] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 1125.749761][ T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1125.777334][ T43] pvrusb2: Hardware description: Terratec Grabster AV400 [ 1125.798331][ T43] pvrusb2: ********** [ 1125.807156][ T43] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 1125.817834][ T43] pvrusb2: Important functionality might not be entirely working. [ 1125.827597][ T43] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 1125.840583][ T43] pvrusb2: ********** [ 1125.987398][ T2342] pvrusb2: Invalid write control endpoint [ 1126.110899][ T2342] pvrusb2: Invalid write control endpoint [ 1126.118903][ T2342] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 1126.131138][ T2342] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 1126.139710][ T2342] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 1126.160657][ T2342] pvrusb2: Device being rendered inoperable [ 1126.175747][ T2342] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 1126.201241][ T43] usb 4-1: USB disconnect, device number 7 [ 1126.204042][ T2342] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 1126.243099][ T2342] pvrusb2: Attached sub-driver cx25840 [ 1126.250716][T23700] ssu100 3-1:0.0: probe with driver ssu100 failed with error -71 [ 1126.271344][ T2342] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 1126.285651][T23700] usb 3-1: USB disconnect, device number 2 [ 1126.293501][ T2342] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 1126.992871][ T5847] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 1127.144515][ T5847] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1127.151230][ T5847] usb 4-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 1127.160475][ T5847] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1127.171775][ T5847] usb 4-1: config 0 descriptor?? [ 1127.919980][ T6667] netlink: 16 bytes leftover after parsing attributes in process `syz.1.15213'. [ 1127.994822][ T5847] video4linux radio48: keene_cmd_main failed (-71) [ 1128.001399][ T5847] radio-keene 4-1:0.0: V4L2 device registered as radio48 [ 1128.018658][ T5847] usb 4-1: USB disconnect, device number 8 [ 1128.854018][ T6700] tun0: tun_chr_ioctl cmd 1074025672 [ 1128.863803][ T6700] tun0: ignored: set checksum disabled [ 1129.792526][ T43] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 1129.962574][ T43] usb 3-1: Using ep0 maxpacket: 8 [ 1129.978160][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1130.002371][ T43] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1130.020707][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 1130.020726][ T30] audit: type=1400 audit(1753666831.981:3475): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3A202020202030206B420A4C617A79467265653A202020202020202020202020202030206B420A416E6F6E4875676550616765733A20202020202020202030206B420A53686D656D506D644D61707065643A202020202020202030206B420A46696C65506D644D61707065643A20202020202020202030206B420A5368617265645F48756765746C623A202020202020202030206B420A50 pid=6748 comm="syz.4.15250" [ 1130.023918][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1130.071963][ C1] vkms_vblank_simulate: vblank timer overrun [ 1130.191068][ T43] usb 3-1: config 0 descriptor?? [ 1130.412999][ T43] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 1130.611371][T23700] usb 3-1: USB disconnect, device number 3 [ 1130.952236][ T6779] netlink: 12 bytes leftover after parsing attributes in process `syz.3.15266'. [ 1131.552894][ T43] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 1131.574393][ T6792] netlink: 92 bytes leftover after parsing attributes in process `syz.1.15272'. [ 1131.610106][ T6792] netlink: 92 bytes leftover after parsing attributes in process `syz.1.15272'. [ 1131.713238][ T43] usb 3-1: Using ep0 maxpacket: 16 [ 1131.732449][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 1131.746706][ T43] usb 3-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 1131.759432][ T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1131.777531][ T43] usb 3-1: Product: syz [ 1131.781842][ T43] usb 3-1: Manufacturer: syz [ 1131.787516][ T43] usb 3-1: SerialNumber: syz [ 1131.803261][ T43] usb 3-1: config 0 descriptor?? [ 1131.815942][ T43] hub 3-1:0.0: bad descriptor, ignoring hub [ 1131.822076][ T43] hub 3-1:0.0: probe with driver hub failed with error -5 [ 1131.850006][ T43] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input107 [ 1132.423130][T23700] usb 3-1: USB disconnect, device number 4 [ 1132.663154][ T6806] netlink: 4 bytes leftover after parsing attributes in process `syz.3.15278'. [ 1133.358432][ T30] audit: type=1326 audit(1753666835.321:3476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.3.15291" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1133.392001][ T30] audit: type=1326 audit(1753666835.321:3477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.3.15291" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1133.449024][ T30] audit: type=1326 audit(1753666835.331:3478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.3.15291" exe="/root/syz-executor" sig=0 arch=40000003 syscall=10 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1133.490545][ T30] audit: type=1326 audit(1753666835.331:3479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.3.15291" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1133.531959][ T30] audit: type=1326 audit(1753666835.331:3480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.3.15291" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1134.448184][ T6872] netlink: 428 bytes leftover after parsing attributes in process `syz.3.15310'. [ 1134.492898][ T6872] netlink: 32 bytes leftover after parsing attributes in process `syz.3.15310'. [ 1135.640844][ T6924] netlink: 'syz.3.15337': attribute type 12 has an invalid length. [ 1135.657744][ T6924] netlink: 9472 bytes leftover after parsing attributes in process `syz.3.15337'. [ 1136.265142][ T6945] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 1137.361288][ T30] audit: type=1326 audit(1753666839.321:3481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6978 comm="syz.2.15361" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x0 [ 1137.470088][ T6983] loop6: detected capacity change from 0 to 524287999 [ 1138.317370][ T30] audit: type=1326 audit(1753666840.281:3482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7006 comm="syz.2.15374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1138.386902][ T30] audit: type=1326 audit(1753666840.281:3483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7006 comm="syz.2.15374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1138.463290][ T30] audit: type=1326 audit(1753666840.291:3484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7006 comm="syz.2.15374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1138.505894][ T30] audit: type=1326 audit(1753666840.291:3485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7006 comm="syz.2.15374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1138.587842][ T30] audit: type=1326 audit(1753666840.291:3486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7006 comm="syz.2.15374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1138.632331][ T30] audit: type=1326 audit(1753666840.291:3487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7006 comm="syz.2.15374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1138.678272][ T30] audit: type=1326 audit(1753666840.291:3488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7006 comm="syz.2.15374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1138.750588][ T30] audit: type=1326 audit(1753666840.291:3489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7006 comm="syz.2.15374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1138.818177][ T30] audit: type=1326 audit(1753666840.301:3490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7006 comm="syz.2.15374" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1138.897383][ T7019] binder: binder_mmap: 7018 80000000-80003000 bad vm_flags failed -1 [ 1140.567183][ T7066] netlink: 'syz.3.15401': attribute type 4 has an invalid length. [ 1141.535109][ T7099] CUSE: info not properly terminated [ 1141.580373][ T7103] netlink: 1072 bytes leftover after parsing attributes in process `syz.3.15417'. [ 1142.645249][ T7140] netlink: 96 bytes leftover after parsing attributes in process `syz.0.15435'. [ 1142.798994][ T7146] netlink: 44 bytes leftover after parsing attributes in process `syz.4.15436'. [ 1142.833154][ T7146] netlink: 43 bytes leftover after parsing attributes in process `syz.4.15436'. [ 1142.873852][ T7146] netlink: 'syz.4.15436': attribute type 5 has an invalid length. [ 1142.899561][ T7146] netlink: 43 bytes leftover after parsing attributes in process `syz.4.15436'. [ 1143.265680][ T7158] block device autoloading is deprecated and will be removed. [ 1143.982716][T22197] usb 2-1: new high-speed USB device number 122 using dummy_hcd [ 1144.147169][T22197] usb 2-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7 [ 1144.164427][T22197] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1144.181774][T22197] usb 2-1: Product: syz [ 1144.199177][T22197] usb 2-1: Manufacturer: syz [ 1144.209366][T22197] usb 2-1: SerialNumber: syz [ 1144.213076][ T5847] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 1144.230276][T22197] usb 2-1: config 0 descriptor?? [ 1144.378885][ T7190] loop6: detected capacity change from 0 to 524287999 [ 1144.387664][ T5847] usb 3-1: Using ep0 maxpacket: 16 [ 1144.399130][ T5847] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1144.437102][ T5847] usb 3-1: New USB device found, idVendor=0e8f, idProduct=0003, bcdDevice= 0.00 [ 1144.448547][ T5847] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1144.476694][ T5847] usb 3-1: config 0 descriptor?? [ 1144.884599][T22197] usb 2-1: f81604_read: reg: 105 failed: -EPROTO [ 1144.891088][T22197] f81604 2-1:0.0: Setting termination of CH#1 failed: -EPROTO [ 1144.931818][T22197] f81604 2-1:0.0: probe with driver f81604 failed with error -71 [ 1144.958769][ T5847] pantherlord 0003:0E8F:0003.00D5: unknown main item tag 0x0 [ 1144.982498][ T5847] pantherlord 0003:0E8F:0003.00D5: unknown main item tag 0x0 [ 1144.982693][T22197] usb 2-1: USB disconnect, device number 122 [ 1145.010160][ T5847] pantherlord 0003:0E8F:0003.00D5: report_id 0 is invalid [ 1145.036716][ T5847] pantherlord 0003:0E8F:0003.00D5: item 0 1 1 8 parsing failed [ 1145.068462][ T5847] pantherlord 0003:0E8F:0003.00D5: parse failed [ 1145.095968][ T5847] pantherlord 0003:0E8F:0003.00D5: probe with driver pantherlord failed with error -22 [ 1145.147661][ T5847] usb 3-1: USB disconnect, device number 5 [ 1146.109550][ T7218] netlink: 8 bytes leftover after parsing attributes in process `syz.1.15480'. [ 1146.218278][ T7220] loop6: detected capacity change from 0 to 524287999 [ 1146.922536][T22197] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 1147.082958][T22197] usb 3-1: Using ep0 maxpacket: 16 [ 1147.090546][T22197] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 1147.114560][T22197] usb 3-1: config 0 has no interface number 0 [ 1147.132597][T22197] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1147.157292][T22197] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1147.172574][T22197] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 1147.181690][T22197] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1147.208946][T22197] usb 3-1: config 0 descriptor?? [ 1147.639415][ T7243] vxcan1: entered allmulticast mode [ 1147.664838][ T7243] vxcan1: left allmulticast mode [ 1147.684798][ T7243] pim6reg: left allmulticast mode [ 1147.901216][T22197] uclogic 0003:28BD:0071.00D6: pen parameters not found [ 1147.920446][T22197] uclogic 0003:28BD:0071.00D6: interface is invalid, ignoring [ 1148.161565][T22197] usb 3-1: USB disconnect, device number 6 [ 1149.772218][ T7288] netlink: 4 bytes leftover after parsing attributes in process `syz.4.15499'. [ 1150.540340][ T7311] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 1150.546933][ T7311] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 1150.585322][ T7311] vhci_hcd vhci_hcd.0: Device attached [ 1150.838635][T22197] usb 35-1: new low-speed USB device number 2 using vhci_hcd [ 1150.852504][ T43] usb 2-1: new high-speed USB device number 123 using dummy_hcd [ 1151.023123][ T43] usb 2-1: Using ep0 maxpacket: 16 [ 1151.052857][ T43] usb 2-1: config 0 has no interfaces? [ 1151.082542][ T43] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 1151.130571][ T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1151.165620][ T43] usb 2-1: config 0 descriptor?? [ 1151.405129][ T7312] usb 35-1: recv xbuf, 0 [ 1151.411314][ T43] usb 2-1: USB disconnect, device number 123 [ 1151.421874][ T13] vhci_hcd: stop threads [ 1151.458419][ T13] vhci_hcd: release socket [ 1151.481776][ T13] vhci_hcd: disconnect device [ 1153.862792][T22197] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 1154.027893][T22197] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1154.038772][T22197] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1154.050699][T22197] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1154.060698][T22197] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1154.074605][T22197] usb 3-1: SerialNumber: syz [ 1154.308509][T22197] usb 3-1: 0:2 : does not exist [ 1154.337313][T22197] usb 3-1: USB disconnect, device number 7 [ 1154.386849][T25386] udevd[25386]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1154.932036][ T7425] netlink: 12 bytes leftover after parsing attributes in process `syz.1.15562'. [ 1155.428309][ T7441] netlink: 36 bytes leftover after parsing attributes in process `syz.3.15569'. [ 1155.529026][ T7445] loop8: detected capacity change from 0 to 7 [ 1155.539233][ T7445] Dev loop8: unable to read RDB block 7 [ 1155.547363][ T7445] loop8: unable to read partition table [ 1155.555858][ T7445] loop8: partition table beyond EOD, truncated [ 1155.562238][ T7445] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 1156.919066][ T7501] netlink: 16 bytes leftover after parsing attributes in process `syz.2.15597'. [ 1157.095511][ T7505] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 1159.898469][ T7573] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15623'. [ 1159.925929][ T7573] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15623'. [ 1159.982877][T22197] usb 2-1: new high-speed USB device number 124 using dummy_hcd [ 1160.152530][T22197] usb 2-1: Using ep0 maxpacket: 8 [ 1160.164982][T22197] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 1160.193816][T22197] usb 2-1: config 0 has an invalid interface number: 21 but max is 0 [ 1160.212225][T22197] usb 2-1: config 0 has no interface number 0 [ 1160.231785][T22197] usb 2-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1160.253775][T22197] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1160.271744][ T7582] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1160.281001][ T7582] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1160.290535][ T7582] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1160.299653][ T7582] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1160.315442][T22197] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 1160.329186][T22197] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 1160.339161][T22197] usb 2-1: New USB device strings: Mfr=31, Product=1, SerialNumber=0 [ 1160.347854][T22197] usb 2-1: Product: syz [ 1160.362324][T22197] usb 2-1: Manufacturer: syz [ 1160.378478][T22197] usb 2-1: config 0 descriptor?? [ 1160.403319][ T7572] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 1161.040500][ T7601] binder: 7600:7601 ioctl c0306201 0 returned -14 [ 1161.056106][T22197] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.21/input/input108 [ 1161.294122][T23700] usb 2-1: USB disconnect, device number 124 [ 1161.294201][ C1] keyspan_remote 2-1:0.21: keyspan_irq_recv - usb_submit_urb failed with result: -19 [ 1163.840739][ T7695] netlink: 48 bytes leftover after parsing attributes in process `syz.4.15680'. [ 1163.965714][ T7699] sg_write: data in/out 524252/17 bytes for SCSI command 0x1-- guessing data in; [ 1163.965714][ T7699] program syz.4.15681 not setting count and/or reply_len properly [ 1164.138033][ T7703] bridge: RTM_NEWNEIGH with unconfigured vlan 1 on bridge0 [ 1164.816859][ T7712] openvswitch: netlink: Multiple metadata blocks provided [ 1165.003509][ T30] kauditd_printk_skb: 1 callbacks suppressed [ 1165.003546][ T30] audit: type=1326 audit(1753666866.971:3492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.2.15689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1165.127722][ T30] audit: type=1326 audit(1753666866.971:3493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.2.15689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1165.192935][ T30] audit: type=1326 audit(1753666867.001:3494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.2.15689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1165.262990][ T30] audit: type=1326 audit(1753666867.001:3495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.2.15689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1165.343514][ T30] audit: type=1326 audit(1753666867.001:3496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.2.15689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1165.432151][ T7726] netlink: 64 bytes leftover after parsing attributes in process `syz.2.15694'. [ 1165.444777][ T30] audit: type=1326 audit(1753666867.001:3497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.2.15689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=304 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1165.512549][ T30] audit: type=1326 audit(1753666867.001:3498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.2.15689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1165.585692][ T30] audit: type=1326 audit(1753666867.001:3499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7715 comm="syz.2.15689" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be539 code=0x7ffc0000 [ 1165.874780][ T7738] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.15700'. [ 1166.036098][ T30] audit: type=1326 audit(1753666868.001:3500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.1.15704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 1166.073612][ T30] audit: type=1326 audit(1753666868.031:3501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7745 comm="syz.1.15704" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 1166.130656][ T13] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting [ 1166.154410][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1166.163819][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1167.617420][ T7775] kvm: kvm [7774]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010003) = 0x9 [ 1168.469948][ T7788] netlink: 79 bytes leftover after parsing attributes in process `syz.2.15721'. [ 1168.639533][ T7794] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15724'. [ 1169.006417][ T7810] vxcan1: tx drop: invalid sa for name 0x0000000000000001 [ 1169.210646][ T7814] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15733'. [ 1169.268504][ T7814] netlink: 104 bytes leftover after parsing attributes in process `syz.1.15733'. [ 1169.299012][ T7814] netlink: 104 bytes leftover after parsing attributes in process `syz.1.15733'. [ 1169.735851][ T7827] netlink: 732 bytes leftover after parsing attributes in process `syz.3.15739'. [ 1169.896170][ T7834] loop6: detected capacity change from 0 to 524287999 [ 1170.053813][T23700] usb 2-1: new high-speed USB device number 125 using dummy_hcd [ 1170.106369][ T7837] netlink: 'syz.0.15743': attribute type 6 has an invalid length. [ 1170.119616][ T7837] netlink: 20 bytes leftover after parsing attributes in process `syz.0.15743'. [ 1170.217188][ T7837] bond0: option use_carrier: invalid value (8) [ 1170.235300][T23700] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1170.252551][T23700] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 1170.278748][T23700] usb 2-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00 [ 1170.298770][ T7841] openvswitch: netlink: IP tunnel TTL not specified. [ 1170.322351][T23700] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1170.369607][T23700] usb 2-1: config 0 descriptor?? [ 1170.596886][ T7851] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15750'. [ 1170.613643][ T7851] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15750'. [ 1170.627185][ T7851] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15750'. [ 1170.637111][ T7851] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15750'. [ 1170.803493][ T30] kauditd_printk_skb: 7 callbacks suppressed [ 1170.803512][ T30] audit: type=1326 audit(1753666872.771:3509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.3.15754" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1170.833444][ T30] audit: type=1326 audit(1753666872.771:3510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.3.15754" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1170.872606][ T30] audit: type=1326 audit(1753666872.801:3511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.3.15754" exe="/root/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1170.901044][ T30] audit: type=1326 audit(1753666872.801:3512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.3.15754" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1170.974776][ T30] audit: type=1326 audit(1753666872.801:3513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7856 comm="syz.3.15754" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1171.014779][T23700] Bluetooth: Can't get version to change to load ram patch err [ 1171.022960][T23700] Bluetooth: Loading sysconfig file failed [ 1171.028837][T23700] ath3k 2-1:0.0: probe with driver ath3k failed with error -71 [ 1171.055661][T23700] usb 2-1: USB disconnect, device number 125 [ 1171.842688][T23700] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 1171.894813][ T7895] input: syz1 as /devices/virtual/input/input109 [ 1172.004999][T23700] usb 4-1: too many configurations: 9, using maximum allowed: 8 [ 1172.044489][T23700] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1172.066315][T23700] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1172.097796][T23700] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1172.119462][T23700] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1172.139313][T23700] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1172.161643][T23700] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1172.180646][T23700] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1172.193499][T23700] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1172.217718][T23700] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1172.243397][T23700] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1172.263046][T23700] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1172.288528][T23700] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1172.314706][T23700] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1172.333395][T23700] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1172.353894][ T7905] ip6tnl0: Caught tx_queue_len zero misconfig [ 1172.363394][T23700] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1172.383520][T23700] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1172.412687][T23700] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1172.453218][T23700] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1172.463133][T23700] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1172.483594][T23700] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1172.505473][T23700] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1172.525973][T23700] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1172.535523][T23700] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1172.549577][T23700] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1172.565441][T23700] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 1172.581979][T23700] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 1172.603178][T23700] usb 4-1: Product: syz [ 1172.610841][T23700] usb 4-1: Manufacturer: syz [ 1172.619640][T23700] usb 4-1: SerialNumber: syz [ 1172.639570][T23700] usb 4-1: config 0 descriptor?? [ 1172.656761][T23700] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0 [ 1172.721760][ T7918] binder: 7917:7918 ioctl 400c620e 80000000 returned -22 [ 1173.001325][ C0] usb 4-1: yurex_control_callback - control failed: -71 [ 1173.001859][T22197] usb 4-1: USB disconnect, device number 9 [ 1173.041811][T22197] yurex 4-1:0.0: USB YUREX #0 now disconnected [ 1173.422845][ T7937] tap0: tun_chr_ioctl cmd 1074025677 [ 1173.428442][ T7937] tap0: linktype set to 823 [ 1174.430569][ T7965] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15801'. [ 1174.455967][ T7965] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15801'. [ 1174.494404][ T7965] ip6gretap1: entered allmulticast mode [ 1177.023432][T22197] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 1177.185040][T22197] usb 4-1: Using ep0 maxpacket: 32 [ 1177.197595][T22197] usb 4-1: config 0 interface 0 has no altsetting 0 [ 1177.217309][T22197] usb 4-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 1177.234353][T22197] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1177.247198][T22197] usb 4-1: Product: syz [ 1177.251524][T22197] usb 4-1: Manufacturer: syz [ 1177.259059][T22197] usb 4-1: SerialNumber: syz [ 1177.268686][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.275365][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1177.276606][T22197] usb 4-1: config 0 descriptor?? [ 1177.344838][ T8058] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.15843'. [ 1177.721955][T22197] gs_usb 4-1:0.0: Configuring for 1 interfaces [ 1178.080222][ T8079] netlink: 8 bytes leftover after parsing attributes in process `syz.1.15853'. [ 1178.126118][T22197] gs_usb 4-1:0.0: Disabling termination support for channel 0 (-EPROTO) [ 1178.167900][ T8081] pimreg: tun_chr_ioctl cmd 1074025681 [ 1178.181206][T22197] usb 4-1: USB disconnect, device number 10 [ 1180.293966][ T8127] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 1180.751474][ T8129] bridge0: entered promiscuous mode [ 1180.762937][ T8129] macvlan4: entered promiscuous mode [ 1181.245631][ T8154] netlink: 'syz.1.15884': attribute type 3 has an invalid length. [ 1181.245657][ T8154] netlink: 8 bytes leftover after parsing attributes in process `syz.1.15884'. [ 1182.613662][ T8201] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1184.009124][ T8235] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15922'. [ 1184.263790][ T8241] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1184.273826][ T8241] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1184.282914][ T8241] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1184.291670][ T8241] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1184.435144][ T8243] loop9: detected capacity change from 0 to 8 [ 1184.456406][ T8243] Dev loop9: unable to read RDB block 8 [ 1184.462077][ T8243] loop9: unable to read partition table [ 1184.482768][ T8243] loop9: partition table beyond EOD, truncated [ 1184.502686][ T8243] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5) [ 1184.994630][T22197] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 1185.115954][ T30] audit: type=1326 audit(1753666887.081:3514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8256 comm="syz.1.15932" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf710e539 code=0x0 [ 1185.137555][ C1] vkms_vblank_simulate: vblank timer overrun [ 1185.150896][ T8259] gre0: Caught tx_queue_len zero misconfig [ 1185.187279][T22197] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1185.199148][T22197] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1185.214194][T22197] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1185.226243][T22197] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1185.236086][T22197] usb 4-1: SerialNumber: syz [ 1185.466598][T22197] usb 4-1: 0:2 : does not exist [ 1185.486165][T22197] usb 4-1: USB disconnect, device number 11 [ 1185.538735][T25386] udevd[25386]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1185.742713][T23700] usb 3-1: new full-speed USB device number 8 using dummy_hcd [ 1185.905664][T23700] usb 3-1: config 0 has an invalid interface number: 128 but max is 0 [ 1185.915120][T23700] usb 3-1: config 0 has no interface number 0 [ 1185.924497][T23700] usb 3-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 1185.952577][T23700] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1185.970396][T23700] usb 3-1: Product: syz [ 1185.976064][T23700] usb 3-1: Manufacturer: syz [ 1185.980717][T23700] usb 3-1: SerialNumber: syz [ 1186.027165][T23700] usb 3-1: config 0 descriptor?? [ 1186.438117][ T8285] sctp: [Deprecated]: syz.4.15945 (pid 8285) Use of int in max_burst socket option deprecated. [ 1186.438117][ T8285] Use struct sctp_assoc_value instead [ 1186.472937][T23700] usb 3-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (1) [ 1186.489144][T23700] usb 3-1: Firmware version (0.0) predates our first public release. [ 1186.498989][T23700] usb 3-1: Please update to version 0.2 or newer [ 1186.765550][T23700] usb 3-1: USB disconnect, device number 8 [ 1187.681254][ T8328] tun0: tun_chr_ioctl cmd 2147767521 [ 1187.881699][ T8335] loop6: detected capacity change from 0 to 524287487 [ 1187.913192][ T8335] buffer_io_error: 23 callbacks suppressed [ 1187.913209][ T8335] Buffer I/O error on dev loop6, logical block 0, async page read [ 1187.974165][ T8336] loop6: detected capacity change from 524287487 to 0 [ 1187.974181][ T8335] Buffer I/O error on dev loop6, logical block 0, async page read [ 1187.974342][ T8335] ldm_validate_partition_table(): Disk read failed. [ 1188.029334][ T8335] Dev loop6: unable to read RDB block 0 [ 1188.036870][ T8335] loop6: unable to read partition table [ 1188.082750][ T8335] loop6: partition table beyond EOD, truncated [ 1188.099297][ T8335] loop_reread_partitions: partition scan of loop6 (^L A;b@֔:Bw<gnf. -ӑ.i >^.dDd) failed (rc=-5) [ 1188.203859][T22197] usb 2-1: new high-speed USB device number 126 using dummy_hcd [ 1188.376084][T22197] usb 2-1: too many configurations: 9, using maximum allowed: 8 [ 1188.403987][T22197] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1188.427170][T22197] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1188.458944][T22197] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1188.471979][ T8353] netlink: 96 bytes leftover after parsing attributes in process `syz.0.15974'. [ 1188.483744][T22197] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1188.500125][ T8353] netlink: 96 bytes leftover after parsing attributes in process `syz.0.15974'. [ 1188.508970][T22197] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1188.542475][T22197] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1188.552240][T22197] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1188.587591][T22197] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1188.619444][T22197] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1188.634112][T22197] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1188.653899][T22197] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1188.672170][T22197] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1188.686436][T22197] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1188.704013][T22197] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1188.722853][T22197] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1188.737176][T22197] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1188.759801][T22197] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1188.801350][T22197] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1188.826934][T22197] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1188.842552][T22197] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1188.867917][T22197] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1188.877882][T22197] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1188.905471][T22197] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1188.938005][T22197] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1188.957516][T22197] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 1188.972597][T22197] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 1189.001448][ T8364] input: syz0 as /devices/virtual/input/input110 [ 1189.015507][T22197] usb 2-1: Product: syz [ 1189.019767][T22197] usb 2-1: Manufacturer: syz [ 1189.056588][T22197] usb 2-1: SerialNumber: syz [ 1189.079959][T22197] usb 2-1: config 0 descriptor?? [ 1189.113840][T22197] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0 [ 1189.341539][ T30] audit: type=1326 audit(1753666891.301:3515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8372 comm="syz.0.15983" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf711e539 code=0x0 [ 1189.389650][ C1] usb 2-1: yurex_control_callback - control failed: -71 [ 1189.390291][ T5847] usb 2-1: USB disconnect, device number 126 [ 1189.424450][ T5847] yurex 2-1:0.0: USB YUREX #0 now disconnected [ 1189.627623][ T8389] netdevsim netdevsim3: Direct firmware load for . [ 1189.627623][ T8389] failed with error -2 [ 1189.646978][ T8389] netdevsim netdevsim3: Falling back to sysfs fallback for: . [ 1189.646978][ T8389] [ 1189.663187][T23700] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 1189.833968][T23700] usb 3-1: too many configurations: 9, using maximum allowed: 8 [ 1189.850132][T23700] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1189.861243][T23700] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1189.874470][T23700] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1189.882544][T23700] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1189.891672][T23700] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1189.904891][T23700] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1189.913715][T23700] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1189.925129][T23700] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1189.937992][T23700] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1189.946628][T23700] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1189.956185][T23700] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1189.968257][T23700] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1189.977187][T23700] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1189.994160][T23700] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1190.001425][ T30] audit: type=1326 audit(1753666891.961:3516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8398 comm="syz.4.15994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93539 code=0x7ffc0000 [ 1190.005730][T23700] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1190.040460][T23700] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1190.050107][T23700] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1190.062281][T23700] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1190.071914][T23700] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1190.073722][ T30] audit: type=1326 audit(1753666891.961:3517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8398 comm="syz.4.15994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93539 code=0x7ffc0000 [ 1190.087259][T23700] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1190.103184][ C1] vkms_vblank_simulate: vblank timer overrun [ 1190.121822][ T30] audit: type=1326 audit(1753666892.001:3518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8398 comm="syz.4.15994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f93539 code=0x7ffc0000 [ 1190.162626][T23700] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1190.180840][T23700] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 1190.185578][ T30] audit: type=1326 audit(1753666892.001:3519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8398 comm="syz.4.15994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93539 code=0x7ffc0000 [ 1190.203291][T23700] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 1190.231661][ T30] audit: type=1326 audit(1753666892.001:3520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8398 comm="syz.4.15994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93539 code=0x7ffc0000 [ 1190.253802][ C1] vkms_vblank_simulate: vblank timer overrun [ 1190.271142][ T30] audit: type=1326 audit(1753666892.001:3521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8398 comm="syz.4.15994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7f93539 code=0x7ffc0000 [ 1190.275483][T23700] usb 3-1: config 0 interface 0 has no altsetting 0 [ 1190.301194][ T30] audit: type=1326 audit(1753666892.001:3522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8398 comm="syz.4.15994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93539 code=0x7ffc0000 [ 1190.337648][T23700] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 1190.342271][ T30] audit: type=1326 audit(1753666892.001:3523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8398 comm="syz.4.15994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93539 code=0x7ffc0000 [ 1190.366044][T23700] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 1190.369219][ C1] vkms_vblank_simulate: vblank timer overrun [ 1190.385390][ T8404] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15997'. [ 1190.400946][T23700] usb 3-1: Product: syz [ 1190.439865][T23700] usb 3-1: Manufacturer: syz [ 1190.481287][ T30] audit: type=1326 audit(1753666892.001:3524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8398 comm="syz.4.15994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=178 compat=1 ip=0xf7f93539 code=0x7ffc0000 [ 1190.482486][T23700] usb 3-1: SerialNumber: syz [ 1190.503440][ C1] vkms_vblank_simulate: vblank timer overrun [ 1190.573736][ T30] audit: type=1326 audit(1753666892.001:3525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8398 comm="syz.4.15994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f93539 code=0x7ffc0000 [ 1190.586014][T23700] usb 3-1: config 0 descriptor?? [ 1190.602083][ T8410] netlink: 'syz.4.15999': attribute type 6 has an invalid length. [ 1190.644770][T23700] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0 [ 1190.671589][ T30] audit: type=1326 audit(1753666892.001:3526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8398 comm="syz.4.15994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f93567 code=0x7ffc0000 [ 1190.715987][ T8413] netlink: 12 bytes leftover after parsing attributes in process `syz.0.16000'. [ 1190.752224][ T30] audit: type=1326 audit(1753666892.011:3527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8398 comm="syz.4.15994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93539 code=0x7ffc0000 [ 1190.831876][ T30] audit: type=1326 audit(1753666892.011:3528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8398 comm="syz.4.15994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93539 code=0x7ffc0000 [ 1190.854051][ C1] vkms_vblank_simulate: vblank timer overrun [ 1191.032060][ C0] usb 3-1: yurex_control_callback - control failed: -71 [ 1191.035097][T22197] usb 3-1: USB disconnect, device number 9 [ 1191.063626][T22197] yurex 3-1:0.0: USB YUREX #0 now disconnected [ 1191.580940][ T8450] netlink: 4 bytes leftover after parsing attributes in process `syz.4.16017'. [ 1191.942635][ T8465] netlink: 16 bytes leftover after parsing attributes in process `syz.1.16024'. [ 1192.523526][ T8483] xt_CT: No such helper "snmp" [ 1192.889530][ T8507] IPv6: NLM_F_CREATE should be specified when creating new route [ 1193.309249][ T8519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16049'. [ 1193.860457][ T8536] team0: Device gtp0 is of different type [ 1194.093448][ T8544] netlink: 12 bytes leftover after parsing attributes in process `syz.4.16060'. [ 1194.563517][ T43] usb 2-1: new full-speed USB device number 127 using dummy_hcd [ 1194.735888][ T43] usb 2-1: config 7 has an invalid interface number: 101 but max is 0 [ 1194.754187][ T43] usb 2-1: config 7 has no interface number 0 [ 1194.774406][ T43] usb 2-1: New USB device found, idVendor=0fd9, idProduct=002c, bcdDevice= 6.6b [ 1194.789844][ T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1194.799320][ T43] usb 2-1: Product: syz [ 1194.818512][ T43] usb 2-1: Manufacturer: syz [ 1194.838051][ T43] usb 2-1: SerialNumber: syz [ 1195.649711][ T43] as10x_usb: device has been detected [ 1195.678510][ T43] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT Deluxe) [ 1195.764220][ T43] usb 2-1: DVB: registering adapter 2 frontend 0 (Elgato EyeTV DTT Deluxe)... [ 1195.919467][ T43] as10x_usb: error during firmware upload part1 [ 1195.940306][ T43] Registered device Elgato EyeTV DTT Deluxe [ 1195.959524][ T30] audit: type=1800 audit(1753666897.921:3529): pid=8600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.16085" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0 [ 1195.992477][ T43] usb 2-1: USB disconnect, device number 127 [ 1196.091920][ T43] Unregistered device Elgato EyeTV DTT Deluxe [ 1196.098806][ T43] as10x_usb: device has been disconnected [ 1196.467805][ T8615] sctp: [Deprecated]: syz.2.16093 (pid 8615) Use of int in maxseg socket option. [ 1196.467805][ T8615] Use struct sctp_assoc_value instead [ 1197.132560][T23700] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 1197.303087][T23700] usb 2-1: Using ep0 maxpacket: 16 [ 1197.352557][T23700] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1197.373207][T23700] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1197.404831][T23700] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1197.424617][T23700] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1197.446884][T23700] usb 2-1: Product: syz [ 1197.451141][T23700] usb 2-1: Manufacturer: syz [ 1197.480357][T23700] usb 2-1: SerialNumber: syz [ 1197.931122][T23700] usb 2-1: 0:2 : does not exist [ 1197.995745][ T8664] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16116'. [ 1198.057816][ T8667] openvswitch: netlink: Geneve opt len 126 is not a multiple of 4. [ 1198.354749][T23700] usb 2-1: 5:0: failed to get current value for ch 0 (-22) [ 1198.442262][T23700] usb 2-1: USB disconnect, device number 2 [ 1198.533962][T25386] udevd[25386]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1198.574285][ T8678] netlink: 24 bytes leftover after parsing attributes in process `syz.2.16121'. [ 1199.213673][ T8692] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16129'. [ 1199.747886][ T8713] gretap0: entered promiscuous mode [ 1199.763741][ T8712] gretap0: left promiscuous mode [ 1201.402299][ T8767] netlink: 2124 bytes leftover after parsing attributes in process `syz.1.16161'. [ 1201.950663][ T8786] loop6: detected capacity change from 0 to 524287999 [ 1202.431424][ T8794] macvlan5: entered promiscuous mode [ 1203.053348][ T30] audit: type=1326 audit(1753666905.021:3530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8812 comm="syz.0.16182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1203.172990][ T30] audit: type=1326 audit(1753666905.041:3531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8812 comm="syz.0.16182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1203.256713][ T30] audit: type=1326 audit(1753666905.041:3532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8812 comm="syz.0.16182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=96 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1203.318531][ T30] audit: type=1326 audit(1753666905.051:3533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8812 comm="syz.0.16182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1203.410743][ T30] audit: type=1326 audit(1753666905.051:3534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8812 comm="syz.0.16182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000 [ 1203.432936][ C1] vkms_vblank_simulate: vblank timer overrun [ 1203.742543][ T43] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 1203.837992][ T8835] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap0 [ 1203.849850][ T8835] ip6gretap0: entered promiscuous mode [ 1203.886083][ T8835] ip6gretap0: left promiscuous mode [ 1203.911758][ T43] usb 3-1: Using ep0 maxpacket: 32 [ 1203.920699][ T43] usb 3-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7 [ 1203.946789][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1203.974148][ T43] usb 3-1: config 0 descriptor?? [ 1203.996340][ T43] gspca_main: sq930x-2.14.0 probing 041e:403c [ 1204.839608][ T8873] netlink: 'syz.3.16211': attribute type 21 has an invalid length. [ 1204.848210][ T8873] netlink: 156 bytes leftover after parsing attributes in process `syz.3.16211'. [ 1204.858015][ T43] gspca_sq930x: reg_w 0105 bf00 failed -71 [ 1204.867944][ T8873] netlink: 'syz.3.16211': attribute type 21 has an invalid length. [ 1204.877724][ T8873] netlink: 156 bytes leftover after parsing attributes in process `syz.3.16211'. [ 1204.922558][ T43] sq930x 3-1:0.0: probe with driver sq930x failed with error -71 [ 1204.953535][ T43] usb 3-1: USB disconnect, device number 10 [ 1206.312555][T23700] usb 2-1: new low-speed USB device number 3 using dummy_hcd [ 1206.486375][T23700] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 1206.502622][T23700] usb 2-1: config 0 has no interface number 0 [ 1206.508828][T23700] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 1206.539058][T23700] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 1206.551044][T23700] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1206.562178][T23700] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1206.574788][T23700] usb 2-1: config 0 descriptor?? [ 1206.580823][ T8903] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 1206.637808][T23700] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 1206.859141][ T43] usb 2-1: USB disconnect, device number 3 [ 1206.865267][ C1] iowarrior 2-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19 [ 1207.939834][ T8962] netlink: 40 bytes leftover after parsing attributes in process `syz.0.16248'. [ 1208.282019][ T8970] tun0: tun_chr_ioctl cmd 2148553947 [ 1208.952870][ T43] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 1209.142824][ T43] usb 2-1: Using ep0 maxpacket: 16 [ 1209.155538][ T43] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 1209.177575][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 1209.209425][ T43] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1209.240123][ T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1209.260365][ T43] usb 2-1: Product: syz [ 1209.270740][ T43] usb 2-1: Manufacturer: syz [ 1209.280681][ T43] usb 2-1: SerialNumber: syz [ 1209.302162][ T43] usb 2-1: config 0 descriptor?? [ 1209.346786][ T43] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1209.376802][ T43] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class) [ 1209.669094][ T9012] netlink: 8 bytes leftover after parsing attributes in process `syz.4.16272'. [ 1209.990368][ T43] em28xx 2-1:0.0: chip ID is em2874 [ 1210.017248][ T9024] ptrace attach of "./syz-executor exec"[9026] was attempted by "./syz-executor exec"[9024] [ 1210.262522][ T43] usb 2-1: USB disconnect, device number 4 [ 1210.280925][ T43] em28xx 2-1:0.0: Disconnecting em28xx [ 1210.297730][ T43] em28xx 2-1:0.0: Freeing device [ 1210.305124][ T9038] netlink: 32 bytes leftover after parsing attributes in process `syz.2.16283'. [ 1210.546318][ T9049] bridge0: port 1(bridge_slave_0) entered disabled state [ 1212.047429][ T9105] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0 [ 1212.588187][ T9127] netlink: 28 bytes leftover after parsing attributes in process `syz.1.16321'. [ 1213.193563][ T9146] netlink: 'syz.1.16331': attribute type 1 has an invalid length. [ 1213.222701][ T9146] netlink: 'syz.1.16331': attribute type 2 has an invalid length. [ 1213.839725][ T43] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 1214.003629][ T43] usb 2-1: Using ep0 maxpacket: 16 [ 1214.024976][ T43] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1214.058416][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1214.090552][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1214.110321][ T43] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 1214.130940][ T43] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1214.183597][ T43] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 1214.211293][ T43] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 1214.224611][ T43] usb 2-1: Manufacturer: syz [ 1214.245029][ T43] usb 2-1: config 0 descriptor?? [ 1214.593455][ T43] rc_core: IR keymap rc-hauppauge not found [ 1214.615678][ T43] Registered IR keymap rc-empty [ 1214.634481][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 1214.683925][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 1214.715477][ T43] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 1214.733720][ T43] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input112 [ 1214.750348][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 1214.772993][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 1214.812683][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 1214.840409][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 1214.872679][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 1214.887778][ T9208] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16357'. [ 1214.912606][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 1214.932884][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 1214.978613][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 1215.012712][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 1215.083534][ T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90 [ 1215.117507][ T43] mceusb 2-1:0.0: Registered with mce emulator interface version 1 [ 1215.136580][ T43] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 1215.175150][ T43] usb 2-1: USB disconnect, device number 5 [ 1216.433787][T23700] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 1216.593245][T23700] usb 2-1: Using ep0 maxpacket: 32 [ 1216.600858][T23700] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8 [ 1216.630392][T23700] usb 2-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00 [ 1216.647297][T23700] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1216.671634][T23700] usb 2-1: config 0 descriptor?? [ 1217.109826][T23700] elecom 0003:056E:00FE.00D7: item fetching failed at offset 2/5 [ 1217.203939][T23700] elecom 0003:056E:00FE.00D7: probe with driver elecom failed with error -22 [ 1217.340596][ T43] usb 2-1: USB disconnect, device number 6 [ 1217.385928][ T9295] netem: unknown loss type 0 [ 1217.391620][ T9295] netem: change failed [ 1218.455323][ T9326] tap0: tun_chr_ioctl cmd 1074025677 [ 1218.468788][ T9326] tap0: linktype set to 769 [ 1218.978445][ T9349] ALSA: mixer_oss: invalid OSS volume 'LIN$' [ 1219.087219][ T9354] ALSA: mixer_oss: invalid OSS volume 'A141=wVe]' [ 1219.116850][ T9354] ALSA: mixer_oss: invalid OSS volume 'ұB;T`@$EcXMYd,' [ 1219.151920][ T9354] ALSA: mixer_oss: invalid OSS volume 'b@h#' [ 1219.174058][ T9354] ALSA: mixer_oss: invalid OSS volume 'h4XS4v=0_>&' [ 1219.203241][ T9354] ALSA: mixer_oss: invalid OSS volume '|/"tj' [ 1219.209782][ T9354] ALSA: mixer_oss: invalid OSS volume '-z5c^J6$' [ 1219.242709][ T9354] ALSA: mixer_oss: invalid OSS volume '0Ty󉴪jP&at' [ 1219.251123][ T9354] ALSA: mixer_oss: invalid OSS volume '|~\' [ 1219.282332][ T9354] ALSA: mixer_oss: invalid OSS volume '@^3bɜ}G$#\("/oL' [ 1219.300843][ T9354] ALSA: mixer_oss: invalid OSS volume '' [ 1219.529775][ T9375] netlink: 12 bytes leftover after parsing attributes in process `syz.1.16434'. [ 1219.583305][ T9375] netlink: 12 bytes leftover after parsing attributes in process `syz.1.16434'. [ 1219.587194][ T30] audit: type=1804 audit(1753666921.551:3535): pid=9378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.16436" name="/newroot/1492/file0" dev="tmpfs" ino=7572 res=1 errno=0 [ 1219.614105][ C1] vkms_vblank_simulate: vblank timer overrun [ 1219.632502][ T9375] netlink: 58 bytes leftover after parsing attributes in process `syz.1.16434'. [ 1219.664320][ T30] audit: type=1804 audit(1753666921.591:3536): pid=9378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.16436" name="/newroot/1492/file0" dev="tmpfs" ino=7572 res=1 errno=0 [ 1219.882049][ T9388] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16441'. [ 1219.967119][ T9392] netlink: 'syz.0.16443': attribute type 46 has an invalid length. [ 1219.983069][ T9392] netlink: 212868 bytes leftover after parsing attributes in process `syz.0.16443'. [ 1220.359701][ T9404] pim6reg: entered allmulticast mode [ 1220.372107][ T9403] pim6reg: left allmulticast mode [ 1221.093901][ T9431] netlink: 136 bytes leftover after parsing attributes in process `syz.3.16461'. [ 1221.623908][ T9458] random: crng reseeded on system resumption [ 1223.485540][ T43] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 1223.659393][ T43] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 1223.667966][ T43] usb 3-1: config 0 has no interface number 0 [ 1223.688680][ T43] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b [ 1223.702915][ T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1223.730426][ T43] usb 3-1: Product: syz [ 1223.742580][ T43] usb 3-1: Manufacturer: syz [ 1223.747379][ T43] usb 3-1: SerialNumber: syz [ 1223.759793][ T43] usb 3-1: config 0 descriptor?? [ 1223.984897][ T43] usb 3-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state [ 1224.034199][ T43] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer [ 1224.059027][ T43] dvbdev: DVB: registering new adapter (E3C EC168 reference design) [ 1224.075826][ T30] audit: type=1326 audit(1753666926.041:3537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9535 comm="syz.1.16510" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 1224.097965][ C1] vkms_vblank_simulate: vblank timer overrun [ 1224.108387][ T43] usb 3-1: media controller created [ 1224.158524][ T43] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1224.170622][ T30] audit: type=1326 audit(1753666926.071:3538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9535 comm="syz.1.16510" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 1224.195138][ T30] audit: type=1326 audit(1753666926.081:3539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9535 comm="syz.1.16510" exe="/root/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 1224.217338][ C1] vkms_vblank_simulate: vblank timer overrun [ 1224.283435][ T30] audit: type=1326 audit(1753666926.081:3540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9535 comm="syz.1.16510" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 1224.307636][ T43] i2c i2c-2: ec100: i2c rd failed=-71 reg=33 [ 1224.342884][ T30] audit: type=1326 audit(1753666926.081:3541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9535 comm="syz.1.16510" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 1224.364995][ C1] vkms_vblank_simulate: vblank timer overrun [ 1224.432501][ T30] audit: type=1326 audit(1753666926.081:3542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9535 comm="syz.1.16510" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 1224.476488][ T43] usb 3-1: USB disconnect, device number 11 [ 1224.508861][ T30] audit: type=1326 audit(1753666926.081:3543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9535 comm="syz.1.16510" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 1224.531051][ C1] vkms_vblank_simulate: vblank timer overrun [ 1224.561088][ T9544] netlink: 'syz.0.16514': attribute type 1 has an invalid length. [ 1224.608119][ T30] audit: type=1326 audit(1753666926.081:3544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9535 comm="syz.1.16510" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 1224.676582][ T30] audit: type=1326 audit(1753666926.081:3545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9535 comm="syz.1.16510" exe="/root/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 1224.698705][ C1] vkms_vblank_simulate: vblank timer overrun [ 1224.739077][ T30] audit: type=1326 audit(1753666926.081:3546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9535 comm="syz.1.16510" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 1224.762176][ T30] audit: type=1326 audit(1753666926.081:3547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9535 comm="syz.1.16510" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000 [ 1224.784316][ C1] vkms_vblank_simulate: vblank timer overrun [ 1224.843473][ T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 1225.012560][ T9] usb 2-1: Using ep0 maxpacket: 32 [ 1225.020233][ T9] usb 2-1: config 0 has an invalid interface number: 51 but max is 0 [ 1225.037645][ T9] usb 2-1: config 0 has no interface number 0 [ 1225.058562][ T9] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 1225.070939][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1225.084764][ T9] usb 2-1: Product: syz [ 1225.089123][ T9] usb 2-1: Manufacturer: syz [ 1225.096408][ T9] usb 2-1: SerialNumber: syz [ 1225.108634][ T9] usb 2-1: config 0 descriptor?? [ 1225.120320][ T9562] gtp0: entered promiscuous mode [ 1225.121081][ T9] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 1225.144669][ T9562] gtp0: entered allmulticast mode [ 1225.368801][ T9] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 1225.414163][ T9] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 1225.824088][ C0] quatech-serial ttyUSB0: qt2_process_read_urb - status message too short [ 1225.852839][T22197] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 1226.022901][T22197] usb 3-1: Using ep0 maxpacket: 16 [ 1226.026180][ C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 1226.037112][ T9] usb 2-1: USB disconnect, device number 7 [ 1226.038315][T22197] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1226.083258][ T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 1226.088844][T22197] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1226.133956][T22197] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 1226.135391][ T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 1226.162819][T22197] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1226.175264][ T9] quatech2 2-1:0.51: device disconnected [ 1226.204659][T22197] usb 3-1: config 0 descriptor?? [ 1226.328636][ T9589] vimc link validate: Scaler:src:16x16 (0x33424752, 8, 0, 6, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0) [ 1226.684189][T22197] corsair 0003:1B1C:1B02.00D8: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.2-1/input0 [ 1226.754508][ T9603] netlink: 4 bytes leftover after parsing attributes in process `syz.4.16540'. [ 1227.121430][T22197] usb 3-1: USB disconnect, device number 12 [ 1227.268145][ T9614] batadv_slave_0: entered promiscuous mode [ 1227.298446][ T9614] batadv_slave_0: left promiscuous mode [ 1228.085160][ T9630] netdevsim netdevsim1 netdevsim0: entered promiscuous mode [ 1228.138676][ T9630] netdevsim netdevsim1 netdevsim0: left promiscuous mode [ 1228.323599][ T9638] bridge1: entered promiscuous mode [ 1228.328903][ T9638] bridge1: entered allmulticast mode [ 1229.136999][ T9671] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1229.145945][ T9671] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1229.155028][ T9671] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1229.164456][ T9671] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1230.283964][ T9704] sctp: [Deprecated]: syz.1.16586 (pid 9704) Use of int in maxseg socket option. [ 1230.283964][ T9704] Use struct sctp_assoc_value instead [ 1230.788301][ T9718] ip6gretap0: entered promiscuous mode [ 1231.032395][ T9729] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 1231.980712][ T30] audit: type=1326 audit(1753666933.941:3548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9762 comm="syz.3.16614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1232.043320][ T30] audit: type=1326 audit(1753666933.941:3549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9762 comm="syz.3.16614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1232.065587][ C1] vkms_vblank_simulate: vblank timer overrun [ 1232.099433][ T30] audit: type=1326 audit(1753666933.941:3550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9762 comm="syz.3.16614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1232.129543][ T30] audit: type=1326 audit(1753666933.951:3551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9762 comm="syz.3.16614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1232.151738][ C1] vkms_vblank_simulate: vblank timer overrun [ 1232.152481][ T5847] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 1232.167825][ T30] audit: type=1326 audit(1753666933.951:3552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9762 comm="syz.3.16614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1232.227274][ T30] audit: type=1326 audit(1753666933.951:3553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9762 comm="syz.3.16614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1232.249397][ C1] vkms_vblank_simulate: vblank timer overrun [ 1232.261036][ T30] audit: type=1326 audit(1753666933.951:3554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9762 comm="syz.3.16614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1232.283167][ C1] vkms_vblank_simulate: vblank timer overrun [ 1232.296081][ T30] audit: type=1326 audit(1753666933.951:3555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9762 comm="syz.3.16614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=364 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1232.318187][ C1] vkms_vblank_simulate: vblank timer overrun [ 1232.335210][ T30] audit: type=1326 audit(1753666933.951:3556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9762 comm="syz.3.16614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf709e539 code=0x7ffc0000 [ 1232.357552][ T5847] usb 2-1: Using ep0 maxpacket: 8 [ 1232.364057][ T5847] usb 2-1: config index 0 descriptor too short (expected 301, got 45) [ 1232.374015][ T5847] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1232.393034][T22197] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 1232.401336][ T5847] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1232.422202][ T5847] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1232.438482][ T5847] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1232.470241][ T5847] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1232.489345][ T5847] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1232.575454][T22197] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 1232.586823][T22197] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 1232.612499][T22197] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 1232.632020][T22197] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 1232.652735][T22197] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 1232.672200][T22197] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 1232.681921][T22197] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 1232.691033][T22197] usb 4-1: Product: syz [ 1232.695731][T22197] usb 4-1: Manufacturer: syz [ 1232.708959][T22197] cdc_wdm 4-1:1.0: skipping garbage [ 1232.731907][ T5847] usb 2-1: GET_CAPABILITIES returned 0 [ 1232.735339][T22197] cdc_wdm 4-1:1.0: skipping garbage [ 1232.738585][ T5847] usbtmc 2-1:16.0: can't read capabilities [ 1232.761481][T22197] cdc_wdm 4-1:1.0: cdc-wdm1: USB WDM device [ 1232.772839][T22197] cdc_wdm 4-1:1.0: Unknown control protocol [ 1232.966725][T22197] usb 4-1: USB disconnect, device number 12 [ 1233.005358][ T43] usb 2-1: USB disconnect, device number 8 [ 1235.003821][ T9853] ALSA: mixer_oss: invalid OSS volume 'PHOfiЧaEEAKER' [ 1235.011414][ T9853] ALSA: mixer_oss: invalid OSS volume '' [ 1236.372708][ T30] audit: type=1326 audit(1753666938.331:3557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9897 comm="syz.2.16676" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70be539 code=0x0 [ 1236.447410][ T9905] netlink: 4 bytes leftover after parsing attributes in process `syz.4.16678'. [ 1237.939984][ T9947] netlink: 28 bytes leftover after parsing attributes in process `syz.1.16695'. [ 1238.532916][ T43] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 1238.708536][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 1238.721259][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 1238.732898][ T43] usb 2-1: Using ep0 maxpacket: 32 [ 1238.746424][ T43] usb 2-1: config 0 interface 0 has no altsetting 0 [ 1238.797022][ T43] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 1238.826084][ T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1238.852887][ T43] usb 2-1: Product: syz [ 1238.861649][ T43] usb 2-1: Manufacturer: syz [ 1238.877067][ T43] usb 2-1: SerialNumber: syz [ 1238.896408][ T43] usb 2-1: config 0 descriptor?? [ 1239.298838][ T9993] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1239.314723][ T43] gs_usb 2-1:0.0: Configuring for 1 interfaces [ 1239.343478][ T9993] bridge0: port 2(bridge_slave_1) entered disabled state [ 1239.717491][ T43] gs_usb 2-1:0.0: Disabling termination support for channel 0 (-EPROTO) [ 1239.737226][ T43] gs_usb 2-1:0.0: Couldn't get extended bit timing const for channel 0 (-EPROTO) [ 1239.747993][ T43] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -71 [ 1239.768142][ T43] usb 2-1: USB disconnect, device number 9 [ 1240.727204][T10044] netlink: 'syz.1.16740': attribute type 1 has an invalid length. [ 1241.697244][T10073] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16754'. [ 1242.093669][ T5847] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 1242.164913][T10089] netlink: 48 bytes leftover after parsing attributes in process `syz.3.16761'. [ 1242.257237][ T5847] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1242.278086][ T5847] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 1242.300084][ T5847] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1242.316661][ T5847] usb 2-1: config 0 descriptor?? [ 1242.343850][T10094] netlink: 'syz.0.16764': attribute type 15 has an invalid length. [ 1242.508924][T10098] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16765'. [ 1242.746153][ T5847] ath6kl: Unsupported hardware version: 0x0 [ 1242.764928][ T5847] ath6kl: Failed to init ath6kl core: -22 [ 1242.771913][ T5847] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -22 [ 1242.960230][T10118] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16774'. [ 1242.966224][ T5847] usb 2-1: USB disconnect, device number 10 [ 1242.969540][T10118] netlink: 228 bytes leftover after parsing attributes in process `syz.3.16774'. [ 1243.058774][T10121] netlink: 340 bytes leftover after parsing attributes in process `syz.3.16775'. [ 1243.198125][T10125] netlink: 44 bytes leftover after parsing attributes in process `syz.3.16777'. [ 1243.626737][T10142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16785'. [ 1243.645215][T10142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16785'. [ 1243.904904][T10154] [ 1243.907316][T10154] ===================================================== [ 1243.914280][T10154] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected [ 1243.921770][T10154] 6.16.0-syzkaller #0 Not tainted [ 1243.926819][T10154] ----------------------------------------------------- [ 1243.933780][T10154] syz.3.16790/10154 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: [ 1243.941612][T10154] ffffffff8de0c058 (tasklist_lock){.+.+}-{3:3}, at: send_sigio+0x101/0x370 [ 1243.950264][T10154] [ 1243.950264][T10154] and this task is already holding: [ 1243.957645][T10154] ffff8880212cf5a0 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x38/0x370 [ 1243.966282][T10154] which would create a new lock dependency: [ 1243.972197][T10154] (&f_owner->lock){....}-{3:3} -> (tasklist_lock){.+.+}-{3:3} [ 1243.979837][T10154] [ 1243.979837][T10154] but this new dependency connects a SOFTIRQ-irq-safe lock: [ 1243.989314][T10154] (&client->buffer_lock){..-.}-{3:3} [ 1243.989351][T10154] [ 1243.989351][T10154] ... which became SOFTIRQ-irq-safe at: [ 1244.002433][T10154] lock_acquire+0x120/0x360 [ 1244.007042][T10154] _raw_spin_lock+0x2e/0x40 [ 1244.011662][T10154] evdev_pass_values+0xb9/0xbd0 [ 1244.016610][T10154] evdev_events+0x1e6/0x340 [ 1244.021208][T10154] input_pass_values+0x285/0x890 [ 1244.026250][T10154] input_event_dispose+0x3e5/0x6b0 [ 1244.031465][T10154] input_inject_event+0x1fe/0x320 [ 1244.036630][T10154] kd_sound_helper+0x19f/0x210 [ 1244.041504][T10154] input_handler_for_each_handle+0xfe/0x1c0 [ 1244.047511][T10154] call_timer_fn+0x17e/0x5f0 [ 1244.052206][T10154] __run_timer_base+0x61a/0x860 [ 1244.057166][T10154] run_timer_softirq+0xb7/0x180 [ 1244.062125][T10154] handle_softirqs+0x286/0x870 [ 1244.066997][T10154] __irq_exit_rcu+0xca/0x1f0 [ 1244.071693][T10154] irq_exit_rcu+0x9/0x30 [ 1244.076037][T10154] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 1244.081771][T10154] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1244.087856][T10154] console_flush_all+0x7f7/0xc40 [ 1244.092902][T10154] console_unlock+0xc4/0x270 [ 1244.097632][T10154] vprintk_emit+0x5b7/0x7a0 [ 1244.102254][T10154] dev_vprintk_emit+0x337/0x3f0 [ 1244.107216][T10154] dev_printk_emit+0xe0/0x130 [ 1244.111999][T10154] _dev_info+0x10a/0x160 [ 1244.116345][T10154] usb_disconnect+0xdd/0x950 [ 1244.121050][T10154] hub_event+0x1cf5/0x4a20 [ 1244.125578][T10154] process_scheduled_works+0xae1/0x17b0 [ 1244.131234][T10154] worker_thread+0x8a0/0xda0 [ 1244.135945][T10154] kthread+0x711/0x8a0 [ 1244.140120][T10154] ret_from_fork+0x3fc/0x770 [ 1244.144814][T10154] ret_from_fork_asm+0x1a/0x30 [ 1244.149683][T10154] [ 1244.149683][T10154] to a SOFTIRQ-irq-unsafe lock: [ 1244.156715][T10154] (tasklist_lock){.+.+}-{3:3} [ 1244.156753][T10154] [ 1244.156753][T10154] ... which became SOFTIRQ-irq-unsafe at: [ 1244.169399][T10154] ... [ 1244.169410][T10154] lock_acquire+0x120/0x360 [ 1244.176593][T10154] _raw_read_lock+0x36/0x50 [ 1244.181193][T10154] __do_wait+0xde/0x740 [ 1244.185457][T10154] do_wait+0x1f8/0x520 [ 1244.189635][T10154] kernel_wait+0xab/0x170 [ 1244.194066][T10154] call_usermodehelper_exec_work+0xbe/0x230 [ 1244.200053][T10154] process_scheduled_works+0xae1/0x17b0 [ 1244.205695][T10154] worker_thread+0x8a0/0xda0 [ 1244.210382][T10154] kthread+0x711/0x8a0 [ 1244.214558][T10154] ret_from_fork+0x3fc/0x770 [ 1244.219252][T10154] ret_from_fork_asm+0x1a/0x30 [ 1244.224130][T10154] [ 1244.224130][T10154] other info that might help us debug this: [ 1244.224130][T10154] [ 1244.234379][T10154] Chain exists of: [ 1244.234379][T10154] &client->buffer_lock --> &f_owner->lock --> tasklist_lock [ 1244.234379][T10154] [ 1244.247726][T10154] Possible interrupt unsafe locking scenario: [ 1244.247726][T10154] [ 1244.256083][T10154] CPU0 CPU1 [ 1244.261458][T10154] ---- ---- [ 1244.266835][T10154] lock(tasklist_lock); [ 1244.271129][T10154] local_irq_disable(); [ 1244.277896][T10154] lock(&client->buffer_lock); [ 1244.285329][T10154] lock(&f_owner->lock); [ 1244.292217][T10154] [ 1244.295681][T10154] lock(&client->buffer_lock); [ 1244.300739][T10154] [ 1244.300739][T10154] *** DEADLOCK *** [ 1244.300739][T10154] [ 1244.308888][T10154] 5 locks held by syz.3.16790/10154: [ 1244.314182][T10154] #0: ffff888035238428 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90 [ 1244.323364][T10154] #1: ffff88805afc1660 (&type->i_mutex_dir_key#5){++++}-{4:4}, at: path_openat+0x8da/0x3830 [ 1244.333576][T10154] #2: ffffffff99b25ed0 (&fsnotify_mark_srcu){.+.?}-{0:0}, at: fsnotify+0x735/0x1a80 [ 1244.343089][T10154] #3: ffff8880772cf5b0 (&mark->lock){+.+.}-{3:3}, at: dnotify_handle_event+0x62/0x440 [ 1244.352801][T10154] #4: ffff8880212cf5a0 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x38/0x370 [ 1244.361887][T10154] [ 1244.361887][T10154] the dependencies between SOFTIRQ-irq-safe lock and the holding lock: [ 1244.372309][T10154] -> (&client->buffer_lock){..-.}-{3:3} { [ 1244.378266][T10154] IN-SOFTIRQ-W at: [ 1244.382439][T10154] lock_acquire+0x120/0x360 [ 1244.388966][T10154] _raw_spin_lock+0x2e/0x40 [ 1244.395478][T10154] evdev_pass_values+0xb9/0xbd0 [ 1244.402338][T10154] evdev_events+0x1e6/0x340 [ 1244.408848][T10154] input_pass_values+0x285/0x890 [ 1244.415805][T10154] input_event_dispose+0x3e5/0x6b0 [ 1244.422931][T10154] input_inject_event+0x1fe/0x320 [ 1244.429969][T10154] kd_sound_helper+0x19f/0x210 [ 1244.436743][T10154] input_handler_for_each_handle+0xfe/0x1c0 [ 1244.444648][T10154] call_timer_fn+0x17e/0x5f0 [ 1244.451247][T10154] __run_timer_base+0x61a/0x860 [ 1244.458115][T10154] run_timer_softirq+0xb7/0x180 [ 1244.464983][T10154] handle_softirqs+0x286/0x870 [ 1244.471758][T10154] __irq_exit_rcu+0xca/0x1f0 [ 1244.478356][T10154] irq_exit_rcu+0x9/0x30 [ 1244.484608][T10154] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 1244.492246][T10154] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1244.500258][T10154] console_flush_all+0x7f7/0xc40 [ 1244.507230][T10154] console_unlock+0xc4/0x270 [ 1244.514004][T10154] vprintk_emit+0x5b7/0x7a0 [ 1244.520516][T10154] dev_vprintk_emit+0x337/0x3f0 [ 1244.527377][T10154] dev_printk_emit+0xe0/0x130 [ 1244.534069][T10154] _dev_info+0x10a/0x160 [ 1244.540325][T10154] usb_disconnect+0xdd/0x950 [ 1244.546923][T10154] hub_event+0x1cf5/0x4a20 [ 1244.553356][T10154] process_scheduled_works+0xae1/0x17b0 [ 1244.560910][T10154] worker_thread+0x8a0/0xda0 [ 1244.567514][T10154] kthread+0x711/0x8a0 [ 1244.573603][T10154] ret_from_fork+0x3fc/0x770 [ 1244.580223][T10154] ret_from_fork_asm+0x1a/0x30 [ 1244.587004][T10154] INITIAL USE at: [ 1244.591080][T10154] lock_acquire+0x120/0x360 [ 1244.597510][T10154] _raw_spin_lock+0x2e/0x40 [ 1244.603935][T10154] evdev_pass_values+0xb9/0xbd0 [ 1244.610801][T10154] evdev_events+0x1e6/0x340 [ 1244.617222][T10154] input_pass_values+0x285/0x890 [ 1244.624092][T10154] input_event_dispose+0x330/0x6b0 [ 1244.631126][T10154] input_inject_event+0x1fe/0x320 [ 1244.638075][T10154] evdev_write+0x2fc/0x480 [ 1244.644412][T10154] vfs_write+0x27b/0xa90 [ 1244.650581][T10154] ksys_write+0x145/0x250 [ 1244.656850][T10154] __do_fast_syscall_32+0xb6/0x2b0 [ 1244.663899][T10154] do_fast_syscall_32+0x34/0x80 [ 1244.670687][T10154] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1244.678957][T10154] } [ 1244.681642][T10154] ... key at: [] evdev_open.__key.25+0x0/0x20 [ 1244.689990][T10154] -> (&new->fa_lock){...-}-{3:3} { [ 1244.695229][T10154] IN-SOFTIRQ-R at: [ 1244.699309][T10154] lock_acquire+0x120/0x360 [ 1244.705652][T10154] _raw_read_lock_irqsave+0xaf/0x100 [ 1244.712781][T10154] kill_fasync+0x199/0x4d0 [ 1244.719047][T10154] sock_wake_async+0x137/0x160 [ 1244.725662][T10154] sock_def_readable+0x3bb/0x550 [ 1244.732442][T10154] __sock_queue_rcv_skb+0x6a5/0x9c0 [ 1244.739480][T10154] sock_queue_rcv_skb_reason+0x75/0xe0 [ 1244.746787][T10154] raw_rcv+0x74b/0x9d0 [ 1244.752688][T10154] raw_local_deliver+0x9ee/0xe90 [ 1244.759454][T10154] ip_protocol_deliver_rcu+0x46/0x440 [ 1244.766673][T10154] ip_local_deliver_finish+0x2fb/0x580 [ 1244.773971][T10154] NF_HOOK+0x30c/0x3a0 [ 1244.779886][T10154] NF_HOOK+0x30c/0x3a0 [ 1244.785791][T10154] __netif_receive_skb+0x143/0x380 [ 1244.792751][T10154] process_backlog+0x60e/0x14f0 [ 1244.799445][T10154] __napi_poll+0xc4/0x480 [ 1244.805621][T10154] net_rx_action+0x707/0xe30 [ 1244.812045][T10154] handle_softirqs+0x286/0x870 [ 1244.818645][T10154] do_softirq+0xec/0x180 [ 1244.824724][T10154] __local_bh_enable_ip+0x17d/0x1c0 [ 1244.831764][T10154] __dev_queue_xmit+0x1cd7/0x3a70 [ 1244.838620][T10154] ip_finish_output2+0xd03/0x1160 [ 1244.845480][T10154] ip_push_pending_frames+0xbe/0x150 [ 1244.852601][T10154] raw_sendmsg+0x143f/0x18b0 [ 1244.859139][T10154] __sock_sendmsg+0x19c/0x270 [ 1244.865675][T10154] __sys_sendto+0x3bd/0x520 [ 1244.872017][T10154] __ia32_sys_sendto+0xdd/0x100 [ 1244.878725][T10154] __do_fast_syscall_32+0xb6/0x2b0 [ 1244.885674][T10154] do_fast_syscall_32+0x34/0x80 [ 1244.892363][T10154] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1244.900545][T10154] INITIAL USE at: [ 1244.904541][T10154] lock_acquire+0x120/0x360 [ 1244.910803][T10154] _raw_write_lock_irq+0xa2/0xf0 [ 1244.917520][T10154] fasync_remove_entry+0xf1/0x1c0 [ 1244.924294][T10154] pipe_fasync+0xff/0x1e0 [ 1244.930375][T10154] __fput+0x89f/0xa70 [ 1244.936100][T10154] task_work_run+0x1d4/0x260 [ 1244.942446][T10154] exit_to_user_mode_loop+0xec/0x110 [ 1244.949479][T10154] __do_fast_syscall_32+0x1f4/0x2b0 [ 1244.956434][T10154] do_fast_syscall_32+0x34/0x80 [ 1244.963043][T10154] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1244.971125][T10154] INITIAL READ USE at: [ 1244.975572][T10154] lock_acquire+0x120/0x360 [ 1244.982257][T10154] _raw_read_lock_irqsave+0xaf/0x100 [ 1244.989727][T10154] kill_fasync+0x199/0x4d0 [ 1244.996333][T10154] sock_wake_async+0x137/0x160 [ 1245.003290][T10154] sock_def_readable+0x3bb/0x550 [ 1245.010410][T10154] __sock_queue_rcv_skb+0x6a5/0x9c0 [ 1245.017796][T10154] sock_queue_rcv_skb_reason+0x75/0xe0 [ 1245.025446][T10154] raw_rcv+0x74b/0x9d0 [ 1245.031698][T10154] raw_local_deliver+0x9ee/0xe90 [ 1245.038814][T10154] ip_protocol_deliver_rcu+0x46/0x440 [ 1245.046373][T10154] ip_local_deliver_finish+0x2fb/0x580 [ 1245.054017][T10154] NF_HOOK+0x30c/0x3a0 [ 1245.060284][T10154] NF_HOOK+0x30c/0x3a0 [ 1245.066561][T10154] __netif_receive_skb+0x143/0x380 [ 1245.073908][T10154] process_backlog+0x60e/0x14f0 [ 1245.080950][T10154] __napi_poll+0xc4/0x480 [ 1245.087469][T10154] net_rx_action+0x707/0xe30 [ 1245.094247][T10154] handle_softirqs+0x286/0x870 [ 1245.101199][T10154] do_softirq+0xec/0x180 [ 1245.107630][T10154] __local_bh_enable_ip+0x17d/0x1c0 [ 1245.115020][T10154] __dev_queue_xmit+0x1cd7/0x3a70 [ 1245.122322][T10154] ip_finish_output2+0xd03/0x1160 [ 1245.129544][T10154] ip_push_pending_frames+0xbe/0x150 [ 1245.137021][T10154] raw_sendmsg+0x143f/0x18b0 [ 1245.143791][T10154] __sock_sendmsg+0x19c/0x270 [ 1245.150651][T10154] __sys_sendto+0x3bd/0x520 [ 1245.157350][T10154] __ia32_sys_sendto+0xdd/0x100 [ 1245.164393][T10154] __do_fast_syscall_32+0xb6/0x2b0 [ 1245.171696][T10154] do_fast_syscall_32+0x34/0x80 [ 1245.178755][T10154] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1245.187273][T10154] } [ 1245.189865][T10154] ... key at: [] fasync_insert_entry.__key+0x0/0x20 [ 1245.198636][T10154] ... acquired at: [ 1245.202535][T10154] lock_acquire+0x120/0x360 [ 1245.207221][T10154] _raw_read_lock_irqsave+0xaf/0x100 [ 1245.212699][T10154] kill_fasync+0x199/0x4d0 [ 1245.217361][T10154] evdev_pass_values+0x627/0xbd0 [ 1245.222484][T10154] evdev_events+0x1e6/0x340 [ 1245.227169][T10154] input_pass_values+0x285/0x890 [ 1245.232293][T10154] input_event_dispose+0x330/0x6b0 [ 1245.237588][T10154] input_inject_event+0x1fe/0x320 [ 1245.242803][T10154] evdev_write+0x2fc/0x480 [ 1245.247401][T10154] vfs_write+0x27b/0xa90 [ 1245.251859][T10154] ksys_write+0x145/0x250 [ 1245.256400][T10154] __do_fast_syscall_32+0xb6/0x2b0 [ 1245.261715][T10154] do_fast_syscall_32+0x34/0x80 [ 1245.266761][T10154] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1245.273295][T10154] [ 1245.275641][T10154] -> (&f_owner->lock){....}-{3:3} { [ 1245.280885][T10154] INITIAL USE at: [ 1245.284878][T10154] lock_acquire+0x120/0x360 [ 1245.290981][T10154] _raw_write_lock_irq+0xa2/0xf0 [ 1245.297543][T10154] __f_setown+0x67/0x370 [ 1245.303377][T10154] do_fcntl+0x15ff/0x1910 [ 1245.309366][T10154] do_compat_fcntl64+0x477/0x720 [ 1245.315931][T10154] __do_fast_syscall_32+0xb6/0x2b0 [ 1245.322638][T10154] do_fast_syscall_32+0x34/0x80 [ 1245.329075][T10154] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1245.336981][T10154] INITIAL READ USE at: [ 1245.341319][T10154] lock_acquire+0x120/0x360 [ 1245.347826][T10154] _raw_read_lock_irq+0xaa/0xf0 [ 1245.354696][T10154] do_fcntl+0x812/0x1910 [ 1245.360965][T10154] do_compat_fcntl64+0x477/0x720 [ 1245.367917][T10154] __do_fast_syscall_32+0xb6/0x2b0 [ 1245.375061][T10154] do_fast_syscall_32+0x34/0x80 [ 1245.381926][T10154] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1245.390264][T10154] } [ 1245.392772][T10154] ... key at: [] file_f_owner_allocate.__key+0x0/0x20 [ 1245.401716][T10154] ... acquired at: [ 1245.405526][T10154] lock_acquire+0x120/0x360 [ 1245.410211][T10154] _raw_read_lock_irqsave+0xaf/0x100 [ 1245.415681][T10154] send_sigio+0x38/0x370 [ 1245.420119][T10154] kill_fasync+0x24d/0x4d0 [ 1245.424721][T10154] lease_break_callback+0x26/0x30 [ 1245.429930][T10154] __break_lease+0x6a2/0x1620 [ 1245.434792][T10154] do_dentry_open+0xd62/0x1970 [ 1245.439740][T10154] vfs_open+0x3b/0x340 [ 1245.443990][T10154] path_openat+0x2ee5/0x3830 [ 1245.448763][T10154] do_filp_open+0x1fa/0x410 [ 1245.453454][T10154] do_sys_openat2+0x121/0x1c0 [ 1245.458314][T10154] __ia32_compat_sys_open+0x117/0x140 [ 1245.463876][T10154] __do_fast_syscall_32+0xb6/0x2b0 [ 1245.469174][T10154] do_fast_syscall_32+0x34/0x80 [ 1245.474209][T10154] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1245.480720][T10154] [ 1245.483049][T10154] [ 1245.483049][T10154] the dependencies between the lock to be acquired [ 1245.483060][T10154] and SOFTIRQ-irq-unsafe lock: [ 1245.496611][T10154] -> (tasklist_lock){.+.+}-{3:3} { [ 1245.501759][T10154] HARDIRQ-ON-R at: [ 1245.505745][T10154] lock_acquire+0x120/0x360 [ 1245.511914][T10154] _raw_read_lock+0x36/0x50 [ 1245.518084][T10154] __do_wait+0xde/0x740 [ 1245.523915][T10154] do_wait+0x1f8/0x520 [ 1245.529674][T10154] kernel_wait+0xab/0x170 [ 1245.535676][T10154] call_usermodehelper_exec_work+0xbe/0x230 [ 1245.543232][T10154] process_scheduled_works+0xae1/0x17b0 [ 1245.550443][T10154] worker_thread+0x8a0/0xda0 [ 1245.556695][T10154] kthread+0x711/0x8a0 [ 1245.562438][T10154] ret_from_fork+0x3fc/0x770 [ 1245.568700][T10154] ret_from_fork_asm+0x1a/0x30 [ 1245.575129][T10154] SOFTIRQ-ON-R at: [ 1245.579119][T10154] lock_acquire+0x120/0x360 [ 1245.585280][T10154] _raw_read_lock+0x36/0x50 [ 1245.591454][T10154] __do_wait+0xde/0x740 [ 1245.597274][T10154] do_wait+0x1f8/0x520 [ 1245.603009][T10154] kernel_wait+0xab/0x170 [ 1245.609005][T10154] call_usermodehelper_exec_work+0xbe/0x230 [ 1245.616560][T10154] process_scheduled_works+0xae1/0x17b0 [ 1245.623774][T10154] worker_thread+0x8a0/0xda0 [ 1245.630030][T10154] kthread+0x711/0x8a0 [ 1245.635763][T10154] ret_from_fork+0x3fc/0x770 [ 1245.642008][T10154] ret_from_fork_asm+0x1a/0x30 [ 1245.648456][T10154] INITIAL USE at: [ 1245.652365][T10154] lock_acquire+0x120/0x360 [ 1245.658457][T10154] _raw_write_lock_irq+0xa2/0xf0 [ 1245.664966][T10154] copy_process+0x21d5/0x3b80 [ 1245.671220][T10154] kernel_clone+0x21e/0x870 [ 1245.677298][T10154] user_mode_thread+0xdd/0x140 [ 1245.683639][T10154] rest_init+0x23/0x300 [ 1245.689388][T10154] start_kernel+0x47d/0x500 [ 1245.695518][T10154] x86_64_start_reservations+0x24/0x30 [ 1245.702550][T10154] x86_64_start_kernel+0x143/0x1c0 [ 1245.709232][T10154] common_startup_64+0x13e/0x147 [ 1245.715752][T10154] INITIAL READ USE at: [ 1245.720093][T10154] lock_acquire+0x120/0x360 [ 1245.726620][T10154] _raw_read_lock+0x36/0x50 [ 1245.733140][T10154] __do_wait+0xde/0x740 [ 1245.739320][T10154] do_wait+0x1f8/0x520 [ 1245.745405][T10154] kernel_wait+0xab/0x170 [ 1245.751745][T10154] call_usermodehelper_exec_work+0xbe/0x230 [ 1245.759643][T10154] process_scheduled_works+0xae1/0x17b0 [ 1245.767219][T10154] worker_thread+0x8a0/0xda0 [ 1245.773821][T10154] kthread+0x711/0x8a0 [ 1245.779901][T10154] ret_from_fork+0x3fc/0x770 [ 1245.786511][T10154] ret_from_fork_asm+0x1a/0x30 [ 1245.793379][T10154] } [ 1245.795885][T10154] ... key at: [] tasklist_lock+0x18/0x40 [ 1245.803616][T10154] ... acquired at: [ 1245.807426][T10154] lock_acquire+0x120/0x360 [ 1245.812121][T10154] _raw_read_lock+0x36/0x50 [ 1245.816810][T10154] send_sigio+0x101/0x370 [ 1245.821343][T10154] dnotify_handle_event+0x169/0x440 [ 1245.826822][T10154] fsnotify+0x1814/0x1a80 [ 1245.831342][T10154] path_openat+0x171e/0x3830 [ 1245.836219][T10154] do_filp_open+0x1fa/0x410 [ 1245.840908][T10154] do_sys_openat2+0x121/0x1c0 [ 1245.845770][T10154] __ia32_compat_sys_openat+0x131/0x160 [ 1245.851499][T10154] __do_fast_syscall_32+0xb6/0x2b0 [ 1245.856800][T10154] do_fast_syscall_32+0x34/0x80 [ 1245.861833][T10154] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1245.868353][T10154] [ 1245.870704][T10154] [ 1245.870704][T10154] stack backtrace: [ 1245.876599][T10154] CPU: 1 UID: 0 PID: 10154 Comm: syz.3.16790 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) [ 1245.876621][T10154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1245.876632][T10154] Call Trace: [ 1245.876641][T10154] [ 1245.876649][T10154] dump_stack_lvl+0x189/0x250 [ 1245.876673][T10154] ? __pfx_dump_stack_lvl+0x10/0x10 [ 1245.876693][T10154] ? __pfx__printk+0x10/0x10 [ 1245.876720][T10154] validate_chain+0x1f05/0x2140 [ 1245.876750][T10154] __lock_acquire+0xab9/0xd20 [ 1245.876770][T10154] ? send_sigio+0x101/0x370 [ 1245.876787][T10154] lock_acquire+0x120/0x360 [ 1245.876803][T10154] ? send_sigio+0x101/0x370 [ 1245.876822][T10154] ? __pfx__raw_read_lock_irqsave+0x10/0x10 [ 1245.876839][T10154] ? dnotify_handle_event+0x62/0x440 [ 1245.876858][T10154] _raw_read_lock+0x36/0x50 [ 1245.876872][T10154] ? send_sigio+0x101/0x370 [ 1245.876889][T10154] send_sigio+0x101/0x370 [ 1245.876908][T10154] dnotify_handle_event+0x169/0x440 [ 1245.876929][T10154] fsnotify+0x1814/0x1a80 [ 1245.876959][T10154] ? fsnotify+0x735/0x1a80 [ 1245.876981][T10154] ? __pfx_fsnotify+0x10/0x10 [ 1245.877005][T10154] ? _raw_spin_unlock+0x28/0x50 [ 1245.877023][T10154] path_openat+0x171e/0x3830 [ 1245.877042][T10154] ? arch_stack_walk+0xfc/0x150 [ 1245.877076][T10154] ? __pfx_path_openat+0x10/0x10 [ 1245.877095][T10154] ? do_fast_syscall_32+0x34/0x80 [ 1245.877122][T10154] do_filp_open+0x1fa/0x410 [ 1245.877142][T10154] ? __lock_acquire+0xab9/0xd20 [ 1245.877159][T10154] ? __pfx_do_filp_open+0x10/0x10 [ 1245.877187][T10154] ? _raw_spin_unlock+0x28/0x50 [ 1245.877212][T10154] ? alloc_fd+0x64c/0x6c0 [ 1245.877240][T10154] do_sys_openat2+0x121/0x1c0 [ 1245.877259][T10154] ? __pfx_do_sys_openat2+0x10/0x10 [ 1245.877280][T10154] ? rcu_is_watching+0x15/0xb0 [ 1245.877302][T10154] __ia32_compat_sys_openat+0x131/0x160 [ 1245.877323][T10154] __do_fast_syscall_32+0xb6/0x2b0 [ 1245.877346][T10154] do_fast_syscall_32+0x34/0x80 [ 1245.877370][T10154] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1245.877392][T10154] RIP: 0023:0xf709e539 [ 1245.877408][T10154] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 1245.877423][T10154] RSP: 002b:00000000f508e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000127 [ 1245.877442][T10154] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000940 [ 1245.877454][T10154] RDX: 00000000000026e1 RSI: 0000000000000000 RDI: 0000000000000000 [ 1245.877465][T10154] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1245.877474][T10154] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1245.877485][T10154] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1245.877501][T10154] [ 1246.144048][ C1] vkms_vblank_simulate: vblank timer overrun