last executing test programs: 2.269669898s ago: executing program 1 (id=1913): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0x4533, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180), &(0x7f0000000340)) io_uring_enter(r3, 0x2ded, 0xee43, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000140)=""/109, 0x6d) 1.389822778s ago: executing program 1 (id=1923): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138518a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a8ac72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f86162dc6a468b25c0fc89beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dc00a6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) mq_timedreceive(0xffffffffffffffff, 0x0, 0x0, 0xa176, &(0x7f0000000180)) 1.389621067s ago: executing program 1 (id=1924): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_SET_CLOCK(r4, 0x4188aec6, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x95d}) 1.029779026s ago: executing program 3 (id=1927): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0) sendmsg$NL80211_CMD_NEW_MPATH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000fbdbdf251700000008000300", @ANYRES32], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004000) 1.029571636s ago: executing program 0 (id=1928): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r1, 0x0) listen(0xffffffffffffffff, 0x220c) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r3, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f00000001c0)=0x8, 0x4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r6, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r7, 0x0) listen(r0, 0x0) r8 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r8, &(0x7f0000000040)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0637bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1) 969.905836ms ago: executing program 3 (id=1929): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000080)) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64"], 0x3c}}, 0x40000) r1 = socket(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000680)=@newqdisc={0x38, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0xd, 0x800}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=@newtfilter={0x24, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xc}, {0x6}, {0xfff1, 0x3d}}}, 0x24}, 0x1, 0x0, 0x0, 0x4004c885}, 0x0) 969.544602ms ago: executing program 0 (id=1930): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61127900000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf05000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), r1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0) 969.399381ms ago: executing program 3 (id=1931): ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1}) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000300)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r2], 0x4c}}, 0x0) 919.520545ms ago: executing program 0 (id=1932): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0x4533, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180), &(0x7f0000000340)) io_uring_enter(r3, 0x2ded, 0xee43, 0x0, 0x0, 0x0) read(r0, &(0x7f0000000140)=""/109, 0x6d) 919.163142ms ago: executing program 3 (id=1933): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r2 = socket$inet(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r3, 0x1, 0x80, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x14) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000020002001c0012800c0001006d616376", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r6], 0x4c}}, 0x4000) 918.946189ms ago: executing program 3 (id=1934): bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x16, 0x0, 0x8, 0xfffe, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) r0 = socket$can_bcm(0x1d, 0x2, 0x2) bpf$MAP_CREATE(0x0, 0x0, 0x48) connect$can_bcm(r0, &(0x7f00000000c0), 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xbd) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) r2 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2b, 0x0, {0x0, 0x0, 0x74, r3, {0xfff2, 0x4}, {0x0, 0x4}, {0xfff2, 0x8}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x840) 829.469507ms ago: executing program 3 (id=1936): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10) setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000040), 0x4) sendmmsg$inet(r0, &(0x7f0000004840)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000005c0)="64f433c86de01f48c760e0b2a6d0", 0xe}], 0x1}}], 0x1, 0x8090) 449.991ms ago: executing program 2 (id=1949): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[], 0x24}}, 0x0) 449.795656ms ago: executing program 2 (id=1950): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61127900000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf05000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) r2 = syz_genetlink_get_family_id$nl80211(0x0, r1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0) 390.060977ms ago: executing program 1 (id=1951): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(0x0, r0) sendmsg$NL80211_CMD_NEW_MPATH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd7000fbdbdf251700000008000300", @ANYRES32=r1], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004000) 389.872667ms ago: executing program 2 (id=1952): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x80800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005e", 0x28}], 0x3}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbff}, 0xc) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) 389.622976ms ago: executing program 1 (id=1953): rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffed]}, 0x0, 0x8) r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040)={[0x9]}, 0x8, 0x80800) io_setup(0x1, 0x0) io_submit(0x0, 0x1, &(0x7f0000001d00)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}]) timer_create(0x3, 0x0, &(0x7f0000044000)) timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) 389.521099ms ago: executing program 2 (id=1954): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@allocspi={0xf8, 0x16, 0x1, 0x0, 0x0, {{{@in6=@mcast1, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x20}, {@in6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x25}}, 0x0, 0x33}, @in=@multicast2, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffef, 0x3}, {0x0, 0x0, 0x0, 0xfffffffffffffffe}, {0x4}, 0x4}, 0x2, 0x1a0b1}}, 0xf8}}, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013070000000000000000e0000001000000000000000000000000fc00"/62, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000072c42572f64a264410b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbc18c8582fc7800000000000000000000000050019000000000028001a"], 0x120}}, 0x0) 329.884507ms ago: executing program 1 (id=1955): getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000049c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=[@rights={{0x14, 0x1, 0x1, [r0]}}], 0x18, 0x20048000}}], 0x1, 0x0) recvmmsg(r0, &(0x7f0000007ec0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=""/239, 0xef}, 0x2}], 0x1, 0x2, 0x0) 329.586452ms ago: executing program 2 (id=1956): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdir(&(0x7f0000000400)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) symlinkat(&(0x7f0000000140)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffffff, &(0x7f0000000000)='./file0\x00') mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') link(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='./bus\x00') 329.315086ms ago: executing program 2 (id=1957): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(serpent)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="ad733642561534f14257b6c5820fae9d", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmsg$can_j1939(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000280)=""/91, 0x140}, {&(0x7f00000005c0)=""/237, 0xed}], 0x2}, 0x0) sendmmsg$alg(r1, &(0x7f000000dac0)=[{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000140)="42d26a08ee7dc3d9419a8324c20008ffafb26afd3e26a65693ba2ca42042d8439c411bec01e6b594fb39e9b7c3049c6ca072f6446229aa98", 0x38}], 0x1, &(0x7f0000000900)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x800}], 0x1, 0x40008040) 70.235524ms ago: executing program 0 (id=1958): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000001ec0)=[{{0x0, 0x0, &(0x7f0000000740)}, 0x10}], 0x1, 0x0, 0x0) sendmsg$can_raw(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@can={{0x4}, 0x3, 0x1, 0x0, 0x0, "16d9f196fdcb7060"}, 0x10}}, 0x40000) 70.057712ms ago: executing program 0 (id=1959): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[], 0x24}}, 0x0) 0s ago: executing program 0 (id=1960): r0 = fsopen(&(0x7f0000000040)='sysfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000e40), 0x8, 0x2) r4 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0) ioctl$int_in(r4, 0x5452, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r4, 0xc0045516, &(0x7f0000000000)=0xffb) fcntl$setstatus(r4, 0x4, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r5, 0x6, 0x10000000013, &(0x7f0000000100)=0x1, 0x47f) connect$inet(r5, &(0x7f00000000c0)={0x2, 0x4e21}, 0x10) setsockopt$inet_tcp_int(r5, 0x6, 0xa, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r5, 0x6, 0x1d, &(0x7f0000000080)={0xfffffffc, 0x8001, 0xfffe}, 0x14) shutdown(r5, 0x2) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 'syz0\x00', 0x0}) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) r6 = add_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r7 = openat$dlm_monitor(0xffffff9c, &(0x7f0000000280), 0x200001, 0x0) keyctl$KEYCTL_WATCH_KEY(0x20, r6, r7, 0x91) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:43811' (ED25519) to the list of known hosts. [ 41.834217][ T5934] cgroup: Unknown subsys name 'net' [ 41.976289][ T5934] cgroup: Unknown subsys name 'cpuset' [ 41.979400][ T5934] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 42.786960][ T5934] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 45.599531][ T5952] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 45.604414][ T5956] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 45.606715][ T5956] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 45.609258][ T5956] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 45.611764][ T5956] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 45.614282][ T5956] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 45.616196][ T5955] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 45.616782][ T5956] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 45.619693][ T5955] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 45.621260][ T5956] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 45.622196][ T5960] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 45.624445][ T5960] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 45.625506][ T5955] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 45.626072][ T5956] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 45.626297][ T5955] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 45.626769][ T5955] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 45.626937][ T5955] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 45.628369][ T5960] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 45.640624][ T5956] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 45.642132][ T5960] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 45.643982][ T5956] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 45.647428][ T5960] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 45.647694][ T5960] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 45.649559][ T5956] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 45.809778][ T5946] chnl_net:caif_netlink_parms(): no params data found [ 45.842716][ T5945] chnl_net:caif_netlink_parms(): no params data found [ 45.901997][ T5957] chnl_net:caif_netlink_parms(): no params data found [ 45.978963][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.981051][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.983200][ T5946] bridge_slave_0: entered allmulticast mode [ 45.986049][ T5946] bridge_slave_0: entered promiscuous mode [ 45.989546][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.991792][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.994128][ T5946] bridge_slave_1: entered allmulticast mode [ 45.996322][ T5946] bridge_slave_1: entered promiscuous mode [ 46.011292][ T5953] chnl_net:caif_netlink_parms(): no params data found [ 46.054836][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.075388][ T5957] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.077466][ T5957] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.079497][ T5957] bridge_slave_0: entered allmulticast mode [ 46.082090][ T5957] bridge_slave_0: entered promiscuous mode [ 46.086542][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.088607][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.090703][ T5945] bridge_slave_0: entered allmulticast mode [ 46.092887][ T5945] bridge_slave_0: entered promiscuous mode [ 46.095576][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.097623][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.099631][ T5945] bridge_slave_1: entered allmulticast mode [ 46.101849][ T5945] bridge_slave_1: entered promiscuous mode [ 46.105167][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.123215][ T5957] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.125754][ T5957] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.127749][ T5957] bridge_slave_1: entered allmulticast mode [ 46.129847][ T5957] bridge_slave_1: entered promiscuous mode [ 46.188850][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.193272][ T5946] team0: Port device team_slave_0 added [ 46.204443][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.208785][ T5957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.212486][ T5946] team0: Port device team_slave_1 added [ 46.235739][ T5953] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.237813][ T5953] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.240012][ T5953] bridge_slave_0: entered allmulticast mode [ 46.242217][ T5953] bridge_slave_0: entered promiscuous mode [ 46.268545][ T5957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.278797][ T5953] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.280927][ T5953] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.282978][ T5953] bridge_slave_1: entered allmulticast mode [ 46.285491][ T5953] bridge_slave_1: entered promiscuous mode [ 46.289613][ T5945] team0: Port device team_slave_0 added [ 46.300690][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.302791][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.310144][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.324818][ T5945] team0: Port device team_slave_1 added [ 46.335748][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.337774][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.345753][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.376901][ T5957] team0: Port device team_slave_0 added [ 46.382449][ T5953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.386357][ T5953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.390202][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.392212][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.399271][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.403917][ T5957] team0: Port device team_slave_1 added [ 46.430046][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.432137][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.440462][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.447600][ T5957] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.449671][ T5957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.456852][ T5957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.469487][ T5953] team0: Port device team_slave_0 added [ 46.489615][ T5957] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.491643][ T5957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.499192][ T5957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.508422][ T5953] team0: Port device team_slave_1 added [ 46.523920][ T5946] hsr_slave_0: entered promiscuous mode [ 46.525992][ T5946] hsr_slave_1: entered promiscuous mode [ 46.574145][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.576182][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.583206][ T5953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.601261][ T5945] hsr_slave_0: entered promiscuous mode [ 46.603756][ T5945] hsr_slave_1: entered promiscuous mode [ 46.605700][ T5945] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.607977][ T5945] Cannot create hsr debugfs directory [ 46.609907][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.611941][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.619040][ T5953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.632263][ T5957] hsr_slave_0: entered promiscuous mode [ 46.635103][ T5957] hsr_slave_1: entered promiscuous mode [ 46.636921][ T5957] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.638977][ T5957] Cannot create hsr debugfs directory [ 46.717560][ T5953] hsr_slave_0: entered promiscuous mode [ 46.719557][ T5953] hsr_slave_1: entered promiscuous mode [ 46.721443][ T5953] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.724180][ T5953] Cannot create hsr debugfs directory [ 46.872352][ T5946] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 46.877198][ T5946] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 46.889640][ T5946] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 46.900004][ T5946] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 46.916825][ T5945] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 46.921080][ T5945] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 46.925178][ T5945] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 46.928531][ T5945] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 46.951299][ T5957] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 46.955188][ T5957] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 46.958761][ T5957] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 46.962700][ T5957] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 47.005765][ T5953] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 47.014283][ T5953] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 47.019094][ T5953] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 47.036889][ T5953] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 47.044690][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.067104][ T5946] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.083121][ T1185] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.085349][ T1185] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.095163][ T1185] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.097236][ T1185] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.105099][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.109248][ T5957] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.125373][ T5957] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.132639][ T1137] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.134766][ T1137] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.146023][ T1137] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.148075][ T1137] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.157653][ T5945] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.174582][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.176634][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.182326][ T5953] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.190602][ T1185] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.192451][ T1185] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.204683][ T5953] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.215696][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.217702][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.225302][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.227392][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.252450][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.256519][ T5953] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 47.259358][ T5953] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 47.287564][ T5946] veth0_vlan: entered promiscuous mode [ 47.297781][ T5946] veth1_vlan: entered promiscuous mode [ 47.309948][ T5957] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.318392][ T5946] veth0_macvtap: entered promiscuous mode [ 47.322401][ T5946] veth1_macvtap: entered promiscuous mode [ 47.338734][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.346933][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.349144][ T5957] veth0_vlan: entered promiscuous mode [ 47.355688][ T5946] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.358258][ T5946] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.360709][ T5946] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.363135][ T5946] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.368819][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.372639][ T5953] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.388175][ T5957] veth1_vlan: entered promiscuous mode [ 47.427718][ T5953] veth0_vlan: entered promiscuous mode [ 47.433740][ T1137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.435639][ T5957] veth0_macvtap: entered promiscuous mode [ 47.435964][ T1137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.442085][ T5945] veth0_vlan: entered promiscuous mode [ 47.446724][ T5957] veth1_macvtap: entered promiscuous mode [ 47.456638][ T5953] veth1_vlan: entered promiscuous mode [ 47.459411][ T5945] veth1_vlan: entered promiscuous mode [ 47.463463][ T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.466424][ T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.468613][ T5957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.471731][ T5957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.476065][ T5957] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.485195][ T5957] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.487878][ T5957] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.490916][ T5957] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.497800][ T5957] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.501137][ T5957] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.505451][ T5957] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.508736][ T5957] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.518946][ T5946] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 47.520223][ T5953] veth0_macvtap: entered promiscuous mode [ 47.535168][ T5953] veth1_macvtap: entered promiscuous mode [ 47.543740][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.546581][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.548959][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.552197][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.556170][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.558961][ T5945] veth0_macvtap: entered promiscuous mode [ 47.582342][ T5945] veth1_macvtap: entered promiscuous mode [ 47.592757][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.596357][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.599463][ T5953] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.604035][ T5953] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.607864][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.618893][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.622210][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.625146][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.627926][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.630713][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.634696][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.638719][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.641544][ T5953] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.644860][ T5953] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.647250][ T5953] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.649701][ T5953] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.660308][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.662578][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.663804][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.668537][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.672230][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.676360][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.680031][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.684441][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.687881][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.694938][ T5952] Bluetooth: hci1: command tx timeout [ 47.695620][ T5960] Bluetooth: hci3: command tx timeout [ 47.696857][ T5950] Bluetooth: hci2: command tx timeout [ 47.697154][ T5952] Bluetooth: hci0: command tx timeout [ 47.707099][ T5945] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.710280][ T5945] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.714801][ T5945] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.717212][ T5945] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.734432][ T1185] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.737035][ T1185] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.755607][ T1185] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.757816][ T1185] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.770707][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.775873][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.786633][ T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.788874][ T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.803008][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.805364][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.813594][ T6008] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 47.883596][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 47.893533][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 47.903699][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 47.963471][ T6008] usb 6-1: Using ep0 maxpacket: 8 [ 47.973529][ T6008] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 47.976298][ T6008] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 47.979008][ T6008] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 47.981689][ T6008] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 47.994152][ T6008] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 47.996917][ T6008] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 48.293238][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 48.425841][ T6008] usb 6-1: GET_CAPABILITIES returned 0 [ 48.427533][ T6008] usbtmc 6-1:16.0: can't read capabilities [ 48.453917][ T6008] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 49.783584][ T5950] Bluetooth: hci0: command tx timeout [ 49.783690][ T5960] Bluetooth: hci1: command tx timeout [ 49.783898][ T5956] Bluetooth: hci3: command tx timeout [ 49.783923][ T5956] Bluetooth: hci2: command tx timeout [ 50.608682][ T6065] wireguard0: entered promiscuous mode [ 50.713206][ T8] usb 6-1: USB disconnect, device number 2 [ 51.063514][ T8] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 51.214690][ T8] usb 6-1: Using ep0 maxpacket: 8 [ 51.220769][ T8] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 51.223993][ T8] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 51.226664][ T8] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 51.229497][ T8] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 51.233230][ T8] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 51.236703][ T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 51.400834][ T40] audit: type=1326 audit(1740092337.794:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6081 comm="syz.3.13" exe="/syz-executor" sig=31 arch=40000003 syscall=119 compat=1 ip=0xf7f65598 code=0x0 [ 51.658668][ T8] usb 6-1: GET_CAPABILITIES returned 0 [ 51.662344][ T8] usbtmc 6-1:16.0: can't read capabilities [ 51.715236][ T6008] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 51.854379][ T5952] Bluetooth: hci1: command tx timeout [ 51.854459][ T5956] Bluetooth: hci0: command tx timeout [ 51.856474][ T5950] Bluetooth: hci3: command tx timeout [ 51.859924][ T5960] Bluetooth: hci2: command tx timeout [ 52.275399][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 52.475794][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 53.816752][ T5958] usb 6-1: USB disconnect, device number 3 [ 53.933962][ T5960] Bluetooth: hci0: command tx timeout [ 53.934037][ T5950] Bluetooth: hci2: command tx timeout [ 53.935610][ T5956] Bluetooth: hci3: command tx timeout [ 53.937111][ T5952] Bluetooth: hci1: command tx timeout [ 54.103475][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 59.998105][ T6190] syz.3.27 (6190) used greatest stack depth: 20256 bytes left [ 60.383448][ T9] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 60.533490][ T9] usb 8-1: Using ep0 maxpacket: 8 [ 60.537440][ T9] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 60.539986][ T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 60.542743][ T9] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 60.545590][ T9] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 60.549278][ T9] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 60.551659][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.654123][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 60.833594][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 60.913536][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 60.967735][ T9] usb 8-1: GET_CAPABILITIES returned 0 [ 60.975788][ T9] usbtmc 8-1:16.0: can't read capabilities [ 61.033924][ T5958] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 61.933451][ T9] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 62.083421][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 62.087081][ T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 62.090948][ T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 62.101576][ T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 62.106751][ T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 62.110305][ T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 62.123160][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 62.526326][ T9] usb 6-1: GET_CAPABILITIES returned 0 [ 62.528474][ T9] usbtmc 6-1:16.0: can't read capabilities [ 62.578351][ T6008] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 63.231221][ T63] usb 8-1: USB disconnect, device number 2 [ 64.713623][ T6008] usb 6-1: USB disconnect, device number 4 [ 70.975424][ T1414] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.977556][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 77.983488][ T5958] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 78.133489][ T5958] usb 7-1: Using ep0 maxpacket: 8 [ 78.137152][ T5958] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 78.141028][ T5958] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 78.145315][ T5958] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 78.149192][ T5958] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 78.154834][ T5958] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 78.158379][ T5958] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 78.770894][ T5958] usb 7-1: GET_CAPABILITIES returned 0 [ 78.772317][ T5958] usbtmc 7-1:16.0: can't read capabilities [ 78.817612][ T5958] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 79.109943][ T6397] netlink: 'syz.3.60': attribute type 4 has an invalid length. [ 80.273439][ T5958] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 80.453481][ T5958] usb 8-1: Using ep0 maxpacket: 16 [ 80.457047][ T5958] usb 8-1: config 0 has no interfaces? [ 80.460010][ T5958] usb 8-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 80.462584][ T5958] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 80.465096][ T5958] usb 8-1: Product: syz [ 80.466349][ T5958] usb 8-1: Manufacturer: syz [ 80.467706][ T5958] usb 8-1: SerialNumber: syz [ 80.470688][ T5958] usb 8-1: config 0 descriptor?? [ 80.685317][ T6421] openvswitch: netlink: Missing valid actions attribute. [ 80.690424][ T6421] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 80.701540][ T5958] usb 8-1: USB disconnect, device number 3 [ 80.762130][ T63] usb 7-1: USB disconnect, device number 2 [ 81.227170][ T57] cfg80211: failed to load regulatory.db [ 97.124693][ T35] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 97.273417][ T35] usb 6-1: Using ep0 maxpacket: 8 [ 97.276268][ T35] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 97.279211][ T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 97.282586][ T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 97.285462][ T35] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 97.289155][ T35] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 97.291643][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 97.727799][ T35] usb 6-1: GET_CAPABILITIES returned 0 [ 97.730246][ T35] usbtmc 6-1:16.0: can't read capabilities [ 97.776387][ T833] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 98.804565][ T6633] wireguard1: entered promiscuous mode [ 99.898544][ T5988] usb 6-1: USB disconnect, device number 5 [ 100.988293][ T5988] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 101.153581][ T5988] usb 5-1: Using ep0 maxpacket: 8 [ 101.158346][ T5988] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 101.162084][ T5988] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 101.166021][ T5988] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 101.170031][ T5988] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 101.183416][ T5988] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 101.186521][ T5988] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.650270][ T5988] usb 5-1: GET_CAPABILITIES returned 0 [ 101.652058][ T5988] usbtmc 5-1:16.0: can't read capabilities [ 103.784643][ T6006] usb 5-1: USB disconnect, device number 2 [ 107.363469][ T35] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 107.525077][ T35] usb 6-1: Using ep0 maxpacket: 8 [ 107.527833][ T35] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 107.530625][ T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 107.533577][ T35] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 107.536302][ T35] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 107.539851][ T35] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 107.542728][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.990782][ T35] usb 6-1: GET_CAPABILITIES returned 0 [ 107.992813][ T35] usbtmc 6-1:16.0: can't read capabilities [ 108.115283][ T57] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 110.014261][ T5988] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 110.173697][ T5988] usb 5-1: Using ep0 maxpacket: 8 [ 110.176622][ T5988] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 110.180324][ T5988] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 110.183094][ T5988] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 110.188307][ T5988] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 110.191858][ T5988] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 110.194668][ T5988] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 110.236925][ T35] usb 6-1: USB disconnect, device number 6 [ 110.623889][ T5988] usb 5-1: GET_CAPABILITIES returned 0 [ 110.631512][ T5988] usbtmc 5-1:16.0: can't read capabilities [ 110.655610][ T57] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 112.804812][ T35] usb 5-1: USB disconnect, device number 3 [ 118.407895][ T6953] capability: warning: `syz.1.163' uses deprecated v2 capabilities in a way that may be insecure [ 118.420053][ T6953] program syz.1.163 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 123.373987][ T833] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 123.535161][ T833] usb 8-1: Using ep0 maxpacket: 8 [ 123.538274][ T833] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 123.541061][ T833] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 123.544067][ T833] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 123.546754][ T833] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 123.550364][ T833] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 123.552897][ T833] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 123.979743][ T833] usb 8-1: GET_CAPABILITIES returned 0 [ 123.983564][ T833] usbtmc 8-1:16.0: can't read capabilities [ 124.053830][ T833] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 126.385284][ T833] usb 8-1: USB disconnect, device number 4 [ 129.439182][ T7170] Zero length message leads to an empty skb [ 131.053973][ T5988] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 131.214809][ T5988] usb 7-1: Using ep0 maxpacket: 16 [ 131.219779][ T5988] usb 7-1: config 0 has no interfaces? [ 131.222850][ T5988] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 131.225598][ T5988] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 131.227809][ T5988] usb 7-1: Product: syz [ 131.228987][ T5988] usb 7-1: Manufacturer: syz [ 131.230337][ T5988] usb 7-1: SerialNumber: syz [ 131.234335][ T5988] usb 7-1: config 0 descriptor?? [ 131.444913][ T5988] usb 7-1: USB disconnect, device number 3 [ 131.490743][ T7202] process 'syz.0.215' launched './file0' with NULL argv: empty string added [ 132.416598][ T1414] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.419135][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.373896][ T833] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 133.525243][ T833] usb 8-1: Using ep0 maxpacket: 8 [ 133.532830][ T833] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 133.539020][ T833] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 133.541820][ T833] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 133.613563][ T833] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 133.617264][ T833] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 133.619778][ T833] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.009278][ T833] usb 8-1: GET_CAPABILITIES returned 0 [ 134.010923][ T833] usbtmc 8-1:16.0: can't read capabilities [ 134.074660][ T833] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 134.133550][ T834] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 134.226481][ T7256] netlink: 12 bytes leftover after parsing attributes in process `syz.2.227'. [ 134.283471][ T834] usb 6-1: Using ep0 maxpacket: 16 [ 134.286367][ T834] usb 6-1: config 0 has no interfaces? [ 134.289807][ T834] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 134.292467][ T834] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 134.295342][ T834] usb 6-1: Product: syz [ 134.296623][ T834] usb 6-1: Manufacturer: syz [ 134.298007][ T834] usb 6-1: SerialNumber: syz [ 134.301045][ T834] usb 6-1: config 0 descriptor?? [ 134.507381][ T6007] usb 6-1: USB disconnect, device number 7 [ 136.093702][ T5988] usb 8-1: USB disconnect, device number 5 [ 136.316620][ T5960] Bluetooth: hci2: SCO packet for unknown connection handle 768 [ 142.255959][ T35] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 142.403435][ T35] usb 7-1: Using ep0 maxpacket: 16 [ 142.406838][ T35] usb 7-1: config 0 has no interfaces? [ 142.410601][ T35] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 142.414124][ T35] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 142.416360][ T35] usb 7-1: Product: syz [ 142.417689][ T35] usb 7-1: Manufacturer: syz [ 142.420077][ T35] usb 7-1: SerialNumber: syz [ 142.422628][ T35] usb 7-1: config 0 descriptor?? [ 142.446872][ T7356] netlink: 16 bytes leftover after parsing attributes in process `syz.0.243'. [ 142.629136][ T35] usb 7-1: USB disconnect, device number 4 [ 143.341100][ T7371] fuse: Bad value for 'rootmode' [ 143.392644][ T7374] netlink: 24 bytes leftover after parsing attributes in process `syz.0.247'. [ 143.493877][ T7372] netlink: 16 bytes leftover after parsing attributes in process `syz.1.246'. [ 143.497277][ T7372] FAULT_INJECTION: forcing a failure. [ 143.497277][ T7372] name failslab, interval 1, probability 0, space 0, times 1 [ 143.500975][ T7372] CPU: 0 UID: 0 PID: 7372 Comm: syz.1.246 Not tainted 6.14.0-rc3-syzkaller-00096-ge9a8cac0bf89 #0 [ 143.501004][ T7372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 143.501012][ T7372] Call Trace: [ 143.501053][ T7372] [ 143.501058][ T7372] dump_stack_lvl+0x16c/0x1f0 [ 143.501077][ T7372] should_fail_ex+0x50a/0x650 [ 143.501095][ T7372] ? fs_reclaim_acquire+0xae/0x150 [ 143.501110][ T7372] should_failslab+0xc2/0x120 [ 143.501121][ T7372] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 143.501138][ T7372] ? __alloc_skb+0x2b1/0x380 [ 143.501154][ T7372] __alloc_skb+0x2b1/0x380 [ 143.501167][ T7372] ? __pfx___alloc_skb+0x10/0x10 [ 143.501186][ T7372] netlink_ack+0x15f/0xb80 [ 143.501200][ T7372] ? preempt_schedule_thunk+0x1a/0x30 [ 143.501221][ T7372] ? preempt_schedule_common+0x44/0xc0 [ 143.501235][ T7372] netlink_rcv_skb+0x348/0x440 [ 143.501248][ T7372] ? __pfx_crypto_user_rcv_msg+0x10/0x10 [ 143.501265][ T7372] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 143.501287][ T7372] ? netlink_deliver_tap+0x1ae/0xd30 [ 143.501302][ T7372] crypto_netlink_rcv+0x2a/0x40 [ 143.501315][ T7372] netlink_unicast+0x53c/0x7f0 [ 143.501330][ T7372] ? __pfx_netlink_unicast+0x10/0x10 [ 143.501344][ T7372] ? __check_object_size+0x488/0x710 [ 143.501357][ T7372] netlink_sendmsg+0x8b8/0xd70 [ 143.501373][ T7372] ? __pfx_netlink_sendmsg+0x10/0x10 [ 143.501391][ T7372] ____sys_sendmsg+0xaaf/0xc90 [ 143.501403][ T7372] ? __pfx_____sys_sendmsg+0x10/0x10 [ 143.501414][ T7372] ? get_compat_msghdr+0x11b/0x170 [ 143.501431][ T7372] ___sys_sendmsg+0x135/0x1e0 [ 143.501446][ T7372] ? __pfx____sys_sendmsg+0x10/0x10 [ 143.501466][ T7372] ? __pfx_lock_release+0x10/0x10 [ 143.501483][ T7372] ? trace_lock_acquire+0x14e/0x1f0 [ 143.501499][ T7372] ? __fget_files+0x206/0x3a0 [ 143.501518][ T7372] __sys_sendmsg+0x16e/0x220 [ 143.501533][ T7372] ? __pfx___sys_sendmsg+0x10/0x10 [ 143.501548][ T7372] ? __pfx___schedule+0x10/0x10 [ 143.501566][ T7372] __do_fast_syscall_32+0x73/0x120 [ 143.501580][ T7372] do_fast_syscall_32+0x32/0x80 [ 143.501593][ T7372] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 143.501611][ T7372] RIP: 0023:0xf7eff579 [ 143.501620][ T7372] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 143.501631][ T7372] RSP: 002b:00000000f500555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 143.501676][ T7372] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800001c0 [ 143.501682][ T7372] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 143.501688][ T7372] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 143.501693][ T7372] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 143.501699][ T7372] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 143.501711][ T7372] [ 147.983457][ T35] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 148.143510][ T35] usb 5-1: Using ep0 maxpacket: 8 [ 148.150038][ T35] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 148.152798][ T35] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 148.155867][ T35] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 148.158597][ T35] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 148.162395][ T35] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 148.173435][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.578887][ T35] usb 5-1: GET_CAPABILITIES returned 0 [ 148.580478][ T35] usbtmc 5-1:16.0: can't read capabilities [ 148.654664][ T833] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 149.381363][ T7501] netlink: 12 bytes leftover after parsing attributes in process `syz.1.273'. [ 150.849846][ T5958] usb 5-1: USB disconnect, device number 4 [ 150.924602][ T7532] netlink: 16 bytes leftover after parsing attributes in process `syz.0.281'. [ 150.996348][ T7534] openvswitch: netlink: Message has 13 unknown bytes. [ 150.998464][ T7534] openvswitch: netlink: Actions may not be safe on all matching packets [ 153.591691][ T7592] FAULT_INJECTION: forcing a failure. [ 153.591691][ T7592] name failslab, interval 1, probability 0, space 0, times 0 [ 153.595516][ T7592] CPU: 1 UID: 0 PID: 7592 Comm: syz.1.296 Not tainted 6.14.0-rc3-syzkaller-00096-ge9a8cac0bf89 #0 [ 153.595541][ T7592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 153.595548][ T7592] Call Trace: [ 153.595551][ T7592] [ 153.595556][ T7592] dump_stack_lvl+0x16c/0x1f0 [ 153.595574][ T7592] should_fail_ex+0x50a/0x650 [ 153.595592][ T7592] ? fs_reclaim_acquire+0xae/0x150 [ 153.595608][ T7592] should_failslab+0xc2/0x120 [ 153.595618][ T7592] __kmalloc_node_noprof+0xd1/0x510 [ 153.595636][ T7592] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 153.595653][ T7592] __kvmalloc_node_noprof+0xad/0x1a0 [ 153.595667][ T7592] io_sqe_buffers_register+0x136/0x740 [ 153.595683][ T7592] ? __lock_acquire+0xcc5/0x3c40 [ 153.595700][ T7592] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 153.595718][ T7592] ? __pfx___mutex_trylock_common+0x10/0x10 [ 153.595736][ T7592] __io_uring_register+0x2111/0x22f0 [ 153.595750][ T7592] ? trace_contention_end+0xee/0x140 [ 153.595766][ T7592] ? __pfx___io_uring_register+0x10/0x10 [ 153.595780][ T7592] ? __ia32_sys_io_uring_register+0x15a/0x290 [ 153.595793][ T7592] ? __pfx_lock_release+0x10/0x10 [ 153.595808][ T7592] ? __pfx___mutex_lock+0x10/0x10 [ 153.595822][ T7592] ? lock_acquire+0x2f/0xb0 [ 153.595835][ T7592] ? __fget_files+0x40/0x3a0 [ 153.595852][ T7592] ? __fget_files+0x206/0x3a0 [ 153.595870][ T7592] __ia32_sys_io_uring_register+0x16b/0x290 [ 153.595884][ T7592] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 153.595899][ T7592] __do_fast_syscall_32+0x73/0x120 [ 153.595912][ T7592] do_fast_syscall_32+0x32/0x80 [ 153.595925][ T7592] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 153.595943][ T7592] RIP: 0023:0xf7eff579 [ 153.595951][ T7592] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 153.595961][ T7592] RSP: 002b:00000000f4fe455c EFLAGS: 00000296 ORIG_RAX: 00000000000001ab [ 153.595971][ T7592] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000000000000 [ 153.595977][ T7592] RDX: 00000000800002c0 RSI: 000000000000011a RDI: 0000000000000000 [ 153.595983][ T7592] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 153.595989][ T7592] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 153.595994][ T7592] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 153.596006][ T7592] [ 155.543631][ T7640] netlink: 'syz.1.308': attribute type 1 has an invalid length. [ 155.593166][ T7640] bond1: entered promiscuous mode [ 155.597155][ T7640] 8021q: adding VLAN 0 to HW filter on device bond1 [ 157.045808][ T7673] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1926430720 (3852861440 ns) > initial count (2369312970 ns). Using initial count to start timer. [ 157.644682][ T7685] ieee802154 phy0 wpan0: encryption failed: -22 [ 159.129450][ T7717] FAULT_INJECTION: forcing a failure. [ 159.129450][ T7717] name failslab, interval 1, probability 0, space 0, times 0 [ 159.133114][ T7717] CPU: 1 UID: 0 PID: 7717 Comm: syz.2.329 Not tainted 6.14.0-rc3-syzkaller-00096-ge9a8cac0bf89 #0 [ 159.133130][ T7717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 159.133137][ T7717] Call Trace: [ 159.133141][ T7717] [ 159.133148][ T7717] dump_stack_lvl+0x16c/0x1f0 [ 159.133167][ T7717] should_fail_ex+0x50a/0x650 [ 159.133187][ T7717] should_failslab+0xc2/0x120 [ 159.133198][ T7717] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 159.133216][ T7717] ? skb_clone+0x190/0x3f0 [ 159.133233][ T7717] skb_clone+0x190/0x3f0 [ 159.133249][ T7717] netlink_deliver_tap+0xabd/0xd30 [ 159.133265][ T7717] netlink_unicast+0x6b4/0x7f0 [ 159.133280][ T7717] ? __pfx_netlink_unicast+0x10/0x10 [ 159.133293][ T7717] ? genl_rcv_msg+0x4bd/0x800 [ 159.133312][ T7717] netlink_ack+0x6ac/0xb80 [ 159.133341][ T7717] netlink_rcv_skb+0x348/0x440 [ 159.133355][ T7717] ? __pfx_genl_rcv_msg+0x10/0x10 [ 159.133372][ T7717] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 159.133391][ T7717] ? down_read+0xc9/0x330 [ 159.133405][ T7717] ? __pfx_down_read+0x10/0x10 [ 159.133419][ T7717] ? netlink_deliver_tap+0x1ae/0xd30 [ 159.133434][ T7717] genl_rcv+0x28/0x40 [ 159.133447][ T7717] netlink_unicast+0x53c/0x7f0 [ 159.133463][ T7717] ? __pfx_netlink_unicast+0x10/0x10 [ 159.133477][ T7717] ? __phys_addr_symbol+0x30/0x80 [ 159.133488][ T7717] ? __check_object_size+0x488/0x710 [ 159.133501][ T7717] netlink_sendmsg+0x8b8/0xd70 [ 159.133516][ T7717] ? __pfx_netlink_sendmsg+0x10/0x10 [ 159.133535][ T7717] ____sys_sendmsg+0xaaf/0xc90 [ 159.133548][ T7717] ? __pfx_____sys_sendmsg+0x10/0x10 [ 159.133558][ T7717] ? get_compat_msghdr+0x11b/0x170 [ 159.133576][ T7717] ___sys_sendmsg+0x135/0x1e0 [ 159.133592][ T7717] ? __pfx____sys_sendmsg+0x10/0x10 [ 159.133612][ T7717] ? __pfx_lock_release+0x10/0x10 [ 159.133627][ T7717] ? trace_lock_acquire+0x14e/0x1f0 [ 159.133644][ T7717] ? __fget_files+0x206/0x3a0 [ 159.133662][ T7717] __sys_sendmsg+0x16e/0x220 [ 159.133677][ T7717] ? __pfx___sys_sendmsg+0x10/0x10 [ 159.133701][ T7717] __do_fast_syscall_32+0x73/0x120 [ 159.133716][ T7717] do_fast_syscall_32+0x32/0x80 [ 159.133729][ T7717] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 159.133747][ T7717] RIP: 0023:0xf743e579 [ 159.133755][ T7717] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 159.133765][ T7717] RSP: 002b:00000000f50c655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 159.133775][ T7717] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000200 [ 159.133781][ T7717] RDX: 0000000000008080 RSI: 0000000000000000 RDI: 0000000000000000 [ 159.133787][ T7717] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 159.133793][ T7717] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 159.133799][ T7717] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 159.133811][ T7717] [ 159.181198][ T40] audit: type=1326 audit(1740092445.574:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.3.330" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 159.182496][ T7719] mmap: syz.3.330 (7719) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 159.183421][ T40] audit: type=1326 audit(1740092445.574:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.3.330" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 159.233000][ T40] audit: type=1326 audit(1740092445.574:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.3.330" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 159.239022][ T40] audit: type=1326 audit(1740092445.574:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.3.330" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 159.245071][ T40] audit: type=1326 audit(1740092445.574:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.3.330" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 159.250999][ T40] audit: type=1326 audit(1740092445.574:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.3.330" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 159.257793][ T40] audit: type=1326 audit(1740092445.574:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.3.330" exe="/syz-executor" sig=0 arch=40000003 syscall=257 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 159.263839][ T40] audit: type=1326 audit(1740092445.584:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.3.330" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 159.270997][ T40] audit: type=1326 audit(1740092445.584:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.3.330" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 159.277092][ T40] audit: type=1326 audit(1740092445.594:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.3.330" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 161.093758][ T7764] Cannot find add_set index 3 as target [ 161.213632][ T5960] Bluetooth: hci0: command tx timeout [ 162.715964][ T7793] ./file0: Can't lookup blockdev [ 163.965233][ T7815] netlink: 16 bytes leftover after parsing attributes in process `syz.1.353'. [ 164.026695][ T7821] netlink: 16 bytes leftover after parsing attributes in process `syz.1.356'. [ 164.770816][ T7834] netlink: 52 bytes leftover after parsing attributes in process `syz.2.360'. [ 165.471533][ T7852] netlink: 16 bytes leftover after parsing attributes in process `syz.3.364'. [ 167.412961][ T7890] netlink: 16 bytes leftover after parsing attributes in process `syz.2.375'. [ 168.969664][ T7922] netlink: 16 bytes leftover after parsing attributes in process `syz.3.384'. [ 169.246739][ T7928] ieee802154 phy0 wpan0: encryption failed: -22 [ 170.338977][ T5299] Bluetooth: hci2: command 0x0406 tx timeout [ 170.344802][ T5299] Bluetooth: hci0: command 0x0406 tx timeout [ 170.344865][ T5960] Bluetooth: hci3: command 0x0406 tx timeout [ 170.346855][ T5299] Bluetooth: hci1: command 0x0406 tx timeout [ 172.363497][ T5988] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 172.523603][ T5988] usb 5-1: Using ep0 maxpacket: 8 [ 172.526496][ T5988] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 172.529239][ T5988] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 172.532046][ T5988] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 172.535082][ T5988] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 172.539058][ T5988] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 172.541629][ T5988] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 173.028188][ T5988] usb 5-1: GET_CAPABILITIES returned 0 [ 173.029819][ T5988] usbtmc 5-1:16.0: can't read capabilities [ 173.106176][ T57] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 174.918453][ T8045] sp0: Synchronizing with TNC [ 175.170339][ T833] usb 5-1: USB disconnect, device number 5 [ 175.257189][ T8054] netlink: 16 bytes leftover after parsing attributes in process `syz.1.410'. [ 186.894145][ T5952] Bluetooth: hci0: command 0x0406 tx timeout [ 190.589809][ T8220] netlink: 4 bytes leftover after parsing attributes in process `syz.0.442'. [ 190.669750][ T8227] input: syz1 as /devices/virtual/input/input5 [ 193.854733][ T1414] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.856789][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.711499][ T8314] netlink: 'syz.0.464': attribute type 11 has an invalid length. [ 197.415987][ T8354] netlink: 4 bytes leftover after parsing attributes in process `syz.2.474'. [ 197.423858][ T8354] input: syz1 as /devices/virtual/input/input6 [ 199.193606][ T6012] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 199.343562][ T6012] usb 7-1: Using ep0 maxpacket: 16 [ 199.357410][ T6012] usb 7-1: config 0 has no interfaces? [ 199.388920][ T6012] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 199.395324][ T6012] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 199.406303][ T6012] usb 7-1: Product: syz [ 199.411747][ T6012] usb 7-1: Manufacturer: syz [ 199.424582][ T6012] usb 7-1: SerialNumber: syz [ 199.487085][ T6012] usb 7-1: config 0 descriptor?? [ 199.728397][ T5988] usb 7-1: USB disconnect, device number 5 [ 201.975587][ T8435] netlink: 'syz.0.491': attribute type 4 has an invalid length. [ 201.982338][ T8435] netlink: 'syz.0.491': attribute type 4 has an invalid length. [ 204.587797][ T8488] netlink: 16 bytes leftover after parsing attributes in process `syz.3.504'. [ 206.766488][ T8525] netlink: 16 bytes leftover after parsing attributes in process `syz.2.513'. [ 208.200879][ T8562] syz.3.521 uses obsolete (PF_INET,SOCK_PACKET) [ 208.834529][ T8570] netlink: 16 bytes leftover after parsing attributes in process `syz.1.522'. [ 209.764402][ T8593] netlink: 'syz.1.529': attribute type 4 has an invalid length. [ 209.771176][ T8593] netlink: 'syz.1.529': attribute type 4 has an invalid length. [ 209.775903][ T8593] netlink: 16 bytes leftover after parsing attributes in process `syz.1.529'. [ 210.381743][ T8606] netlink: 16 bytes leftover after parsing attributes in process `syz.2.533'. [ 211.412593][ T8625] netlink: 'syz.3.538': attribute type 4 has an invalid length. [ 211.416812][ T8625] netlink: 'syz.3.538': attribute type 4 has an invalid length. [ 211.425254][ T8625] netlink: 16 bytes leftover after parsing attributes in process `syz.3.538'. [ 212.527985][ T8647] netlink: 16 bytes leftover after parsing attributes in process `syz.2.542'. [ 212.715369][ T5988] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 212.883461][ T5988] usb 5-1: Using ep0 maxpacket: 16 [ 212.888174][ T5988] usb 5-1: config 0 has no interfaces? [ 212.892283][ T5988] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e [ 212.895427][ T5988] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 212.897896][ T5988] usb 5-1: Product: syz [ 212.899206][ T5988] usb 5-1: Manufacturer: syz [ 212.900701][ T5988] usb 5-1: SerialNumber: syz [ 212.908063][ T5988] usb 5-1: config 0 descriptor?? [ 213.136014][ T834] usb 5-1: USB disconnect, device number 6 [ 213.455520][ T8666] netlink: 'syz.2.547': attribute type 4 has an invalid length. [ 213.461549][ T8666] netlink: 'syz.2.547': attribute type 4 has an invalid length. [ 213.466517][ T8666] netlink: 16 bytes leftover after parsing attributes in process `syz.2.547'. [ 214.450130][ T8688] netlink: 16 bytes leftover after parsing attributes in process `syz.1.552'. [ 215.003528][ T834] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 215.163541][ T834] usb 5-1: Using ep0 maxpacket: 8 [ 215.169945][ T834] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 215.175890][ T834] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 215.180004][ T834] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 215.187368][ T834] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 215.191665][ T834] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 215.196706][ T834] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 215.573914][ T834] usb 5-1: GET_CAPABILITIES returned 0 [ 215.575724][ T834] usbtmc 5-1:16.0: can't read capabilities [ 215.614116][ T5958] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 216.075791][ T8745] netlink: 16 bytes leftover after parsing attributes in process `syz.1.562'. [ 217.745172][ T35] usb 5-1: USB disconnect, device number 7 [ 228.618281][ T8847] netlink: 16 bytes leftover after parsing attributes in process `syz.0.580'. [ 228.735537][ T8850] netlink: 'syz.0.582': attribute type 4 has an invalid length. [ 228.741618][ T8850] netlink: 'syz.0.582': attribute type 4 has an invalid length. [ 229.198684][ T8864] FAULT_INJECTION: forcing a failure. [ 229.198684][ T8864] name failslab, interval 1, probability 0, space 0, times 0 [ 229.202421][ T8864] CPU: 1 UID: 0 PID: 8864 Comm: syz.2.585 Not tainted 6.14.0-rc3-syzkaller-00096-ge9a8cac0bf89 #0 [ 229.202437][ T8864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 229.202444][ T8864] Call Trace: [ 229.202463][ T8864] [ 229.202469][ T8864] dump_stack_lvl+0x16c/0x1f0 [ 229.202489][ T8864] should_fail_ex+0x50a/0x650 [ 229.202510][ T8864] ? sctp_add_bind_addr+0x9a/0x3d0 [ 229.202520][ T8864] should_failslab+0xc2/0x120 [ 229.202531][ T8864] __kmalloc_cache_noprof+0x68/0x410 [ 229.202547][ T8864] ? __sctp_v6_cmp_addr+0x206/0x530 [ 229.202562][ T8864] sctp_add_bind_addr+0x9a/0x3d0 [ 229.202574][ T8864] sctp_copy_local_addr_list+0x39e/0x5a0 [ 229.202589][ T8864] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 229.202603][ T8864] ? sctp_auth_asoc_copy_shkeys+0x2a7/0x360 [ 229.202619][ T8864] ? sctp_bind_addr_copy+0xe0/0x530 [ 229.202630][ T8864] sctp_bind_addr_copy+0xe0/0x530 [ 229.202643][ T8864] sctp_connect_new_asoc+0x1d8/0x790 [ 229.202660][ T8864] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 229.202676][ T8864] ? lock_acquire+0x2f/0xb0 [ 229.202691][ T8864] ? sctp_endpoint_lookup_assoc+0xac/0x2a0 [ 229.202705][ T8864] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 229.202724][ T8864] sctp_sendmsg+0x1610/0x1eb0 [ 229.202739][ T8864] ? __pfx___lock_acquire+0x10/0x10 [ 229.202757][ T8864] ? __pfx_sctp_sendmsg+0x10/0x10 [ 229.202786][ T8864] ? __pfx_aa_sk_perm+0x10/0x10 [ 229.202801][ T8864] ? __pfx_sctp_sendmsg+0x10/0x10 [ 229.202817][ T8864] inet_sendmsg+0x119/0x140 [ 229.202833][ T8864] __sys_sendto+0x42a/0x4f0 [ 229.202848][ T8864] ? __pfx___sys_sendto+0x10/0x10 [ 229.202873][ T8864] ? ksys_write+0x1ba/0x250 [ 229.202888][ T8864] ? __pfx_ksys_write+0x10/0x10 [ 229.202904][ T8864] __ia32_sys_sendto+0xdd/0x1b0 [ 229.202918][ T8864] ? lockdep_hardirqs_on+0x7c/0x110 [ 229.202930][ T8864] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 229.202943][ T8864] __do_fast_syscall_32+0x73/0x120 [ 229.202958][ T8864] do_fast_syscall_32+0x32/0x80 [ 229.202971][ T8864] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 229.202989][ T8864] RIP: 0023:0xf743e579 [ 229.202998][ T8864] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 229.203008][ T8864] RSP: 002b:00000000f508455c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 229.203018][ T8864] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000040 [ 229.203025][ T8864] RDX: 0000000000000001 RSI: 00000000afa51cdd RDI: 0000000080000100 [ 229.203031][ T8864] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000 [ 229.203036][ T8864] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 229.203042][ T8864] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 229.203054][ T8864] [ 230.625366][ T8887] netlink: 'syz.0.591': attribute type 4 has an invalid length. [ 230.631958][ T8887] netlink: 'syz.0.591': attribute type 4 has an invalid length. [ 232.690407][ T8936] netlink: 4 bytes leftover after parsing attributes in process `syz.1.603'. [ 234.274098][ T40] kauditd_printk_skb: 27 callbacks suppressed [ 234.274109][ T40] audit: type=1326 audit(1740092520.664:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8958 comm="syz.1.608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 234.282008][ T40] audit: type=1326 audit(1740092520.674:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8958 comm="syz.1.608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 234.288340][ T40] audit: type=1326 audit(1740092520.674:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8958 comm="syz.1.608" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 234.294676][ T40] audit: type=1326 audit(1740092520.674:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8958 comm="syz.1.608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 234.300643][ T40] audit: type=1326 audit(1740092520.674:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8958 comm="syz.1.608" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 234.306800][ T40] audit: type=1326 audit(1740092520.684:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8958 comm="syz.1.608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 234.312781][ T40] audit: type=1326 audit(1740092520.684:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8958 comm="syz.1.608" exe="/syz-executor" sig=0 arch=40000003 syscall=257 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 234.319255][ T40] audit: type=1326 audit(1740092520.684:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8958 comm="syz.1.608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 234.327097][ T40] audit: type=1326 audit(1740092520.684:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8958 comm="syz.1.608" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 234.333135][ T40] audit: type=1326 audit(1740092520.704:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8958 comm="syz.1.608" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 236.333542][ T5956] Bluetooth: hci1: command 0x0406 tx timeout [ 236.875242][ T9018] FAULT_INJECTION: forcing a failure. [ 236.875242][ T9018] name failslab, interval 1, probability 0, space 0, times 0 [ 236.875298][ T9018] CPU: 2 UID: 0 PID: 9018 Comm: syz.0.626 Not tainted 6.14.0-rc3-syzkaller-00096-ge9a8cac0bf89 #0 [ 236.875311][ T9018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 236.875318][ T9018] Call Trace: [ 236.875321][ T9018] [ 236.875325][ T9018] dump_stack_lvl+0x16c/0x1f0 [ 236.875344][ T9018] should_fail_ex+0x50a/0x650 [ 236.875361][ T9018] ? fs_reclaim_acquire+0xae/0x150 [ 236.875377][ T9018] ? drm_gem_duplicate_shadow_plane_state+0x7a/0x110 [ 236.875390][ T9018] should_failslab+0xc2/0x120 [ 236.875400][ T9018] __kmalloc_cache_noprof+0x68/0x410 [ 236.875415][ T9018] ? ww_mutex_lock+0x37/0x160 [ 236.875429][ T9018] ? modeset_lock+0x114/0x6e0 [ 236.875441][ T9018] drm_gem_duplicate_shadow_plane_state+0x7a/0x110 [ 236.875459][ T9018] drm_atomic_get_plane_state+0x20b/0x590 [ 236.875476][ T9018] drm_client_modeset_commit_atomic+0x23f/0x7f0 [ 236.875491][ T9018] ? drm_client_modeset_commit_locked+0x4c/0x580 [ 236.875508][ T9018] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 236.875521][ T9018] ? __mutex_lock+0x1cc/0xb10 [ 236.875543][ T9018] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 236.875561][ T9018] drm_client_modeset_commit_locked+0x14d/0x580 [ 236.875577][ T9018] drm_fb_helper_pan_display+0x325/0x9b0 [ 236.875601][ T9018] fb_pan_display+0x477/0x7d0 [ 236.875614][ T9018] ? __pfx_drm_fb_helper_pan_display+0x10/0x10 [ 236.875633][ T9018] bit_update_start+0x49/0x1f0 [ 236.875648][ T9018] fbcon_switch+0xc11/0x14f0 [ 236.875665][ T9018] ? __pfx_fbcon_switch+0x10/0x10 [ 236.875677][ T9018] ? __pfx___lock_acquire+0x10/0x10 [ 236.875700][ T9018] ? __msecs_to_jiffies+0x45/0x50 [ 236.875714][ T9018] ? fbcon_cursor+0x2ea/0x5f0 [ 236.875731][ T9018] csi_J+0x868/0xad0 [ 236.875748][ T9018] do_con_write+0x3b83/0x7bb0 [ 236.875762][ T9018] ? rcu_is_watching+0x12/0xc0 [ 236.875774][ T9018] ? trace_contention_end+0xee/0x140 [ 236.875796][ T9018] ? __pfx_do_con_write+0x10/0x10 [ 236.875810][ T9018] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 236.875827][ T9018] ? con_write+0x93/0xb0 [ 236.875842][ T9018] con_write+0x23/0xb0 [ 236.875855][ T9018] n_tty_write+0x419/0x1140 [ 236.875879][ T9018] ? __pfx_n_tty_write+0x10/0x10 [ 236.875894][ T9018] ? __virt_addr_valid+0x1a4/0x590 [ 236.875906][ T9018] ? __pfx_woken_wake_function+0x10/0x10 [ 236.875919][ T9018] ? __virt_addr_valid+0x5e/0x590 [ 236.875929][ T9018] ? __phys_addr_symbol+0x30/0x80 [ 236.875939][ T9018] ? __check_object_size+0x488/0x710 [ 236.875950][ T9018] ? __pfx_n_tty_write+0x10/0x10 [ 236.875966][ T9018] file_tty_write.constprop.0+0x506/0x9a0 [ 236.875984][ T9018] vfs_write+0x5ae/0x1150 [ 236.875999][ T9018] ? __pfx_tty_write+0x10/0x10 [ 236.876013][ T9018] ? __pfx_vfs_write+0x10/0x10 [ 236.876029][ T9018] ? __fget_files+0x40/0x3a0 [ 236.876053][ T9018] ksys_write+0x12b/0x250 [ 236.876067][ T9018] ? __pfx_ksys_write+0x10/0x10 [ 236.876086][ T9018] __do_fast_syscall_32+0x73/0x120 [ 236.876100][ T9018] do_fast_syscall_32+0x32/0x80 [ 236.876114][ T9018] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 236.876131][ T9018] RIP: 0023:0xf7f32579 [ 236.876140][ T9018] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 236.876151][ T9018] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 236.876161][ T9018] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000 [ 236.876167][ T9018] RDX: 0000000000001006 RSI: 0000000000000000 RDI: 0000000000000000 [ 236.876173][ T9018] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 236.876178][ T9018] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 236.876184][ T9018] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 236.876198][ T9018] [ 238.782481][ T5956] Bluetooth: hci2: command 0x0406 tx timeout [ 240.599441][ T40] kauditd_printk_skb: 49 callbacks suppressed [ 240.599531][ T40] audit: type=1326 audit(1740092526.994:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.1.644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 240.628414][ T40] audit: type=1326 audit(1740092526.994:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.1.644" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 240.634524][ T40] audit: type=1326 audit(1740092526.994:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.1.644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 240.640271][ T40] audit: type=1326 audit(1740092527.004:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.1.644" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 240.646264][ T40] audit: type=1326 audit(1740092527.004:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.1.644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 240.652189][ T40] audit: type=1326 audit(1740092527.004:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.1.644" exe="/syz-executor" sig=0 arch=40000003 syscall=322 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 240.657933][ T40] audit: type=1326 audit(1740092527.004:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.1.644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 240.664596][ T40] audit: type=1326 audit(1740092527.004:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.1.644" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 240.670587][ T40] audit: type=1326 audit(1740092527.004:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.1.644" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 240.680930][ T40] audit: type=1326 audit(1740092527.004:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.1.644" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 240.813651][ T5956] Bluetooth: hci2: command 0x0406 tx timeout [ 242.664105][ T5956] Bluetooth: hci1: command 0x0406 tx timeout [ 244.193475][ T6007] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 244.343413][ T6007] usb 8-1: Using ep0 maxpacket: 8 [ 244.346268][ T6007] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 244.349127][ T6007] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 244.351865][ T6007] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 244.354704][ T6007] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 244.358301][ T6007] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 244.360961][ T6007] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.653534][ T5956] Bluetooth: hci2: command 0x0406 tx timeout [ 244.864001][ T57] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 244.876117][ T6007] usb 8-1: GET_CAPABILITIES returned 0 [ 244.877732][ T6007] usbtmc 8-1:16.0: can't read capabilities [ 245.553436][ T57] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 245.703433][ T57] usb 6-1: Using ep0 maxpacket: 8 [ 245.706198][ T57] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 245.709286][ T57] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 245.712172][ T57] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 245.715472][ T57] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 245.719415][ T57] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 245.722722][ T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 245.773651][ T5956] Bluetooth: hci0: command 0x0406 tx timeout [ 246.128387][ T57] usb 6-1: GET_CAPABILITIES returned 0 [ 246.133553][ T57] usbtmc 6-1:16.0: can't read capabilities [ 246.193991][ T57] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 246.983484][ T57] usb 8-1: USB disconnect, device number 6 [ 248.335095][ T834] usb 6-1: USB disconnect, device number 8 [ 249.580766][ T9287] netlink: 'syz.1.695': attribute type 4 has an invalid length. [ 249.596683][ T9287] netlink: 'syz.1.695': attribute type 4 has an invalid length. [ 250.692638][ T9312] FAULT_INJECTION: forcing a failure. [ 250.692638][ T9312] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 250.696451][ T9312] CPU: 3 UID: 0 PID: 9312 Comm: syz.0.703 Not tainted 6.14.0-rc3-syzkaller-00096-ge9a8cac0bf89 #0 [ 250.696464][ T9312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 250.696471][ T9312] Call Trace: [ 250.696475][ T9312] [ 250.696481][ T9312] dump_stack_lvl+0x16c/0x1f0 [ 250.696499][ T9312] should_fail_ex+0x50a/0x650 [ 250.696518][ T9312] _copy_from_iter+0x2a1/0x1560 [ 250.696532][ T9312] ? _copy_from_iter+0x15e/0x1560 [ 250.696543][ T9312] ? __pfx__copy_from_iter+0x10/0x10 [ 250.696555][ T9312] ? __pfx__copy_from_iter+0x10/0x10 [ 250.696564][ T9312] ? __virt_addr_valid+0x1a4/0x590 [ 250.696580][ T9312] copy_page_from_iter+0xa5/0x120 [ 250.696591][ T9312] skb_copy_datagram_from_iter+0x29b/0x710 [ 250.696610][ T9312] tun_get_user+0x199c/0x3e50 [ 250.696633][ T9312] ? __pfx_tun_get_user+0x10/0x10 [ 250.696649][ T9312] ? find_held_lock+0x2d/0x110 [ 250.696663][ T9312] ? __pfx_lock_release+0x10/0x10 [ 250.696683][ T9312] tun_chr_write_iter+0xdc/0x210 [ 250.696701][ T9312] vfs_write+0x5ae/0x1150 [ 250.696717][ T9312] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 250.696735][ T9312] ? __pfx_vfs_write+0x10/0x10 [ 250.696750][ T9312] ? __fget_files+0x40/0x3a0 [ 250.696771][ T9312] ksys_write+0x12b/0x250 [ 250.696786][ T9312] ? __pfx_ksys_write+0x10/0x10 [ 250.696805][ T9312] __do_fast_syscall_32+0x73/0x120 [ 250.696820][ T9312] do_fast_syscall_32+0x32/0x80 [ 250.696833][ T9312] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 250.696850][ T9312] RIP: 0023:0xf7f32579 [ 250.696858][ T9312] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 250.696868][ T9312] RSP: 002b:00000000f505655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 250.696879][ T9312] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800005c0 [ 250.696885][ T9312] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000000 [ 250.696891][ T9312] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 250.696896][ T9312] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 250.696902][ T9312] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 250.696913][ T9312] [ 250.824195][ T9311] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 251.289144][ T9317] netlink: 'syz.3.704': attribute type 4 has an invalid length. [ 251.296411][ T9317] netlink: 'syz.3.704': attribute type 4 has an invalid length. [ 251.533416][ T5988] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 251.703447][ T5988] usb 6-1: Using ep0 maxpacket: 8 [ 251.707927][ T5988] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 251.712753][ T5988] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 251.718959][ T5988] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 251.725022][ T5988] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 251.728827][ T5988] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 251.731722][ T5988] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.166070][ T5988] usb 6-1: GET_CAPABILITIES returned 0 [ 252.167609][ T5988] usbtmc 6-1:16.0: can't read capabilities [ 252.238987][ T57] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 253.684264][ T9356] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 253.686154][ T9356] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 253.702964][ T9356] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 253.705460][ T9356] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 253.727687][ T9356] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 253.730160][ T9356] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 253.739619][ T9356] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 253.743097][ T9356] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 254.325431][ T6006] usb 6-1: USB disconnect, device number 9 [ 255.294657][ T1414] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.296672][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.473448][ T57] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 256.623527][ T57] usb 5-1: Using ep0 maxpacket: 8 [ 256.628184][ T57] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 256.632012][ T57] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 256.635754][ T57] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 256.639390][ T57] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 256.644297][ T57] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 256.647663][ T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.653846][ T9409] netlink: 12 bytes leftover after parsing attributes in process `syz.2.731'. [ 257.056484][ T57] usb 5-1: GET_CAPABILITIES returned 0 [ 257.058962][ T57] usbtmc 5-1:16.0: can't read capabilities [ 257.104278][ T57] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 259.261618][ T63] usb 5-1: USB disconnect, device number 8 [ 268.032270][ T40] kauditd_printk_skb: 36 callbacks suppressed [ 268.032313][ T40] audit: type=1326 audit(1740092554.424:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9487 comm="syz.1.743" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 268.060193][ T40] audit: type=1326 audit(1740092554.454:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9487 comm="syz.1.743" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 268.140718][ T40] audit: type=1326 audit(1740092554.534:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9487 comm="syz.1.743" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7eff5a7 code=0x7ffc0000 [ 268.173895][ T40] audit: type=1326 audit(1740092554.534:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9487 comm="syz.1.743" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 268.179852][ T40] audit: type=1326 audit(1740092554.534:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9487 comm="syz.1.743" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7eff5a7 code=0x7ffc0000 [ 268.185984][ T40] audit: type=1326 audit(1740092554.534:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9487 comm="syz.1.743" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 268.192053][ T40] audit: type=1326 audit(1740092554.564:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9487 comm="syz.1.743" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 268.199430][ T40] audit: type=1326 audit(1740092554.564:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9487 comm="syz.1.743" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7eff5a7 code=0x7ffc0000 [ 268.207514][ T40] audit: type=1326 audit(1740092554.564:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9487 comm="syz.1.743" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 268.213806][ T40] audit: type=1326 audit(1740092554.564:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9487 comm="syz.1.743" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7eff579 code=0x7ffc0000 [ 269.333572][ T833] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 269.493661][ T833] usb 6-1: Using ep0 maxpacket: 8 [ 269.505312][ T833] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 269.509054][ T833] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 269.512774][ T833] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 269.519264][ T833] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 269.523518][ T833] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 269.526052][ T833] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 269.943881][ T833] usb 6-1: GET_CAPABILITIES returned 0 [ 269.945473][ T833] usbtmc 6-1:16.0: can't read capabilities [ 270.051032][ T833] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 270.383472][ T5989] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 270.544869][ T5989] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 270.547831][ T5989] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 270.550791][ T5989] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 270.563464][ T5989] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 270.569674][ T5989] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 270.572170][ T5989] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 270.583449][ T5989] usb 7-1: Manufacturer: syz [ 270.585725][ T5989] usb 7-1: config 0 descriptor?? [ 270.999561][ T5989] appleir 0003:05AC:8243.0002: unknown main item tag 0x0 [ 271.002432][ T5989] appleir 0003:05AC:8243.0002: No inputs registered, leaving [ 271.010666][ T5989] appleir 0003:05AC:8243.0002: hiddev1,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 271.193440][ T35] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 271.353495][ T35] usb 5-1: Using ep0 maxpacket: 8 [ 271.357115][ T35] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 271.360504][ T35] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 271.363902][ T35] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 271.366720][ T35] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 271.370372][ T35] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 271.372849][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 271.757640][ T35] usb 5-1: GET_CAPABILITIES returned 0 [ 271.759344][ T35] usbtmc 5-1:16.0: can't read capabilities [ 271.805712][ T57] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 272.128905][ T57] usb 6-1: USB disconnect, device number 10 [ 272.741027][ T9586] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.823927][ T9587] FAULT_INJECTION: forcing a failure. [ 272.823927][ T9587] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 272.827796][ T9587] CPU: 0 UID: 0 PID: 9587 Comm: syz.3.759 Not tainted 6.14.0-rc3-syzkaller-00096-ge9a8cac0bf89 #0 [ 272.827812][ T9587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 272.827818][ T9587] Call Trace: [ 272.827822][ T9587] [ 272.827827][ T9587] dump_stack_lvl+0x16c/0x1f0 [ 272.827846][ T9587] should_fail_ex+0x50a/0x650 [ 272.827874][ T9587] ? __pfx___might_resched+0x10/0x10 [ 272.827894][ T9587] should_fail_alloc_page+0xe7/0x130 [ 272.827906][ T9587] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 272.827920][ T9587] ? rcu_is_watching+0x12/0xc0 [ 272.827933][ T9587] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 272.827952][ T9587] ? is_bpf_text_address+0x30/0x1a0 [ 272.827967][ T9587] ? lock_acquire+0x2f/0xb0 [ 272.827981][ T9587] ? is_bpf_text_address+0x30/0x1a0 [ 272.827994][ T9587] ? bpf_ksym_find+0x124/0x1c0 [ 272.828005][ T9587] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 272.828018][ T9587] ? is_bpf_text_address+0x94/0x1a0 [ 272.828032][ T9587] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 272.828049][ T9587] ? mark_lock+0xb5/0xc60 [ 272.828062][ T9587] ? arch_stack_walk+0xa7/0x100 [ 272.828075][ T9587] ? mark_lock+0xb5/0xc60 [ 272.828087][ T9587] ? mark_lock+0xb5/0xc60 [ 272.828101][ T9587] ? hlock_class+0x4e/0x130 [ 272.828111][ T9587] ? __pfx_mark_lock+0x10/0x10 [ 272.828125][ T9587] ? __pfx_mark_lock+0x10/0x10 [ 272.828137][ T9587] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 272.828155][ T9587] ? policy_nodemask+0xea/0x4e0 [ 272.828173][ T9587] alloc_pages_mpol+0x1fc/0x540 [ 272.828184][ T9587] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 272.828201][ T9587] ? find_held_lock+0x2d/0x110 [ 272.828213][ T9587] folio_alloc_mpol_noprof+0x36/0x2f0 [ 272.828226][ T9587] vma_alloc_folio_noprof+0xee/0x1b0 [ 272.828238][ T9587] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 272.828251][ T9587] ? __pfx___lock_acquire+0x10/0x10 [ 272.828267][ T9587] do_wp_page+0x105a/0x4670 [ 272.828284][ T9587] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 272.828299][ T9587] ? __pfx_do_wp_page+0x10/0x10 [ 272.828316][ T9587] ? rcu_is_watching+0x12/0xc0 [ 272.828328][ T9587] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 272.828338][ T9587] ? lock_acquire+0x2f/0xb0 [ 272.828351][ T9587] ? __handle_mm_fault+0xf22/0x2c60 [ 272.828369][ T9587] __handle_mm_fault+0x1c7c/0x2c60 [ 272.828388][ T9587] ? __pfx___handle_mm_fault+0x10/0x10 [ 272.828402][ T9587] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 272.828424][ T9587] ? find_vma+0xc0/0x140 [ 272.828436][ T9587] ? __pfx_find_vma+0x10/0x10 [ 272.828450][ T9587] handle_mm_fault+0x3fa/0xaa0 [ 272.828467][ T9587] do_user_addr_fault+0x7a3/0x13f0 [ 272.828485][ T9587] exc_page_fault+0x5c/0xc0 [ 272.828497][ T9587] asm_exc_page_fault+0x26/0x30 [ 272.828511][ T9587] RIP: 0010:__put_user_nocheck_4+0x7/0x20 [ 272.828525][ T9587] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 [ 272.828535][ T9587] RSP: 0018:ffffc900069979b8 EFLAGS: 00050293 [ 272.828544][ T9587] RAX: 0000000040000020 RBX: 0000000040000020 RCX: 0000000080008898 [ 272.828550][ T9587] RDX: ffff8880236fa440 RSI: ffffffff8925eeb2 RDI: 0000000000000005 [ 272.828556][ T9587] RBP: ffffc90006997d60 R08: 0000000000000005 R09: 0000000000000000 [ 272.828562][ T9587] R10: 00000000c4000102 R11: 0000000000000000 R12: 0000000000000000 [ 272.828567][ T9587] R13: 0000000080008880 R14: ffffc90006997da4 R15: 00000000c4000102 [ 272.828577][ T9587] ? ____sys_recvmsg+0x3b2/0x6b0 [ 272.828592][ T9587] ____sys_recvmsg+0x3bd/0x6b0 [ 272.828605][ T9587] ? __pfx_____sys_recvmsg+0x10/0x10 [ 272.828624][ T9587] ___sys_recvmsg+0x115/0x1a0 [ 272.828639][ T9587] ? __pfx____sys_recvmsg+0x10/0x10 [ 272.828654][ T9587] ? __fget_files+0x1fc/0x3a0 [ 272.828669][ T9587] ? trace_lock_acquire+0x14e/0x1f0 [ 272.828685][ T9587] ? __fget_files+0x206/0x3a0 [ 272.828703][ T9587] do_recvmmsg+0x55d/0x740 [ 272.828720][ T9587] ? __pfx_do_recvmmsg+0x10/0x10 [ 272.828735][ T9587] ? vfs_write+0x306/0x1150 [ 272.828756][ T9587] ? __fget_files+0x206/0x3a0 [ 272.828772][ T9587] __sys_recvmmsg+0x21e/0x280 [ 272.828787][ T9587] ? __pfx___sys_recvmmsg+0x10/0x10 [ 272.828803][ T9587] ? __pfx_ksys_write+0x10/0x10 [ 272.828819][ T9587] __ia32_compat_sys_recvmmsg_time32+0xc4/0x160 [ 272.828833][ T9587] ? lockdep_hardirqs_on+0x7c/0x110 [ 272.828845][ T9587] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 272.828858][ T9587] __do_fast_syscall_32+0x73/0x120 [ 272.828872][ T9587] do_fast_syscall_32+0x32/0x80 [ 272.828885][ T9587] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 272.828902][ T9587] RIP: 0023:0xf7f65579 [ 272.828910][ T9587] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 272.828919][ T9587] RSP: 002b:00000000f506555c EFLAGS: 00000296 ORIG_RAX: 0000000000000151 [ 272.828928][ T9587] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080008880 [ 272.828934][ T9587] RDX: 0000000000000483 RSI: 0000000044000102 RDI: 0000000000000000 [ 272.828940][ T9587] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 272.828946][ T9587] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 272.828951][ T9587] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 272.828963][ T9587] [ 273.045306][ T9586] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.103868][ T9590] syzkaller1: entered promiscuous mode [ 273.105463][ T9590] syzkaller1: entered allmulticast mode [ 273.134320][ T9586] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.250169][ T833] usb 7-1: USB disconnect, device number 6 [ 273.266837][ T9586] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.355808][ T9586] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.363258][ T9586] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.371897][ T9586] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.379581][ T9586] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.981501][ T63] usb 5-1: USB disconnect, device number 9 [ 280.292656][ T9606] geneve0: entered allmulticast mode [ 280.543542][ T63] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 280.694973][ T63] usb 7-1: Using ep0 maxpacket: 16 [ 280.701307][ T63] usb 7-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35 [ 280.705406][ T63] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 280.709407][ T63] usb 7-1: Product: syz [ 280.711200][ T63] usb 7-1: Manufacturer: syz [ 280.713004][ T63] usb 7-1: SerialNumber: syz [ 280.716911][ T63] usb 7-1: config 0 descriptor?? [ 280.724861][ T63] as10x_usb: device has been detected [ 280.727402][ T63] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led)) [ 280.740862][ T63] usb 7-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))... [ 280.775709][ T63] as10x_usb: error during firmware upload part1 [ 280.778411][ T63] Registered device Sky IT Digital Key (green led) [ 280.924035][ T9606] random: crng reseeded on system resumption [ 280.978669][ T9606] geneve0 (unregistering): left allmulticast mode [ 281.044570][ T35] usb 7-1: USB disconnect, device number 7 [ 281.058369][ T35] Unregistered device Sky IT Digital Key (green led) [ 281.059104][ T35] as10x_usb: device has been disconnected [ 281.753532][ T5989] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 281.914373][ T5989] usb 6-1: Using ep0 maxpacket: 8 [ 281.918553][ T5989] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 281.922543][ T5989] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 281.926827][ T5989] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 281.930245][ T5989] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 281.935388][ T5989] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 281.938959][ T5989] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 282.533860][ T833] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 282.559378][ T5989] usb 6-1: usb_control_msg returned -32 [ 282.561989][ T5989] usbtmc 6-1:16.0: can't read capabilities [ 283.403166][ T9682] vcan0: tx drop: invalid da for name 0x000000000000fe00 [ 283.406693][ T9682] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 284.532138][ T833] usb 6-1: USB disconnect, device number 11 [ 294.493424][ T35] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 294.655540][ T35] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 294.658643][ T35] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 294.661257][ T35] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.666577][ T35] usb 7-1: config 0 descriptor?? [ 295.012708][ T9765] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 295.021928][ T35] usbhid 7-1:0.0: can't add hid device: -71 [ 295.023619][ T35] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 295.026937][ T35] usb 7-1: USB disconnect, device number 8 [ 295.219399][ T9772] netlink: 'syz.0.793': attribute type 4 has an invalid length. [ 295.225870][ T9772] netlink: 'syz.0.793': attribute type 4 has an invalid length. [ 295.458301][ T40] kauditd_printk_skb: 172 callbacks suppressed [ 295.458317][ T40] audit: type=1326 audit(1740092581.854:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.3.796" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 295.466392][ T35] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 295.471302][ T40] audit: type=1326 audit(1740092581.864:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.3.796" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 295.477782][ T40] audit: type=1326 audit(1740092581.864:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.3.796" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 295.486001][ T40] audit: type=1326 audit(1740092581.864:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.3.796" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 295.497319][ T40] audit: type=1326 audit(1740092581.864:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.3.796" exe="/syz-executor" sig=0 arch=40000003 syscall=257 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 295.505326][ T40] audit: type=1326 audit(1740092581.864:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.3.796" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 295.511371][ T40] audit: type=1326 audit(1740092581.864:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.3.796" exe="/syz-executor" sig=0 arch=40000003 syscall=322 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 295.517360][ T40] audit: type=1326 audit(1740092581.864:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.3.796" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 295.523269][ T40] audit: type=1326 audit(1740092581.864:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.3.796" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 295.529502][ T40] audit: type=1326 audit(1740092581.864:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9781 comm="syz.3.796" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f65579 code=0x7ffc0000 [ 295.613433][ T35] usb 7-1: Using ep0 maxpacket: 32 [ 295.622835][ T35] usb 7-1: no configurations [ 295.627625][ T35] usb 7-1: can't read configurations, error -22 [ 295.753449][ T35] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 295.924247][ T35] usb 7-1: Using ep0 maxpacket: 32 [ 296.009862][ T35] usb 7-1: no configurations [ 296.011228][ T35] usb 7-1: can't read configurations, error -22 [ 296.013113][ T35] usb usb7-port1: attempt power cycle [ 296.051427][ T9806] netlink: 24 bytes leftover after parsing attributes in process `syz.1.808'. [ 296.100593][ T9810] netlink: 4 bytes leftover after parsing attributes in process `syz.1.810'. [ 296.207987][ T9822] warning: `syz.3.816' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 296.282115][ T9826] sctp: [Deprecated]: syz.3.818 (pid 9826) Use of struct sctp_assoc_value in delayed_ack socket option. [ 296.282115][ T9826] Use struct sctp_sack_info instead [ 296.320362][ T9829] netlink: 20 bytes leftover after parsing attributes in process `syz.0.819'. [ 296.353425][ T35] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 296.374166][ T35] usb 7-1: Using ep0 maxpacket: 32 [ 296.376503][ T35] usb 7-1: no configurations [ 296.378143][ T35] usb 7-1: can't read configurations, error -22 [ 296.420944][ T9835] infiniband syz0: set active [ 296.423444][ T9835] infiniband syz0: added veth1_to_bond [ 296.444384][ T9835] RDS/IB: syz0: added [ 296.445907][ T9835] smc: adding ib device syz0 with port count 1 [ 296.447818][ T9835] smc: ib device syz0 port 1 has pnetid [ 296.516399][ T35] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 296.544447][ T35] usb 7-1: Using ep0 maxpacket: 32 [ 296.546667][ T35] usb 7-1: no configurations [ 296.547972][ T35] usb 7-1: can't read configurations, error -22 [ 296.549810][ T35] usb usb7-port1: unable to enumerate USB device [ 296.579078][ T9839] syzkaller1: entered promiscuous mode [ 296.579909][ T9853] netlink: 8 bytes leftover after parsing attributes in process `syz.0.829'. [ 296.580693][ T9839] syzkaller1: entered allmulticast mode [ 296.622060][ T9853] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.705008][ T9853] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.807965][ T9853] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.910691][ T9853] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 297.052176][ T9853] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.058912][ T9853] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.063599][ T9853] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.069192][ T9853] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 297.311176][ T9882] netlink: 6 bytes leftover after parsing attributes in process `syz.2.842'. [ 297.313968][ T9882] bridge_slave_0: default FDB implementation only supports local addresses [ 297.317201][ T9882] netlink: 6 bytes leftover after parsing attributes in process `syz.2.842'. [ 297.319598][ T9882] bridge_slave_0: default FDB implementation only supports local addresses [ 297.352137][ T9884] netlink: 12 bytes leftover after parsing attributes in process `syz.1.843'. [ 297.724276][ T9919] netlink: 4 bytes leftover after parsing attributes in process `syz.3.860'. [ 297.727875][ T9919] netlink: 12 bytes leftover after parsing attributes in process `syz.3.860'. [ 298.037914][ T9958] tipc: Enabling of bearer rejected, failed to enable media [ 298.089237][ T9965] netlink: 'syz.3.882': attribute type 1 has an invalid length. [ 298.092109][ T9965] netlink: 220 bytes leftover after parsing attributes in process `syz.3.882'. [ 298.232838][ T9971] netlink: 'syz.3.884': attribute type 7 has an invalid length. [ 298.443910][ T9990] trusted_key: syz.2.893 sent an empty control message without MSG_MORE. [ 298.635571][T10009] bond0: (slave macvlan2): Error -16 calling set_mac_address [ 299.083914][T10082] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 299.114683][T10085] Bluetooth: MGMT ver 1.23 [ 299.444193][T10114] smc: ib device syz0 ibport 1 applied user defined pnetid SYZ2 [ 300.041845][T10137] bond1: entered promiscuous mode [ 300.044217][T10137] 8021q: adding VLAN 0 to HW filter on device bond1 [ 300.150369][T10144] syz_tun: entered allmulticast mode [ 300.155820][T10142] syz_tun: left allmulticast mode [ 300.333185][T10166] ax25_connect(): syz.1.969 uses autobind, please contact jreuter@yaina.de [ 300.805075][T10217] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.899124][T10217] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 300.988749][T10217] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.117066][T10217] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 301.209182][T10217] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.217270][T10217] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.224350][T10217] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.230022][T10217] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 301.311441][ T9569] IPVS: starting estimator thread 0... [ 301.407194][T10245] IPVS: using max 35 ests per chain, 84000 per kthread [ 301.536931][ C0] Unknown status report in ack skb [ 301.611550][T10284] __nla_validate_parse: 5 callbacks suppressed [ 301.611566][T10284] netlink: 6 bytes leftover after parsing attributes in process `syz.3.1021'. [ 301.619705][T10284] bridge_slave_0: default FDB implementation only supports local addresses [ 301.624409][T10284] netlink: 6 bytes leftover after parsing attributes in process `syz.3.1021'. [ 301.627762][T10284] bridge_slave_0: default FDB implementation only supports local addresses [ 301.812921][T10307] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1032'. [ 301.818111][T10307] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1032'. [ 301.821073][T10307] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1032'. [ 301.846193][T10311] netlink: 6 bytes leftover after parsing attributes in process `syz.1.1034'. [ 301.848856][T10311] bridge_slave_0: default FDB implementation only supports local addresses [ 301.851910][T10311] netlink: 6 bytes leftover after parsing attributes in process `syz.1.1034'. [ 301.854679][T10311] bridge_slave_0: default FDB implementation only supports local addresses [ 301.928396][T10321] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1039'. [ 301.932178][T10321] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1039'. [ 301.966437][T10325] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1041'. [ 301.969114][T10325] netlink: 'syz.1.1041': attribute type 1 has an invalid length. [ 301.971562][T10325] nbd: error processing sock list [ 302.393103][T10366] Bluetooth: hci0: Opcode 0x0c20 failed: -22 [ 304.078980][T10533] kernel profiling enabled (shift: 17) [ 304.413481][ T5956] Bluetooth: hci0: command tx timeout [ 304.743426][ T6007] usb 7-1: new full-speed USB device number 13 using dummy_hcd [ 304.873665][ T6007] usb 7-1: device descriptor read/64, error -71 [ 305.123475][ T6007] usb 7-1: new full-speed USB device number 14 using dummy_hcd [ 305.263493][ T6007] usb 7-1: device descriptor read/64, error -71 [ 305.384693][ T6007] usb usb7-port1: attempt power cycle [ 305.743441][ T6007] usb 7-1: new full-speed USB device number 15 using dummy_hcd [ 305.774697][ T6007] usb 7-1: device descriptor read/8, error -71 [ 306.023467][ T6007] usb 7-1: new full-speed USB device number 16 using dummy_hcd [ 306.044519][ T6007] usb 7-1: device descriptor read/8, error -71 [ 306.153797][ T6007] usb usb7-port1: unable to enumerate USB device [ 306.338534][T10664] bridge: RTM_NEWNEIGH with invalid ether address [ 306.342063][T10664] bridge: RTM_NEWNEIGH with invalid ether address [ 306.628067][T10687] ubi31: attaching mtd0 [ 306.631407][T10687] ubi31: scanning is finished [ 306.632741][T10687] ubi31: empty MTD device detected [ 306.789017][T10687] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 306.791162][T10687] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 306.794179][T10687] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 306.797042][T10687] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 306.800052][T10687] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 306.802701][T10687] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 306.806204][T10687] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 824162823 [ 306.809972][T10687] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 306.815012][T10694] ubi31: background thread "ubi_bgt31d" started, PID 10694 [ 306.923885][T10698] __nla_validate_parse: 10 callbacks suppressed [ 306.923901][T10698] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1203'. [ 307.197727][T10706] dccp_close: ABORT with 214 bytes unread [ 308.028256][T10782] netlink: 18 bytes leftover after parsing attributes in process `syz.2.1242'. [ 308.031187][T10782] netlink: 18 bytes leftover after parsing attributes in process `syz.2.1242'. [ 308.058676][T10787] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1245'. [ 308.115946][T10795] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1249'. [ 308.182645][T10806] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1254'. [ 308.204455][T10808] netlink: 18 bytes leftover after parsing attributes in process `syz.2.1255'. [ 308.207884][T10808] netlink: 18 bytes leftover after parsing attributes in process `syz.2.1255'. [ 308.383574][ T834] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 308.512007][T10823] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1261'. [ 308.533426][ T834] usb 5-1: Using ep0 maxpacket: 16 [ 308.566118][ T834] usb 5-1: config index 0 descriptor too short (expected 115, got 56) [ 308.568301][ T834] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 308.570955][ T834] usb 5-1: config 0 has no interfaces? [ 308.573693][ T834] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 308.576044][ T834] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 308.578253][ T834] usb 5-1: Manufacturer: syz [ 308.585481][ T834] usb 5-1: config 0 descriptor?? [ 309.301525][ T6007] usb 5-1: USB disconnect, device number 10 [ 309.592567][T10885] netlink: 18 bytes leftover after parsing attributes in process `syz.1.1285'. [ 311.343420][ T5312] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 311.531833][ T5312] usb 6-1: New USB device found, idVendor=00e1, idProduct=c102, bcdDevice=7d.08 [ 311.543380][ T5312] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 311.545601][ T5312] usb 6-1: Product: syz [ 311.546765][ T5312] usb 6-1: Manufacturer: syz [ 311.548024][ T5312] usb 6-1: SerialNumber: syz [ 311.550322][ T5312] usb 6-1: config 0 descriptor?? [ 312.293604][ T5312] usb 6-1: USB disconnect, device number 12 [ 312.450551][T11035] __nla_validate_parse: 6 callbacks suppressed [ 312.450562][T11035] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1348'. [ 312.861971][T11063] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1358'. [ 313.040746][T11079] netlink: 6 bytes leftover after parsing attributes in process `syz.2.1367'. [ 313.044408][T11079] netlink: 6 bytes leftover after parsing attributes in process `syz.2.1367'. [ 313.504887][T11127] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1388'. [ 313.517310][T11127] bond1: entered promiscuous mode [ 313.519053][T11127] 8021q: adding VLAN 0 to HW filter on device bond1 [ 313.639735][T11138] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1393'. [ 313.769452][T11155] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1401'. [ 313.865147][T11165] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1405'. [ 313.955076][T11177] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1411'. [ 314.120946][T11187] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1416'. [ 315.391507][T11291] bond2: entered promiscuous mode [ 315.395930][T11291] 8021q: adding VLAN 0 to HW filter on device bond2 [ 315.929362][T11327] bond2: entered promiscuous mode [ 315.931032][T11327] 8021q: adding VLAN 0 to HW filter on device bond2 [ 316.463939][T11370] dccp_close: ABORT with 214 bytes unread [ 316.736067][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.030000][T11424] bond3: entered promiscuous mode [ 317.032338][T11424] 8021q: adding VLAN 0 to HW filter on device bond3 [ 317.564290][T11466] __nla_validate_parse: 13 callbacks suppressed [ 317.564303][T11466] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1543'. [ 317.594797][T11470] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1545'. [ 317.607701][T11470] bond3: entered promiscuous mode [ 317.609379][T11470] 8021q: adding VLAN 0 to HW filter on device bond3 [ 317.621720][T11473] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1546'. [ 317.696222][T11481] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1551'. [ 317.747375][T11485] netlink: 18 bytes leftover after parsing attributes in process `syz.1.1552'. [ 317.751731][T11485] netlink: 18 bytes leftover after parsing attributes in process `syz.1.1552'. [ 317.788206][T11489] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1554'. [ 317.835737][T11495] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1558'. [ 317.844893][T11495] bond4: entered promiscuous mode [ 317.847300][T11495] 8021q: adding VLAN 0 to HW filter on device bond4 [ 317.887958][T11507] netlink: 18 bytes leftover after parsing attributes in process `syz.2.1562'. [ 317.891106][T11507] netlink: 18 bytes leftover after parsing attributes in process `syz.2.1562'. [ 318.024976][T11529] bond1: entered promiscuous mode [ 318.026688][T11529] 8021q: adding VLAN 0 to HW filter on device bond1 [ 318.216058][T11556] bond4: entered promiscuous mode [ 318.218406][T11556] 8021q: adding VLAN 0 to HW filter on device bond4 [ 318.503577][ T5958] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 318.655119][ T5958] usb 6-1: Using ep0 maxpacket: 8 [ 318.664091][ T5958] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 318.668010][ T5958] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 318.672323][ T5958] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7 [ 318.676737][ T5958] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 318.680503][ T5958] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 318.686152][ T5958] usb 6-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 318.688679][ T5958] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 318.691832][ T5958] usb 6-1: Product: syz [ 318.693587][ T5958] usb 6-1: Manufacturer: syz [ 318.695424][ T5958] usb 6-1: SerialNumber: syz [ 318.696049][T11588] bond5: entered promiscuous mode [ 318.697885][ T5958] usb 6-1: config 0 descriptor?? [ 318.698785][T11588] 8021q: adding VLAN 0 to HW filter on device bond5 [ 318.882642][T11601] capability: warning: `syz.2.1598' uses 32-bit capabilities (legacy support in use) [ 318.905911][ T5958] radio-si470x 6-1:0.0: DeviceID=0x0000 ChipID=0x0000 [ 318.907920][ T5958] radio-si470x 6-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0. [ 319.116658][ T5958] radio-si470x 6-1:0.0: software version 221, hardware version 96 [ 319.123576][ T5958] radio-si470x 6-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org [ 319.319798][ T5958] radio-si470x 6-1:0.0: submitting int urb failed (-90) [ 319.522552][ T5958] radio-si470x 6-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 319.526577][ T5958] radio-si470x 6-1:0.0: probe with driver radio-si470x failed with error -22 [ 319.537022][ T5958] usb 6-1: USB disconnect, device number 13 [ 319.743493][ T5989] usb 7-1: new high-speed USB device number 17 using dummy_hcd [ 319.903459][ T5989] usb 7-1: Using ep0 maxpacket: 16 [ 319.907472][ T5989] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 319.911036][ T5989] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 319.914100][ T5989] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 319.917300][ T5989] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 319.919604][ T5989] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 319.922959][ T5989] usb 7-1: config 0 descriptor?? [ 320.335876][ T5989] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 320.339389][ T5989] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 320.341561][ T5989] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 320.343784][ T5989] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 320.345951][ T5989] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 320.348085][ T5989] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 320.350210][ T5989] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 320.352323][ T5989] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 320.355017][ T5989] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 320.357572][ T5989] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 320.368750][ T5989] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:045E:07DA.0003/input/input7 [ 320.398127][ T5989] microsoft 0003:045E:07DA.0003: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 320.537692][ T5312] usb 7-1: USB disconnect, device number 17 [ 321.513476][ T5989] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 321.673417][ T5989] usb 5-1: Using ep0 maxpacket: 16 [ 321.676281][ T5989] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 321.679431][ T5989] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 321.682448][ T5989] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 321.685183][ T5989] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 321.687818][ T5989] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 321.692171][ T5989] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 321.694736][ T5989] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 321.696962][ T5989] usb 5-1: Manufacturer: syz [ 321.699581][ T5989] usb 5-1: config 0 descriptor?? [ 321.953534][ T5989] rc_core: IR keymap rc-hauppauge not found [ 321.955344][ T5989] Registered IR keymap rc-empty [ 321.957286][ T5989] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 321.973657][ T5989] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 322.005562][ T5989] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0 [ 322.010651][ T5989] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/rc/rc0/input8 [ 322.021658][ T5989] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 322.053771][ T5989] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 322.073702][ T5989] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 322.093714][ T5989] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 322.113592][ T5989] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 322.133567][ T5989] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 322.153517][ T5989] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 322.173579][ T5989] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 322.193537][ T5989] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 322.213554][ T5989] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 322.235557][ T5989] mceusb 5-1:0.0: Registered with mce emulator interface version 1 [ 322.238526][ T5989] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 322.353111][ T833] usb 5-1: USB disconnect, device number 11 [ 322.810488][T11794] __nla_validate_parse: 32 callbacks suppressed [ 322.810531][T11794] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1680'. [ 322.845659][T11800] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1681'. [ 322.872853][T11800] bond6: entered promiscuous mode [ 322.876167][T11800] 8021q: adding VLAN 0 to HW filter on device bond6 [ 322.905358][T11805] netlink: 'syz.0.1683': attribute type 26 has an invalid length. [ 322.970482][T11815] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1688'. [ 322.973161][T11815] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1688'. [ 323.036963][T11826] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1693'. [ 323.046159][T11826] bond5: entered promiscuous mode [ 323.048026][T11826] 8021q: adding VLAN 0 to HW filter on device bond5 [ 323.133662][ T5956] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 323.133898][ T5952] Bluetooth: hci4: command 0x1003 tx timeout [ 323.359862][T11849] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1702'. [ 323.520395][T11865] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1710'. [ 323.607776][T11879] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1714'. [ 323.754452][T11893] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1721'. [ 323.982436][T11913] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1730'. [ 324.301558][T11933] kAFS: No cell specified [ 324.314691][T11933] sp0: Synchronizing with TNC [ 325.613414][ T5312] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 325.775246][ T5312] usb 6-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 325.777882][ T5312] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.780999][ T5312] usb 6-1: config 0 descriptor?? [ 325.786147][ T5312] gspca_main: spca508-2.14.0 probing 8086:0110 [ 326.072749][T12032] netlink: 'syz.0.1780': attribute type 1 has an invalid length. [ 326.212808][ C3] vkms_vblank_simulate: vblank timer overrun [ 326.305203][ T5312] gspca_spca508: reg_read err -110 [ 326.307387][ T5312] gspca_spca508: reg_read err -32 [ 326.309501][ T5312] gspca_spca508: reg_read err -32 [ 326.311632][ T5312] gspca_spca508: reg_read err -32 [ 326.314032][ T5312] gspca_spca508: reg_read err -32 [ 326.316093][ T5312] gspca_spca508: reg write: error -32 [ 326.318167][ T5312] spca508 6-1:0.0: probe with driver spca508 failed with error -32 [ 327.445157][T12058] netlink: 'syz.3.1790': attribute type 1 has an invalid length. [ 328.100904][T12075] __nla_validate_parse: 12 callbacks suppressed [ 328.100915][T12075] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1797'. [ 328.373527][ T5312] usb 6-1: USB disconnect, device number 14 [ 328.779204][T12091] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1803'. [ 329.222315][T12110] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1811'. [ 330.915453][T12207] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1852'. [ 331.003933][T12215] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1856'. [ 331.008428][T12217] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1857'. [ 331.169768][T12230] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1862'. [ 331.237705][T12239] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1866'. [ 331.250154][T12241] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1858'. [ 331.267178][T12243] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1867'. [ 332.328221][T12275] netlink: 'syz.0.1876': attribute type 12 has an invalid length. [ 333.894602][T12353] __nla_validate_parse: 11 callbacks suppressed [ 333.894614][T12353] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1905'. [ 333.959975][T12355] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1906'. [ 334.288292][T12369] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1912'. [ 334.444491][T12377] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1915'. [ 334.508540][T12381] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1916'. [ 334.823951][T12391] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1921'. [ 335.550491][T12403] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1925'. [ 335.604062][T12407] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1927'. [ 335.630808][T12411] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1929'. [ 335.655377][T12413] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1930'. [ 336.644725][ T1185] ------------[ cut here ]------------ [ 336.646286][ T1185] WARNING: CPU: 2 PID: 1185 at net/mac80211/offchannel.c:404 ieee80211_start_next_roc+0x24c/0x2c0 [ 336.649203][ T1185] Modules linked in: [ 336.650630][ T1185] CPU: 2 UID: 0 PID: 1185 Comm: kworker/u32:10 Not tainted 6.14.0-rc3-syzkaller-00096-ge9a8cac0bf89 #0 [ 336.655629][ T1185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 336.658619][ T1185] Workqueue: events_unbound cfg80211_wiphy_work [ 336.660620][ T1185] RIP: 0010:ieee80211_start_next_roc+0x24c/0x2c0 [ 336.662398][ T1185] Code: 7b 40 e8 87 59 dc ff 48 83 c4 10 5b 5d e9 7c 24 f0 f6 e8 77 24 f0 f6 48 89 df e8 af 60 ff ff e9 40 ff ff ff e8 65 24 f0 f6 90 <0f> 0b 90 e9 32 ff ff ff 48 c7 c7 14 a5 62 90 e8 50 64 52 f7 e9 db [ 336.667677][ T1185] RSP: 0018:ffffc90006957a68 EFLAGS: 00010293 [ 336.669396][ T1185] RAX: 0000000000000000 RBX: ffff888068e60e40 RCX: ffffffff8ac9b8a6 [ 336.671589][ T1185] RDX: ffff888025800000 RSI: ffffffff8ac9b9db RDI: 0000000000000001 [ 336.673934][ T1185] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 336.676116][ T1185] R10: 0000000000000001 R11: 0000000000000003 R12: 0000000000000001 [ 336.678318][ T1185] R13: ffff888068e628c8 R14: ffff888068e60e40 R15: dffffc0000000000 [ 336.680496][ T1185] FS: 0000000000000000(0000) GS:ffff88802b600000(0000) knlGS:0000000000000000 [ 336.682961][ T1185] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 336.684928][ T1185] CR2: 00000000f73bd230 CR3: 000000000df80000 CR4: 0000000000352ef0 [ 336.687123][ T1185] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 336.689244][ T1185] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 336.691454][ T1185] Call Trace: [ 336.692390][ T1185] [ 336.693236][ T1185] ? __warn+0xea/0x3c0 [ 336.694470][ T1185] ? ieee80211_start_next_roc+0x24c/0x2c0 [ 336.696069][ T1185] ? report_bug+0x3c0/0x580 [ 336.697341][ T1185] ? handle_bug+0x54/0xa0 [ 336.698591][ T1185] ? exc_invalid_op+0x17/0x50 [ 336.699909][ T1185] ? asm_exc_invalid_op+0x1a/0x20 [ 336.701330][ T1185] ? ieee80211_start_next_roc+0x116/0x2c0 [ 336.702922][ T1185] ? ieee80211_start_next_roc+0x24b/0x2c0 [ 336.704550][ T1185] ? ieee80211_start_next_roc+0x24c/0x2c0 [ 336.706147][ T1185] ? ieee80211_start_next_roc+0x24b/0x2c0 [ 336.707734][ T1185] __ieee80211_scan_completed+0x4fe/0xe60 [ 336.709379][ T1185] ieee80211_scan_work+0x440/0x2080 [ 336.710839][ T1185] ? cfg80211_wiphy_work+0x3b7/0x570 [ 336.712303][ T1185] ? __pfx_lock_release+0x10/0x10 [ 336.713774][ T1185] ? __pfx_ieee80211_scan_work+0x10/0x10 [ 336.715326][ T1185] ? mark_held_locks+0x9f/0xe0 [ 336.716815][ T1185] ? rcu_is_watching+0x12/0xc0 [ 336.718204][ T1185] cfg80211_wiphy_work+0x3ed/0x570 [ 336.719670][ T1185] process_one_work+0x9c5/0x1ba0 [ 336.721060][ T1185] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 336.722724][ T1185] ? __pfx_process_one_work+0x10/0x10 [ 336.724315][ T1185] ? assign_work+0x1a0/0x250 [ 336.725630][ T1185] worker_thread+0x6c8/0xf00 [ 336.726925][ T1185] ? __kthread_parkme+0x148/0x220 [ 336.728364][ T1185] ? __pfx_worker_thread+0x10/0x10 [ 336.729803][ T1185] kthread+0x3af/0x750 [ 336.730958][ T1185] ? __pfx_kthread+0x10/0x10 [ 336.732244][ T1185] ? lock_acquire+0x2f/0xb0 [ 336.733674][ T1185] ? __pfx_kthread+0x10/0x10 [ 336.734977][ T1185] ret_from_fork+0x45/0x80 [ 336.736226][ T1185] ? __pfx_kthread+0x10/0x10 [ 336.737536][ T1185] ret_from_fork_asm+0x1a/0x30 [ 336.738923][ T1185] [ 336.739785][ T1185] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 336.741812][ T1185] CPU: 2 UID: 0 PID: 1185 Comm: kworker/u32:10 Not tainted 6.14.0-rc3-syzkaller-00096-ge9a8cac0bf89 #0 [ 336.744875][ T1185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 336.747750][ T1185] Workqueue: events_unbound cfg80211_wiphy_work [ 336.749495][ T1185] Call Trace: [ 336.750429][ T1185] [ 336.751268][ T1185] dump_stack_lvl+0x3d/0x1f0 [ 336.752559][ T1185] panic+0x71d/0x800 [ 336.753662][ T1185] ? __pfx_panic+0x10/0x10 [ 336.754975][ T1185] ? show_trace_log_lvl+0x29d/0x3d0 [ 336.756472][ T1185] ? check_panic_on_warn+0x1f/0xb0 [ 336.757926][ T1185] ? ieee80211_start_next_roc+0x24c/0x2c0 [ 336.759506][ T1185] check_panic_on_warn+0xab/0xb0 [ 336.760883][ T1185] __warn+0xf6/0x3c0 [ 336.762002][ T1185] ? ieee80211_start_next_roc+0x24c/0x2c0 [ 336.763580][ T1185] report_bug+0x3c0/0x580 [ 336.764786][ T1185] handle_bug+0x54/0xa0 [ 336.765959][ T1185] exc_invalid_op+0x17/0x50 [ 336.767224][ T1185] asm_exc_invalid_op+0x1a/0x20 [ 336.768646][ T1185] RIP: 0010:ieee80211_start_next_roc+0x24c/0x2c0 [ 336.770426][ T1185] Code: 7b 40 e8 87 59 dc ff 48 83 c4 10 5b 5d e9 7c 24 f0 f6 e8 77 24 f0 f6 48 89 df e8 af 60 ff ff e9 40 ff ff ff e8 65 24 f0 f6 90 <0f> 0b 90 e9 32 ff ff ff 48 c7 c7 14 a5 62 90 e8 50 64 52 f7 e9 db [ 336.775626][ T1185] RSP: 0018:ffffc90006957a68 EFLAGS: 00010293 [ 336.777282][ T1185] RAX: 0000000000000000 RBX: ffff888068e60e40 RCX: ffffffff8ac9b8a6 [ 336.779495][ T1185] RDX: ffff888025800000 RSI: ffffffff8ac9b9db RDI: 0000000000000001 [ 336.781667][ T1185] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 336.783807][ T1185] R10: 0000000000000001 R11: 0000000000000003 R12: 0000000000000001 [ 336.785978][ T1185] R13: ffff888068e628c8 R14: ffff888068e60e40 R15: dffffc0000000000 [ 336.788165][ T1185] ? ieee80211_start_next_roc+0x116/0x2c0 [ 336.789742][ T1185] ? ieee80211_start_next_roc+0x24b/0x2c0 [ 336.791311][ T1185] ? ieee80211_start_next_roc+0x24b/0x2c0 [ 336.792882][ T1185] __ieee80211_scan_completed+0x4fe/0xe60 [ 336.794459][ T1185] ieee80211_scan_work+0x440/0x2080 [ 336.795903][ T1185] ? cfg80211_wiphy_work+0x3b7/0x570 [ 336.797363][ T1185] ? __pfx_lock_release+0x10/0x10 [ 336.798797][ T1185] ? __pfx_ieee80211_scan_work+0x10/0x10 [ 336.800339][ T1185] ? mark_held_locks+0x9f/0xe0 [ 336.801689][ T1185] ? rcu_is_watching+0x12/0xc0 [ 336.803008][ T1185] cfg80211_wiphy_work+0x3ed/0x570 [ 336.804474][ T1185] process_one_work+0x9c5/0x1ba0 [ 336.805864][ T1185] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 336.807418][ T1185] ? __pfx_process_one_work+0x10/0x10 [ 336.808938][ T1185] ? assign_work+0x1a0/0x250 [ 336.810241][ T1185] worker_thread+0x6c8/0xf00 [ 336.811547][ T1185] ? __kthread_parkme+0x148/0x220 [ 336.812942][ T1185] ? __pfx_worker_thread+0x10/0x10 [ 336.814365][ T1185] kthread+0x3af/0x750 [ 336.815514][ T1185] ? __pfx_kthread+0x10/0x10 [ 336.816810][ T1185] ? lock_acquire+0x2f/0xb0 [ 336.818141][ T1185] ? __pfx_kthread+0x10/0x10 [ 336.819435][ T1185] ret_from_fork+0x45/0x80 [ 336.820701][ T1185] ? __pfx_kthread+0x10/0x10 [ 336.822051][ T1185] ret_from_fork_asm+0x1a/0x30 [ 336.823387][ T1185] [ 336.824806][ T1185] Kernel Offset: disabled [ 336.826273][ T1185] Rebooting in 86400 seconds.. VM DIAGNOSIS: 23:03:43 Registers: info registers vcpu 0 CPU#0 RAX=0000000010600732 RBX=ffffffff93822000 RCX=0000000000000000 RDX=000000cd00000000 RSI=ffffffff815e999b RDI=ffffffff93822000 RBP=1ffff92000000fcf RSP=ffffc90000007e00 R8 =0000000000000000 R9 =fffffbfff20c4e42 R10=ffffffff90627217 R11=0000000000000003 R12=0000000000000008 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8b54fd60 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f9f060b6d00 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000557653f26000 CR3=000000004a3c4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000003400003 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 697270203a732500 7325207461206465 7269707865207972 746e65203a732500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4c5755051f560000 5600055144054140 574c555d40055c57 514b40051f560000 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=5e3363f85e3363f8 5e3363f85e3363f8 5e3363f85e3363f8 5e3363f85e3363f8 5e3363f85e3363f8 5e3363f85e3363f8 5e3363f85e3363f8 5e3363f85e3363f8 ZMM22=796d9a8b796d9a8b 796d9a8b796d9a8b 796d9a8b796d9a8b 796d9a8b796d9a8b 796d9a8b796d9a8b 796d9a8b796d9a8b 796d9a8b796d9a8b 796d9a8b796d9a8b ZMM23=5941d4265941d426 5941d4265941d426 5941d4265941d426 5941d4265941d426 5941d4265941d426 5941d4265941d426 5941d4265941d426 5941d4265941d426 ZMM24=c90ea5aac90ea5aa c90ea5aac90ea5aa c90ea5aac90ea5aa c90ea5aac90ea5aa c90ea5aac90ea5aa c90ea5aac90ea5aa c90ea5aac90ea5aa c90ea5aac90ea5aa ZMM25=903d19f0903d19f0 903d19f0903d19f0 903d19f0903d19f0 903d19f0903d19f0 903d19f0903d19f0 903d19f0903d19f0 903d19f0903d19f0 903d19f0903d19f0 ZMM26=2efcf85f2efcf85f 2efcf85f2efcf85f 2efcf85f2efcf85f 2efcf85f2efcf85f 2efcf85f2efcf85f 2efcf85f2efcf85f 2efcf85f2efcf85f 2efcf85f2efcf85f ZMM27=e550dae0e550dae0 e550dae0e550dae0 e550dae0e550dae0 e550dae0e550dae0 e550dae0e550dae0 e550dae0e550dae0 e550dae0e550dae0 e550dae0e550dae0 ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0115000001150000 0115000001150000 0115000001150000 0115000001150000 0115000001150000 0115000001150000 0115000001150000 0115000001150000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000000 RCX=ffffffff820454b0 RDX=ffff88801ed5c880 RSI=0000000000000000 RDI=0000000000000007 RBP=800000005b9d7007 RSP=ffffc9000112f778 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000007 R12=0000000000000028 R13=ffff8880634e9000 R14=ffffea00016e75c0 R15=dffffc0000000000 RIP=ffffffff820454b0 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7f555c0 CR3=000000004cd4e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000000006f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff853e58d5 RDI=ffffffff9ab6ce20 RBP=ffffffff9ab6cde0 RSP=ffffc900069573e8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000007 R12=0000000000000000 R13=000000000000006f R14=ffffffff9ab6cde0 R15=0000000000000000 RIP=ffffffff853e58ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73bd230 CR3=000000000df80000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 ZMM17=5941d426796d9a8b 5e3363f8476caee5 5941d426796d9a8b 5e3363f8476caee5 5941d426796d9a8b 5e3363f8476caee5 5941d426796d9a8b 5e3363f8476caee5 ZMM18=e550dae02efcf85f 903d19f0c90ea5aa e550dae02efcf85f 903d19f0c90ea5aa e550dae02efcf85f 903d19f0c90ea5aa e550dae02efcf85f 903d19f0c90ea5aa ZMM19=0115000000000000 000000000000002b 0115000000000000 000000000000002a 0115000000000000 0000000000000029 0115000000000000 0000000000000028 ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=5e3363f85e3363f8 5e3363f85e3363f8 5e3363f85e3363f8 5e3363f85e3363f8 5e3363f85e3363f8 5e3363f85e3363f8 5e3363f85e3363f8 5e3363f85e3363f8 ZMM22=796d9a8b796d9a8b 796d9a8b796d9a8b 796d9a8b796d9a8b 796d9a8b796d9a8b 796d9a8b796d9a8b 796d9a8b796d9a8b 796d9a8b796d9a8b 796d9a8b796d9a8b ZMM23=5941d4265941d426 5941d4265941d426 5941d4265941d426 5941d4265941d426 5941d4265941d426 5941d4265941d426 5941d4265941d426 5941d4265941d426 ZMM24=c90ea5aac90ea5aa c90ea5aac90ea5aa c90ea5aac90ea5aa c90ea5aac90ea5aa c90ea5aac90ea5aa c90ea5aac90ea5aa c90ea5aac90ea5aa c90ea5aac90ea5aa ZMM25=903d19f0903d19f0 903d19f0903d19f0 903d19f0903d19f0 903d19f0903d19f0 903d19f0903d19f0 903d19f0903d19f0 903d19f0903d19f0 903d19f0903d19f0 ZMM26=2efcf85f2efcf85f 2efcf85f2efcf85f 2efcf85f2efcf85f 2efcf85f2efcf85f 2efcf85f2efcf85f 2efcf85f2efcf85f 2efcf85f2efcf85f 2efcf85f2efcf85f ZMM27=e550dae0e550dae0 e550dae0e550dae0 e550dae0e550dae0 e550dae0e550dae0 e550dae0e550dae0 e550dae0e550dae0 e550dae0e550dae0 e550dae0e550dae0 ZMM28=000000300000002f 0000002e0000002d 0000002c0000002b 0000002a00000029 0000002800000027 0000002600000025 0000002400000023 0000002200000021 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0115000001150000 0115000001150000 0115000001150000 0115000001150000 0115000001150000 0115000001150000 0115000001150000 0115000001150000 info registers vcpu 3 CPU#3 RAX=0000000000080000 RBX=0000000000000001 RCX=ffffc90007561000 RDX=0000000000080000 RSI=ffffffff84ab0690 RDI=0000000000000005 RBP=0000000000000000 RSP=ffffc90003cd73b8 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=dffffc0000000000 R13=00000000000004f9 R14=0000000000000cc0 R15=04fff00000020001 RIP=ffffffff819f8350 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000057a384c0 CR3=000000006afba000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000