last executing test programs: 2m6.614625187s ago: executing program 2 (id=2068): r0 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x49783, 0x0) readv(r0, &(0x7f0000000400)=[{&(0x7f0000000380)=""/128, 0x80}], 0x1) ioctl$SNDCTL_SEQ_PANIC(r1, 0x5111) 2m6.52358874s ago: executing program 2 (id=2074): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x80000}) r1 = fanotify_init(0x200, 0x0) fanotify_mark(r1, 0x80, 0x40000032, r0, 0x0) 2m6.477451233s ago: executing program 2 (id=2077): openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x2aa42, 0x0) r0 = syz_io_uring_setup(0x1e1e, &(0x7f00000000c0)={0x0, 0x86f7, 0x10100, 0x0, 0x1}, &(0x7f0000002000)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x26}) io_uring_enter(r0, 0x48e9, 0x0, 0x2, 0x0, 0x0) 2m6.44080259s ago: executing program 2 (id=2081): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x48) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000580)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xb5008, 0x0) umount2(&(0x7f00000001c0)='./file0/../file0\x00', 0x4) 2m6.399485483s ago: executing program 2 (id=2084): sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000001c0)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c, 0x0}}], 0x1, 0x8000) r0 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000000c0)={0xfff1, 0x9, 0x9, 0x5, r1}, &(0x7f0000000200)=0x10) 2m6.174536978s ago: executing program 2 (id=2091): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) lseek(r0, 0x289e0cb5, 0x0) 2m6.067252204s ago: executing program 32 (id=2091): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) lseek(r0, 0x289e0cb5, 0x0) 2.023282896s ago: executing program 4 (id=5224): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="27050200d40f00000600002f8847", 0xe}], 0x1}, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1.892485501s ago: executing program 0 (id=5234): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0xcd8) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) close(r0) 1.87415774s ago: executing program 4 (id=5235): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x19, 0x4, 0x4, 0x8}, 0x48) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x2, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x1, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x25}]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xd2, &(0x7f0000000040)=""/210}, 0x21) 1.827621957s ago: executing program 4 (id=5237): r0 = socket$kcm(0x2d, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f00000003c0)={r0}) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000200)) 1.827466247s ago: executing program 4 (id=5239): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000f00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10) socket$packet(0x11, 0x3, 0x300) 1.778141759s ago: executing program 4 (id=5241): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'erspan0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000400)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="01000000000000001c0012800b0001006d616373656300000c00028005000f000700000008000500", @ANYRES32=r1], 0x44}}, 0x0) 1.778037535s ago: executing program 0 (id=5242): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@nr_inodes={'nr_inodes', 0x3d, [0x31]}}]}) chdir(&(0x7f0000000200)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x8) 1.777905613s ago: executing program 4 (id=5244): syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xbd, 0x16, 0xf, 0x40, 0x8086, 0x110, 0xbfad, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa0, 0x12, 0x24}}]}}]}}, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000040)={0x3, 0x2, 0xffffffff, 0x3}) r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="18000000071401000000000000000000050060"], 0x18}}, 0x0) 1.71921491s ago: executing program 0 (id=5245): openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r1 = epoll_create(0x10001) mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 895.126425ms ago: executing program 0 (id=5258): r0 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000012c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d02409819180179714ed0a6e1f0f755d8583da60f27c162dbba0706002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d08428353b1c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cece48c38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5ff01000000000000b69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000013887ad6d2d440fedce51a3aa57b00ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b44925129677b7b3d2f8e7792c7827862eae80134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498d357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b4073f300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b87234a30900000000000068133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf11211"], 0x0}, 0x94) sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x5}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000040)="2703022b590200c90000002f1eafbcf706e105000000894f000f1102ee1680ca82973d2bd4b8bf4a8291a14b8a34f90186cee844000000080000000019b0fb0bba", 0x41}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b7d050139bf7ada32bc9e37eed1153ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d3333ce2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb0000000000000000", 0x87}, {&(0x7f0000000280)="fe112162c63e6da8bc8432294ef18af53cc330a62a2c7035246635093ba4d30fcf19a90804f04a10939db8f4e13069cda6d167bf1b68c94d8d694d6ad1a4d51a715975560ad48770706eb1b88d021e1119f2eb75275cfe77f862368649be0f7aff5e7826729816e3d3e7986d9434f891c71ca6e4210c6757083cfd8e732048c504f28b6d309fc129ed8eb5a82e224eb648f90134d1d315977c6ea360a7fece4baa3dd7dcc970759f29df0e86469e954e2b050e87b203ca27a2a519b7555c3b73f2681d49442d9647ff5ea64110cc5020fdeafe53a7d8be70f3260816bc376bcdc5352771fa55d9733e27730ec7103520e8359c78edd21ee6c68feb3685a55722f5da09ffe8ba9f05081a8d214156376f99906245f2f390ad717979d98f0574f8c5b52dcc2fa494f461be6c2560ddbaafb80c5b4583cbe56d24f14ab78fd718947077ea736251c7b8eee267267534c84daa6f095e94bfb85986a03ddea362cc7e6682884e710727c1163cd4f336c13b844605b7a815fe39e43bd0d2e414410a82958455b8a6bd9194c631d66295675fed64c04107a595c421111a3af6e9fadab5c9", 0x1a1}, {&(0x7f0000000180)="6fe4dd9eeba3271dc700b581440284", 0xfe69}], 0x4}, 0x0) 894.875292ms ago: executing program 1 (id=5259): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000480)={@mcast2={0xff, 0x5}, @private0, @loopback, 0x800000, 0xa, 0x0, 0x500, 0x7ffffffe, 0x140192, r2}) 838.364573ms ago: executing program 1 (id=5260): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000740)={0x1f, @none}, 0x8) listen(r0, 0x0) setsockopt$bt_BT_VOICE(r0, 0x112, 0x13, 0x0, 0x0) 837.948692ms ago: executing program 0 (id=5261): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) r0 = epoll_create1(0x0) r1 = fcntl$dupfd(r0, 0x2, r0) bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000a80)=ANY=[@ANYRES32=r1, @ANYRES32, @ANYRES32=r0, @ANYRES32=r1, @ANYRES8], 0x14) 835.141495ms ago: executing program 1 (id=5262): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet(0x2, 0x3, 0x13) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c00000044000701fcffffff00000000017c000038000480312d", @ANYRESDEC=r0, @ANYRES32=r1], 0x4c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) 834.954294ms ago: executing program 0 (id=5263): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)=0x5) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000240)=0x6) 829.017201ms ago: executing program 1 (id=5264): timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0) fstat(r0, &(0x7f0000004ac0)) 757.859332ms ago: executing program 1 (id=5265): capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0xffffffff, 0xfffffffd}) r0 = syz_io_uring_setup(0x63ab, &(0x7f00000006c0)={0x0, 0x1d11, 0x10000}, &(0x7f0000010080), &(0x7f0000000400)) setrlimit(0x40000000000008, &(0x7f0000000000)={0x0, 0x5}) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000080)=[{&(0x7f0000001100)=""/4096, 0x1000}], 0x1) 756.829533ms ago: executing program 1 (id=5266): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x0, 0x24, &(0x7f0000000740)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300042e010203010902120001000000000904"], 0x0) ioctl$EVIOCRMFF(r0, 0x550c, 0x0) 176.643015ms ago: executing program 3 (id=5277): sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x44, 0x0, 0x4b6b9d28c5b9a46b, 0x70bd25, 0x25dfdbfb, {}, [@L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x4}, @L2TP_ATTR_DEBUG={0x8}, @L2TP_ATTR_UDP_ZERO_CSUM6_TX={0x5, 0x21, 0x1}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @remote}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x7}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5, 0x22, 0x1}]}, 0x44}}, 0x40004) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x800, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4422}, [@IFLA_IFNAME={0x14, 0x3, 'veth0_virt_wifi\x00'}, @IFLA_PROMISCUITY={0x8, 0x1e, 0xfffffffe}]}, 0x3c}}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e000000180002"], 0x50}}, 0x0) 110.420644ms ago: executing program 3 (id=5278): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000240)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000480)=ANY=[@ANYBLOB="080000000a00000000000000ff0100000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ae9d8cc000000000000020"], 0x5000) setsockopt$inet6_group_source_req(r0, 0x29, 0x2c, &(0x7f0000000540)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x5, @empty, 0xfffffffe}}}, 0x104) 110.302074ms ago: executing program 3 (id=5279): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000000500000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x18) r1 = gettid() process_vm_writev(r1, 0x0, 0x0, 0x0, 0x0, 0x0) 59.89217ms ago: executing program 3 (id=5280): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000280)='\x00', 0x81900) unshare(0x2a020480) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) 59.779059ms ago: executing program 3 (id=5281): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_CLAIM_PORT(r0, 0x80045518, &(0x7f0000000380)=0x6) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) ioctl$USBDEVFS_SUBMITURB(r0, 0x802c550a, 0x0) 0s ago: executing program 3 (id=5282): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000580)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x57, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pselect6(0x40, &(0x7f0000000040)={0x0, 0x0, 0xffffffffffffff1d, 0x300, 0x0, 0x0, 0xfffffffffffffffe, 0x7}, 0x0, &(0x7f0000000100)={0x8, 0xffffffffffffff7e, 0x9, 0x0, 0x0, 0x0, 0x0, 0x10000000000}, 0x0, 0x0) kernel console output (not intermixed with test programs): tor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 147.361806][T10222] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1866'. [ 147.365149][T10222] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1866'. [ 147.368020][T10222] netlink: 'syz.3.1866': attribute type 20 has an invalid length. [ 147.377198][T10226] gretap0: entered promiscuous mode [ 147.385692][T10226] netlink: 31 bytes leftover after parsing attributes in process `syz.2.1867'. [ 148.746123][T10310] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1908'. [ 149.408028][T10358] lo: entered promiscuous mode [ 149.410516][T10358] lo: left promiscuous mode [ 150.154830][ T1335] kernel read not supported for file /dsp1 (pid: 1335 comm: kworker/3:2) [ 150.456527][T10420] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1960'. [ 150.461543][T10420] netlink: 'syz.3.1960': attribute type 12 has an invalid length. [ 150.465549][T10420] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1960'. [ 150.677607][ T1215] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 150.681559][ T1215] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 150.685145][ T1215] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 150.687892][ T1215] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 150.690869][ T1215] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 150.693729][ T1215] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 150.696793][ T1215] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 150.699687][ T1215] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 150.702573][ T1215] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 150.706182][ T1215] hid-generic 0003:0004:0000.0002: unknown main item tag 0x0 [ 150.715823][ T1215] hid-generic 0003:0004:0000.0002: hidraw1: USB HID v0.00 Device [syz0] on syz1 [ 150.791674][T10449] fido_id[10449]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 151.112675][T10473] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1983'. [ 151.554335][ T67] block nbd1: Possible stuck request ffff888025f90000: control (read@0,1024B). Runtime 60 seconds [ 151.558724][ T67] block nbd1: Possible stuck request ffff888025f901c0: control (read@1024,1024B). Runtime 60 seconds [ 151.563583][ T67] block nbd1: Possible stuck request ffff888025f90380: control (read@2048,1024B). Runtime 60 seconds [ 151.568293][ T67] block nbd1: Possible stuck request ffff888025f90540: control (read@3072,1024B). Runtime 60 seconds [ 152.515990][T10521] netlink: 'syz.2.2006': attribute type 1 has an invalid length. [ 152.644188][ T1215] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 152.806110][ T1215] usb 6-1: config index 0 descriptor too short (expected 65274, got 45) [ 152.810911][ T1215] usb 6-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 152.813886][ T1215] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 152.816624][ T1215] usb 6-1: Product: syz [ 152.817950][ T1215] usb 6-1: Manufacturer: syz [ 152.819410][ T1215] usb 6-1: SerialNumber: syz [ 152.897935][ T40] audit: type=1326 audit(2000000009.883:1432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10540 comm="syz.3.2013" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 152.905832][ T40] audit: type=1326 audit(2000000009.883:1433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10540 comm="syz.3.2013" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 152.914032][ T40] audit: type=1326 audit(2000000009.883:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10540 comm="syz.3.2013" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 152.921224][ T40] audit: type=1326 audit(2000000009.883:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10540 comm="syz.3.2013" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 152.927988][ T40] audit: type=1326 audit(2000000009.883:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10540 comm="syz.3.2013" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 152.936776][ T40] audit: type=1326 audit(2000000009.883:1437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10540 comm="syz.3.2013" exe="/syz-executor" sig=0 arch=40000003 syscall=226 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 152.946593][ T40] audit: type=1326 audit(2000000009.883:1438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10540 comm="syz.3.2013" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 152.956996][ T40] audit: type=1326 audit(2000000009.883:1439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10540 comm="syz.3.2013" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 152.965570][ T40] audit: type=1326 audit(2000000009.883:1440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10540 comm="syz.3.2013" exe="/syz-executor" sig=0 arch=40000003 syscall=229 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 152.974270][ T40] audit: type=1326 audit(2000000009.883:1441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10540 comm="syz.3.2013" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 153.030007][ T1215] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO [ 153.033993][ T1215] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71 [ 153.037706][ T1215] lan78xx 6-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 153.043881][ T1215] lan78xx 6-1:1.0: probe with driver lan78xx failed with error -71 [ 153.051039][ T1215] usb 6-1: USB disconnect, device number 8 [ 153.122418][T10551] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2018'. [ 153.487301][T10565] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 153.490416][T10565] FAT-fs (loop7): unable to read boot sector [ 153.616613][T10573] (unnamed net_device) (uninitialized): ARP target 9.0.0.0 is already present [ 153.620373][T10573] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (9) [ 153.983852][T10598] mmap: syz.2.2038 (10598) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 154.079279][T10610] netlink: 'syz.2.2043': attribute type 1 has an invalid length. [ 154.560678][T10656] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2064'. [ 155.019432][T10702] bad cache= option: nonein keysize : 8 [ 155.019432][T10702] max keysize : 8 [ 155.019432][T10702] ivsize : 8 [ 155.019432][T10702] chunksize : 8 [ 155.019432][T10702] statesize : 0 [ 155.019432][T10702] [ 155.019432][T10702] name : ecb(des) [ 155.019432][T10702] driver : ecb(des-generic) [ 155.019432][T10702] module : kernel [ 155.019432][T10702] priority : 100 [ 155.019432][T10702] refcnt : 1 [ 155.019432][T10702] selftest : passed [ 155.019432][T10702] internal : no [ 155.019432][T10702] type : lskcipher [ 155.019432][T10702] blocksize : 8 [ 155.019432][T10702] min keysize : 8 [ 155.019432][T10702] max keysize : 8 [ 155.019432][T10702] ivsize : 0 [ 155.019432][T10702] chunksize : 8 [ 155.019432][T10702] statesize : 0 [ 155.019432][T10702] [ 155.019432][T10702] name : ccm(aes) [ 155.019432][T10702] driver : ccm_base(ctr-aes-vaes-avx2 [ 155.019432][T10702] [ 155.056172][T10702] CIFS: VFS: bad cache= option: nonein keysize : 8 [ 155.056172][T10702] max keysize : 8 [ 155.056172][T10702] ivsize : 8 [ 155.056172][T10702] chunksize : 8 [ 155.056172][T10702] statesize : 0 [ 155.056172][T10702] [ 155.056172][T10702] name : ecb(des) [ 155.056172][T10702] driver : ecb(des-generic) [ 155.056172][T10702] module : kernel [ 155.056172][T10702] priority : 100 [ 155.056172][T10702] refcnt : 1 [ 155.056172][T10702] selftest : passed [ 155.056172][T10702] internal : no [ 155.056172][T10702] type : lskcipher [ 155.056172][T10702] blocksize : 8 [ 155.056172][T10702] min keysize : 8 [ 155.056172][T10702] max keysize : 8 [ 155.056172][T10702] ivsize : 0 [ 155.056172][T10702] chunksize : 8 [ 155.056172][T10702] statesize : 0 [ 155.056172][T10702] [ 155.056172][T10702] name : ccm(aes) [ 155.056172][T10702] driver : ccm_base(ctr-aes-vaes-avx2 [ 155.300012][ T54] kernel read not supported for file /dsp (pid: 54 comm: kworker/1:1) [ 155.482627][ T5984] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 155.489536][ T5984] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 155.493086][ T5984] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 155.498099][ T5984] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 155.501457][ T5984] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 155.604264][ T9] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 155.650973][T10733] chnl_net:caif_netlink_parms(): no params data found [ 155.720222][T10742] 8021q: adding VLAN 0 to HW filter on device bond1 [ 155.725307][T10742] bond0: (slave bond1): Enslaving as an active interface with an up link [ 155.784229][ T9] usb 8-1: Using ep0 maxpacket: 8 [ 155.788424][T10752] tipc: Failed to obtain node identity [ 155.790690][T10752] tipc: Enabling of bearer rejected, failed to enable media [ 155.791870][ T9] usb 8-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 155.798616][ T9] usb 8-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 155.798883][T10733] bridge0: port 1(bridge_slave_0) entered blocking state [ 155.802626][ T9] usb 8-1: config 0 interface 0 has no altsetting 0 [ 155.806640][T10733] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.808545][ T9] usb 8-1: New USB device found, idVendor=1b96, idProduct=0004, bcdDevice= 0.00 [ 155.810515][T10733] bridge_slave_0: entered allmulticast mode [ 155.815962][ T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 155.818124][T10733] bridge_slave_0: entered promiscuous mode [ 155.821694][ T9] usb 8-1: config 0 descriptor?? [ 155.833655][T10733] bridge0: port 2(bridge_slave_1) entered blocking state [ 155.837114][T10733] bridge0: port 2(bridge_slave_1) entered disabled state [ 155.839414][T10733] bridge_slave_1: entered allmulticast mode [ 155.842063][T10733] bridge_slave_1: entered promiscuous mode [ 155.883837][T10733] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 155.889104][T10733] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 155.964618][T10733] team0: Port device team_slave_0 added [ 155.969435][T10733] team0: Port device team_slave_1 added [ 156.028229][T10733] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 156.030598][T10733] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.039545][T10733] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 156.040753][ T9] usbhid 8-1:0.0: can't add hid device: -71 [ 156.046255][ T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -71 [ 156.046287][T10733] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 156.052145][T10733] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 156.052550][ T9] usb 8-1: USB disconnect, device number 5 [ 156.063257][T10733] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 156.144551][T10733] hsr_slave_0: entered promiscuous mode [ 156.146834][T10733] hsr_slave_1: entered promiscuous mode [ 156.149060][T10733] debugfs: 'hsr0' already exists in 'hsr' [ 156.150946][T10733] Cannot create hsr debugfs directory [ 156.355990][T10733] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 156.363486][T10733] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 156.370715][T10733] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 156.376890][T10733] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 156.397902][T10733] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.400372][T10733] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.404179][T10733] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.407184][T10733] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.440352][T10733] 8021q: adding VLAN 0 to HW filter on device bond0 [ 156.453188][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 156.457762][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.467022][T10733] 8021q: adding VLAN 0 to HW filter on device team0 [ 156.474281][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.476735][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 156.482899][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.485771][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 156.571203][T10804] syz_tun: entered promiscuous mode [ 156.642163][T10733] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 156.741934][ T54] hid_parser_main: 8 callbacks suppressed [ 156.741954][ T54] hid-generic 0000:0000:0000.0003: unknown main item tag 0x7 [ 156.747907][ T54] hid-generic 0000:0000:0000.0003: ignoring exceeding usage max [ 156.752044][ T54] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 156.756831][ T54] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 156.759917][ T54] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 156.762962][ T54] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 156.766309][ T54] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 156.769365][ T54] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 156.772432][ T54] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 156.775948][ T54] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 156.779025][ T54] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 156.787737][ T54] hid-generic 0000:0000:0000.0003: hidraw1: HID v0.00 Device [syz0] on syz0 [ 156.847815][T10733] veth0_vlan: entered promiscuous mode [ 156.858305][T10826] fido_id[10826]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 156.859547][T10733] veth1_vlan: entered promiscuous mode [ 156.899766][T10733] veth0_macvtap: entered promiscuous mode [ 156.910632][T10733] veth1_macvtap: entered promiscuous mode [ 156.926597][T10733] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 156.938564][T10733] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 156.951365][ T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.957300][ T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.962067][ T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.970102][ T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.034736][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.037376][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.072483][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 157.078131][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 157.092061][T10844] Bluetooth: MGMT ver 1.23 [ 157.225369][ T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 157.554311][ T5984] Bluetooth: hci0: command tx timeout [ 158.299921][T10879] mkiss: ax0: crc mode is auto. [ 158.313101][T10881] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2151'. [ 158.333655][T10883] can0: slcan on ttyS3. [ 158.340434][T10886] random: crng reseeded on system resumption [ 158.353099][T10886] Restarting kernel threads ... [ 158.358357][T10886] Done restarting kernel threads. [ 158.445860][T10883] can0 (unregistered): slcan off ttyS3. [ 158.833271][T10935] ref_ctr_offset mismatch. inode: 0xac8 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x4 [ 158.887344][T10939] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2178'. [ 158.890688][T10939] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2178'. [ 159.016130][T10950] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 159.018703][T10950] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 159.021514][T10950] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 159.030170][T10950] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 159.032485][T10950] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 159.036300][T10950] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 159.092937][T10959] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 159.962696][T11013] netlink: 'syz.3.2214': attribute type 1 has an invalid length. [ 159.967265][T11013] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 160.007435][T11017] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 160.008116][ T5947] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 160.045024][T11021] binder: Binderfs stats mode cannot be changed during a remount [ 160.094221][ T40] kauditd_printk_skb: 116 callbacks suppressed [ 160.094233][ T40] audit: type=1326 audit(2000000017.073:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11026 comm="syz.3.2221" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 160.105505][ T40] audit: type=1326 audit(2000000017.073:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11026 comm="syz.3.2221" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 160.113475][ T40] audit: type=1326 audit(2000000017.073:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11026 comm="syz.3.2221" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 160.128547][ T40] audit: type=1326 audit(2000000017.073:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11026 comm="syz.3.2221" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 160.136961][ T40] audit: type=1326 audit(2000000017.073:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11026 comm="syz.3.2221" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 160.146160][ T40] audit: type=1326 audit(2000000017.073:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11026 comm="syz.3.2221" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 160.155323][ T40] audit: type=1326 audit(2000000017.073:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11026 comm="syz.3.2221" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 160.164272][ T40] audit: type=1326 audit(2000000017.073:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11026 comm="syz.3.2221" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 160.172579][ T40] audit: type=1326 audit(2000000017.073:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11026 comm="syz.3.2221" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 160.182098][ T40] audit: type=1326 audit(2000000017.083:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11026 comm="syz.3.2221" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 160.333692][T11053] gfs2: path_lookup on returned error -2 [ 160.384903][T11049] block nbd2: server does not support multiple connections per device. [ 160.388698][T11049] block nbd2: shutting down sockets [ 161.064227][ T5984] Bluetooth: hci1: command 0x0c1a tx timeout [ 161.074232][ T5984] Bluetooth: hci0: command 0x040f tx timeout [ 161.074291][ T5989] Bluetooth: hci3: command 0x0c1a tx timeout [ 161.074611][ T63] Bluetooth: hci2: command 0x0c1a tx timeout [ 161.342887][T11123] ip6gretap0: entered promiscuous mode [ 162.172959][T11148] binder: 11147:11148 ioctl c0306201 80000640 returned -22 [ 162.406782][ T5982] usb 8-1: new low-speed USB device number 6 using dummy_hcd [ 162.568074][ T5982] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 162.571509][ T5982] usb 8-1: config 0 has no interface number 0 [ 162.573802][ T5982] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 162.578065][ T5982] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 162.582226][ T5982] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 162.588365][ T5982] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 162.594602][ T5982] usb 8-1: config 0 descriptor?? [ 162.597813][T11145] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 162.606184][ T5982] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 162.793074][T11205] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2302'. [ 162.811297][ T5982] usb 8-1: USB disconnect, device number 6 [ 163.124379][ T53] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 163.154492][ T5989] Bluetooth: hci0: command 0x040f tx timeout [ 163.257818][T11243] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2317'. [ 163.274294][ T53] usb 5-1: Using ep0 maxpacket: 32 [ 163.278129][ T53] usb 5-1: config index 0 descriptor too short (expected 156, got 27) [ 163.281532][ T53] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 163.287193][ T53] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 163.291725][ T53] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 163.297895][ T53] usb 5-1: config 0 interface 0 has no altsetting 0 [ 163.302669][ T53] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 163.308876][ T53] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 163.312408][ T53] usb 5-1: Product: syz [ 163.314594][ T53] usb 5-1: Manufacturer: syz [ 163.316514][ T53] usb 5-1: SerialNumber: syz [ 163.321220][ T53] usb 5-1: config 0 descriptor?? [ 163.327367][ T53] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 163.335848][ T53] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 163.497536][T11261] lo: entered promiscuous mode [ 163.499975][T11261] lo: left promiscuous mode [ 163.537437][ T6404] usb 5-1: USB disconnect, device number 6 [ 163.540046][ C2] ldusb 5-1:0.0: usb_submit_urb failed (-19) [ 163.548832][ T6404] ldusb 5-1:0.0: LD USB Device #0 now disconnected [ 163.782482][T11283] bridge0: entered promiscuous mode [ 163.785899][T11285] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2339'. [ 163.789852][T11285] netlink: 'syz.4.2339': attribute type 12 has an invalid length. [ 163.792784][T11285] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2339'. [ 163.934001][ T54] kernel write not supported for file /input/mouse0 (pid: 54 comm: kworker/1:1) [ 164.015735][ T1335] hid_parser_main: 12 callbacks suppressed [ 164.015747][ T1335] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0 [ 164.019930][ T1335] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0 [ 164.022272][ T1335] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0 [ 164.024796][ T1335] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0 [ 164.027682][ T1335] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0 [ 164.030162][ T1335] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0 [ 164.032489][ T1335] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0 [ 164.035052][ T1335] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0 [ 164.037394][ T1335] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0 [ 164.039746][ T1335] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0 [ 164.043077][ T1335] hid-generic 0003:0004:0000.0004: hidraw1: USB HID v0.00 Device [syz0] on syz1 [ 164.075839][T11311] fido_id[11311]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 164.774203][ T6404] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 164.795049][ T1335] kernel read not supported for file /dsp1 (pid: 1335 comm: kworker/3:2) [ 164.926046][ T6404] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 164.930734][ T6404] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 164.935078][ T6404] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 164.938754][ T6404] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 164.946308][T11348] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 164.960022][ T6404] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 165.164385][ T1335] usb 9-1: USB disconnect, device number 2 [ 165.224249][ T5984] Bluetooth: hci0: command 0x040f tx timeout [ 165.563036][T11369] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2379'. [ 165.618265][ T40] kauditd_printk_skb: 77 callbacks suppressed [ 165.618277][ T40] audit: type=1326 audit(2000000022.603:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11372 comm="syz.1.2381" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 165.626956][ T40] audit: type=1326 audit(2000000022.603:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11372 comm="syz.1.2381" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 165.633450][ T40] audit: type=1326 audit(2000000022.603:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11372 comm="syz.1.2381" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f355a7 code=0x7ffc0000 [ 165.640305][ T40] audit: type=1326 audit(2000000022.603:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11372 comm="syz.1.2381" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 165.646975][ T40] audit: type=1326 audit(2000000022.603:1649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11372 comm="syz.1.2381" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 165.653527][ T40] audit: type=1326 audit(2000000022.603:1650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11372 comm="syz.1.2381" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 165.660164][ T40] audit: type=1326 audit(2000000022.603:1651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11372 comm="syz.1.2381" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 165.666881][ T40] audit: type=1326 audit(2000000022.603:1652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11372 comm="syz.1.2381" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 165.673382][ T40] audit: type=1326 audit(2000000022.603:1653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11372 comm="syz.1.2381" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 165.680009][ T40] audit: type=1326 audit(2000000022.603:1654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11372 comm="syz.1.2381" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 166.424267][ T5984] Bluetooth: hci4: command 0xfc11 tx timeout [ 166.424454][ T5989] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 166.465682][T11413] netlink: 'syz.1.2406': attribute type 1 has an invalid length. [ 166.544306][ T9] usb 5-1: new low-speed USB device number 7 using dummy_hcd [ 166.705451][ T9] usb 5-1: config index 0 descriptor too short (expected 1307, got 27) [ 166.708069][ T9] usb 5-1: config 0 has an invalid interface number: 0 but max is -1 [ 166.710550][ T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0 [ 166.713277][ T9] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30 [ 166.716762][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt [ 166.719786][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246 [ 166.726017][ T9] usb 5-1: string descriptor 0 read error: -22 [ 166.728057][ T9] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de [ 166.730872][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.734770][ T9] usb 5-1: config 0 descriptor?? [ 166.737429][T11405] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 166.740814][ T9] hub 5-1:0.0: bad descriptor, ignoring hub [ 166.742671][ T9] hub 5-1:0.0: probe with driver hub failed with error -5 [ 166.747293][ T9] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input16 [ 167.007328][ T24] usb 5-1: USB disconnect, device number 7 [ 167.304253][ T5989] Bluetooth: hci0: command 0x040f tx timeout [ 167.645823][T11481] netlink: 'syz.4.2431': attribute type 2 has an invalid length. [ 167.648341][T11481] netlink: 'syz.4.2431': attribute type 1 has an invalid length. [ 167.781986][ T24] kernel write not supported for file /uhid (pid: 24 comm: kworker/2:0) [ 167.975050][T11512] overlayfs: workdir and upperdir must be separate subtrees [ 168.015781][ T9] kernel read not supported for file /dsp1 (pid: 9 comm: kworker/0:0) [ 169.394382][ T5989] Bluetooth: hci0: command 0x040f tx timeout [ 170.184278][ T5982] usb 5-1: new low-speed USB device number 8 using dummy_hcd [ 170.224208][ T9] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 170.336738][ T5982] usb 5-1: config 0 has an invalid interface number: 1 but max is 0 [ 170.340068][ T5982] usb 5-1: config 0 has no interface number 0 [ 170.342713][ T5982] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 170.349474][ T5982] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 170.354623][ T5982] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 170.358481][ T5982] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.369736][ T5982] usb 5-1: config 0 descriptor?? [ 170.371960][T11579] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 170.380567][ T5982] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 170.384391][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 170.389111][ T9] usb 6-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 170.393863][ T9] usb 6-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 170.398782][ T9] usb 6-1: config 0 interface 0 has no altsetting 0 [ 170.401895][ T9] usb 6-1: New USB device found, idVendor=1b96, idProduct=0004, bcdDevice= 0.00 [ 170.406426][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 170.420773][ T9] usb 6-1: config 0 descriptor?? [ 170.591309][ T24] usb 5-1: USB disconnect, device number 8 [ 170.642102][ T9] usbhid 6-1:0.0: can't add hid device: -71 [ 170.649198][ T9] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 170.655284][ T9] usb 6-1: USB disconnect, device number 9 [ 170.736523][T11613] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2490'. [ 171.584198][ T1335] usb 9-1: new low-speed USB device number 3 using dummy_hcd [ 171.673486][ T40] kauditd_printk_skb: 202 callbacks suppressed [ 171.673497][ T40] audit: type=1326 audit(2000000028.653:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11672 comm="syz.3.2521" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x0 [ 171.695026][T11675] random: crng reseeded on system resumption [ 171.704495][T11675] Restarting kernel threads ... [ 171.706892][T11675] Done restarting kernel threads. [ 171.735602][ T1335] usb 9-1: config 0 has an invalid interface number: 1 but max is 0 [ 171.738786][ T1335] usb 9-1: config 0 has no interface number 0 [ 171.741253][ T1335] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 171.745953][ T1335] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 171.749820][ T1335] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 171.753193][ T1335] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.757760][ T1335] usb 9-1: config 0 descriptor?? [ 171.759925][T11657] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 171.768333][ T1335] iowarrior 9-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 171.977248][ T1335] usb 9-1: USB disconnect, device number 3 [ 172.314197][ T6081] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 172.486517][ T6081] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 172.494161][ T6081] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 172.498681][ T6081] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 172.501998][ T6081] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.507501][T11683] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 172.515532][ T6081] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 172.731761][ T1335] usb 6-1: USB disconnect, device number 10 [ 172.764748][ T6047] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 173.306761][ T60] wlan1: Trigger new scan to find an IBSS to join [ 173.813852][ T6047] hid_parser_main: 8 callbacks suppressed [ 173.813864][ T6047] hid-generic 0003:0004:0000.0005: unknown main item tag 0x0 [ 173.818451][ T6047] hid-generic 0003:0004:0000.0005: unknown main item tag 0x0 [ 173.820812][ T6047] hid-generic 0003:0004:0000.0005: unknown main item tag 0x0 [ 173.823083][ T6047] hid-generic 0003:0004:0000.0005: unknown main item tag 0x0 [ 173.825795][ T6047] hid-generic 0003:0004:0000.0005: unknown main item tag 0x0 [ 173.828443][ T6047] hid-generic 0003:0004:0000.0005: unknown main item tag 0x0 [ 173.844462][ T6047] hid-generic 0003:0004:0000.0005: unknown main item tag 0x0 [ 173.846836][ T6047] hid-generic 0003:0004:0000.0005: unknown main item tag 0x0 [ 173.849274][ T6047] hid-generic 0003:0004:0000.0005: unknown main item tag 0x0 [ 173.853388][ T6047] hid-generic 0003:0004:0000.0005: unknown main item tag 0x0 [ 173.859203][ T6047] hid-generic 0003:0004:0000.0005: hidraw1: USB HID v0.00 Device [syz0] on syz1 [ 173.906156][T11737] fido_id[11737]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 173.926371][T11734] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 173.927069][T11745] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 173.927127][ T5947] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 173.929003][T11734] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 173.937392][T11734] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 173.940840][T11734] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 174.006597][T11753] team0: Device ip6gretap1 is up. Set it down before adding it as a team port [ 174.149180][ T54] hid-generic 0003:0004:0000.0006: hidraw1: USB HID v0.00 Device [syz0] on syz1 [ 174.221808][ T5947] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 174.225107][T11774] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 174.348195][ T40] audit: type=1326 audit(2000000031.333:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11792 comm="syz.1.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f35598 code=0x7ffc0000 [ 174.363466][ T40] audit: type=1326 audit(2000000031.333:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11792 comm="syz.1.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 174.372826][ T40] audit: type=1326 audit(2000000031.333:1860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11792 comm="syz.1.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 174.380995][ T40] audit: type=1326 audit(2000000031.333:1861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11792 comm="syz.1.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f35598 code=0x7ffc0000 [ 174.393475][ T40] audit: type=1326 audit(2000000031.333:1862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11792 comm="syz.1.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f35598 code=0x7ffc0000 [ 174.401391][ T40] audit: type=1326 audit(2000000031.333:1863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11792 comm="syz.1.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 174.410628][ T40] audit: type=1326 audit(2000000031.343:1864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11792 comm="syz.1.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f35598 code=0x7ffc0000 [ 174.417488][ T40] audit: type=1326 audit(2000000031.343:1865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11792 comm="syz.1.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 174.424179][ T40] audit: type=1326 audit(2000000031.343:1866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11792 comm="syz.1.2566" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f35598 code=0x7ffc0000 [ 174.913004][ T53] kernel write not supported for file /input/mouse0 (pid: 53 comm: kworker/3:1) [ 175.904493][T11861] block nbd2: server does not support multiple connections per device. [ 175.911538][T11861] block nbd2: shutting down sockets [ 175.945003][ T63] Bluetooth: hci3: command 0x0c1a tx timeout [ 175.945532][ T5339] Bluetooth: hci2: command 0x0c1a tx timeout [ 175.946982][ T63] Bluetooth: hci1: command 0x0c1a tx timeout [ 175.949451][ T5989] Bluetooth: hci0: command 0x040f tx timeout [ 176.081350][T11872] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2601'. [ 176.264323][ T1138] wlan1: Trigger new scan to find an IBSS to join [ 177.424259][ T9] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 177.585999][ T9] usb 6-1: unable to get BOS descriptor or descriptor too short [ 177.589371][ T9] usb 6-1: config 1 interface 0 altsetting 64 bulk endpoint 0x82 has invalid maxpacket 1024 [ 177.592592][ T9] usb 6-1: config 1 interface 0 altsetting 64 endpoint 0x3 has invalid maxpacket 7227, setting to 1024 [ 177.596227][ T9] usb 6-1: config 1 interface 0 altsetting 64 bulk endpoint 0x3 has invalid maxpacket 1024 [ 177.599409][ T9] usb 6-1: config 1 interface 0 has no altsetting 0 [ 177.603320][ T9] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 177.606437][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 177.609265][ T9] usb 6-1: Product: syz [ 177.610773][ T9] usb 6-1: Manufacturer: syz [ 177.612301][ T9] usb 6-1: SerialNumber: syz [ 177.615438][T11944] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 177.618116][T11944] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 177.827924][ T9] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71 [ 177.832763][ T9] usb 6-1: USB disconnect, device number 11 [ 177.971946][T11992] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2662'. [ 177.981106][T11992] team_slave_0: entered promiscuous mode [ 177.983139][T11992] team_slave_1: entered promiscuous mode [ 178.024358][ T5989] Bluetooth: hci0: command 0x040f tx timeout [ 178.159355][T12010] sp0: Synchronizing with TNC [ 178.294261][ T9] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 178.444359][ T9] usb 9-1: Using ep0 maxpacket: 16 [ 178.448131][ T9] usb 9-1: config 0 has no interfaces? [ 178.450436][ T9] usb 9-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00 [ 178.453723][ T9] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.462424][ T9] usb 9-1: config 0 descriptor?? [ 178.558556][T12034] input: syz1 as /devices/virtual/input/input17 [ 178.671817][ T6404] usb 9-1: USB disconnect, device number 4 [ 179.064194][ T54] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 179.226065][ T54] usb 8-1: Using ep0 maxpacket: 8 [ 179.230080][ T54] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 179.233603][ T54] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 179.237835][ T54] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 179.241332][ T54] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 179.244542][ T54] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 179.249039][ T54] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 179.251915][ T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.304315][ T46] wlan1: Trigger new scan to find an IBSS to join [ 179.460963][ T54] usb 8-1: GET_CAPABILITIES returned 0 [ 179.462779][ T54] usbtmc 8-1:16.0: can't read capabilities [ 179.525999][T12085] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2699'. [ 179.529689][T12085] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2699'. [ 179.599415][ T53] kernel write not supported for file [eventfd] (pid: 53 comm: kworker/3:1) [ 179.664720][ T6047] usb 8-1: USB disconnect, device number 7 [ 180.232151][T12108] bond0: entered promiscuous mode [ 180.235068][T12108] bond_slave_0: entered promiscuous mode [ 180.237773][T12108] bond_slave_1: entered promiscuous mode [ 180.242367][T12108] bond0: left promiscuous mode [ 180.246212][T12108] bond_slave_0: left promiscuous mode [ 180.248727][T12108] bond_slave_1: left promiscuous mode [ 180.251752][ T40] kauditd_printk_skb: 327 callbacks suppressed [ 180.251763][ T40] audit: type=1326 audit(2000000037.233:2194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12109 comm="syz.3.2710" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 180.263016][ T40] audit: type=1326 audit(2000000037.233:2195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12109 comm="syz.3.2710" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 180.272562][ T40] audit: type=1326 audit(2000000037.233:2196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12109 comm="syz.3.2710" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 180.281599][ T40] audit: type=1326 audit(2000000037.233:2197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12109 comm="syz.3.2710" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 180.290990][ T40] audit: type=1326 audit(2000000037.233:2198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12109 comm="syz.3.2710" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 180.300371][ T40] audit: type=1326 audit(2000000037.233:2199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12109 comm="syz.3.2710" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 180.310999][ T40] audit: type=1326 audit(2000000037.233:2200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12109 comm="syz.3.2710" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 180.321464][ T40] audit: type=1326 audit(2000000037.233:2201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12109 comm="syz.3.2710" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 180.331313][ T40] audit: type=1326 audit(2000000037.233:2202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12109 comm="syz.3.2710" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 180.340542][ T40] audit: type=1326 audit(2000000037.233:2203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12109 comm="syz.3.2710" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 180.748724][T12153] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2729'. [ 180.751738][T12153] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2729'. [ 181.033998][T12190] serio: Serial port ptm0 [ 181.122200][T12201] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2751'. [ 181.211915][T12213] loop7: detected capacity change from 0 to 8 [ 181.304348][ T6047] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 181.352001][ T7342] Dev loop7: unable to read RDB block 8 [ 181.353886][ T7342] loop7: unable to read partition table [ 181.357817][ T7342] loop7: partition table beyond EOD, truncated [ 181.475086][ T6047] usb 6-1: Using ep0 maxpacket: 32 [ 181.478761][ T6047] usb 6-1: config 9 has an invalid interface number: 103 but max is 0 [ 181.481977][ T6047] usb 6-1: config 9 has no interface number 0 [ 181.483916][ T6047] usb 6-1: config 9 interface 103 has no altsetting 0 [ 181.488027][ T6047] usb 6-1: New USB device found, idVendor=0d49, idProduct=7000, bcdDevice=97.b5 [ 181.490868][ T6047] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.493374][ T6047] usb 6-1: Product: syz [ 181.495856][ T6047] usb 6-1: Manufacturer: syz [ 181.497322][ T6047] usb 6-1: SerialNumber: syz [ 181.526975][T12213] Dev loop7: unable to read RDB block 8 [ 181.528835][T12213] loop7: unable to read partition table [ 181.530731][T12213] loop7: partition table beyond EOD, truncated [ 181.532749][T12213] loop_reread_partitions: partition scan of loop7 (濉檳鼚綜jm醡劾棵?銄X嫼 滊%醌`涉謤鶇{愆謵樔4FLQk輮) failed (rc=-5) [ 181.634297][ T117] block nbd1: Possible stuck request ffff888025f90000: control (read@0,1024B). Runtime 90 seconds [ 181.637541][ T117] block nbd1: Possible stuck request ffff888025f901c0: control (read@1024,1024B). Runtime 90 seconds [ 181.640953][ T117] block nbd1: Possible stuck request ffff888025f90380: control (read@2048,1024B). Runtime 90 seconds [ 181.644497][ T117] block nbd1: Possible stuck request ffff888025f90540: control (read@3072,1024B). Runtime 90 seconds [ 181.693513][T12219] Dev loop7: unable to read RDB block 8 [ 181.695468][T12219] loop7: unable to read partition table [ 181.697451][T12219] loop7: partition table beyond EOD, truncated [ 181.706614][ T6047] ums-onetouch 6-1:9.103: USB Mass Storage device detected [ 181.779347][ T6047] usb 6-1: USB disconnect, device number 12 [ 181.789183][T12232] netlink: 'syz.4.2764': attribute type 2 has an invalid length. [ 182.071239][T12249] input: syz1 as /devices/virtual/input/input18 [ 182.346322][ T1138] wlan1: Trigger new scan to find an IBSS to join [ 182.495249][T12280] can0: slcan on ttyS3. [ 182.574714][T12280] can0 (unregistered): slcan off ttyS3. [ 183.076417][T12328] Bluetooth: hci4: Frame reassembly failed (-84) [ 183.400456][T12354] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2808'. [ 183.591122][T12373] dlm: no local IP address has been set [ 183.594451][T12373] dlm: cannot start dlm midcomms -107 [ 183.635760][T12377] ptrace attach of "/syz-executor exec"[5994] was attempted by ""[12377] [ 183.706350][T12391] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2822'. [ 184.144227][ T6081] usb 5-1: new full-speed USB device number 9 using dummy_hcd [ 184.299220][ T6081] usb 5-1: config 0 has no interfaces? [ 184.301503][ T6081] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 184.305209][ T6081] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 184.309795][ T6081] usb 5-1: config 0 descriptor?? [ 184.339543][T12435] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2838'. [ 184.404236][T12439] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2840'. [ 184.432004][T12441] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2841'. [ 184.518510][ T6081] usb 5-1: USB disconnect, device number 9 [ 184.643790][ T6051] kernel write not supported for file /adsp1 (pid: 6051 comm: kworker/3:3) [ 184.791207][T12452] netlink: 'syz.3.2846': attribute type 12 has an invalid length. [ 184.794026][T12452] netlink: 'syz.3.2846': attribute type 29 has an invalid length. [ 184.796942][T12452] netlink: 148 bytes leftover after parsing attributes in process `syz.3.2846'. [ 184.800326][T12452] netlink: 59 bytes leftover after parsing attributes in process `syz.3.2846'. [ 185.154245][ T5989] Bluetooth: hci4: command 0x1003 tx timeout [ 185.154267][ T5984] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 185.384839][ T1138] wlan1: Trigger new scan to find an IBSS to join [ 185.525072][T12510] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2868'. [ 185.528009][T12510] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2868'. [ 185.914204][ T6051] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 186.065909][ T6051] usb 5-1: unable to get BOS descriptor or descriptor too short [ 186.069083][ T6051] usb 5-1: config 1 interface 0 altsetting 64 bulk endpoint 0x82 has invalid maxpacket 1024 [ 186.072221][ T6051] usb 5-1: config 1 interface 0 altsetting 64 endpoint 0x3 has invalid maxpacket 7227, setting to 1024 [ 186.075849][ T6051] usb 5-1: config 1 interface 0 altsetting 64 bulk endpoint 0x3 has invalid maxpacket 1024 [ 186.078898][ T6051] usb 5-1: config 1 interface 0 has no altsetting 0 [ 186.082357][ T6051] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 186.085479][ T6051] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 186.087997][ T6051] usb 5-1: Product: syz [ 186.089370][ T6051] usb 5-1: Manufacturer: syz [ 186.091148][ T6051] usb 5-1: SerialNumber: syz [ 186.096188][T12502] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 186.099304][T12502] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 186.315713][ T6051] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71 [ 186.321914][ T6051] usb 5-1: USB disconnect, device number 10 [ 186.330008][T12542] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2883'. [ 186.701525][T12561] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2892'. [ 186.711866][T12561] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2892'. [ 186.758380][T12565] openvswitch: netlink: VXLAN extension message has 3 unknown bytes. [ 186.891970][T12573] macvlan3: entered promiscuous mode [ 186.894332][T12573] macvlan3: entered allmulticast mode [ 186.896574][T12573] gretap0: entered allmulticast mode [ 187.220754][T12599] netlink: 'syz.3.2910': attribute type 4 has an invalid length. [ 187.438643][T12612] sit0: entered promiscuous mode [ 187.460722][T12612] netlink: 'syz.1.2915': attribute type 1 has an invalid length. [ 187.472322][T12612] netlink: 1 bytes leftover after parsing attributes in process `syz.1.2915'. [ 187.544831][ T6081] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 187.709215][ T6081] usb 8-1: config index 0 descriptor too short (expected 23569, got 27) [ 187.722061][ T6081] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 187.728553][ T6081] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 187.731605][ T6081] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 187.735028][ T6081] usb 8-1: Manufacturer: syz [ 187.737916][ T6081] usb 8-1: config 0 descriptor?? [ 187.795674][ T6081] rc_core: IR keymap rc-hauppauge not found [ 187.797785][ T6081] Registered IR keymap rc-empty [ 187.799994][ T6081] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0 [ 187.805947][ T6081] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input19 [ 187.972345][ T6051] usb 8-1: USB disconnect, device number 8 [ 188.300065][T12671] openvswitch: netlink: Multiple metadata blocks provided [ 188.346093][ T12] wlan1: Trigger new scan to find an IBSS to join [ 188.469571][ T40] kauditd_printk_skb: 467 callbacks suppressed [ 188.469582][ T40] audit: type=1800 audit(2000000301.453:2671): pid=12694 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2951" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0 [ 188.895124][ T6051] kernel read not supported for file /dsp1 (pid: 6051 comm: kworker/3:3) [ 188.951925][T12721] netlink: 'syz.3.2963': attribute type 1 has an invalid length. [ 188.954762][T12721] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2963'. [ 188.993895][T12727] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2965'. [ 189.305612][ T12] wlan1: Creating new IBSS network, BSSID 3e:2d:61:1b:80:4a [ 189.714216][ T6051] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 189.866523][ T6051] usb 8-1: config 0 has an invalid interface number: 168 but max is 0 [ 189.869691][ T6051] usb 8-1: config 0 has no interface number 0 [ 189.871942][ T6051] usb 8-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06 [ 189.876789][ T6051] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.881939][ T6051] usb 8-1: config 0 descriptor?? [ 189.919136][T12800] loop9: detected capacity change from 0 to 7 [ 189.926224][T12800] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 189.928011][T12800] loop9: partition table partially beyond EOD, truncated [ 189.930529][T12800] loop9: p1 size 2437361653 extends beyond EOD, truncated [ 189.970975][ T7342] udevd[7342]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory [ 190.088214][ T5989] Bluetooth: hci3: adv larger than maximum supported [ 190.088263][ T5989] Bluetooth: hci3: Malformed LE Event: 0x0d [ 190.088606][ T6051] usb 8-1: string descriptor 0 read error: -71 [ 190.097489][ T6051] usb-storage 8-1:0.168: USB Mass Storage device detected [ 190.102598][ T6051] usb-storage 8-1:0.168: Quirks match for vid 05ab pid 0060: 2 [ 190.224017][ T6051] usb 8-1: USB disconnect, device number 9 [ 190.394625][T12825] netlink: 'syz.1.3010': attribute type 1 has an invalid length. [ 190.397200][T12825] netlink: 'syz.1.3010': attribute type 1 has an invalid length. [ 190.399726][T12825] netlink: 160 bytes leftover after parsing attributes in process `syz.1.3010'. [ 190.402595][T12825] netlink: 'syz.1.3010': attribute type 1 has an invalid length. [ 190.405964][T12825] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3010'. [ 190.715445][T12837] syz.1.3015 (12837): drop_caches: 2 [ 190.914565][T12847] nbd2: detected capacity change from 0 to 8589934655 [ 190.918828][ T5989] block nbd2: Receive control failed (result -104) [ 191.180464][T12888] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3040'. [ 191.213079][T12893] netlink: 108 bytes leftover after parsing attributes in process `syz.0.3042'. [ 191.294652][ T40] audit: type=1326 audit(2000000304.273:2672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12901 comm="syz.0.3046" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 191.302711][ T40] audit: type=1326 audit(2000000304.283:2673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12901 comm="syz.0.3046" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 191.310489][ T40] audit: type=1326 audit(2000000304.283:2674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12901 comm="syz.0.3046" exe="/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 191.318543][ T40] audit: type=1326 audit(2000000304.283:2675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12901 comm="syz.0.3046" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x0 [ 191.591477][T12925] batadv_slave_1: entered promiscuous mode [ 191.593835][T12925] batadv_slave_1: left promiscuous mode [ 191.660802][T12933] netlink: 360 bytes leftover after parsing attributes in process `syz.3.3060'. [ 192.031449][ T40] audit: type=1326 audit(2000000305.013:2676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12958 comm="syz.1.3070" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x0 [ 192.175997][ T6081] kernel write not supported for file /snd/seq (pid: 6081 comm: kworker/0:5) [ 192.779482][T12996] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3087'. [ 192.970257][T13008] sch_fq: defrate 0 ignored. [ 193.052396][T13015] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 193.402958][T13034] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 193.406168][T13034] SQUASHFS error: Failed to read block 0x0: -5 [ 193.641110][ T6081] kernel read not supported for file /dsp (pid: 6081 comm: kworker/0:5) [ 193.745074][T13051] Context (ID=0x1) not attached to queue pair (handle=0x1:0x81) [ 195.219451][T13136] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 195.223545][T13136] SQUASHFS error: Failed to read block 0x0: -5 [ 195.983561][T13177] kvm: kvm [13176]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x4000006f) = 0x6 [ 197.103269][T13266] netlink: 'syz.3.3210': attribute type 4 has an invalid length. [ 197.571958][ T40] audit: type=1326 audit(2000000566.561:2677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13235 comm="syz.1.3197" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7fc00000 [ 197.605771][T13288] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3220'. [ 197.615014][T13290] Bluetooth: hci4: Frame reassembly failed (-84) [ 197.616101][T13288] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 197.619486][T13288] macvlan2: entered allmulticast mode [ 197.621955][T13288] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 198.904728][ T1419] ieee802154 phy0 wpan0: encryption failed: -22 [ 198.907064][ T1419] ieee802154 phy1 wpan1: encryption failed: -22 [ 198.910494][ T6081] hid_parser_main: 26 callbacks suppressed [ 198.910505][ T6081] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 198.915147][ T6081] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 198.917813][ T6081] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 198.921033][ T6081] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 198.923936][ T6081] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 198.926470][ T6081] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 198.929165][ T6081] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 198.932794][ T6081] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 198.935281][ T6081] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 198.937546][ T6081] hid-generic 0003:0004:0000.0007: unknown main item tag 0x0 [ 198.941723][ T6081] hid-generic 0003:0004:0000.0007: hidraw1: USB HID v0.00 Device [syz0] on syz1 [ 198.981086][T13339] fido_id[13339]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 198.994052][ T117] block nbd2: Connection timed out, retrying (0/1 alive) [ 198.997592][ T117] block nbd2: Connection timed out, retrying (0/1 alive) [ 199.000494][ T117] block nbd2: Connection timed out, retrying (0/1 alive) [ 199.007535][ T117] block nbd2: Connection timed out, retrying (0/1 alive) [ 199.010507][ T117] block nbd2: Dead connection, failed to find a fallback [ 199.016932][ T117] block nbd2: shutting down sockets [ 199.018767][ T117] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 199.022145][ T117] buffer_io_error: 7 callbacks suppressed [ 199.022157][ T117] Buffer I/O error on dev nbd2, logical block 3, async page read [ 199.027676][ T117] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 199.030544][ T117] Buffer I/O error on dev nbd2, logical block 2, async page read [ 199.033602][ T117] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 199.036787][ T117] Buffer I/O error on dev nbd2, logical block 1, async page read [ 199.039509][ T117] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 199.043304][ T117] Buffer I/O error on dev nbd2, logical block 0, async page read [ 199.048130][ T7342] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 199.053115][ T7342] Buffer I/O error on dev nbd2, logical block 0, async page read [ 199.056700][ T7342] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 199.060360][ T7342] Buffer I/O error on dev nbd2, logical block 1, async page read [ 199.063709][ T7342] I/O error, dev nbd2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 199.067449][ T7342] Buffer I/O error on dev nbd2, logical block 2, async page read [ 199.070921][ T7342] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 199.074710][ T7342] Buffer I/O error on dev nbd2, logical block 3, async page read [ 199.077933][ T7342] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 199.082202][ T7342] Buffer I/O error on dev nbd2, logical block 0, async page read [ 199.085506][ T7342] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 199.089298][ T7342] Buffer I/O error on dev nbd2, logical block 1, async page read [ 199.096579][ T7342] ldm_validate_partition_table(): Disk read failed. [ 199.100892][ T7342] Dev nbd2: unable to read RDB block 0 [ 199.105185][ T7342] nbd2: unable to read partition table [ 199.113539][ T7342] ldm_validate_partition_table(): Disk read failed. [ 199.117306][ T7342] Dev nbd2: unable to read RDB block 0 [ 199.121284][ T7342] nbd2: unable to read partition table [ 199.630763][ T5989] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 200.003130][T13407] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3271'. [ 200.059952][T13415] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3276'. [ 200.181076][T13423] mkiss: ax0: crc mode is auto. [ 200.299480][T13438] usb 2-1: USB disconnect, device number 2 [ 200.518891][T13455] mkiss: ax0: crc mode is auto. [ 200.620002][ T54] usb 8-1: new low-speed USB device number 10 using dummy_hcd [ 200.792721][ T54] usb 8-1: config 0 has an invalid interface number: 1 but max is 0 [ 200.796175][ T54] usb 8-1: config 0 has no interface number 0 [ 200.798747][ T54] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10 [ 200.804066][ T54] usb 8-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8 [ 200.808669][ T54] usb 8-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 200.813049][ T54] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 200.819014][ T54] usb 8-1: config 0 descriptor?? [ 200.822308][T13444] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 200.831928][ T54] iowarrior 8-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0 [ 200.857253][T13482] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3308'. [ 200.862279][T13482] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3308'. [ 201.030643][ T54] usb 8-1: USB disconnect, device number 10 [ 201.181102][T13501] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3317'. [ 201.184281][T13501] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3317'. [ 201.449611][ T6081] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 201.621244][T13527] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3330'. [ 201.623024][ T6081] usb 6-1: unable to get BOS descriptor or descriptor too short [ 201.628529][ T6081] usb 6-1: config 6 has an invalid interface number: 200 but max is 0 [ 201.631580][ T6081] usb 6-1: config 6 has no interface number 0 [ 201.633568][ T6081] usb 6-1: config 6 interface 200 has no altsetting 0 [ 201.637542][ T6081] usb 6-1: New USB device found, idVendor=05d8, idProduct=810c, bcdDevice=18.5f [ 201.642096][ T6081] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 201.644555][ T6081] usb 6-1: Product: syz [ 201.645874][ T6081] usb 6-1: Manufacturer: syz [ 201.647362][ T6081] usb 6-1: SerialNumber: syz [ 201.703177][T13533] erspan0: entered promiscuous mode [ 201.805654][T13544] netem: invalid attributes len -3 [ 201.807791][T13544] netem: change failed [ 202.052311][T13559] netlink: 'syz.4.3345': attribute type 7 has an invalid length. [ 202.063393][ T1191] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 202.066243][ T1191] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 202.070928][ T1191] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 202.073918][ T1191] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 202.074854][ T6081] dvb-usb: found a 'Artec T14 - USB2.0 DVB-T' in warm state. [ 202.179270][ T5989] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 202.181683][ T5984] Bluetooth: hci0: command 0x040f tx timeout [ 202.279019][ T6081] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 202.284807][ T6081] dvbdev: DVB: registering new adapter (Artec T14 - USB2.0 DVB-T) [ 202.287404][ T6081] usb 6-1: media controller created [ 202.302313][ T6081] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 202.335784][T13569] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3350'. [ 202.346183][T13571] binder: 13570:13571 ioctl 400c620e 80000040 returned -22 [ 202.476264][ T6081] dvb-usb: bulk message failed: -71 (6/0) [ 202.480839][ T6081] dvb-usb: bulk message failed: -71 (6/0) [ 202.483535][ T6081] dvb-usb: no frontend was attached by 'Artec T14 - USB2.0 DVB-T' [ 202.489388][ T6081] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb6/6-1/input/input22 [ 202.496497][ T6081] dvb-usb: schedule remote query interval to 150 msecs. [ 202.501385][ T6081] dvb-usb: Artec T14 - USB2.0 DVB-T successfully initialized and connected. [ 202.506533][ T6047] kernel read not supported for file /dsp (pid: 6047 comm: kworker/2:3) [ 202.506546][ T6081] usb 6-1: USB disconnect, device number 13 [ 202.547361][ T6081] dvb-usb: Artec T14 - USB2.0 DVB-T successfully deinitialized and disconnected. [ 202.674243][T13605] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3367'. [ 202.677737][T13605] gretap0: entered promiscuous mode [ 203.244521][ T40] audit: type=1326 audit(2000000572.234:2678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.1.3382" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 203.256828][ T40] audit: type=1326 audit(2000000572.234:2679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.1.3382" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f35598 code=0x7ffc0000 [ 203.267211][ T40] audit: type=1326 audit(2000000572.234:2680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.1.3382" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 203.276913][ T40] audit: type=1326 audit(2000000572.244:2681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.1.3382" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f35579 code=0x7ffc0000 [ 203.285549][ T40] audit: type=1326 audit(2000000572.244:2682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.1.3382" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f35598 code=0x7ffc0000 [ 203.293517][ T40] audit: type=1326 audit(2000000572.244:2683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.1.3382" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f35598 code=0x7ffc0000 [ 203.301810][ T40] audit: type=1326 audit(2000000572.244:2684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.1.3382" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f35598 code=0x7ffc0000 [ 203.316214][ T40] audit: type=1326 audit(2000000572.244:2685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.1.3382" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f35598 code=0x7ffc0000 [ 203.325697][ T40] audit: type=1326 audit(2000000572.244:2686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.1.3382" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f35598 code=0x7ffc0000 [ 203.334941][ T40] audit: type=1326 audit(2000000572.244:2687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13637 comm="syz.1.3382" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f35598 code=0x7ffc0000 [ 203.708663][ T6051] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 203.858788][ T6051] usb 9-1: Using ep0 maxpacket: 8 [ 203.865683][ T6051] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 203.870034][ T6051] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 203.874116][ T6051] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 203.878259][ T6051] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 203.894356][ T6051] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 203.898036][ T6051] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 204.112555][ T6051] usb 9-1: GET_CAPABILITIES returned 0 [ 204.114860][ T6051] usbtmc 9-1:16.0: can't read capabilities [ 204.258788][ T5989] Bluetooth: hci0: command 0x040f tx timeout [ 204.321298][T13671] usbtmc 9-1:16.0: usbtmc488_ioctl_trigger returned -90 [ 204.324321][ T6047] usb 9-1: USB disconnect, device number 5 [ 204.498492][T13770] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 204.501670][T13770] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 204.506414][T13770] vhci_hcd vhci_hcd.0: Device attached [ 204.510818][T13772] vhci_hcd: connection closed [ 204.513386][ T46] vhci_hcd: stop threads [ 204.516694][ T46] vhci_hcd: release socket [ 204.518382][ T46] vhci_hcd: disconnect device [ 204.905862][T13786] overlayfs: statfs failed on './file0' [ 205.318818][ T6404] kernel write not supported for file /radio7 (pid: 6404 comm: kworker/2:4) [ 205.473862][T13830] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 205.495602][ T6404] kernel write not supported for file /uinput (pid: 6404 comm: kworker/2:4) [ 205.868471][ T5984] Bluetooth: hci3: ACL packet for unknown connection handle 201 [ 206.387387][ T6404] usb 8-1: new high-speed USB device number 11 using dummy_hcd [ 206.538596][ T6404] usb 8-1: too many configurations: 9, using maximum allowed: 8 [ 206.542732][ T6404] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.546444][ T6404] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.550028][ T6404] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.553598][ T6404] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.557492][ T6404] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.561946][ T6404] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.565710][ T6404] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.569143][ T6404] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.572598][ T6404] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.575513][ T6404] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.578561][ T6404] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.582097][ T6404] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.585101][ T6404] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.588049][ T6404] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.591488][ T6404] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.595028][ T6404] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.598368][ T6404] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.601842][ T6404] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.604751][ T6404] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.607682][ T6404] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.611130][ T6404] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.614682][ T6404] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 206.617751][ T6404] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 206.621630][ T6404] usb 8-1: config 0 interface 0 has no altsetting 0 [ 206.626312][ T6404] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 206.630488][ T6404] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 206.634091][ T6404] usb 8-1: Product: syz [ 206.635985][ T6404] usb 8-1: Manufacturer: syz [ 206.638236][ T6404] usb 8-1: SerialNumber: syz [ 206.642206][ T6404] usb 8-1: config 0 descriptor?? [ 206.649367][ T6404] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0 [ 206.904288][ C2] usb 8-1: yurex_control_callback - control failed: -71 [ 206.908353][ T53] usb 8-1: USB disconnect, device number 11 [ 206.912690][ T53] yurex 8-1:0.0: USB YUREX #0 now disconnected [ 206.995947][T13911] kvm: kvm [13910]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x1 [ 207.296717][ T5984] Bluetooth: hci4: command 0x1003 tx timeout [ 207.296912][ T5989] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 207.340507][T13934] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3519'. [ 207.408344][ T13] bond0: (slave bond1): link status definitely down, disabling slave [ 208.045744][T13974] netlink: 256 bytes leftover after parsing attributes in process `syz.0.3536'. [ 208.221610][T13985] netlink: 'syz.3.3540': attribute type 12 has an invalid length. [ 209.273685][T14039] netlink: 'syz.1.3565': attribute type 12 has an invalid length. [ 209.618139][T14047] block nbd3: server does not support multiple connections per device. [ 209.621766][T14047] block nbd3: shutting down sockets [ 209.935433][ T5984] Bluetooth: hci4: command 0x1003 tx timeout [ 209.939257][ T5989] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 210.592735][T14097] netlink: 'syz.3.3592': attribute type 9 has an invalid length. [ 210.599312][T14097] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3592'. [ 210.606333][T14097] hsr0: entered promiscuous mode [ 210.608884][T14097] macvlan4: entered promiscuous mode [ 210.611009][T14097] macvlan4: entered allmulticast mode [ 210.612797][T14097] hsr0: entered allmulticast mode [ 210.614805][T14097] hsr_slave_0: entered allmulticast mode [ 210.622326][T14097] hsr_slave_1: entered allmulticast mode [ 210.631847][T14099] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3591'. [ 211.079121][T14123] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3604'. [ 211.378502][ T40] kauditd_printk_skb: 75 callbacks suppressed [ 211.378518][ T40] audit: type=1326 audit(2000000580.368:2763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14132 comm="syz.4.3609" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x0 [ 211.699233][ T117] block nbd1: Possible stuck request ffff888025f90000: control (read@0,1024B). Runtime 120 seconds [ 211.703998][ T117] block nbd1: Possible stuck request ffff888025f901c0: control (read@1024,1024B). Runtime 120 seconds [ 211.708915][ T117] block nbd1: Possible stuck request ffff888025f90380: control (read@2048,1024B). Runtime 120 seconds [ 211.713384][ T117] block nbd1: Possible stuck request ffff888025f90540: control (read@3072,1024B). Runtime 120 seconds [ 212.626437][T14195] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.3644'. [ 213.024315][T14150] syz.0.3617: vmalloc error: size 18874368, failed to allocated page array size 36864, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 213.031234][T14150] CPU: 3 UID: 0 PID: 14150 Comm: syz.0.3617 Not tainted syzkaller #0 PREEMPT(full) [ 213.031264][T14150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 213.031276][T14150] Call Trace: [ 213.031283][T14150] [ 213.031291][T14150] dump_stack_lvl+0x16c/0x1f0 [ 213.031324][T14150] warn_alloc+0x248/0x3a0 [ 213.031395][T14150] ? __pfx_warn_alloc+0x10/0x10 [ 213.031427][T14150] ? hash_netport4_resize+0x1d8/0x1c50 [ 213.031449][T14150] ? __vmalloc_node_noprof+0xad/0xf0 [ 213.031472][T14150] __vmalloc_node_range_noprof+0x101b/0x14b0 [ 213.031499][T14150] ? hash_netport4_resize+0x1d8/0x1c50 [ 213.031527][T14150] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 213.031549][T14150] ? ___kmalloc_large_node+0xed/0x160 [ 213.031583][T14150] __kvmalloc_node_noprof+0x30a/0x620 [ 213.031604][T14150] ? hash_netport4_resize+0x1d8/0x1c50 [ 213.031625][T14150] ? __kmalloc_noprof+0x242/0x510 [ 213.031645][T14150] ? hash_netport4_resize+0x1d8/0x1c50 [ 213.031670][T14150] ? hash_netport4_resize+0x1d8/0x1c50 [ 213.031691][T14150] hash_netport4_resize+0x1d8/0x1c50 [ 213.031713][T14150] ? __pfx_hash_netport4_add+0x10/0x10 [ 213.031734][T14150] ? __pfx_hash_netport4_uadt+0x10/0x10 [ 213.031752][T14150] ? __pfx___mutex_lock+0x10/0x10 [ 213.031819][T14150] ? __pfx_hash_netport4_resize+0x10/0x10 [ 213.031847][T14150] call_ad.constprop.0+0x36a/0x940 [ 213.031869][T14150] ? __pfx_hash_netport4_resize+0x10/0x10 [ 213.031894][T14150] ? __pfx_call_ad.constprop.0+0x10/0x10 [ 213.031915][T14150] ? __pfx___nla_validate_parse+0x10/0x10 [ 213.031949][T14150] ? __nla_parse+0x40/0x60 [ 213.031972][T14150] ip_set_ad.constprop.0.isra.0+0x3ce/0x870 [ 213.031999][T14150] ? __pfx_ip_set_ad.constprop.0.isra.0+0x10/0x10 [ 213.032024][T14150] ? srcu_gp_start_if_needed+0xa30/0xe70 [ 213.032075][T14150] ? find_held_lock+0x2b/0x80 [ 213.032100][T14150] nfnetlink_rcv_msg+0x9f9/0x1200 [ 213.032132][T14150] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 213.032158][T14150] ? consume_skb+0xcc/0x100 [ 213.032200][T14150] ? __pfx___dev_queue_xmit+0x10/0x10 [ 213.032230][T14150] netlink_rcv_skb+0x155/0x420 [ 213.032264][T14150] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 213.032287][T14150] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 213.032322][T14150] ? ns_capable+0xd7/0x110 [ 213.032338][T14150] nfnetlink_rcv+0x1b3/0x430 [ 213.032350][T14150] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 213.032362][T14150] ? netlink_deliver_tap+0x1ae/0xd30 [ 213.032380][T14150] netlink_unicast+0x5aa/0x870 [ 213.032398][T14150] ? __pfx_netlink_unicast+0x10/0x10 [ 213.032414][T14150] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 213.032434][T14150] netlink_sendmsg+0x8d1/0xdd0 [ 213.032452][T14150] ? __pfx_netlink_sendmsg+0x10/0x10 [ 213.032470][T14150] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 213.032485][T14150] ____sys_sendmsg+0xa95/0xc70 [ 213.032498][T14150] ? __pfx_____sys_sendmsg+0x10/0x10 [ 213.032509][T14150] ? get_compat_msghdr+0x11a/0x170 [ 213.032527][T14150] ? __pfx_futex_wake_mark+0x10/0x10 [ 213.032546][T14150] ___sys_sendmsg+0x134/0x1d0 [ 213.032563][T14150] ? __pfx____sys_sendmsg+0x10/0x10 [ 213.032585][T14150] ? find_held_lock+0x2b/0x80 [ 213.032603][T14150] __sys_sendmsg+0x16d/0x220 [ 213.032619][T14150] ? __pfx___sys_sendmsg+0x10/0x10 [ 213.032634][T14150] ? __ia32_sys_futex_time32+0x1d9/0x460 [ 213.032655][T14150] ? rcu_is_watching+0x12/0xc0 [ 213.032667][T14150] __do_fast_syscall_32+0x7c/0x300 [ 213.032678][T14150] do_fast_syscall_32+0x32/0x80 [ 213.032688][T14150] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 213.032701][T14150] RIP: 0023:0xf707e579 [ 213.032711][T14150] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 213.032722][T14150] RSP: 002b:00000000f546e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 213.032732][T14150] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800002c0 [ 213.032738][T14150] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 213.032744][T14150] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 213.032750][T14150] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 213.032756][T14150] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 213.032769][T14150] [ 213.032773][T14150] Mem-Info: [ 213.089016][ T1191] bond0: (slave bond_slave_0): interface is now down [ 213.089555][T14150] active_anon:7137 inactive_anon:123 isolated_anon:0 [ 213.089555][T14150] active_file:7885 inactive_file:37571 isolated_file:0 [ 213.089555][T14150] unevictable:1768 dirty:599 writeback:0 [ 213.089555][T14150] slab_reclaimable:6440 slab_unreclaimable:62032 [ 213.089555][T14150] mapped:23803 shmem:2308 pagetables:1637 [ 213.089555][T14150] sec_pagetables:318 bounce:0 [ 213.089555][T14150] kernel_misc_reclaimable:0 [ 213.089555][T14150] free:41699 free_pcp:13806 free_cma:0 [ 213.093584][ T1191] bond0: (slave bond_slave_1): interface is now down [ 213.094481][T14150] Node 0 active_anon:24kB inactive_anon:104kB active_file:24kB inactive_file:8kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:32kB dirty:4kB writeback:0kB shmem:4252kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8604kB pagetables:1628kB sec_pagetables:1172kB all_unreclaimable? yes Balloon:0kB [ 213.099581][ T1191] bond0: now running without any active interface! [ 213.101060][T14150] Node 1 active_anon:28524kB inactive_anon:388kB active_file:31516kB inactive_file:150276kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:95180kB dirty:2392kB writeback:0kB shmem:4980kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4980kB pagetables:4920kB sec_pagetables:100kB all_unreclaimable? no Balloon:0kB [ 213.101090][T14150] Node 0 DMA free:2080kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:676kB local_pcp:220kB free_cma:0kB [ 213.247632][T14150] lowmem_reserve[]: 0 288 288 288 288 [ 213.249339][T14150] Node 0 DMA32 free:17164kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:4096KB free_highatomic:1528KB active_anon:24kB inactive_anon:104kB active_file:24kB inactive_file:8kB unevictable:3536kB writepending:4kB present:1032196kB managed:295072kB mlocked:0kB bounce:0kB free_pcp:12536kB local_pcp:2880kB free_cma:0kB [ 213.259430][T14150] lowmem_reserve[]: 0 0 0 0 0 [ 213.259455][T14150] Node 1 DMA32 free:147352kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28724kB inactive_anon:388kB active_file:31516kB inactive_file:150276kB unevictable:3536kB writepending:2392kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:42588kB local_pcp:17040kB free_cma:0kB [ 213.259486][T14150] lowmem_reserve[]: 0 0 0 0 0 [ 213.259506][T14150] Node 0 DMA: 16*4kB (UM) 24*8kB (UM) 12*16kB (UM) 9*32kB (UM) 1*64kB (M) 0*128kB 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2080kB [ 213.259586][T14150] Node 0 DMA32: 36*4kB (UMEH) 23*8kB (MEH) 7*16kB (EH) 113*32kB (UEH) 32*64kB (UMEH) 16*128kB (ME) 9*256kB (UM) 7*512kB (UME) 3*1024kB (ME) 0*2048kB 0*4096kB = 17112kB [ 213.285339][T14150] Node 1 DMA32: 211*4kB (UM) 33*8kB (UME) 87*16kB (UME) 263*32kB (UME) 214*64kB (UME) 154*128kB (UME) 86*256kB (UME) 76*512kB (UME) 33*1024kB (UM) 4*2048kB (UM) 0*4096kB = 147236kB [ 213.290940][T14150] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 213.293854][T14150] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 213.296989][T14150] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 213.300372][T14150] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 213.304055][T14150] 47926 total pagecache pages [ 213.305907][T14150] 175 pages in swap cache [ 213.307713][T14150] Free swap = 121312kB [ 213.309379][T14150] Total swap = 124996kB [ 213.310876][T14150] 524155 pages RAM [ 213.312248][T14150] 0 pages HighMem/MovableOnly [ 213.314115][T14150] 209492 pages reserved [ 213.315568][T14150] 0 pages cma reserved [ 214.132016][T14281] loop6: detected capacity change from 0 to 524287999 [ 214.146565][ T7342] buffer_io_error: 122 callbacks suppressed [ 214.146581][ T7342] Buffer I/O error on dev loop6, logical block 65535998, async page read [ 214.171872][T14284] ubi0: attaching mtd0 [ 214.176899][T14284] ubi0: scanning is finished [ 214.179055][T14284] ubi0: empty MTD device detected [ 214.260869][T14284] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 214.264435][T14284] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3956 bytes [ 214.267485][T14284] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 214.270383][T14284] ubi0: VID header offset: 76 (aligned 76), data offset: 140 [ 214.273731][T14284] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 214.276903][T14284] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 214.280029][T14284] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 615170732 [ 214.284781][T14284] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 214.288947][T14290] ubi0: background thread "ubi_bgt0d" started, PID 14290 [ 215.222970][ T6047] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 215.373941][ T6047] usb 6-1: too many configurations: 9, using maximum allowed: 8 [ 215.378316][ T6047] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 215.381582][ T6047] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 215.385935][ T6047] usb 6-1: config 0 interface 0 has no altsetting 0 [ 215.391395][ T6047] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 215.395247][ T6047] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 215.398725][ T6047] usb 6-1: config 0 interface 0 has no altsetting 0 [ 215.401715][ T6047] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 215.404696][ T6047] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 215.408077][ T6047] usb 6-1: config 0 interface 0 has no altsetting 0 [ 215.408614][T14334] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method [ 215.410813][ T6047] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 215.417205][ T6047] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 215.421212][ T6047] usb 6-1: config 0 interface 0 has no altsetting 0 [ 215.424355][ T6047] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 215.427177][ T6047] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 215.430617][ T6047] usb 6-1: config 0 interface 0 has no altsetting 0 [ 215.434175][ T6047] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 215.436952][ T6047] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 215.440387][ T6047] usb 6-1: config 0 interface 0 has no altsetting 0 [ 215.445367][ T6047] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 215.448205][ T6047] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 215.451526][ T6047] usb 6-1: config 0 interface 0 has no altsetting 0 [ 215.454886][ T6047] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 215.457669][ T6047] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 215.460967][ T6047] usb 6-1: config 0 interface 0 has no altsetting 0 [ 215.467668][ T6047] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 215.470767][ T6047] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 215.473431][ T6047] usb 6-1: Product: syz [ 215.474731][ T6047] usb 6-1: Manufacturer: syz [ 215.476174][ T6047] usb 6-1: SerialNumber: syz [ 215.479006][ T6047] usb 6-1: config 0 descriptor?? [ 215.484177][ T6047] yurex 6-1:0.0: USB YUREX device now attached to Yurex #0 [ 215.972948][T14374] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3718'. [ 216.051770][ T40] audit: type=1326 audit(2000000585.041:2764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14379 comm="syz.4.3722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ae598 code=0x7ffc0000 [ 216.066872][ T40] audit: type=1326 audit(2000000585.041:2765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14379 comm="syz.4.3722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ae598 code=0x7ffc0000 [ 216.077759][ T40] audit: type=1326 audit(2000000585.041:2766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14379 comm="syz.4.3722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ae598 code=0x7ffc0000 [ 216.086934][ T40] audit: type=1326 audit(2000000585.041:2767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14379 comm="syz.4.3722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ae598 code=0x7ffc0000 [ 216.097639][ T40] audit: type=1326 audit(2000000585.041:2768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14379 comm="syz.4.3722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ae598 code=0x7ffc0000 [ 216.106328][ T40] audit: type=1326 audit(2000000585.041:2769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14379 comm="syz.4.3722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ae598 code=0x7ffc0000 [ 216.115056][ T40] audit: type=1326 audit(2000000585.041:2770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14379 comm="syz.4.3722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ae598 code=0x7ffc0000 [ 216.121799][ T40] audit: type=1326 audit(2000000585.041:2771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14379 comm="syz.4.3722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ae598 code=0x7ffc0000 [ 216.130168][ T40] audit: type=1326 audit(2000000585.041:2772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14379 comm="syz.4.3722" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ae598 code=0x7ffc0000 [ 216.384956][ T40] kauditd_printk_skb: 1032 callbacks suppressed [ 216.384967][ T40] audit: type=1326 audit(2000000585.381:3805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14396 comm="syz.3.3731" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 216.394509][ T40] audit: type=1326 audit(2000000585.381:3806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14396 comm="syz.3.3731" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f245a7 code=0x7ffc0000 [ 216.403064][ T40] audit: type=1326 audit(2000000585.381:3807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14396 comm="syz.3.3731" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 216.410680][ T40] audit: type=1326 audit(2000000585.381:3808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14396 comm="syz.3.3731" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 216.424334][ T40] audit: type=1326 audit(2000000585.381:3809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14396 comm="syz.3.3731" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f245a7 code=0x7ffc0000 [ 216.435694][ T40] audit: type=1326 audit(2000000585.381:3810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14396 comm="syz.3.3731" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 216.443527][ T40] audit: type=1326 audit(2000000585.381:3811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14396 comm="syz.3.3731" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f245a7 code=0x7ffc0000 [ 216.450539][ T40] audit: type=1326 audit(2000000585.381:3812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14396 comm="syz.3.3731" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 216.458958][ T40] audit: type=1326 audit(2000000585.381:3813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14396 comm="syz.3.3731" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7f245a7 code=0x7ffc0000 [ 216.466141][ T40] audit: type=1326 audit(2000000585.381:3814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14396 comm="syz.3.3731" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 216.790992][T14435] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3746'. [ 216.835146][T14437] macsec1: entered allmulticast mode [ 216.837130][T14437] macsec0: entered allmulticast mode [ 216.838817][T14437] veth1_macvtap: entered allmulticast mode [ 217.032655][T14467] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 217.036073][T14467] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 217.039653][T14467] overlayfs: failed to get uuid (995/file0, err=-13); falling back to uuid=null. [ 217.488995][T14514] netlink: 'syz.3.3784': attribute type 1 has an invalid length. [ 217.663398][T14531] netlink: 'syz.0.3792': attribute type 11 has an invalid length. [ 217.691832][ C2] usb 6-1: yurex_control_callback - control failed: -2 [ 217.696057][ T6047] usb 6-1: USB disconnect, device number 14 [ 217.704303][ T6047] yurex 6-1:0.0: USB YUREX #0 now disconnected [ 217.731719][T14539] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3795'. [ 217.780526][T14546] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3799'. [ 217.840493][T14554] program syz.3.3803 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 218.499243][T14622] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3834'. [ 218.502818][T14622] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3834'. [ 218.521962][ T12] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 218.526106][ T12] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 218.528817][ T12] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 218.532944][ T12] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 218.537234][T14630] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3838'. [ 218.539975][T14630] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3838'. [ 218.566368][T14634] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3840'. [ 218.585524][T14641] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3844'. [ 218.589692][T14641] netlink: 'syz.1.3844': attribute type 13 has an invalid length. [ 218.650300][T14652] binder: 14651:14652 ioctl c0306201 80000540 returned -14 [ 218.993897][T14692] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 219.077464][ T5982] kernel write not supported for file /amidi2 (pid: 5982 comm: kworker/1:3) [ 219.130919][T14706] kvm: kvm [14704]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x40000006) [ 219.334600][ T46] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 220.918131][T14848] loop5: detected capacity change from 0 to 7 [ 220.923413][T14848] Dev loop5: unable to read RDB block 7 [ 220.925229][T14848] loop5: AHDI p1 p2 [ 220.926575][T14848] loop5: partition table partially beyond EOD, truncated [ 220.928901][T14848] loop5: p1 start 1702000233 is beyond EOD, truncated [ 221.333445][ T88] Bluetooth: hci4: Frame reassembly failed (-84) [ 221.487499][ T6051] kernel write not supported for file /amidi2 (pid: 6051 comm: kworker/3:3) [ 221.817919][T14932] __nla_validate_parse: 8 callbacks suppressed [ 221.817943][T14932] netlink: 128 bytes leftover after parsing attributes in process `syz.0.3962'. [ 221.860238][T14939] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 221.866822][ T13] Bluetooth: hci5: Frame reassembly failed (-84) [ 221.894882][ T40] kauditd_printk_skb: 29 callbacks suppressed [ 221.894897][ T40] audit: type=1326 audit(2000000590.894:3844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14943 comm="syz.4.3968" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x0 [ 223.358814][T14993] netlink: 'syz.1.3989': attribute type 1 has an invalid length. [ 223.362720][T14993] netlink: 'syz.1.3989': attribute type 1 has an invalid length. [ 223.365692][T14993] netlink: 'syz.1.3989': attribute type 1 has an invalid length. [ 223.369072][T14993] nbd: error processing sock list [ 223.371623][T14993] block nbd3: shutting down sockets [ 223.378670][ T5987] Bluetooth: hci4: command 0xfc11 tx timeout [ 223.380578][ T5989] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 223.392975][T14878] sp0: Synchronizing with TNC [ 223.871758][T15041] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4011'. [ 223.875443][T15041] netlink: 'syz.1.4011': attribute type 30 has an invalid length. [ 223.878765][T15041] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4011'. [ 223.897395][T15043] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 12 [ 223.930842][ T5989] Bluetooth: hci5: command 0x1003 tx timeout [ 223.933809][ T5984] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 224.187806][T15093] netlink: 'syz.3.4036': attribute type 3 has an invalid length. [ 224.221750][T15099] netlink: 'syz.3.4039': attribute type 2 has an invalid length. [ 224.901130][T15155] serio: Serial port ptm0 [ 225.154602][T15177] netlink: 'syz.4.4075': attribute type 1 has an invalid length. [ 225.215373][T15187] mkiss: ax0: crc mode is auto. [ 225.383650][T15204] vivid-001: disconnect [ 225.386904][T15203] vivid-001: reconnect [ 225.568158][ T6404] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 225.718408][ T6404] usb 5-1: Using ep0 maxpacket: 8 [ 225.721735][ T6404] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 225.724925][ T6404] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 225.728029][ T6404] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 225.731429][ T6404] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 225.735613][ T6404] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 225.743184][ T6404] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 225.840683][T15234] netlink: 830 bytes leftover after parsing attributes in process `syz.1.4103'. [ 225.851667][T15236] Malformed UNC in devname [ 225.851667][T15236] [ 225.853900][T15236] CIFS: VFS: Malformed UNC in devname [ 225.920376][T15244] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4108'. [ 225.947817][T15246] raw_sendmsg: syz.3.4109 forgot to set AF_INET. Fix it! [ 225.953227][ T6404] usb 5-1: usb_control_msg returned -32 [ 225.955047][ T6404] usbtmc 5-1:16.0: can't read capabilities [ 225.961137][ T6404] usb 5-1: USB disconnect, device number 11 [ 226.061013][T15258] netlink: 'syz.3.4115': attribute type 9 has an invalid length. [ 226.069457][T15260] sch_tbf: burst 4398 is lower than device lo mtu (65550) ! [ 226.104330][T15266] bond0: entered promiscuous mode [ 226.105981][T15266] bond_slave_0: entered promiscuous mode [ 226.108263][T15266] bond_slave_1: entered promiscuous mode [ 226.110893][T15266] batadv_slave_0: entered promiscuous mode [ 226.410731][T15304] bond0: (slave macvlan5): Error -98 calling set_mac_address [ 226.532604][T15315] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 226.535958][ T88] Bluetooth: hci4: Frame reassembly failed (-84) [ 226.773914][T15327] bridge_slave_0: invalid flags given to default FDB implementation [ 227.404510][T15373] kvm_intel: kvm [15372]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x43 [ 228.566344][ T5984] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 228.566636][ T5989] Bluetooth: hci4: command 0x1003 tx timeout [ 228.793161][T15422] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4195'. [ 228.894816][T15447] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4206'. [ 229.039803][T15461] netlink: 168 bytes leftover after parsing attributes in process `syz.3.4212'. [ 229.281004][T15491] overlay: filesystem on ./bus not supported [ 230.796414][T15610] overlay: filesystem on ./bus not supported [ 231.874411][ T53] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 232.034883][ T53] usb 9-1: too many configurations: 9, using maximum allowed: 8 [ 232.038166][ T53] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 232.041019][ T53] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 232.044440][ T53] usb 9-1: config 0 interface 0 has no altsetting 0 [ 232.047231][ T53] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 232.050182][ T53] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 232.053690][ T53] usb 9-1: config 0 interface 0 has no altsetting 0 [ 232.056600][ T53] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 232.059552][ T53] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 232.063069][ T53] usb 9-1: config 0 interface 0 has no altsetting 0 [ 232.065949][ T53] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 232.068856][ T53] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 232.072456][ T53] usb 9-1: config 0 interface 0 has no altsetting 0 [ 232.075305][ T53] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 232.078275][ T53] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 232.081930][ T53] usb 9-1: config 0 interface 0 has no altsetting 0 [ 232.089265][ T53] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 232.092584][ T53] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 232.097164][ T53] usb 9-1: config 0 interface 0 has no altsetting 0 [ 232.100263][ T53] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 232.103102][ T53] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 232.106533][ T53] usb 9-1: config 0 interface 0 has no altsetting 0 [ 232.109480][ T53] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 232.112597][ T53] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 232.116238][ T53] usb 9-1: config 0 interface 0 has no altsetting 0 [ 232.121449][ T53] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 232.124406][ T53] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 232.126992][ T53] usb 9-1: Product: syz [ 232.128413][ T53] usb 9-1: Manufacturer: syz [ 232.129984][ T53] usb 9-1: SerialNumber: syz [ 232.133017][ T53] usb 9-1: config 0 descriptor?? [ 232.144235][ T53] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0 [ 232.888462][ T5982] kernel write not supported for file /snd/pcmC1D0p (pid: 5982 comm: kworker/1:3) [ 233.174269][ T6047] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 234.403299][ C3] usb 9-1: yurex_control_callback - control failed: -2 [ 234.409046][ T53] usb 9-1: USB disconnect, device number 6 [ 234.411959][ T53] yurex 9-1:0.0: USB YUREX #0 now disconnected [ 237.421087][ T5390] udevd[5390]: worker [6483] /devices/virtual/block/nbd1 is taking a long time [ 241.762762][ T117] block nbd1: Possible stuck request ffff888025f90000: control (read@0,1024B). Runtime 150 seconds [ 241.766892][ T117] block nbd1: Possible stuck request ffff888025f901c0: control (read@1024,1024B). Runtime 150 seconds [ 241.770820][ T117] block nbd1: Possible stuck request ffff888025f90380: control (read@2048,1024B). Runtime 150 seconds [ 241.774668][ T117] block nbd1: Possible stuck request ffff888025f90540: control (read@3072,1024B). Runtime 150 seconds [ 243.853410][T15817] random: crng reseeded on system resumption [ 244.213783][T15846] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 244.216869][T15846] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 244.217025][ T40] audit: type=1800 audit(2000000614.226:3845): pid=15847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4372" name="bus" dev="tmpfs" ino=2945 res=0 errno=0 [ 244.220256][T15846] overlayfs: failed to set uuid (1180/file0, err=-13); falling back to uuid=null. [ 244.639409][T15902] syzkaller1: tun_chr_ioctl cmd 1074025672 [ 244.641303][T15902] syzkaller1: ignored: set checksum disabled [ 244.682524][T15908] tun0: tun_chr_ioctl cmd 1074025675 [ 244.684253][T15908] tun0: persist disabled [ 244.702463][ T40] audit: type=1326 audit(2000000614.716:3846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15904 comm="syz.3.4399" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 244.712935][ T40] audit: type=1326 audit(2000000614.716:3847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15904 comm="syz.3.4399" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24579 code=0x7ffc0000 [ 244.720613][ T40] audit: type=1326 audit(2000000614.726:3848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15904 comm="syz.3.4399" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 244.727352][ T40] audit: type=1326 audit(2000000614.726:3849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15904 comm="syz.3.4399" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 244.735119][ T40] audit: type=1326 audit(2000000614.726:3850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15904 comm="syz.3.4399" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 244.743082][ T40] audit: type=1326 audit(2000000614.726:3851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15904 comm="syz.3.4399" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 244.753641][ T40] audit: type=1326 audit(2000000614.726:3852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15904 comm="syz.3.4399" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 244.762470][ T40] audit: type=1326 audit(2000000614.726:3853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15904 comm="syz.3.4399" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 244.781360][ T40] audit: type=1326 audit(2000000614.726:3854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15904 comm="syz.3.4399" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f24598 code=0x7ffc0000 [ 244.822620][ T5982] kernel write not supported for file /media0 (pid: 5982 comm: kworker/1:3) [ 245.197744][T15967] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4427'. [ 245.374661][T15981] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4433'. [ 245.471443][T15998] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4440'. [ 245.723269][T16021] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4450'. [ 245.728099][T16021] team_slave_0: left promiscuous mode [ 245.730124][T16021] team_slave_1: left promiscuous mode [ 245.815509][T16021] team0 (unregistering): Port device team_slave_0 removed [ 245.821147][T16021] team0 (unregistering): Port device team_slave_1 removed [ 246.855374][T16116] loop7: detected capacity change from 0 to 7 [ 246.859218][ C1] blk_print_req_error: 123 callbacks suppressed [ 246.859229][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 246.864166][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 246.867311][T16118] netlink: 196 bytes leftover after parsing attributes in process `syz.0.4495'. [ 246.869209][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 246.873650][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 246.876202][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 246.879232][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 246.882778][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 246.886904][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 246.891217][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 246.895011][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 246.899598][ T0] NOHZ tick-stop error: local softirq work is pending, handler #290!!! [ 246.903170][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 246.907018][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 246.923382][ C3] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 246.927269][ C3] Buffer I/O error on dev loop7, logical block 0, async page read [ 246.930542][T16116] ldm_validate_partition_table(): Disk read failed. [ 246.933259][T16116] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 246.939379][T16116] Buffer I/O error on dev loop7, logical block 0, async page read [ 246.943082][T16116] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 246.949607][T16116] Buffer I/O error on dev loop7, logical block 0, async page read [ 246.956774][T16116] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 246.959735][T16116] Buffer I/O error on dev loop7, logical block 0, async page read [ 246.962615][T16116] Dev loop7: unable to read RDB block 0 [ 246.965086][T16116] loop7: unable to read partition table [ 246.969994][T16116] loop7: partition table beyond EOD, truncated [ 246.972064][T16116] loop_reread_partitions: partition scan of loop7 () failed (rc=-5) [ 248.533110][T16200] netlink: 'syz.4.4529': attribute type 21 has an invalid length. [ 248.630185][T16214] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4536'. [ 248.875014][T16256] netlink: 'syz.1.4555': attribute type 8 has an invalid length. [ 248.943949][T16264] loop4: detected capacity change from 0 to 524255232 [ 249.075109][T16276] kvm: kvm [16275]: vcpu3, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010002) = 0xff [ 249.584844][T16329] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4589'. [ 249.676541][T16321] block nbd3: server does not support multiple connections per device. [ 249.679817][T16321] block nbd3: shutting down sockets [ 249.708280][T16349] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4599'. [ 249.719353][T16349] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4599'. [ 249.743788][T16355] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 249.783961][T16359] CUSE: info not properly terminated [ 250.243898][ T1191] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 250.938538][T16407] ALSA: mixer_oss: invalid OSS volume 'A141=w敐腣e]' [ 250.941480][T16407] ALSA: mixer_oss: invalid OSS volume '室盉寺;T`緻$櫩綞黧cXMYd,' [ 250.945143][T16407] ALSA: mixer_oss: invalid OSS volume 'b珟@h#' [ 250.947750][T16407] ALSA: mixer_oss: invalid OSS volume '晳h4繓蠿瑒S4v=0漘>&湎' [ 250.950945][T16407] ALSA: mixer_oss: invalid OSS volume '|/"tj' [ 250.953528][T16407] ALSA: mixer_oss: invalid OSS volume '-z5矈c^鱆6$' [ 250.957144][T16407] ALSA: mixer_oss: invalid OSS volume '0审T劗皔蒌瞵髩椽嚄俲朠&喅a飔' [ 250.960520][T16407] ALSA: mixer_oss: invalid OSS volume '|幞髜俓' [ 250.963279][T16407] ALSA: mixer_oss: invalid OSS volume '@鬪3b蓽憓樤G$#\("/鴒鶯' [ 250.967011][T16407] ALSA: mixer_oss: invalid OSS volume '' [ 250.976787][T16410] netlink: 'syz.4.4628': attribute type 1 has an invalid length. [ 250.979428][T16410] netlink: 224 bytes leftover after parsing attributes in process `syz.4.4628'. [ 251.025989][T16419] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 251.865214][T16458] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 251.870631][T16458] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.875299][T16458] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.394244][ T6081] usb 9-1: new full-speed USB device number 7 using dummy_hcd [ 252.556419][ T6081] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid maxpacket 149, setting to 64 [ 252.563336][ T6081] usb 9-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 252.568068][ T6081] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 252.570616][T16499] netlink: 'syz.3.4667': attribute type 21 has an invalid length. [ 252.571440][ T6081] usb 9-1: Product: syz [ 252.574295][T16499] netlink: 156 bytes leftover after parsing attributes in process `syz.3.4667'. [ 252.576015][ T6081] usb 9-1: Manufacturer: syz [ 252.576031][ T6081] usb 9-1: SerialNumber: syz [ 252.577961][ T6081] usb 9-1: config 0 descriptor?? [ 252.582896][T16499] netlink: 'syz.3.4667': attribute type 21 has an invalid length. [ 252.588402][T16499] netlink: 156 bytes leftover after parsing attributes in process `syz.3.4667'. [ 252.862974][T16522] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.4677'. [ 252.998253][ T6404] usb 9-1: USB disconnect, device number 7 [ 253.193915][ T6047] hid_parser_main: 8 callbacks suppressed [ 253.193932][ T6047] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 253.199422][ T6047] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 253.202491][ T6047] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 253.205960][ T6047] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 253.208978][ T6047] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 253.211929][ T6047] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 253.217708][ T6047] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 253.220790][ T6047] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 253.223929][ T6047] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 253.226912][ T6047] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 253.232370][ T6047] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [翐絑逆w驱[ba栭|\rn)A#6攐爷?曫a營溷s5hV3(;轵 [ 253.232370][ T6047] 阊働$z煞嘪$┓鄻w[S朱繰煅e褄x椶u馭爎粶蟣犰[5l'榋Cz2馷 on 鼟t鼶K晚榊绺O灴,撬U浘O愥夎p帗倇"i蘹鶤齕薳w愤涿拀耑X獎A [ 254.292490][T16595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4712'. [ 254.297019][T16595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4712'. [ 254.895317][T16623] netlink: 'syz.1.4724': attribute type 2 has an invalid length. [ 254.898742][T16623] netlink: 'syz.1.4724': attribute type 8 has an invalid length. [ 254.902065][T16623] netlink: 1148 bytes leftover after parsing attributes in process `syz.1.4724'. [ 255.053280][ T6047] e1000 0000:00:06.0 eth0: Reset adapter [ 255.117431][T16641] Failed to get privilege flags for destination (handle=0x2:0x0) [ 257.194030][ T53] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 260.313590][ T1419] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.315703][ T1419] ieee802154 phy1 wpan1: encryption failed: -22 [ 265.365846][T16677] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4737'. [ 265.411520][T16677] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4737'. [ 265.494220][T16694] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.4744'. [ 265.559624][T16705] netlink: 'syz.3.4749': attribute type 1 has an invalid length. [ 265.635214][ T29] hid_parser_main: 6 callbacks suppressed [ 265.635226][ T29] hid-generic 0001:0000:0000.0009: unknown main item tag 0x0 [ 265.639887][ T29] hid-generic 0001:0000:0000.0009: unknown main item tag 0x0 [ 265.642206][ T29] hid-generic 0001:0000:0000.0009: unknown main item tag 0x0 [ 265.644435][ T29] hid-generic 0001:0000:0000.0009: unknown main item tag 0x0 [ 265.646748][ T29] hid-generic 0001:0000:0000.0009: unknown main item tag 0x0 [ 265.649510][T16716] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4754'. [ 265.652785][T16716] netlink: 'syz.1.4754': attribute type 5 has an invalid length. [ 265.657468][ T29] hid-generic 0001:0000:0000.0009: unknown main item tag 0x0 [ 265.659756][ T29] hid-generic 0001:0000:0000.0009: unknown main item tag 0x0 [ 265.662072][ T29] hid-generic 0001:0000:0000.0009: unknown main item tag 0x0 [ 265.664438][ T29] hid-generic 0001:0000:0000.0009: unknown main item tag 0x0 [ 265.666774][ T29] hid-generic 0001:0000:0000.0009: unknown main item tag 0x0 [ 265.670689][ T29] hid-generic 0001:0000:0000.0009: hidraw0: HID vffffff.ff Device [syz0] on syz0 [ 265.978465][T16748] binder: 16747:16748 ioctl c018620c 80000000 returned -1 [ 266.098791][ T5984] Bluetooth: hci2: ISO packet too small [ 266.847481][ T29] IPVS: starting estimator thread 0... [ 266.850145][T16846] IPVS: rr: SCTP 172.20.20.187:0 - no destination available [ 266.901561][T16850] binder: 16848:16850 ioctl c0306201 80000040 returned -14 [ 266.947157][T16847] IPVS: using max 24 ests per chain, 57600 per kthread [ 268.228632][T16924] Invalid ELF header magic: != ELF [ 268.665668][ T40] kauditd_printk_skb: 834 callbacks suppressed [ 268.665684][ T40] audit: type=1326 audit(2000000638.678:4689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16985 comm="syz.0.4877" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 268.682984][ T40] audit: type=1326 audit(2000000638.688:4690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16985 comm="syz.0.4877" exe="/syz-executor" sig=0 arch=40000003 syscall=312 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 268.695506][ T40] audit: type=1326 audit(2000000638.688:4691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16985 comm="syz.0.4877" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 268.702527][ T40] audit: type=1326 audit(2000000638.688:4692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16985 comm="syz.0.4877" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e579 code=0x7ffc0000 [ 270.219098][T17106] syz.1.4933 (17106): drop_caches: 2 [ 270.240121][T17108] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4934'. [ 270.705552][T17154] netlink: 'syz.1.4955': attribute type 1 has an invalid length. [ 270.708386][T17154] netlink: 1 bytes leftover after parsing attributes in process `syz.1.4955'. [ 270.895804][T17171] program syz.1.4963 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 270.958547][T17177] netlink: 6 bytes leftover after parsing attributes in process `syz.4.4966'. [ 271.836991][T15775] block nbd1: Possible stuck request ffff888025f90000: control (read@0,1024B). Runtime 180 seconds [ 271.841228][T15775] block nbd1: Possible stuck request ffff888025f901c0: control (read@1024,1024B). Runtime 180 seconds [ 271.845349][T15775] block nbd1: Possible stuck request ffff888025f90380: control (read@2048,1024B). Runtime 180 seconds [ 271.849887][T15775] block nbd1: Possible stuck request ffff888025f90540: control (read@3072,1024B). Runtime 180 seconds [ 272.254913][T17242] netlink: 'syz.1.4995': attribute type 5 has an invalid length. [ 272.718377][T17292] sctp: [Deprecated]: syz.3.5017 (pid 17292) Use of struct sctp_assoc_value in delayed_ack socket option. [ 272.718377][T17292] Use struct sctp_sack_info instead [ 273.012370][T17331] bridge0: port 2(bridge_slave_1) entered disabled state [ 273.016159][T17331] bridge0: port 1(bridge_slave_0) entered disabled state [ 273.053511][T17335] netlink: 'syz.4.5038': attribute type 11 has an invalid length. [ 273.057070][T17335] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5038'. [ 273.179858][T17346] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 273.345297][T17361] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5050'. [ 274.136815][T17380] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5058'. [ 274.143067][T17380] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5058'. [ 274.522299][T17420] netlink: 'syz.3.5077': attribute type 14 has an invalid length. [ 274.599133][T17428] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 274.610206][T17432] bond0: option mode: unable to set because the bond device has slaves [ 274.942378][T17461] nfs: Unknown parameter 'ntext' [ 274.948503][T17464] ieee802154 phy0 wpan0: encryption failed: -22 [ 275.343090][ T46] wlan1: Trigger new scan to find an IBSS to join [ 276.126687][T17564] @: renamed from vlan0 (while UP) [ 277.194369][T17635] netlink: 340 bytes leftover after parsing attributes in process `syz.4.5175'. [ 277.542552][T17663] IPVS: persistence engine module ip_vs_pe_ not found [ 277.709430][T17670] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5192'. [ 278.319265][T17715] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 278.381500][ T13] wlan1: Trigger new scan to find an IBSS to join [ 279.225203][T17729] sp0: Synchronizing with TNC [ 280.685990][T17832] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5267'. [ 280.772248][T17838] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5270'. [ 281.029882][ T53] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 281.153256][ T60] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 281.154061][T17852] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5277'. [ 281.159488][T17852] netlink: 'syz.3.5277': attribute type 30 has an invalid length. [ 281.166835][T17852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5277'. [ 281.181053][ T53] usb 6-1: Using ep0 maxpacket: 8 [ 281.188775][ T53] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 281.192453][ T53] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 281.195336][ T53] usb 6-1: Product: syz [ 281.196659][ T53] usb 6-1: Manufacturer: syz [ 281.198147][ T53] usb 6-1: SerialNumber: syz [ 281.200732][ T53] usb 6-1: config 0 descriptor?? [ 281.340051][ T88] wlan1: Creating new IBSS network, BSSID 00:8d:ff:ff:00:00 [ 281.369840][ T6081] ------------[ cut here ]------------ [ 281.371888][ T6081] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0 [ 281.375488][ T6081] WARNING: CPU: 0 PID: 6081 at net/mac80211/rate.c:398 __rate_control_send_low+0x661/0x780 [ 281.378747][ T6081] Modules linked in: [ 281.380813][ T6081] CPU: 0 UID: 0 PID: 6081 Comm: kworker/0:5 Not tainted syzkaller #0 PREEMPT(full) [ 281.385481][ T6081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 281.388880][ T6081] Workqueue: mld mld_ifc_work [ 281.390707][ T6081] RIP: 0010:__rate_control_send_low+0x661/0x780 [ 281.392795][ T6081] Code: a4 a0 d4 00 00 00 e8 9e ba b3 f6 44 8b 44 24 24 45 89 e9 89 d9 48 8b 74 24 08 44 89 e2 48 c7 c7 60 0c 09 8d e8 80 b0 72 f6 90 <0f> 0b 90 90 e9 26 fd ff ff 48 8b 3c 24 e8 3d 2a 19 f7 e9 fb fc ff [ 281.398816][ T6081] RSP: 0018:ffffc90002afea70 EFLAGS: 00010282 [ 281.401180][ T6081] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a02f8 [ 281.403759][ T6081] RDX: ffff888028512440 RSI: ffffffff817a0305 RDI: 0000000000000001 [ 281.405455][ T53] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 281.406332][ T6081] RBP: ffff8880270a16a8 R08: 0000000000000001 R09: 0000000000000000 [ 281.409868][ T53] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 281.411587][ T6081] R10: 0000000000000000 R11: 0000000000000000 R12: 00000000ffffffff [ 281.415315][ T53] usb 6-1: USB disconnect, device number 15 [ 281.417029][ T6081] R13: 0000000000000000 R14: 000000000000000c R15: ffff8880270a16b0 [ 281.417039][ T6081] FS: 0000000000000000(0000) GS:ffff8880974b9000(0000) knlGS:0000000000000000 [ 281.417061][ T6081] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 281.426802][ T6081] CR2: 000000000c33e552 CR3: 0000000068b3d000 CR4: 0000000000352ef0 [ 281.429270][ T6081] Call Trace: [ 281.430443][ T6081] [ 281.431389][ T6081] rate_control_send_low+0x29a/0x820 [ 281.433069][ T6081] rate_control_get_rate+0x1be/0x5e0 [ 281.434774][ T6081] ieee80211_tx_h_rate_ctrl+0xad3/0x1a90 [ 281.436566][ T6081] ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10 [ 281.438524][ T6081] ? __lock_acquire+0xb97/0x1ce0 [ 281.440384][ T6081] invoke_tx_handlers_late+0x119a/0x27a0 [ 281.442407][ T6081] ? find_held_lock+0x2b/0x80 [ 281.443897][ T6081] ? ieee80211_tx_h_select_key+0x2c9/0x1bc0 [ 281.445744][ T6081] ieee80211_tx_dequeue+0x3082/0x43e0 [ 281.447517][ T6081] ? __pfx_ieee80211_tx_dequeue+0x10/0x10 [ 281.449296][ T6081] ? do_raw_spin_lock+0x12c/0x2b0 [ 281.451302][ T6081] ? ieee80211_next_txq+0xd8/0xa50 [ 281.452972][ T6081] ieee80211_handle_wake_tx_queue+0x19c/0x260 [ 281.454902][ T6081] ? __pfx_ieee80211_handle_wake_tx_queue+0x10/0x10 [ 281.457003][ T6081] ? __pfx___ieee80211_schedule_txq+0x10/0x10 [ 281.458922][ T6081] ? mark_held_locks+0x49/0x80 [ 281.460713][ T6081] ? __local_bh_enable_ip+0xa4/0x120 [ 281.462684][ T6081] ieee80211_queue_skb+0x12af/0x1fe0 [ 281.464395][ T6081] ieee80211_tx+0x2e4/0x420 [ 281.465849][ T6081] ? __pfx_ieee80211_tx+0x10/0x10 [ 281.467499][ T6081] ? ieee80211_skb_resize+0x22a/0x630 [ 281.469174][ T6081] ? ieee80211_set_qos_hdr+0xba/0x3f0 [ 281.471064][ T6081] ieee80211_xmit+0x30f/0x3e0 [ 281.472549][ T6081] __ieee80211_subif_start_xmit+0x880/0x1390 [ 281.474464][ T6081] ? neigh_resolve_output+0x53a/0x940 [ 281.476146][ T6081] ? __pfx___ieee80211_subif_start_xmit+0x10/0x10 [ 281.478209][ T6081] ? mld_sendpack+0x9ea/0x1270 [ 281.479861][ T6081] ? skb_network_protocol+0x126/0x6d0 [ 281.482083][ T6081] ieee80211_subif_start_xmit+0x11b/0x1970 [ 281.483921][ T6081] ? __pfx_ieee80211_subif_start_xmit+0x10/0x10 [ 281.485825][ T6081] ? dev_hard_start_xmit+0x94/0x740 [ 281.487489][ T6081] dev_hard_start_xmit+0x94/0x740 [ 281.489072][ T6081] __dev_queue_xmit+0xa46/0x4490 [ 281.490712][ T6081] ? __lock_acquire+0x62e/0x1ce0 [ 281.492109][ T6081] ? __pfx___dev_queue_xmit+0x10/0x10 [ 281.493757][ T6081] ? register_lock_class+0x41/0x4c0 [ 281.495418][ T6081] ? __lock_acquire+0xb97/0x1ce0 [ 281.496909][ T6081] ? __asan_memcpy+0x3c/0x60 [ 281.498520][ T6081] ? eth_header+0x11c/0x1f0 [ 281.500043][ T6081] neigh_resolve_output+0x53a/0x940 [ 281.501898][ T6081] ip6_finish_output2+0xaee/0x2020 [ 281.503880][ T6081] ? ip6_mtu+0x1a3/0x4a0 [ 281.505704][ T6081] __ip6_finish_output+0x3cd/0x1010 [ 281.507930][ T6081] ip6_output+0x1ca/0x3e0 [ 281.509849][ T6081] mld_sendpack+0x9ea/0x1270 [ 281.511874][ T6081] ? __pfx_mld_sendpack+0x10/0x10 [ 281.514069][ T6081] mld_ifc_work+0x740/0xbf0 [ 281.516039][ T6081] process_one_work+0x9cf/0x1b70 [ 281.518207][ T6081] ? __pfx_process_one_work+0x10/0x10 [ 281.520641][ T6081] ? assign_work+0x1a0/0x250 [ 281.522456][ T6081] worker_thread+0x6c8/0xf10 [ 281.523983][ T6081] ? __kthread_parkme+0x19e/0x250 [ 281.525592][ T6081] ? __pfx_worker_thread+0x10/0x10 [ 281.527210][ T6081] kthread+0x3c5/0x780 [ 281.528507][ T6081] ? __pfx_kthread+0x10/0x10 [ 281.530053][ T6081] ? rcu_is_watching+0x12/0xc0 [ 281.531499][ T6081] ? __pfx_kthread+0x10/0x10 [ 281.532989][ T6081] ret_from_fork+0x56d/0x730 [ 281.534494][ T6081] ? __pfx_kthread+0x10/0x10 [ 281.535972][ T6081] ret_from_fork_asm+0x1a/0x30 [ 281.537462][ T6081] [ 281.538443][ T6081] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 281.540603][ T6081] CPU: 0 UID: 0 PID: 6081 Comm: kworker/0:5 Not tainted syzkaller #0 PREEMPT(full) [ 281.543475][ T6081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 281.546807][ T6081] Workqueue: mld mld_ifc_work [ 281.548301][ T6081] Call Trace: [ 281.549366][ T6081] [ 281.550280][ T6081] dump_stack_lvl+0x3d/0x1f0 [ 281.551581][ T6081] vpanic+0x6e8/0x7a0 [ 281.552831][ T6081] ? __pfx_vpanic+0x10/0x10 [ 281.554307][ T6081] ? __rate_control_send_low+0x661/0x780 [ 281.556075][ T6081] panic+0xca/0xd0 [ 281.557276][ T6081] ? __pfx_panic+0x10/0x10 [ 281.558716][ T6081] ? check_panic_on_warn+0x1f/0xb0 [ 281.560329][ T6081] check_panic_on_warn+0xab/0xb0 [ 281.561897][ T6081] __warn+0xf6/0x3c0 [ 281.563173][ T6081] ? __pfx_vprintk_emit+0x10/0x10 [ 281.564779][ T6081] ? __rate_control_send_low+0x661/0x780 [ 281.566565][ T6081] report_bug+0x3c3/0x580 [ 281.567943][ T6081] ? __rate_control_send_low+0x661/0x780 [ 281.569704][ T6081] handle_bug+0x184/0x210 [ 281.571088][ T6081] exc_invalid_op+0x17/0x50 [ 281.572517][ T6081] asm_exc_invalid_op+0x1a/0x20 [ 281.574041][ T6081] RIP: 0010:__rate_control_send_low+0x661/0x780 [ 281.575994][ T6081] Code: a4 a0 d4 00 00 00 e8 9e ba b3 f6 44 8b 44 24 24 45 89 e9 89 d9 48 8b 74 24 08 44 89 e2 48 c7 c7 60 0c 09 8d e8 80 b0 72 f6 90 <0f> 0b 90 90 e9 26 fd ff ff 48 8b 3c 24 e8 3d 2a 19 f7 e9 fb fc ff [ 281.581930][ T6081] RSP: 0018:ffffc90002afea70 EFLAGS: 00010282 [ 281.583842][ T6081] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a02f8 [ 281.586309][ T6081] RDX: ffff888028512440 RSI: ffffffff817a0305 RDI: 0000000000000001 [ 281.588748][ T6081] RBP: ffff8880270a16a8 R08: 0000000000000001 R09: 0000000000000000 [ 281.591202][ T6081] R10: 0000000000000000 R11: 0000000000000000 R12: 00000000ffffffff [ 281.593652][ T6081] R13: 0000000000000000 R14: 000000000000000c R15: ffff8880270a16b0 [ 281.596125][ T6081] ? __warn_printk+0x198/0x350 [ 281.597631][ T6081] ? __warn_printk+0x1a5/0x350 [ 281.599169][ T6081] rate_control_send_low+0x29a/0x820 [ 281.600831][ T6081] rate_control_get_rate+0x1be/0x5e0 [ 281.602508][ T6081] ieee80211_tx_h_rate_ctrl+0xad3/0x1a90 [ 281.604283][ T6081] ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10 [ 281.606210][ T6081] ? __lock_acquire+0xb97/0x1ce0 [ 281.607785][ T6081] invoke_tx_handlers_late+0x119a/0x27a0 [ 281.609545][ T6081] ? find_held_lock+0x2b/0x80 [ 281.611052][ T6081] ? ieee80211_tx_h_select_key+0x2c9/0x1bc0 [ 281.612919][ T6081] ieee80211_tx_dequeue+0x3082/0x43e0 [ 281.614655][ T6081] ? __pfx_ieee80211_tx_dequeue+0x10/0x10 [ 281.616451][ T6081] ? do_raw_spin_lock+0x12c/0x2b0 [ 281.618059][ T6081] ? ieee80211_next_txq+0xd8/0xa50 [ 281.619654][ T6081] ieee80211_handle_wake_tx_queue+0x19c/0x260 [ 281.621550][ T6081] ? __pfx_ieee80211_handle_wake_tx_queue+0x10/0x10 [ 281.623640][ T6081] ? __pfx___ieee80211_schedule_txq+0x10/0x10 [ 281.625550][ T6081] ? mark_held_locks+0x49/0x80 [ 281.627082][ T6081] ? __local_bh_enable_ip+0xa4/0x120 [ 281.628752][ T6081] ieee80211_queue_skb+0x12af/0x1fe0 [ 281.630444][ T6081] ieee80211_tx+0x2e4/0x420 [ 281.631886][ T6081] ? __pfx_ieee80211_tx+0x10/0x10 [ 281.633506][ T6081] ? ieee80211_skb_resize+0x22a/0x630 [ 281.635200][ T6081] ? ieee80211_set_qos_hdr+0xba/0x3f0 [ 281.636883][ T6081] ieee80211_xmit+0x30f/0x3e0 [ 281.638403][ T6081] __ieee80211_subif_start_xmit+0x880/0x1390 [ 281.640272][ T6081] ? neigh_resolve_output+0x53a/0x940 [ 281.641944][ T6081] ? __pfx___ieee80211_subif_start_xmit+0x10/0x10 [ 281.643947][ T6081] ? mld_sendpack+0x9ea/0x1270 [ 281.645467][ T6081] ? skb_network_protocol+0x126/0x6d0 [ 281.647154][ T6081] ieee80211_subif_start_xmit+0x11b/0x1970 [ 281.648978][ T6081] ? __pfx_ieee80211_subif_start_xmit+0x10/0x10 [ 281.650945][ T6081] ? dev_hard_start_xmit+0x94/0x740 [ 281.652587][ T6081] dev_hard_start_xmit+0x94/0x740 [ 281.654208][ T6081] __dev_queue_xmit+0xa46/0x4490 [ 281.655778][ T6081] ? __lock_acquire+0x62e/0x1ce0 [ 281.657343][ T6081] ? __pfx___dev_queue_xmit+0x10/0x10 [ 281.659065][ T6081] ? register_lock_class+0x41/0x4c0 [ 281.660966][ T6081] ? __lock_acquire+0xb97/0x1ce0 [ 281.663001][ T6081] ? __asan_memcpy+0x3c/0x60 [ 281.664845][ T6081] ? eth_header+0x11c/0x1f0 [ 281.666682][ T6081] neigh_resolve_output+0x53a/0x940 [ 281.668729][ T6081] ip6_finish_output2+0xaee/0x2020 [ 281.670769][ T6081] ? ip6_mtu+0x1a3/0x4a0 [ 281.672324][ T6081] __ip6_finish_output+0x3cd/0x1010 [ 281.673986][ T6081] ip6_output+0x1ca/0x3e0 [ 281.675360][ T6081] mld_sendpack+0x9ea/0x1270 [ 281.676835][ T6081] ? __pfx_mld_sendpack+0x10/0x10 [ 281.678454][ T6081] mld_ifc_work+0x740/0xbf0 [ 281.679787][ T6081] process_one_work+0x9cf/0x1b70 [ 281.681168][ T6081] ? __pfx_process_one_work+0x10/0x10 [ 281.682743][ T6081] ? assign_work+0x1a0/0x250 [ 281.684227][ T6081] worker_thread+0x6c8/0xf10 [ 281.685693][ T6081] ? __kthread_parkme+0x19e/0x250 [ 281.687285][ T6081] ? __pfx_worker_thread+0x10/0x10 [ 281.688855][ T6081] kthread+0x3c5/0x780 [ 281.690146][ T6081] ? __pfx_kthread+0x10/0x10 [ 281.691704][ T6081] ? rcu_is_watching+0x12/0xc0 [ 281.693341][ T6081] ? __pfx_kthread+0x10/0x10 [ 281.694841][ T6081] ret_from_fork+0x56d/0x730 [ 281.696282][ T6081] ? __pfx_kthread+0x10/0x10 [ 281.697757][ T6081] ret_from_fork_asm+0x1a/0x30 [ 281.699276][ T6081] [ 281.700874][ T6081] Kernel Offset: disabled [ 281.702317][ T6081] Rebooting in 86400 seconds.. VM DIAGNOSIS: 23:11:20 Registers: info registers vcpu 0 CPU#0 RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8561e9d5 RDI=ffffffff9b103780 RBP=ffffffff9b103740 RSP=ffffc90002afe3e0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=000000000000002e R14=ffffffff9b103740 R15=ffffffff8561e970 RIP=ffffffff8561e9ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880974b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c33e552 CR3=0000000068b3d000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000001b14af RBX=0000000000000001 RCX=ffffffff8b91db29 RDX=0000000000000000 RSI=ffffffff8de4f73a RDI=ffffffff8c163800 RBP=ffffed1003bdf488 RSP=ffffc9000046fdf8 R8 =0000000000000001 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000000 R12=0000000000000001 R13=ffff88801defa440 R14=ffffffff90abad90 R15=0000000000000000 RIP=ffffffff8b91c66f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880975b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000032e21ffc CR3=000000002afcf000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffffc90002ddf320 RCX=0000000000000674 RDX=ffff888027b92440 RSI=0000000000000800 RDI=0000000000000678 RBP=0000000000000004 RSP=ffffc90002ddf110 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=0000000000000004 R13=0000000000000800 R14=0000000000000674 R15=0000000000000678 RIP=ffffffff81bb0610 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fac6f823300 ffffffff 00c00000 GS =0000 ffff8880976b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055579375d000 CR3=000000004bd54000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000003000000012 0004000000080024 0000000000280034 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000014aa 0000001800000000 0000000000000000 0000000000000017 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0fff000000040000 00061a0827800308 000002d700000003 0000000100000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000004b7000000 00000003b7ffffff f800000207000000 000000a2bf000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00fff88a7b0000e9 b2000008b7000000 0000000000018208 11b0030100000008 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0611a80300001118 0000000000000000 0000000000000018 2808118003118004 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0390031808000388 0304080003800301 9008002780020008 00060002a8070000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 edec631c08000300 040aa0030008000a 98031c08000a9003 20808c8008000a88 ZMM25=890cfed1890cfed1 890cfed1890cfed1 890cfed1890cfed1 890cfed1890cfed1 890cfed1890cfed1 890cfed1890cfed1 890cfed1890cfed1 890cfed1890cfed1 ZMM26=9e8951969e895196 9e8951969e895196 9e8951969e895196 9e8951969e895196 9e8951969e895196 9e8951969e895196 9e8951969e895196 9e8951969e895196 ZMM27=e5efc6abe5efc6ab e5efc6abe5efc6ab e5efc6abe5efc6ab e5efc6abe5efc6ab e5efc6abe5efc6ab e5efc6abe5efc6ab e5efc6abe5efc6ab e5efc6abe5efc6ab ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=a21d0000a21d0000 a21d0000a21d0000 a21d0000a21d0000 a21d0000a21d0000 a21d0000a21d0000 a21d0000a21d0000 a21d0000a21d0000 a21d0000a21d0000 info registers vcpu 3 CPU#3 RAX=000000ab87709472 RBX=ffff88802b523a00 RCX=00000000000006e0 RDX=00000000000000ab RSI=ffff88802b523a00 RDI=0000000000009be8 RBP=0000000000009be8 RSP=ffffc900005e8e38 R8 =0000000000000005 R9 =000000000000003f R10=0000000000000019 R11=0000000000000000 R12=0000000000000001 R13=0000000000000001 R14=0000000000000019 R15=000000417f20637f RIP=ffffffff81680db5 RFL=00000003 [------C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880977b9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7f155c0 CR3=0000000068311000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000