last executing test programs: 32.937370274s ago: executing program 1 (id=663): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0xffffffff) r0 = open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x0) r1 = inotify_init() inotify_add_watch(r1, &(0x7f00000000c0)='./file0\x00', 0x40000006) vmsplice(r0, &(0x7f0000000380)=[{&(0x7f0000000080)="9b", 0x1}], 0x1, 0x6) 32.917790405s ago: executing program 1 (id=664): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000180)='syzkaller\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001240), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_REG(r2, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000001440)={0x1c, r1, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x13}]}, 0x1c}, 0x1, 0x0, 0x0, 0xd8}, 0x8000) 32.860698544s ago: executing program 1 (id=666): socket$inet_smc(0x2b, 0x1, 0x0) socket$inet(0x2b, 0x801, 0x0) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) recvmmsg(r0, &(0x7f0000000e40)=[{{0x0, 0x0, 0x0}, 0x53}], 0x1, 0x120, 0x0) sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x14, 0x601, 0x0, 0x0, {0x2b, 0xfa}}, 0x14}}, 0x0) 32.768075726s ago: executing program 1 (id=669): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1edc01, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x887008, 0x0) 32.703108971s ago: executing program 1 (id=671): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='mm_migrate_pages\x00', r1, 0x0, 0x5}, 0x18) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) 32.39989143s ago: executing program 1 (id=676): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00') preadv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/88, 0x58}, {&(0x7f0000000180)=""/97, 0x61}], 0x2, 0x2, 0x0) 32.261572678s ago: executing program 32 (id=676): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00') preadv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/88, 0x58}, {&(0x7f0000000180)=""/97, 0x61}], 0x2, 0x2, 0x0) 1.956084175s ago: executing program 4 (id=1315): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000000c00078008000640000007010500050002000000050004000000000016000300686173683a6e65742c706f7274"], 0x5c}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000ffff00000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) syz_usb_connect(0x1, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e4001020303090224"], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) 858.469099ms ago: executing program 2 (id=1340): r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000003240)=@base={0xf, 0x4, 0x4, 0x3}, 0x50) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000380)=ANY=[@ANYRES32=r1, @ANYRES32=r0, @ANYBLOB='&'], 0x10) close(r0) close(r1) 832.405424ms ago: executing program 0 (id=1341): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000840)={'batadv_slave_0\x00', 0x0}) r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r2}, 0x90) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=@newlink={0x34, 0x10, 0x1, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r2, 0x4100}, [@IFLA_XDP={0x14, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r3}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x2}]}]}, 0x34}}, 0x4008000) 828.43484ms ago: executing program 2 (id=1342): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_ifreq(r0, 0x8990, &(0x7f0000000180)={'bond0\x00', @ifru_names='rose0\x00'}) r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0) bind$rose(r1, &(0x7f00000002c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x5, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x40) connect$rose(r1, &(0x7f00000001c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, 0x0, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x40) 753.099851ms ago: executing program 0 (id=1343): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='rdma.current\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x23ddd000) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r1) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r1, 0x10, &(0x7f0000000000)) 725.200042ms ago: executing program 2 (id=1344): timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]}) r0 = getpid() sched_setscheduler(r0, 0x6, &(0x7f0000000480)=0x2) 639.566634ms ago: executing program 0 (id=1345): mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) r0 = creat(&(0x7f0000000080)='./file0/file1\x00', 0x90) write$cgroup_type(r0, &(0x7f00000009c0), 0xd4ba0ff) unlink(&(0x7f0000000100)='./file0/file1\x00') link(&(0x7f00000000c0)='./file0/file1\x00', &(0x7f0000000180)='./file1\x00') 444.709148ms ago: executing program 4 (id=1346): r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2) r1 = syz_io_uring_setup(0x233, &(0x7f0000000280)={0x0, 0x0, 0x10100, 0x1, 0x40000}, &(0x7f0000000080)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x3, 0x0, 0x0, 0x2}) io_uring_enter(r1, 0x7a98, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_S_OUTPUT(r0, 0xc004562f, &(0x7f00000000c0)=0x1) 357.889783ms ago: executing program 3 (id=1347): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000000)={0x0, 0x300, &(0x7f0000000680)={&(0x7f0000000e80)={0x44, r0, 0x801, 0x400, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x14, 0x1, "4abee33957edf8aaae14574df4"}, @NL80211_KEY_IDX={0x5, 0x2, 0x2}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac09}]}]}, 0x44}}, 0x0) sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, r0, 0x4, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8}, @val={0xc, 0x99, {0x3, 0x6d}}}}, [@NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x51}, 0x4000041) 356.850829ms ago: executing program 4 (id=1348): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41) recvmsg(r0, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001) recvmsg(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) sendmsg$inet(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000500)="9f", 0x1}], 0x1}, 0x0) 298.098495ms ago: executing program 3 (id=1349): r0 = io_uring_setup(0xdac, &(0x7f0000000180)) close_range(r0, 0xffffffffffffffff, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f00000000c0)) readv(r1, &(0x7f0000000500)=[{&(0x7f0000001780)=""/4107, 0x100b}], 0x1) 297.523905ms ago: executing program 0 (id=1350): epoll_create1(0x0) r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x0, 0xbfdfffbc}, &(0x7f00000000c0)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x85c3}}) io_uring_enter(r0, 0x32d7, 0x0, 0x46, 0x0, 0x0) 212.45051ms ago: executing program 4 (id=1351): r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)="6724d6aa8985bce0e0f8250d5ebcf3ff4284ddc9c1a96c2bc41b18425a017606c242a40b21df5cdb", 0x28) write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}}) 210.627762ms ago: executing program 3 (id=1352): r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) landlock_restrict_self(r0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0) 200.845884ms ago: executing program 2 (id=1353): r0 = open(&(0x7f00000000c0)='./file0\x00', 0x80140, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x103080, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f0000000180)={0x0, 0x40000105, 0x0, 0x0}) close_range(r0, 0xffffffffffffffff, 0x0) 197.293334ms ago: executing program 3 (id=1354): unshare(0x22020600) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 168.868021ms ago: executing program 0 (id=1355): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r0, 0xffffffffffffffff}, 0x4) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x1c, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xb}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='tlb_flush\x00', r3}, 0x10) 163.448633ms ago: executing program 4 (id=1356): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="12000000050000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 123.386253ms ago: executing program 0 (id=1357): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x901800, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) 78.484084ms ago: executing program 2 (id=1358): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0) chdir(&(0x7f0000000100)='./file0\x00') r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 7.059953ms ago: executing program 3 (id=1359): prlimit64(0x0, 0xb, &(0x7f0000000000), 0x0) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) r0 = gettid() tkill(r0, 0x12) tkill(r0, 0x14) 5.505549ms ago: executing program 2 (id=1360): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000440)={@val={0x70}, @void, @eth={@broadcast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0xffffdd86}}}}}}}, 0x3e) 5.290059ms ago: executing program 3 (id=1361): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x4) setsockopt$inet6_tcp_int(r0, 0x11a, 0x3, &(0x7f0000001080), 0xc6) 0s ago: executing program 4 (id=1362): io_setup(0x5, &(0x7f0000000000)=0x0) r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000100)={0x3, "421ae3753785259249154c944c28ad063ff47d3bd7a8a45d6bb4c78a3ab4c981", 0xffffffffffffffff}) io_submit(r0, 0x19, &(0x7f00000003c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) ioctl$SW_SYNC_IOC_INC(r1, 0x40045701, &(0x7f0000000080)=0x10) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:36344' (ED25519) to the list of known hosts. [ 57.539010][ T5967] cgroup: Unknown subsys name 'net' [ 57.673329][ T5967] cgroup: Unknown subsys name 'cpuset' [ 57.680994][ T5967] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 58.768500][ T5967] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 63.737407][ T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 63.749399][ T5992] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 63.752724][ T5992] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 63.756132][ T5992] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 63.758756][ T5992] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 63.761616][ T5992] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 63.764413][ T5992] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 63.767115][ T5992] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 63.770025][ T5992] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 63.772482][ T5992] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 63.774322][ T5995] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 63.776000][ T5996] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 63.779388][ T5997] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 63.779662][ T5992] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 63.782542][ T5992] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 63.785787][ T5997] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 63.787748][ T5992] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 63.793338][ T5992] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 63.796346][ T63] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 63.807193][ T5988] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 64.127409][ T5985] chnl_net:caif_netlink_parms(): no params data found [ 64.230520][ T5981] chnl_net:caif_netlink_parms(): no params data found [ 64.323425][ T5989] chnl_net:caif_netlink_parms(): no params data found [ 64.365630][ T5985] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.368989][ T5985] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.373086][ T5985] bridge_slave_0: entered allmulticast mode [ 64.377144][ T5985] bridge_slave_0: entered promiscuous mode [ 64.400377][ T5985] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.402859][ T5985] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.405406][ T5985] bridge_slave_1: entered allmulticast mode [ 64.408811][ T5985] bridge_slave_1: entered promiscuous mode [ 64.518378][ T5993] chnl_net:caif_netlink_parms(): no params data found [ 64.624186][ T5985] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 64.636101][ T5985] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.640439][ T5989] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.642764][ T5989] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.645128][ T5989] bridge_slave_0: entered allmulticast mode [ 64.648723][ T5989] bridge_slave_0: entered promiscuous mode [ 64.652920][ T5981] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.656096][ T5981] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.661685][ T5981] bridge_slave_0: entered allmulticast mode [ 64.665655][ T5981] bridge_slave_0: entered promiscuous mode [ 64.711788][ T5989] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.714966][ T5989] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.718623][ T5989] bridge_slave_1: entered allmulticast mode [ 64.722538][ T5989] bridge_slave_1: entered promiscuous mode [ 64.726459][ T5981] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.729790][ T5981] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.733391][ T5981] bridge_slave_1: entered allmulticast mode [ 64.737403][ T5981] bridge_slave_1: entered promiscuous mode [ 64.822420][ T5985] team0: Port device team_slave_0 added [ 64.855631][ T5989] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 64.893506][ T5981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 64.903976][ T5985] team0: Port device team_slave_1 added [ 64.908774][ T5989] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 64.914544][ T5981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.083119][ T5993] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.086275][ T5993] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.089668][ T5993] bridge_slave_0: entered allmulticast mode [ 65.093608][ T5993] bridge_slave_0: entered promiscuous mode [ 65.098221][ T5985] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.101276][ T5985] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.110115][ T5985] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.116656][ T5989] team0: Port device team_slave_0 added [ 65.136506][ T5993] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.139677][ T5993] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.143083][ T5993] bridge_slave_1: entered allmulticast mode [ 65.147344][ T5993] bridge_slave_1: entered promiscuous mode [ 65.159244][ T5985] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.162465][ T5985] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.173687][ T5985] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.180786][ T5989] team0: Port device team_slave_1 added [ 65.184534][ T5981] team0: Port device team_slave_0 added [ 65.274482][ T5981] team0: Port device team_slave_1 added [ 65.277919][ T5989] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.280226][ T5989] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.289762][ T5989] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.297436][ T5993] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.353085][ T5989] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.355346][ T5989] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.365156][ T5989] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.402659][ T5993] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.406535][ T5981] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.411126][ T5981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.422347][ T5981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.427881][ T5981] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.430502][ T5981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.440323][ T5981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.518558][ T5985] hsr_slave_0: entered promiscuous mode [ 65.522009][ T5985] hsr_slave_1: entered promiscuous mode [ 65.550499][ T5993] team0: Port device team_slave_0 added [ 65.576704][ T5989] hsr_slave_0: entered promiscuous mode [ 65.580037][ T5989] hsr_slave_1: entered promiscuous mode [ 65.582643][ T5989] debugfs: 'hsr0' already exists in 'hsr' [ 65.584789][ T5989] Cannot create hsr debugfs directory [ 65.590353][ T5993] team0: Port device team_slave_1 added [ 65.722211][ T5981] hsr_slave_0: entered promiscuous mode [ 65.725883][ T5981] hsr_slave_1: entered promiscuous mode [ 65.730079][ T5981] debugfs: 'hsr0' already exists in 'hsr' [ 65.732604][ T5981] Cannot create hsr debugfs directory [ 65.820534][ T5993] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.823656][ T5993] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.835412][ T5984] Bluetooth: hci2: command tx timeout [ 65.835727][ T5984] Bluetooth: hci1: command tx timeout [ 65.837065][ T5339] Bluetooth: hci0: command tx timeout [ 65.838298][ T5339] Bluetooth: hci3: command tx timeout [ 65.839144][ T5993] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.872328][ T5993] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.875294][ T5993] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 65.886654][ T5993] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.148613][ T5993] hsr_slave_0: entered promiscuous mode [ 66.152338][ T5993] hsr_slave_1: entered promiscuous mode [ 66.154778][ T5993] debugfs: 'hsr0' already exists in 'hsr' [ 66.158184][ T5993] Cannot create hsr debugfs directory [ 66.304351][ T5985] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 66.318889][ T5985] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 66.331282][ T5985] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 66.338965][ T5985] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 66.453239][ T5989] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 66.465219][ T5989] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 66.476678][ T5989] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 66.486443][ T5989] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 66.536380][ T5981] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 66.542917][ T5981] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 66.548926][ T5981] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 66.553318][ T5981] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 66.631842][ T5993] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 66.650479][ T5993] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 66.658068][ T5993] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 66.665756][ T5993] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 66.746301][ T5989] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.752935][ T5985] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.791749][ T5989] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.800113][ T5985] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.807149][ T5981] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.819134][ T80] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.822466][ T80] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.833871][ T80] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.836248][ T80] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.850110][ T80] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.852438][ T80] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.856162][ T80] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.858505][ T80] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.866515][ T5981] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.891271][ T80] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.894521][ T80] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.920027][ T5993] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.943724][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.946623][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.981908][ T5985] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 67.002481][ T5993] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.017625][ T220] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.020994][ T220] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.043617][ T220] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.046655][ T220] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.165102][ T5985] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.179009][ T5989] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.233061][ T5985] veth0_vlan: entered promiscuous mode [ 67.250498][ T5985] veth1_vlan: entered promiscuous mode [ 67.268085][ T5981] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.279477][ T5989] veth0_vlan: entered promiscuous mode [ 67.298190][ T5989] veth1_vlan: entered promiscuous mode [ 67.311617][ T5993] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.328803][ T5985] veth0_macvtap: entered promiscuous mode [ 67.340679][ T5985] veth1_macvtap: entered promiscuous mode [ 67.378551][ T5981] veth0_vlan: entered promiscuous mode [ 67.383115][ T5985] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.388200][ T5989] veth0_macvtap: entered promiscuous mode [ 67.394830][ T5989] veth1_macvtap: entered promiscuous mode [ 67.401085][ T5985] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.418963][ T5981] veth1_vlan: entered promiscuous mode [ 67.423706][ T61] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.427753][ T61] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.441824][ T61] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.445580][ T61] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.454373][ T5989] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.467104][ T5989] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.489049][ T5993] veth0_vlan: entered promiscuous mode [ 67.494169][ T1141] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.498058][ T1141] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.502761][ T1141] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.520376][ T1141] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.537134][ T5993] veth1_vlan: entered promiscuous mode [ 67.573581][ T5981] veth0_macvtap: entered promiscuous mode [ 67.575957][ T1177] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.582039][ T1177] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.596290][ T5981] veth1_macvtap: entered promiscuous mode [ 67.629602][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.632933][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.635872][ T5993] veth0_macvtap: entered promiscuous mode [ 67.642769][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.646611][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.654090][ T5981] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.660758][ T5993] veth1_macvtap: entered promiscuous mode [ 67.682758][ T5981] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.689889][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.693741][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.697240][ T61] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.707755][ T5985] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 67.711274][ T61] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.715771][ T61] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.720372][ T5993] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.725197][ T5993] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.728560][ T61] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.756328][ T1177] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.762202][ T1177] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.763701][ T6072] Bluetooth: MGMT ver 1.23 [ 67.778900][ T1177] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.785029][ T1177] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.865032][ T220] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.869769][ T220] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.907829][ T5984] Bluetooth: hci1: command tx timeout [ 67.907997][ T5339] Bluetooth: hci3: command tx timeout [ 67.908094][ T5988] Bluetooth: hci0: command tx timeout [ 67.908129][ T5988] Bluetooth: hci2: command tx timeout [ 67.913027][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.919954][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.937117][ T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.940567][ T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.976488][ T1177] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.980833][ T1177] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.034914][ T6087] process 'syz.2.9' launched './file0' with NULL argv: empty string added [ 68.083736][ T6091] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes [ 68.142863][ T6099] Zero length message leads to an empty skb [ 68.240758][ T6106] syz.3.16 uses obsolete (PF_INET,SOCK_PACKET) [ 68.329240][ T6114] pim6reg1: entered promiscuous mode [ 68.331704][ T6114] pim6reg1: entered allmulticast mode [ 68.522368][ T6126] 9pnet: p9_errstr2errno: server reported unknown error (cF S+v3qf [ 68.645724][ T6132] trusted_key: syz.3.28 sent an empty control message without MSG_MORE. [ 68.878001][ T29] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 68.908807][ T6141] binder: 6140:6141 ioctl 4018620d 0 returned -22 [ 69.030171][ T29] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 69.034709][ T29] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 69.038574][ T29] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 69.042988][ T29] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 69.047518][ T29] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 69.052509][ T29] usb 7-1: config 0 descriptor?? [ 69.485664][ T29] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0 [ 69.514586][ T40] audit: type=1326 audit(1757310118.886:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6171 comm="syz.0.46" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x0 [ 69.732952][ T840] usb 7-1: USB disconnect, device number 2 [ 69.987462][ T5339] Bluetooth: hci1: command tx timeout [ 69.997143][ T5339] Bluetooth: hci3: command tx timeout [ 69.999691][ T5339] Bluetooth: hci2: command tx timeout [ 69.999837][ T5992] Bluetooth: hci0: command tx timeout [ 70.625910][ T6217] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 63 [ 70.939888][ T6239] input: syz1 as /devices/virtual/input/input6 [ 70.940593][ T6241] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 71.170179][ T6257] loop7: detected capacity change from 0 to 7 [ 71.175640][ T6257] Dev loop7: unable to read RDB block 7 [ 71.176419][ T40] audit: type=1326 audit(1757310120.546:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6254 comm="syz.0.83" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7ffc0000 [ 71.179409][ T6257] loop7: unable to read partition table [ 71.190633][ T6257] loop7: partition table beyond EOD, truncated [ 71.203575][ T6257] loop_reread_partitions: partition scan of loop7 (被x ) failed (rc=-5) [ 71.209435][ T40] audit: type=1326 audit(1757310120.546:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6254 comm="syz.0.83" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f41598 code=0x7ffc0000 [ 71.226827][ T40] audit: type=1326 audit(1757310120.546:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6254 comm="syz.0.83" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f41598 code=0x7ffc0000 [ 71.236174][ T40] audit: type=1326 audit(1757310120.566:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6254 comm="syz.0.83" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7ffc0000 [ 71.245843][ T40] audit: type=1326 audit(1757310120.566:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6254 comm="syz.0.83" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7ffc0000 [ 71.261691][ T40] audit: type=1326 audit(1757310120.566:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6254 comm="syz.0.83" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f41598 code=0x7ffc0000 [ 71.296426][ T40] audit: type=1326 audit(1757310120.566:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6254 comm="syz.0.83" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f41598 code=0x7ffc0000 [ 71.307374][ T40] audit: type=1326 audit(1757310120.566:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6254 comm="syz.0.83" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f41598 code=0x7ffc0000 [ 71.333960][ T40] audit: type=1326 audit(1757310120.566:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6254 comm="syz.0.83" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7ffc0000 [ 71.372636][ T6268] kvm: user requested TSC rate below hardware speed [ 71.373474][ T6270] tun0: tun_chr_ioctl cmd 1074025675 [ 71.379690][ T6270] tun0: persist enabled [ 71.389370][ T6270] tun0: tun_chr_ioctl cmd 1074025675 [ 71.391663][ T6270] tun0: persist disabled [ 72.068071][ T5992] Bluetooth: hci2: command tx timeout [ 72.077753][ T5992] Bluetooth: hci1: command tx timeout [ 72.080267][ T5992] Bluetooth: hci0: command tx timeout [ 72.080376][ T5339] Bluetooth: hci3: command tx timeout [ 72.093162][ T6322] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 72.202101][ T6329] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 72.340691][ T6341] kernel read not supported for file /eth0 (pid: 6341 comm: syz.3.121) [ 72.401546][ T6345] batadv_slave_1: entered promiscuous mode [ 72.405813][ T6344] batadv_slave_1: left promiscuous mode [ 72.455759][ T6351] loop7: detected capacity change from 0 to 7 [ 72.462016][ T6101] Dev loop7: unable to read RDB block 7 [ 72.464940][ T6101] loop7: unable to read partition table [ 72.470897][ T6101] loop7: partition table beyond EOD, truncated [ 72.487719][ T6351] Dev loop7: unable to read RDB block 7 [ 72.490962][ T6351] loop7: unable to read partition table [ 72.493641][ T6351] loop7: partition table beyond EOD, truncated [ 72.496337][ T6351] loop_reread_partitions: partition scan of loop7 (被x ) failed (rc=-5) [ 72.818495][ T6367] netlink: 4 bytes leftover after parsing attributes in process `syz.3.132'. [ 72.823206][ T6367] netlink: 4 bytes leftover after parsing attributes in process `syz.3.132'. [ 73.130613][ T6385] netlink: 360 bytes leftover after parsing attributes in process `syz.1.140'. [ 73.358585][ T6397] input: syz0 as /devices/virtual/input/input7 [ 73.429326][ T840] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 73.454977][ T6399] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 73.579611][ T840] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 73.584326][ T840] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 73.590371][ T840] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 73.594666][ T840] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 73.604836][ T840] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 73.609062][ T840] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 73.612625][ T840] usb 8-1: Manufacturer: syz [ 73.617113][ T840] usb 8-1: config 0 descriptor?? [ 73.706126][ T6414] vcan0: tx drop: invalid da for name 0x0000000000000002 [ 73.747114][ T29] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 73.897011][ T29] usb 5-1: Using ep0 maxpacket: 8 [ 73.903939][ T29] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04 [ 73.908103][ T29] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.913463][ T29] usb 5-1: Product: syz [ 73.915707][ T29] usb 5-1: Manufacturer: syz [ 73.919788][ T29] usb 5-1: SerialNumber: syz [ 73.930397][ T29] usb 5-1: config 0 descriptor?? [ 73.997143][ T34] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 74.035886][ T840] appleir 0003:05AC:8243.0003: unknown main item tag 0x0 [ 74.045945][ T840] appleir 0003:05AC:8243.0003: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 74.145018][ T29] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 74.151229][ T29] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 74.162464][ T29] usb 5-1: USB disconnect, device number 2 [ 74.162724][ T34] usb 6-1: config index 0 descriptor too short (expected 45, got 36) [ 74.168428][ T34] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 74.173502][ T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 74.177853][ T34] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 74.182456][ T34] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 74.188022][ T34] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 74.192279][ T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.196939][ T34] usb 6-1: config 0 descriptor?? [ 74.199906][ T6416] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 74.290280][ T6050] usb 8-1: USB disconnect, device number 2 [ 74.613344][ T34] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 74.616543][ T34] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 74.620183][ T34] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 74.623960][ T34] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 74.627439][ T34] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 74.630598][ T34] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 74.633707][ T34] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 74.637101][ T34] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 74.640443][ T34] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0 [ 74.648297][ T34] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 74.860031][ T6430] netlink: 96 bytes leftover after parsing attributes in process `syz.2.160'. [ 74.889451][ T53] usb 6-1: USB disconnect, device number 2 [ 75.058443][ T6440] loop2: detected capacity change from 0 to 7 [ 75.063582][ T6440] Dev loop2: unable to read RDB block 7 [ 75.066087][ T6440] loop2: unable to read partition table [ 75.069647][ T6440] loop2: partition table beyond EOD, truncated [ 75.072283][ T6440] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 75.234000][ T1177] Bluetooth: hci4: Frame reassembly failed (-84) [ 75.239706][ T61] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 0 [ 75.243490][ T6450] Bluetooth: ERR: HCILL_GO_TO_SLEEP_IND in state 0 [ 75.247134][ T61] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 0 [ 76.232986][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.236151][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.777268][ T6500] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 77.076939][ T841] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 77.228768][ T841] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 77.232695][ T841] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 77.236317][ T841] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 77.240981][ T841] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 77.246143][ T841] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 77.249831][ T841] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.253523][ T841] usb 8-1: config 0 descriptor?? [ 77.256119][ T6504] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 77.267112][ T5339] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 77.267176][ T5992] Bluetooth: hci4: command 0x1003 tx timeout [ 77.668383][ T5984] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 77.668670][ T5339] Bluetooth: hci5: command 0x1003 tx timeout [ 77.684104][ T841] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 77.711911][ T841] kernel read not supported for file /sequencer (pid: 841 comm: kworker/2:2) [ 77.920630][ T9] usb 8-1: USB disconnect, device number 3 [ 78.269088][ T6536] netlink: 4 bytes leftover after parsing attributes in process `syz.2.210'. [ 78.855646][ T6559] loop2: detected capacity change from 0 to 7 [ 78.861493][ T6101] Dev loop2: unable to read RDB block 7 [ 78.863269][ T6101] loop2: unable to read partition table [ 78.865169][ T6101] loop2: partition table beyond EOD, truncated [ 78.891296][ T6559] Dev loop2: unable to read RDB block 7 [ 78.893553][ T6559] loop2: unable to read partition table [ 78.896463][ T6559] loop2: partition table beyond EOD, truncated [ 78.916840][ T6559] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 79.038026][ T6568] smc: net device bond0 applied user defined pnetid SYZ2 [ 79.042290][ T6568] netlink: 14 bytes leftover after parsing attributes in process `syz.3.226'. [ 79.273785][ T6568] smc: removing net device bond0 with user defined pnetid SYZ2 [ 79.275251][ T6568] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 79.356634][ T6568] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 79.368678][ T6568] bond0 (unregistering): Released all slaves [ 79.736950][ T840] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 79.826818][ T53] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 79.908128][ T840] usb 7-1: Using ep0 maxpacket: 16 [ 79.913315][ T840] usb 7-1: config 0 has no interfaces? [ 79.915262][ T840] usb 7-1: New USB device found, idVendor=0458, idProduct=704a, bcdDevice=3a.55 [ 79.921097][ T840] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 79.921120][ T840] usb 7-1: Product: syz [ 79.921133][ T840] usb 7-1: Manufacturer: syz [ 79.921147][ T840] usb 7-1: SerialNumber: syz [ 79.923722][ T840] usb 7-1: config 0 descriptor?? [ 79.990884][ T53] usb 8-1: config index 0 descriptor too short (expected 45, got 36) [ 79.994581][ T53] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 79.999650][ T53] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 80.004205][ T53] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 80.009805][ T53] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 80.015271][ T53] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 80.019235][ T53] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.026551][ T53] usb 8-1: config 0 descriptor?? [ 80.031808][ T6579] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 80.165272][ T6070] usb 7-1: USB disconnect, device number 3 [ 80.449874][ T53] plantronics 0003:047F:FFFF.0006: reserved main item tag 0xd [ 80.459913][ T53] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 80.724316][ T54] usb 8-1: USB disconnect, device number 4 [ 81.260978][ T6610] capability: warning: `syz.1.245' uses deprecated v2 capabilities in a way that may be insecure [ 81.923646][ T6669] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.274'. [ 81.969074][ T6673] netlink: 20 bytes leftover after parsing attributes in process `syz.3.276'. [ 82.047013][ T5990] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 82.199994][ T5990] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 82.204282][ T5990] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 82.212802][ T5990] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 82.217408][ T5990] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 82.224146][ T5990] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.00 [ 82.229242][ T5990] usb 7-1: New USB device strings: Mfr=64, Product=0, SerialNumber=0 [ 82.232752][ T5990] usb 7-1: Manufacturer: syz [ 82.239525][ T5990] usb 7-1: config 0 descriptor?? [ 82.276888][ T6069] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 82.428380][ T6069] usb 6-1: Using ep0 maxpacket: 16 [ 82.436431][ T6069] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 82.445121][ T6069] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 82.450653][ T6069] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 82.454892][ T6069] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 82.463132][ T6069] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 82.468963][ T6069] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 82.472915][ T6069] usb 6-1: SerialNumber: syz [ 82.482270][ T6069] hub 6-1:1.0: bad descriptor, ignoring hub [ 82.484899][ T6069] hub 6-1:1.0: probe with driver hub failed with error -5 [ 82.492460][ T6069] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22 [ 82.618386][ T6712] bridge_slave_0: left allmulticast mode [ 82.620965][ T6712] bridge_slave_0: left promiscuous mode [ 82.624985][ T6712] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.639764][ T6712] bridge_slave_1: left allmulticast mode [ 82.642118][ T6712] bridge_slave_1: left promiscuous mode [ 82.644607][ T6712] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.652993][ T5990] keytouch 0003:0926:3333.0007: fixing up Keytouch IEC report descriptor [ 82.668337][ T5990] input: syz as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/0003:0926:3333.0007/input/input9 [ 82.671988][ T6712] team0: Port device team_slave_0 removed [ 82.680844][ T6712] team0: Port device team_slave_1 removed [ 82.684939][ T6712] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 82.690042][ T6712] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 82.696193][ T6712] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 82.699490][ T6712] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 82.737178][ T5990] keytouch 0003:0926:3333.0007: input,hidraw1: USB HID v0.00 Keyboard [syz] on usb-dummy_hcd.2-1/input0 [ 82.857742][ T5990] usb 7-1: USB disconnect, device number 4 [ 83.464084][ T40] kauditd_printk_skb: 51 callbacks suppressed [ 83.464097][ T40] audit: type=1326 audit(1757310132.836:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6713 comm="syz.0.294" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7fc00000 [ 84.161014][ T6749] Bluetooth: hci0: invalid length 0, exp 2 for type 0 [ 84.703926][ T6774] syzkaller1: entered promiscuous mode [ 84.706140][ T6774] syzkaller1: entered allmulticast mode [ 84.927073][ T5990] usb 6-1: USB disconnect, device number 3 [ 85.010595][ T6786] bridge_slave_0: left allmulticast mode [ 85.013213][ T6786] bridge_slave_0: left promiscuous mode [ 85.016234][ T6786] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.022148][ T6786] bridge_slave_1: left allmulticast mode [ 85.024503][ T6786] bridge_slave_1: left promiscuous mode [ 85.030923][ T6786] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.040124][ T6786] bond0: (slave bond_slave_0): Releasing backup interface [ 85.046094][ T6786] bond0: (slave bond_slave_1): Releasing backup interface [ 85.055079][ T6786] team0: Port device team_slave_0 removed [ 85.061704][ T6786] team0: Port device team_slave_1 removed [ 85.064797][ T6786] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 85.067743][ T6786] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 85.072225][ T6786] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 85.075529][ T6786] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 85.396089][ T6799] netlink: 156 bytes leftover after parsing attributes in process `syz.1.332'. [ 85.506886][ T5984] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 86.099098][ T6846] netlink: 20 bytes leftover after parsing attributes in process `syz.1.354'. [ 86.206600][ T6856] syzkaller1: entered promiscuous mode [ 86.209635][ T6856] syzkaller1: entered allmulticast mode [ 86.358887][ T6863] KVM: debugfs: duplicate directory 6863-4 [ 86.433015][ T6870] Invalid ELF header magic: != ELF [ 86.479251][ T1219] cfg80211: failed to load regulatory.db [ 86.611206][ T40] audit: type=1326 audit(1757310135.986:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6882 comm="syz.1.370" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x0 [ 86.770707][ T40] audit: type=1326 audit(1757310136.146:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.2.377" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 86.779307][ T40] audit: type=1326 audit(1757310136.146:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.2.377" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 86.786643][ T40] audit: type=1326 audit(1757310136.146:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.2.377" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 86.794980][ T40] audit: type=1326 audit(1757310136.146:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.2.377" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 86.804404][ T40] audit: type=1326 audit(1757310136.146:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.2.377" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 86.813379][ T40] audit: type=1326 audit(1757310136.146:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.2.377" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 86.822713][ T40] audit: type=1326 audit(1757310136.146:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.2.377" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ae598 code=0x7ffc0000 [ 86.832055][ T40] audit: type=1326 audit(1757310136.146:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6895 comm="syz.2.377" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf70ae598 code=0x7ffc0000 [ 87.061039][ T29] IPVS: starting estimator thread 0... [ 87.157198][ T6914] IPVS: using max 44 ests per chain, 105600 per kthread [ 87.328279][ T6943] netlink: 4 bytes leftover after parsing attributes in process `syz.3.399'. [ 87.333604][ T6943] netlink: 24 bytes leftover after parsing attributes in process `syz.3.399'. [ 87.609907][ T55] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 87.711952][ T6968] netlink: 4 bytes leftover after parsing attributes in process `syz.2.410'. [ 87.756824][ T55] usb 5-1: Using ep0 maxpacket: 8 [ 87.761059][ T55] usb 5-1: config 0 interface 0 has no altsetting 0 [ 87.764613][ T55] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 87.769716][ T55] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.775083][ T55] usb 5-1: config 0 descriptor?? [ 87.805302][ T6972] input: syz1 as /devices/virtual/input/input10 [ 88.023189][ T6983] mkiss: ax0: crc mode is auto. [ 88.189813][ T55] mcp2221 0003:04D8:00DD.0008: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 88.386281][ T29] usb 5-1: USB disconnect, device number 3 [ 89.084196][ T7024] netlink: 'syz.0.433': attribute type 13 has an invalid length. [ 89.436815][ T7044] mkiss: ax0: crc mode is auto. [ 89.465174][ T7048] loop6: detected capacity change from 0 to 2560 [ 89.469488][ T7048] Buffer I/O error on dev loop6, logical block 0, async page read [ 89.473107][ T7048] Buffer I/O error on dev loop6, logical block 0, async page read [ 89.476616][ T7048] Buffer I/O error on dev loop6, logical block 0, async page read [ 89.479758][ T7048] Buffer I/O error on dev loop6, logical block 0, async page read [ 89.482645][ T7048] Buffer I/O error on dev loop6, logical block 0, async page read [ 89.485850][ T7048] Buffer I/O error on dev loop6, logical block 0, async page read [ 89.489567][ T7048] Buffer I/O error on dev loop6, logical block 0, async page read [ 89.493240][ T7048] Buffer I/O error on dev loop6, logical block 0, async page read [ 89.497347][ T7048] ldm_validate_partition_table(): Disk read failed. [ 89.499977][ T7048] Buffer I/O error on dev loop6, logical block 0, async page read [ 89.503273][ T7048] Buffer I/O error on dev loop6, logical block 0, async page read [ 89.507608][ T7048] Dev loop6: unable to read RDB block 0 [ 89.510398][ T7048] loop6: unable to read partition table [ 89.513188][ T7048] loop_reread_partitions: partition scan of loop6 (3 ) failed (rc=-5) [ 89.836332][ T7077] netlink: 32 bytes leftover after parsing attributes in process `syz.1.456'. [ 89.878412][ T7080] netlink: 9286 bytes leftover after parsing attributes in process `syz.1.458'. [ 90.584699][ T7110] kvm: user requested TSC rate below hardware speed [ 90.922265][ T7133] pim6reg: entered allmulticast mode [ 90.936020][ T7133] pim6reg: left allmulticast mode [ 90.959608][ T7137] : renamed from wg2 (while UP) [ 91.144482][ T1219] kernel write not supported for file /sg0 (pid: 1219 comm: kworker/0:2) [ 91.898991][ T7176] netlink: 'syz.1.502': attribute type 13 has an invalid length. [ 92.004246][ T7184] loop6: detected capacity change from 0 to 2560 [ 92.008852][ T7184] ldm_validate_partition_table(): Disk read failed. [ 92.012153][ T7184] Dev loop6: unable to read RDB block 0 [ 92.014930][ T7184] loop6: unable to read partition table [ 92.024844][ T7184] loop_reread_partitions: partition scan of loop6 (3 ) failed (rc=-5) [ 92.176039][ T7200] ======================================================= [ 92.176039][ T7200] WARNING: The mand mount option has been deprecated and [ 92.176039][ T7200] and is ignored by this kernel. Remove the mand [ 92.176039][ T7200] option from the mount to silence this warning. [ 92.176039][ T7200] ======================================================= [ 92.498797][ T7213] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 92.503212][ T7213] batadv_slave_0: entered promiscuous mode [ 92.656818][ T840] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 92.786225][ T7229] Illegal XDP return value 2452169492 on prog (id 84) dev syz_tun, expect packet loss! [ 92.817221][ T840] usb 8-1: Using ep0 maxpacket: 8 [ 92.822902][ T840] usb 8-1: config 0 has an invalid interface number: 55 but max is 0 [ 92.826222][ T840] usb 8-1: config 0 has no interface number 0 [ 92.829863][ T840] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 92.834994][ T840] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 92.841055][ T840] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 92.845806][ T840] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 92.851056][ T840] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 92.854844][ T840] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.860406][ T840] usb 8-1: config 0 descriptor?? [ 92.879101][ T840] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 93.074515][ T6050] usb 8-1: USB disconnect, device number 5 [ 93.083197][ T6050] ldusb 8-1:0.55: LD USB Device #0 now disconnected [ 93.916499][ T7266] overlayfs: invalid origin (0000) [ 94.549217][ T7311] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.563'. [ 94.651688][ T7320] GUP no longer grows the stack in syz.0.567 (7320): 80004000-8000a000 (80002000) [ 94.655972][ T7320] CPU: 3 UID: 0 PID: 7320 Comm: syz.0.567 Not tainted syzkaller #0 PREEMPT(full) [ 94.655997][ T7320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.656009][ T7320] Call Trace: [ 94.656016][ T7320] [ 94.656025][ T7320] dump_stack_lvl+0x16c/0x1f0 [ 94.656084][ T7320] gup_vma_lookup+0x1d2/0x220 [ 94.656117][ T7320] __get_user_pages+0x243/0x34a0 [ 94.656153][ T7320] ? find_held_lock+0x2b/0x80 [ 94.656171][ T7320] ? __pfx___get_user_pages+0x10/0x10 [ 94.656204][ T7320] get_user_pages_remote+0x243/0xab0 [ 94.656229][ T7320] ? mas_parent_gap+0x6f0/0x7b0 [ 94.656256][ T7320] ? __pfx_get_user_pages_remote+0x10/0x10 [ 94.656286][ T7320] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 94.656316][ T7320] __access_remote_vm+0x24d/0x850 [ 94.656344][ T7320] ? do_raw_spin_lock+0x12c/0x2b0 [ 94.656369][ T7320] ? __pfx___access_remote_vm+0x10/0x10 [ 94.656400][ T7320] proc_pid_cmdline_read+0x4de/0x8e0 [ 94.656422][ T7320] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 94.656444][ T7320] ? rw_verify_area+0xcf/0x6c0 [ 94.656463][ T7320] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 94.656482][ T7320] vfs_readv+0x5be/0x8b0 [ 94.656506][ T7320] ? __pfx_vfs_readv+0x10/0x10 [ 94.656544][ T7320] ? __fget_files+0x20e/0x3c0 [ 94.656570][ T7320] ? do_preadv+0x1a6/0x270 [ 94.656586][ T7320] do_preadv+0x1a6/0x270 [ 94.656605][ T7320] ? __pfx_do_preadv+0x10/0x10 [ 94.656624][ T7320] ? rcu_is_watching+0x12/0xc0 [ 94.656646][ T7320] __do_fast_syscall_32+0x7c/0x3a0 [ 94.656674][ T7320] do_fast_syscall_32+0x32/0x80 [ 94.656700][ T7320] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 94.656746][ T7320] RIP: 0023:0xf7f41579 [ 94.656762][ T7320] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 94.656778][ T7320] RSP: 002b:00000000f545655c EFLAGS: 00000296 ORIG_RAX: 000000000000014d [ 94.656797][ T7320] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000040 [ 94.656808][ T7320] RDX: 0000000000000001 RSI: 0000000000000300 RDI: 0000000000000000 [ 94.656818][ T7320] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 94.656827][ T7320] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 94.656837][ T7320] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 94.656860][ T7320] [ 94.766695][ C3] vkms_vblank_simulate: vblank timer overrun [ 94.776829][ T7323] warning: `syz.2.575' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 94.875044][ T7331] netlink: 'syz.1.571': attribute type 1 has an invalid length. [ 95.668041][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 95.702617][ T7397] netlink: 27 bytes leftover after parsing attributes in process `syz.3.600'. [ 95.748433][ T7399] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.601'. [ 96.136874][ T841] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 96.289654][ T841] usb 8-1: Using ep0 maxpacket: 8 [ 96.296289][ T841] usb 8-1: config 0 interface 0 has no altsetting 0 [ 96.299261][ T841] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 96.303368][ T841] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.312814][ T841] usb 8-1: config 0 descriptor?? [ 96.734474][ T841] hid_parser_main: 21 callbacks suppressed [ 96.734493][ T841] mcp2221 0003:04D8:00DD.0009: unknown main item tag 0x0 [ 96.751163][ T841] mcp2221 0003:04D8:00DD.0009: unknown main item tag 0x0 [ 96.764625][ T841] mcp2221 0003:04D8:00DD.0009: unknown main item tag 0x0 [ 96.768584][ T7458] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.629'. [ 96.774186][ T841] mcp2221 0003:04D8:00DD.0009: unknown main item tag 0x0 [ 96.787832][ T841] mcp2221 0003:04D8:00DD.0009: unknown main item tag 0x0 [ 96.792340][ T841] mcp2221 0003:04D8:00DD.0009: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0 [ 96.933524][ T7412] i2c i2c-2: unsupported multi-msg i2c transaction [ 96.938950][ T841] usb 8-1: USB disconnect, device number 6 [ 97.189379][ T7486] netlink: 44 bytes leftover after parsing attributes in process `syz.0.640'. [ 97.194475][ T7486] netlink: 43 bytes leftover after parsing attributes in process `syz.0.640'. [ 97.203910][ T7486] netlink: 'syz.0.640': attribute type 6 has an invalid length. [ 97.210756][ T7486] netlink: 'syz.0.640': attribute type 5 has an invalid length. [ 97.214234][ T7486] netlink: 43 bytes leftover after parsing attributes in process `syz.0.640'. [ 97.590428][ T7512] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 97.633813][ T7514] syzkaller1: entered promiscuous mode [ 97.638681][ T7514] syzkaller1: entered allmulticast mode [ 98.122656][ T7550] loop6: detected capacity change from 0 to 63 [ 98.131756][ T7550] buffer_io_error: 22 callbacks suppressed [ 98.131773][ T7550] Buffer I/O error on dev loop6, logical block 0, async page read [ 98.139284][ T7550] Buffer I/O error on dev loop6, logical block 0, async page read [ 98.336829][ T53] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 98.414851][ T7563] syzkaller1: entered promiscuous mode [ 98.419378][ T7563] syzkaller1: entered allmulticast mode [ 98.499199][ T53] usb 5-1: Using ep0 maxpacket: 8 [ 98.508749][ T53] usb 5-1: config 0 interface 0 has no altsetting 0 [ 98.516931][ T53] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 98.521670][ T53] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 98.531379][ T53] usb 5-1: config 0 descriptor?? [ 98.730504][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.842138][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.878786][ T5339] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 98.883016][ T5339] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 98.886332][ T5339] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 98.889682][ T5339] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 98.893487][ T5339] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 98.907076][ T7579] Bluetooth: MGMT ver 1.23 [ 98.933867][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.957374][ T53] mcp2221 0003:04D8:00DD.000A: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0 [ 99.050128][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.056662][ T7587] loop2: detected capacity change from 0 to 7 [ 99.060571][ T7587] Dev loop2: unable to read RDB block 7 [ 99.063436][ T7587] loop2: unable to read partition table [ 99.066147][ T7587] loop2: partition table beyond EOD, truncated [ 99.069575][ T7587] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 99.165920][ T5990] usb 5-1: USB disconnect, device number 4 [ 99.214771][ T7576] chnl_net:caif_netlink_parms(): no params data found [ 99.639374][ T12] bond0 (unregistering): Released all slaves [ 99.649477][ T7601] unknown channel width for channel at 909000KHz? [ 99.759204][ T7576] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.762336][ T7576] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.765435][ T7576] bridge_slave_0: entered allmulticast mode [ 99.774408][ T7576] bridge_slave_0: entered promiscuous mode [ 99.784159][ T7576] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.789927][ T7576] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.792782][ T7576] bridge_slave_1: entered allmulticast mode [ 99.804627][ T7576] bridge_slave_1: entered promiscuous mode [ 99.918013][ T7576] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 99.945245][ T7576] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 100.024281][ T7576] team0: Port device team_slave_0 added [ 100.072878][ T7576] team0: Port device team_slave_1 added [ 100.103593][ T7626] sit0: entered promiscuous mode [ 100.118978][ T7626] netlink: 'syz.0.698': attribute type 1 has an invalid length. [ 100.122261][ T7626] netlink: 1 bytes leftover after parsing attributes in process `syz.0.698'. [ 100.169820][ T7576] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 100.172855][ T7576] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.184968][ T7576] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 100.192329][ T7576] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.195182][ T7576] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.207727][ T7576] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.225208][ T12] hsr_slave_0: left promiscuous mode [ 100.237009][ T12] hsr_slave_1: left promiscuous mode [ 100.250918][ T12] veth1_macvtap: left promiscuous mode [ 100.253729][ T12] veth0_macvtap: left promiscuous mode [ 100.256217][ T12] veth1_vlan: left promiscuous mode [ 100.258678][ T12] veth0_vlan: left promiscuous mode [ 100.946966][ T5339] Bluetooth: hci0: command tx timeout [ 101.770388][ T7576] hsr_slave_0: entered promiscuous mode [ 101.773623][ T7576] hsr_slave_1: entered promiscuous mode [ 101.776509][ T7576] debugfs: 'hsr0' already exists in 'hsr' [ 101.780643][ T7576] Cannot create hsr debugfs directory [ 101.994456][ T7700] input: syz1 as /devices/virtual/input/input11 [ 102.030279][ T7576] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 102.036726][ T7576] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 102.043826][ T7576] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 102.050361][ T7576] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 102.125186][ T7576] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.141071][ T7576] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.153205][ T80] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.155894][ T80] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.164862][ T80] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.167231][ T80] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.390944][ T7576] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 102.617289][ T7576] veth0_vlan: entered promiscuous mode [ 102.624456][ T7576] veth1_vlan: entered promiscuous mode [ 102.648442][ T7576] veth0_macvtap: entered promiscuous mode [ 102.652347][ T7576] veth1_macvtap: entered promiscuous mode [ 102.664908][ T7576] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.671780][ T7576] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.683074][ T61] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.688700][ T61] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.694819][ T61] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.698079][ T61] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.736643][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.740047][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.752649][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.755550][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.959744][ T7754] input: syz1 as /devices/virtual/input/input12 [ 103.026903][ T5339] Bluetooth: hci0: command tx timeout [ 103.761560][ T7813] Bluetooth: hci4: Frame reassembly failed (-84) [ 103.765698][ T61] Bluetooth: hci4: Frame reassembly failed (-84) [ 103.924488][ T7828] nbd: device at index 0 is going down [ 104.177607][ T55] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 104.185413][ T55] hid-generic 0000:0000:0000.000B: hidraw1: HID v0.00 Device [syz1] on syz0 [ 104.368497][ T7856] binder: 7855:7856 ioctl c0306201 800005c0 returned -14 [ 104.526462][ T7866] mmap: syz.3.792 (7866) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 104.978587][ T7891] loop3: detected capacity change from 0 to 7 [ 105.107365][ T5984] Bluetooth: hci0: command tx timeout [ 105.307859][ T7891] Dev loop3: unable to read RDB block 7 [ 105.310237][ T7891] loop3: unable to read partition table [ 105.313021][ T7891] loop3: partition table beyond EOD, truncated [ 105.316554][ T7891] loop_reread_partitions: partition scan of loop3 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 105.827974][ T5984] Bluetooth: hci4: command 0xfc11 tx timeout [ 105.828388][ T5339] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 105.992740][ T7954] netlink: 'syz.4.829': attribute type 1 has an invalid length. [ 105.996038][ T7954] netlink: 'syz.4.829': attribute type 2 has an invalid length. [ 106.166807][ T7964] netlink: 4 bytes leftover after parsing attributes in process `syz.3.834'. [ 106.170445][ T7964] netlink: 16 bytes leftover after parsing attributes in process `syz.3.834'. [ 106.361598][ T7983] block nbd2: shutting down sockets [ 106.542106][ T8003] syz.4.853 (8003): drop_caches: 2 [ 106.544353][ T8003] syz.4.853 (8003): drop_caches: 2 [ 106.749778][ T8021] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 106.827024][ T55] psmouse serio3: Failed to reset mouse on : -5 [ 106.841119][ T8031] input: syz1 as /devices/virtual/input/input15 [ 106.956961][ T8041] netlink: 4 bytes leftover after parsing attributes in process `syz.0.871'. [ 107.186968][ T5339] Bluetooth: hci0: command tx timeout [ 107.286874][ T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 107.436833][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 107.440978][ T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 107.449555][ T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00 [ 107.453364][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 107.460659][ T9] usb 5-1: config 0 descriptor?? [ 107.471159][ T9] input: bcm5974 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/input/input16 [ 107.536545][ T8070] netlink: 'syz.4.883': attribute type 3 has an invalid length. [ 107.674003][ T5374] bcm5974 5-1:0.0: could not read from device [ 107.679027][ T9] bcm5974 5-1:0.0: could not read from device [ 107.683458][ T5374] bcm5974 5-1:0.0: could not read from device [ 107.690854][ T9] input: failed to attach handler mousedev to device input16, error: -5 [ 107.697638][ T9] usb 5-1: USB disconnect, device number 5 [ 107.697844][ T5374] bcm5974 5-1:0.0: could not read from device [ 108.790665][ T40] kauditd_printk_skb: 329 callbacks suppressed [ 108.790676][ T40] audit: type=1326 audit(1757310158.166:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8097 comm="syz.0.895" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7ffc0000 [ 108.800538][ T40] audit: type=1326 audit(1757310158.166:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8097 comm="syz.0.895" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7ffc0000 [ 108.808588][ T40] audit: type=1326 audit(1757310158.166:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8097 comm="syz.0.895" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f41579 code=0x7ffc0000 [ 108.815959][ T40] audit: type=1326 audit(1757310158.166:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8097 comm="" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7ffc0000 [ 108.824648][ T40] audit: type=1326 audit(1757310158.166:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8097 comm="" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7ffc0000 [ 108.831987][ T40] audit: type=1326 audit(1757310158.166:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8097 comm="" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f41579 code=0x7ffc0000 [ 108.836072][ T8100] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 108.839346][ T40] audit: type=1326 audit(1757310158.166:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8097 comm="" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7ffc0000 [ 108.852081][ T40] audit: type=1326 audit(1757310158.166:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8097 comm="" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7ffc0000 [ 108.861707][ T40] audit: type=1326 audit(1757310158.166:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8097 comm="" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7f41579 code=0x7ffc0000 [ 108.872922][ T40] audit: type=1326 audit(1757310158.166:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8097 comm="" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f41579 code=0x7ffc0000 [ 109.900579][ T8151] input: syz1 as /devices/virtual/input/input17 [ 110.018358][ T8160] gre0: entered allmulticast mode [ 110.021216][ T8160] gre0: left allmulticast mode [ 110.456919][ T55] misc userio: Buffer overflowed, userio client isn't keeping up [ 111.728361][ T55] input: PS/2 Generic Mouse as /devices/serio3/input/input14 [ 111.829161][ T8246] 9pnet: p9_errstr2errno: server reported unknown error @΂00000000000000000005 [ 111.946895][ T55] psmouse serio3: Failed to enable mouse on [ 112.170855][ T8266] netlink: 'syz.0.973': attribute type 2 has an invalid length. [ 112.173707][ T8266] netlink: 85376 bytes leftover after parsing attributes in process `syz.0.973'. [ 112.224843][ T8270] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 112.332013][ T8282] syzkaller1: entered promiscuous mode [ 112.333982][ T8282] syzkaller1: entered allmulticast mode [ 112.842505][ T8329] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1003'. [ 113.256582][ T5990] kernel write not supported for file /comedi4 (pid: 5990 comm: kworker/0:3) [ 113.908141][ T40] kauditd_printk_skb: 4 callbacks suppressed [ 113.908152][ T40] audit: type=1326 audit(1757310163.286:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8406 comm="syz.3.1037" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f06579 code=0x0 [ 113.912215][ T8411] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 115.221370][ T8454] geneve2: entered promiscuous mode [ 115.223834][ T8454] geneve2: entered allmulticast mode [ 115.496143][ T8464] sctp: [Deprecated]: syz.4.1059 (pid 8464) Use of struct sctp_assoc_value in delayed_ack socket option. [ 115.496143][ T8464] Use struct sctp_sack_info instead [ 115.637067][ T8469] nbd: device at index 4 is going down [ 116.153176][ T8496] binder: 8495:8496 ioctl c0306201 80000540 returned -22 [ 116.493165][ T8430] Set syz1 is full, maxelem 65536 reached [ 116.558098][ T6070] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 116.607490][ T8507] block nbd1: server does not support multiple connections per device. [ 116.614027][ T8507] block nbd1: shutting down sockets [ 116.713092][ T8519] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1084'. [ 116.719409][ T6070] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 116.723486][ T6070] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 116.728265][ T6070] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 116.731606][ T6070] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 116.736050][ T6070] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 116.739138][ T6070] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.744564][ T6070] usb 9-1: config 0 descriptor?? [ 116.777783][ T8521] sctp: [Deprecated]: syz.0.1085 (pid 8521) Use of struct sctp_assoc_value in delayed_ack socket option. [ 116.777783][ T8521] Use struct sctp_sack_info instead [ 117.165363][ T6070] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 117.170140][ T6070] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 117.172957][ T6070] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 117.175699][ T6070] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 117.178347][ T6070] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 117.181230][ T6070] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 117.183663][ T6070] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 117.186398][ T6070] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 117.189013][ T6070] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 117.191872][ T6070] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0 [ 117.199880][ T6070] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0 [ 117.214301][ T8538] binder: 8536:8538 ioctl c0306201 800005c0 returned -14 [ 117.429846][ T55] usb 9-1: USB disconnect, device number 2 [ 117.543159][ T8554] syz.2.1101 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 117.552702][ T8556] netlink: 'syz.0.1102': attribute type 1 has an invalid length. [ 117.616449][ T8562] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1104'. [ 117.665721][ T8566] netlink: 'syz.2.1106': attribute type 29 has an invalid length. [ 117.720089][ T8572] netlink: 'syz.2.1109': attribute type 1 has an invalid length. [ 117.722641][ T8572] netlink: 244 bytes leftover after parsing attributes in process `syz.2.1109'. [ 117.798321][ T8577] overlayfs: upper fs does not support file handles, falling back to index=off. [ 117.802089][ T8577] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 117.876935][ T55] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 118.038873][ T55] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 118.043759][ T55] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 118.047760][ T55] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8 [ 118.051628][ T55] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 118.057873][ T55] usb 5-1: config 0 descriptor?? [ 118.063528][ T55] dvb-usb: found a 'Artec T1 USB2.0' in warm state. [ 118.068624][ T55] dvb-usb: bulk message failed: -22 (3/0) [ 118.080990][ T55] dvb-usb: will use the device's hardware PID filter (table count: 16). [ 118.087561][ T55] dvbdev: DVB: registering new adapter (Artec T1 USB2.0) [ 118.090777][ T55] usb 5-1: media controller created [ 118.097686][ T55] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 118.110458][ T55] dvb-usb: bulk message failed: -22 (6/0) [ 118.114169][ T55] dvb-usb: no frontend was attached by 'Artec T1 USB2.0' [ 118.123505][ T55] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb5/5-1/input/input18 [ 118.130142][ T55] dvb-usb: schedule remote query interval to 150 msecs. [ 118.133186][ T55] dvb-usb: Artec T1 USB2.0 successfully initialized and connected. [ 118.282413][ T8564] dvb-usb: bulk message failed: -22 (2/0) [ 118.298278][ T55] dvb-usb: bulk message failed: -22 (1/0) [ 118.301438][ T55] dvb-usb: error while querying for an remote control event. [ 118.310152][ T5990] usb 5-1: USB disconnect, device number 6 [ 118.370291][ T5990] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected. [ 119.003180][ T40] audit: type=1326 audit(1757310168.376:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8614 comm="syz.2.1127" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 119.010882][ T40] audit: type=1326 audit(1757310168.386:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8614 comm="syz.2.1127" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 119.020657][ T40] audit: type=1326 audit(1757310168.386:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8614 comm="syz.2.1127" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 119.028509][ T40] audit: type=1326 audit(1757310168.386:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8614 comm="syz.2.1127" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 119.036403][ T40] audit: type=1326 audit(1757310168.386:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8614 comm="syz.2.1127" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 119.044099][ T40] audit: type=1326 audit(1757310168.386:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8614 comm="syz.2.1127" exe="/syz-executor" sig=0 arch=40000003 syscall=329 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 119.052332][ T40] audit: type=1326 audit(1757310168.386:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8614 comm="syz.2.1127" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 119.061564][ T40] audit: type=1326 audit(1757310168.386:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8614 comm="syz.2.1127" exe="/syz-executor" sig=0 arch=40000003 syscall=319 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 119.080876][ T40] audit: type=1326 audit(1757310168.456:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8614 comm="syz.2.1127" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 119.089900][ T40] audit: type=1326 audit(1757310168.456:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8614 comm="syz.2.1127" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 119.510336][ T8623] block nbd1: server does not support multiple connections per device. [ 119.515832][ T8623] block nbd1: shutting down sockets [ 119.792182][ T8632] syzkaller1: entered promiscuous mode [ 119.794837][ T8632] syzkaller1: entered allmulticast mode [ 120.375221][ T8682] Bluetooth: hci0: load_link_keys: too big key_count value 28530 [ 120.664950][ T8712] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1172'. [ 120.668940][ T8712] netlink: 'syz.3.1172': attribute type 30 has an invalid length. [ 120.682091][ T61] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 120.685672][ T61] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 120.690055][ T61] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 120.693543][ T61] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 120.866879][ T53] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 121.019061][ T53] usb 7-1: config index 0 descriptor too short (expected 39, got 27) [ 121.021849][ T53] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 121.025354][ T53] usb 7-1: config 0 interface 0 has no altsetting 0 [ 121.030486][ T53] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 121.034247][ T53] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 121.038072][ T53] usb 7-1: Product: syz [ 121.039678][ T53] usb 7-1: Manufacturer: syz [ 121.041584][ T53] usb 7-1: SerialNumber: syz [ 121.045055][ T53] usb 7-1: config 0 descriptor?? [ 121.048615][ T53] hub 7-1:0.0: bad descriptor, ignoring hub [ 121.050814][ T53] hub 7-1:0.0: probe with driver hub failed with error -5 [ 121.057570][ T53] usb 7-1: selecting invalid altsetting 0 [ 121.507218][ T8748] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.1190'. [ 121.682437][ T8709] usb 7-1: reset high-speed USB device number 5 using dummy_hcd [ 122.044811][ T8709] usb 7-1: failed to restore interface 0 altsetting 251 (error=-71) [ 122.050553][ T54] usb 7-1: USB disconnect, device number 5 [ 122.906892][ T53] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 122.993078][ T8828] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1225'. [ 122.996932][ T8828] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1225'. [ 123.009520][ T61] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 123.013475][ T61] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 123.019138][ T61] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 123.023526][ T61] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 123.066864][ T53] usb 8-1: Using ep0 maxpacket: 8 [ 123.072454][ T53] usb 8-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b [ 123.076215][ T53] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 123.080143][ T53] usb 8-1: Product: syz [ 123.081915][ T53] usb 8-1: Manufacturer: syz [ 123.084024][ T53] usb 8-1: SerialNumber: syz [ 123.089698][ T53] usb 8-1: config 0 descriptor?? [ 123.094937][ T53] option 8-1:0.0: GSM modem (1-port) converter detected [ 123.297961][ T53] usb 8-1: USB disconnect, device number 7 [ 123.301877][ T53] option 8-1:0.0: device disconnected [ 124.117910][ T8876] loop7: detected capacity change from 0 to 7 [ 124.156922][ T34] usb 7-1: new low-speed USB device number 6 using dummy_hcd [ 124.285946][ T8876] Dev loop7: unable to read RDB block 7 [ 124.288628][ T8876] loop7: unable to read partition table [ 124.288909][ C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2 [ 124.291391][ T8876] loop7: partition table beyond EOD, truncated [ 124.295232][ C1] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 124.301901][ T8876] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 124.309423][ T34] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 124.314328][ T34] usb 7-1: config 0 has no interfaces? [ 124.318211][ T34] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 124.322573][ T34] usb 7-1: config 0 has no interfaces? [ 124.326092][ T34] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 124.330643][ T34] usb 7-1: config 0 has no interfaces? [ 124.335782][ T34] usb 7-1: string descriptor 0 read error: -22 [ 124.338676][ T34] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 124.342509][ T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 124.347844][ T34] usb 7-1: config 0 descriptor?? [ 124.560362][ T6050] usb 7-1: USB disconnect, device number 6 [ 124.916668][ T8917] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1264'. [ 124.921005][ T8916] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1264'. [ 125.176927][ T5990] usb 5-1: new low-speed USB device number 7 using dummy_hcd [ 125.339380][ T5990] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 125.342053][ T5990] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 125.346491][ T5990] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 125.351361][ T5990] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 125.355479][ T5990] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 125.361169][ T5990] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 125.364666][ T5990] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 125.369806][ T5990] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 125.375107][ T5990] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 125.380060][ T5990] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 125.386378][ T5990] usb 5-1: config 168 descriptor has 1 excess byte, ignoring [ 125.389577][ T5990] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8 [ 125.394103][ T5990] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 125.399331][ T5990] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 125.404062][ T5990] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8 [ 125.412317][ T5990] usb 5-1: string descriptor 0 read error: -22 [ 125.415254][ T5990] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 125.419302][ T5990] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.430508][ T5990] adutux 5-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 125.651944][ T34] usb 5-1: USB disconnect, device number 7 [ 126.166838][ T53] usb 5-1: new low-speed USB device number 8 using dummy_hcd [ 126.342082][ T53] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 126.346169][ T53] usb 5-1: config 0 has no interfaces? [ 126.366376][ T53] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 126.390223][ T53] usb 5-1: config 0 has no interfaces? [ 126.402508][ T53] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 126.406490][ T53] usb 5-1: config 0 has no interfaces? [ 126.429441][ T53] usb 5-1: string descriptor 0 read error: -22 [ 126.432382][ T53] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 126.436972][ T53] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 126.442612][ T53] usb 5-1: config 0 descriptor?? [ 126.785243][ T8988] input: syz1 as /devices/virtual/input/input19 [ 126.789002][ T53] usb 5-1: USB disconnect, device number 8 [ 127.138941][ T5990] kernel write not supported for file [eventfd] (pid: 5990 comm: kworker/0:3) [ 127.334748][ T9035] input: syz0 as /devices/virtual/input/input20 [ 127.593890][ T9051] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1310'. [ 128.076946][ T5990] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 128.234168][ T5990] usb 9-1: New USB device found, idVendor=0fe9, idProduct=db55, bcdDevice=69.fb [ 128.238406][ T5990] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=201 [ 128.242199][ T5990] usb 9-1: Product: syz [ 128.244107][ T5990] usb 9-1: Manufacturer: syz [ 128.246167][ T5990] usb 9-1: SerialNumber: syz [ 128.251278][ T5990] usb 9-1: config 0 descriptor?? [ 128.256199][ T5990] dvb-usb: found a 'DigitalNow DVB-T Dual USB' in warm state. [ 128.260224][ T5990] dvb-usb: bulk message failed: -22 (2/0) [ 128.265208][ T5990] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 128.270433][ T5990] dvbdev: DVB: registering new adapter (DigitalNow DVB-T Dual USB) [ 128.274134][ T5990] usb 9-1: media controller created [ 128.291409][ T5990] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 128.459935][ T9064] dvb-usb: bulk message failed: -22 (3/0) [ 128.867032][ T54] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 128.869883][ T54] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 128.876998][ T5339] Bluetooth: hci1: command 0x0c1a tx timeout [ 128.967948][ T5990] cxusb: set interface failed [ 128.970032][ T5990] dvb-usb: bulk message failed: -22 (1/0) [ 129.000754][ T5990] DVB: Unable to find symbol mt352_attach() [ 129.002967][ T5990] dvb-usb: bulk message failed: -22 (5/0) [ 129.004925][ T5990] zl10353_read_register: readreg error (reg=127, ret==-121) [ 129.008006][ T5990] dvb-usb: no frontend was attached by 'DigitalNow DVB-T Dual USB' [ 129.067207][ T5990] rc_core: IR keymap rc-dvico-mce not found [ 129.072922][ T5990] Registered IR keymap rc-empty [ 129.076469][ T5990] rc rc0: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0 [ 129.084944][ T5990] input: DigitalNow DVB-T Dual USB as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0/input21 [ 129.094261][ T5990] dvb-usb: schedule remote query interval to 100 msecs. [ 129.097646][ T5990] dvb-usb: DigitalNow DVB-T Dual USB successfully initialized and connected. [ 129.102835][ T5990] usb 9-1: USB disconnect, device number 3 [ 129.144355][ T5990] dvb-usb: DigitalNow DVB-T Dual USB successfully deinitialized and disconnected. [ 129.498642][ T5990] usb 9-1: new low-speed USB device number 4 using dummy_hcd [ 129.669992][ T5990] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 129.674736][ T5990] usb 9-1: config 0 has no interfaces? [ 129.680025][ T5990] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 129.684610][ T5990] usb 9-1: config 0 has no interfaces? [ 129.688638][ T5990] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 129.688798][ T9103] pim6reg1: entered promiscuous mode [ 129.693843][ T5990] usb 9-1: config 0 has no interfaces? [ 129.695830][ T9103] pim6reg1: entered allmulticast mode [ 129.704173][ T5990] usb 9-1: string descriptor 0 read error: -22 [ 129.708159][ T5990] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 129.712321][ T5990] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 129.721099][ T5990] usb 9-1: config 0 descriptor?? [ 129.906059][ T9114] input: syz1 as /devices/virtual/input/input22 [ 129.960362][ T53] usb 9-1: USB disconnect, device number 4 [ 130.112294][ T9126] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 130.115871][ T9126] batadv_slave_0: entered promiscuous mode [ 130.147569][ T9128] 8021q: adding VLAN 0 to HW filter on device bond0 [ 130.155275][ T9128] bond0: (slave rose0): Enslaving as an active interface with an up link [ 130.238166][ T40] kauditd_printk_skb: 11 callbacks suppressed [ 130.238179][ T40] audit: type=1326 audit(1757310179.606:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.2.1344" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 130.253867][ T40] audit: type=1326 audit(1757310179.616:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.2.1344" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70ae5a7 code=0x7ffc0000 [ 130.263781][ T40] audit: type=1326 audit(1757310179.616:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.2.1344" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 130.273630][ T40] audit: type=1326 audit(1757310179.616:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.2.1344" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70ae5a7 code=0x7ffc0000 [ 130.281833][ T40] audit: type=1326 audit(1757310179.616:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.2.1344" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 130.290744][ T40] audit: type=1326 audit(1757310179.616:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.2.1344" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70ae5a7 code=0x7ffc0000 [ 130.298882][ T40] audit: type=1326 audit(1757310179.616:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.2.1344" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 130.307707][ T40] audit: type=1326 audit(1757310179.616:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.2.1344" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70ae5a7 code=0x7ffc0000 [ 130.316007][ T40] audit: type=1326 audit(1757310179.616:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.2.1344" exe="/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 130.324339][ T40] audit: type=1326 audit(1757310179.616:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9135 comm="syz.2.1344" exe="/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf70ae5a7 code=0x7ffc0000 [ 130.699415][ T9168] loop2: detected capacity change from 0 to 7 [ 130.711311][ T9168] Dev loop2: unable to read RDB block 7 [ 130.713928][ T9168] loop2: unable to read partition table [ 130.716490][ T9168] loop2: partition table beyond EOD, truncated [ 130.719299][ T9168] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5) [ 130.949862][ T54] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 130.952962][ T54] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 130.956790][ C3] ------------[ cut here ]------------ [ 130.959357][ C3] workqueue: cannot queue hci_cmd_timeout on wq hci2 [ 130.962221][ C3] WARNING: CPU: 3 PID: 9186 at kernel/workqueue.c:2255 __queue_work+0xd03/0x1160 [ 130.966159][ C3] Modules linked in: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 130.968420][ C3] CPU: 3 UID: 0 PID: 9186 Comm: syz.3.1361 Not tainted syzkaller #0 PREEMPT(full) [ 130.975023][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 130.979369][ C3] RIP: 0010:__queue_work+0xd03/0x1160 [ 130.981638][ C3] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 4b 04 00 00 48 8b 75 18 4c 89 fa 48 c7 c7 60 ff ab 8b e8 de 4b f7 ff 90 <0f> 0b 90 90 e9 2f f7 ff ff e8 df 55 38 00 90 0f 0b 90 e9 b4 f5 ff [ 130.989511][ C3] RSP: 0018:ffffc900005e8be8 EFLAGS: 00010082 [ 130.992117][ C3] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a02f8 [ 130.995532][ C3] RDX: ffff888025692440 RSI: ffffffff817a0305 RDI: 0000000000000001 [ 130.998971][ C3] RBP: ffff88804ebb8970 R08: 0000000000000001 R09: 0000000000000000 [ 131.002447][ C3] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff920000bd18f [ 131.006098][ C3] R13: 0000000080000101 R14: ffffffff8182c6e0 R15: ffff8880272a7178 [ 131.009561][ C3] FS: 0000000000000000(0000) GS:ffff8880977bd000(0000) knlGS:0000000000000000 [ 131.013221][ C3] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 131.016029][ C3] CR2: 0000000080001080 CR3: 000000000e380000 CR4: 0000000000352ef0 [ 131.019593][ C3] Call Trace: [ 131.021158][ C3] [ 131.022503][ C3] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 131.024973][ C3] call_timer_fn+0x197/0x620 [ 131.027066][ C3] ? __pfx_call_timer_fn+0x10/0x10 [ 131.029303][ C3] ? __run_timers+0x559/0x960 [ 131.031361][ C3] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 131.033895][ C3] __run_timers+0x569/0x960 [ 131.035985][ C3] ? __pfx___run_timers+0x10/0x10 [ 131.038358][ C3] run_timer_base+0x114/0x190 [ 131.040361][ C3] ? __pfx_run_timer_base+0x10/0x10 [ 131.042582][ C3] run_timer_softirq+0x1a/0x40 [ 131.044669][ C3] handle_softirqs+0x216/0x8e0 [ 131.046771][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 131.049176][ C3] __irq_exit_rcu+0x109/0x170 [ 131.051259][ C3] irq_exit_rcu+0x9/0x30 [ 131.053152][ C3] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 131.055606][ C3] [ 131.056877][ C3] [ 131.058168][ C3] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 131.060680][ C3] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 [ 131.063346][ C3] Code: b6 d8 54 00 48 89 df 5b e9 9d 5f 5a 00 be 03 00 00 00 5b e9 82 cb 25 03 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 48 8b 34 24 65 48 8b 15 98 24 1b 12 65 8b 05 a9 24 1b [ 131.071720][ C3] RSP: 0018:ffffc90004e77810 EFLAGS: 00000202 [ 131.074400][ C3] RAX: 0000000000000000 RBX: 0000000051f91025 RCX: ffffffff8205c9ae [ 131.078055][ C3] RDX: ffff888025692440 RSI: 0000000000000000 RDI: 0000000000000005 [ 131.081851][ C3] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 131.085251][ C3] R10: 0000000000000020 R11: 0000000000000000 R12: 00000000f7177000 [ 131.088627][ C3] R13: 0000000000000020 R14: dffffc0000000000 R15: 0000000000000000 [ 131.092137][ C3] ? unmap_page_range+0x13ee/0x42c0 [ 131.094707][ C3] unmap_page_range+0x13fc/0x42c0 [ 131.097026][ C3] ? __pfx_unmap_page_range+0x10/0x10 [ 131.099437][ C3] ? mas_next_slot+0x12d3/0x21b0 [ 131.101541][ C3] ? uprobe_munmap+0x20/0x5c0 [ 131.103630][ C3] unmap_single_vma.constprop.0+0x153/0x240 [ 131.106141][ C3] unmap_vmas+0x218/0x470 [ 131.108124][ C3] ? __pfx_unmap_vmas+0x10/0x10 [ 131.110415][ C3] exit_mmap+0x1b9/0xb90 [ 131.112286][ C3] ? __pfx_exit_mmap+0x10/0x10 [ 131.114346][ C3] ? __lock_acquire+0xb97/0x1ce0 [ 131.116557][ C3] __mmput+0x12a/0x410 [ 131.118331][ C3] mmput+0x62/0x70 [ 131.120066][ C3] do_exit+0x7c7/0x2bf0 [ 131.121961][ C3] ? __pfx_do_exit+0x10/0x10 [ 131.124015][ C3] ? preempt_schedule_thunk+0x16/0x30 [ 131.126339][ C3] do_group_exit+0xd3/0x2a0 [ 131.128360][ C3] __ia32_sys_exit_group+0x3e/0x50 [ 131.130550][ C3] ia32_sys_call+0xa9e/0x1ca0 [ 131.132623][ C3] __do_fast_syscall_32+0x7c/0x3a0 [ 131.134936][ C3] do_fast_syscall_32+0x32/0x80 [ 131.137074][ C3] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 131.139766][ C3] RIP: 0023:0xf7f06579 [ 131.141512][ C3] Code: Unable to access opcode bytes at 0xf7f0654f. [ 131.144328][ C3] RSP: 002b:00000000ffba730c EFLAGS: 00000282 ORIG_RAX: 00000000000000fc [ 131.147964][ C3] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000 [ 131.151350][ C3] RDX: 0000000000000000 RSI: 00000000ffffff9c RDI: 00000000f7394ff4 [ 131.154758][ C3] RBP: 000000000000002c R08: 0000000000000000 R09: 0000000000000000 [ 131.158147][ C3] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 131.161597][ C3] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 131.164987][ C3] [ 131.166352][ C3] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 131.169440][ C3] CPU: 3 UID: 0 PID: 9186 Comm: syz.3.1361 Not tainted syzkaller #0 PREEMPT(full) [ 131.173484][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 131.178227][ C3] Call Trace: [ 131.179707][ C3] [ 131.180989][ C3] dump_stack_lvl+0x3d/0x1f0 [ 131.183071][ C3] vpanic+0x6e8/0x7a0 [ 131.184898][ C3] ? __pfx_vpanic+0x10/0x10 [ 131.186865][ C3] ? __queue_work+0xd03/0x1160 [ 131.189022][ C3] panic+0xca/0xd0 [ 131.190641][ C3] ? __pfx_panic+0x10/0x10 [ 131.192535][ C3] ? check_panic_on_warn+0x1f/0xb0 [ 131.194569][ C3] check_panic_on_warn+0xab/0xb0 [ 131.196721][ C3] __warn+0xf6/0x3c0 [ 131.198482][ C3] ? __queue_work+0xd03/0x1160 [ 131.200782][ C3] report_bug+0x3c3/0x580 [ 131.202725][ C3] ? __queue_work+0xd03/0x1160 [ 131.204890][ C3] handle_bug+0x184/0x210 [ 131.206679][ C3] exc_invalid_op+0x17/0x50 [ 131.208657][ C3] asm_exc_invalid_op+0x1a/0x20 [ 131.210767][ C3] RIP: 0010:__queue_work+0xd03/0x1160 [ 131.213048][ C3] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 4b 04 00 00 48 8b 75 18 4c 89 fa 48 c7 c7 60 ff ab 8b e8 de 4b f7 ff 90 <0f> 0b 90 90 e9 2f f7 ff ff e8 df 55 38 00 90 0f 0b 90 e9 b4 f5 ff [ 131.221715][ C3] RSP: 0018:ffffc900005e8be8 EFLAGS: 00010082 [ 131.224303][ C3] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a02f8 [ 131.227714][ C3] RDX: ffff888025692440 RSI: ffffffff817a0305 RDI: 0000000000000001 [ 131.231055][ C3] RBP: ffff88804ebb8970 R08: 0000000000000001 R09: 0000000000000000 [ 131.234130][ C3] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff920000bd18f [ 131.238159][ C3] R13: 0000000080000101 R14: ffffffff8182c6e0 R15: ffff8880272a7178 [ 131.241585][ C3] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 131.244149][ C3] ? __warn_printk+0x198/0x350 [ 131.246262][ C3] ? __warn_printk+0x1a5/0x350 [ 131.248398][ C3] ? __queue_work+0xd02/0x1160 [ 131.250504][ C3] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 131.253033][ C3] call_timer_fn+0x197/0x620 [ 131.254878][ C3] ? __pfx_call_timer_fn+0x10/0x10 [ 131.257042][ C3] ? __run_timers+0x559/0x960 [ 131.259276][ C3] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 131.261931][ C3] __run_timers+0x569/0x960 [ 131.263972][ C3] ? __pfx___run_timers+0x10/0x10 [ 131.266204][ C3] run_timer_base+0x114/0x190 [ 131.268304][ C3] ? __pfx_run_timer_base+0x10/0x10 [ 131.270505][ C3] run_timer_softirq+0x1a/0x40 [ 131.272603][ C3] handle_softirqs+0x216/0x8e0 [ 131.274660][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 131.276970][ C3] __irq_exit_rcu+0x109/0x170 [ 131.279113][ C3] irq_exit_rcu+0x9/0x30 [ 131.280988][ C3] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 131.283382][ C3] [ 131.284653][ C3] [ 131.285953][ C3] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 131.288551][ C3] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 [ 131.291172][ C3] Code: b6 d8 54 00 48 89 df 5b e9 9d 5f 5a 00 be 03 00 00 00 5b e9 82 cb 25 03 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 48 8b 34 24 65 48 8b 15 98 24 1b 12 65 8b 05 a9 24 1b [ 131.299502][ C3] RSP: 0018:ffffc90004e77810 EFLAGS: 00000202 [ 131.302085][ C3] RAX: 0000000000000000 RBX: 0000000051f91025 RCX: ffffffff8205c9ae [ 131.305560][ C3] RDX: ffff888025692440 RSI: 0000000000000000 RDI: 0000000000000005 [ 131.309183][ C3] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 131.312534][ C3] R10: 0000000000000020 R11: 0000000000000000 R12: 00000000f7177000 [ 131.315982][ C3] R13: 0000000000000020 R14: dffffc0000000000 R15: 0000000000000000 [ 131.319407][ C3] ? unmap_page_range+0x13ee/0x42c0 [ 131.321928][ C3] unmap_page_range+0x13fc/0x42c0 [ 131.324253][ C3] ? __pfx_unmap_page_range+0x10/0x10 [ 131.326482][ C3] ? mas_next_slot+0x12d3/0x21b0 [ 131.328622][ C3] ? uprobe_munmap+0x20/0x5c0 [ 131.330750][ C3] unmap_single_vma.constprop.0+0x153/0x240 [ 131.333552][ C3] unmap_vmas+0x218/0x470 [ 131.335698][ C3] ? __pfx_unmap_vmas+0x10/0x10 [ 131.337810][ C3] exit_mmap+0x1b9/0xb90 [ 131.339613][ C3] ? __pfx_exit_mmap+0x10/0x10 [ 131.341646][ C3] ? __lock_acquire+0xb97/0x1ce0 [ 131.343820][ C3] __mmput+0x12a/0x410 [ 131.345515][ C3] mmput+0x62/0x70 [ 131.347155][ C3] do_exit+0x7c7/0x2bf0 [ 131.348965][ C3] ? __pfx_do_exit+0x10/0x10 [ 131.351022][ C3] ? preempt_schedule_thunk+0x16/0x30 [ 131.353356][ C3] do_group_exit+0xd3/0x2a0 [ 131.355380][ C3] __ia32_sys_exit_group+0x3e/0x50 [ 131.357562][ C3] ia32_sys_call+0xa9e/0x1ca0 [ 131.359522][ C3] __do_fast_syscall_32+0x7c/0x3a0 [ 131.361653][ C3] do_fast_syscall_32+0x32/0x80 [ 131.363823][ C3] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 131.366630][ C3] RIP: 0023:0xf7f06579 [ 131.368484][ C3] Code: Unable to access opcode bytes at 0xf7f0654f. [ 131.370923][ C3] RSP: 002b:00000000ffba730c EFLAGS: 00000282 ORIG_RAX: 00000000000000fc [ 131.374012][ C3] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000 [ 131.377125][ C3] RDX: 0000000000000000 RSI: 00000000ffffff9c RDI: 00000000f7394ff4 [ 131.380258][ C3] RBP: 000000000000002c R08: 0000000000000000 R09: 0000000000000000 [ 131.383243][ C3] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 131.386490][ C3] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 131.389945][ C3] [ 131.392479][ C3] Kernel Offset: disabled [ 131.395097][ C3] Rebooting in 86400 seconds.. VM DIAGNOSIS: 05:43:00 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff914f6bd6 RDX=ffffc9000041efad RSI=0000000000000001 RDI=ffffffff90c652bc RBP=ffffc9000041efc0 RSP=ffffc9000041ef08 R8 =ffffffff914f6bda R9 =0000000000000000 R10=0000000000000001 R11=000000000001203a R12=ffffc9000041efc8 R13=ffffc9000041ef78 R14=ffffc9000041efad R15=0000000000000000 RIP=ffffffff816aba5a RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880974bd000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000578554c0 CR3=0000000020786000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000000bac05 RBX=0000000000000001 RCX=ffffffff8b913bf9 RDX=0000000000000000 RSI=ffffffff8de4eb79 RDI=ffffffff8c163180 RBP=ffffed1003bdf488 RSP=ffffc9000046fdf8 R8 =0000000000000001 R9 =ffffed1005666655 R10=ffff88802b3332ab R11=0000000000000000 R12=0000000000000001 R13=ffff88801defa440 R14=ffffffff90aba190 R15=0000000000000000 RIP=ffffffff8b91275f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880975bd000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c340a68 CR3=0000000020786000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffff88802b541d40 RCX=ffffffff81af1491 RDX=ffff888024194880 RSI=ffffffff81af146b RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90002e9f4b8 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=dffffc0000000000 R13=ffffed10056a83a9 R14=0000000000000001 R15=0000000000000003 RIP=ffffffff81af1472 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880976bd000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7f66e40 CR3=000000000e380000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7404ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff85619eb0 RDI=ffffffff9b0ff700 RBP=ffffffff9b0ff6c0 RSP=ffffc900005e84f8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff361ff32 R15=dffffc0000000000 RIP=ffffffff85619ed7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880977bd000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080001080 CR3=000000000e380000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000